1 /****************************************************************************** 2 * 3 * Copyright (C) 2009-2012 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19 /******************************************************************************* 20 * 21 * Filename: btif_dm.c 22 * 23 * Description: Contains Device Management (DM) related functionality 24 * 25 * 26 ******************************************************************************/ 27 28 #define LOG_TAG "bt_btif_dm" 29 30 #include "btif_dm.h" 31 32 #include <base/bind.h> 33 #include <base/logging.h> 34 #include <signal.h> 35 #include <stdio.h> 36 #include <stdlib.h> 37 #include <string.h> 38 #include <sys/types.h> 39 #include <time.h> 40 #include <unistd.h> 41 42 #include <mutex> 43 44 #include <hardware/bluetooth.h> 45 46 #include "advertise_data_parser.h" 47 #include "bt_common.h" 48 #include "bta_closure_api.h" 49 #include "bta_gatt_api.h" 50 #include "btif_api.h" 51 #include "btif_config.h" 52 #include "btif_dm.h" 53 #include "btif_hd.h" 54 #include "btif_hh.h" 55 #include "btif_sdp.h" 56 #include "btif_storage.h" 57 #include "btif_util.h" 58 #include "btu.h" 59 #include "device/include/controller.h" 60 #include "device/include/interop.h" 61 #include "include/stack_config.h" 62 #include "osi/include/allocator.h" 63 #include "osi/include/log.h" 64 #include "osi/include/metrics.h" 65 #include "osi/include/osi.h" 66 #include "osi/include/properties.h" 67 #include "stack/btm/btm_int.h" 68 #include "stack_config.h" 69 70 /****************************************************************************** 71 * Constants & Macros 72 *****************************************************************************/ 73 74 #define COD_MASK 0x07FF 75 76 #define COD_UNCLASSIFIED ((0x1F) << 8) 77 #define COD_HID_KEYBOARD 0x0540 78 #define COD_HID_POINTING 0x0580 79 #define COD_HID_COMBO 0x05C0 80 #define COD_HID_MAJOR 0x0500 81 #define COD_HID_MASK 0x0700 82 #define COD_AV_HEADSETS 0x0404 83 #define COD_AV_HANDSFREE 0x0408 84 #define COD_AV_HEADPHONES 0x0418 85 #define COD_AV_PORTABLE_AUDIO 0x041C 86 #define COD_AV_HIFI_AUDIO 0x0428 87 88 #define BTIF_DM_DEFAULT_INQ_MAX_RESULTS 0 89 #define BTIF_DM_DEFAULT_INQ_MAX_DURATION 10 90 #define BTIF_DM_MAX_SDP_ATTEMPTS_AFTER_PAIRING 2 91 92 #define NUM_TIMEOUT_RETRIES 5 93 94 #define PROPERTY_PRODUCT_MODEL "ro.product.model" 95 #define DEFAULT_LOCAL_NAME_MAX 31 96 #if (DEFAULT_LOCAL_NAME_MAX > BTM_MAX_LOC_BD_NAME_LEN) 97 #error "default btif local name size exceeds stack supported length" 98 #endif 99 100 #if (BTA_HOST_INTERLEAVE_SEARCH == TRUE) 101 #define BTIF_DM_INTERLEAVE_DURATION_BR_ONE 2 102 #define BTIF_DM_INTERLEAVE_DURATION_LE_ONE 2 103 #define BTIF_DM_INTERLEAVE_DURATION_BR_TWO 3 104 #define BTIF_DM_INTERLEAVE_DURATION_LE_TWO 4 105 #endif 106 107 #define ENCRYPTED_BREDR 2 108 #define ENCRYPTED_LE 4 109 110 typedef struct { 111 bt_bond_state_t state; 112 RawAddress static_bdaddr; 113 RawAddress bd_addr; 114 tBTM_BOND_TYPE bond_type; 115 uint8_t pin_code_len; 116 uint8_t is_ssp; 117 uint8_t auth_req; 118 uint8_t io_cap; 119 uint8_t autopair_attempts; 120 uint8_t timeout_retries; 121 uint8_t is_local_initiated; 122 uint8_t sdp_attempts; 123 bool is_le_only; 124 bool is_le_nc; /* LE Numeric comparison */ 125 btif_dm_ble_cb_t ble; 126 } btif_dm_pairing_cb_t; 127 128 typedef struct { 129 uint8_t ir[BT_OCTET16_LEN]; 130 uint8_t irk[BT_OCTET16_LEN]; 131 uint8_t dhk[BT_OCTET16_LEN]; 132 } btif_dm_local_key_id_t; 133 134 typedef struct { 135 bool is_er_rcvd; 136 uint8_t er[BT_OCTET16_LEN]; 137 bool is_id_keys_rcvd; 138 btif_dm_local_key_id_t id_keys; /* ID kyes */ 139 140 } btif_dm_local_key_cb_t; 141 142 typedef struct { 143 RawAddress bd_addr; 144 BD_NAME bd_name; 145 } btif_dm_remote_name_t; 146 147 /* this structure holds optional OOB data for remote device */ 148 typedef struct { 149 RawAddress bdaddr; /* peer bdaddr */ 150 bt_out_of_band_data_t oob_data; 151 } btif_dm_oob_cb_t; 152 153 typedef struct { 154 RawAddress bdaddr; 155 uint8_t transport; /* 0=Unknown, 1=BR/EDR, 2=LE */ 156 } btif_dm_create_bond_cb_t; 157 158 typedef struct { 159 uint8_t status; 160 uint8_t ctrl_state; 161 uint64_t tx_time; 162 uint64_t rx_time; 163 uint64_t idle_time; 164 uint64_t energy_used; 165 } btif_activity_energy_info_cb_t; 166 167 typedef struct { unsigned int manufact_id; } skip_sdp_entry_t; 168 169 typedef enum { 170 BTIF_DM_FUNC_CREATE_BOND, 171 BTIF_DM_FUNC_CANCEL_BOND, 172 BTIF_DM_FUNC_REMOVE_BOND, 173 BTIF_DM_FUNC_BOND_STATE_CHANGED, 174 } bt_bond_function_t; 175 176 typedef struct { 177 RawAddress bd_addr; 178 bt_bond_function_t function; 179 bt_bond_state_t state; 180 struct timespec timestamp; 181 } btif_bond_event_t; 182 183 #define BTA_SERVICE_ID_TO_SERVICE_MASK(id) (1 << (id)) 184 185 #define UUID_HUMAN_INTERFACE_DEVICE "00001124-0000-1000-8000-00805f9b34fb" 186 187 #define MAX_BTIF_BOND_EVENT_ENTRIES 15 188 189 static skip_sdp_entry_t sdp_blacklist[] = {{76}}; // Apple Mouse and Keyboard 190 191 /* This flag will be true if HCI_Inquiry is in progress */ 192 static bool btif_dm_inquiry_in_progress = false; 193 194 /******************************************************************************* 195 * Static variables 196 ******************************************************************************/ 197 static char btif_default_local_name[DEFAULT_LOCAL_NAME_MAX + 1] = {'\0'}; 198 static uid_set_t* uid_set = NULL; 199 200 /* A circular array to keep track of the most recent bond events */ 201 static btif_bond_event_t btif_dm_bond_events[MAX_BTIF_BOND_EVENT_ENTRIES + 1]; 202 203 static std::mutex bond_event_lock; 204 205 /* |btif_num_bond_events| keeps track of the total number of events and can be 206 greater than |MAX_BTIF_BOND_EVENT_ENTRIES| */ 207 static size_t btif_num_bond_events = 0; 208 static size_t btif_events_start_index = 0; 209 static size_t btif_events_end_index = 0; 210 211 /****************************************************************************** 212 * Static functions 213 *****************************************************************************/ 214 static btif_dm_pairing_cb_t pairing_cb; 215 static btif_dm_oob_cb_t oob_cb; 216 static void btif_dm_generic_evt(uint16_t event, char* p_param); 217 static void btif_dm_cb_create_bond(const RawAddress& bd_addr, 218 tBTA_TRANSPORT transport); 219 static void btif_dm_cb_hid_remote_name(tBTM_REMOTE_DEV_NAME* p_remote_name); 220 static void btif_update_remote_properties(const RawAddress& bd_addr, 221 BD_NAME bd_name, DEV_CLASS dev_class, 222 tBT_DEVICE_TYPE dev_type); 223 static btif_dm_local_key_cb_t ble_local_key_cb; 224 static void btif_dm_ble_key_notif_evt(tBTA_DM_SP_KEY_NOTIF* p_ssp_key_notif); 225 static void btif_dm_ble_auth_cmpl_evt(tBTA_DM_AUTH_CMPL* p_auth_cmpl); 226 static void btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ* p_pin_req); 227 static void btif_dm_ble_key_nc_req_evt(tBTA_DM_SP_KEY_NOTIF* p_notif_req); 228 static void btif_dm_ble_oob_req_evt(tBTA_DM_SP_RMT_OOB* req_oob_type); 229 static void btif_dm_ble_sc_oob_req_evt(tBTA_DM_SP_RMT_OOB* req_oob_type); 230 231 static void bte_scan_filt_param_cfg_evt(uint8_t action_type, uint8_t avbl_space, 232 uint8_t ref_value, uint8_t status); 233 234 static char* btif_get_default_local_name(); 235 236 static void btif_stats_add_bond_event(const RawAddress& bd_addr, 237 bt_bond_function_t function, 238 bt_bond_state_t state); 239 240 /****************************************************************************** 241 * Externs 242 *****************************************************************************/ 243 extern bt_status_t btif_hf_execute_service(bool b_enable); 244 extern bt_status_t btif_av_execute_service(bool b_enable); 245 extern bt_status_t btif_av_sink_execute_service(bool b_enable); 246 extern bt_status_t btif_hh_execute_service(bool b_enable); 247 extern bt_status_t btif_hf_client_execute_service(bool b_enable); 248 extern bt_status_t btif_sdp_execute_service(bool b_enable); 249 extern int btif_hh_connect(const RawAddress* bd_addr); 250 extern void bta_gatt_convert_uuid16_to_uuid128(uint8_t uuid_128[LEN_UUID_128], 251 uint16_t uuid_16); 252 extern void btif_av_move_idle(RawAddress bd_addr); 253 extern bt_status_t btif_hd_execute_service(bool b_enable); 254 255 /****************************************************************************** 256 * Functions 257 *****************************************************************************/ 258 259 static bool is_empty_128bit(uint8_t* data) { 260 static const uint8_t zero[16] = {0}; 261 return !memcmp(zero, data, sizeof(zero)); 262 } 263 264 static void btif_dm_data_copy(uint16_t event, char* dst, char* src) { 265 tBTA_DM_SEC* dst_dm_sec = (tBTA_DM_SEC*)dst; 266 tBTA_DM_SEC* src_dm_sec = (tBTA_DM_SEC*)src; 267 268 if (!src_dm_sec) return; 269 270 CHECK(dst_dm_sec); 271 maybe_non_aligned_memcpy(dst_dm_sec, src_dm_sec, sizeof(*src_dm_sec)); 272 273 if (event == BTA_DM_BLE_KEY_EVT) { 274 dst_dm_sec->ble_key.p_key_value = 275 (tBTM_LE_KEY_VALUE*)osi_malloc(sizeof(tBTM_LE_KEY_VALUE)); 276 CHECK(src_dm_sec->ble_key.p_key_value); 277 memcpy(dst_dm_sec->ble_key.p_key_value, src_dm_sec->ble_key.p_key_value, 278 sizeof(tBTM_LE_KEY_VALUE)); 279 } 280 } 281 282 static void btif_dm_data_free(uint16_t event, tBTA_DM_SEC* dm_sec) { 283 if (event == BTA_DM_BLE_KEY_EVT) 284 osi_free_and_reset((void**)&dm_sec->ble_key.p_key_value); 285 } 286 287 void btif_dm_init(uid_set_t* set) { uid_set = set; } 288 289 void btif_dm_cleanup(void) { 290 if (uid_set) { 291 uid_set_destroy(uid_set); 292 uid_set = NULL; 293 } 294 } 295 296 bt_status_t btif_in_execute_service_request(tBTA_SERVICE_ID service_id, 297 bool b_enable) { 298 BTIF_TRACE_DEBUG("%s service_id: %d", __func__, service_id); 299 /* Check the service_ID and invoke the profile's BT state changed API */ 300 switch (service_id) { 301 case BTA_HFP_SERVICE_ID: 302 case BTA_HSP_SERVICE_ID: { 303 btif_hf_execute_service(b_enable); 304 } break; 305 case BTA_A2DP_SOURCE_SERVICE_ID: { 306 btif_av_execute_service(b_enable); 307 } break; 308 case BTA_A2DP_SINK_SERVICE_ID: { 309 btif_av_sink_execute_service(b_enable); 310 } break; 311 case BTA_HID_SERVICE_ID: { 312 btif_hh_execute_service(b_enable); 313 } break; 314 case BTA_HFP_HS_SERVICE_ID: { 315 btif_hf_client_execute_service(b_enable); 316 } break; 317 case BTA_SDP_SERVICE_ID: { 318 btif_sdp_execute_service(b_enable); 319 } break; 320 case BTA_HIDD_SERVICE_ID: { 321 btif_hd_execute_service(b_enable); 322 } break; 323 default: 324 BTIF_TRACE_ERROR("%s: Unknown service %d being %s", __func__, service_id, 325 (b_enable) ? "enabled" : "disabled"); 326 return BT_STATUS_FAIL; 327 } 328 return BT_STATUS_SUCCESS; 329 } 330 331 /******************************************************************************* 332 * 333 * Function check_eir_remote_name 334 * 335 * Description Check if remote name is in the EIR data 336 * 337 * Returns true if remote name found 338 * Populate p_remote_name, if provided and remote name found 339 * 340 ******************************************************************************/ 341 static bool check_eir_remote_name(tBTA_DM_SEARCH* p_search_data, 342 uint8_t* p_remote_name, 343 uint8_t* p_remote_name_len) { 344 const uint8_t* p_eir_remote_name = NULL; 345 uint8_t remote_name_len = 0; 346 347 /* Check EIR for remote name and services */ 348 if (p_search_data->inq_res.p_eir) { 349 p_eir_remote_name = AdvertiseDataParser::GetFieldByType( 350 p_search_data->inq_res.p_eir, p_search_data->inq_res.eir_len, 351 BTM_EIR_COMPLETE_LOCAL_NAME_TYPE, &remote_name_len); 352 if (!p_eir_remote_name) { 353 p_eir_remote_name = AdvertiseDataParser::GetFieldByType( 354 p_search_data->inq_res.p_eir, p_search_data->inq_res.eir_len, 355 BTM_EIR_SHORTENED_LOCAL_NAME_TYPE, &remote_name_len); 356 } 357 358 if (p_eir_remote_name) { 359 if (remote_name_len > BD_NAME_LEN) remote_name_len = BD_NAME_LEN; 360 361 if (p_remote_name && p_remote_name_len) { 362 memcpy(p_remote_name, p_eir_remote_name, remote_name_len); 363 *(p_remote_name + remote_name_len) = 0; 364 *p_remote_name_len = remote_name_len; 365 } 366 367 return true; 368 } 369 } 370 371 return false; 372 } 373 374 /******************************************************************************* 375 * 376 * Function check_cached_remote_name 377 * 378 * Description Check if remote name is in the NVRAM cache 379 * 380 * Returns true if remote name found 381 * Populate p_remote_name, if provided and remote name found 382 * 383 ******************************************************************************/ 384 static bool check_cached_remote_name(tBTA_DM_SEARCH* p_search_data, 385 uint8_t* p_remote_name, 386 uint8_t* p_remote_name_len) { 387 bt_bdname_t bdname; 388 bt_property_t prop_name; 389 390 /* check if we already have it in our btif_storage cache */ 391 392 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_BDNAME, 393 sizeof(bt_bdname_t), &bdname); 394 if (btif_storage_get_remote_device_property( 395 &p_search_data->inq_res.bd_addr, &prop_name) == BT_STATUS_SUCCESS) { 396 if (p_remote_name && p_remote_name_len) { 397 strcpy((char*)p_remote_name, (char*)bdname.name); 398 *p_remote_name_len = strlen((char*)p_remote_name); 399 } 400 return true; 401 } 402 403 return false; 404 } 405 406 static uint32_t get_cod(const RawAddress* remote_bdaddr) { 407 uint32_t remote_cod; 408 bt_property_t prop_name; 409 410 /* check if we already have it in our btif_storage cache */ 411 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_CLASS_OF_DEVICE, 412 sizeof(uint32_t), &remote_cod); 413 if (btif_storage_get_remote_device_property( 414 (RawAddress*)remote_bdaddr, &prop_name) == BT_STATUS_SUCCESS) { 415 LOG_INFO(LOG_TAG, "%s remote_cod = 0x%08x", __func__, remote_cod); 416 return remote_cod & COD_MASK; 417 } 418 419 return 0; 420 } 421 422 bool check_cod(const RawAddress* remote_bdaddr, uint32_t cod) { 423 return get_cod(remote_bdaddr) == cod; 424 } 425 426 bool check_cod_hid(const RawAddress* remote_bdaddr) { 427 return (get_cod(remote_bdaddr) & COD_HID_MASK) == COD_HID_MAJOR; 428 } 429 430 bool check_hid_le(const RawAddress* remote_bdaddr) { 431 uint32_t remote_dev_type; 432 bt_property_t prop_name; 433 434 /* check if we already have it in our btif_storage cache */ 435 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_TYPE_OF_DEVICE, 436 sizeof(uint32_t), &remote_dev_type); 437 if (btif_storage_get_remote_device_property( 438 (RawAddress*)remote_bdaddr, &prop_name) == BT_STATUS_SUCCESS) { 439 if (remote_dev_type == BT_DEVICE_DEVTYPE_BLE) { 440 if (btif_config_exist(remote_bdaddr->ToString().c_str(), "HidAppId")) 441 return true; 442 } 443 } 444 return false; 445 } 446 447 /***************************************************************************** 448 * 449 * Function check_sdp_bl 450 * 451 * Description Checks if a given device is blacklisted to skip sdp 452 * 453 * Parameters skip_sdp_entry 454 * 455 * Returns true if the device is present in blacklist, else false 456 * 457 ******************************************************************************/ 458 bool check_sdp_bl(const RawAddress* remote_bdaddr) { 459 uint16_t manufacturer = 0; 460 uint8_t lmp_ver = 0; 461 uint16_t lmp_subver = 0; 462 bt_property_t prop_name; 463 bt_remote_version_t info; 464 465 if (remote_bdaddr == NULL) return false; 466 467 /* fetch additional info about remote device used in iop query */ 468 BTM_ReadRemoteVersion(*remote_bdaddr, &lmp_ver, &manufacturer, &lmp_subver); 469 470 /* if not available yet, try fetching from config database */ 471 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_REMOTE_VERSION_INFO, 472 sizeof(bt_remote_version_t), &info); 473 474 if (btif_storage_get_remote_device_property(remote_bdaddr, &prop_name) != 475 BT_STATUS_SUCCESS) { 476 return false; 477 } 478 manufacturer = info.manufacturer; 479 480 for (unsigned int i = 0; i < ARRAY_SIZE(sdp_blacklist); i++) { 481 if (manufacturer == sdp_blacklist[i].manufact_id) return true; 482 } 483 return false; 484 } 485 486 static void bond_state_changed(bt_status_t status, const RawAddress& bd_addr, 487 bt_bond_state_t state) { 488 btif_stats_add_bond_event(bd_addr, BTIF_DM_FUNC_BOND_STATE_CHANGED, state); 489 490 // Send bonding state only once - based on outgoing/incoming we may receive 491 // duplicates 492 if ((pairing_cb.state == state) && (state == BT_BOND_STATE_BONDING)) { 493 // Cross key pairing so send callback for static address 494 if (!pairing_cb.static_bdaddr.IsEmpty()) { 495 auto tmp = bd_addr; 496 HAL_CBACK(bt_hal_cbacks, bond_state_changed_cb, status, &tmp, state); 497 } 498 return; 499 } 500 501 if (pairing_cb.bond_type == BOND_TYPE_TEMPORARY) state = BT_BOND_STATE_NONE; 502 503 BTIF_TRACE_DEBUG("%s: state=%d, prev_state=%d, sdp_attempts = %d", __func__, 504 state, pairing_cb.state, pairing_cb.sdp_attempts); 505 506 auto tmp = bd_addr; 507 HAL_CBACK(bt_hal_cbacks, bond_state_changed_cb, status, &tmp, state); 508 509 if (state == BT_BOND_STATE_BONDING) { 510 pairing_cb.state = state; 511 pairing_cb.bd_addr = bd_addr; 512 } else { 513 if (!pairing_cb.sdp_attempts) 514 memset(&pairing_cb, 0, sizeof(pairing_cb)); 515 else 516 BTIF_TRACE_DEBUG("%s: BR-EDR service discovery active", __func__); 517 } 518 } 519 520 /* store remote version in bt config to always have access 521 to it post pairing*/ 522 static void btif_update_remote_version_property(RawAddress* p_bd) { 523 bt_property_t property; 524 uint8_t lmp_ver = 0; 525 uint16_t lmp_subver = 0; 526 uint16_t mfct_set = 0; 527 tBTM_STATUS btm_status; 528 bt_remote_version_t info; 529 bt_status_t status; 530 531 btm_status = BTM_ReadRemoteVersion(*p_bd, &lmp_ver, &mfct_set, &lmp_subver); 532 533 LOG_DEBUG(LOG_TAG, "remote version info [%s]: %x, %x, %x", 534 p_bd->ToString().c_str(), lmp_ver, mfct_set, lmp_subver); 535 536 if (btm_status == BTM_SUCCESS) { 537 // Always update cache to ensure we have availability whenever BTM API is 538 // not populated 539 info.manufacturer = mfct_set; 540 info.sub_ver = lmp_subver; 541 info.version = lmp_ver; 542 BTIF_STORAGE_FILL_PROPERTY(&property, BT_PROPERTY_REMOTE_VERSION_INFO, 543 sizeof(bt_remote_version_t), &info); 544 status = btif_storage_set_remote_device_property(p_bd, &property); 545 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote version", 546 status); 547 } 548 } 549 550 static void btif_update_remote_properties(const RawAddress& bdaddr, 551 BD_NAME bd_name, DEV_CLASS dev_class, 552 tBT_DEVICE_TYPE device_type) { 553 int num_properties = 0; 554 bt_property_t properties[3]; 555 bt_status_t status; 556 uint32_t cod; 557 bt_device_type_t dev_type; 558 559 memset(properties, 0, sizeof(properties)); 560 561 /* remote name */ 562 if (strlen((const char*)bd_name)) { 563 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], BT_PROPERTY_BDNAME, 564 strlen((char*)bd_name), bd_name); 565 status = btif_storage_set_remote_device_property( 566 &bdaddr, &properties[num_properties]); 567 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device name", 568 status); 569 num_properties++; 570 } 571 572 /* class of device */ 573 cod = devclass2uint(dev_class); 574 BTIF_TRACE_DEBUG("%s cod is 0x%06x", __func__, cod); 575 if (cod == 0) { 576 /* Try to retrieve cod from storage */ 577 BTIF_TRACE_DEBUG("%s cod is 0, checking cod from storage", __func__); 578 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 579 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod); 580 status = btif_storage_get_remote_device_property( 581 &bdaddr, &properties[num_properties]); 582 BTIF_TRACE_DEBUG("%s cod retrieved from storage is 0x%06x", __func__, cod); 583 if (cod == 0) { 584 BTIF_TRACE_DEBUG("%s cod is again 0, set as unclassified", __func__); 585 cod = COD_UNCLASSIFIED; 586 } 587 } 588 589 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 590 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod); 591 status = btif_storage_set_remote_device_property(&bdaddr, 592 &properties[num_properties]); 593 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device class", 594 status); 595 num_properties++; 596 597 /* device type */ 598 bt_property_t prop_name; 599 uint8_t remote_dev_type; 600 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_TYPE_OF_DEVICE, 601 sizeof(uint8_t), &remote_dev_type); 602 if (btif_storage_get_remote_device_property(&bdaddr, &prop_name) == 603 BT_STATUS_SUCCESS) 604 dev_type = (bt_device_type_t)(remote_dev_type | device_type); 605 else 606 dev_type = (bt_device_type_t)device_type; 607 608 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 609 BT_PROPERTY_TYPE_OF_DEVICE, sizeof(dev_type), 610 &dev_type); 611 status = btif_storage_set_remote_device_property(&bdaddr, 612 &properties[num_properties]); 613 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device type", 614 status); 615 num_properties++; 616 617 auto tmp = bdaddr; 618 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, status, &tmp, 619 num_properties, properties); 620 } 621 622 /******************************************************************************* 623 * 624 * Function btif_dm_cb_hid_remote_name 625 * 626 * Description Remote name callback for HID device. Called in btif context 627 * Special handling for HID devices 628 * 629 * Returns void 630 * 631 ******************************************************************************/ 632 static void btif_dm_cb_hid_remote_name(tBTM_REMOTE_DEV_NAME* p_remote_name) { 633 BTIF_TRACE_DEBUG("%s: status=%d pairing_cb.state=%d", __func__, 634 p_remote_name->status, pairing_cb.state); 635 if (pairing_cb.state == BT_BOND_STATE_BONDING) { 636 if (p_remote_name->status == BTM_SUCCESS) { 637 bond_state_changed(BT_STATUS_SUCCESS, pairing_cb.bd_addr, 638 BT_BOND_STATE_BONDED); 639 } else 640 bond_state_changed(BT_STATUS_FAIL, pairing_cb.bd_addr, 641 BT_BOND_STATE_NONE); 642 } 643 } 644 645 /******************************************************************************* 646 * 647 * Function btif_dm_cb_create_bond 648 * 649 * Description Create bond initiated from the BTIF thread context 650 * Special handling for HID devices 651 * 652 * Returns void 653 * 654 ******************************************************************************/ 655 static void btif_dm_cb_create_bond(const RawAddress& bd_addr, 656 tBTA_TRANSPORT transport) { 657 bool is_hid = check_cod(&bd_addr, COD_HID_POINTING); 658 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 659 660 int device_type; 661 int addr_type; 662 std::string addrstr = bd_addr.ToString(); 663 const char* bdstr = addrstr.c_str(); 664 if (transport == BT_TRANSPORT_LE) { 665 if (!btif_config_get_int(bdstr, "DevType", &device_type)) { 666 btif_config_set_int(bdstr, "DevType", BT_DEVICE_TYPE_BLE); 667 } 668 if (btif_storage_get_remote_addr_type(&bd_addr, &addr_type) != 669 BT_STATUS_SUCCESS) { 670 // Try to read address type. OOB pairing might have set it earlier, but 671 // didn't store it, it defaults to BLE_ADDR_PUBLIC 672 uint8_t tmp_dev_type; 673 uint8_t tmp_addr_type; 674 BTM_ReadDevInfo(bd_addr, &tmp_dev_type, &tmp_addr_type); 675 addr_type = tmp_addr_type; 676 677 btif_storage_set_remote_addr_type(&bd_addr, addr_type); 678 } 679 } 680 if ((btif_config_get_int(bdstr, "DevType", &device_type) && 681 (btif_storage_get_remote_addr_type(&bd_addr, &addr_type) == 682 BT_STATUS_SUCCESS) && 683 (device_type & BT_DEVICE_TYPE_BLE) == BT_DEVICE_TYPE_BLE) || 684 (transport == BT_TRANSPORT_LE)) { 685 BTA_DmAddBleDevice(bd_addr, addr_type, device_type); 686 } 687 688 if (is_hid && (device_type & BT_DEVICE_TYPE_BLE) == 0) { 689 bt_status_t status; 690 status = (bt_status_t)btif_hh_connect(&bd_addr); 691 if (status != BT_STATUS_SUCCESS) 692 bond_state_changed(status, bd_addr, BT_BOND_STATE_NONE); 693 } else { 694 BTA_DmBondByTransport(bd_addr, transport); 695 } 696 /* Track originator of bond creation */ 697 pairing_cb.is_local_initiated = true; 698 } 699 700 /******************************************************************************* 701 * 702 * Function btif_dm_cb_remove_bond 703 * 704 * Description remove bond initiated from the BTIF thread context 705 * Special handling for HID devices 706 * 707 * Returns void 708 * 709 ******************************************************************************/ 710 void btif_dm_cb_remove_bond(const RawAddress* bd_addr) { 711 /*special handling for HID devices */ 712 /* VUP needs to be sent if its a HID Device. The HID HOST module will check if 713 there 714 is a valid hid connection with this bd_addr. If yes VUP will be issued.*/ 715 #if (BTA_HH_INCLUDED == TRUE) 716 if (btif_hh_virtual_unplug(bd_addr) != BT_STATUS_SUCCESS) 717 #endif 718 { 719 BTIF_TRACE_DEBUG("%s: Removing HH device", __func__); 720 BTA_DmRemoveDevice(*bd_addr); 721 } 722 } 723 724 /******************************************************************************* 725 * 726 * Function btif_dm_get_connection_state 727 * 728 * Description Returns whether the remote device is currently connected 729 * and whether encryption is active for the connection 730 * 731 * Returns 0 if not connected; 1 if connected and > 1 if connection is 732 * encrypted 733 * 734 ******************************************************************************/ 735 uint16_t btif_dm_get_connection_state(const RawAddress* bd_addr) { 736 uint16_t rc = BTA_DmGetConnectionState(*bd_addr); 737 738 if (rc != 0) { 739 uint8_t flags = 0; 740 741 BTM_GetSecurityFlagsByTransport(*bd_addr, &flags, BT_TRANSPORT_BR_EDR); 742 BTIF_TRACE_DEBUG("%s: security flags (BR/EDR)=0x%02x", __func__, flags); 743 if (flags & BTM_SEC_FLAG_ENCRYPTED) rc |= ENCRYPTED_BREDR; 744 745 BTM_GetSecurityFlagsByTransport(*bd_addr, &flags, BT_TRANSPORT_LE); 746 BTIF_TRACE_DEBUG("%s: security flags (LE)=0x%02x", __func__, flags); 747 if (flags & BTM_SEC_FLAG_ENCRYPTED) rc |= ENCRYPTED_LE; 748 } 749 750 return rc; 751 } 752 753 /******************************************************************************* 754 * 755 * Function search_devices_copy_cb 756 * 757 * Description Deep copy callback for search devices event 758 * 759 * Returns void 760 * 761 ******************************************************************************/ 762 static void search_devices_copy_cb(uint16_t event, char* p_dest, char* p_src) { 763 tBTA_DM_SEARCH* p_dest_data = (tBTA_DM_SEARCH*)p_dest; 764 tBTA_DM_SEARCH* p_src_data = (tBTA_DM_SEARCH*)p_src; 765 766 if (!p_src) return; 767 768 BTIF_TRACE_DEBUG("%s: event=%s", __func__, dump_dm_search_event(event)); 769 maybe_non_aligned_memcpy(p_dest_data, p_src_data, sizeof(*p_src_data)); 770 switch (event) { 771 case BTA_DM_INQ_RES_EVT: { 772 if (p_src_data->inq_res.p_eir) { 773 p_dest_data->inq_res.p_eir = 774 (uint8_t*)(p_dest + sizeof(tBTA_DM_SEARCH)); 775 memcpy(p_dest_data->inq_res.p_eir, p_src_data->inq_res.p_eir, 776 p_src_data->inq_res.eir_len); 777 p_dest_data->inq_res.eir_len = p_src_data->inq_res.eir_len; 778 } 779 } break; 780 781 case BTA_DM_DISC_RES_EVT: { 782 if (p_src_data->disc_res.raw_data_size && 783 p_src_data->disc_res.p_raw_data) { 784 p_dest_data->disc_res.p_raw_data = 785 (uint8_t*)(p_dest + sizeof(tBTA_DM_SEARCH)); 786 memcpy(p_dest_data->disc_res.p_raw_data, 787 p_src_data->disc_res.p_raw_data, 788 p_src_data->disc_res.raw_data_size); 789 } 790 } break; 791 } 792 } 793 794 static void search_services_copy_cb(uint16_t event, char* p_dest, char* p_src) { 795 tBTA_DM_SEARCH* p_dest_data = (tBTA_DM_SEARCH*)p_dest; 796 tBTA_DM_SEARCH* p_src_data = (tBTA_DM_SEARCH*)p_src; 797 798 if (!p_src) return; 799 maybe_non_aligned_memcpy(p_dest_data, p_src_data, sizeof(*p_src_data)); 800 switch (event) { 801 case BTA_DM_DISC_RES_EVT: { 802 if (p_src_data->disc_res.result == BTA_SUCCESS) { 803 if (p_src_data->disc_res.num_uuids > 0) { 804 p_dest_data->disc_res.p_uuid_list = 805 (uint8_t*)(p_dest + sizeof(tBTA_DM_SEARCH)); 806 memcpy(p_dest_data->disc_res.p_uuid_list, 807 p_src_data->disc_res.p_uuid_list, 808 p_src_data->disc_res.num_uuids * MAX_UUID_SIZE); 809 osi_free_and_reset((void**)&p_src_data->disc_res.p_uuid_list); 810 } 811 osi_free_and_reset((void**)&p_src_data->disc_res.p_raw_data); 812 } 813 } break; 814 } 815 } 816 /****************************************************************************** 817 * 818 * BTIF DM callback events 819 * 820 ****************************************************************************/ 821 822 /******************************************************************************* 823 * 824 * Function btif_dm_pin_req_evt 825 * 826 * Description Executes pin request event in btif context 827 * 828 * Returns void 829 * 830 ******************************************************************************/ 831 static void btif_dm_pin_req_evt(tBTA_DM_PIN_REQ* p_pin_req) { 832 bt_bdname_t bd_name; 833 uint32_t cod; 834 bt_pin_code_t pin_code; 835 int dev_type; 836 837 /* Remote properties update */ 838 if (!btif_get_device_type(p_pin_req->bd_addr, &dev_type)) { 839 dev_type = BT_DEVICE_TYPE_BREDR; 840 } 841 btif_update_remote_properties(p_pin_req->bd_addr, p_pin_req->bd_name, 842 p_pin_req->dev_class, 843 (tBT_DEVICE_TYPE)dev_type); 844 845 const RawAddress& bd_addr = p_pin_req->bd_addr; 846 memcpy(bd_name.name, p_pin_req->bd_name, BD_NAME_LEN); 847 848 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 849 850 cod = devclass2uint(p_pin_req->dev_class); 851 852 if (cod == 0) { 853 BTIF_TRACE_DEBUG("%s cod is 0, set as unclassified", __func__); 854 cod = COD_UNCLASSIFIED; 855 } 856 857 /* check for auto pair possiblity only if bond was initiated by local device 858 */ 859 if (pairing_cb.is_local_initiated && (p_pin_req->min_16_digit == false)) { 860 if (check_cod(&bd_addr, COD_AV_HEADSETS) || 861 check_cod(&bd_addr, COD_AV_HEADPHONES) || 862 check_cod(&bd_addr, COD_AV_PORTABLE_AUDIO) || 863 check_cod(&bd_addr, COD_AV_HIFI_AUDIO) || 864 check_cod(&bd_addr, COD_HID_POINTING)) { 865 /* Check if this device can be auto paired */ 866 if (!interop_match_addr(INTEROP_DISABLE_AUTO_PAIRING, &bd_addr) && 867 !interop_match_name(INTEROP_DISABLE_AUTO_PAIRING, 868 (const char*)bd_name.name) && 869 (pairing_cb.autopair_attempts == 0)) { 870 BTIF_TRACE_DEBUG("%s() Attempting auto pair", __func__); 871 pin_code.pin[0] = 0x30; 872 pin_code.pin[1] = 0x30; 873 pin_code.pin[2] = 0x30; 874 pin_code.pin[3] = 0x30; 875 876 pairing_cb.autopair_attempts++; 877 BTA_DmPinReply(bd_addr, true, 4, pin_code.pin); 878 return; 879 } 880 } else if (check_cod(&bd_addr, COD_HID_KEYBOARD) || 881 check_cod(&bd_addr, COD_HID_COMBO)) { 882 if ((interop_match_addr(INTEROP_KEYBOARD_REQUIRES_FIXED_PIN, &bd_addr) == 883 true) && 884 (pairing_cb.autopair_attempts == 0)) { 885 BTIF_TRACE_DEBUG("%s() Attempting auto pair", __func__); 886 pin_code.pin[0] = 0x30; 887 pin_code.pin[1] = 0x30; 888 pin_code.pin[2] = 0x30; 889 pin_code.pin[3] = 0x30; 890 891 pairing_cb.autopair_attempts++; 892 BTA_DmPinReply(bd_addr, true, 4, pin_code.pin); 893 return; 894 } 895 } 896 } 897 // TODO: make cback accept const and get rid of tmp! 898 auto tmp = bd_addr; 899 HAL_CBACK(bt_hal_cbacks, pin_request_cb, &tmp, &bd_name, cod, 900 p_pin_req->min_16_digit); 901 } 902 903 /******************************************************************************* 904 * 905 * Function btif_dm_ssp_cfm_req_evt 906 * 907 * Description Executes SSP confirm request event in btif context 908 * 909 * Returns void 910 * 911 ******************************************************************************/ 912 static void btif_dm_ssp_cfm_req_evt(tBTA_DM_SP_CFM_REQ* p_ssp_cfm_req) { 913 bt_bdname_t bd_name; 914 uint32_t cod; 915 bool is_incoming = !(pairing_cb.state == BT_BOND_STATE_BONDING); 916 int dev_type; 917 918 BTIF_TRACE_DEBUG("%s", __func__); 919 920 /* Remote properties update */ 921 if (!btif_get_device_type(p_ssp_cfm_req->bd_addr, &dev_type)) { 922 dev_type = BT_DEVICE_TYPE_BREDR; 923 } 924 btif_update_remote_properties(p_ssp_cfm_req->bd_addr, p_ssp_cfm_req->bd_name, 925 p_ssp_cfm_req->dev_class, 926 (tBT_DEVICE_TYPE)dev_type); 927 928 RawAddress bd_addr = p_ssp_cfm_req->bd_addr; 929 memcpy(bd_name.name, p_ssp_cfm_req->bd_name, BD_NAME_LEN); 930 931 /* Set the pairing_cb based on the local & remote authentication requirements 932 */ 933 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 934 935 /* if just_works and bonding bit is not set treat this as temporary */ 936 if (p_ssp_cfm_req->just_works && 937 !(p_ssp_cfm_req->loc_auth_req & BTM_AUTH_BONDS) && 938 !(p_ssp_cfm_req->rmt_auth_req & BTM_AUTH_BONDS) && 939 !(check_cod((RawAddress*)&p_ssp_cfm_req->bd_addr, COD_HID_POINTING))) 940 pairing_cb.bond_type = BOND_TYPE_TEMPORARY; 941 else 942 pairing_cb.bond_type = BOND_TYPE_PERSISTENT; 943 944 btm_set_bond_type_dev(p_ssp_cfm_req->bd_addr, pairing_cb.bond_type); 945 946 pairing_cb.is_ssp = true; 947 948 /* If JustWorks auto-accept */ 949 if (p_ssp_cfm_req->just_works) { 950 /* Pairing consent for JustWorks needed if: 951 * 1. Incoming (non-temporary) pairing is detected AND 952 * 2. local IO capabilities are DisplayYesNo AND 953 * 3. remote IO capabiltiies are DisplayOnly or NoInputNoOutput; 954 */ 955 if (is_incoming && pairing_cb.bond_type != BOND_TYPE_TEMPORARY && 956 ((p_ssp_cfm_req->loc_io_caps == HCI_IO_CAP_DISPLAY_YESNO) && 957 (p_ssp_cfm_req->rmt_io_caps == HCI_IO_CAP_DISPLAY_ONLY || 958 p_ssp_cfm_req->rmt_io_caps == HCI_IO_CAP_NO_IO))) { 959 BTIF_TRACE_EVENT( 960 "%s: User consent needed for incoming pairing request. loc_io_caps: " 961 "%d, rmt_io_caps: %d", 962 __func__, p_ssp_cfm_req->loc_io_caps, p_ssp_cfm_req->rmt_io_caps); 963 } else { 964 BTIF_TRACE_EVENT("%s: Auto-accept JustWorks pairing", __func__); 965 btif_dm_ssp_reply(&bd_addr, BT_SSP_VARIANT_CONSENT, true, 0); 966 return; 967 } 968 } 969 970 cod = devclass2uint(p_ssp_cfm_req->dev_class); 971 972 if (cod == 0) { 973 LOG_DEBUG(LOG_TAG, "%s cod is 0, set as unclassified", __func__); 974 cod = COD_UNCLASSIFIED; 975 } 976 977 pairing_cb.sdp_attempts = 0; 978 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod, 979 (p_ssp_cfm_req->just_works ? BT_SSP_VARIANT_CONSENT 980 : BT_SSP_VARIANT_PASSKEY_CONFIRMATION), 981 p_ssp_cfm_req->num_val); 982 } 983 984 static void btif_dm_ssp_key_notif_evt(tBTA_DM_SP_KEY_NOTIF* p_ssp_key_notif) { 985 bt_bdname_t bd_name; 986 uint32_t cod; 987 int dev_type; 988 989 BTIF_TRACE_DEBUG("%s", __func__); 990 991 /* Remote properties update */ 992 if (!btif_get_device_type(p_ssp_key_notif->bd_addr, &dev_type)) { 993 dev_type = BT_DEVICE_TYPE_BREDR; 994 } 995 btif_update_remote_properties( 996 p_ssp_key_notif->bd_addr, p_ssp_key_notif->bd_name, 997 p_ssp_key_notif->dev_class, (tBT_DEVICE_TYPE)dev_type); 998 999 RawAddress bd_addr = p_ssp_key_notif->bd_addr; 1000 memcpy(bd_name.name, p_ssp_key_notif->bd_name, BD_NAME_LEN); 1001 1002 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 1003 pairing_cb.is_ssp = true; 1004 cod = devclass2uint(p_ssp_key_notif->dev_class); 1005 1006 if (cod == 0) { 1007 LOG_DEBUG(LOG_TAG, "%s cod is 0, set as unclassified", __func__); 1008 cod = COD_UNCLASSIFIED; 1009 } 1010 1011 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod, 1012 BT_SSP_VARIANT_PASSKEY_NOTIFICATION, p_ssp_key_notif->passkey); 1013 } 1014 /******************************************************************************* 1015 * 1016 * Function btif_dm_auth_cmpl_evt 1017 * 1018 * Description Executes authentication complete event in btif context 1019 * 1020 * Returns void 1021 * 1022 ******************************************************************************/ 1023 static void btif_dm_auth_cmpl_evt(tBTA_DM_AUTH_CMPL* p_auth_cmpl) { 1024 /* Save link key, if not temporary */ 1025 bt_status_t status = BT_STATUS_FAIL; 1026 bt_bond_state_t state = BT_BOND_STATE_NONE; 1027 bool skip_sdp = false; 1028 1029 BTIF_TRACE_DEBUG("%s: bond state=%d", __func__, pairing_cb.state); 1030 1031 RawAddress bd_addr = p_auth_cmpl->bd_addr; 1032 if ((p_auth_cmpl->success == true) && (p_auth_cmpl->key_present)) { 1033 if ((p_auth_cmpl->key_type < HCI_LKEY_TYPE_DEBUG_COMB) || 1034 (p_auth_cmpl->key_type == HCI_LKEY_TYPE_AUTH_COMB) || 1035 (p_auth_cmpl->key_type == HCI_LKEY_TYPE_CHANGED_COMB) || 1036 (p_auth_cmpl->key_type == HCI_LKEY_TYPE_AUTH_COMB_P_256) || 1037 pairing_cb.bond_type == BOND_TYPE_PERSISTENT) { 1038 bt_status_t ret; 1039 BTIF_TRACE_DEBUG("%s: Storing link key. key_type=0x%x, bond_type=%d", 1040 __func__, p_auth_cmpl->key_type, pairing_cb.bond_type); 1041 ret = btif_storage_add_bonded_device(&bd_addr, p_auth_cmpl->key, 1042 p_auth_cmpl->key_type, 1043 pairing_cb.pin_code_len); 1044 ASSERTC(ret == BT_STATUS_SUCCESS, "storing link key failed", ret); 1045 } else { 1046 BTIF_TRACE_DEBUG( 1047 "%s: Temporary key. Not storing. key_type=0x%x, bond_type=%d", 1048 __func__, p_auth_cmpl->key_type, pairing_cb.bond_type); 1049 if (pairing_cb.bond_type == BOND_TYPE_TEMPORARY) { 1050 BTIF_TRACE_DEBUG("%s: sending BT_BOND_STATE_NONE for Temp pairing", 1051 __func__); 1052 btif_storage_remove_bonded_device(&bd_addr); 1053 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_NONE); 1054 return; 1055 } 1056 } 1057 } 1058 1059 // We could have received a new link key without going through the pairing 1060 // flow. If so, we don't want to perform SDP or any other operations on the 1061 // authenticated device. Also, make sure that the link key is not derived from 1062 // secure LTK, because we will need to perform SDP in case of link key 1063 // derivation to allow bond state change notification for the BR/EDR transport 1064 // so that the subsequent BR/EDR connections to the remote can use the derived 1065 // link key. 1066 if (p_auth_cmpl->bd_addr != pairing_cb.bd_addr && 1067 (!pairing_cb.ble.is_penc_key_rcvd)) { 1068 LOG(INFO) << __func__ 1069 << " skipping SDP since we did not initiate pairing to " 1070 << p_auth_cmpl->bd_addr; 1071 return; 1072 } 1073 1074 // Skip SDP for certain HID Devices 1075 if (p_auth_cmpl->success) { 1076 btif_storage_set_remote_addr_type(&bd_addr, p_auth_cmpl->addr_type); 1077 btif_update_remote_properties(p_auth_cmpl->bd_addr, p_auth_cmpl->bd_name, 1078 NULL, p_auth_cmpl->dev_type); 1079 pairing_cb.timeout_retries = 0; 1080 status = BT_STATUS_SUCCESS; 1081 state = BT_BOND_STATE_BONDED; 1082 bd_addr = p_auth_cmpl->bd_addr; 1083 1084 if (check_sdp_bl(&bd_addr) && check_cod_hid(&bd_addr)) { 1085 LOG_WARN(LOG_TAG, "%s:skip SDP", __func__); 1086 skip_sdp = true; 1087 } 1088 if (!pairing_cb.is_local_initiated && skip_sdp) { 1089 bond_state_changed(status, bd_addr, state); 1090 1091 LOG_WARN(LOG_TAG, "%s: Incoming HID Connection", __func__); 1092 bt_property_t prop; 1093 RawAddress bd_addr; 1094 bt_uuid_t uuid; 1095 char uuid_str[128] = UUID_HUMAN_INTERFACE_DEVICE; 1096 1097 string_to_uuid(uuid_str, &uuid); 1098 1099 prop.type = BT_PROPERTY_UUIDS; 1100 prop.val = uuid.uu; 1101 prop.len = MAX_UUID_SIZE; 1102 1103 /* Send the event to the BTIF */ 1104 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, BT_STATUS_SUCCESS, 1105 &bd_addr, 1, &prop); 1106 } else { 1107 bool is_crosskey = false; 1108 /* If bonded due to cross-key, save the static address too*/ 1109 if (pairing_cb.state == BT_BOND_STATE_BONDING && 1110 p_auth_cmpl->bd_addr != pairing_cb.bd_addr) { 1111 BTIF_TRACE_DEBUG( 1112 "%s: bonding initiated due to cross key, adding static address", 1113 __func__); 1114 pairing_cb.static_bdaddr = bd_addr; 1115 is_crosskey = true; 1116 } 1117 if (!is_crosskey || 1118 !(stack_config_get_interface()->get_pts_crosskey_sdp_disable())) { 1119 // Ensure inquiry is stopped before attempting service discovery 1120 btif_dm_cancel_discovery(); 1121 1122 /* Trigger SDP on the device */ 1123 pairing_cb.sdp_attempts = 1; 1124 btif_dm_get_remote_services(bd_addr); 1125 } 1126 } 1127 // Do not call bond_state_changed_cb yet. Wait until remote service 1128 // discovery is complete 1129 } else { 1130 // Map the HCI fail reason to bt status 1131 switch (p_auth_cmpl->fail_reason) { 1132 case HCI_ERR_PAGE_TIMEOUT: 1133 case HCI_ERR_LMP_RESPONSE_TIMEOUT: 1134 if (interop_match_addr(INTEROP_AUTO_RETRY_PAIRING, &bd_addr) && 1135 pairing_cb.timeout_retries) { 1136 BTIF_TRACE_WARNING("%s() - Pairing timeout; retrying (%d) ...", 1137 __func__, pairing_cb.timeout_retries); 1138 --pairing_cb.timeout_retries; 1139 btif_dm_cb_create_bond(bd_addr, BTA_TRANSPORT_UNKNOWN); 1140 return; 1141 } 1142 /* Fall-through */ 1143 case HCI_ERR_CONNECTION_TOUT: 1144 status = BT_STATUS_RMT_DEV_DOWN; 1145 break; 1146 1147 case HCI_ERR_PAIRING_NOT_ALLOWED: 1148 btif_storage_remove_bonded_device(&bd_addr); 1149 status = BT_STATUS_AUTH_REJECTED; 1150 break; 1151 1152 /* map the auth failure codes, so we can retry pairing if necessary */ 1153 case HCI_ERR_AUTH_FAILURE: 1154 case HCI_ERR_KEY_MISSING: 1155 btif_storage_remove_bonded_device(&bd_addr); 1156 case HCI_ERR_HOST_REJECT_SECURITY: 1157 case HCI_ERR_ENCRY_MODE_NOT_ACCEPTABLE: 1158 case HCI_ERR_UNIT_KEY_USED: 1159 case HCI_ERR_PAIRING_WITH_UNIT_KEY_NOT_SUPPORTED: 1160 case HCI_ERR_INSUFFCIENT_SECURITY: 1161 case HCI_ERR_PEER_USER: 1162 case HCI_ERR_UNSPECIFIED: 1163 BTIF_TRACE_DEBUG(" %s() Authentication fail reason %d", __func__, 1164 p_auth_cmpl->fail_reason); 1165 if (pairing_cb.autopair_attempts == 1) { 1166 /* Create the Bond once again */ 1167 BTIF_TRACE_WARNING("%s() auto pair failed. Reinitiate Bond", 1168 __func__); 1169 btif_dm_cb_create_bond(bd_addr, BTA_TRANSPORT_UNKNOWN); 1170 return; 1171 } else { 1172 /* if autopair attempts are more than 1, or not attempted */ 1173 status = BT_STATUS_AUTH_FAILURE; 1174 } 1175 break; 1176 1177 default: 1178 status = BT_STATUS_FAIL; 1179 } 1180 /* Special Handling for HID Devices */ 1181 if (check_cod(&bd_addr, COD_HID_POINTING)) { 1182 /* Remove Device as bonded in nvram as authentication failed */ 1183 BTIF_TRACE_DEBUG("%s(): removing hid pointing device from nvram", 1184 __func__); 1185 btif_storage_remove_bonded_device(&bd_addr); 1186 } 1187 bond_state_changed(status, bd_addr, state); 1188 } 1189 } 1190 1191 /****************************************************************************** 1192 * 1193 * Function btif_dm_search_devices_evt 1194 * 1195 * Description Executes search devices callback events in btif context 1196 * 1197 * Returns void 1198 * 1199 *****************************************************************************/ 1200 static void btif_dm_search_devices_evt(uint16_t event, char* p_param) { 1201 tBTA_DM_SEARCH* p_search_data; 1202 BTIF_TRACE_EVENT("%s event=%s", __func__, dump_dm_search_event(event)); 1203 1204 switch (event) { 1205 case BTA_DM_DISC_RES_EVT: { 1206 p_search_data = (tBTA_DM_SEARCH*)p_param; 1207 /* Remote name update */ 1208 if (strlen((const char*)p_search_data->disc_res.bd_name)) { 1209 bt_property_t properties[1]; 1210 bt_status_t status; 1211 1212 properties[0].type = BT_PROPERTY_BDNAME; 1213 properties[0].val = p_search_data->disc_res.bd_name; 1214 properties[0].len = strlen((char*)p_search_data->disc_res.bd_name); 1215 RawAddress& bdaddr = p_search_data->disc_res.bd_addr; 1216 1217 status = 1218 btif_storage_set_remote_device_property(&bdaddr, &properties[0]); 1219 ASSERTC(status == BT_STATUS_SUCCESS, 1220 "failed to save remote device property", status); 1221 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, status, &bdaddr, 1222 1, properties); 1223 } 1224 /* TODO: Services? */ 1225 } break; 1226 1227 case BTA_DM_INQ_RES_EVT: { 1228 /* inquiry result */ 1229 bt_bdname_t bdname; 1230 uint8_t remote_name_len; 1231 tBTA_SERVICE_MASK services = 0; 1232 1233 p_search_data = (tBTA_DM_SEARCH*)p_param; 1234 RawAddress& bdaddr = p_search_data->inq_res.bd_addr; 1235 1236 BTIF_TRACE_DEBUG("%s() %s device_type = 0x%x\n", __func__, 1237 bdaddr.ToString().c_str(), 1238 p_search_data->inq_res.device_type); 1239 bdname.name[0] = 0; 1240 1241 if (!check_eir_remote_name(p_search_data, bdname.name, &remote_name_len)) 1242 check_cached_remote_name(p_search_data, bdname.name, &remote_name_len); 1243 1244 /* Check EIR for remote name and services */ 1245 if (p_search_data->inq_res.p_eir) { 1246 BTA_GetEirService(p_search_data->inq_res.p_eir, 1247 p_search_data->inq_res.eir_len, &services); 1248 BTIF_TRACE_DEBUG("%s()EIR BTA services = %08X", __func__, 1249 (uint32_t)services); 1250 /* TODO: Get the service list and check to see which uuids we got and 1251 * send it back to the client. */ 1252 } 1253 1254 { 1255 bt_property_t properties[5]; 1256 bt_device_type_t dev_type; 1257 uint32_t num_properties = 0; 1258 bt_status_t status; 1259 int addr_type = 0; 1260 1261 memset(properties, 0, sizeof(properties)); 1262 /* RawAddress */ 1263 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1264 BT_PROPERTY_BDADDR, sizeof(bdaddr), &bdaddr); 1265 num_properties++; 1266 /* BD_NAME */ 1267 /* Don't send BDNAME if it is empty */ 1268 if (bdname.name[0]) { 1269 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1270 BT_PROPERTY_BDNAME, 1271 strlen((char*)bdname.name), &bdname); 1272 num_properties++; 1273 } 1274 1275 /* DEV_CLASS */ 1276 uint32_t cod = devclass2uint(p_search_data->inq_res.dev_class); 1277 BTIF_TRACE_DEBUG("%s cod is 0x%06x", __func__, cod); 1278 if (cod != 0) { 1279 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1280 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), 1281 &cod); 1282 num_properties++; 1283 } 1284 1285 /* DEV_TYPE */ 1286 /* FixMe: Assumption is that bluetooth.h and BTE enums match */ 1287 1288 /* Verify if the device is dual mode in NVRAM */ 1289 int stored_device_type = 0; 1290 if (btif_get_device_type(bdaddr, &stored_device_type) && 1291 ((stored_device_type != BT_DEVICE_TYPE_BREDR && 1292 p_search_data->inq_res.device_type == BT_DEVICE_TYPE_BREDR) || 1293 (stored_device_type != BT_DEVICE_TYPE_BLE && 1294 p_search_data->inq_res.device_type == BT_DEVICE_TYPE_BLE))) { 1295 dev_type = (bt_device_type_t)BT_DEVICE_TYPE_DUMO; 1296 } else { 1297 dev_type = (bt_device_type_t)p_search_data->inq_res.device_type; 1298 } 1299 1300 if (p_search_data->inq_res.device_type == BT_DEVICE_TYPE_BLE) 1301 addr_type = p_search_data->inq_res.ble_addr_type; 1302 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1303 BT_PROPERTY_TYPE_OF_DEVICE, sizeof(dev_type), 1304 &dev_type); 1305 num_properties++; 1306 /* RSSI */ 1307 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1308 BT_PROPERTY_REMOTE_RSSI, sizeof(int8_t), 1309 &(p_search_data->inq_res.rssi)); 1310 num_properties++; 1311 1312 status = 1313 btif_storage_add_remote_device(&bdaddr, num_properties, properties); 1314 ASSERTC(status == BT_STATUS_SUCCESS, 1315 "failed to save remote device (inquiry)", status); 1316 status = btif_storage_set_remote_addr_type(&bdaddr, addr_type); 1317 ASSERTC(status == BT_STATUS_SUCCESS, 1318 "failed to save remote addr type (inquiry)", status); 1319 /* Callback to notify upper layer of device */ 1320 HAL_CBACK(bt_hal_cbacks, device_found_cb, num_properties, properties); 1321 } 1322 } break; 1323 1324 case BTA_DM_INQ_CMPL_EVT: { 1325 do_in_bta_thread( 1326 FROM_HERE, 1327 base::Bind(&BTM_BleAdvFilterParamSetup, BTM_BLE_SCAN_COND_DELETE, 0, 1328 nullptr, base::Bind(&bte_scan_filt_param_cfg_evt, 0))); 1329 } break; 1330 case BTA_DM_DISC_CMPL_EVT: { 1331 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, 1332 BT_DISCOVERY_STOPPED); 1333 } break; 1334 case BTA_DM_SEARCH_CANCEL_CMPL_EVT: { 1335 /* if inquiry is not in progress and we get a cancel event, then 1336 * it means we are done with inquiry, but remote_name fetches are in 1337 * progress 1338 * 1339 * if inquiry is in progress, then we don't want to act on this 1340 * cancel_cmpl_evt 1341 * but instead wait for the cancel_cmpl_evt via the Busy Level 1342 * 1343 */ 1344 if (btif_dm_inquiry_in_progress == false) { 1345 btgatt_filt_param_setup_t adv_filt_param; 1346 memset(&adv_filt_param, 0, sizeof(btgatt_filt_param_setup_t)); 1347 do_in_bta_thread( 1348 FROM_HERE, 1349 base::Bind(&BTM_BleAdvFilterParamSetup, BTM_BLE_SCAN_COND_DELETE, 0, 1350 nullptr, base::Bind(&bte_scan_filt_param_cfg_evt, 0))); 1351 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, 1352 BT_DISCOVERY_STOPPED); 1353 } 1354 } break; 1355 } 1356 } 1357 1358 /******************************************************************************* 1359 * 1360 * Function btif_dm_search_services_evt 1361 * 1362 * Description Executes search services event in btif context 1363 * 1364 * Returns void 1365 * 1366 ******************************************************************************/ 1367 static void btif_dm_search_services_evt(uint16_t event, char* p_param) { 1368 tBTA_DM_SEARCH* p_data = (tBTA_DM_SEARCH*)p_param; 1369 1370 BTIF_TRACE_EVENT("%s: event = %d", __func__, event); 1371 switch (event) { 1372 case BTA_DM_DISC_RES_EVT: { 1373 bt_property_t prop; 1374 uint32_t i = 0; 1375 bt_status_t ret; 1376 1377 RawAddress& bd_addr = p_data->disc_res.bd_addr; 1378 1379 BTIF_TRACE_DEBUG("%s:(result=0x%x, services 0x%x)", __func__, 1380 p_data->disc_res.result, p_data->disc_res.services); 1381 if ((p_data->disc_res.result != BTA_SUCCESS) && 1382 (pairing_cb.state == BT_BOND_STATE_BONDING) && 1383 (pairing_cb.sdp_attempts < BTIF_DM_MAX_SDP_ATTEMPTS_AFTER_PAIRING)) { 1384 BTIF_TRACE_WARNING("%s:SDP failed after bonding re-attempting", 1385 __func__); 1386 pairing_cb.sdp_attempts++; 1387 btif_dm_get_remote_services(bd_addr); 1388 return; 1389 } 1390 prop.type = BT_PROPERTY_UUIDS; 1391 prop.len = 0; 1392 if ((p_data->disc_res.result == BTA_SUCCESS) && 1393 (p_data->disc_res.num_uuids > 0)) { 1394 prop.val = p_data->disc_res.p_uuid_list; 1395 prop.len = p_data->disc_res.num_uuids * MAX_UUID_SIZE; 1396 for (i = 0; i < p_data->disc_res.num_uuids; i++) { 1397 char temp[256]; 1398 uuid_to_string_legacy( 1399 (bt_uuid_t*)(p_data->disc_res.p_uuid_list + (i * MAX_UUID_SIZE)), 1400 temp, sizeof(temp)); 1401 LOG_INFO(LOG_TAG, "%s index:%d uuid:%s", __func__, i, temp); 1402 } 1403 } 1404 1405 /* onUuidChanged requires getBondedDevices to be populated. 1406 ** bond_state_changed needs to be sent prior to remote_device_property 1407 */ 1408 if ((pairing_cb.state == BT_BOND_STATE_BONDING) && 1409 (p_data->disc_res.bd_addr == pairing_cb.bd_addr || 1410 p_data->disc_res.bd_addr == pairing_cb.static_bdaddr) && 1411 pairing_cb.sdp_attempts > 0) { 1412 BTIF_TRACE_DEBUG( 1413 "%s Remote Service SDP done. Call bond_state_changed_cb BONDED", 1414 __func__); 1415 pairing_cb.sdp_attempts = 0; 1416 1417 // If bonding occured due to cross-key pairing, send bonding callback 1418 // for static address now 1419 if (p_data->disc_res.bd_addr == pairing_cb.static_bdaddr) 1420 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 1421 1422 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDED); 1423 } 1424 1425 if (p_data->disc_res.num_uuids != 0) { 1426 /* Also write this to the NVRAM */ 1427 ret = btif_storage_set_remote_device_property(&bd_addr, &prop); 1428 ASSERTC(ret == BT_STATUS_SUCCESS, "storing remote services failed", 1429 ret); 1430 /* Send the event to the BTIF */ 1431 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, BT_STATUS_SUCCESS, 1432 &bd_addr, 1, &prop); 1433 } 1434 } break; 1435 1436 case BTA_DM_DISC_CMPL_EVT: 1437 /* fixme */ 1438 break; 1439 1440 case BTA_DM_SEARCH_CANCEL_CMPL_EVT: 1441 /* no-op */ 1442 break; 1443 1444 case BTA_DM_DISC_BLE_RES_EVT: { 1445 BTIF_TRACE_DEBUG("%s:, services 0x%x)", __func__, 1446 p_data->disc_ble_res.service.uu.uuid16); 1447 bt_uuid_t uuid; 1448 int i = 0; 1449 int j = 15; 1450 int num_properties = 0; 1451 if (p_data->disc_ble_res.service.uu.uuid16 == UUID_SERVCLASS_LE_HID) { 1452 BTIF_TRACE_DEBUG("%s: Found HOGP UUID", __func__); 1453 bt_property_t prop[2]; 1454 char temp[256]; 1455 bt_status_t ret; 1456 1457 bta_gatt_convert_uuid16_to_uuid128( 1458 uuid.uu, p_data->disc_ble_res.service.uu.uuid16); 1459 1460 while (i < j) { 1461 unsigned char c = uuid.uu[j]; 1462 uuid.uu[j] = uuid.uu[i]; 1463 uuid.uu[i] = c; 1464 i++; 1465 j--; 1466 } 1467 1468 uuid_to_string_legacy(&uuid, temp, sizeof(temp)); 1469 LOG_INFO(LOG_TAG, "%s uuid:%s", __func__, temp); 1470 1471 RawAddress& bd_addr = p_data->disc_ble_res.bd_addr; 1472 prop[0].type = BT_PROPERTY_UUIDS; 1473 prop[0].val = uuid.uu; 1474 prop[0].len = MAX_UUID_SIZE; 1475 1476 /* Also write this to the NVRAM */ 1477 ret = btif_storage_set_remote_device_property(&bd_addr, &prop[0]); 1478 ASSERTC(ret == BT_STATUS_SUCCESS, "storing remote services failed", 1479 ret); 1480 num_properties++; 1481 1482 /* Remote name update */ 1483 if (strnlen((const char*)p_data->disc_ble_res.bd_name, BD_NAME_LEN)) { 1484 prop[1].type = BT_PROPERTY_BDNAME; 1485 prop[1].val = p_data->disc_ble_res.bd_name; 1486 prop[1].len = 1487 strnlen((char*)p_data->disc_ble_res.bd_name, BD_NAME_LEN); 1488 1489 ret = btif_storage_set_remote_device_property(&bd_addr, &prop[1]); 1490 ASSERTC(ret == BT_STATUS_SUCCESS, 1491 "failed to save remote device property", ret); 1492 num_properties++; 1493 } 1494 1495 /* Send the event to the BTIF */ 1496 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, BT_STATUS_SUCCESS, 1497 &bd_addr, num_properties, prop); 1498 } 1499 } break; 1500 1501 default: { ASSERTC(0, "unhandled search services event", event); } break; 1502 } 1503 } 1504 1505 /******************************************************************************* 1506 * 1507 * Function btif_dm_remote_service_record_evt 1508 * 1509 * Description Executes search service record event in btif context 1510 * 1511 * Returns void 1512 * 1513 ******************************************************************************/ 1514 static void btif_dm_remote_service_record_evt(uint16_t event, char* p_param) { 1515 tBTA_DM_SEARCH* p_data = (tBTA_DM_SEARCH*)p_param; 1516 1517 BTIF_TRACE_EVENT("%s: event = %d", __func__, event); 1518 switch (event) { 1519 case BTA_DM_DISC_RES_EVT: { 1520 bt_service_record_t rec; 1521 bt_property_t prop; 1522 1523 memset(&rec, 0, sizeof(bt_service_record_t)); 1524 RawAddress& bd_addr = p_data->disc_res.bd_addr; 1525 1526 BTIF_TRACE_DEBUG("%s:(result=0x%x, services 0x%x)", __func__, 1527 p_data->disc_res.result, p_data->disc_res.services); 1528 prop.type = BT_PROPERTY_SERVICE_RECORD; 1529 prop.val = (void*)&rec; 1530 prop.len = sizeof(rec); 1531 1532 /* disc_res.result is overloaded with SCN. Cannot check result */ 1533 p_data->disc_res.services &= ~BTA_USER_SERVICE_MASK; 1534 /* TODO: Get the UUID as well */ 1535 rec.channel = p_data->disc_res.result - 3; 1536 /* TODO: Need to get the service name using p_raw_data */ 1537 rec.name[0] = 0; 1538 1539 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, BT_STATUS_SUCCESS, 1540 &bd_addr, 1, &prop); 1541 } break; 1542 1543 default: { 1544 ASSERTC(0, "unhandled remote service record event", event); 1545 } break; 1546 } 1547 } 1548 1549 /******************************************************************************* 1550 * 1551 * Function btif_dm_upstreams_cback 1552 * 1553 * Description Executes UPSTREAMS events in btif context 1554 * 1555 * Returns void 1556 * 1557 ******************************************************************************/ 1558 static void btif_dm_upstreams_evt(uint16_t event, char* p_param) { 1559 tBTA_DM_SEC* p_data = (tBTA_DM_SEC*)p_param; 1560 tBTA_SERVICE_MASK service_mask; 1561 uint32_t i; 1562 RawAddress bd_addr; 1563 1564 BTIF_TRACE_EVENT("%s: ev: %s", __func__, dump_dm_event(event)); 1565 1566 switch (event) { 1567 case BTA_DM_ENABLE_EVT: { 1568 BD_NAME bdname; 1569 bt_status_t status; 1570 bt_property_t prop; 1571 prop.type = BT_PROPERTY_BDNAME; 1572 prop.len = BD_NAME_LEN; 1573 prop.val = (void*)bdname; 1574 1575 status = btif_storage_get_adapter_property(&prop); 1576 if (status == BT_STATUS_SUCCESS) { 1577 /* A name exists in the storage. Make this the device name */ 1578 BTA_DmSetDeviceName((char*)prop.val); 1579 } else { 1580 /* Storage does not have a name yet. 1581 * Use the default name and write it to the chip 1582 */ 1583 BTA_DmSetDeviceName(btif_get_default_local_name()); 1584 } 1585 1586 /* Enable local privacy */ 1587 BTA_DmBleConfigLocalPrivacy(BLE_LOCAL_PRIVACY_ENABLED); 1588 1589 /* for each of the enabled services in the mask, trigger the profile 1590 * enable */ 1591 service_mask = btif_get_enabled_services_mask(); 1592 for (i = 0; i <= BTA_MAX_SERVICE_ID; i++) { 1593 if (service_mask & 1594 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(i))) { 1595 btif_in_execute_service_request(i, true); 1596 } 1597 } 1598 /* clear control blocks */ 1599 memset(&pairing_cb, 0, sizeof(btif_dm_pairing_cb_t)); 1600 pairing_cb.bond_type = BOND_TYPE_PERSISTENT; 1601 1602 /* This function will also trigger the adapter_properties_cb 1603 ** and bonded_devices_info_cb 1604 */ 1605 btif_storage_load_bonded_devices(); 1606 1607 btif_enable_bluetooth_evt(p_data->enable.status); 1608 } break; 1609 1610 case BTA_DM_DISABLE_EVT: 1611 /* for each of the enabled services in the mask, trigger the profile 1612 * disable */ 1613 service_mask = btif_get_enabled_services_mask(); 1614 for (i = 0; i <= BTA_MAX_SERVICE_ID; i++) { 1615 if (service_mask & 1616 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(i))) { 1617 btif_in_execute_service_request(i, false); 1618 } 1619 } 1620 btif_disable_bluetooth_evt(); 1621 break; 1622 1623 case BTA_DM_PIN_REQ_EVT: 1624 btif_dm_pin_req_evt(&p_data->pin_req); 1625 break; 1626 1627 case BTA_DM_AUTH_CMPL_EVT: 1628 btif_dm_auth_cmpl_evt(&p_data->auth_cmpl); 1629 break; 1630 1631 case BTA_DM_BOND_CANCEL_CMPL_EVT: 1632 if (pairing_cb.state == BT_BOND_STATE_BONDING) { 1633 bd_addr = pairing_cb.bd_addr; 1634 btm_set_bond_type_dev(pairing_cb.bd_addr, BOND_TYPE_UNKNOWN); 1635 bond_state_changed((bt_status_t)p_data->bond_cancel_cmpl.result, 1636 bd_addr, BT_BOND_STATE_NONE); 1637 } 1638 break; 1639 1640 case BTA_DM_SP_CFM_REQ_EVT: 1641 btif_dm_ssp_cfm_req_evt(&p_data->cfm_req); 1642 break; 1643 case BTA_DM_SP_KEY_NOTIF_EVT: 1644 btif_dm_ssp_key_notif_evt(&p_data->key_notif); 1645 break; 1646 1647 case BTA_DM_DEV_UNPAIRED_EVT: 1648 bd_addr = p_data->link_down.bd_addr; 1649 btm_set_bond_type_dev(p_data->link_down.bd_addr, BOND_TYPE_UNKNOWN); 1650 1651 /*special handling for HID devices */ 1652 #if (defined(BTA_HH_INCLUDED) && (BTA_HH_INCLUDED == true)) 1653 btif_hh_remove_device(bd_addr); 1654 #endif 1655 #if (defined(BTA_HD_INCLUDED) && (BTA_HD_INCLUDED == TRUE)) 1656 btif_hd_remove_device(bd_addr); 1657 #endif 1658 btif_storage_remove_bonded_device(&bd_addr); 1659 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_NONE); 1660 break; 1661 1662 case BTA_DM_BUSY_LEVEL_EVT: { 1663 if (p_data->busy_level.level_flags & BTM_BL_INQUIRY_PAGING_MASK) { 1664 if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_STARTED) { 1665 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, 1666 BT_DISCOVERY_STARTED); 1667 btif_dm_inquiry_in_progress = true; 1668 } else if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_CANCELLED) { 1669 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, 1670 BT_DISCOVERY_STOPPED); 1671 btif_dm_inquiry_in_progress = false; 1672 } else if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_COMPLETE) { 1673 btif_dm_inquiry_in_progress = false; 1674 } 1675 } 1676 } break; 1677 1678 case BTA_DM_LINK_UP_EVT: 1679 bd_addr = p_data->link_up.bd_addr; 1680 BTIF_TRACE_DEBUG("BTA_DM_LINK_UP_EVT. Sending BT_ACL_STATE_CONNECTED"); 1681 1682 btif_update_remote_version_property(&bd_addr); 1683 1684 HAL_CBACK(bt_hal_cbacks, acl_state_changed_cb, BT_STATUS_SUCCESS, 1685 &bd_addr, BT_ACL_STATE_CONNECTED); 1686 break; 1687 1688 case BTA_DM_LINK_DOWN_EVT: 1689 bd_addr = p_data->link_down.bd_addr; 1690 btm_set_bond_type_dev(p_data->link_down.bd_addr, BOND_TYPE_UNKNOWN); 1691 btif_av_move_idle(bd_addr); 1692 BTIF_TRACE_DEBUG( 1693 "BTA_DM_LINK_DOWN_EVT. Sending BT_ACL_STATE_DISCONNECTED"); 1694 HAL_CBACK(bt_hal_cbacks, acl_state_changed_cb, BT_STATUS_SUCCESS, 1695 &bd_addr, BT_ACL_STATE_DISCONNECTED); 1696 break; 1697 1698 case BTA_DM_HW_ERROR_EVT: 1699 BTIF_TRACE_ERROR("Received H/W Error. "); 1700 /* Flush storage data */ 1701 btif_config_flush(); 1702 usleep(100000); /* 100milliseconds */ 1703 /* Killing the process to force a restart as part of fault tolerance */ 1704 kill(getpid(), SIGKILL); 1705 break; 1706 1707 case BTA_DM_BLE_KEY_EVT: 1708 BTIF_TRACE_DEBUG("BTA_DM_BLE_KEY_EVT key_type=0x%02x ", 1709 p_data->ble_key.key_type); 1710 1711 /* If this pairing is by-product of local initiated GATT client Read or 1712 Write, 1713 BTA would not have sent BTA_DM_BLE_SEC_REQ_EVT event and Bond state would 1714 not 1715 have setup properly. Setup pairing_cb and notify App about Bonding state 1716 now*/ 1717 if (pairing_cb.state != BT_BOND_STATE_BONDING) { 1718 BTIF_TRACE_DEBUG( 1719 "Bond state not sent to App so far.Notify the app now"); 1720 bond_state_changed(BT_STATUS_SUCCESS, p_data->ble_key.bd_addr, 1721 BT_BOND_STATE_BONDING); 1722 } else if (pairing_cb.bd_addr != p_data->ble_key.bd_addr) { 1723 BTIF_TRACE_ERROR("BD mismatch discard BLE key_type=%d ", 1724 p_data->ble_key.key_type); 1725 break; 1726 } 1727 1728 switch (p_data->ble_key.key_type) { 1729 case BTA_LE_KEY_PENC: 1730 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_PENC"); 1731 pairing_cb.ble.is_penc_key_rcvd = true; 1732 pairing_cb.ble.penc_key = p_data->ble_key.p_key_value->penc_key; 1733 break; 1734 1735 case BTA_LE_KEY_PID: 1736 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_PID"); 1737 pairing_cb.ble.is_pid_key_rcvd = true; 1738 pairing_cb.ble.pid_key = p_data->ble_key.p_key_value->pid_key; 1739 break; 1740 1741 case BTA_LE_KEY_PCSRK: 1742 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_PCSRK"); 1743 pairing_cb.ble.is_pcsrk_key_rcvd = true; 1744 pairing_cb.ble.pcsrk_key = p_data->ble_key.p_key_value->pcsrk_key; 1745 break; 1746 1747 case BTA_LE_KEY_LENC: 1748 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_LENC"); 1749 pairing_cb.ble.is_lenc_key_rcvd = true; 1750 pairing_cb.ble.lenc_key = p_data->ble_key.p_key_value->lenc_key; 1751 break; 1752 1753 case BTA_LE_KEY_LCSRK: 1754 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_LCSRK"); 1755 pairing_cb.ble.is_lcsrk_key_rcvd = true; 1756 pairing_cb.ble.lcsrk_key = p_data->ble_key.p_key_value->lcsrk_key; 1757 break; 1758 1759 case BTA_LE_KEY_LID: 1760 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_LID"); 1761 pairing_cb.ble.is_lidk_key_rcvd = true; 1762 break; 1763 1764 default: 1765 BTIF_TRACE_ERROR("unknown BLE key type (0x%02x)", 1766 p_data->ble_key.key_type); 1767 break; 1768 } 1769 break; 1770 case BTA_DM_BLE_SEC_REQ_EVT: 1771 BTIF_TRACE_DEBUG("BTA_DM_BLE_SEC_REQ_EVT. "); 1772 btif_dm_ble_sec_req_evt(&p_data->ble_req); 1773 break; 1774 case BTA_DM_BLE_PASSKEY_NOTIF_EVT: 1775 BTIF_TRACE_DEBUG("BTA_DM_BLE_PASSKEY_NOTIF_EVT. "); 1776 btif_dm_ble_key_notif_evt(&p_data->key_notif); 1777 break; 1778 case BTA_DM_BLE_PASSKEY_REQ_EVT: 1779 BTIF_TRACE_DEBUG("BTA_DM_BLE_PASSKEY_REQ_EVT. "); 1780 btif_dm_ble_passkey_req_evt(&p_data->pin_req); 1781 break; 1782 case BTA_DM_BLE_NC_REQ_EVT: 1783 BTIF_TRACE_DEBUG("BTA_DM_BLE_PASSKEY_REQ_EVT. "); 1784 btif_dm_ble_key_nc_req_evt(&p_data->key_notif); 1785 break; 1786 case BTA_DM_BLE_OOB_REQ_EVT: 1787 BTIF_TRACE_DEBUG("BTA_DM_BLE_OOB_REQ_EVT. "); 1788 btif_dm_ble_oob_req_evt(&p_data->rmt_oob); 1789 break; 1790 case BTA_DM_BLE_SC_OOB_REQ_EVT: 1791 BTIF_TRACE_DEBUG("BTA_DM_BLE_SC_OOB_REQ_EVT. "); 1792 btif_dm_ble_sc_oob_req_evt(&p_data->rmt_oob); 1793 break; 1794 case BTA_DM_BLE_LOCAL_IR_EVT: 1795 BTIF_TRACE_DEBUG("BTA_DM_BLE_LOCAL_IR_EVT. "); 1796 ble_local_key_cb.is_id_keys_rcvd = true; 1797 memcpy(&ble_local_key_cb.id_keys.irk[0], &p_data->ble_id_keys.irk[0], 1798 sizeof(BT_OCTET16)); 1799 memcpy(&ble_local_key_cb.id_keys.ir[0], &p_data->ble_id_keys.ir[0], 1800 sizeof(BT_OCTET16)); 1801 memcpy(&ble_local_key_cb.id_keys.dhk[0], &p_data->ble_id_keys.dhk[0], 1802 sizeof(BT_OCTET16)); 1803 btif_storage_add_ble_local_key((char*)&ble_local_key_cb.id_keys.irk[0], 1804 BTIF_DM_LE_LOCAL_KEY_IRK, BT_OCTET16_LEN); 1805 btif_storage_add_ble_local_key((char*)&ble_local_key_cb.id_keys.ir[0], 1806 BTIF_DM_LE_LOCAL_KEY_IR, BT_OCTET16_LEN); 1807 btif_storage_add_ble_local_key((char*)&ble_local_key_cb.id_keys.dhk[0], 1808 BTIF_DM_LE_LOCAL_KEY_DHK, BT_OCTET16_LEN); 1809 break; 1810 case BTA_DM_BLE_LOCAL_ER_EVT: 1811 BTIF_TRACE_DEBUG("BTA_DM_BLE_LOCAL_ER_EVT. "); 1812 ble_local_key_cb.is_er_rcvd = true; 1813 memcpy(&ble_local_key_cb.er[0], &p_data->ble_er[0], sizeof(BT_OCTET16)); 1814 btif_storage_add_ble_local_key((char*)&ble_local_key_cb.er[0], 1815 BTIF_DM_LE_LOCAL_KEY_ER, BT_OCTET16_LEN); 1816 break; 1817 1818 case BTA_DM_BLE_AUTH_CMPL_EVT: 1819 BTIF_TRACE_DEBUG("BTA_DM_BLE_AUTH_CMPL_EVT. "); 1820 btif_dm_ble_auth_cmpl_evt(&p_data->auth_cmpl); 1821 break; 1822 1823 case BTA_DM_LE_FEATURES_READ: { 1824 tBTM_BLE_VSC_CB cmn_vsc_cb; 1825 bt_local_le_features_t local_le_features; 1826 char buf[512]; 1827 bt_property_t prop; 1828 prop.type = BT_PROPERTY_LOCAL_LE_FEATURES; 1829 prop.val = (void*)buf; 1830 prop.len = sizeof(buf); 1831 1832 /* LE features are not stored in storage. Should be retrived from stack */ 1833 BTM_BleGetVendorCapabilities(&cmn_vsc_cb); 1834 local_le_features.local_privacy_enabled = BTM_BleLocalPrivacyEnabled(); 1835 1836 prop.len = sizeof(bt_local_le_features_t); 1837 if (cmn_vsc_cb.filter_support == 1) 1838 local_le_features.max_adv_filter_supported = cmn_vsc_cb.max_filter; 1839 else 1840 local_le_features.max_adv_filter_supported = 0; 1841 local_le_features.max_adv_instance = cmn_vsc_cb.adv_inst_max; 1842 local_le_features.max_irk_list_size = cmn_vsc_cb.max_irk_list_sz; 1843 local_le_features.rpa_offload_supported = cmn_vsc_cb.rpa_offloading; 1844 local_le_features.activity_energy_info_supported = 1845 cmn_vsc_cb.energy_support; 1846 local_le_features.scan_result_storage_size = 1847 cmn_vsc_cb.tot_scan_results_strg; 1848 local_le_features.version_supported = cmn_vsc_cb.version_supported; 1849 local_le_features.total_trackable_advertisers = 1850 cmn_vsc_cb.total_trackable_advertisers; 1851 1852 local_le_features.extended_scan_support = 1853 cmn_vsc_cb.extended_scan_support > 0; 1854 local_le_features.debug_logging_supported = 1855 cmn_vsc_cb.debug_logging_supported > 0; 1856 1857 const controller_t* controller = controller_get_interface(); 1858 1859 local_le_features.le_2m_phy_supported = controller->supports_ble_2m_phy(); 1860 local_le_features.le_coded_phy_supported = 1861 controller->supports_ble_coded_phy(); 1862 local_le_features.le_extended_advertising_supported = 1863 controller->supports_ble_extended_advertising(); 1864 local_le_features.le_periodic_advertising_supported = 1865 controller->supports_ble_periodic_advertising(); 1866 local_le_features.le_maximum_advertising_data_length = 1867 controller->get_ble_maxium_advertising_data_length(); 1868 1869 memcpy(prop.val, &local_le_features, prop.len); 1870 HAL_CBACK(bt_hal_cbacks, adapter_properties_cb, BT_STATUS_SUCCESS, 1, 1871 &prop); 1872 break; 1873 } 1874 1875 case BTA_DM_ENER_INFO_READ: { 1876 btif_activity_energy_info_cb_t* p_ener_data = 1877 (btif_activity_energy_info_cb_t*)p_param; 1878 bt_activity_energy_info energy_info; 1879 energy_info.status = p_ener_data->status; 1880 energy_info.ctrl_state = p_ener_data->ctrl_state; 1881 energy_info.rx_time = p_ener_data->rx_time; 1882 energy_info.tx_time = p_ener_data->tx_time; 1883 energy_info.idle_time = p_ener_data->idle_time; 1884 energy_info.energy_used = p_ener_data->energy_used; 1885 1886 bt_uid_traffic_t* data = uid_set_read_and_clear(uid_set); 1887 HAL_CBACK(bt_hal_cbacks, energy_info_cb, &energy_info, data); 1888 osi_free(data); 1889 break; 1890 } 1891 1892 case BTA_DM_AUTHORIZE_EVT: 1893 case BTA_DM_SIG_STRENGTH_EVT: 1894 case BTA_DM_SP_RMT_OOB_EVT: 1895 case BTA_DM_SP_KEYPRESS_EVT: 1896 case BTA_DM_ROLE_CHG_EVT: 1897 1898 default: 1899 BTIF_TRACE_WARNING("btif_dm_cback : unhandled event (%d)", event); 1900 break; 1901 } 1902 1903 btif_dm_data_free(event, p_data); 1904 } 1905 1906 /******************************************************************************* 1907 * 1908 * Function btif_dm_generic_evt 1909 * 1910 * Description Executes non-BTA upstream events in BTIF context 1911 * 1912 * Returns void 1913 * 1914 ******************************************************************************/ 1915 static void btif_dm_generic_evt(uint16_t event, char* p_param) { 1916 BTIF_TRACE_EVENT("%s: event=%d", __func__, event); 1917 switch (event) { 1918 case BTIF_DM_CB_DISCOVERY_STARTED: { 1919 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, 1920 BT_DISCOVERY_STARTED); 1921 } break; 1922 1923 case BTIF_DM_CB_CREATE_BOND: { 1924 pairing_cb.timeout_retries = NUM_TIMEOUT_RETRIES; 1925 btif_dm_create_bond_cb_t* create_bond_cb = 1926 (btif_dm_create_bond_cb_t*)p_param; 1927 btif_dm_cb_create_bond(create_bond_cb->bdaddr, create_bond_cb->transport); 1928 } break; 1929 1930 case BTIF_DM_CB_REMOVE_BOND: { 1931 btif_dm_cb_remove_bond((RawAddress*)p_param); 1932 } break; 1933 1934 case BTIF_DM_CB_HID_REMOTE_NAME: { 1935 btif_dm_cb_hid_remote_name((tBTM_REMOTE_DEV_NAME*)p_param); 1936 } break; 1937 1938 case BTIF_DM_CB_BOND_STATE_BONDING: { 1939 bond_state_changed(BT_STATUS_SUCCESS, *((RawAddress*)p_param), 1940 BT_BOND_STATE_BONDING); 1941 } break; 1942 case BTIF_DM_CB_LE_TX_TEST: 1943 case BTIF_DM_CB_LE_RX_TEST: { 1944 uint8_t status; 1945 STREAM_TO_UINT8(status, p_param); 1946 HAL_CBACK(bt_hal_cbacks, le_test_mode_cb, 1947 (status == 0) ? BT_STATUS_SUCCESS : BT_STATUS_FAIL, 0); 1948 } break; 1949 case BTIF_DM_CB_LE_TEST_END: { 1950 uint8_t status; 1951 uint16_t count = 0; 1952 STREAM_TO_UINT8(status, p_param); 1953 if (status == 0) STREAM_TO_UINT16(count, p_param); 1954 HAL_CBACK(bt_hal_cbacks, le_test_mode_cb, 1955 (status == 0) ? BT_STATUS_SUCCESS : BT_STATUS_FAIL, count); 1956 } break; 1957 default: { 1958 BTIF_TRACE_WARNING("%s : Unknown event 0x%x", __func__, event); 1959 } break; 1960 } 1961 } 1962 1963 /******************************************************************************* 1964 * 1965 * Function bte_dm_evt 1966 * 1967 * Description Switches context from BTE to BTIF for all DM events 1968 * 1969 * Returns void 1970 * 1971 ******************************************************************************/ 1972 1973 void bte_dm_evt(tBTA_DM_SEC_EVT event, tBTA_DM_SEC* p_data) { 1974 /* switch context to btif task context (copy full union size for convenience) 1975 */ 1976 bt_status_t status = btif_transfer_context( 1977 btif_dm_upstreams_evt, (uint16_t)event, (char*)p_data, 1978 sizeof(tBTA_DM_SEC), btif_dm_data_copy); 1979 1980 /* catch any failed context transfers */ 1981 ASSERTC(status == BT_STATUS_SUCCESS, "context transfer failed", status); 1982 } 1983 1984 /******************************************************************************* 1985 * 1986 * Function bte_search_devices_evt 1987 * 1988 * Description Switches context from BTE to BTIF for DM search events 1989 * 1990 * Returns void 1991 * 1992 ******************************************************************************/ 1993 static void bte_search_devices_evt(tBTA_DM_SEARCH_EVT event, 1994 tBTA_DM_SEARCH* p_data) { 1995 uint16_t param_len = 0; 1996 1997 if (p_data) param_len += sizeof(tBTA_DM_SEARCH); 1998 /* Allocate buffer to hold the pointers (deep copy). The pointers will point 1999 * to the end of the tBTA_DM_SEARCH */ 2000 switch (event) { 2001 case BTA_DM_INQ_RES_EVT: { 2002 if (p_data->inq_res.p_eir) param_len += p_data->inq_res.eir_len; 2003 } break; 2004 2005 case BTA_DM_DISC_RES_EVT: { 2006 if (p_data->disc_res.raw_data_size && p_data->disc_res.p_raw_data) 2007 param_len += p_data->disc_res.raw_data_size; 2008 } break; 2009 } 2010 BTIF_TRACE_DEBUG("%s event=%s param_len=%d", __func__, 2011 dump_dm_search_event(event), param_len); 2012 2013 /* if remote name is available in EIR, set teh flag so that stack doesnt 2014 * trigger RNR */ 2015 if (event == BTA_DM_INQ_RES_EVT) 2016 p_data->inq_res.remt_name_not_required = 2017 check_eir_remote_name(p_data, NULL, NULL); 2018 2019 btif_transfer_context( 2020 btif_dm_search_devices_evt, (uint16_t)event, (char*)p_data, param_len, 2021 (param_len > sizeof(tBTA_DM_SEARCH)) ? search_devices_copy_cb : NULL); 2022 } 2023 2024 /******************************************************************************* 2025 * 2026 * Function bte_dm_search_services_evt 2027 * 2028 * Description Switches context from BTE to BTIF for DM search services 2029 * event 2030 * 2031 * Returns void 2032 * 2033 ******************************************************************************/ 2034 static void bte_dm_search_services_evt(tBTA_DM_SEARCH_EVT event, 2035 tBTA_DM_SEARCH* p_data) { 2036 uint16_t param_len = 0; 2037 if (p_data) param_len += sizeof(tBTA_DM_SEARCH); 2038 switch (event) { 2039 case BTA_DM_DISC_RES_EVT: { 2040 if ((p_data->disc_res.result == BTA_SUCCESS) && 2041 (p_data->disc_res.num_uuids > 0)) { 2042 param_len += (p_data->disc_res.num_uuids * MAX_UUID_SIZE); 2043 } 2044 } break; 2045 } 2046 /* TODO: The only other member that needs a deep copy is the p_raw_data. But 2047 * not sure 2048 * if raw_data is needed. */ 2049 btif_transfer_context( 2050 btif_dm_search_services_evt, event, (char*)p_data, param_len, 2051 (param_len > sizeof(tBTA_DM_SEARCH)) ? search_services_copy_cb : NULL); 2052 } 2053 2054 /******************************************************************************* 2055 * 2056 * Function bte_dm_remote_service_record_evt 2057 * 2058 * Description Switches context from BTE to BTIF for DM search service 2059 * record event 2060 * 2061 * Returns void 2062 * 2063 ******************************************************************************/ 2064 static void bte_dm_remote_service_record_evt(tBTA_DM_SEARCH_EVT event, 2065 tBTA_DM_SEARCH* p_data) { 2066 /* TODO: The only member that needs a deep copy is the p_raw_data. But not 2067 * sure yet if this is needed. */ 2068 btif_transfer_context(btif_dm_remote_service_record_evt, event, (char*)p_data, 2069 sizeof(tBTA_DM_SEARCH), NULL); 2070 } 2071 2072 /******************************************************************************* 2073 * 2074 * Function bta_energy_info_cb 2075 * 2076 * Description Switches context from BTE to BTIF for DM energy info event 2077 * 2078 * Returns void 2079 * 2080 ******************************************************************************/ 2081 static void bta_energy_info_cb(tBTA_DM_BLE_TX_TIME_MS tx_time, 2082 tBTA_DM_BLE_RX_TIME_MS rx_time, 2083 tBTA_DM_BLE_IDLE_TIME_MS idle_time, 2084 tBTA_DM_BLE_ENERGY_USED energy_used, 2085 tBTA_DM_CONTRL_STATE ctrl_state, 2086 tBTA_STATUS status) { 2087 BTIF_TRACE_DEBUG( 2088 "energy_info_cb-Status:%d,state=%d,tx_t=%ld, rx_t=%ld, " 2089 "idle_time=%ld,used=%ld", 2090 status, ctrl_state, tx_time, rx_time, idle_time, energy_used); 2091 2092 btif_activity_energy_info_cb_t btif_cb; 2093 btif_cb.status = status; 2094 btif_cb.ctrl_state = ctrl_state; 2095 btif_cb.tx_time = (uint64_t)tx_time; 2096 btif_cb.rx_time = (uint64_t)rx_time; 2097 btif_cb.idle_time = (uint64_t)idle_time; 2098 btif_cb.energy_used = (uint64_t)energy_used; 2099 btif_transfer_context(btif_dm_upstreams_evt, BTA_DM_ENER_INFO_READ, 2100 (char*)&btif_cb, sizeof(btif_activity_energy_info_cb_t), 2101 NULL); 2102 } 2103 2104 /* Scan filter param config event */ 2105 static void bte_scan_filt_param_cfg_evt(uint8_t ref_value, uint8_t avbl_space, 2106 uint8_t action_type, uint8_t status) { 2107 /* This event occurs on calling BTA_DmBleCfgFilterCondition internally, 2108 ** and that is why there is no HAL callback 2109 */ 2110 if (BTA_SUCCESS != status) { 2111 BTIF_TRACE_ERROR("%s, %d", __func__, status); 2112 } else { 2113 BTIF_TRACE_DEBUG("%s", __func__); 2114 } 2115 } 2116 2117 /***************************************************************************** 2118 * 2119 * btif api functions (no context switch) 2120 * 2121 ****************************************************************************/ 2122 2123 /******************************************************************************* 2124 * 2125 * Function btif_dm_start_discovery 2126 * 2127 * Description Start device discovery/inquiry 2128 * 2129 * Returns bt_status_t 2130 * 2131 ******************************************************************************/ 2132 bt_status_t btif_dm_start_discovery(void) { 2133 tBTA_DM_INQ inq_params; 2134 tBTA_SERVICE_MASK services = 0; 2135 2136 BTIF_TRACE_EVENT("%s", __func__); 2137 2138 /* Cleanup anything remaining on index 0 */ 2139 do_in_bta_thread( 2140 FROM_HERE, 2141 base::Bind(&BTM_BleAdvFilterParamSetup, BTM_BLE_SCAN_COND_DELETE, 0, 2142 nullptr, base::Bind(&bte_scan_filt_param_cfg_evt, 0))); 2143 2144 auto adv_filt_param = std::make_unique<btgatt_filt_param_setup_t>(); 2145 /* Add an allow-all filter on index 0*/ 2146 adv_filt_param->dely_mode = IMMEDIATE_DELY_MODE; 2147 adv_filt_param->feat_seln = ALLOW_ALL_FILTER; 2148 adv_filt_param->filt_logic_type = BTA_DM_BLE_PF_FILT_LOGIC_OR; 2149 adv_filt_param->list_logic_type = BTA_DM_BLE_PF_LIST_LOGIC_OR; 2150 adv_filt_param->rssi_low_thres = LOWEST_RSSI_VALUE; 2151 adv_filt_param->rssi_high_thres = LOWEST_RSSI_VALUE; 2152 do_in_bta_thread( 2153 FROM_HERE, base::Bind(&BTM_BleAdvFilterParamSetup, BTM_BLE_SCAN_COND_ADD, 2154 0, base::Passed(&adv_filt_param), 2155 base::Bind(&bte_scan_filt_param_cfg_evt, 0))); 2156 2157 /* TODO: Do we need to handle multiple inquiries at the same time? */ 2158 2159 /* Set inquiry params and call API */ 2160 inq_params.mode = BTA_DM_GENERAL_INQUIRY | BTA_BLE_GENERAL_INQUIRY; 2161 #if (BTA_HOST_INTERLEAVE_SEARCH == TRUE) 2162 inq_params.intl_duration[0] = BTIF_DM_INTERLEAVE_DURATION_BR_ONE; 2163 inq_params.intl_duration[1] = BTIF_DM_INTERLEAVE_DURATION_LE_ONE; 2164 inq_params.intl_duration[2] = BTIF_DM_INTERLEAVE_DURATION_BR_TWO; 2165 inq_params.intl_duration[3] = BTIF_DM_INTERLEAVE_DURATION_LE_TWO; 2166 #endif 2167 inq_params.duration = BTIF_DM_DEFAULT_INQ_MAX_DURATION; 2168 2169 inq_params.max_resps = BTIF_DM_DEFAULT_INQ_MAX_RESULTS; 2170 inq_params.report_dup = true; 2171 2172 inq_params.filter_type = BTA_DM_INQ_CLR; 2173 /* TODO: Filter device by BDA needs to be implemented here */ 2174 2175 /* Will be enabled to true once inquiry busy level has been received */ 2176 btif_dm_inquiry_in_progress = false; 2177 /* find nearby devices */ 2178 BTA_DmSearch(&inq_params, services, bte_search_devices_evt); 2179 2180 return BT_STATUS_SUCCESS; 2181 } 2182 2183 /******************************************************************************* 2184 * 2185 * Function btif_dm_cancel_discovery 2186 * 2187 * Description Cancels search 2188 * 2189 * Returns bt_status_t 2190 * 2191 ******************************************************************************/ 2192 bt_status_t btif_dm_cancel_discovery(void) { 2193 BTIF_TRACE_EVENT("%s", __func__); 2194 BTA_DmSearchCancel(); 2195 return BT_STATUS_SUCCESS; 2196 } 2197 2198 /******************************************************************************* 2199 * 2200 * Function btif_dm_create_bond 2201 * 2202 * Description Initiate bonding with the specified device 2203 * 2204 * Returns bt_status_t 2205 * 2206 ******************************************************************************/ 2207 bt_status_t btif_dm_create_bond(const RawAddress* bd_addr, int transport) { 2208 btif_dm_create_bond_cb_t create_bond_cb; 2209 create_bond_cb.transport = transport; 2210 create_bond_cb.bdaddr = *bd_addr; 2211 2212 BTIF_TRACE_EVENT("%s: bd_addr=%s, transport=%d", __func__, 2213 bd_addr->ToString().c_str(), transport); 2214 if (pairing_cb.state != BT_BOND_STATE_NONE) return BT_STATUS_BUSY; 2215 2216 btif_stats_add_bond_event(*bd_addr, BTIF_DM_FUNC_CREATE_BOND, 2217 pairing_cb.state); 2218 2219 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_CREATE_BOND, 2220 (char*)&create_bond_cb, 2221 sizeof(btif_dm_create_bond_cb_t), NULL); 2222 2223 return BT_STATUS_SUCCESS; 2224 } 2225 2226 /******************************************************************************* 2227 * 2228 * Function btif_dm_create_bond_out_of_band 2229 * 2230 * Description Initiate bonding with the specified device using out of band 2231 * data 2232 * 2233 * Returns bt_status_t 2234 * 2235 ******************************************************************************/ 2236 bt_status_t btif_dm_create_bond_out_of_band( 2237 const RawAddress* bd_addr, int transport, 2238 const bt_out_of_band_data_t* oob_data) { 2239 oob_cb.bdaddr = *bd_addr; 2240 memcpy(&oob_cb.oob_data, oob_data, sizeof(bt_out_of_band_data_t)); 2241 2242 uint8_t empty[] = {0, 0, 0, 0, 0, 0, 0}; 2243 // If LE Bluetooth Device Address is provided, use provided address type 2244 // value. 2245 if (memcmp(oob_data->le_bt_dev_addr, empty, 7) != 0) { 2246 /* byte no 7 is address type in LE Bluetooth Address OOB data */ 2247 uint8_t address_type = oob_data->le_bt_dev_addr[6]; 2248 if (address_type == BLE_ADDR_PUBLIC || address_type == BLE_ADDR_RANDOM) { 2249 // bd_addr->address is already reversed, so use it instead of 2250 // oob_data->le_bt_dev_addr 2251 BTM_SecAddBleDevice(*bd_addr, NULL, BT_DEVICE_TYPE_BLE, address_type); 2252 } 2253 } 2254 2255 BTIF_TRACE_EVENT("%s: bd_addr=%s, transport=%d", __func__, 2256 bd_addr->ToString().c_str(), transport); 2257 return btif_dm_create_bond(bd_addr, transport); 2258 } 2259 2260 /******************************************************************************* 2261 * 2262 * Function btif_dm_cancel_bond 2263 * 2264 * Description Initiate bonding with the specified device 2265 * 2266 * Returns bt_status_t 2267 * 2268 ******************************************************************************/ 2269 2270 bt_status_t btif_dm_cancel_bond(const RawAddress* bd_addr) { 2271 BTIF_TRACE_EVENT("%s: bd_addr=%s", __func__, bd_addr->ToString().c_str()); 2272 2273 btif_stats_add_bond_event(*bd_addr, BTIF_DM_FUNC_CANCEL_BOND, 2274 pairing_cb.state); 2275 2276 /* TODO: 2277 ** 1. Restore scan modes 2278 ** 2. special handling for HID devices 2279 */ 2280 if (pairing_cb.state == BT_BOND_STATE_BONDING) { 2281 if (pairing_cb.is_ssp) { 2282 if (pairing_cb.is_le_only) { 2283 BTA_DmBleSecurityGrant(*bd_addr, BTA_DM_SEC_PAIR_NOT_SPT); 2284 } else { 2285 BTA_DmConfirm(*bd_addr, false); 2286 BTA_DmBondCancel(*bd_addr); 2287 btif_storage_remove_bonded_device(bd_addr); 2288 } 2289 } else { 2290 if (pairing_cb.is_le_only) { 2291 BTA_DmBondCancel(*bd_addr); 2292 } else { 2293 BTA_DmPinReply(*bd_addr, false, 0, NULL); 2294 } 2295 /* Cancel bonding, in case it is in ACL connection setup state */ 2296 BTA_DmBondCancel(*bd_addr); 2297 } 2298 } 2299 2300 return BT_STATUS_SUCCESS; 2301 } 2302 2303 /******************************************************************************* 2304 * 2305 * Function btif_dm_hh_open_failed 2306 * 2307 * Description informs the upper layers if the HH have failed during 2308 * bonding 2309 * 2310 * Returns none 2311 * 2312 ******************************************************************************/ 2313 2314 void btif_dm_hh_open_failed(RawAddress* bdaddr) { 2315 if (pairing_cb.state == BT_BOND_STATE_BONDING && 2316 *bdaddr == pairing_cb.bd_addr) { 2317 bond_state_changed(BT_STATUS_FAIL, *bdaddr, BT_BOND_STATE_NONE); 2318 } 2319 } 2320 2321 /******************************************************************************* 2322 * 2323 * Function btif_dm_remove_bond 2324 * 2325 * Description Removes bonding with the specified device 2326 * 2327 * Returns bt_status_t 2328 * 2329 ******************************************************************************/ 2330 2331 bt_status_t btif_dm_remove_bond(const RawAddress* bd_addr) { 2332 BTIF_TRACE_EVENT("%s: bd_addr=%s", __func__, bd_addr->ToString().c_str()); 2333 2334 btif_stats_add_bond_event(*bd_addr, BTIF_DM_FUNC_REMOVE_BOND, 2335 pairing_cb.state); 2336 2337 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_REMOVE_BOND, 2338 (char*)bd_addr, sizeof(RawAddress), NULL); 2339 2340 return BT_STATUS_SUCCESS; 2341 } 2342 2343 /******************************************************************************* 2344 * 2345 * Function btif_dm_pin_reply 2346 * 2347 * Description BT legacy pairing - PIN code reply 2348 * 2349 * Returns bt_status_t 2350 * 2351 ******************************************************************************/ 2352 2353 bt_status_t btif_dm_pin_reply(const RawAddress* bd_addr, uint8_t accept, 2354 uint8_t pin_len, bt_pin_code_t* pin_code) { 2355 BTIF_TRACE_EVENT("%s: accept=%d", __func__, accept); 2356 if (pin_code == NULL || pin_len > PIN_CODE_LEN) return BT_STATUS_FAIL; 2357 if (pairing_cb.is_le_only) { 2358 int i; 2359 uint32_t passkey = 0; 2360 int multi[] = {100000, 10000, 1000, 100, 10, 1}; 2361 for (i = 0; i < 6; i++) { 2362 passkey += (multi[i] * (pin_code->pin[i] - '0')); 2363 } 2364 BTIF_TRACE_DEBUG("btif_dm_pin_reply: passkey: %d", passkey); 2365 BTA_DmBlePasskeyReply(*bd_addr, accept, passkey); 2366 2367 } else { 2368 BTA_DmPinReply(*bd_addr, accept, pin_len, pin_code->pin); 2369 if (accept) pairing_cb.pin_code_len = pin_len; 2370 } 2371 return BT_STATUS_SUCCESS; 2372 } 2373 2374 /******************************************************************************* 2375 * 2376 * Function btif_dm_ssp_reply 2377 * 2378 * Description BT SSP Reply - Just Works, Numeric Comparison & Passkey 2379 * Entry 2380 * 2381 * Returns bt_status_t 2382 * 2383 ******************************************************************************/ 2384 bt_status_t btif_dm_ssp_reply(const RawAddress* bd_addr, 2385 bt_ssp_variant_t variant, uint8_t accept, 2386 UNUSED_ATTR uint32_t passkey) { 2387 if (variant == BT_SSP_VARIANT_PASSKEY_ENTRY) { 2388 /* This is not implemented in the stack. 2389 * For devices with display, this is not needed 2390 */ 2391 BTIF_TRACE_WARNING("%s: Not implemented", __func__); 2392 return BT_STATUS_FAIL; 2393 } 2394 /* BT_SSP_VARIANT_CONSENT & BT_SSP_VARIANT_PASSKEY_CONFIRMATION supported */ 2395 BTIF_TRACE_EVENT("%s: accept=%d", __func__, accept); 2396 if (pairing_cb.is_le_only) { 2397 if (pairing_cb.is_le_nc) { 2398 BTA_DmBleConfirmReply(*bd_addr, accept); 2399 } else { 2400 if (accept) 2401 BTA_DmBleSecurityGrant(*bd_addr, BTA_DM_SEC_GRANTED); 2402 else 2403 BTA_DmBleSecurityGrant(*bd_addr, BTA_DM_SEC_PAIR_NOT_SPT); 2404 } 2405 } else { 2406 BTA_DmConfirm(*bd_addr, accept); 2407 } 2408 return BT_STATUS_SUCCESS; 2409 } 2410 2411 /******************************************************************************* 2412 * 2413 * Function btif_dm_get_adapter_property 2414 * 2415 * Description Queries the BTA for the adapter property 2416 * 2417 * Returns bt_status_t 2418 * 2419 ******************************************************************************/ 2420 bt_status_t btif_dm_get_adapter_property(bt_property_t* prop) { 2421 BTIF_TRACE_EVENT("%s: type=0x%x", __func__, prop->type); 2422 switch (prop->type) { 2423 case BT_PROPERTY_BDNAME: { 2424 bt_bdname_t* bd_name = (bt_bdname_t*)prop->val; 2425 strncpy((char*)bd_name->name, (char*)btif_get_default_local_name(), 2426 sizeof(bd_name->name) - 1); 2427 bd_name->name[sizeof(bd_name->name) - 1] = 0; 2428 prop->len = strlen((char*)bd_name->name); 2429 } break; 2430 2431 case BT_PROPERTY_ADAPTER_SCAN_MODE: { 2432 /* if the storage does not have it. Most likely app never set it. Default 2433 * is NONE */ 2434 bt_scan_mode_t* mode = (bt_scan_mode_t*)prop->val; 2435 *mode = BT_SCAN_MODE_NONE; 2436 prop->len = sizeof(bt_scan_mode_t); 2437 } break; 2438 2439 case BT_PROPERTY_ADAPTER_DISCOVERY_TIMEOUT: { 2440 uint32_t* tmt = (uint32_t*)prop->val; 2441 *tmt = 120; /* default to 120s, if not found in NV */ 2442 prop->len = sizeof(uint32_t); 2443 } break; 2444 2445 default: 2446 prop->len = 0; 2447 return BT_STATUS_FAIL; 2448 } 2449 return BT_STATUS_SUCCESS; 2450 } 2451 2452 /******************************************************************************* 2453 * 2454 * Function btif_dm_get_remote_services 2455 * 2456 * Description Start SDP to get remote services 2457 * 2458 * Returns bt_status_t 2459 * 2460 ******************************************************************************/ 2461 bt_status_t btif_dm_get_remote_services(const RawAddress& remote_addr) { 2462 BTIF_TRACE_EVENT("%s: bd_addr=%s", __func__, remote_addr.ToString().c_str()); 2463 2464 BTA_DmDiscover(remote_addr, BTA_ALL_SERVICE_MASK, bte_dm_search_services_evt, 2465 true); 2466 2467 return BT_STATUS_SUCCESS; 2468 } 2469 2470 /******************************************************************************* 2471 * 2472 * Function btif_dm_get_remote_services_transport 2473 * 2474 * Description Start SDP to get remote services by transport 2475 * 2476 * Returns bt_status_t 2477 * 2478 ******************************************************************************/ 2479 bt_status_t btif_dm_get_remote_services_by_transport(RawAddress* remote_addr, 2480 const int transport) { 2481 BTIF_TRACE_EVENT("%s", __func__); 2482 2483 /* Set the mask extension */ 2484 tBTA_SERVICE_MASK_EXT mask_ext; 2485 mask_ext.num_uuid = 0; 2486 mask_ext.p_uuid = NULL; 2487 mask_ext.srvc_mask = BTA_ALL_SERVICE_MASK; 2488 2489 BTA_DmDiscoverByTransport(*remote_addr, &mask_ext, bte_dm_search_services_evt, 2490 true, transport); 2491 2492 return BT_STATUS_SUCCESS; 2493 } 2494 2495 /******************************************************************************* 2496 * 2497 * Function btif_dm_get_remote_service_record 2498 * 2499 * Description Start SDP to get remote service record 2500 * 2501 * 2502 * Returns bt_status_t 2503 ******************************************************************************/ 2504 bt_status_t btif_dm_get_remote_service_record(RawAddress* remote_addr, 2505 bt_uuid_t* uuid) { 2506 BTIF_TRACE_EVENT("%s: bd_addr=%s", __func__, remote_addr->ToString().c_str()); 2507 2508 tSDP_UUID sdp_uuid; 2509 sdp_uuid.len = MAX_UUID_SIZE; 2510 memcpy(sdp_uuid.uu.uuid128, uuid->uu, MAX_UUID_SIZE); 2511 2512 BTA_DmDiscoverUUID(*remote_addr, &sdp_uuid, bte_dm_remote_service_record_evt, 2513 true); 2514 2515 return BT_STATUS_SUCCESS; 2516 } 2517 2518 void btif_dm_execute_service_request(uint16_t event, char* p_param) { 2519 bool b_enable = false; 2520 bt_status_t status; 2521 if (event == BTIF_DM_ENABLE_SERVICE) { 2522 b_enable = true; 2523 } 2524 status = 2525 btif_in_execute_service_request(*((tBTA_SERVICE_ID*)p_param), b_enable); 2526 if (status == BT_STATUS_SUCCESS) { 2527 bt_property_t property; 2528 bt_uuid_t local_uuids[BT_MAX_NUM_UUIDS]; 2529 2530 /* Now send the UUID_PROPERTY_CHANGED event to the upper layer */ 2531 BTIF_STORAGE_FILL_PROPERTY(&property, BT_PROPERTY_UUIDS, 2532 sizeof(local_uuids), local_uuids); 2533 btif_storage_get_adapter_property(&property); 2534 HAL_CBACK(bt_hal_cbacks, adapter_properties_cb, BT_STATUS_SUCCESS, 1, 2535 &property); 2536 } 2537 return; 2538 } 2539 2540 void btif_dm_proc_io_req(UNUSED_ATTR const RawAddress& bd_addr, 2541 UNUSED_ATTR tBTA_IO_CAP* p_io_cap, 2542 UNUSED_ATTR tBTA_OOB_DATA* p_oob_data, 2543 tBTA_AUTH_REQ* p_auth_req, bool is_orig) { 2544 uint8_t yes_no_bit = BTA_AUTH_SP_YES & *p_auth_req; 2545 /* if local initiated: 2546 ** 1. set DD + MITM 2547 ** if remote initiated: 2548 ** 1. Copy over the auth_req from peer's io_rsp 2549 ** 2. Set the MITM if peer has it set or if peer has DisplayYesNo 2550 *(iPhone) 2551 ** as a fallback set MITM+GB if peer had MITM set 2552 */ 2553 2554 BTIF_TRACE_DEBUG("+%s: p_auth_req=%d", __func__, *p_auth_req); 2555 if (pairing_cb.is_local_initiated) { 2556 /* if initing/responding to a dedicated bonding, use dedicate bonding bit */ 2557 *p_auth_req = BTA_AUTH_DD_BOND | BTA_AUTH_SP_YES; 2558 } else if (!is_orig) { 2559 /* peer initiated paring. They probably know what they want. 2560 ** Copy the mitm from peer device. 2561 */ 2562 BTIF_TRACE_DEBUG("%s: setting p_auth_req to peer's: %d", __func__, 2563 pairing_cb.auth_req); 2564 *p_auth_req = (pairing_cb.auth_req & BTA_AUTH_BONDS); 2565 2566 /* copy over the MITM bit as well. In addition if the peer has DisplayYesNo, 2567 * force MITM */ 2568 if ((yes_no_bit) || (pairing_cb.io_cap & BTM_IO_CAP_IO)) 2569 *p_auth_req |= BTA_AUTH_SP_YES; 2570 } else if (yes_no_bit) { 2571 /* set the general bonding bit for stored device */ 2572 *p_auth_req = BTA_AUTH_GEN_BOND | yes_no_bit; 2573 } 2574 BTIF_TRACE_DEBUG("-%s: p_auth_req=%d", __func__, *p_auth_req); 2575 } 2576 2577 void btif_dm_proc_io_rsp(UNUSED_ATTR const RawAddress& bd_addr, 2578 tBTA_IO_CAP io_cap, UNUSED_ATTR tBTA_OOB_DATA oob_data, 2579 tBTA_AUTH_REQ auth_req) { 2580 if (auth_req & BTA_AUTH_BONDS) { 2581 BTIF_TRACE_DEBUG("%s auth_req:%d", __func__, auth_req); 2582 pairing_cb.auth_req = auth_req; 2583 pairing_cb.io_cap = io_cap; 2584 } 2585 } 2586 2587 void btif_dm_set_oob_for_io_req(tBTA_OOB_DATA* p_has_oob_data) { 2588 if (is_empty_128bit(oob_cb.oob_data.c192)) { 2589 *p_has_oob_data = false; 2590 } else { 2591 *p_has_oob_data = true; 2592 } 2593 BTIF_TRACE_DEBUG("%s: *p_has_oob_data=%d", __func__, *p_has_oob_data); 2594 } 2595 2596 void btif_dm_set_oob_for_le_io_req(const RawAddress& bd_addr, 2597 tBTA_OOB_DATA* p_has_oob_data, 2598 tBTA_LE_AUTH_REQ* p_auth_req) { 2599 if (!is_empty_128bit(oob_cb.oob_data.le_sc_c) && 2600 !is_empty_128bit(oob_cb.oob_data.le_sc_r)) { 2601 /* We have LE SC OOB data */ 2602 2603 /* make sure OOB data is for this particular device */ 2604 if (bd_addr == oob_cb.bdaddr) { 2605 *p_auth_req = ((*p_auth_req) | BTM_LE_AUTH_REQ_SC_ONLY); 2606 *p_has_oob_data = true; 2607 } else { 2608 *p_has_oob_data = false; 2609 BTIF_TRACE_WARNING("%s: remote address didn't match OOB data address", 2610 __func__); 2611 } 2612 } else if (!is_empty_128bit(oob_cb.oob_data.sm_tk)) { 2613 /* We have security manager TK */ 2614 2615 /* make sure OOB data is for this particular device */ 2616 if (bd_addr == oob_cb.bdaddr) { 2617 // When using OOB with TK, SC Secure Connections bit must be disabled. 2618 tBTA_LE_AUTH_REQ mask = ~BTM_LE_AUTH_REQ_SC_ONLY; 2619 *p_auth_req = ((*p_auth_req) & mask); 2620 2621 *p_has_oob_data = true; 2622 } else { 2623 *p_has_oob_data = false; 2624 BTIF_TRACE_WARNING("%s: remote address didn't match OOB data address", 2625 __func__); 2626 } 2627 } else { 2628 *p_has_oob_data = false; 2629 } 2630 BTIF_TRACE_DEBUG("%s *p_has_oob_data=%d", __func__, *p_has_oob_data); 2631 } 2632 2633 #ifdef BTIF_DM_OOB_TEST 2634 void btif_dm_load_local_oob(void) { 2635 char prop_oob[PROPERTY_VALUE_MAX]; 2636 osi_property_get("service.brcm.bt.oob", prop_oob, "3"); 2637 BTIF_TRACE_DEBUG("%s: prop_oob = %s", __func__, prop_oob); 2638 if (prop_oob[0] != '3') { 2639 if (is_empty_128bit(oob_cb.oob_data.c192)) { 2640 BTIF_TRACE_DEBUG("%s: read OOB, call BTA_DmLocalOob()", __func__); 2641 BTA_DmLocalOob(); 2642 } 2643 } 2644 } 2645 2646 void btif_dm_proc_loc_oob(bool valid, BT_OCTET16 c, BT_OCTET16 r) { 2647 FILE* fp; 2648 const char* path_a = "/data/misc/bluedroid/LOCAL/a.key"; 2649 const char* path_b = "/data/misc/bluedroid/LOCAL/b.key"; 2650 const char* path = NULL; 2651 char prop_oob[PROPERTY_VALUE_MAX]; 2652 BTIF_TRACE_DEBUG("%s: valid=%d", __func__, valid); 2653 if (is_empty_128bit(oob_cb.oob_data.c192) && valid) { 2654 BTIF_TRACE_DEBUG("save local OOB data in memory"); 2655 memcpy(oob_cb.oob_data.c192, c, BT_OCTET16_LEN); 2656 memcpy(oob_cb.oob_data.r192, r, BT_OCTET16_LEN); 2657 osi_property_get("service.brcm.bt.oob", prop_oob, "3"); 2658 BTIF_TRACE_DEBUG("%s: prop_oob = %s", __func__, prop_oob); 2659 if (prop_oob[0] == '1') 2660 path = path_a; 2661 else if (prop_oob[0] == '2') 2662 path = path_b; 2663 if (path) { 2664 fp = fopen(path, "wb+"); 2665 if (fp == NULL) { 2666 BTIF_TRACE_DEBUG("%s: failed to save local OOB data to %s", __func__, 2667 path); 2668 } else { 2669 BTIF_TRACE_DEBUG("%s: save local OOB data into file %s", __func__, 2670 path); 2671 fwrite(c, 1, BT_OCTET16_LEN, fp); 2672 fwrite(r, 1, BT_OCTET16_LEN, fp); 2673 fclose(fp); 2674 } 2675 } 2676 } 2677 } 2678 2679 /******************************************************************************* 2680 * 2681 * Function btif_dm_get_smp_config 2682 * 2683 * Description Retrieve the SMP pairing options from the bt_stack.conf 2684 * file. To provide specific pairing options for the host 2685 * add a node with label "SmpOptions" to the config file 2686 * and assign it a comma separated list of 5 values in the 2687 * format: auth, io, ikey, rkey, ksize, oob 2688 * eg: PTS_SmpOptions=0xD,0x4,0xf,0xf,0x10 2689 * 2690 * Parameters: tBTE_APPL_CFG*: pointer to struct defining pairing options 2691 * 2692 * Returns true if the options were successfully read, else false 2693 * 2694 ******************************************************************************/ 2695 bool btif_dm_get_smp_config(tBTE_APPL_CFG* p_cfg) { 2696 if (!stack_config_get_interface()->get_pts_smp_options()) { 2697 BTIF_TRACE_DEBUG("%s: SMP options not found in configuration", __func__); 2698 return false; 2699 } 2700 2701 char conf[64]; 2702 const char* recv = stack_config_get_interface()->get_pts_smp_options(); 2703 char* pch; 2704 char* endptr; 2705 2706 strncpy(conf, recv, 64); 2707 conf[63] = 0; // null terminate 2708 2709 pch = strtok(conf, ","); 2710 if (pch != NULL) 2711 p_cfg->ble_auth_req = (uint8_t)strtoul(pch, &endptr, 16); 2712 else 2713 return false; 2714 2715 pch = strtok(NULL, ","); 2716 if (pch != NULL) 2717 p_cfg->ble_io_cap = (uint8_t)strtoul(pch, &endptr, 16); 2718 else 2719 return false; 2720 2721 pch = strtok(NULL, ","); 2722 if (pch != NULL) 2723 p_cfg->ble_init_key = (uint8_t)strtoul(pch, &endptr, 16); 2724 else 2725 return false; 2726 2727 pch = strtok(NULL, ","); 2728 if (pch != NULL) 2729 p_cfg->ble_resp_key = (uint8_t)strtoul(pch, &endptr, 16); 2730 else 2731 return false; 2732 2733 pch = strtok(NULL, ","); 2734 if (pch != NULL) 2735 p_cfg->ble_max_key_size = (uint8_t)strtoul(pch, &endptr, 16); 2736 else 2737 return false; 2738 2739 return true; 2740 } 2741 2742 bool btif_dm_proc_rmt_oob(const RawAddress& bd_addr, BT_OCTET16 p_c, 2743 BT_OCTET16 p_r) { 2744 const char* path_a = "/data/misc/bluedroid/LOCAL/a.key"; 2745 const char* path_b = "/data/misc/bluedroid/LOCAL/b.key"; 2746 const char* path = NULL; 2747 char prop_oob[PROPERTY_VALUE_MAX]; 2748 osi_property_get("service.brcm.bt.oob", prop_oob, "3"); 2749 BTIF_TRACE_DEBUG("%s: prop_oob = %s", __func__, prop_oob); 2750 if (prop_oob[0] == '1') 2751 path = path_b; 2752 else if (prop_oob[0] == '2') 2753 path = path_a; 2754 if (!path) { 2755 BTIF_TRACE_DEBUG("%s: can't open path!", __func__); 2756 return false; 2757 } 2758 2759 FILE* fp = fopen(path, "rb"); 2760 if (fp == NULL) { 2761 BTIF_TRACE_DEBUG("%s: failed to read OOB keys from %s", __func__, path); 2762 return false; 2763 } 2764 2765 BTIF_TRACE_DEBUG("%s: read OOB data from %s", __func__, path); 2766 fread(p_c, 1, BT_OCTET16_LEN, fp); 2767 fread(p_r, 1, BT_OCTET16_LEN, fp); 2768 fclose(fp); 2769 2770 RawAddress bt_bd_addr = bd_addr; 2771 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_BOND_STATE_BONDING, 2772 (char*)&bt_bd_addr, sizeof(RawAddress), NULL); 2773 return true; 2774 } 2775 #endif /* BTIF_DM_OOB_TEST */ 2776 2777 static void btif_dm_ble_key_notif_evt(tBTA_DM_SP_KEY_NOTIF* p_ssp_key_notif) { 2778 RawAddress bd_addr; 2779 bt_bdname_t bd_name; 2780 uint32_t cod; 2781 int dev_type; 2782 2783 BTIF_TRACE_DEBUG("%s", __func__); 2784 2785 /* Remote name update */ 2786 if (!btif_get_device_type(p_ssp_key_notif->bd_addr, &dev_type)) { 2787 dev_type = BT_DEVICE_TYPE_BLE; 2788 } 2789 btif_dm_update_ble_remote_properties(p_ssp_key_notif->bd_addr, 2790 p_ssp_key_notif->bd_name, 2791 (tBT_DEVICE_TYPE)dev_type); 2792 bd_addr = p_ssp_key_notif->bd_addr; 2793 memcpy(bd_name.name, p_ssp_key_notif->bd_name, BD_NAME_LEN); 2794 2795 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 2796 pairing_cb.is_ssp = false; 2797 cod = COD_UNCLASSIFIED; 2798 2799 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod, 2800 BT_SSP_VARIANT_PASSKEY_NOTIFICATION, p_ssp_key_notif->passkey); 2801 } 2802 2803 /******************************************************************************* 2804 * 2805 * Function btif_dm_ble_auth_cmpl_evt 2806 * 2807 * Description Executes authentication complete event in btif context 2808 * 2809 * Returns void 2810 * 2811 ******************************************************************************/ 2812 static void btif_dm_ble_auth_cmpl_evt(tBTA_DM_AUTH_CMPL* p_auth_cmpl) { 2813 /* Save link key, if not temporary */ 2814 bt_status_t status = BT_STATUS_FAIL; 2815 bt_bond_state_t state = BT_BOND_STATE_NONE; 2816 2817 RawAddress bd_addr = p_auth_cmpl->bd_addr; 2818 2819 /* Clear OOB data */ 2820 memset(&oob_cb, 0, sizeof(oob_cb)); 2821 2822 if ((p_auth_cmpl->success == true) && (p_auth_cmpl->key_present)) { 2823 /* store keys */ 2824 } 2825 if (p_auth_cmpl->success) { 2826 status = BT_STATUS_SUCCESS; 2827 state = BT_BOND_STATE_BONDED; 2828 int addr_type; 2829 RawAddress bdaddr = p_auth_cmpl->bd_addr; 2830 if (btif_storage_get_remote_addr_type(&bdaddr, &addr_type) != 2831 BT_STATUS_SUCCESS) 2832 btif_storage_set_remote_addr_type(&bdaddr, p_auth_cmpl->addr_type); 2833 2834 /* Test for temporary bonding */ 2835 if (btm_get_bond_type_dev(p_auth_cmpl->bd_addr) == BOND_TYPE_TEMPORARY) { 2836 BTIF_TRACE_DEBUG("%s: sending BT_BOND_STATE_NONE for Temp pairing", 2837 __func__); 2838 btif_storage_remove_bonded_device(&bdaddr); 2839 state = BT_BOND_STATE_NONE; 2840 } else { 2841 btif_dm_save_ble_bonding_keys(); 2842 BTA_GATTC_Refresh(bd_addr); 2843 btif_dm_get_remote_services_by_transport(&bd_addr, BTA_GATT_TRANSPORT_LE); 2844 } 2845 } else { 2846 /*Map the HCI fail reason to bt status */ 2847 switch (p_auth_cmpl->fail_reason) { 2848 case BTA_DM_AUTH_SMP_PAIR_AUTH_FAIL: 2849 case BTA_DM_AUTH_SMP_CONFIRM_VALUE_FAIL: 2850 case BTA_DM_AUTH_SMP_UNKNOWN_ERR: 2851 case BTA_DM_AUTH_SMP_CONN_TOUT: 2852 btif_dm_remove_ble_bonding_keys(); 2853 status = BT_STATUS_AUTH_FAILURE; 2854 break; 2855 case BTA_DM_AUTH_SMP_PAIR_NOT_SUPPORT: 2856 status = BT_STATUS_AUTH_REJECTED; 2857 break; 2858 default: 2859 btif_dm_remove_ble_bonding_keys(); 2860 status = BT_STATUS_FAIL; 2861 break; 2862 } 2863 } 2864 bond_state_changed(status, bd_addr, state); 2865 } 2866 2867 void btif_dm_load_ble_local_keys(void) { 2868 memset(&ble_local_key_cb, 0, sizeof(btif_dm_local_key_cb_t)); 2869 2870 if (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_ER, 2871 (char*)&ble_local_key_cb.er[0], 2872 BT_OCTET16_LEN) == BT_STATUS_SUCCESS) { 2873 ble_local_key_cb.is_er_rcvd = true; 2874 BTIF_TRACE_DEBUG("%s BLE ER key loaded", __func__); 2875 } 2876 2877 if ((btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_IR, 2878 (char*)&ble_local_key_cb.id_keys.ir[0], 2879 BT_OCTET16_LEN) == BT_STATUS_SUCCESS) && 2880 (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_IRK, 2881 (char*)&ble_local_key_cb.id_keys.irk[0], 2882 BT_OCTET16_LEN) == BT_STATUS_SUCCESS) && 2883 (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_DHK, 2884 (char*)&ble_local_key_cb.id_keys.dhk[0], 2885 BT_OCTET16_LEN) == BT_STATUS_SUCCESS)) { 2886 ble_local_key_cb.is_id_keys_rcvd = true; 2887 BTIF_TRACE_DEBUG("%s BLE ID keys loaded", __func__); 2888 } 2889 } 2890 void btif_dm_get_ble_local_keys(tBTA_DM_BLE_LOCAL_KEY_MASK* p_key_mask, 2891 BT_OCTET16 er, 2892 tBTA_BLE_LOCAL_ID_KEYS* p_id_keys) { 2893 if (ble_local_key_cb.is_er_rcvd) { 2894 memcpy(&er[0], &ble_local_key_cb.er[0], sizeof(BT_OCTET16)); 2895 *p_key_mask |= BTA_BLE_LOCAL_KEY_TYPE_ER; 2896 } 2897 2898 if (ble_local_key_cb.is_id_keys_rcvd) { 2899 memcpy(&p_id_keys->ir[0], &ble_local_key_cb.id_keys.ir[0], 2900 sizeof(BT_OCTET16)); 2901 memcpy(&p_id_keys->irk[0], &ble_local_key_cb.id_keys.irk[0], 2902 sizeof(BT_OCTET16)); 2903 memcpy(&p_id_keys->dhk[0], &ble_local_key_cb.id_keys.dhk[0], 2904 sizeof(BT_OCTET16)); 2905 *p_key_mask |= BTA_BLE_LOCAL_KEY_TYPE_ID; 2906 } 2907 BTIF_TRACE_DEBUG("%s *p_key_mask=0x%02x", __func__, *p_key_mask); 2908 } 2909 2910 void btif_dm_save_ble_bonding_keys(void) { 2911 BTIF_TRACE_DEBUG("%s", __func__); 2912 2913 RawAddress bd_addr = pairing_cb.bd_addr; 2914 2915 if (pairing_cb.ble.is_penc_key_rcvd) { 2916 btif_storage_add_ble_bonding_key(&bd_addr, (char*)&pairing_cb.ble.penc_key, 2917 BTIF_DM_LE_KEY_PENC, 2918 sizeof(tBTM_LE_PENC_KEYS)); 2919 } 2920 2921 if (pairing_cb.ble.is_pid_key_rcvd) { 2922 btif_storage_add_ble_bonding_key(&bd_addr, (char*)&pairing_cb.ble.pid_key, 2923 BTIF_DM_LE_KEY_PID, 2924 sizeof(tBTM_LE_PID_KEYS)); 2925 } 2926 2927 if (pairing_cb.ble.is_pcsrk_key_rcvd) { 2928 btif_storage_add_ble_bonding_key(&bd_addr, (char*)&pairing_cb.ble.pcsrk_key, 2929 BTIF_DM_LE_KEY_PCSRK, 2930 sizeof(tBTM_LE_PCSRK_KEYS)); 2931 } 2932 2933 if (pairing_cb.ble.is_lenc_key_rcvd) { 2934 btif_storage_add_ble_bonding_key(&bd_addr, (char*)&pairing_cb.ble.lenc_key, 2935 BTIF_DM_LE_KEY_LENC, 2936 sizeof(tBTM_LE_LENC_KEYS)); 2937 } 2938 2939 if (pairing_cb.ble.is_lcsrk_key_rcvd) { 2940 btif_storage_add_ble_bonding_key(&bd_addr, (char*)&pairing_cb.ble.lcsrk_key, 2941 BTIF_DM_LE_KEY_LCSRK, 2942 sizeof(tBTM_LE_LCSRK_KEYS)); 2943 } 2944 2945 if (pairing_cb.ble.is_lidk_key_rcvd) { 2946 btif_storage_add_ble_bonding_key(&bd_addr, NULL, BTIF_DM_LE_KEY_LID, 0); 2947 } 2948 } 2949 2950 void btif_dm_remove_ble_bonding_keys(void) { 2951 BTIF_TRACE_DEBUG("%s", __func__); 2952 2953 RawAddress bd_addr = pairing_cb.bd_addr; 2954 btif_storage_remove_ble_bonding_keys(&bd_addr); 2955 } 2956 2957 /******************************************************************************* 2958 * 2959 * Function btif_dm_ble_sec_req_evt 2960 * 2961 * Description Eprocess security request event in btif context 2962 * 2963 * Returns void 2964 * 2965 ******************************************************************************/ 2966 void btif_dm_ble_sec_req_evt(tBTA_DM_BLE_SEC_REQ* p_ble_req) { 2967 bt_bdname_t bd_name; 2968 uint32_t cod; 2969 int dev_type; 2970 2971 BTIF_TRACE_DEBUG("%s", __func__); 2972 2973 if (pairing_cb.state == BT_BOND_STATE_BONDING) { 2974 BTIF_TRACE_DEBUG("%s Discard security request", __func__); 2975 return; 2976 } 2977 2978 /* Remote name update */ 2979 if (!btif_get_device_type(p_ble_req->bd_addr, &dev_type)) { 2980 dev_type = BT_DEVICE_TYPE_BLE; 2981 } 2982 btif_dm_update_ble_remote_properties(p_ble_req->bd_addr, p_ble_req->bd_name, 2983 (tBT_DEVICE_TYPE)dev_type); 2984 2985 RawAddress bd_addr = p_ble_req->bd_addr; 2986 memcpy(bd_name.name, p_ble_req->bd_name, BD_NAME_LEN); 2987 2988 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 2989 2990 pairing_cb.bond_type = BOND_TYPE_PERSISTENT; 2991 pairing_cb.is_le_only = true; 2992 pairing_cb.is_le_nc = false; 2993 pairing_cb.is_ssp = true; 2994 btm_set_bond_type_dev(p_ble_req->bd_addr, pairing_cb.bond_type); 2995 2996 cod = COD_UNCLASSIFIED; 2997 2998 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod, 2999 BT_SSP_VARIANT_CONSENT, 0); 3000 } 3001 3002 /******************************************************************************* 3003 * 3004 * Function btif_dm_ble_passkey_req_evt 3005 * 3006 * Description Executes pin request event in btif context 3007 * 3008 * Returns void 3009 * 3010 ******************************************************************************/ 3011 static void btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ* p_pin_req) { 3012 bt_bdname_t bd_name; 3013 uint32_t cod; 3014 int dev_type; 3015 3016 /* Remote name update */ 3017 if (!btif_get_device_type(p_pin_req->bd_addr, &dev_type)) { 3018 dev_type = BT_DEVICE_TYPE_BLE; 3019 } 3020 btif_dm_update_ble_remote_properties(p_pin_req->bd_addr, p_pin_req->bd_name, 3021 (tBT_DEVICE_TYPE)dev_type); 3022 3023 RawAddress bd_addr = p_pin_req->bd_addr; 3024 memcpy(bd_name.name, p_pin_req->bd_name, BD_NAME_LEN); 3025 3026 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 3027 pairing_cb.is_le_only = true; 3028 3029 cod = COD_UNCLASSIFIED; 3030 3031 HAL_CBACK(bt_hal_cbacks, pin_request_cb, &bd_addr, &bd_name, cod, false); 3032 } 3033 static void btif_dm_ble_key_nc_req_evt(tBTA_DM_SP_KEY_NOTIF* p_notif_req) { 3034 /* TODO implement key notification for numeric comparison */ 3035 BTIF_TRACE_DEBUG("%s", __func__); 3036 3037 /* Remote name update */ 3038 btif_update_remote_properties(p_notif_req->bd_addr, p_notif_req->bd_name, 3039 NULL, BT_DEVICE_TYPE_BLE); 3040 3041 RawAddress bd_addr = p_notif_req->bd_addr; 3042 3043 bt_bdname_t bd_name; 3044 memcpy(bd_name.name, p_notif_req->bd_name, BD_NAME_LEN); 3045 3046 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 3047 pairing_cb.is_ssp = false; 3048 pairing_cb.is_le_only = true; 3049 pairing_cb.is_le_nc = true; 3050 3051 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, COD_UNCLASSIFIED, 3052 BT_SSP_VARIANT_PASSKEY_CONFIRMATION, p_notif_req->passkey); 3053 } 3054 3055 static void btif_dm_ble_oob_req_evt(tBTA_DM_SP_RMT_OOB* req_oob_type) { 3056 BTIF_TRACE_DEBUG("%s", __func__); 3057 3058 RawAddress bd_addr = req_oob_type->bd_addr; 3059 /* We already checked if OOB data is present in 3060 * btif_dm_set_oob_for_le_io_req, but check here again. If it's not present 3061 * do nothing, pairing will timeout. 3062 */ 3063 if (is_empty_128bit(oob_cb.oob_data.sm_tk)) { 3064 return; 3065 } 3066 3067 /* make sure OOB data is for this particular device */ 3068 if (req_oob_type->bd_addr != oob_cb.bdaddr) { 3069 BTIF_TRACE_WARNING("%s: remote address didn't match OOB data address", 3070 __func__); 3071 return; 3072 } 3073 3074 /* Remote name update */ 3075 btif_update_remote_properties(req_oob_type->bd_addr, req_oob_type->bd_name, 3076 NULL, BT_DEVICE_TYPE_BLE); 3077 3078 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 3079 pairing_cb.is_ssp = false; 3080 pairing_cb.is_le_only = true; 3081 pairing_cb.is_le_nc = false; 3082 3083 BTM_BleOobDataReply(req_oob_type->bd_addr, 0, 16, oob_cb.oob_data.sm_tk); 3084 } 3085 3086 static void btif_dm_ble_sc_oob_req_evt(tBTA_DM_SP_RMT_OOB* req_oob_type) { 3087 BTIF_TRACE_DEBUG("%s", __func__); 3088 3089 RawAddress bd_addr = req_oob_type->bd_addr; 3090 3091 /* We already checked if OOB data is present in 3092 * btif_dm_set_oob_for_le_io_req, but check here again. If it's not present 3093 * do nothing, pairing will timeout. 3094 */ 3095 if (is_empty_128bit(oob_cb.oob_data.le_sc_c) && 3096 is_empty_128bit(oob_cb.oob_data.le_sc_r)) { 3097 BTIF_TRACE_WARNING("%s: LE SC OOB data is empty", __func__); 3098 return; 3099 } 3100 3101 /* make sure OOB data is for this particular device */ 3102 if (req_oob_type->bd_addr != oob_cb.bdaddr) { 3103 BTIF_TRACE_WARNING("%s: remote address didn't match OOB data address", 3104 __func__); 3105 return; 3106 } 3107 3108 /* Remote name update */ 3109 btif_update_remote_properties(req_oob_type->bd_addr, req_oob_type->bd_name, 3110 NULL, BT_DEVICE_TYPE_BLE); 3111 3112 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 3113 pairing_cb.is_ssp = false; 3114 pairing_cb.is_le_only = 3115 true; // TODO: we can derive classic pairing from this one 3116 pairing_cb.is_le_nc = false; 3117 3118 BTM_BleSecureConnectionOobDataReply( 3119 req_oob_type->bd_addr, oob_cb.oob_data.le_sc_c, oob_cb.oob_data.le_sc_r); 3120 } 3121 3122 void btif_dm_update_ble_remote_properties(const RawAddress& bd_addr, 3123 BD_NAME bd_name, 3124 tBT_DEVICE_TYPE dev_type) { 3125 btif_update_remote_properties(bd_addr, bd_name, NULL, dev_type); 3126 } 3127 3128 static void btif_dm_ble_tx_test_cback(void* p) { 3129 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_TX_TEST, (char*)p, 1, 3130 NULL); 3131 } 3132 3133 static void btif_dm_ble_rx_test_cback(void* p) { 3134 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_RX_TEST, (char*)p, 1, 3135 NULL); 3136 } 3137 3138 static void btif_dm_ble_test_end_cback(void* p) { 3139 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_TEST_END, (char*)p, 3140 3, NULL); 3141 } 3142 /******************************************************************************* 3143 * 3144 * Function btif_le_test_mode 3145 * 3146 * Description Sends a HCI BLE Test command to the Controller 3147 * 3148 * Returns BT_STATUS_SUCCESS on success 3149 * 3150 ******************************************************************************/ 3151 bt_status_t btif_le_test_mode(uint16_t opcode, uint8_t* buf, uint8_t len) { 3152 switch (opcode) { 3153 case HCI_BLE_TRANSMITTER_TEST: 3154 if (len != 3) return BT_STATUS_PARM_INVALID; 3155 BTM_BleTransmitterTest(buf[0], buf[1], buf[2], btif_dm_ble_tx_test_cback); 3156 break; 3157 case HCI_BLE_RECEIVER_TEST: 3158 if (len != 1) return BT_STATUS_PARM_INVALID; 3159 BTM_BleReceiverTest(buf[0], btif_dm_ble_rx_test_cback); 3160 break; 3161 case HCI_BLE_TEST_END: 3162 BTM_BleTestEnd((tBTM_CMPL_CB*)btif_dm_ble_test_end_cback); 3163 break; 3164 default: 3165 BTIF_TRACE_ERROR("%s: Unknown LE Test Mode Command 0x%x", __func__, 3166 opcode); 3167 return BT_STATUS_UNSUPPORTED; 3168 } 3169 return BT_STATUS_SUCCESS; 3170 } 3171 3172 void btif_dm_on_disable() { 3173 /* cancel any pending pairing requests */ 3174 if (pairing_cb.state == BT_BOND_STATE_BONDING) { 3175 BTIF_TRACE_DEBUG("%s: Cancel pending pairing request", __func__); 3176 btif_dm_cancel_bond(&pairing_cb.bd_addr); 3177 } 3178 } 3179 3180 /******************************************************************************* 3181 * 3182 * Function btif_dm_read_energy_info 3183 * 3184 * Description Reads the energy info from controller 3185 * 3186 * Returns void 3187 * 3188 ******************************************************************************/ 3189 void btif_dm_read_energy_info() { BTA_DmBleGetEnergyInfo(bta_energy_info_cb); } 3190 3191 static char* btif_get_default_local_name() { 3192 if (btif_default_local_name[0] == '\0') { 3193 int max_len = sizeof(btif_default_local_name) - 1; 3194 if (BTM_DEF_LOCAL_NAME[0] != '\0') { 3195 strncpy(btif_default_local_name, BTM_DEF_LOCAL_NAME, max_len); 3196 } else { 3197 char prop_model[PROPERTY_VALUE_MAX]; 3198 osi_property_get(PROPERTY_PRODUCT_MODEL, prop_model, ""); 3199 strncpy(btif_default_local_name, prop_model, max_len); 3200 } 3201 btif_default_local_name[max_len] = '\0'; 3202 } 3203 return btif_default_local_name; 3204 } 3205 3206 static void btif_stats_add_bond_event(const RawAddress& bd_addr, 3207 bt_bond_function_t function, 3208 bt_bond_state_t state) { 3209 std::unique_lock<std::mutex> lock(bond_event_lock); 3210 3211 btif_bond_event_t* event = &btif_dm_bond_events[btif_events_end_index]; 3212 event->bd_addr = bd_addr; 3213 event->function = function; 3214 event->state = state; 3215 clock_gettime(CLOCK_REALTIME, &event->timestamp); 3216 3217 btif_num_bond_events++; 3218 btif_events_end_index = 3219 (btif_events_end_index + 1) % (MAX_BTIF_BOND_EVENT_ENTRIES + 1); 3220 if (btif_events_end_index == btif_events_start_index) { 3221 btif_events_start_index = 3222 (btif_events_start_index + 1) % (MAX_BTIF_BOND_EVENT_ENTRIES + 1); 3223 } 3224 3225 int type; 3226 btif_get_device_type(bd_addr, &type); 3227 3228 system_bt_osi::device_type_t device_type; 3229 switch (type) { 3230 case BT_DEVICE_TYPE_BREDR: 3231 device_type = system_bt_osi::DEVICE_TYPE_BREDR; 3232 break; 3233 case BT_DEVICE_TYPE_BLE: 3234 device_type = system_bt_osi::DEVICE_TYPE_LE; 3235 break; 3236 case BT_DEVICE_TYPE_DUMO: 3237 device_type = system_bt_osi::DEVICE_TYPE_DUMO; 3238 break; 3239 default: 3240 device_type = system_bt_osi::DEVICE_TYPE_UNKNOWN; 3241 break; 3242 } 3243 3244 uint32_t cod = get_cod(&bd_addr); 3245 uint64_t ts = 3246 event->timestamp.tv_sec * 1000 + event->timestamp.tv_nsec / 1000000; 3247 system_bt_osi::BluetoothMetricsLogger::GetInstance()->LogPairEvent( 3248 0, ts, cod, device_type); 3249 } 3250 3251 void btif_debug_bond_event_dump(int fd) { 3252 std::unique_lock<std::mutex> lock(bond_event_lock); 3253 dprintf(fd, "\nBond Events: \n"); 3254 dprintf(fd, " Total Number of events: %zu\n", btif_num_bond_events); 3255 if (btif_num_bond_events > 0) 3256 dprintf(fd, 3257 " Time address Function State\n"); 3258 3259 for (size_t i = btif_events_start_index; i != btif_events_end_index; 3260 i = (i + 1) % (MAX_BTIF_BOND_EVENT_ENTRIES + 1)) { 3261 btif_bond_event_t* event = &btif_dm_bond_events[i]; 3262 3263 char eventtime[20]; 3264 char temptime[20]; 3265 struct tm* tstamp = localtime(&event->timestamp.tv_sec); 3266 strftime(temptime, sizeof(temptime), "%H:%M:%S", tstamp); 3267 snprintf(eventtime, sizeof(eventtime), "%s.%03ld", temptime, 3268 event->timestamp.tv_nsec / 1000000); 3269 3270 const char* func_name; 3271 switch (event->function) { 3272 case BTIF_DM_FUNC_CREATE_BOND: 3273 func_name = "btif_dm_create_bond"; 3274 break; 3275 case BTIF_DM_FUNC_REMOVE_BOND: 3276 func_name = "btif_dm_remove_bond"; 3277 break; 3278 case BTIF_DM_FUNC_BOND_STATE_CHANGED: 3279 func_name = "bond_state_changed "; 3280 break; 3281 default: 3282 func_name = "Invalid value "; 3283 break; 3284 } 3285 3286 const char* bond_state; 3287 switch (event->state) { 3288 case BT_BOND_STATE_NONE: 3289 bond_state = "BOND_STATE_NONE"; 3290 break; 3291 case BT_BOND_STATE_BONDING: 3292 bond_state = "BOND_STATE_BONDING"; 3293 break; 3294 case BT_BOND_STATE_BONDED: 3295 bond_state = "BOND_STATE_BONDED"; 3296 break; 3297 default: 3298 bond_state = "Invalid bond state"; 3299 break; 3300 } 3301 3302 dprintf(fd, " %s %s %s %s\n", eventtime, 3303 event->bd_addr.ToString().c_str(), func_name, bond_state); 3304 } 3305 } 3306
