1 /****************************************************************************** 2 * 3 * Copyright (C) 2009-2012 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19 /************************************************************************************ 20 * 21 * Filename: btif_dm.c 22 * 23 * Description: Contains Device Management (DM) related functionality 24 * 25 * 26 ***********************************************************************************/ 27 #include <stdio.h> 28 #include <stdlib.h> 29 #include <unistd.h> 30 31 #include <hardware/bluetooth.h> 32 33 #include <utils/Log.h> 34 #include <cutils/properties.h> 35 #include "gki.h" 36 #include "btu.h" 37 #include "bd.h" 38 #include "bta_api.h" 39 #include "btif_api.h" 40 #include "btif_util.h" 41 #include "btif_dm.h" 42 #include "btif_storage.h" 43 #include "btif_hh.h" 44 #include "btif_config.h" 45 46 #include "bta_gatt_api.h" 47 /****************************************************************************** 48 ** Constants & Macros 49 ******************************************************************************/ 50 51 #define COD_UNCLASSIFIED ((0x1F) << 8) 52 #define COD_HID_KEYBOARD 0x0540 53 #define COD_HID_POINTING 0x0580 54 #define COD_HID_COMBO 0x05C0 55 #define COD_HID_MAJOR 0x0500 56 #define COD_AV_HEADSETS 0x0404 57 #define COD_AV_HANDSFREE 0x0408 58 #define COD_AV_HEADPHONES 0x0418 59 #define COD_AV_PORTABLE_AUDIO 0x041C 60 #define COD_AV_HIFI_AUDIO 0x0428 61 62 63 #define BTIF_DM_DEFAULT_INQ_MAX_RESULTS 0 64 #define BTIF_DM_DEFAULT_INQ_MAX_DURATION 10 65 #define BTIF_DM_MAX_SDP_ATTEMPTS_AFTER_PAIRING 2 66 67 #define PROPERTY_PRODUCT_MODEL "ro.product.model" 68 #define DEFAULT_LOCAL_NAME_MAX 31 69 #if (DEFAULT_LOCAL_NAME_MAX > BTM_MAX_LOC_BD_NAME_LEN) 70 #error "default btif local name size exceeds stack supported length" 71 #endif 72 73 #if (defined(BTA_HOST_INTERLEAVE_SEARCH) && BTA_HOST_INTERLEAVE_SEARCH == TRUE) 74 #define BTIF_DM_INTERLEAVE_DURATION_BR_ONE 2 75 #define BTIF_DM_INTERLEAVE_DURATION_LE_ONE 2 76 #define BTIF_DM_INTERLEAVE_DURATION_BR_TWO 3 77 #define BTIF_DM_INTERLEAVE_DURATION_LE_TWO 4 78 #endif 79 80 typedef struct 81 { 82 bt_bond_state_t state; 83 BD_ADDR bd_addr; 84 UINT8 is_temp; 85 UINT8 pin_code_len; 86 UINT8 is_ssp; 87 UINT8 autopair_attempts; 88 UINT8 is_local_initiated; 89 UINT8 sdp_attempts; 90 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 91 BOOLEAN is_le_only; 92 btif_dm_ble_cb_t ble; 93 #endif 94 } btif_dm_pairing_cb_t; 95 96 97 typedef struct 98 { 99 UINT8 ir[BT_OCTET16_LEN]; 100 UINT8 irk[BT_OCTET16_LEN]; 101 UINT8 dhk[BT_OCTET16_LEN]; 102 }btif_dm_local_key_id_t; 103 104 typedef struct 105 { 106 BOOLEAN is_er_rcvd; 107 UINT8 er[BT_OCTET16_LEN]; 108 BOOLEAN is_id_keys_rcvd; 109 btif_dm_local_key_id_t id_keys; /* ID kyes */ 110 111 }btif_dm_local_key_cb_t; 112 113 typedef struct 114 { 115 BD_ADDR bd_addr; 116 BD_NAME bd_name; 117 } btif_dm_remote_name_t; 118 119 typedef struct 120 { 121 BT_OCTET16 sp_c; 122 BT_OCTET16 sp_r; 123 BD_ADDR oob_bdaddr; /* peer bdaddr*/ 124 } btif_dm_oob_cb_t; 125 #define BTA_SERVICE_ID_TO_SERVICE_MASK(id) (1 << (id)) 126 127 /* This flag will be true if HCI_Inquiry is in progress */ 128 static BOOLEAN btif_dm_inquiry_in_progress = FALSE; 129 130 /************************************************************************************ 131 ** Static variables 132 ************************************************************************************/ 133 static char btif_default_local_name[DEFAULT_LOCAL_NAME_MAX+1] = {'\0'}; 134 135 /****************************************************************************** 136 ** Static functions 137 ******************************************************************************/ 138 static btif_dm_pairing_cb_t pairing_cb; 139 static btif_dm_oob_cb_t oob_cb; 140 static void btif_dm_generic_evt(UINT16 event, char* p_param); 141 static void btif_dm_cb_create_bond(bt_bdaddr_t *bd_addr); 142 static void btif_dm_cb_hid_remote_name(tBTM_REMOTE_DEV_NAME *p_remote_name); 143 static void btif_update_remote_properties(BD_ADDR bd_addr, BD_NAME bd_name, 144 DEV_CLASS dev_class, tBT_DEVICE_TYPE dev_type); 145 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 146 static btif_dm_local_key_cb_t ble_local_key_cb; 147 static void btif_dm_ble_key_notif_evt(tBTA_DM_SP_KEY_NOTIF *p_ssp_key_notif); 148 static void btif_dm_ble_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl); 149 static void btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ *p_pin_req); 150 #endif 151 static char* btif_get_default_local_name(); 152 /****************************************************************************** 153 ** Externs 154 ******************************************************************************/ 155 extern UINT16 bta_service_id_to_uuid_lkup_tbl [BTA_MAX_SERVICE_ID]; 156 extern bt_status_t btif_hf_execute_service(BOOLEAN b_enable); 157 extern bt_status_t btif_av_execute_service(BOOLEAN b_enable); 158 extern bt_status_t btif_hh_execute_service(BOOLEAN b_enable); 159 extern int btif_hh_connect(bt_bdaddr_t *bd_addr); 160 extern void bta_gatt_convert_uuid16_to_uuid128(UINT8 uuid_128[LEN_UUID_128], UINT16 uuid_16); 161 162 163 /****************************************************************************** 164 ** Functions 165 ******************************************************************************/ 166 167 bt_status_t btif_in_execute_service_request(tBTA_SERVICE_ID service_id, 168 BOOLEAN b_enable) 169 { 170 /* Check the service_ID and invoke the profile's BT state changed API */ 171 switch (service_id) 172 { 173 case BTA_HFP_SERVICE_ID: 174 case BTA_HSP_SERVICE_ID: 175 { 176 btif_hf_execute_service(b_enable); 177 }break; 178 case BTA_A2DP_SERVICE_ID: 179 { 180 btif_av_execute_service(b_enable); 181 }break; 182 case BTA_HID_SERVICE_ID: 183 { 184 btif_hh_execute_service(b_enable); 185 }break; 186 187 default: 188 BTIF_TRACE_ERROR1("%s: Unknown service being enabled", __FUNCTION__); 189 return BT_STATUS_FAIL; 190 } 191 return BT_STATUS_SUCCESS; 192 } 193 194 /******************************************************************************* 195 ** 196 ** Function check_eir_remote_name 197 ** 198 ** Description Check if remote name is in the EIR data 199 ** 200 ** Returns TRUE if remote name found 201 ** Populate p_remote_name, if provided and remote name found 202 ** 203 *******************************************************************************/ 204 static BOOLEAN check_eir_remote_name(tBTA_DM_SEARCH *p_search_data, 205 UINT8 *p_remote_name, UINT8 *p_remote_name_len) 206 { 207 UINT8 *p_eir_remote_name = NULL; 208 UINT8 remote_name_len = 0; 209 210 /* Check EIR for remote name and services */ 211 if (p_search_data->inq_res.p_eir) 212 { 213 p_eir_remote_name = BTA_CheckEirData(p_search_data->inq_res.p_eir, 214 BTM_EIR_COMPLETE_LOCAL_NAME_TYPE, &remote_name_len); 215 if (!p_eir_remote_name) 216 { 217 p_eir_remote_name = BTA_CheckEirData(p_search_data->inq_res.p_eir, 218 BTM_EIR_SHORTENED_LOCAL_NAME_TYPE, &remote_name_len); 219 } 220 221 if (p_eir_remote_name) 222 { 223 if (remote_name_len > BD_NAME_LEN) 224 remote_name_len = BD_NAME_LEN; 225 226 if (p_remote_name && p_remote_name_len) 227 { 228 memcpy(p_remote_name, p_eir_remote_name, remote_name_len); 229 *(p_remote_name + remote_name_len) = 0; 230 *p_remote_name_len = remote_name_len; 231 } 232 233 return TRUE; 234 } 235 } 236 237 return FALSE; 238 239 } 240 241 /******************************************************************************* 242 ** 243 ** Function check_cached_remote_name 244 ** 245 ** Description Check if remote name is in the NVRAM cache 246 ** 247 ** Returns TRUE if remote name found 248 ** Populate p_remote_name, if provided and remote name found 249 ** 250 *******************************************************************************/ 251 static BOOLEAN check_cached_remote_name(tBTA_DM_SEARCH *p_search_data, 252 UINT8 *p_remote_name, UINT8 *p_remote_name_len) 253 { 254 bt_bdname_t bdname; 255 bt_bdaddr_t remote_bdaddr; 256 bt_property_t prop_name; 257 258 /* check if we already have it in our btif_storage cache */ 259 bdcpy(remote_bdaddr.address, p_search_data->inq_res.bd_addr); 260 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_BDNAME, 261 sizeof(bt_bdname_t), &bdname); 262 if (btif_storage_get_remote_device_property( 263 &remote_bdaddr, &prop_name) == BT_STATUS_SUCCESS) 264 { 265 if (p_remote_name && p_remote_name_len) 266 { 267 strcpy((char *)p_remote_name, (char *)bdname.name); 268 *p_remote_name_len = strlen((char *)p_remote_name); 269 } 270 return TRUE; 271 } 272 273 return FALSE; 274 } 275 276 BOOLEAN check_cod(const bt_bdaddr_t *remote_bdaddr, uint32_t cod) 277 { 278 uint32_t remote_cod; 279 bt_property_t prop_name; 280 281 /* check if we already have it in our btif_storage cache */ 282 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_CLASS_OF_DEVICE, 283 sizeof(uint32_t), &remote_cod); 284 if (btif_storage_get_remote_device_property((bt_bdaddr_t *)remote_bdaddr, &prop_name) == BT_STATUS_SUCCESS) 285 { 286 if ((remote_cod & 0x7ff) == cod) 287 return TRUE; 288 } 289 290 return FALSE; 291 } 292 293 BOOLEAN check_cod_hid(const bt_bdaddr_t *remote_bdaddr, uint32_t cod) 294 { 295 uint32_t remote_cod; 296 bt_property_t prop_name; 297 298 /* check if we already have it in our btif_storage cache */ 299 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_CLASS_OF_DEVICE, 300 sizeof(uint32_t), &remote_cod); 301 if (btif_storage_get_remote_device_property((bt_bdaddr_t *)remote_bdaddr, 302 &prop_name) == BT_STATUS_SUCCESS) 303 { 304 if ((remote_cod & 0x700) == cod) 305 return TRUE; 306 } 307 return FALSE; 308 } 309 310 BOOLEAN check_hid_le(const bt_bdaddr_t *remote_bdaddr) 311 { 312 uint32_t remote_dev_type; 313 bt_property_t prop_name; 314 315 /* check if we already have it in our btif_storage cache */ 316 BTIF_STORAGE_FILL_PROPERTY(&prop_name,BT_PROPERTY_TYPE_OF_DEVICE, 317 sizeof(uint32_t), &remote_dev_type); 318 if (btif_storage_get_remote_device_property((bt_bdaddr_t *)remote_bdaddr, 319 &prop_name) == BT_STATUS_SUCCESS) 320 { 321 if (remote_dev_type == BT_DEVICE_DEVTYPE_BLE) 322 { 323 bdstr_t bdstr; 324 bd2str(remote_bdaddr, &bdstr); 325 if(btif_config_exist("Remote", bdstr, "HidAppId")) 326 return TRUE; 327 } 328 } 329 return FALSE; 330 } 331 332 static void bond_state_changed(bt_status_t status, bt_bdaddr_t *bd_addr, bt_bond_state_t state) 333 { 334 /* Send bonding state only once - based on outgoing/incoming we may receive duplicates */ 335 if ( (pairing_cb.state == state) && (state == BT_BOND_STATE_BONDING) ) 336 return; 337 338 if (pairing_cb.is_temp) 339 { 340 state = BT_BOND_STATE_NONE; 341 } 342 BTIF_TRACE_DEBUG3("%s: state=%d prev_state=%d", __FUNCTION__, state, pairing_cb.state); 343 344 HAL_CBACK(bt_hal_cbacks, bond_state_changed_cb, status, bd_addr, state); 345 346 if (state == BT_BOND_STATE_BONDING) 347 { 348 pairing_cb.state = state; 349 bdcpy(pairing_cb.bd_addr, bd_addr->address); 350 } 351 else 352 { 353 memset(&pairing_cb, 0, sizeof(pairing_cb)); 354 } 355 356 } 357 358 /* store remote version in bt config to always have access 359 to it post pairing*/ 360 static void btif_update_remote_version_property(bt_bdaddr_t *p_bd) 361 { 362 bt_property_t property; 363 UINT8 lmp_ver = 0; 364 UINT16 lmp_subver = 0; 365 UINT16 mfct_set = 0; 366 tBTM_STATUS btm_status; 367 bt_remote_version_t info; 368 bt_status_t status; 369 bdstr_t bdstr; 370 371 btm_status = BTM_ReadRemoteVersion(*(BD_ADDR*)p_bd, &lmp_ver, 372 &mfct_set, &lmp_subver); 373 374 ALOGD("remote version info [%s]: %x, %x, %x", bd2str(p_bd, &bdstr), 375 lmp_ver, mfct_set, lmp_subver); 376 377 if (btm_status == BTM_SUCCESS) 378 { 379 /* always update cache to ensure we have availability whenever BTM API 380 is not populated */ 381 info.manufacturer = mfct_set; 382 info.sub_ver = lmp_subver; 383 info.version = lmp_ver; 384 BTIF_STORAGE_FILL_PROPERTY(&property, 385 BT_PROPERTY_REMOTE_VERSION_INFO, sizeof(bt_remote_version_t), 386 &info); 387 status = btif_storage_set_remote_device_property(p_bd, &property); 388 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote version", status); 389 } 390 } 391 392 393 static void btif_update_remote_properties(BD_ADDR bd_addr, BD_NAME bd_name, 394 DEV_CLASS dev_class, tBT_DEVICE_TYPE device_type) 395 { 396 int num_properties = 0; 397 bt_property_t properties[3]; 398 bt_bdaddr_t bdaddr; 399 bt_status_t status; 400 UINT32 cod; 401 bt_device_type_t dev_type; 402 403 memset(properties, 0, sizeof(properties)); 404 bdcpy(bdaddr.address, bd_addr); 405 406 /* remote name */ 407 if (strlen((const char *) bd_name)) 408 { 409 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 410 BT_PROPERTY_BDNAME, strlen((char *)bd_name), bd_name); 411 status = btif_storage_set_remote_device_property(&bdaddr, &properties[num_properties]); 412 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device name", status); 413 num_properties++; 414 } 415 416 /* class of device */ 417 cod = devclass2uint(dev_class); 418 if ( cod == 0) { 419 BTIF_TRACE_DEBUG1("%s():cod is 0, set as unclassified", __FUNCTION__); 420 cod = COD_UNCLASSIFIED; 421 } 422 423 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 424 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod); 425 status = btif_storage_set_remote_device_property(&bdaddr, &properties[num_properties]); 426 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device class", status); 427 num_properties++; 428 429 /* device type */ 430 dev_type = device_type; 431 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 432 BT_PROPERTY_TYPE_OF_DEVICE, sizeof(dev_type), &dev_type); 433 status = btif_storage_set_remote_device_property(&bdaddr, &properties[num_properties]); 434 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device type", status); 435 num_properties++; 436 437 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, 438 status, &bdaddr, num_properties, properties); 439 } 440 /******************************************************************************* 441 ** 442 ** Function hid_remote_name_cback 443 ** 444 ** Description Remote name callback for HID device. Called in stack context 445 ** Special handling for HID devices 446 ** 447 ** Returns void 448 ** 449 *******************************************************************************/ 450 static void hid_remote_name_cback(void *p_param) 451 { 452 BTIF_TRACE_DEBUG1("%s", __FUNCTION__); 453 454 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_HID_REMOTE_NAME, 455 (char *)p_param, sizeof(tBTM_REMOTE_DEV_NAME), NULL); 456 } 457 458 /******************************************************************************* 459 ** 460 ** Function btif_dm_cb_hid_remote_name 461 ** 462 ** Description Remote name callback for HID device. Called in btif context 463 ** Special handling for HID devices 464 ** 465 ** Returns void 466 ** 467 *******************************************************************************/ 468 static void btif_dm_cb_hid_remote_name(tBTM_REMOTE_DEV_NAME *p_remote_name) 469 { 470 BTIF_TRACE_DEBUG3("%s: status=%d pairing_cb.state=%d", __FUNCTION__, p_remote_name->status, pairing_cb.state); 471 if (pairing_cb.state == BT_BOND_STATE_BONDING) 472 { 473 bt_bdaddr_t remote_bd; 474 475 bdcpy(remote_bd.address, pairing_cb.bd_addr); 476 477 if (p_remote_name->status == BTM_SUCCESS) 478 { 479 bond_state_changed(BT_STATUS_SUCCESS, &remote_bd, BT_BOND_STATE_BONDED); 480 } 481 else 482 bond_state_changed(BT_STATUS_FAIL, &remote_bd, BT_BOND_STATE_NONE); 483 } 484 } 485 486 /******************************************************************************* 487 ** 488 ** Function btif_dm_cb_create_bond 489 ** 490 ** Description Create bond initiated from the BTIF thread context 491 ** Special handling for HID devices 492 ** 493 ** Returns void 494 ** 495 *******************************************************************************/ 496 static void btif_dm_cb_create_bond(bt_bdaddr_t *bd_addr) 497 { 498 BOOLEAN is_hid = check_cod(bd_addr, COD_HID_POINTING); 499 500 501 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 502 503 if (is_hid){ 504 505 int status; 506 status = btif_hh_connect(bd_addr); 507 if(status != BT_STATUS_SUCCESS) 508 bond_state_changed(status, bd_addr, BT_BOND_STATE_NONE); 509 } 510 else 511 { 512 #if BLE_INCLUDED == TRUE 513 int device_type; 514 int addr_type; 515 bdstr_t bdstr; 516 bd2str(bd_addr, &bdstr); 517 if(btif_config_get_int("Remote", (char const *)&bdstr,"DevType", &device_type) && 518 (btif_storage_get_remote_addr_type(bd_addr, &addr_type) == BT_STATUS_SUCCESS) && 519 (device_type == BT_DEVICE_TYPE_BLE)) 520 { 521 BTA_DmAddBleDevice(bd_addr->address, addr_type, BT_DEVICE_TYPE_BLE); 522 } 523 #endif 524 BTA_DmBond ((UINT8 *)bd_addr->address); 525 } 526 /* Track originator of bond creation */ 527 pairing_cb.is_local_initiated = TRUE; 528 529 } 530 531 /******************************************************************************* 532 ** 533 ** Function btif_dm_cb_remove_bond 534 ** 535 ** Description remove bond initiated from the BTIF thread context 536 ** Special handling for HID devices 537 ** 538 ** Returns void 539 ** 540 *******************************************************************************/ 541 void btif_dm_cb_remove_bond(bt_bdaddr_t *bd_addr) 542 { 543 bdstr_t bdstr; 544 /*special handling for HID devices */ 545 /* VUP needs to be sent if its a HID Device. The HID HOST module will check if there 546 is a valid hid connection with this bd_addr. If yes VUP will be issued.*/ 547 #if (defined(BTA_HH_INCLUDED) && (BTA_HH_INCLUDED == TRUE)) 548 if (btif_hh_virtual_unplug(bd_addr) != BT_STATUS_SUCCESS) 549 #endif 550 { 551 BTA_DmRemoveDevice((UINT8 *)bd_addr->address); 552 } 553 } 554 555 /******************************************************************************* 556 ** 557 ** Function search_devices_copy_cb 558 ** 559 ** Description Deep copy callback for search devices event 560 ** 561 ** Returns void 562 ** 563 *******************************************************************************/ 564 static void search_devices_copy_cb(UINT16 event, char *p_dest, char *p_src) 565 { 566 tBTA_DM_SEARCH *p_dest_data = (tBTA_DM_SEARCH *) p_dest; 567 tBTA_DM_SEARCH *p_src_data = (tBTA_DM_SEARCH *) p_src; 568 569 if (!p_src) 570 return; 571 572 BTIF_TRACE_DEBUG2("%s: event=%s", __FUNCTION__, dump_dm_search_event(event)); 573 memcpy(p_dest_data, p_src_data, sizeof(tBTA_DM_SEARCH)); 574 switch (event) 575 { 576 case BTA_DM_INQ_RES_EVT: 577 { 578 if (p_src_data->inq_res.p_eir) 579 { 580 p_dest_data->inq_res.p_eir = (UINT8 *)(p_dest + sizeof(tBTA_DM_SEARCH)); 581 memcpy(p_dest_data->inq_res.p_eir, p_src_data->inq_res.p_eir, HCI_EXT_INQ_RESPONSE_LEN); 582 } 583 } 584 break; 585 586 case BTA_DM_DISC_RES_EVT: 587 { 588 if (p_src_data->disc_res.raw_data_size && p_src_data->disc_res.p_raw_data) 589 { 590 p_dest_data->disc_res.p_raw_data = (UINT8 *)(p_dest + sizeof(tBTA_DM_SEARCH)); 591 memcpy(p_dest_data->disc_res.p_raw_data, 592 p_src_data->disc_res.p_raw_data, p_src_data->disc_res.raw_data_size); 593 } 594 } 595 break; 596 } 597 } 598 599 static void search_services_copy_cb(UINT16 event, char *p_dest, char *p_src) 600 { 601 tBTA_DM_SEARCH *p_dest_data = (tBTA_DM_SEARCH *) p_dest; 602 tBTA_DM_SEARCH *p_src_data = (tBTA_DM_SEARCH *) p_src; 603 604 if (!p_src) 605 return; 606 memcpy(p_dest_data, p_src_data, sizeof(tBTA_DM_SEARCH)); 607 switch (event) 608 { 609 case BTA_DM_DISC_RES_EVT: 610 { 611 if (p_src_data->disc_res.result == BTA_SUCCESS) 612 { 613 if (p_src_data->disc_res.num_uuids > 0) 614 { 615 p_dest_data->disc_res.p_uuid_list = 616 (UINT8*)(p_dest + sizeof(tBTA_DM_SEARCH)); 617 memcpy(p_dest_data->disc_res.p_uuid_list, p_src_data->disc_res.p_uuid_list, 618 p_src_data->disc_res.num_uuids*MAX_UUID_SIZE); 619 GKI_freebuf(p_src_data->disc_res.p_uuid_list); 620 } 621 if (p_src_data->disc_res.p_raw_data != NULL) 622 { 623 GKI_freebuf(p_src_data->disc_res.p_raw_data); 624 } 625 } 626 } break; 627 } 628 } 629 /****************************************************************************** 630 ** 631 ** BTIF DM callback events 632 ** 633 *****************************************************************************/ 634 635 /******************************************************************************* 636 ** 637 ** Function btif_dm_pin_req_evt 638 ** 639 ** Description Executes pin request event in btif context 640 ** 641 ** Returns void 642 ** 643 *******************************************************************************/ 644 static void btif_dm_pin_req_evt(tBTA_DM_PIN_REQ *p_pin_req) 645 { 646 bt_bdaddr_t bd_addr; 647 bt_bdname_t bd_name; 648 UINT32 cod; 649 bt_pin_code_t pin_code; 650 651 /* Remote properties update */ 652 btif_update_remote_properties(p_pin_req->bd_addr, p_pin_req->bd_name, 653 p_pin_req->dev_class, BT_DEVICE_TYPE_BREDR); 654 655 bdcpy(bd_addr.address, p_pin_req->bd_addr); 656 memcpy(bd_name.name, p_pin_req->bd_name, BD_NAME_LEN); 657 658 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING); 659 660 cod = devclass2uint(p_pin_req->dev_class); 661 662 if ( cod == 0) { 663 BTIF_TRACE_DEBUG1("%s():cod is 0, set as unclassified", __FUNCTION__); 664 cod = COD_UNCLASSIFIED; 665 } 666 667 /* check for auto pair possiblity only if bond was initiated by local device */ 668 if (pairing_cb.is_local_initiated) 669 { 670 if (check_cod(&bd_addr, COD_AV_HEADSETS) || 671 check_cod(&bd_addr, COD_AV_HANDSFREE) || 672 check_cod(&bd_addr, COD_AV_HEADPHONES) || 673 check_cod(&bd_addr, COD_AV_PORTABLE_AUDIO) || 674 check_cod(&bd_addr, COD_AV_HIFI_AUDIO) || 675 check_cod(&bd_addr, COD_HID_POINTING)) 676 { 677 BTIF_TRACE_DEBUG1("%s()cod matches for auto pair", __FUNCTION__); 678 /* Check if this device can be auto paired */ 679 if ((btif_storage_is_device_autopair_blacklisted(&bd_addr) == FALSE) && 680 (pairing_cb.autopair_attempts == 0)) 681 { 682 BTIF_TRACE_DEBUG1("%s() Attempting auto pair", __FUNCTION__); 683 pin_code.pin[0] = 0x30; 684 pin_code.pin[1] = 0x30; 685 pin_code.pin[2] = 0x30; 686 pin_code.pin[3] = 0x30; 687 688 pairing_cb.autopair_attempts++; 689 BTA_DmPinReply( (UINT8*)bd_addr.address, TRUE, 4, pin_code.pin); 690 return; 691 } 692 } 693 else if (check_cod(&bd_addr, COD_HID_KEYBOARD) || 694 check_cod(&bd_addr, COD_HID_COMBO)) 695 { 696 if(( btif_storage_is_fixed_pin_zeros_keyboard (&bd_addr) == TRUE) && 697 (pairing_cb.autopair_attempts == 0)) 698 { 699 BTIF_TRACE_DEBUG1("%s() Attempting auto pair", __FUNCTION__); 700 pin_code.pin[0] = 0x30; 701 pin_code.pin[1] = 0x30; 702 pin_code.pin[2] = 0x30; 703 pin_code.pin[3] = 0x30; 704 705 pairing_cb.autopair_attempts++; 706 BTA_DmPinReply( (UINT8*)bd_addr.address, TRUE, 4, pin_code.pin); 707 return; 708 } 709 } 710 } 711 HAL_CBACK(bt_hal_cbacks, pin_request_cb, 712 &bd_addr, &bd_name, cod); 713 } 714 715 /******************************************************************************* 716 ** 717 ** Function btif_dm_ssp_cfm_req_evt 718 ** 719 ** Description Executes SSP confirm request event in btif context 720 ** 721 ** Returns void 722 ** 723 *******************************************************************************/ 724 static void btif_dm_ssp_cfm_req_evt(tBTA_DM_SP_CFM_REQ *p_ssp_cfm_req) 725 { 726 bt_bdaddr_t bd_addr; 727 bt_bdname_t bd_name; 728 UINT32 cod; 729 BOOLEAN is_incoming = !(pairing_cb.state == BT_BOND_STATE_BONDING); 730 731 BTIF_TRACE_DEBUG1("%s", __FUNCTION__); 732 733 /* Remote properties update */ 734 btif_update_remote_properties(p_ssp_cfm_req->bd_addr, p_ssp_cfm_req->bd_name, 735 p_ssp_cfm_req->dev_class, BT_DEVICE_TYPE_BREDR); 736 737 bdcpy(bd_addr.address, p_ssp_cfm_req->bd_addr); 738 memcpy(bd_name.name, p_ssp_cfm_req->bd_name, BD_NAME_LEN); 739 740 /* Set the pairing_cb based on the local & remote authentication requirements */ 741 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING); 742 743 /* if just_works and bonding bit is not set treat this as temporary */ 744 if (p_ssp_cfm_req->just_works && !(p_ssp_cfm_req->loc_auth_req & BTM_AUTH_BONDS) && 745 !(p_ssp_cfm_req->rmt_auth_req & BTM_AUTH_BONDS) && 746 !(check_cod((bt_bdaddr_t*)&p_ssp_cfm_req->bd_addr, COD_HID_POINTING))) 747 pairing_cb.is_temp = TRUE; 748 else 749 pairing_cb.is_temp = FALSE; 750 751 pairing_cb.is_ssp = TRUE; 752 753 /* If JustWorks auto-accept */ 754 if (p_ssp_cfm_req->just_works) 755 { 756 /* Pairing consent for JustWorks needed if: 757 * 1. Incoming pairing is detected AND 758 * 2. local IO capabilities are DisplayYesNo AND 759 * 3. remote IO capabiltiies are DisplayOnly or NoInputNoOutput; 760 */ 761 if ((is_incoming) && ((p_ssp_cfm_req->loc_io_caps == 0x01) && 762 (p_ssp_cfm_req->rmt_io_caps == 0x00 || p_ssp_cfm_req->rmt_io_caps == 0x03))) 763 { 764 BTIF_TRACE_EVENT3("%s: User consent needed for incoming pairing request. loc_io_caps: %d, rmt_io_caps: %d", 765 __FUNCTION__, p_ssp_cfm_req->loc_io_caps, p_ssp_cfm_req->rmt_io_caps); 766 } 767 else 768 { 769 BTIF_TRACE_EVENT1("%s: Auto-accept JustWorks pairing", __FUNCTION__); 770 btif_dm_ssp_reply(&bd_addr, BT_SSP_VARIANT_CONSENT, TRUE, 0); 771 return; 772 } 773 } 774 775 cod = devclass2uint(p_ssp_cfm_req->dev_class); 776 777 if ( cod == 0) { 778 ALOGD("cod is 0, set as unclassified"); 779 cod = COD_UNCLASSIFIED; 780 } 781 782 pairing_cb.sdp_attempts = 0; 783 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod, 784 (p_ssp_cfm_req->just_works ? BT_SSP_VARIANT_CONSENT : BT_SSP_VARIANT_PASSKEY_CONFIRMATION), 785 p_ssp_cfm_req->num_val); 786 } 787 788 static void btif_dm_ssp_key_notif_evt(tBTA_DM_SP_KEY_NOTIF *p_ssp_key_notif) 789 { 790 bt_bdaddr_t bd_addr; 791 bt_bdname_t bd_name; 792 UINT32 cod; 793 794 BTIF_TRACE_DEBUG1("%s", __FUNCTION__); 795 796 /* Remote properties update */ 797 btif_update_remote_properties(p_ssp_key_notif->bd_addr, p_ssp_key_notif->bd_name, 798 p_ssp_key_notif->dev_class, BT_DEVICE_TYPE_BREDR); 799 800 bdcpy(bd_addr.address, p_ssp_key_notif->bd_addr); 801 memcpy(bd_name.name, p_ssp_key_notif->bd_name, BD_NAME_LEN); 802 803 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING); 804 pairing_cb.is_ssp = TRUE; 805 cod = devclass2uint(p_ssp_key_notif->dev_class); 806 807 if ( cod == 0) { 808 ALOGD("cod is 0, set as unclassified"); 809 cod = COD_UNCLASSIFIED; 810 } 811 812 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, 813 cod, BT_SSP_VARIANT_PASSKEY_NOTIFICATION, 814 p_ssp_key_notif->passkey); 815 } 816 /******************************************************************************* 817 ** 818 ** Function btif_dm_auth_cmpl_evt 819 ** 820 ** Description Executes authentication complete event in btif context 821 ** 822 ** Returns void 823 ** 824 *******************************************************************************/ 825 static void btif_dm_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl) 826 { 827 /* Save link key, if not temporary */ 828 bt_bdaddr_t bd_addr; 829 bt_status_t status = BT_STATUS_FAIL; 830 bt_bond_state_t state = BT_BOND_STATE_NONE; 831 832 bdcpy(bd_addr.address, p_auth_cmpl->bd_addr); 833 if ( (p_auth_cmpl->success == TRUE) && (p_auth_cmpl->key_present) ) 834 { 835 if ((p_auth_cmpl->key_type < HCI_LKEY_TYPE_DEBUG_COMB) || (p_auth_cmpl->key_type == HCI_LKEY_TYPE_AUTH_COMB) || 836 (p_auth_cmpl->key_type == HCI_LKEY_TYPE_CHANGED_COMB) || (!pairing_cb.is_temp)) 837 { 838 bt_status_t ret; 839 BTIF_TRACE_DEBUG3("%s: Storing link key. key_type=0x%x, is_temp=%d", 840 __FUNCTION__, p_auth_cmpl->key_type, pairing_cb.is_temp); 841 ret = btif_storage_add_bonded_device(&bd_addr, 842 p_auth_cmpl->key, p_auth_cmpl->key_type, 843 pairing_cb.pin_code_len); 844 ASSERTC(ret == BT_STATUS_SUCCESS, "storing link key failed", ret); 845 } 846 else 847 { 848 BTIF_TRACE_DEBUG3("%s: Temporary key. Not storing. key_type=0x%x, is_temp=%d", 849 __FUNCTION__, p_auth_cmpl->key_type, pairing_cb.is_temp); 850 } 851 } 852 if (p_auth_cmpl->success) 853 { 854 status = BT_STATUS_SUCCESS; 855 state = BT_BOND_STATE_BONDED; 856 857 /* Trigger SDP on the device */ 858 pairing_cb.sdp_attempts = 1;; 859 860 if(btif_dm_inquiry_in_progress) 861 btif_dm_cancel_discovery(); 862 863 btif_dm_get_remote_services(&bd_addr); 864 /* Do not call bond_state_changed_cb yet. Wait till fetch remote service is complete */ 865 } 866 else 867 { 868 /*Map the HCI fail reason to bt status */ 869 switch(p_auth_cmpl->fail_reason) 870 { 871 case HCI_ERR_PAGE_TIMEOUT: 872 case HCI_ERR_CONNECTION_TOUT: 873 status = BT_STATUS_RMT_DEV_DOWN; 874 break; 875 876 /* map the auth failure codes, so we can retry pairing if necessary */ 877 case HCI_ERR_AUTH_FAILURE: 878 case HCI_ERR_HOST_REJECT_SECURITY: 879 case HCI_ERR_ENCRY_MODE_NOT_ACCEPTABLE: 880 case HCI_ERR_UNIT_KEY_USED: 881 case HCI_ERR_PAIRING_WITH_UNIT_KEY_NOT_SUPPORTED: 882 case HCI_ERR_INSUFFCIENT_SECURITY: 883 BTIF_TRACE_DEBUG1(" %s() Authentication fail ", __FUNCTION__); 884 if (pairing_cb.autopair_attempts == 1) 885 { 886 BTIF_TRACE_DEBUG1("%s(): Adding device to blacklist ", __FUNCTION__); 887 888 /* Add the device to dynamic black list only if this device belongs to Audio/pointing dev class */ 889 if (check_cod(&bd_addr, COD_AV_HEADSETS) || 890 check_cod(&bd_addr, COD_AV_HANDSFREE) || 891 check_cod(&bd_addr, COD_AV_HEADPHONES) || 892 check_cod(&bd_addr, COD_AV_PORTABLE_AUDIO) || 893 check_cod(&bd_addr, COD_AV_HIFI_AUDIO) || 894 check_cod(&bd_addr, COD_HID_POINTING)) 895 { 896 btif_storage_add_device_to_autopair_blacklist (&bd_addr); 897 } 898 pairing_cb.autopair_attempts++; 899 900 /* Create the Bond once again */ 901 BTIF_TRACE_DEBUG1("%s() auto pair failed. Reinitiate Bond", __FUNCTION__); 902 btif_dm_cb_create_bond (&bd_addr); 903 return; 904 } 905 else 906 { 907 /* if autopair attempts are more than 1, or not attempted */ 908 status = BT_STATUS_AUTH_FAILURE; 909 } 910 break; 911 912 default: 913 status = BT_STATUS_FAIL; 914 } 915 bond_state_changed(status, &bd_addr, state); 916 } 917 } 918 919 /****************************************************************************** 920 ** 921 ** Function btif_dm_search_devices_evt 922 ** 923 ** Description Executes search devices callback events in btif context 924 ** 925 ** Returns void 926 ** 927 ******************************************************************************/ 928 static void btif_dm_search_devices_evt (UINT16 event, char *p_param) 929 { 930 tBTA_DM_SEARCH *p_search_data; 931 BTIF_TRACE_EVENT2("%s event=%s", __FUNCTION__, dump_dm_search_event(event)); 932 933 switch (event) 934 { 935 case BTA_DM_DISC_RES_EVT: 936 { 937 p_search_data = (tBTA_DM_SEARCH *)p_param; 938 /* Remote name update */ 939 if (strlen((const char *) p_search_data->disc_res.bd_name)) 940 { 941 bt_property_t properties[1]; 942 bt_bdaddr_t bdaddr; 943 bt_status_t status; 944 945 properties[0].type = BT_PROPERTY_BDNAME; 946 properties[0].val = p_search_data->disc_res.bd_name; 947 properties[0].len = strlen((char *)p_search_data->disc_res.bd_name); 948 bdcpy(bdaddr.address, p_search_data->disc_res.bd_addr); 949 950 status = btif_storage_set_remote_device_property(&bdaddr, &properties[0]); 951 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device property", status); 952 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, 953 status, &bdaddr, 1, properties); 954 } 955 /* TODO: Services? */ 956 } 957 break; 958 959 case BTA_DM_INQ_RES_EVT: 960 { 961 /* inquiry result */ 962 UINT32 cod; 963 UINT8 *p_eir_remote_name = NULL; 964 bt_bdname_t bdname; 965 bt_bdaddr_t bdaddr; 966 UINT8 remote_name_len; 967 UINT8 *p_cached_name = NULL; 968 tBTA_SERVICE_MASK services = 0; 969 bdstr_t bdstr; 970 971 p_search_data = (tBTA_DM_SEARCH *)p_param; 972 bdcpy(bdaddr.address, p_search_data->inq_res.bd_addr); 973 974 BTIF_TRACE_DEBUG3("%s() %s device_type = 0x%x\n", __FUNCTION__, bd2str(&bdaddr, &bdstr), 975 #if (BLE_INCLUDED == TRUE) 976 p_search_data->inq_res.device_type); 977 #else 978 BT_DEVICE_TYPE_BREDR); 979 #endif 980 bdname.name[0] = 0; 981 982 cod = devclass2uint (p_search_data->inq_res.dev_class); 983 984 if ( cod == 0) { 985 ALOGD("cod is 0, set as unclassified"); 986 cod = COD_UNCLASSIFIED; 987 } 988 989 if (!check_eir_remote_name(p_search_data, bdname.name, &remote_name_len)) 990 check_cached_remote_name(p_search_data, bdname.name, &remote_name_len); 991 992 /* Check EIR for remote name and services */ 993 if (p_search_data->inq_res.p_eir) 994 { 995 BTA_GetEirService(p_search_data->inq_res.p_eir, &services); 996 BTIF_TRACE_DEBUG2("%s()EIR BTA services = %08X", __FUNCTION__, (UINT32)services); 997 /* TODO: Get the service list and check to see which uuids we got and send it back to the client. */ 998 } 999 1000 1001 { 1002 bt_property_t properties[5]; 1003 bt_device_type_t dev_type; 1004 UINT8 addr_type; 1005 uint32_t num_properties = 0; 1006 bt_status_t status; 1007 1008 memset(properties, 0, sizeof(properties)); 1009 /* BD_ADDR */ 1010 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1011 BT_PROPERTY_BDADDR, sizeof(bdaddr), &bdaddr); 1012 num_properties++; 1013 /* BD_NAME */ 1014 /* Don't send BDNAME if it is empty */ 1015 if (bdname.name[0]) 1016 { 1017 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1018 BT_PROPERTY_BDNAME, 1019 strlen((char *)bdname.name), &bdname); 1020 num_properties++; 1021 } 1022 1023 /* DEV_CLASS */ 1024 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1025 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod); 1026 num_properties++; 1027 /* DEV_TYPE */ 1028 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 1029 /* FixMe: Assumption is that bluetooth.h and BTE enums match */ 1030 dev_type = p_search_data->inq_res.device_type; 1031 addr_type = p_search_data->inq_res.ble_addr_type; 1032 #else 1033 dev_type = BT_DEVICE_TYPE_BREDR; 1034 #endif 1035 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1036 BT_PROPERTY_TYPE_OF_DEVICE, sizeof(dev_type), &dev_type); 1037 num_properties++; 1038 /* RSSI */ 1039 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1040 BT_PROPERTY_REMOTE_RSSI, sizeof(int8_t), 1041 &(p_search_data->inq_res.rssi)); 1042 num_properties++; 1043 1044 status = btif_storage_add_remote_device(&bdaddr, num_properties, properties); 1045 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device (inquiry)", status); 1046 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 1047 status = btif_storage_set_remote_addr_type(&bdaddr, addr_type); 1048 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote addr type (inquiry)", status); 1049 #endif 1050 /* Callback to notify upper layer of device */ 1051 HAL_CBACK(bt_hal_cbacks, device_found_cb, 1052 num_properties, properties); 1053 } 1054 } 1055 break; 1056 1057 case BTA_DM_INQ_CMPL_EVT: 1058 { 1059 } 1060 break; 1061 case BTA_DM_DISC_CMPL_EVT: 1062 { 1063 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, BT_DISCOVERY_STOPPED); 1064 } 1065 break; 1066 case BTA_DM_SEARCH_CANCEL_CMPL_EVT: 1067 { 1068 /* if inquiry is not in progress and we get a cancel event, then 1069 * it means we are done with inquiry, but remote_name fetches are in 1070 * progress 1071 * 1072 * if inquiry is in progress, then we don't want to act on this cancel_cmpl_evt 1073 * but instead wait for the cancel_cmpl_evt via the Busy Level 1074 * 1075 */ 1076 if (btif_dm_inquiry_in_progress == FALSE) 1077 { 1078 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, BT_DISCOVERY_STOPPED); 1079 } 1080 } 1081 break; 1082 } 1083 } 1084 1085 /******************************************************************************* 1086 ** 1087 ** Function btif_dm_search_services_evt 1088 ** 1089 ** Description Executes search services event in btif context 1090 ** 1091 ** Returns void 1092 ** 1093 *******************************************************************************/ 1094 static void btif_dm_search_services_evt(UINT16 event, char *p_param) 1095 { 1096 tBTA_DM_SEARCH *p_data = (tBTA_DM_SEARCH*)p_param; 1097 1098 BTIF_TRACE_EVENT2("%s: event = %d", __FUNCTION__, event); 1099 switch (event) 1100 { 1101 case BTA_DM_DISC_RES_EVT: 1102 { 1103 bt_uuid_t uuid_arr[BT_MAX_NUM_UUIDS]; /* Max 32 services */ 1104 bt_property_t prop; 1105 uint32_t i = 0, j = 0; 1106 bt_bdaddr_t bd_addr; 1107 bt_status_t ret; 1108 1109 bdcpy(bd_addr.address, p_data->disc_res.bd_addr); 1110 1111 BTIF_TRACE_DEBUG3("%s:(result=0x%x, services 0x%x)", __FUNCTION__, 1112 p_data->disc_res.result, p_data->disc_res.services); 1113 if ((p_data->disc_res.result != BTA_SUCCESS) && 1114 (pairing_cb.state == BT_BOND_STATE_BONDING ) && 1115 (pairing_cb.sdp_attempts < BTIF_DM_MAX_SDP_ATTEMPTS_AFTER_PAIRING)) 1116 { 1117 BTIF_TRACE_WARNING1("%s:SDP failed after bonding re-attempting", __FUNCTION__); 1118 pairing_cb.sdp_attempts++; 1119 btif_dm_get_remote_services(&bd_addr); 1120 return; 1121 } 1122 prop.type = BT_PROPERTY_UUIDS; 1123 prop.len = 0; 1124 if ((p_data->disc_res.result == BTA_SUCCESS) && (p_data->disc_res.num_uuids > 0)) 1125 { 1126 prop.val = p_data->disc_res.p_uuid_list; 1127 prop.len = p_data->disc_res.num_uuids * MAX_UUID_SIZE; 1128 for (i=0; i < p_data->disc_res.num_uuids; i++) 1129 { 1130 char temp[256]; 1131 uuid_to_string((bt_uuid_t*)(p_data->disc_res.p_uuid_list + (i*MAX_UUID_SIZE)), temp); 1132 BTIF_TRACE_ERROR2("Index: %d uuid:%s", i, temp); 1133 } 1134 } 1135 1136 /* onUuidChanged requires getBondedDevices to be populated. 1137 ** bond_state_changed needs to be sent prior to remote_device_property 1138 */ 1139 if ((pairing_cb.state == BT_BOND_STATE_BONDING) && 1140 (bdcmp(p_data->disc_res.bd_addr, pairing_cb.bd_addr) == 0)&& 1141 pairing_cb.sdp_attempts > 0) 1142 { 1143 BTIF_TRACE_DEBUG1("%s Remote Service SDP done. Call bond_state_changed_cb BONDED", 1144 __FUNCTION__); 1145 pairing_cb.sdp_attempts = 0; 1146 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDED); 1147 } 1148 1149 if(p_data->disc_res.num_uuids != 0) 1150 { 1151 /* Also write this to the NVRAM */ 1152 ret = btif_storage_set_remote_device_property(&bd_addr, &prop); 1153 ASSERTC(ret == BT_STATUS_SUCCESS, "storing remote services failed", ret); 1154 /* Send the event to the BTIF */ 1155 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, 1156 BT_STATUS_SUCCESS, &bd_addr, 1, &prop); 1157 } 1158 } 1159 break; 1160 1161 case BTA_DM_DISC_CMPL_EVT: 1162 /* fixme */ 1163 break; 1164 1165 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 1166 case BTA_DM_DISC_BLE_RES_EVT: 1167 BTIF_TRACE_DEBUG2("%s:, services 0x%x)", __FUNCTION__, 1168 p_data->disc_ble_res.service.uu.uuid16); 1169 bt_uuid_t uuid; 1170 int i = 0; 1171 int j = 15; 1172 if (p_data->disc_ble_res.service.uu.uuid16 == UUID_SERVCLASS_LE_HID) 1173 { 1174 BTIF_TRACE_DEBUG1("%s: Found HOGP UUID",__FUNCTION__); 1175 bt_property_t prop; 1176 bt_bdaddr_t bd_addr; 1177 char temp[256]; 1178 bt_status_t ret; 1179 1180 bta_gatt_convert_uuid16_to_uuid128(uuid.uu,p_data->disc_ble_res.service.uu.uuid16); 1181 1182 while(i < j ) 1183 { 1184 unsigned char c = uuid.uu[j]; 1185 uuid.uu[j] = uuid.uu[i]; 1186 uuid.uu[i] = c; 1187 i++; 1188 j--; 1189 } 1190 1191 uuid_to_string(&uuid, temp); 1192 BTIF_TRACE_ERROR1(" uuid:%s", temp); 1193 1194 bdcpy(bd_addr.address, p_data->disc_ble_res.bd_addr); 1195 prop.type = BT_PROPERTY_UUIDS; 1196 prop.val = uuid.uu; 1197 prop.len = MAX_UUID_SIZE; 1198 1199 /* Also write this to the NVRAM */ 1200 ret = btif_storage_set_remote_device_property(&bd_addr, &prop); 1201 ASSERTC(ret == BT_STATUS_SUCCESS, "storing remote services failed", ret); 1202 1203 /* Send the event to the BTIF */ 1204 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, 1205 BT_STATUS_SUCCESS, &bd_addr, 1, &prop); 1206 1207 } 1208 break; 1209 #endif /* BLE_INCLUDED */ 1210 1211 default: 1212 { 1213 ASSERTC(0, "unhandled search services event", event); 1214 } 1215 break; 1216 } 1217 } 1218 1219 /******************************************************************************* 1220 ** 1221 ** Function btif_dm_remote_service_record_evt 1222 ** 1223 ** Description Executes search service record event in btif context 1224 ** 1225 ** Returns void 1226 ** 1227 *******************************************************************************/ 1228 static void btif_dm_remote_service_record_evt(UINT16 event, char *p_param) 1229 { 1230 tBTA_DM_SEARCH *p_data = (tBTA_DM_SEARCH*)p_param; 1231 1232 BTIF_TRACE_EVENT2("%s: event = %d", __FUNCTION__, event); 1233 switch (event) 1234 { 1235 case BTA_DM_DISC_RES_EVT: 1236 { 1237 bt_service_record_t rec; 1238 bt_property_t prop; 1239 uint32_t i = 0; 1240 bt_bdaddr_t bd_addr; 1241 1242 memset(&rec, 0, sizeof(bt_service_record_t)); 1243 bdcpy(bd_addr.address, p_data->disc_res.bd_addr); 1244 1245 BTIF_TRACE_DEBUG3("%s:(result=0x%x, services 0x%x)", __FUNCTION__, 1246 p_data->disc_res.result, p_data->disc_res.services); 1247 prop.type = BT_PROPERTY_SERVICE_RECORD; 1248 prop.val = (void*)&rec; 1249 prop.len = sizeof(rec); 1250 1251 /* disc_res.result is overloaded with SCN. Cannot check result */ 1252 p_data->disc_res.services &= ~BTA_USER_SERVICE_MASK; 1253 /* TODO: Get the UUID as well */ 1254 rec.channel = p_data->disc_res.result - 3; 1255 /* TODO: Need to get the service name using p_raw_data */ 1256 rec.name[0] = 0; 1257 1258 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, 1259 BT_STATUS_SUCCESS, &bd_addr, 1, &prop); 1260 } 1261 break; 1262 1263 default: 1264 { 1265 ASSERTC(0, "unhandled remote service record event", event); 1266 } 1267 break; 1268 } 1269 } 1270 1271 /******************************************************************************* 1272 ** 1273 ** Function btif_dm_upstreams_cback 1274 ** 1275 ** Description Executes UPSTREAMS events in btif context 1276 ** 1277 ** Returns void 1278 ** 1279 *******************************************************************************/ 1280 static void btif_dm_upstreams_evt(UINT16 event, char* p_param) 1281 { 1282 tBTA_DM_SEC_EVT dm_event = (tBTA_DM_SEC_EVT)event; 1283 tBTA_DM_SEC *p_data = (tBTA_DM_SEC*)p_param; 1284 tBTA_SERVICE_MASK service_mask; 1285 uint32_t i; 1286 bt_bdaddr_t bd_addr; 1287 1288 BTIF_TRACE_EVENT1("btif_dm_upstreams_cback ev: %s", dump_dm_event(event)); 1289 1290 switch (event) 1291 { 1292 case BTA_DM_ENABLE_EVT: 1293 { 1294 BD_NAME bdname; 1295 bt_status_t status; 1296 bt_property_t prop; 1297 prop.type = BT_PROPERTY_BDNAME; 1298 prop.len = BD_NAME_LEN; 1299 prop.val = (void*)bdname; 1300 1301 status = btif_storage_get_adapter_property(&prop); 1302 if (status == BT_STATUS_SUCCESS) 1303 { 1304 /* A name exists in the storage. Make this the device name */ 1305 BTA_DmSetDeviceName((char*)prop.val); 1306 } 1307 else 1308 { 1309 /* Storage does not have a name yet. 1310 * Use the default name and write it to the chip 1311 */ 1312 BTA_DmSetDeviceName(btif_get_default_local_name()); 1313 } 1314 1315 /* for each of the enabled services in the mask, trigger the profile 1316 * enable */ 1317 service_mask = btif_get_enabled_services_mask(); 1318 for (i=0; i <= BTA_MAX_SERVICE_ID; i++) 1319 { 1320 if (service_mask & 1321 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(i))) 1322 { 1323 btif_in_execute_service_request(i, TRUE); 1324 } 1325 } 1326 /* clear control blocks */ 1327 memset(&pairing_cb, 0, sizeof(btif_dm_pairing_cb_t)); 1328 1329 /* This function will also trigger the adapter_properties_cb 1330 ** and bonded_devices_info_cb 1331 */ 1332 btif_storage_load_bonded_devices(); 1333 1334 btif_storage_load_autopair_device_list(); 1335 1336 btif_enable_bluetooth_evt(p_data->enable.status, p_data->enable.bd_addr); 1337 } 1338 break; 1339 1340 case BTA_DM_DISABLE_EVT: 1341 /* for each of the enabled services in the mask, trigger the profile 1342 * disable */ 1343 service_mask = btif_get_enabled_services_mask(); 1344 for (i=0; i <= BTA_MAX_SERVICE_ID; i++) 1345 { 1346 if (service_mask & 1347 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(i))) 1348 { 1349 btif_in_execute_service_request(i, FALSE); 1350 } 1351 } 1352 btif_disable_bluetooth_evt(); 1353 break; 1354 1355 case BTA_DM_PIN_REQ_EVT: 1356 btif_dm_pin_req_evt(&p_data->pin_req); 1357 break; 1358 1359 case BTA_DM_AUTH_CMPL_EVT: 1360 btif_dm_auth_cmpl_evt(&p_data->auth_cmpl); 1361 break; 1362 1363 case BTA_DM_BOND_CANCEL_CMPL_EVT: 1364 if (pairing_cb.state == BT_BOND_STATE_BONDING) 1365 { 1366 bdcpy(bd_addr.address, pairing_cb.bd_addr); 1367 bond_state_changed(p_data->bond_cancel_cmpl.result, &bd_addr, BT_BOND_STATE_NONE); 1368 } 1369 break; 1370 1371 case BTA_DM_SP_CFM_REQ_EVT: 1372 btif_dm_ssp_cfm_req_evt(&p_data->cfm_req); 1373 break; 1374 case BTA_DM_SP_KEY_NOTIF_EVT: 1375 btif_dm_ssp_key_notif_evt(&p_data->key_notif); 1376 break; 1377 1378 case BTA_DM_DEV_UNPAIRED_EVT: 1379 bdcpy(bd_addr.address, p_data->link_down.bd_addr); 1380 1381 /*special handling for HID devices */ 1382 #if (defined(BTA_HH_INCLUDED) && (BTA_HH_INCLUDED == TRUE)) 1383 btif_hh_remove_device(bd_addr); 1384 #endif 1385 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 1386 btif_storage_remove_ble_bonding_keys(&bd_addr); 1387 #endif 1388 btif_storage_remove_bonded_device(&bd_addr); 1389 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_NONE); 1390 break; 1391 1392 case BTA_DM_BUSY_LEVEL_EVT: 1393 { 1394 1395 if (p_data->busy_level.level_flags & BTM_BL_INQUIRY_PAGING_MASK) 1396 { 1397 if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_STARTED) 1398 { 1399 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, 1400 BT_DISCOVERY_STARTED); 1401 btif_dm_inquiry_in_progress = TRUE; 1402 } 1403 else if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_CANCELLED) 1404 { 1405 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, 1406 BT_DISCOVERY_STOPPED); 1407 btif_dm_inquiry_in_progress = FALSE; 1408 } 1409 else if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_COMPLETE) 1410 { 1411 btif_dm_inquiry_in_progress = FALSE; 1412 } 1413 } 1414 }break; 1415 1416 case BTA_DM_LINK_UP_EVT: 1417 bdcpy(bd_addr.address, p_data->link_up.bd_addr); 1418 BTIF_TRACE_DEBUG0("BTA_DM_LINK_UP_EVT. Sending BT_ACL_STATE_CONNECTED"); 1419 1420 btif_update_remote_version_property(&bd_addr); 1421 1422 HAL_CBACK(bt_hal_cbacks, acl_state_changed_cb, BT_STATUS_SUCCESS, 1423 &bd_addr, BT_ACL_STATE_CONNECTED); 1424 break; 1425 1426 case BTA_DM_LINK_DOWN_EVT: 1427 bdcpy(bd_addr.address, p_data->link_down.bd_addr); 1428 BTIF_TRACE_DEBUG0("BTA_DM_LINK_DOWN_EVT. Sending BT_ACL_STATE_DISCONNECTED"); 1429 HAL_CBACK(bt_hal_cbacks, acl_state_changed_cb, BT_STATUS_SUCCESS, 1430 &bd_addr, BT_ACL_STATE_DISCONNECTED); 1431 break; 1432 1433 case BTA_DM_HW_ERROR_EVT: 1434 BTIF_TRACE_ERROR0("Received H/W Error. "); 1435 /* Flush storage data */ 1436 btif_config_flush(); 1437 usleep(100000); /* 100milliseconds */ 1438 /* Killing the process to force a restart as part of fault tolerance */ 1439 kill(getpid(), SIGKILL); 1440 break; 1441 1442 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 1443 case BTA_DM_BLE_KEY_EVT: 1444 BTIF_TRACE_DEBUG1("BTA_DM_BLE_KEY_EVT key_type=0x%02x ", p_data->ble_key.key_type); 1445 1446 /* If this pairing is by-product of local initiated GATT client Read or Write, 1447 BTA would not have sent BTA_DM_BLE_SEC_REQ_EVT event and Bond state would not 1448 have setup properly. Setup pairing_cb and notify App about Bonding state now*/ 1449 if (pairing_cb.state != BT_BOND_STATE_BONDING) 1450 { 1451 BTIF_TRACE_DEBUG0("Bond state not sent to App so far.Notify the app now"); 1452 bond_state_changed(BT_STATUS_SUCCESS, (bt_bdaddr_t*)p_data->ble_key.bd_addr, 1453 BT_BOND_STATE_BONDING); 1454 } 1455 else if (memcmp (pairing_cb.bd_addr, p_data->ble_key.bd_addr, BD_ADDR_LEN)!=0) 1456 { 1457 BTIF_TRACE_ERROR1("BD mismatch discard BLE key_type=%d ",p_data->ble_key.key_type); 1458 break; 1459 } 1460 1461 switch (p_data->ble_key.key_type) 1462 { 1463 case BTA_LE_KEY_PENC: 1464 BTIF_TRACE_DEBUG0("Rcv BTA_LE_KEY_PENC"); 1465 pairing_cb.ble.is_penc_key_rcvd = TRUE; 1466 memcpy(pairing_cb.ble.penc_key.ltk,p_data->ble_key.key_value.penc_key.ltk, 16); 1467 memcpy(pairing_cb.ble.penc_key.rand, p_data->ble_key.key_value.penc_key.rand,8); 1468 pairing_cb.ble.penc_key.ediv = p_data->ble_key.key_value.penc_key.ediv; 1469 pairing_cb.ble.penc_key.sec_level = p_data->ble_key.key_value.penc_key.sec_level; 1470 1471 for (i=0; i<16; i++) 1472 { 1473 BTIF_TRACE_DEBUG2("pairing_cb.ble.penc_key.ltk[%d]=0x%02x",i,pairing_cb.ble.penc_key.ltk[i]); 1474 } 1475 for (i=0; i<8; i++) 1476 { 1477 BTIF_TRACE_DEBUG2("pairing_cb.ble.penc_key.rand[%d]=0x%02x",i,pairing_cb.ble.penc_key.rand[i]); 1478 } 1479 BTIF_TRACE_DEBUG1("pairing_cb.ble.penc_key.ediv=0x%04x",pairing_cb.ble.penc_key.ediv); 1480 BTIF_TRACE_DEBUG1("pairing_cb.ble.penc_key.sec_level=0x%02x",pairing_cb.ble.penc_key.sec_level); 1481 BTIF_TRACE_DEBUG1("pairing_cb.ble.penc_key.key_size=0x%02x",pairing_cb.ble.penc_key.key_size); 1482 break; 1483 1484 case BTA_LE_KEY_PID: 1485 BTIF_TRACE_DEBUG0("Rcv BTA_LE_KEY_PID"); 1486 pairing_cb.ble.is_pid_key_rcvd = TRUE; 1487 memcpy(pairing_cb.ble.pid_key, p_data->ble_key.key_value.pid_key.irk, 16); 1488 for (i=0; i<16; i++) 1489 { 1490 BTIF_TRACE_DEBUG2("pairing_cb.ble.pid_key[%d]=0x%02x",i,pairing_cb.ble.pid_key[i]); 1491 } 1492 break; 1493 1494 case BTA_LE_KEY_PCSRK: 1495 BTIF_TRACE_DEBUG0("Rcv BTA_LE_KEY_PCSRK"); 1496 pairing_cb.ble.is_pcsrk_key_rcvd = TRUE; 1497 pairing_cb.ble.pcsrk_key.counter = p_data->ble_key.key_value.pcsrk_key.counter; 1498 pairing_cb.ble.pcsrk_key.sec_level = p_data->ble_key.key_value.pcsrk_key.sec_level; 1499 memcpy(pairing_cb.ble.pcsrk_key.csrk,p_data->ble_key.key_value.pcsrk_key.csrk,16); 1500 1501 for (i=0; i<16; i++) 1502 { 1503 BTIF_TRACE_DEBUG2("pairing_cb.ble.pcsrk_key.csrk[%d]=0x%02x",i,pairing_cb.ble.pcsrk_key.csrk[i]); 1504 } 1505 BTIF_TRACE_DEBUG1("pairing_cb.ble.pcsrk_key.counter=0x%08x",pairing_cb.ble.pcsrk_key.counter); 1506 BTIF_TRACE_DEBUG1("pairing_cb.ble.pcsrk_key.sec_level=0x%02x",pairing_cb.ble.pcsrk_key.sec_level); 1507 break; 1508 1509 case BTA_LE_KEY_LENC: 1510 BTIF_TRACE_DEBUG0("Rcv BTA_LE_KEY_LENC"); 1511 pairing_cb.ble.is_lenc_key_rcvd = TRUE; 1512 pairing_cb.ble.lenc_key.div = p_data->ble_key.key_value.lenc_key.div; 1513 pairing_cb.ble.lenc_key.key_size = p_data->ble_key.key_value.lenc_key.key_size; 1514 pairing_cb.ble.lenc_key.sec_level = p_data->ble_key.key_value.lenc_key.sec_level; 1515 1516 BTIF_TRACE_DEBUG1("pairing_cb.ble.lenc_key.div=0x%04x",pairing_cb.ble.lenc_key.div); 1517 BTIF_TRACE_DEBUG1("pairing_cb.ble.lenc_key.key_size=0x%02x",pairing_cb.ble.lenc_key.key_size); 1518 BTIF_TRACE_DEBUG1("pairing_cb.ble.lenc_key.sec_level=0x%02x",pairing_cb.ble.lenc_key.sec_level); 1519 break; 1520 1521 1522 1523 case BTA_LE_KEY_LCSRK: 1524 BTIF_TRACE_DEBUG0("Rcv BTA_LE_KEY_LCSRK"); 1525 pairing_cb.ble.is_lcsrk_key_rcvd = TRUE; 1526 pairing_cb.ble.lcsrk_key.counter = p_data->ble_key.key_value.lcsrk_key.counter; 1527 pairing_cb.ble.lcsrk_key.div = p_data->ble_key.key_value.lcsrk_key.div; 1528 pairing_cb.ble.lcsrk_key.sec_level = p_data->ble_key.key_value.lcsrk_key.sec_level; 1529 1530 BTIF_TRACE_DEBUG1("pairing_cb.ble.lcsrk_key.div=0x%04x",pairing_cb.ble.lcsrk_key.div); 1531 BTIF_TRACE_DEBUG1("pairing_cb.ble.lcsrk_key.counter=0x%08x",pairing_cb.ble.lcsrk_key.counter); 1532 BTIF_TRACE_DEBUG1("pairing_cb.ble.lcsrk_key.sec_level=0x%02x",pairing_cb.ble.lcsrk_key.sec_level); 1533 1534 break; 1535 1536 default: 1537 BTIF_TRACE_ERROR1("unknown BLE key type (0x%02x)", p_data->ble_key.key_type); 1538 break; 1539 } 1540 1541 break; 1542 case BTA_DM_BLE_SEC_REQ_EVT: 1543 BTIF_TRACE_DEBUG0("BTA_DM_BLE_SEC_REQ_EVT. "); 1544 btif_dm_ble_sec_req_evt(&p_data->ble_req); 1545 break; 1546 case BTA_DM_BLE_PASSKEY_NOTIF_EVT: 1547 BTIF_TRACE_DEBUG0("BTA_DM_BLE_PASSKEY_NOTIF_EVT. "); 1548 btif_dm_ble_key_notif_evt(&p_data->key_notif); 1549 break; 1550 case BTA_DM_BLE_PASSKEY_REQ_EVT: 1551 BTIF_TRACE_DEBUG0("BTA_DM_BLE_PASSKEY_REQ_EVT. "); 1552 btif_dm_ble_passkey_req_evt(&p_data->pin_req); 1553 break; 1554 case BTA_DM_BLE_OOB_REQ_EVT: 1555 BTIF_TRACE_DEBUG0("BTA_DM_BLE_OOB_REQ_EVT. "); 1556 break; 1557 case BTA_DM_BLE_LOCAL_IR_EVT: 1558 BTIF_TRACE_DEBUG0("BTA_DM_BLE_LOCAL_IR_EVT. "); 1559 ble_local_key_cb.is_id_keys_rcvd = TRUE; 1560 memcpy(&ble_local_key_cb.id_keys.irk[0], &p_data->ble_id_keys.irk[0], sizeof(BT_OCTET16)); 1561 memcpy(&ble_local_key_cb.id_keys.ir[0], &p_data->ble_id_keys.ir[0], sizeof(BT_OCTET16)); 1562 memcpy(&ble_local_key_cb.id_keys.dhk[0], &p_data->ble_id_keys.dhk[0], sizeof(BT_OCTET16)); 1563 btif_storage_add_ble_local_key( (char *)&ble_local_key_cb.id_keys.irk[0], 1564 BTIF_DM_LE_LOCAL_KEY_IR, 1565 BT_OCTET16_LEN); 1566 btif_storage_add_ble_local_key( (char *)&ble_local_key_cb.id_keys.ir[0], 1567 BTIF_DM_LE_LOCAL_KEY_IRK, 1568 BT_OCTET16_LEN); 1569 btif_storage_add_ble_local_key( (char *)&ble_local_key_cb.id_keys.dhk[0], 1570 BTIF_DM_LE_LOCAL_KEY_DHK, 1571 BT_OCTET16_LEN); 1572 break; 1573 case BTA_DM_BLE_LOCAL_ER_EVT: 1574 BTIF_TRACE_DEBUG0("BTA_DM_BLE_LOCAL_ER_EVT. "); 1575 ble_local_key_cb.is_er_rcvd = TRUE; 1576 memcpy(&ble_local_key_cb.er[0], &p_data->ble_er[0], sizeof(BT_OCTET16)); 1577 btif_storage_add_ble_local_key( (char *)&ble_local_key_cb.er[0], 1578 BTIF_DM_LE_LOCAL_KEY_ER, 1579 BT_OCTET16_LEN); 1580 break; 1581 1582 case BTA_DM_BLE_AUTH_CMPL_EVT: 1583 BTIF_TRACE_DEBUG0("BTA_DM_BLE_KEY_EVT. "); 1584 btif_dm_ble_auth_cmpl_evt(&p_data->auth_cmpl); 1585 break; 1586 #endif 1587 1588 case BTA_DM_AUTHORIZE_EVT: 1589 case BTA_DM_SIG_STRENGTH_EVT: 1590 case BTA_DM_SP_RMT_OOB_EVT: 1591 case BTA_DM_SP_KEYPRESS_EVT: 1592 case BTA_DM_ROLE_CHG_EVT: 1593 1594 default: 1595 BTIF_TRACE_WARNING1( "btif_dm_cback : unhandled event (%d)", event ); 1596 break; 1597 } 1598 } /* btui_security_cback() */ 1599 1600 1601 /******************************************************************************* 1602 ** 1603 ** Function btif_dm_generic_evt 1604 ** 1605 ** Description Executes non-BTA upstream events in BTIF context 1606 ** 1607 ** Returns void 1608 ** 1609 *******************************************************************************/ 1610 static void btif_dm_generic_evt(UINT16 event, char* p_param) 1611 { 1612 BTIF_TRACE_EVENT2("%s: event=%d", __FUNCTION__, event); 1613 switch(event) 1614 { 1615 case BTIF_DM_CB_DISCOVERY_STARTED: 1616 { 1617 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, BT_DISCOVERY_STARTED); 1618 } 1619 break; 1620 1621 case BTIF_DM_CB_CREATE_BOND: 1622 { 1623 btif_dm_cb_create_bond((bt_bdaddr_t *)p_param); 1624 } 1625 break; 1626 1627 case BTIF_DM_CB_REMOVE_BOND: 1628 { 1629 btif_dm_cb_remove_bond((bt_bdaddr_t *)p_param); 1630 } 1631 break; 1632 1633 case BTIF_DM_CB_HID_REMOTE_NAME: 1634 { 1635 btif_dm_cb_hid_remote_name((tBTM_REMOTE_DEV_NAME *)p_param); 1636 } 1637 break; 1638 1639 case BTIF_DM_CB_BOND_STATE_BONDING: 1640 { 1641 bond_state_changed(BT_STATUS_SUCCESS, (bt_bdaddr_t *)p_param, BT_BOND_STATE_BONDING); 1642 } 1643 break; 1644 case BTIF_DM_CB_LE_TX_TEST: 1645 case BTIF_DM_CB_LE_RX_TEST: 1646 { 1647 uint8_t status; 1648 STREAM_TO_UINT8(status, p_param); 1649 HAL_CBACK(bt_hal_cbacks, le_test_mode_cb, 1650 (status == 0) ? BT_STATUS_SUCCESS : BT_STATUS_FAIL, 0); 1651 } 1652 break; 1653 case BTIF_DM_CB_LE_TEST_END: 1654 { 1655 uint8_t status; 1656 uint16_t count = 0; 1657 STREAM_TO_UINT8(status, p_param); 1658 if (status == 0) 1659 STREAM_TO_UINT16(count, p_param); 1660 HAL_CBACK(bt_hal_cbacks, le_test_mode_cb, 1661 (status == 0) ? BT_STATUS_SUCCESS : BT_STATUS_FAIL, count); 1662 } 1663 break; 1664 default: 1665 { 1666 BTIF_TRACE_WARNING2("%s : Unknown event 0x%x", __FUNCTION__, event); 1667 } 1668 break; 1669 } 1670 } 1671 1672 /******************************************************************************* 1673 ** 1674 ** Function bte_dm_evt 1675 ** 1676 ** Description Switches context from BTE to BTIF for all DM events 1677 ** 1678 ** Returns void 1679 ** 1680 *******************************************************************************/ 1681 1682 void bte_dm_evt(tBTA_DM_SEC_EVT event, tBTA_DM_SEC *p_data) 1683 { 1684 bt_status_t status; 1685 1686 /* switch context to btif task context (copy full union size for convenience) */ 1687 status = btif_transfer_context(btif_dm_upstreams_evt, (uint16_t)event, (void*)p_data, sizeof(tBTA_DM_SEC), NULL); 1688 1689 /* catch any failed context transfers */ 1690 ASSERTC(status == BT_STATUS_SUCCESS, "context transfer failed", status); 1691 } 1692 1693 /******************************************************************************* 1694 ** 1695 ** Function bte_search_devices_evt 1696 ** 1697 ** Description Switches context from BTE to BTIF for DM search events 1698 ** 1699 ** Returns void 1700 ** 1701 *******************************************************************************/ 1702 static void bte_search_devices_evt(tBTA_DM_SEARCH_EVT event, tBTA_DM_SEARCH *p_data) 1703 { 1704 UINT16 param_len = 0; 1705 1706 if (p_data) 1707 param_len += sizeof(tBTA_DM_SEARCH); 1708 /* Allocate buffer to hold the pointers (deep copy). The pointers will point to the end of the tBTA_DM_SEARCH */ 1709 switch (event) 1710 { 1711 case BTA_DM_INQ_RES_EVT: 1712 { 1713 if (p_data->inq_res.p_eir) 1714 param_len += HCI_EXT_INQ_RESPONSE_LEN; 1715 } 1716 break; 1717 1718 case BTA_DM_DISC_RES_EVT: 1719 { 1720 if (p_data->disc_res.raw_data_size && p_data->disc_res.p_raw_data) 1721 param_len += p_data->disc_res.raw_data_size; 1722 } 1723 break; 1724 } 1725 BTIF_TRACE_DEBUG3("%s event=%s param_len=%d", __FUNCTION__, dump_dm_search_event(event), param_len); 1726 1727 /* if remote name is available in EIR, set teh flag so that stack doesnt trigger RNR */ 1728 if (event == BTA_DM_INQ_RES_EVT) 1729 p_data->inq_res.remt_name_not_required = check_eir_remote_name(p_data, NULL, NULL); 1730 1731 btif_transfer_context (btif_dm_search_devices_evt , (UINT16) event, (void *)p_data, param_len, 1732 (param_len > sizeof(tBTA_DM_SEARCH)) ? search_devices_copy_cb : NULL); 1733 } 1734 1735 /******************************************************************************* 1736 ** 1737 ** Function bte_dm_search_services_evt 1738 ** 1739 ** Description Switches context from BTE to BTIF for DM search services 1740 ** event 1741 ** 1742 ** Returns void 1743 ** 1744 *******************************************************************************/ 1745 static void bte_dm_search_services_evt(tBTA_DM_SEARCH_EVT event, tBTA_DM_SEARCH *p_data) 1746 { 1747 UINT16 param_len = 0; 1748 if (p_data) 1749 param_len += sizeof(tBTA_DM_SEARCH); 1750 switch (event) 1751 { 1752 case BTA_DM_DISC_RES_EVT: 1753 { 1754 if ((p_data->disc_res.result == BTA_SUCCESS) && (p_data->disc_res.num_uuids > 0)) { 1755 param_len += (p_data->disc_res.num_uuids * MAX_UUID_SIZE); 1756 } 1757 } break; 1758 } 1759 /* TODO: The only other member that needs a deep copy is the p_raw_data. But not sure 1760 * if raw_data is needed. */ 1761 btif_transfer_context(btif_dm_search_services_evt, event, (char*)p_data, param_len, 1762 (param_len > sizeof(tBTA_DM_SEARCH)) ? search_services_copy_cb : NULL); 1763 } 1764 1765 /******************************************************************************* 1766 ** 1767 ** Function bte_dm_remote_service_record_evt 1768 ** 1769 ** Description Switches context from BTE to BTIF for DM search service 1770 ** record event 1771 ** 1772 ** Returns void 1773 ** 1774 *******************************************************************************/ 1775 static void bte_dm_remote_service_record_evt(tBTA_DM_SEARCH_EVT event, tBTA_DM_SEARCH *p_data) 1776 { 1777 /* TODO: The only member that needs a deep copy is the p_raw_data. But not sure yet if this is needed. */ 1778 btif_transfer_context(btif_dm_remote_service_record_evt, event, (char*)p_data, sizeof(tBTA_DM_SEARCH), NULL); 1779 } 1780 1781 /***************************************************************************** 1782 ** 1783 ** btif api functions (no context switch) 1784 ** 1785 *****************************************************************************/ 1786 1787 /******************************************************************************* 1788 ** 1789 ** Function btif_dm_start_discovery 1790 ** 1791 ** Description Start device discovery/inquiry 1792 ** 1793 ** Returns bt_status_t 1794 ** 1795 *******************************************************************************/ 1796 bt_status_t btif_dm_start_discovery(void) 1797 { 1798 tBTA_DM_INQ inq_params; 1799 tBTA_SERVICE_MASK services = 0; 1800 1801 BTIF_TRACE_EVENT1("%s", __FUNCTION__); 1802 /* TODO: Do we need to handle multiple inquiries at the same time? */ 1803 1804 /* Set inquiry params and call API */ 1805 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 1806 inq_params.mode = BTA_DM_GENERAL_INQUIRY|BTA_BLE_GENERAL_INQUIRY; 1807 #if (defined(BTA_HOST_INTERLEAVE_SEARCH) && BTA_HOST_INTERLEAVE_SEARCH == TRUE) 1808 inq_params.intl_duration[0]= BTIF_DM_INTERLEAVE_DURATION_BR_ONE; 1809 inq_params.intl_duration[1]= BTIF_DM_INTERLEAVE_DURATION_LE_ONE; 1810 inq_params.intl_duration[2]= BTIF_DM_INTERLEAVE_DURATION_BR_TWO; 1811 inq_params.intl_duration[3]= BTIF_DM_INTERLEAVE_DURATION_LE_TWO; 1812 #endif 1813 #else 1814 inq_params.mode = BTA_DM_GENERAL_INQUIRY; 1815 #endif 1816 inq_params.duration = BTIF_DM_DEFAULT_INQ_MAX_DURATION; 1817 1818 inq_params.max_resps = BTIF_DM_DEFAULT_INQ_MAX_RESULTS; 1819 inq_params.report_dup = TRUE; 1820 1821 inq_params.filter_type = BTA_DM_INQ_CLR; 1822 /* TODO: Filter device by BDA needs to be implemented here */ 1823 1824 /* Will be enabled to TRUE once inquiry busy level has been received */ 1825 btif_dm_inquiry_in_progress = FALSE; 1826 /* find nearby devices */ 1827 BTA_DmSearch(&inq_params, services, bte_search_devices_evt); 1828 1829 return BT_STATUS_SUCCESS; 1830 } 1831 1832 /******************************************************************************* 1833 ** 1834 ** Function btif_dm_cancel_discovery 1835 ** 1836 ** Description Cancels search 1837 ** 1838 ** Returns bt_status_t 1839 ** 1840 *******************************************************************************/ 1841 bt_status_t btif_dm_cancel_discovery(void) 1842 { 1843 BTIF_TRACE_EVENT1("%s", __FUNCTION__); 1844 BTA_DmSearchCancel(); 1845 return BT_STATUS_SUCCESS; 1846 } 1847 1848 /******************************************************************************* 1849 ** 1850 ** Function btif_dm_create_bond 1851 ** 1852 ** Description Initiate bonding with the specified device 1853 ** 1854 ** Returns bt_status_t 1855 ** 1856 *******************************************************************************/ 1857 bt_status_t btif_dm_create_bond(const bt_bdaddr_t *bd_addr) 1858 { 1859 bdstr_t bdstr; 1860 1861 BTIF_TRACE_EVENT2("%s: bd_addr=%s", __FUNCTION__, bd2str((bt_bdaddr_t *) bd_addr, &bdstr)); 1862 if (pairing_cb.state != BT_BOND_STATE_NONE) 1863 return BT_STATUS_BUSY; 1864 1865 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_CREATE_BOND, 1866 (char *)bd_addr, sizeof(bt_bdaddr_t), NULL); 1867 1868 return BT_STATUS_SUCCESS; 1869 } 1870 1871 /******************************************************************************* 1872 ** 1873 ** Function btif_dm_cancel_bond 1874 ** 1875 ** Description Initiate bonding with the specified device 1876 ** 1877 ** Returns bt_status_t 1878 ** 1879 *******************************************************************************/ 1880 1881 bt_status_t btif_dm_cancel_bond(const bt_bdaddr_t *bd_addr) 1882 { 1883 bdstr_t bdstr; 1884 1885 BTIF_TRACE_EVENT2("%s: bd_addr=%s", __FUNCTION__, bd2str((bt_bdaddr_t *)bd_addr, &bdstr)); 1886 1887 /* TODO: 1888 ** 1. Restore scan modes 1889 ** 2. special handling for HID devices 1890 */ 1891 if (pairing_cb.state == BT_BOND_STATE_BONDING) 1892 { 1893 1894 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 1895 1896 if (pairing_cb.is_ssp) 1897 { 1898 if (pairing_cb.is_le_only) 1899 { 1900 BTA_DmBleSecurityGrant((UINT8 *)bd_addr->address,BTA_DM_SEC_PAIR_NOT_SPT); 1901 } 1902 else 1903 BTA_DmConfirm( (UINT8 *)bd_addr->address, FALSE); 1904 } 1905 else 1906 { 1907 if (pairing_cb.is_le_only) 1908 { 1909 BTA_DmBondCancel ((UINT8 *)bd_addr->address); 1910 } 1911 else 1912 { 1913 BTA_DmPinReply( (UINT8 *)bd_addr->address, FALSE, 0, NULL); 1914 } 1915 /* Cancel bonding, in case it is in ACL connection setup state */ 1916 BTA_DmBondCancel ((UINT8 *)bd_addr->address); 1917 } 1918 1919 #else 1920 if (pairing_cb.is_ssp) 1921 { 1922 BTA_DmConfirm( (UINT8 *)bd_addr->address, FALSE); 1923 } 1924 else 1925 { 1926 BTA_DmPinReply( (UINT8 *)bd_addr->address, FALSE, 0, NULL); 1927 } 1928 /* Cancel bonding, in case it is in ACL connection setup state */ 1929 BTA_DmBondCancel ((UINT8 *)bd_addr->address); 1930 btif_storage_remove_bonded_device((bt_bdaddr_t *)bd_addr); 1931 #endif 1932 } 1933 1934 return BT_STATUS_SUCCESS; 1935 } 1936 1937 /******************************************************************************* 1938 ** 1939 ** Function btif_dm_remove_bond 1940 ** 1941 ** Description Removes bonding with the specified device 1942 ** 1943 ** Returns bt_status_t 1944 ** 1945 *******************************************************************************/ 1946 1947 bt_status_t btif_dm_remove_bond(const bt_bdaddr_t *bd_addr) 1948 { 1949 bdstr_t bdstr; 1950 1951 BTIF_TRACE_EVENT2("%s: bd_addr=%s", __FUNCTION__, bd2str((bt_bdaddr_t *)bd_addr, &bdstr)); 1952 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_REMOVE_BOND, 1953 (char *)bd_addr, sizeof(bt_bdaddr_t), NULL); 1954 1955 return BT_STATUS_SUCCESS; 1956 } 1957 1958 /******************************************************************************* 1959 ** 1960 ** Function btif_dm_pin_reply 1961 ** 1962 ** Description BT legacy pairing - PIN code reply 1963 ** 1964 ** Returns bt_status_t 1965 ** 1966 *******************************************************************************/ 1967 1968 bt_status_t btif_dm_pin_reply( const bt_bdaddr_t *bd_addr, uint8_t accept, 1969 uint8_t pin_len, bt_pin_code_t *pin_code) 1970 { 1971 BTIF_TRACE_EVENT2("%s: accept=%d", __FUNCTION__, accept); 1972 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 1973 1974 if (pairing_cb.is_le_only) 1975 { 1976 int i; 1977 UINT32 passkey = 0; 1978 int multi[] = {100000, 10000, 1000, 100, 10,1}; 1979 BD_ADDR remote_bd_addr; 1980 bdcpy(remote_bd_addr, bd_addr->address); 1981 for (i = 0; i < 6; i++) 1982 { 1983 passkey += (multi[i] * (pin_code->pin[i] - '0')); 1984 } 1985 BTIF_TRACE_DEBUG1("btif_dm_pin_reply: passkey: %d", passkey); 1986 BTA_DmBlePasskeyReply(remote_bd_addr, accept, passkey); 1987 1988 } 1989 else 1990 { 1991 BTA_DmPinReply( (UINT8 *)bd_addr->address, accept, pin_len, pin_code->pin); 1992 if (accept) 1993 pairing_cb.pin_code_len = pin_len; 1994 } 1995 #else 1996 BTA_DmPinReply( (UINT8 *)bd_addr->address, accept, pin_len, pin_code->pin); 1997 1998 if (accept) 1999 pairing_cb.pin_code_len = pin_len; 2000 #endif 2001 return BT_STATUS_SUCCESS; 2002 } 2003 2004 /******************************************************************************* 2005 ** 2006 ** Function btif_dm_ssp_reply 2007 ** 2008 ** Description BT SSP Reply - Just Works, Numeric Comparison & Passkey Entry 2009 ** 2010 ** Returns bt_status_t 2011 ** 2012 *******************************************************************************/ 2013 2014 bt_status_t btif_dm_ssp_reply(const bt_bdaddr_t *bd_addr, 2015 bt_ssp_variant_t variant, uint8_t accept, 2016 uint32_t passkey) 2017 { 2018 if (variant == BT_SSP_VARIANT_PASSKEY_ENTRY) 2019 { 2020 /* This is not implemented in the stack. 2021 * For devices with display, this is not needed 2022 */ 2023 BTIF_TRACE_WARNING1("%s: Not implemented", __FUNCTION__); 2024 return BT_STATUS_FAIL; 2025 } 2026 /* BT_SSP_VARIANT_CONSENT & BT_SSP_VARIANT_PASSKEY_CONFIRMATION supported */ 2027 BTIF_TRACE_EVENT2("%s: accept=%d", __FUNCTION__, accept); 2028 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 2029 if (pairing_cb.is_le_only) 2030 { 2031 if (accept) 2032 BTA_DmBleSecurityGrant((UINT8 *)bd_addr->address,BTA_DM_SEC_GRANTED); 2033 else 2034 BTA_DmBleSecurityGrant((UINT8 *)bd_addr->address,BTA_DM_SEC_PAIR_NOT_SPT); 2035 } 2036 else 2037 BTA_DmConfirm( (UINT8 *)bd_addr->address, accept); 2038 2039 #else 2040 BTA_DmConfirm( (UINT8 *)bd_addr->address, accept); 2041 #endif 2042 return BT_STATUS_SUCCESS; 2043 } 2044 2045 /******************************************************************************* 2046 ** 2047 ** Function btif_dm_get_adapter_property 2048 ** 2049 ** Description Queries the BTA for the adapter property 2050 ** 2051 ** Returns bt_status_t 2052 ** 2053 *******************************************************************************/ 2054 bt_status_t btif_dm_get_adapter_property(bt_property_t *prop) 2055 { 2056 bt_status_t status; 2057 2058 BTIF_TRACE_EVENT2("%s: type=0x%x", __FUNCTION__, prop->type); 2059 switch (prop->type) 2060 { 2061 case BT_PROPERTY_BDNAME: 2062 { 2063 bt_bdname_t *bd_name = (bt_bdname_t*)prop->val; 2064 strcpy((char *)bd_name->name, btif_get_default_local_name()); 2065 prop->len = strlen((char *)bd_name->name); 2066 } 2067 break; 2068 2069 case BT_PROPERTY_ADAPTER_SCAN_MODE: 2070 { 2071 /* if the storage does not have it. Most likely app never set it. Default is NONE */ 2072 bt_scan_mode_t *mode = (bt_scan_mode_t*)prop->val; 2073 *mode = BT_SCAN_MODE_NONE; 2074 prop->len = sizeof(bt_scan_mode_t); 2075 } 2076 break; 2077 2078 case BT_PROPERTY_ADAPTER_DISCOVERY_TIMEOUT: 2079 { 2080 uint32_t *tmt = (uint32_t*)prop->val; 2081 *tmt = 120; /* default to 120s, if not found in NV */ 2082 prop->len = sizeof(uint32_t); 2083 } 2084 break; 2085 2086 default: 2087 prop->len = 0; 2088 return BT_STATUS_FAIL; 2089 } 2090 return BT_STATUS_SUCCESS; 2091 } 2092 2093 /******************************************************************************* 2094 ** 2095 ** Function btif_dm_get_remote_services 2096 ** 2097 ** Description Start SDP to get remote services 2098 ** 2099 ** Returns bt_status_t 2100 ** 2101 *******************************************************************************/ 2102 bt_status_t btif_dm_get_remote_services(bt_bdaddr_t *remote_addr) 2103 { 2104 bdstr_t bdstr; 2105 2106 BTIF_TRACE_EVENT2("%s: remote_addr=%s", __FUNCTION__, bd2str(remote_addr, &bdstr)); 2107 2108 BTA_DmDiscover(remote_addr->address, BTA_ALL_SERVICE_MASK, 2109 bte_dm_search_services_evt, TRUE); 2110 2111 return BT_STATUS_SUCCESS; 2112 } 2113 2114 /******************************************************************************* 2115 ** 2116 ** Function btif_dm_get_remote_service_record 2117 ** 2118 ** Description Start SDP to get remote service record 2119 ** 2120 ** 2121 ** Returns bt_status_t 2122 *******************************************************************************/ 2123 bt_status_t btif_dm_get_remote_service_record(bt_bdaddr_t *remote_addr, 2124 bt_uuid_t *uuid) 2125 { 2126 tSDP_UUID sdp_uuid; 2127 bdstr_t bdstr; 2128 2129 BTIF_TRACE_EVENT2("%s: remote_addr=%s", __FUNCTION__, bd2str(remote_addr, &bdstr)); 2130 2131 sdp_uuid.len = MAX_UUID_SIZE; 2132 memcpy(sdp_uuid.uu.uuid128, uuid->uu, MAX_UUID_SIZE); 2133 2134 BTA_DmDiscoverUUID(remote_addr->address, &sdp_uuid, 2135 bte_dm_remote_service_record_evt, TRUE); 2136 2137 return BT_STATUS_SUCCESS; 2138 } 2139 2140 void btif_dm_execute_service_request(UINT16 event, char *p_param) 2141 { 2142 BOOLEAN b_enable = FALSE; 2143 bt_status_t status; 2144 if (event == BTIF_DM_ENABLE_SERVICE) 2145 { 2146 b_enable = TRUE; 2147 } 2148 status = btif_in_execute_service_request(*((tBTA_SERVICE_ID*)p_param), b_enable); 2149 if (status == BT_STATUS_SUCCESS) 2150 { 2151 bt_property_t property; 2152 bt_uuid_t local_uuids[BT_MAX_NUM_UUIDS]; 2153 2154 /* Now send the UUID_PROPERTY_CHANGED event to the upper layer */ 2155 BTIF_STORAGE_FILL_PROPERTY(&property, BT_PROPERTY_UUIDS, 2156 sizeof(local_uuids), local_uuids); 2157 btif_storage_get_adapter_property(&property); 2158 HAL_CBACK(bt_hal_cbacks, adapter_properties_cb, 2159 BT_STATUS_SUCCESS, 1, &property); 2160 } 2161 return; 2162 } 2163 2164 #if (BTM_OOB_INCLUDED == TRUE) 2165 void btif_dm_set_oob_for_io_req(tBTA_OOB_DATA *p_oob_data) 2166 { 2167 if (oob_cb.sp_c[0] == 0 && oob_cb.sp_c[1] == 0 && 2168 oob_cb.sp_c[2] == 0 && oob_cb.sp_c[3] == 0 ) 2169 { 2170 *p_oob_data = FALSE; 2171 } 2172 else 2173 { 2174 *p_oob_data = TRUE; 2175 } 2176 BTIF_TRACE_DEBUG1("btif_dm_set_oob_for_io_req *p_oob_data=%d", *p_oob_data); 2177 } 2178 #endif /* BTM_OOB_INCLUDED */ 2179 2180 #ifdef BTIF_DM_OOB_TEST 2181 void btif_dm_load_local_oob(void) 2182 { 2183 char prop_oob[PROPERTY_VALUE_MAX]; 2184 property_get("service.brcm.bt.oob", prop_oob, "3"); 2185 BTIF_TRACE_DEBUG1("btif_dm_load_local_oob prop_oob = %s",prop_oob); 2186 if (prop_oob[0] != '3') 2187 { 2188 #if (BTM_OOB_INCLUDED == TRUE) 2189 if (oob_cb.sp_c[0] == 0 && oob_cb.sp_c[1] == 0 && 2190 oob_cb.sp_c[2] == 0 && oob_cb.sp_c[3] == 0 ) 2191 { 2192 BTIF_TRACE_DEBUG0("btif_dm_load_local_oob: read OOB, call BTA_DmLocalOob()"); 2193 BTA_DmLocalOob(); 2194 } 2195 #else 2196 BTIF_TRACE_ERROR0("BTM_OOB_INCLUDED is FALSE!!(btif_dm_load_local_oob)"); 2197 #endif 2198 } 2199 } 2200 2201 void btif_dm_proc_loc_oob(BOOLEAN valid, BT_OCTET16 c, BT_OCTET16 r) 2202 { 2203 FILE *fp; 2204 char *path_a = "/data/misc/bluedroid/LOCAL/a.key"; 2205 char *path_b = "/data/misc/bluedroid/LOCAL/b.key"; 2206 char *path = NULL; 2207 char prop_oob[PROPERTY_VALUE_MAX]; 2208 BTIF_TRACE_DEBUG1("btif_dm_proc_loc_oob: valid=%d", valid); 2209 if (oob_cb.sp_c[0] == 0 && oob_cb.sp_c[1] == 0 && 2210 oob_cb.sp_c[2] == 0 && oob_cb.sp_c[3] == 0 && 2211 valid) 2212 { 2213 BTIF_TRACE_DEBUG0("save local OOB data in memory"); 2214 memcpy(oob_cb.sp_c, c, BT_OCTET16_LEN); 2215 memcpy(oob_cb.sp_r, r, BT_OCTET16_LEN); 2216 property_get("service.brcm.bt.oob", prop_oob, "3"); 2217 BTIF_TRACE_DEBUG1("btif_dm_proc_loc_oob prop_oob = %s",prop_oob); 2218 if (prop_oob[0] == '1') 2219 path = path_a; 2220 else if (prop_oob[0] == '2') 2221 path = path_b; 2222 if (path) 2223 { 2224 fp = fopen(path, "wb+"); 2225 if (fp == NULL) 2226 { 2227 BTIF_TRACE_DEBUG1("btif_dm_proc_loc_oob: failed to save local OOB data to %s", path); 2228 } 2229 else 2230 { 2231 BTIF_TRACE_DEBUG1("btif_dm_proc_loc_oob: save local OOB data into file %s",path); 2232 fwrite (c , 1 , BT_OCTET16_LEN , fp ); 2233 fwrite (r , 1 , BT_OCTET16_LEN , fp ); 2234 fclose(fp); 2235 } 2236 } 2237 } 2238 } 2239 BOOLEAN btif_dm_proc_rmt_oob(BD_ADDR bd_addr, BT_OCTET16 p_c, BT_OCTET16 p_r) 2240 { 2241 char t[128]; 2242 FILE *fp; 2243 char *path_a = "/data/misc/bluedroid/LOCAL/a.key"; 2244 char *path_b = "/data/misc/bluedroid/LOCAL/b.key"; 2245 char *path = NULL; 2246 char prop_oob[PROPERTY_VALUE_MAX]; 2247 BOOLEAN result = FALSE; 2248 bt_bdaddr_t bt_bd_addr; 2249 bdcpy(oob_cb.oob_bdaddr, bd_addr); 2250 property_get("service.brcm.bt.oob", prop_oob, "3"); 2251 BTIF_TRACE_DEBUG1("btif_dm_proc_rmt_oob prop_oob = %s",prop_oob); 2252 if (prop_oob[0] == '1') 2253 path = path_b; 2254 else if (prop_oob[0] == '2') 2255 path = path_a; 2256 if (path) 2257 { 2258 fp = fopen(path, "rb"); 2259 if (fp == NULL) 2260 { 2261 BTIF_TRACE_DEBUG1("btapp_dm_rmt_oob_reply: failed to read OOB keys from %s",path); 2262 return FALSE; 2263 } 2264 else 2265 { 2266 BTIF_TRACE_DEBUG1("btif_dm_proc_rmt_oob: read OOB data from %s",path); 2267 fread (p_c , 1 , BT_OCTET16_LEN , fp ); 2268 fread (p_r , 1 , BT_OCTET16_LEN , fp ); 2269 fclose(fp); 2270 } 2271 BTIF_TRACE_DEBUG0("----btif_dm_proc_rmt_oob: TRUE"); 2272 sprintf(t, "%02x:%02x:%02x:%02x:%02x:%02x", 2273 oob_cb.oob_bdaddr[0], oob_cb.oob_bdaddr[1], oob_cb.oob_bdaddr[2], 2274 oob_cb.oob_bdaddr[3], oob_cb.oob_bdaddr[4], oob_cb.oob_bdaddr[5]); 2275 BTIF_TRACE_DEBUG1("----btif_dm_proc_rmt_oob: peer_bdaddr = %s", t); 2276 sprintf(t, "%02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x", 2277 p_c[0], p_c[1], p_c[2], p_c[3], p_c[4], p_c[5], p_c[6], p_c[7], 2278 p_c[8], p_c[9], p_c[10], p_c[11], p_c[12], p_c[13], p_c[14], p_c[15]); 2279 BTIF_TRACE_DEBUG1("----btif_dm_proc_rmt_oob: c = %s",t); 2280 sprintf(t, "%02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x", 2281 p_r[0], p_r[1], p_r[2], p_r[3], p_r[4], p_r[5], p_r[6], p_r[7], 2282 p_r[8], p_r[9], p_r[10], p_r[11], p_r[12], p_r[13], p_r[14], p_r[15]); 2283 BTIF_TRACE_DEBUG1("----btif_dm_proc_rmt_oob: r = %s",t); 2284 bdcpy(bt_bd_addr.address, bd_addr); 2285 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_BOND_STATE_BONDING, 2286 (char *)&bt_bd_addr, sizeof(bt_bdaddr_t), NULL); 2287 result = TRUE; 2288 } 2289 BTIF_TRACE_DEBUG1("btif_dm_proc_rmt_oob result=%d",result); 2290 return result; 2291 } 2292 #endif /* BTIF_DM_OOB_TEST */ 2293 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 2294 2295 static void btif_dm_ble_key_notif_evt(tBTA_DM_SP_KEY_NOTIF *p_ssp_key_notif) 2296 { 2297 bt_bdaddr_t bd_addr; 2298 bt_bdname_t bd_name; 2299 UINT32 cod; 2300 2301 BTIF_TRACE_DEBUG1("%s", __FUNCTION__); 2302 2303 /* Remote name update */ 2304 btif_update_remote_properties(p_ssp_key_notif->bd_addr , p_ssp_key_notif->bd_name, 2305 NULL, BT_DEVICE_TYPE_BLE); 2306 bdcpy(bd_addr.address, p_ssp_key_notif->bd_addr); 2307 memcpy(bd_name.name, p_ssp_key_notif->bd_name, BD_NAME_LEN); 2308 2309 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING); 2310 pairing_cb.is_ssp = FALSE; 2311 cod = COD_UNCLASSIFIED; 2312 2313 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, 2314 cod, BT_SSP_VARIANT_PASSKEY_NOTIFICATION, 2315 p_ssp_key_notif->passkey); 2316 } 2317 2318 /******************************************************************************* 2319 ** 2320 ** Function btif_dm_ble_auth_cmpl_evt 2321 ** 2322 ** Description Executes authentication complete event in btif context 2323 ** 2324 ** Returns void 2325 ** 2326 *******************************************************************************/ 2327 static void btif_dm_ble_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl) 2328 { 2329 /* Save link key, if not temporary */ 2330 bt_bdaddr_t bd_addr; 2331 bt_status_t status = BT_STATUS_FAIL; 2332 bt_bond_state_t state = BT_BOND_STATE_NONE; 2333 2334 bdcpy(bd_addr.address, p_auth_cmpl->bd_addr); 2335 if ( (p_auth_cmpl->success == TRUE) && (p_auth_cmpl->key_present) ) 2336 { 2337 /* store keys */ 2338 } 2339 if (p_auth_cmpl->success) 2340 { 2341 status = BT_STATUS_SUCCESS; 2342 state = BT_BOND_STATE_BONDED; 2343 2344 btif_dm_save_ble_bonding_keys(); 2345 BTA_GATTC_Refresh(bd_addr.address); 2346 btif_dm_get_remote_services(&bd_addr); 2347 } 2348 else 2349 { 2350 /*Map the HCI fail reason to bt status */ 2351 switch (p_auth_cmpl->fail_reason) 2352 { 2353 default: 2354 btif_dm_remove_ble_bonding_keys(); 2355 status = BT_STATUS_FAIL; 2356 break; 2357 } 2358 } 2359 bond_state_changed(status, &bd_addr, state); 2360 } 2361 2362 2363 2364 void btif_dm_load_ble_local_keys(void) 2365 { 2366 bt_status_t bt_status; 2367 2368 memset(&ble_local_key_cb, 0, sizeof(btif_dm_local_key_cb_t)); 2369 2370 if (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_ER,(char*)&ble_local_key_cb.er[0], 2371 BT_OCTET16_LEN)== BT_STATUS_SUCCESS) 2372 { 2373 ble_local_key_cb.is_er_rcvd = TRUE; 2374 BTIF_TRACE_DEBUG1("%s BLE ER key loaded",__FUNCTION__ ); 2375 } 2376 2377 if ((btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_IR,(char*)&ble_local_key_cb.id_keys.ir[0], 2378 BT_OCTET16_LEN)== BT_STATUS_SUCCESS )&& 2379 (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_IRK, (char*)&ble_local_key_cb.id_keys.irk[0], 2380 BT_OCTET16_LEN)== BT_STATUS_SUCCESS)&& 2381 (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_DHK,(char*)&ble_local_key_cb.id_keys.dhk[0], 2382 BT_OCTET16_LEN)== BT_STATUS_SUCCESS)) 2383 { 2384 ble_local_key_cb.is_id_keys_rcvd = TRUE; 2385 BTIF_TRACE_DEBUG1("%s BLE ID keys loaded",__FUNCTION__ ); 2386 } 2387 2388 } 2389 void btif_dm_get_ble_local_keys(tBTA_DM_BLE_LOCAL_KEY_MASK *p_key_mask, BT_OCTET16 er, 2390 tBTA_BLE_LOCAL_ID_KEYS *p_id_keys) 2391 { 2392 if (ble_local_key_cb.is_er_rcvd ) 2393 { 2394 memcpy(&er[0], &ble_local_key_cb.er[0], sizeof(BT_OCTET16)); 2395 *p_key_mask |= BTA_BLE_LOCAL_KEY_TYPE_ER; 2396 } 2397 2398 if (ble_local_key_cb.is_id_keys_rcvd) 2399 { 2400 memcpy(&p_id_keys->ir[0], &ble_local_key_cb.id_keys.ir[0], sizeof(BT_OCTET16)); 2401 memcpy(&p_id_keys->irk[0], &ble_local_key_cb.id_keys.irk[0], sizeof(BT_OCTET16)); 2402 memcpy(&p_id_keys->dhk[0], &ble_local_key_cb.id_keys.dhk[0], sizeof(BT_OCTET16)); 2403 *p_key_mask |= BTA_BLE_LOCAL_KEY_TYPE_ID; 2404 } 2405 BTIF_TRACE_DEBUG2("%s *p_key_mask=0x%02x",__FUNCTION__, *p_key_mask); 2406 } 2407 2408 void btif_dm_save_ble_bonding_keys(void) 2409 { 2410 2411 bt_bdaddr_t bd_addr; 2412 2413 BTIF_TRACE_DEBUG1("%s",__FUNCTION__ ); 2414 2415 bdcpy(bd_addr.address, pairing_cb.bd_addr); 2416 2417 if (pairing_cb.ble.is_penc_key_rcvd) 2418 { 2419 btif_storage_add_ble_bonding_key(&bd_addr, 2420 (char *) &pairing_cb.ble.penc_key, 2421 BTIF_DM_LE_KEY_PENC, 2422 sizeof(btif_dm_ble_penc_keys_t)); 2423 } 2424 2425 if (pairing_cb.ble.is_pid_key_rcvd) 2426 { 2427 btif_storage_add_ble_bonding_key(&bd_addr, 2428 (char *) &pairing_cb.ble.pid_key[0], 2429 BTIF_DM_LE_KEY_PID, 2430 BT_OCTET16_LEN); 2431 } 2432 2433 2434 if (pairing_cb.ble.is_pcsrk_key_rcvd) 2435 { 2436 btif_storage_add_ble_bonding_key(&bd_addr, 2437 (char *) &pairing_cb.ble.pcsrk_key, 2438 BTIF_DM_LE_KEY_PCSRK, 2439 sizeof(btif_dm_ble_pcsrk_keys_t)); 2440 } 2441 2442 2443 if (pairing_cb.ble.is_lenc_key_rcvd) 2444 { 2445 btif_storage_add_ble_bonding_key(&bd_addr, 2446 (char *) &pairing_cb.ble.lenc_key, 2447 BTIF_DM_LE_KEY_LENC, 2448 sizeof(btif_dm_ble_lenc_keys_t)); 2449 } 2450 2451 if (pairing_cb.ble.is_lcsrk_key_rcvd) 2452 { 2453 btif_storage_add_ble_bonding_key(&bd_addr, 2454 (char *) &pairing_cb.ble.lcsrk_key, 2455 BTIF_DM_LE_KEY_LCSRK, 2456 sizeof(btif_dm_ble_lcsrk_keys_t)); 2457 } 2458 2459 } 2460 2461 2462 void btif_dm_remove_ble_bonding_keys(void) 2463 { 2464 bt_bdaddr_t bd_addr; 2465 2466 BTIF_TRACE_DEBUG1("%s",__FUNCTION__ ); 2467 2468 bdcpy(bd_addr.address, pairing_cb.bd_addr); 2469 btif_storage_remove_ble_bonding_keys(&bd_addr); 2470 } 2471 2472 2473 /******************************************************************************* 2474 ** 2475 ** Function btif_dm_ble_sec_req_evt 2476 ** 2477 ** Description Eprocess security request event in btif context 2478 ** 2479 ** Returns void 2480 ** 2481 *******************************************************************************/ 2482 void btif_dm_ble_sec_req_evt(tBTA_DM_BLE_SEC_REQ *p_ble_req) 2483 { 2484 bt_bdaddr_t bd_addr; 2485 bt_bdname_t bd_name; 2486 UINT32 cod; 2487 BTIF_TRACE_DEBUG1("%s", __FUNCTION__); 2488 2489 if (pairing_cb.state == BT_BOND_STATE_BONDING) 2490 { 2491 BTIF_TRACE_DEBUG1("%s Discard security request", __FUNCTION__); 2492 return; 2493 } 2494 2495 /* Remote name update */ 2496 btif_update_remote_properties(p_ble_req->bd_addr,p_ble_req->bd_name,NULL,BT_DEVICE_TYPE_BLE); 2497 2498 bdcpy(bd_addr.address, p_ble_req->bd_addr); 2499 memcpy(bd_name.name, p_ble_req->bd_name, BD_NAME_LEN); 2500 2501 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING); 2502 2503 pairing_cb.is_temp = FALSE; 2504 pairing_cb.is_le_only = TRUE; 2505 pairing_cb.is_ssp = TRUE; 2506 2507 cod = COD_UNCLASSIFIED; 2508 2509 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod, 2510 BT_SSP_VARIANT_CONSENT, 0); 2511 } 2512 2513 2514 2515 /******************************************************************************* 2516 ** 2517 ** Function btif_dm_ble_passkey_req_evt 2518 ** 2519 ** Description Executes pin request event in btif context 2520 ** 2521 ** Returns void 2522 ** 2523 *******************************************************************************/ 2524 static void btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ *p_pin_req) 2525 { 2526 bt_bdaddr_t bd_addr; 2527 bt_bdname_t bd_name; 2528 UINT32 cod; 2529 2530 /* Remote name update */ 2531 btif_update_remote_properties(p_pin_req->bd_addr,p_pin_req->bd_name,NULL,BT_DEVICE_TYPE_BLE); 2532 2533 bdcpy(bd_addr.address, p_pin_req->bd_addr); 2534 memcpy(bd_name.name, p_pin_req->bd_name, BD_NAME_LEN); 2535 2536 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING); 2537 pairing_cb.is_le_only = TRUE; 2538 2539 cod = COD_UNCLASSIFIED; 2540 2541 HAL_CBACK(bt_hal_cbacks, pin_request_cb, 2542 &bd_addr, &bd_name, cod); 2543 } 2544 2545 2546 void btif_dm_update_ble_remote_properties( BD_ADDR bd_addr, BD_NAME bd_name, 2547 tBT_DEVICE_TYPE dev_type) 2548 { 2549 btif_update_remote_properties(bd_addr,bd_name,NULL,dev_type); 2550 } 2551 2552 static void btif_dm_ble_tx_test_cback(void *p) 2553 { 2554 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_TX_TEST, 2555 (char *)p, 1, NULL); 2556 } 2557 2558 static void btif_dm_ble_rx_test_cback(void *p) 2559 { 2560 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_RX_TEST, 2561 (char *)p, 1, NULL); 2562 } 2563 2564 static void btif_dm_ble_test_end_cback(void *p) 2565 { 2566 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_TEST_END, 2567 (char *)p, 3, NULL); 2568 } 2569 /******************************************************************************* 2570 ** 2571 ** Function btif_le_test_mode 2572 ** 2573 ** Description Sends a HCI BLE Test command to the Controller 2574 ** 2575 ** Returns BT_STATUS_SUCCESS on success 2576 ** 2577 *******************************************************************************/ 2578 bt_status_t btif_le_test_mode(uint16_t opcode, uint8_t *buf, uint8_t len) 2579 { 2580 switch (opcode) { 2581 case HCI_BLE_TRANSMITTER_TEST: 2582 if (len != 3) return BT_STATUS_PARM_INVALID; 2583 BTM_BleTransmitterTest(buf[0],buf[1],buf[2], btif_dm_ble_tx_test_cback); 2584 break; 2585 case HCI_BLE_RECEIVER_TEST: 2586 if (len != 1) return BT_STATUS_PARM_INVALID; 2587 BTM_BleReceiverTest(buf[0], btif_dm_ble_rx_test_cback); 2588 break; 2589 case HCI_BLE_TEST_END: 2590 BTM_BleTestEnd((tBTM_CMPL_CB*) btif_dm_ble_test_end_cback); 2591 break; 2592 default: 2593 BTIF_TRACE_ERROR2("%s: Unknown LE Test Mode Command 0x%x", __FUNCTION__, opcode); 2594 return BT_STATUS_UNSUPPORTED; 2595 } 2596 return BT_STATUS_SUCCESS; 2597 } 2598 2599 #endif 2600 2601 void btif_dm_on_disable() 2602 { 2603 /* cancel any pending pairing requests */ 2604 if (pairing_cb.state == BT_BOND_STATE_BONDING) 2605 { 2606 bt_bdaddr_t bd_addr; 2607 2608 BTIF_TRACE_DEBUG1("%s: Cancel pending pairing request", __FUNCTION__); 2609 bdcpy(bd_addr.address, pairing_cb.bd_addr); 2610 btif_dm_cancel_bond(&bd_addr); 2611 } 2612 } 2613 2614 static char* btif_get_default_local_name() { 2615 if (btif_default_local_name[0] == '\0') 2616 { 2617 int max_len = sizeof(btif_default_local_name) - 1; 2618 if (BTM_DEF_LOCAL_NAME[0] != '\0') 2619 { 2620 strncpy(btif_default_local_name, BTM_DEF_LOCAL_NAME, max_len); 2621 } 2622 else 2623 { 2624 char prop_model[PROPERTY_VALUE_MAX]; 2625 property_get(PROPERTY_PRODUCT_MODEL, prop_model, ""); 2626 strncpy(btif_default_local_name, prop_model, max_len); 2627 } 2628 btif_default_local_name[max_len] = '\0'; 2629 } 2630 return btif_default_local_name; 2631 } 2632
