Zero. Overview
Mainly introduce the process of Bluetooth low energy broadcast and the implementation process of the protocol stack under the bluetooth stack (bluetooth stack), BLE Advertising flow
btsnoop and the process in the data...\STM32_UBUNTU_BLUETOOTH\2-Bluetooth data\Bluetooth protocol analysis\BLE broadcast.log
1. Statement
We will continue to update this column in a serialized manner. The updated content of this column is planned as follows:
The first article: Comprehensive introduction to Bluetooth, mainly introduces some concepts of Bluetooth, background, development track, introduction of Bluetooth on the market, and introduction of Bluetooth development board.
The second part: Introduction to the Transport layer, mainly introduces the Bluetooth protocol stack and the hardware transmission protocol before the Bluetooth chip, such as H4, H5, BCSP based on UART, H2 based on USB, etc.
The third chapter: Introduction to traditional Bluetooth controller, mainly introduces the introduction of traditional Bluetooth chips, including radio frequency layer (RF), baseband layer (baseband), link management layer (LMP), etc.
Chapter 4: Introduction to traditional Bluetooth host, mainly introduces the protocol stack of traditional Bluetooth, such as HCI, L2CAP, SDP, RFCOMM, HFP, SPP, HID, AVDTP, AVCTP, A2DP, AVRCP, OBEX, PBAP, MAP, etc. Make an agreement.
Chapter 5: Introduction to Bluetooth Low Energy Controller, mainly introduces Bluetooth low energy chips, including physical layer (PHY), link layer (LL)
Chapter 6: Introduction to low-power Bluetooth host, introduction to low-power Bluetooth protocol stack, including HCI, L2CAP, ATT, GATT, SM, etc.
Chapter 7: Introduction to Bluetooth chips, mainly introduces the initialization process of some Bluetooth chips, based on the extension of HCI vendor command
The eighth chapter: appendix, mainly introduces the introduction of the above common terms and the introduction of some special processes.
In addition, the development board is shown below, which is the best set of hands for those who want to learn the Bluetooth protocol stack. In order to better learn the Bluetooth protocol stack, believe me, after learning this set of videos, you will have the ability to modify any protocol stack (such as bluez under Linux, bluedroid under Android).
-------------------------------------------------------------------------------------------------------------------------
CSDN college link (enter to choose the course you want to learn): https://edu.csdn.net/lecturer/5352?spm=1002.2001.3001.4144
Bluetooth exchange button group: 970324688
Github code: https://github.com/sj15712795029/bluetooth_stack
Get the development board: https://item.taobao.com/item.htm?spm=a1z10.1-cs.w4004-22329603896.18.5aeb41f973iStr&id=622836061708
Bluetooth learning catalog : https://blog.csdn.net/XiaoXiaoPengBo/article/details/107727900
--------------------------------------------------------------------------------------------------------------------------
2. BLE broadcast command and event
The whole process is as follows (note that there are omitted steps during initialization, only the key steps of initialization are listed)
Let’s take a look at the ellisys process (it’s basically the same as Wireshark’s display, mainly because ellisys comes with its own analysis in the process, so I’ll also post it)
Note that we only intercepted two command and event when initializing the screenshot. One is set event mask which is different from traditional Bluetooth, the other is write le host supported, and the other can refer to the initialization of traditional Bluetooth. The steps are as follows:
Step 1) Send the command (set event mask) to set the event mask and receive the commnd complete event
Step 2) Send the command (write le host support) to set BLE support and receive the command complete event
Step 3) Send the BLE command (LE Set Advertising Parameters) to set the broadcast parameters
Step 4) Send the command (LE Set Advertising Data) of BLE setting broadcast data
Step 5) Send the command (LE Set Advertising Enable) to enable the BLE broadcast
Step 6) Receive the command complete of step 4) 5) 6)
Step 7) Send BLE close broadcast command (LE Set Advertising Enable) and receive commnd complete event
Let's talk about each step in detail below
Step 1) Send the command (set event mask) to set the event mask and receive the commnd complete event
This part was introduced in the previous section when searching for broadcasting, so I won’t repeat it
Step 2) Send the command (write le host support) to set BLE support and receive the command complete event
This part was introduced in the previous section when searching for broadcasting, so I won’t repeat it
Step 3) Send the BLE command (LE Set Advertising Parameters) to set the broadcast parameters
Let's look at the format of this command:
Let’s take a look directly at btsnoop
The corresponding code is as follows:
err_t hci_le_set_adv_param(uint16_t adv_int_min, uint16_t adv_int_max, uint8_t adv_type,
uint8_t own_address_typ, uint8_t peer_address_type,struct bd_addr_t *peer_address, uint8_t channel_map, uint8_t filter_policy)
{
struct bt_pbuf_t *p;
uint8_t offset = 0;
if((p = bt_pbuf_alloc(BT_TRANSPORT_TYPE, HCI_SET_LE_ADV_PARAM_PLEN, BT_PBUF_RAM)) == NULL)
{
BT_HCI_TRACE_ERROR("ERROR:file[%s],function[%s],line[%d] bt_pbuf_alloc fail\n",__FILE__,__FUNCTION__,__LINE__);
return BT_ERR_MEM;
}
/* Assembling command packet */
p = hci_cmd_ass(p, HCI_LE_SET_ADV_PARAM, HCI_LE, HCI_SET_LE_ADV_PARAM_PLEN);
offset += 3;
bt_le_store_16((uint8_t *)p->payload,offset,adv_int_min);
offset += 2;
bt_le_store_16((uint8_t *)p->payload,offset,adv_int_max);
offset += 2;
((uint8_t *)p->payload)[offset] = adv_type;
offset += 1;
((uint8_t *)p->payload)[offset] = own_address_typ;
offset += 1;
((uint8_t *)p->payload)[offset] = peer_address_type;
offset += 1;
memcpy(((uint8_t *)p->payload)+offset, peer_address->addr, BD_ADDR_LEN);
offset += BD_ADDR_LEN;
((uint8_t *)p->payload)[offset] = channel_map;
offset += 1;
((uint8_t *)p->payload)[offset] = filter_policy;
phybusif_output(p, p->tot_len,PHYBUSIF_PACKET_TYPE_CMD);
bt_pbuf_free(p);
return BT_ERR_OK;
}Step 4) Send the command (LE Set Advertising Data) of BLE setting broadcast data
Let's look at the HCI command format:
This command is to set the broadcast data. The format of the broadcast data was mentioned in the previous section. When searching for the broadcast, we will not repeat it. Let’s take a look at the code we set and btsnoop.
To make the test simple, I also broadcast a Bluetooth name myself, and the broadcast data is as follows:
The broadcast call is as follows:
The implementation is as follows:
err_t hci_le_set_adv_data(uint8_t adv_len,uint8_t *adv_data)
{
struct bt_pbuf_t *p;
uint8_t offset = 0;
if((p = bt_pbuf_alloc(BT_TRANSPORT_TYPE, HCI_SET_LE_ADV_DATA_PLEN, BT_PBUF_RAM)) == NULL)
{
BT_HCI_TRACE_ERROR("ERROR:file[%s],function[%s],line[%d] bt_pbuf_alloc fail\n",__FILE__,__FUNCTION__,__LINE__);
return BT_ERR_MEM;
}
/* Assembling command packet */
p = hci_cmd_ass(p, HCI_LE_SET_ADV_DATA, HCI_LE, HCI_SET_LE_ADV_DATA_PLEN);
offset += 3;
((uint8_t *)p->payload)[offset] = adv_len;
offset += 1;
memset(((uint8_t *)p->payload) + offset,0,HCI_SET_LE_ADV_DATA_PLEN-offset);
memcpy(((uint8_t *)p->payload)+offset, adv_data, adv_len);
phybusif_output(p, p->tot_len,PHYBUSIF_PACKET_TYPE_CMD);
bt_pbuf_free(p);
return BT_ERR_OK;
}What you should pay attention to in this part is that no matter what your broadcast data is, it must be filled with 31Byte. The first parameter broadcast data is the length of your broadcast.
Finally, look at btsnoop:
Step 5) Send the command (LE Set Advertising Enable) to enable the BLE broadcast
Let's look at the command format:
The parameters are very simple, that is, simply turn on and off
Let's look at the code implementation:
err_t hci_le_set_adv_enable(uint8_t enable)
{
struct bt_pbuf_t *p;
uint8_t offset = 0;
if((p = bt_pbuf_alloc(BT_TRANSPORT_TYPE, HCI_SET_LE_ADV_ENABLE_PLEN, BT_PBUF_RAM)) == NULL)
{
BT_HCI_TRACE_ERROR("ERROR:file[%s],function[%s],line[%d] bt_pbuf_alloc fail\n",__FILE__,__FUNCTION__,__LINE__);
return BT_ERR_MEM;
}
/* Assembling command packet */
p = hci_cmd_ass(p, HCI_LE_SET_ADV_ENABLE, HCI_LE, HCI_SET_LE_ADV_ENABLE_PLEN);
offset += 3;
((uint8_t *)p->payload)[offset] = enable;
phybusif_output(p, p->tot_len,PHYBUSIF_PACKET_TYPE_CMD);
bt_pbuf_free(p);
return BT_ERR_OK;
}Finally, we look at btsnoop:
Step 6) Receive the command complete of step 4) 5) 6)
We have already introduced this command in the traditional Bluetooth HCI, I directly post these 3 command complete events
Step 7) Send BLE close broadcast command (LE Set Advertising Enable) and receive commnd complete event
This has been introduced in step 5), let’s take a screenshot of btsnoop directly
