Android Bluetooth蓝牙enable过程
Android Bluetooth框架
enable的追踪从settings app开始,一直到最底层的driver,基本按照上图的框架,把函数的调用过程代入图中有助于理解整个蓝牙的架构。
源码追踪
以下为Bluetooth的enable从settings app开始往下追踪的过程,当然仅为调用过程。
1.BluetoothEnabler.java(packages\apps\settings\src\com\android\settings\bluetooth)
|onSwitchChanged()
|mLocalAdapter.setBluetoothEnabled(isChecked);
其中BluetoothEnabler实现了SwitchBar.OnSwitchChangeListener监听蓝牙开关的状态变化;当开关被点击了,onSwitchChanged被回调。
查看mLocalAdapter定义:
2.LocalBluetoothAdapter.java (packages\apps\settings\src\com\android\settings\bluetooth)
|setBluetoothEnabled()
|mAdapter.enable()
查看mAdapter的定义
3.BluetoothAdapter.java (frameworks\base\core\java\android\bluetooth)
|enable()
|mManagerService.enable()
查看mManagerService定义
这里是通过AIDL机制完成进程间的通信,调用的是BluetoothManagerService的enable()函数。
4.BluetoothManagerService.java(frameworks\base\services\core\java\com\android\server)
class BluetoothManagerService extends IBluetoothManager.Stub
|enable()
|sendEnableMsg(false);
|mHandler.sendMessage(mHandler.obtainMessage(MESSAGE_ENABLE,0, 0));
在他的内部类BluetoothHandler继承了Handler类,处理传递的消息:
|handleMessage(Message msg)
|case MESSAGE_ENABLE
|handleEnable(msg.arg1 == 1); // msg.arg1 = 0
|if ((mBluetooth == null) && (!mBinding))
|Intent i = new Intent(IBluetooth.class.getName());
|doBind(i, mConnection,Context.BIND_AUTO_CREATE | Context.BIND_IMPORTANT, UserHandle.CURRENT);
// 启动AdapterService服务
|doBind(Intent intent, ServiceConnection conn, int flags, UserHandle user) {
|mContext.bindServiceAsUser(intent, conn, flags, user);
// 启动AdapterService服务后会回调mConnection的onServiceConnected()方法
| onServiceConnected(ComponentName className, IBinder service)
| Message msg = mHandler.obtainMessage(MESSAGE_BLUETOOTH_SERVICE_CONNECTED);
| if (className.getClassName().equals("com.android.bluetooth.btservice.AdapterService"))
|msg.arg1 = SERVICE_IBLUETOOTH;
|else if (className.getClassName().equals("com.android.bluetooth.gatt.GattService"))
|msg.arg1 = SERVICE_IBLUETOOTHGATT;
|msg.obj = service;
|mHandler.sendMessage(msg);
发出的MESSAGE_BLUETOOTH_SERVICE_CONNECTED消息在handleMessage处理:
|handleMessage(Message msg)
|case MESSAGE_BLUETOOTH_SERVICE_CONNECTED:
|IBinder service = (IBinder) msg.obj;
|mBluetooth = IBluetooth.Stub.asInterface(service);
|!mBluetooth.enable()
查看mBluetooth的定义:
5.AdapterService.java(packages\apps\bluetooth\src\com\android\bluetooth\btservice)
AdapterService内部类AdapterServiceBinder extends IBluetooth.Stub
|enable(boolean quietMode)
|Message m = mAdapterStateMachine.obtainMessage(AdapterState.BLE_TURN_ON);
|mAdapterStateMachine.sendMessage(m);
查看mAdapterStateMachine的定义:
6.AdapterState.java(packages\apps\bluetooth\src\com\android\bluetooth\btservice)
|processMessage(Message msg)
|case BLE_TURN_ON
|adapterService.processStart();
查看定义:
7.AdapterService.java (packages\apps\bluetooth\src\com\android\bluetooth\btservice)
|processStart()
| mAdapterStateMachine.sendMessage(mAdapterStateMachine.obtainMessage(AdapterState.STARTED));
8.AdapterState.java(packages\apps\bluetooth\src\com\android\bluetooth\btservice)
|processMessage(Message msg)
|case STARTED
|adapterService.enableNative()
9.AdapterService.java(packages\apps\bluetooth\src\com\android\bluetooth\btservice)
其中定义了native函数enableNative:
它加载了动态链接库libbluetooth_jni.so,也就意味着enableNative函数的具体实现打包在这个动态链接库中。
进到目录packages\apps\bluetooth下,有一个jni的目录,一般跟bluetooth这个原生应用有关的jni都在这里实现;下面有一个Android.mk,查看该文件,其中有打包成库的名称
LOCAL_MODULE := libbluetooth_jni
正好是我们要找的动态链接库,我们要找的函数就是在这个目录下了。
mk文件中也提供了编译的时候包含的源文件:
LOCAL_SRC_FILES:= \
com_android_bluetooth_btservice_AdapterService.cpp \
com_android_bluetooth_btservice_QAdapterService.cpp \
com_android_bluetooth_hfp.cpp \
com_android_bluetooth_hfpclient.cpp \
com_android_bluetooth_a2dp.cpp \
com_android_bluetooth_a2dp_sink.cpp \
com_android_bluetooth_avrcp.cpp \
com_android_bluetooth_avrcp_controller.cpp \
com_android_bluetooth_hid.cpp \
com_android_bluetooth_hidd.cpp \
com_android_bluetooth_hdp.cpp \
com_android_bluetooth_pan.cpp \
com_android_bluetooth_gatt.cpp \
android_hardware_wipower.cpp
JNI函数最终都是通过jniRegisterNativeMethods完成注册,将类名和Native函数对应起来。
进入packages/apps/Bluetooth/jni目录搜索:
$ grep "com/android/bluetooth/btservice/AdapterService" * -nR
com_android_bluetooth_btservice_AdapterService.cpp:1272: return jniRegisterNativeMethods(env, "com/android/bluetooth/btservice/AdapterService",
发现类AdapterService对应的JNI函数在com_android_bluetooth_btservice_AdapterService.cpp注册。
10.com_android_bluetooth_btservice_AdapterService.cpp (packages\apps\bluetooth\jni)
|enableNative(JNIEnv* env, jobject obj)
|sBluetoothInterface->enable()
查看定义
bt_interface_t是Bluetooth.h (hardware\libhardware\include\hardware)中定义的结构体。
我们需要找到它的实现,在文件中查找sBluetoothInterface找到它赋值的地方:
它是由btStack也就是蓝牙协议栈返回的,我们继续看btStack的关键代码:
const char *id = (strcmp(value, "1")? BT_STACK_MODULE_ID : BT_STACK_TEST_MODULE_ID);
//这句应该获得btStack实例
err = hw_get_module(id, (hw_module_t const**)&module);
err = module->methods->open(module, id, &abstraction);
//最终转换为btStack结构体
bluetooth_module_t* btStack = (bluetooth_module_t *)abstraction;
找到hw_get_module函数,其中果然有加载btStack模块:
11.Bluetooth.c (external\bluetooth\bluedroid\btif\src)
我们知道Bluedroid的代码在external\bluetooth\bluedroid,因此我们在其中搜索很容易找到sBluetoothInterface的实现代码。
|static const bt_interface_t bluetoothInterface
|enable
|btif_enable_bluetooth()
12.Btif_core.c (external\bluetooth\bluedroid\btif\src)
|btif_enable_bluetooth(void)
|GKI_create_task((TASKPTR)btu_task, BTU_TASK, BTE_BTU_TASK_STR,
(UINT16 *) ((UINT8 *)bte_btu_stack + BTE_BTU_STACK_SIZE),
sizeof(bte_btu_stack)); // create btu task
|bte_main_enable()
13.Bte_main.c (external\bluetooth\bluedroid\main)
|bte_main_enable()
|bte_hci_enable()
|bt_hc_if->init(&hc_callbacks, btif_local_bd_addr.address);
|bt_hc_if->set_power(BT_HC_CHIP_PWR_ON)
查看定义
以及赋值的语句
14.Bt_hci_bdroid.c (external\bluetooth\bluedroid\hci\src)
|static const bt_hc_interface_t bluetoothHCLibInterface
|init
vendor_open(local_bdaddr);
p_hci_if = &hci_h4_func_table;
p_hci_if->init();
userial_init();
|set_power
|vendor_send_command(BT_VND_OP_POWER_CTRL, &pwr_state);
hci层发送了BT_VND_OP_POWER_CTRL的命令。
15.Vendor.c (external\bluetooth\bluedroid\hci\src)
VENDOR_LIBRARY_NAME = "libbt-vendor.so";
|vendor_open(const uint8_t *local_bdaddr)
lib_handle = dlopen(VENDOR_LIBRARY_NAME, RTLD_NOW);
vendor_interface = (bt_vendor_interface_t *)dlsym(lib_handle, VENDOR_LIBRARY_SYMBOL_NAME);
dlsym根据动态链接库操作句柄与符号,返回符号对应的地址。
可以得到vendor_interface的实现代码在libbt-vendor.so这个动态链接库中。
|vendor_send_command(bt_vendor_opcode_t opcode, void *param)
|vendor_interface->op(opcode, param)
16.Bt_vendor_brcm.c (hardware\broadcom\libbt\src)
全局抓取一下libbt-vendor.so,我们在hardware\broadcom\libbt下的Android.mk中找到了libbt-vendor.so的包含的源文件。
抓取一下bt_vendor_interface_t,发现在Bt_vendor_brcm.c找到了它的实现:
|const bt_vendor_interface_t BLUETOOTH_VENDOR_LIB_INTERFACE
|op(bt_vendor_opcode_t opcode, void *param)
|upio_set_bluetooth_power(UPIO_BT_POWER_ON);
17.Upio.c (hardware\broadcom\libbt\src)
|upio_set_bluetooth_power(int on)
|fd = open(rfkill_state_path, O_WRONLY);
|sz = write(fd, &buffer, 1);
查看一下rfkill_state_path的赋值
|int init_rfkill()
|asprintf(&rfkill_state_path, "/sys/class/rfkill/rfkill%d/state", rfkill_id);
通过往/sys/class/rfkill/rfkill0/state写入1给蓝牙上电。
代码处理文件流程:
---------------------------------------------Settings---------------------------------------
1.BluetoothEnabler.java(packages\apps\settings\src\com\android\settings\bluetooth)
2.LocalBluetoothAdapter.java(frameworks\base\packages\settingslib\src\com\android\settingslib\bluetooth)
---------------------------------------------framework-----------------------------------------
3.BluetoothAdapter.java (frameworks\base\core\java\android\bluetooth)
4.BluetoothManagerService.java(frameworks\base\services\core\java\com\android\server)
--------------------------------------------bluetooth apk------------------------------------------
5.AdapterService.java(packages\apps\bluetooth\src\com\android\bluetooth\btservice)
6.AdapterState.java(packages\apps\bluetooth\src\com\android\bluetooth\btservice)
7.AdapterService.java (packages\apps\bluetooth\src\com\android\bluetooth\btservice)
8.AdapterState.java(packages\apps\bluetooth\src\com\android\bluetooth\btservice)
9.AdapterService.java(packages\apps\bluetooth\src\com\android\bluetooth\btservice)
--------------------------------------------jni--------------------------------------------
10.com_android_bluetooth_btservice_AdapterService.cpp (packages\apps\bluetooth\jni)
--------------------------------------------bluetooth.default.so------------------------------------------
11.Bluetooth.c (external\bluetooth\bluedroid\btif\src)
12.Btif_core.c (external\bluetooth\bluedroid\btif\src)
13.Bte_main.c (external\bluetooth\bluedroid\main)
- - - - - - - - - - - - libbt-hci.so - - - - - - - - -
14.Bt_hci_bdroid.c (external\bluetooth\bluedroid\hci\src)
15.Vendor.c (external\bluetooth\bluedroid\hci\src)
--------------------------------------------libbt-vendor.so--------------------------------------------
16.Bt_vendor_brcm.c (hardware\broadcom\libbt\src)
17.Upio.c (hardware\broadcom\libbt\src)
--------------------------------------------rfkill---------------------------------------------
18./sys/class/rfkill/rfkill0/state 1
----------------------------------------------------------------------------------------
From: https://www.jianshu.com/p/3344f8d6d079
![与专家面对面:Android开发入门问与答[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)