配对通常调用分两步
1. Bluetooth AdapterService.cancelDiscovery
btif_dm_cancel_discovery
BTfM_CancelInquiry
BTA_DM_SEARCH_CANCEL_CMPL_EVT
BTM_BLI_INQ_CANCEL_EVT
BTM_BLI_INQ_DONE_EVT
discovery_state_changed_cb
btif_dm_cancel_discovery
BTA_DM_SEARCH_CANCEL_CMPL_EVT
BTA_DM_SEARCH_CANCEL_CMPL_EVT
discovery_state_changed_cb
hci上可以看到Inquiry_cancel,或者搜索已经完成Inquiry_Complete
2. 配对CreateBond
在bluetooth service(bluetooth.apk)里我们通常看到这样的日志
BluetoothBondStateMachine
BluetoothBondStateMachine: bondStateChangeCallback: Status: 0 Address: **:**:**:**:**:** newState: 1
BluetoothBondStateMachine: Bond State Change Intent:**:**:**:**:**:** BOND_NONE => BOND_BONDING
BluetoothBondStateMachine: bondStateChangeCallback: Status: 0 Address: **:**:**:**:**:** newState: 2
BluetoothBondStateMachine: **:**:**:**:**:** is bonded, wait for SDP complete to broadcast bonded intent
BluetoothBondStateMachine: Bond State Change Intent:**:**:**:**:**:** BOND_BONDING => BOND_BONDED
Java里状态是BOND_NONE(10) ->BOND_BONDING(11)->BOND_BONDED(12)
native状态对应是 0->1->2
native的callback是bond_state_changed_cb
刚调用create_bond状态就变为了BT_BOND_STATE_BONDING(1)
btif_dm_cb_create_bond
bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);
认证正确就变为BT_BOND_STATE_BONDED(2)
btif_dm_auth_cmpl_evt
bond_state_changed(status, bd_addr, state);
bluedroid协议栈里btm有这么些状态,
IDLE -> GET_REM_NAME ->WAIT_PIN_REQ ->WAIT_LOCAL_IOCAPS ->WAIT_NUM_CONFIRM ->WAIT_AUTH_COMPLETE
几个基本调用
adapterService.java
createBond
send BondStateMachine.CREATE_BOND
createBondNative com_android_bluetooth_btservice_AdapterService.cpp
sBluetoothInterface->create_bond((RawAddress*)addr, transport); bluetooth.cc
btif_dm_create_bond(bd_addr, transport)
btif_dm.cc
bt_status_t btif_dm_create_bond
btif_stats_add_bond_event(*bd_addr, BTIF_DM_FUNC_CREATE_BOND,
pairing_cb.state);
btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_CREATE_BOND,
(char*)&create_bond_cb,
sizeof(btif_dm_create_bond_cb_t), NULL);
btif_dm_generic_evt
btif_dm_cb_create_bond(create_bond_cb->bdaddr, create_bond_cb->transport)
btif_dm_cb_create_bond
bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);
BTA_DmBond(bd_addr, addr_type, transport); bta_dm_api.cc
bta_dm_bond bta_dm_act.cc
BTM_SecBond btm_sec.cc
btm_sec_bond_by_transport
btm_sec_bond_by_transport
BTM_DeleteStoredLinkKey(&bd_addr, NULL)
btm_sec_change_pairing_state(BTM_PAIR_STATE_GET_REM_NAME);
status = BTM_ReadRemoteDeviceName(bd_addr, NULL, BT_TRANSPORT_BR_EDR);
配对正常时hci日志
bluedroid正常时logcat日志
BluetoothBondStateMachine( 1175): Bond address is:**:**:**:**:**:**
bt_btif : btif_dm_create_bond: bd_addr=**:**:**:**:**:**, transport=0
bond_state_changed: state=1, prev_state=0, sdp_attempts = 0
bond_state_changed: HAL bt_hal_cbacks->bond_state_changed_cb
bt_btm : BTM: BTM_DeleteStoredLinkKey: delete_all_flag: false
bt_btm : BTM_SecBond: Remote sm4: 0x0 HCI Handle: 0xffff
bt_btm : btm_sec_change_pairing_state() Old: IDLE
bt_btm : btm_sec_change_pairing_state() New: GET_REM_NAME pairing_flags:0x1
bt_stack: [VERBOSE1:btm_inq.cc(809)] BTM_ReadRemoteDeviceName: bd addr **:**:**:**:**:**
bt_stack: [VERBOSE1:btm_acl.cc(2505)] connecting_bda: 18:84:c1:57:b9:5f
bt_btm : State:GET_REM_NAME sm4: 0x0 sec_state:0
I/BluetoothBondStateMachine( 1175): Bond State Change Intent:**:**:**:**:**:** BOND_NONE => BOND_BONDING
bt_btm : btm_sec_rmt_name_request_complete
bt_l2cap: l2cu_create_conn_after_switch :0 num_acl:1 no_hi: 0 is_bonding:1 (HCI: Create_Connection)
bt_stack: [VERBOSE1:btm_acl.cc(2505)] connecting_bda: **:**:**:**:**:**
bt_stack: [VERBOSE1:btm_sec.cc(2602)] Security Manager: **:**:**:**:**:**
bt_btm : btm_sec_change_pairing_state() Old: GET_REM_NAME
bt_btm : btm_sec_change_pairing_state() New: WAIT_PIN_REQ pairing_flags:0x5
bt_stack: [VERBOSE2:btm_sec.cc(3911)] btm_sec_connected: Security Manager: in state: WAIT_PIN_REQ (HCI_EVT: Connection_complete)
bt_btm : btm_acl_created: peer **:**:**:**:**:** hci_handle=51 link_role=1 transport=1
bt_btm : btm_sec_execute_procedure: Required:0x10 Flags:0x88 State:0
bt_btm : Security Manager: Start authentication (HCI_CMD: Authentication Requested (0x0411)
bt_btm : btm_acl_created: peer **:**:**:**:**:** hci_handle=51 link_role=0 transport=1
bt_btm : BTM_SetLinkPolicy (HCI_CMD: Write Link Policy Settings (0x080d))
bt_stack: [VERBOSE2:btm_sec.cc(4509)] btm_sec_link_key_request bda: **:**:**:**:**:** (HCI_EVT: Link Key Request (0x17))
bt_btm : btm_io_capabilities_req: State: WAIT_PIN_REQ
bt_btm : btm_io_capabilities_req:Security mode: 4, Num Read Remote Feat pages: 0
bt_btm : btm_sec_change_pairing_state() Old: WAIT_PIN_REQ
bt_btm : btm_sec_change_pairing_state() New: WAIT_LOCAL_IOCAPS pairing_flags:0x5
bt_btm : BTM_ReadRemoteVersion
bt_btm : BTM_ReadRemoteFeatures
bt_btif : BTA_DM_LINK_UP_EVT. Sending BT_ACL_STATE_CONNECTED
bt_btif : btif_dm_upstreams_evt: HAL bt_hal_cbacks->acl_state_changed_cb
bt_smp : smp_br_connect_callback
bt_stack: [VERBOSE1:smp_l2c.cc(259)] smp_br_connect_callback for pairing BDA: **:**:**:**:**:**
bt_btm : btm_sec_change_pairing_state() Old: WAIT_LOCAL_IOCAPS
bt_btm : btm_sec_change_pairing_state() New: WAIT_NUM_CONFIRM pairing_flags:0x5 (HCI_EVT: User Confirmation Request (0x33))
bt_btif : btif_dm_upstreams_evt: ev: BTA_DM_SP_CFM_REQ_EVT
bt_btif : btif_dm_ssp_cfm_req_evt: HAL bt_hal_cbacks->ssp_request_cb
BluetoothBondStateMachine: sspRequestCallback: [B@b5713bd name: [B@d452db2 cod: 1288 pairingVariant 2 passkey: 449970
bt_btif : btif_dm_ssp_reply: accept=1 (HCI_CMD: User Confirmation Request Reply (0x042c))
bt_btm : BTM_ConfirmReqReply() State: WAIT_NUM_CONFIRM Res: 0
bt_btm : btm_sec_change_pairing_state() Old: WAIT_NUM_CONFIRM
bt_btm : btm_sec_change_pairing_state() New: WAIT_AUTH_COMPLETE pairing_flags:0x5
bt_btm : btm_simple_pair_complete() Pair State: WAIT_AUTH_COMPLETE Status:0 sec_state: 1
bt_stack: [VERBOSE2:btm_sec.cc(3574)] btm_sec_auth_complete: Security Manager: in state: WAIT_AUTH_COMPLETE handle:51 status:
bt_btm : btm_sec_change_pairing_state() Old: WAIT_AUTH_COMPLETE
bt_btm : btm_sec_change_pairing_state() New: IDLE pairing_flags:0x5
bt_btif : btif_dm_upstreams_evt: ev: BTA_DM_AUTH_CMPL_EVT
bt_btif : btif_dm_auth_cmpl_evt: Storing link key. key_type=0x4, bond_type=1
bt_btif : bond_state_changed: state=2, prev_state=1, sdp_attempts = 1
bt_btif : bond_state_changed: HAL bt_hal_cbacks->bond_state_changed_cb
BluetoothBondStateMachine: bondStateChangeCallback: Status: 0 Address: **:**:**:**:**:** newState: 2