三星4.2手机,vivo7.1手机,蓝牙不加"android.permission.BLUETOOTH_ADMIN"权限,无法扫描蓝牙,但是可以根据mac直接连接。
Android MTK 修改手机和蓝牙名称
https://blog.csdn.net/mr_kings/article/details/51042991
关于google官方蓝牙代码关闭蓝牙时的一个bug:
http://www.it1352.com/124594.html
Android通过反射机制实现后台设置蓝牙可见性
https://blog.csdn.net/Frakie_Kwok/article/details/78028115
1.init方法
config_new方法将bt_config.conf文件加载到config变量,具体这个方法我就不细说了。
这个init方法怎么被调用的呢?
module_t是一个结构体,这个结构体主要是定义了一个大的模块的生命周期方法。
stack_manager
init_stack -> event_init_stack -> btif_config.c
stack_manager又通过interface暴露引用给上层。
bluetooth.c ->stack_manager.c
那么bluetooth.c是在哪里被调用呢?
参照我的另外一篇博客https://blog.51cto.com/4259297/2161333 中关于蓝牙物理mac的分析,就能串起来了。思路就是framework-jni-c。
在此,我就对蓝牙物理mac的获取作一下总结:
BluetoothAdapter-->BluetoothManagerService-->AdapterService-->bluetooth.c
AdapterService通过JNI(com_android_bluetooth_btservice_AdapterService.cpp)与bluetooth.c交互,开启蓝牙协议栈。
结合上面这段代码 看看bluetooth.c的这段代码:
根据moduleid 
由此推断com_android_bluetooth_btservice_AdapterService.cpp里面的module就是bluetooth.c里的 HAL_MODULE_INFO_SYM
HAL_MODULE_INFO_SYM的methods指向了结构体bt_stack_module_methods,结构体bt_stack_module_methods的open方法成员又指向了open_bluetooth_stack方法。
open_bluetooth_stack方法创建了device对象,将外部的module传递进来 ,并将创建的device传递出去。
device中的get_bluetooth_interface成员方法指向了bluetooth.c的bluetooth__get_bluetooth_interface的方法。这个接口定义在bluetooth.h中,为一个接口体,里面有各种方法指针。bluetooth.c对接口做了
实现。
理论上蓝牙物理mac是受保护,不允许修改。我最终的目的是在开启蓝牙时,使用自定义的mac就行。所以只能通用找寻蓝牙开启时,外部扫描的那个mac是如何显示的,修改源码了。
寻找蓝牙开启时如何设置的mac
1.搜索btif_config.c的btif_config_get_str方法
2. 上面这个就是获取本地蓝牙地址的方法
static void btif_fetch_local_bdaddr(bt_bdaddr_t *local_addr)
{
char val[];
uint8_t valid_bda = FALSE;
int val_size = 0;
const uint8_t null_bdaddr[BD_ADDR_LEN] = {0,0,0,0,0,0};
/* Get local bdaddr storage path from property */ //获取本地蓝牙mac的存储路径
//##########1
if (property_get(PROPERTY_BT_BDADDR_PATH, val, NULL))
{
int addr_fd;
BTIF_TRACE_DEBUG("local bdaddr is stored in %s", val);
if ((addr_fd = open(val, O_RDONLY)) != -1)
{
memset(val, 0, sizeof(val));
read(addr_fd, val, FACTORY_BT_BDADDR_STORAGE_LEN);
string_to_bdaddr(val, local_addr);
/* If this is not a reserved/special bda, then use it */
if (memcmp(local_addr->address, null_bdaddr, BD_ADDR_LEN) != 0)
{
valid_bda = TRUE;
BTIF_TRACE_DEBUG("Got Factory BDA %02X:%02X:%02X:%02X:%02X:%02X",
local_addr->address[0], local_addr->address[1], local_addr->address[2],
local_addr->address[3], local_addr->address[4], local_addr->address[5]);
}
close(addr_fd);
}
}
//##########2
if(!valid_bda)
{
val_size = sizeof(val);
if(btif_config_get_str("Adapter", "Address", val, &val_size))
{
string_to_bdaddr(val, local_addr);
BTIF_TRACE_DEBUG("local bdaddr from bt_config.xml is %s", val);
return;
}
}
/* No factory BDADDR found. Look for previously generated random BDA */
if ((!valid_bda) && \
(property_get(PERSIST_BDADDR_PROPERTY, val, NULL)))
{
string_to_bdaddr(val, local_addr);
valid_bda = TRUE;
BTIF_TRACE_DEBUG("Got prior random BDA %02X:%02X:%02X:%02X:%02X:%02X",
local_addr->address[0], local_addr->address[1], local_addr->address[2],
local_addr->address[3], local_addr->address[4], local_addr->address[5]);
}
/* Generate new BDA if necessary */
if (!valid_bda)
{
bdstr_t bdstr;
/* Seed the random number generator */
srand((unsigned int) (time(0)));
/* No autogen BDA. Generate one now. */
local_addr->address[0] = 0x22;
local_addr->address[1] = 0x22;
local_addr->address[2] = (uint8_t) ((rand() >> 8) & 0xFF);
local_addr->address[3] = (uint8_t) ((rand() >> 8) & 0xFF);
local_addr->address[4] = (uint8_t) ((rand() >> 8) & 0xFF);
local_addr->address[5] = (uint8_t) ((rand() >> 8) & 0xFF);
/* Convert to ascii, and store as a persistent property */
bdaddr_to_string(local_addr, bdstr, sizeof(bdstr));
BTIF_TRACE_DEBUG("No preset BDA. Generating BDA: %s for prop %s",
(char*)bdstr, PERSIST_BDADDR_PROPERTY);
if (property_set(PERSIST_BDADDR_PROPERTY, (char*)bdstr) < 0)
BTIF_TRACE_ERROR("Failed to set random BDA in prop %s",PERSIST_BDADDR_PROPERTY);
}
//save the bd address to config file
bdstr_t bdstr;
bdaddr_to_string(local_addr, bdstr, sizeof(bdstr));
val_size = sizeof(val);
if (btif_config_get_str("Adapter", "Address", val, &val_size))
{
if (strcmp(bdstr, val) ==0)
{
// BDA is already present in the config file.
return;
}
}
btif_config_set_str("Adapter", "Address", bdstr);
}
上面的源码好像是提到厂商配置文件,但是我们的系统默认是没有的。所以能不能通过配置厂商文件改变mac?
蓝牙HCI日志查看的方法
https://www.jianshu.com/p/73f7366161d1
https://blog.csdn.net/chy555chy/article/details/52231043
注意设置里开启日志后,要重启手机才能生效。
下载查看hci日志的工具(注意安装的时候弹出的cmd窗口不要人为干扰关闭,否则软件装不成功)
https://download.freedownloadmanager.org/Windows-PC/ComProbe-Protocol-Analysis-System/FREE-14.12.5943.6007.html
https://www.52pojie.cn/thread-726412-1-1.html (收费改mac的工具)