1 /****************************************************************************** 2 * 3 * Copyright 2009-2012 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19 /******************************************************************************* 20 * 21 * Filename: btif_dm.c 22 * 23 * Description: Contains Device Management (DM) related functionality 24 * 25 * 26 ******************************************************************************/ 27 28 #define LOG_TAG "bt_btif_dm" 29 30 #include "btif_dm.h" 31 32 #include <base/bind.h> 33 #include <base/logging.h> 34 #include <signal.h> 35 #include <stdio.h> 36 #include <stdlib.h> 37 #include <string.h> 38 #include <sys/types.h> 39 #include <time.h> 40 #include <unistd.h> 41 42 #include <mutex> 43 44 #include <bluetooth/uuid.h> 45 #include <hardware/bluetooth.h> 46 #include <hardware/bt_hearing_aid.h> 47 48 #include "advertise_data_parser.h" 49 #include "bt_common.h" 50 #include "bta_closure_api.h" 51 #include "bta_gatt_api.h" 52 #include "btif_api.h" 53 #include "btif_av.h" 54 #include "btif_config.h" 55 #include "btif_dm.h" 56 #include "btif_hd.h" 57 #include "btif_hf.h" 58 #include "btif_hh.h" 59 #include "btif_sdp.h" 60 #include "btif_storage.h" 61 #include "btif_util.h" 62 #include "btu.h" 63 #include "device/include/controller.h" 64 #include "device/include/interop.h" 65 #include "internal_include/stack_config.h" 66 #include "osi/include/allocator.h" 67 #include "osi/include/log.h" 68 #include "osi/include/metrics.h" 69 #include "osi/include/osi.h" 70 #include "osi/include/properties.h" 71 #include "stack/btm/btm_int.h" 72 #include "stack_config.h" 73 74 using bluetooth::Uuid; 75 /****************************************************************************** 76 * Constants & Macros 77 *****************************************************************************/ 78 79 const Uuid UUID_HEARING_AID = Uuid::FromString("FDF0"); 80 81 #define COD_MASK 0x07FF 82 83 #define COD_UNCLASSIFIED ((0x1F) << 8) 84 #define COD_HID_KEYBOARD 0x0540 85 #define COD_HID_POINTING 0x0580 86 #define COD_HID_COMBO 0x05C0 87 #define COD_HID_MAJOR 0x0500 88 #define COD_HID_MASK 0x0700 89 #define COD_AV_HEADSETS 0x0404 90 #define COD_AV_HANDSFREE 0x0408 91 #define COD_AV_HEADPHONES 0x0418 92 #define COD_AV_PORTABLE_AUDIO 0x041C 93 #define COD_AV_HIFI_AUDIO 0x0428 94 95 #define BTIF_DM_DEFAULT_INQ_MAX_RESULTS 0 96 #define BTIF_DM_DEFAULT_INQ_MAX_DURATION 10 97 #define BTIF_DM_MAX_SDP_ATTEMPTS_AFTER_PAIRING 2 98 99 #define NUM_TIMEOUT_RETRIES 5 100 101 #define PROPERTY_PRODUCT_MODEL "ro.product.model" 102 #define DEFAULT_LOCAL_NAME_MAX 31 103 #if (DEFAULT_LOCAL_NAME_MAX > BTM_MAX_LOC_BD_NAME_LEN) 104 #error "default btif local name size exceeds stack supported length" 105 #endif 106 107 #define ENCRYPTED_BREDR 2 108 #define ENCRYPTED_LE 4 109 110 typedef struct { 111 bt_bond_state_t state; 112 RawAddress static_bdaddr; 113 RawAddress bd_addr; 114 tBTM_BOND_TYPE bond_type; 115 uint8_t pin_code_len; 116 uint8_t is_ssp; 117 uint8_t auth_req; 118 uint8_t io_cap; 119 uint8_t autopair_attempts; 120 uint8_t timeout_retries; 121 uint8_t is_local_initiated; 122 uint8_t sdp_attempts; 123 bool is_le_only; 124 bool is_le_nc; /* LE Numeric comparison */ 125 btif_dm_ble_cb_t ble; 126 } btif_dm_pairing_cb_t; 127 128 typedef struct { 129 uint8_t ir[BT_OCTET16_LEN]; 130 uint8_t irk[BT_OCTET16_LEN]; 131 uint8_t dhk[BT_OCTET16_LEN]; 132 } btif_dm_local_key_id_t; 133 134 typedef struct { 135 bool is_er_rcvd; 136 uint8_t er[BT_OCTET16_LEN]; 137 bool is_id_keys_rcvd; 138 btif_dm_local_key_id_t id_keys; /* ID kyes */ 139 140 } btif_dm_local_key_cb_t; 141 142 typedef struct { 143 RawAddress bd_addr; 144 BD_NAME bd_name; 145 } btif_dm_remote_name_t; 146 147 /* this structure holds optional OOB data for remote device */ 148 typedef struct { 149 RawAddress bdaddr; /* peer bdaddr */ 150 bt_out_of_band_data_t oob_data; 151 } btif_dm_oob_cb_t; 152 153 typedef struct { 154 RawAddress bdaddr; 155 uint8_t transport; /* 0=Unknown, 1=BR/EDR, 2=LE */ 156 } btif_dm_create_bond_cb_t; 157 158 typedef struct { 159 uint8_t status; 160 uint8_t ctrl_state; 161 uint64_t tx_time; 162 uint64_t rx_time; 163 uint64_t idle_time; 164 uint64_t energy_used; 165 } btif_activity_energy_info_cb_t; 166 167 typedef struct { unsigned int manufact_id; } skip_sdp_entry_t; 168 169 typedef enum { 170 BTIF_DM_FUNC_CREATE_BOND, 171 BTIF_DM_FUNC_CANCEL_BOND, 172 BTIF_DM_FUNC_REMOVE_BOND, 173 BTIF_DM_FUNC_BOND_STATE_CHANGED, 174 } bt_bond_function_t; 175 176 typedef struct { 177 RawAddress bd_addr; 178 bt_bond_function_t function; 179 bt_bond_state_t state; 180 struct timespec timestamp; 181 } btif_bond_event_t; 182 183 #define BTA_SERVICE_ID_TO_SERVICE_MASK(id) (1 << (id)) 184 185 #define MAX_BTIF_BOND_EVENT_ENTRIES 15 186 187 static skip_sdp_entry_t sdp_blacklist[] = {{76}}; // Apple Mouse and Keyboard 188 189 /* This flag will be true if HCI_Inquiry is in progress */ 190 static bool btif_dm_inquiry_in_progress = false; 191 192 /******************************************************************************* 193 * Static variables 194 ******************************************************************************/ 195 static char btif_default_local_name[DEFAULT_LOCAL_NAME_MAX + 1] = {'\0'}; 196 static uid_set_t* uid_set = NULL; 197 198 /* A circular array to keep track of the most recent bond events */ 199 static btif_bond_event_t btif_dm_bond_events[MAX_BTIF_BOND_EVENT_ENTRIES + 1]; 200 201 static std::mutex bond_event_lock; 202 203 /* |btif_num_bond_events| keeps track of the total number of events and can be 204 greater than |MAX_BTIF_BOND_EVENT_ENTRIES| */ 205 static size_t btif_num_bond_events = 0; 206 static size_t btif_events_start_index = 0; 207 static size_t btif_events_end_index = 0; 208 209 /****************************************************************************** 210 * Static functions 211 *****************************************************************************/ 212 static btif_dm_pairing_cb_t pairing_cb; 213 static btif_dm_oob_cb_t oob_cb; 214 static void btif_dm_generic_evt(uint16_t event, char* p_param); 215 static void btif_dm_cb_create_bond(const RawAddress& bd_addr, 216 tBTA_TRANSPORT transport); 217 static void btif_dm_cb_hid_remote_name(tBTM_REMOTE_DEV_NAME* p_remote_name); 218 static void btif_update_remote_properties(const RawAddress& bd_addr, 219 BD_NAME bd_name, DEV_CLASS dev_class, 220 tBT_DEVICE_TYPE dev_type); 221 static btif_dm_local_key_cb_t ble_local_key_cb; 222 static void btif_dm_ble_key_notif_evt(tBTA_DM_SP_KEY_NOTIF* p_ssp_key_notif); 223 static void btif_dm_ble_auth_cmpl_evt(tBTA_DM_AUTH_CMPL* p_auth_cmpl); 224 static void btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ* p_pin_req); 225 static void btif_dm_ble_key_nc_req_evt(tBTA_DM_SP_KEY_NOTIF* p_notif_req); 226 static void btif_dm_ble_oob_req_evt(tBTA_DM_SP_RMT_OOB* req_oob_type); 227 static void btif_dm_ble_sc_oob_req_evt(tBTA_DM_SP_RMT_OOB* req_oob_type); 228 229 static void bte_scan_filt_param_cfg_evt(uint8_t action_type, uint8_t avbl_space, 230 uint8_t ref_value, uint8_t status); 231 232 static char* btif_get_default_local_name(); 233 234 static void btif_stats_add_bond_event(const RawAddress& bd_addr, 235 bt_bond_function_t function, 236 bt_bond_state_t state); 237 238 /****************************************************************************** 239 * Externs 240 *****************************************************************************/ 241 extern bt_status_t btif_av_execute_service(bool b_enable); 242 extern bt_status_t btif_av_sink_execute_service(bool b_enable); 243 extern bt_status_t btif_hh_execute_service(bool b_enable); 244 extern bt_status_t btif_hf_client_execute_service(bool b_enable); 245 extern bt_status_t btif_sdp_execute_service(bool b_enable); 246 extern int btif_hh_connect(const RawAddress* bd_addr); 247 extern bt_status_t btif_hd_execute_service(bool b_enable); 248 extern bluetooth::hearing_aid::HearingAidInterface* 249 btif_hearing_aid_get_interface(); 250 251 /****************************************************************************** 252 * Functions 253 *****************************************************************************/ 254 255 static bool is_empty_128bit(uint8_t* data) { 256 static const uint8_t zero[16] = {0}; 257 return !memcmp(zero, data, sizeof(zero)); 258 } 259 260 static void btif_dm_data_copy(uint16_t event, char* dst, char* src) { 261 tBTA_DM_SEC* dst_dm_sec = (tBTA_DM_SEC*)dst; 262 tBTA_DM_SEC* src_dm_sec = (tBTA_DM_SEC*)src; 263 264 if (!src_dm_sec) return; 265 266 CHECK(dst_dm_sec); 267 maybe_non_aligned_memcpy(dst_dm_sec, src_dm_sec, sizeof(*src_dm_sec)); 268 269 if (event == BTA_DM_BLE_KEY_EVT) { 270 dst_dm_sec->ble_key.p_key_value = 271 (tBTM_LE_KEY_VALUE*)osi_malloc(sizeof(tBTM_LE_KEY_VALUE)); 272 CHECK(src_dm_sec->ble_key.p_key_value); 273 memcpy(dst_dm_sec->ble_key.p_key_value, src_dm_sec->ble_key.p_key_value, 274 sizeof(tBTM_LE_KEY_VALUE)); 275 } 276 } 277 278 static void btif_dm_data_free(uint16_t event, tBTA_DM_SEC* dm_sec) { 279 if (event == BTA_DM_BLE_KEY_EVT) 280 osi_free_and_reset((void**)&dm_sec->ble_key.p_key_value); 281 } 282 283 void btif_dm_init(uid_set_t* set) { uid_set = set; } 284 285 void btif_dm_cleanup(void) { 286 if (uid_set) { 287 uid_set_destroy(uid_set); 288 uid_set = NULL; 289 } 290 } 291 292 bt_status_t btif_in_execute_service_request(tBTA_SERVICE_ID service_id, 293 bool b_enable) { 294 BTIF_TRACE_DEBUG("%s service_id: %d", __func__, service_id); 295 /* Check the service_ID and invoke the profile's BT state changed API */ 296 switch (service_id) { 297 case BTA_HFP_SERVICE_ID: 298 case BTA_HSP_SERVICE_ID: { 299 bluetooth::headset::ExecuteService(b_enable); 300 } break; 301 case BTA_A2DP_SOURCE_SERVICE_ID: { 302 btif_av_source_execute_service(b_enable); 303 } break; 304 case BTA_A2DP_SINK_SERVICE_ID: { 305 btif_av_sink_execute_service(b_enable); 306 } break; 307 case BTA_HID_SERVICE_ID: { 308 btif_hh_execute_service(b_enable); 309 } break; 310 case BTA_HFP_HS_SERVICE_ID: { 311 btif_hf_client_execute_service(b_enable); 312 } break; 313 case BTA_SDP_SERVICE_ID: { 314 btif_sdp_execute_service(b_enable); 315 } break; 316 case BTA_HIDD_SERVICE_ID: { 317 btif_hd_execute_service(b_enable); 318 } break; 319 default: 320 BTIF_TRACE_ERROR("%s: Unknown service %d being %s", __func__, service_id, 321 (b_enable) ? "enabled" : "disabled"); 322 return BT_STATUS_FAIL; 323 } 324 return BT_STATUS_SUCCESS; 325 } 326 327 /******************************************************************************* 328 * 329 * Function check_eir_remote_name 330 * 331 * Description Check if remote name is in the EIR data 332 * 333 * Returns true if remote name found 334 * Populate p_remote_name, if provided and remote name found 335 * 336 ******************************************************************************/ 337 static bool check_eir_remote_name(tBTA_DM_SEARCH* p_search_data, 338 uint8_t* p_remote_name, 339 uint8_t* p_remote_name_len) { 340 const uint8_t* p_eir_remote_name = NULL; 341 uint8_t remote_name_len = 0; 342 343 /* Check EIR for remote name and services */ 344 if (p_search_data->inq_res.p_eir) { 345 p_eir_remote_name = AdvertiseDataParser::GetFieldByType( 346 p_search_data->inq_res.p_eir, p_search_data->inq_res.eir_len, 347 BTM_EIR_COMPLETE_LOCAL_NAME_TYPE, &remote_name_len); 348 if (!p_eir_remote_name) { 349 p_eir_remote_name = AdvertiseDataParser::GetFieldByType( 350 p_search_data->inq_res.p_eir, p_search_data->inq_res.eir_len, 351 BTM_EIR_SHORTENED_LOCAL_NAME_TYPE, &remote_name_len); 352 } 353 354 if (p_eir_remote_name) { 355 if (remote_name_len > BD_NAME_LEN) remote_name_len = BD_NAME_LEN; 356 357 if (p_remote_name && p_remote_name_len) { 358 memcpy(p_remote_name, p_eir_remote_name, remote_name_len); 359 *(p_remote_name + remote_name_len) = 0; 360 *p_remote_name_len = remote_name_len; 361 } 362 363 return true; 364 } 365 } 366 367 return false; 368 } 369 370 /******************************************************************************* 371 * 372 * Function check_cached_remote_name 373 * 374 * Description Check if remote name is in the NVRAM cache 375 * 376 * Returns true if remote name found 377 * Populate p_remote_name, if provided and remote name found 378 * 379 ******************************************************************************/ 380 static bool check_cached_remote_name(tBTA_DM_SEARCH* p_search_data, 381 uint8_t* p_remote_name, 382 uint8_t* p_remote_name_len) { 383 bt_bdname_t bdname; 384 bt_property_t prop_name; 385 386 /* check if we already have it in our btif_storage cache */ 387 388 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_BDNAME, 389 sizeof(bt_bdname_t), &bdname); 390 if (btif_storage_get_remote_device_property( 391 &p_search_data->inq_res.bd_addr, &prop_name) == BT_STATUS_SUCCESS) { 392 if (p_remote_name && p_remote_name_len) { 393 strcpy((char*)p_remote_name, (char*)bdname.name); 394 *p_remote_name_len = strlen((char*)p_remote_name); 395 } 396 return true; 397 } 398 399 return false; 400 } 401 402 static uint32_t get_cod(const RawAddress* remote_bdaddr) { 403 uint32_t remote_cod; 404 bt_property_t prop_name; 405 406 /* check if we already have it in our btif_storage cache */ 407 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_CLASS_OF_DEVICE, 408 sizeof(uint32_t), &remote_cod); 409 if (btif_storage_get_remote_device_property( 410 (RawAddress*)remote_bdaddr, &prop_name) == BT_STATUS_SUCCESS) { 411 LOG_INFO(LOG_TAG, "%s remote_cod = 0x%08x", __func__, remote_cod); 412 return remote_cod & COD_MASK; 413 } 414 415 return 0; 416 } 417 418 bool check_cod(const RawAddress* remote_bdaddr, uint32_t cod) { 419 return get_cod(remote_bdaddr) == cod; 420 } 421 422 bool check_cod_hid(const RawAddress* remote_bdaddr) { 423 return (get_cod(remote_bdaddr) & COD_HID_MASK) == COD_HID_MAJOR; 424 } 425 426 bool check_hid_le(const RawAddress* remote_bdaddr) { 427 uint32_t remote_dev_type; 428 bt_property_t prop_name; 429 430 /* check if we already have it in our btif_storage cache */ 431 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_TYPE_OF_DEVICE, 432 sizeof(uint32_t), &remote_dev_type); 433 if (btif_storage_get_remote_device_property( 434 (RawAddress*)remote_bdaddr, &prop_name) == BT_STATUS_SUCCESS) { 435 if (remote_dev_type == BT_DEVICE_DEVTYPE_BLE) { 436 if (btif_config_exist(remote_bdaddr->ToString().c_str(), "HidAppId")) 437 return true; 438 } 439 } 440 return false; 441 } 442 443 /***************************************************************************** 444 * 445 * Function check_sdp_bl 446 * 447 * Description Checks if a given device is blacklisted to skip sdp 448 * 449 * Parameters skip_sdp_entry 450 * 451 * Returns true if the device is present in blacklist, else false 452 * 453 ******************************************************************************/ 454 bool check_sdp_bl(const RawAddress* remote_bdaddr) { 455 uint16_t manufacturer = 0; 456 uint8_t lmp_ver = 0; 457 uint16_t lmp_subver = 0; 458 bt_property_t prop_name; 459 bt_remote_version_t info; 460 461 if (remote_bdaddr == NULL) return false; 462 463 /* fetch additional info about remote device used in iop query */ 464 BTM_ReadRemoteVersion(*remote_bdaddr, &lmp_ver, &manufacturer, &lmp_subver); 465 466 /* if not available yet, try fetching from config database */ 467 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_REMOTE_VERSION_INFO, 468 sizeof(bt_remote_version_t), &info); 469 470 if (btif_storage_get_remote_device_property(remote_bdaddr, &prop_name) != 471 BT_STATUS_SUCCESS) { 472 return false; 473 } 474 manufacturer = info.manufacturer; 475 476 for (unsigned int i = 0; i < ARRAY_SIZE(sdp_blacklist); i++) { 477 if (manufacturer == sdp_blacklist[i].manufact_id) return true; 478 } 479 return false; 480 } 481 482 static void bond_state_changed(bt_status_t status, const RawAddress& bd_addr, 483 bt_bond_state_t state) { 484 btif_stats_add_bond_event(bd_addr, BTIF_DM_FUNC_BOND_STATE_CHANGED, state); 485 486 // Send bonding state only once - based on outgoing/incoming we may receive 487 // duplicates 488 if ((pairing_cb.state == state) && (state == BT_BOND_STATE_BONDING)) { 489 // Cross key pairing so send callback for static address 490 if (!pairing_cb.static_bdaddr.IsEmpty()) { 491 auto tmp = bd_addr; 492 HAL_CBACK(bt_hal_cbacks, bond_state_changed_cb, status, &tmp, state); 493 } 494 return; 495 } 496 497 if (pairing_cb.bond_type == BOND_TYPE_TEMPORARY) state = BT_BOND_STATE_NONE; 498 499 BTIF_TRACE_DEBUG("%s: state=%d, prev_state=%d, sdp_attempts = %d", __func__, 500 state, pairing_cb.state, pairing_cb.sdp_attempts); 501 502 auto tmp = bd_addr; 503 HAL_CBACK(bt_hal_cbacks, bond_state_changed_cb, status, &tmp, state); 504 505 if (state == BT_BOND_STATE_BONDING) { 506 pairing_cb.state = state; 507 pairing_cb.bd_addr = bd_addr; 508 } else { 509 if (!pairing_cb.sdp_attempts) 510 memset(&pairing_cb, 0, sizeof(pairing_cb)); 511 else 512 BTIF_TRACE_DEBUG("%s: BR-EDR service discovery active", __func__); 513 } 514 } 515 516 /* store remote version in bt config to always have access 517 to it post pairing*/ 518 static void btif_update_remote_version_property(RawAddress* p_bd) { 519 bt_property_t property; 520 uint8_t lmp_ver = 0; 521 uint16_t lmp_subver = 0; 522 uint16_t mfct_set = 0; 523 tBTM_STATUS btm_status; 524 bt_remote_version_t info; 525 bt_status_t status; 526 527 btm_status = BTM_ReadRemoteVersion(*p_bd, &lmp_ver, &mfct_set, &lmp_subver); 528 529 LOG_DEBUG(LOG_TAG, "remote version info [%s]: %x, %x, %x", 530 p_bd->ToString().c_str(), lmp_ver, mfct_set, lmp_subver); 531 532 if (btm_status == BTM_SUCCESS) { 533 // Always update cache to ensure we have availability whenever BTM API is 534 // not populated 535 info.manufacturer = mfct_set; 536 info.sub_ver = lmp_subver; 537 info.version = lmp_ver; 538 BTIF_STORAGE_FILL_PROPERTY(&property, BT_PROPERTY_REMOTE_VERSION_INFO, 539 sizeof(bt_remote_version_t), &info); 540 status = btif_storage_set_remote_device_property(p_bd, &property); 541 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote version", 542 status); 543 } 544 } 545 546 static void btif_update_remote_properties(const RawAddress& bdaddr, 547 BD_NAME bd_name, DEV_CLASS dev_class, 548 tBT_DEVICE_TYPE device_type) { 549 int num_properties = 0; 550 bt_property_t properties[3]; 551 bt_status_t status; 552 uint32_t cod; 553 bt_device_type_t dev_type; 554 555 memset(properties, 0, sizeof(properties)); 556 557 /* remote name */ 558 if (strlen((const char*)bd_name)) { 559 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], BT_PROPERTY_BDNAME, 560 strlen((char*)bd_name), bd_name); 561 status = btif_storage_set_remote_device_property( 562 &bdaddr, &properties[num_properties]); 563 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device name", 564 status); 565 num_properties++; 566 } 567 568 /* class of device */ 569 cod = devclass2uint(dev_class); 570 BTIF_TRACE_DEBUG("%s cod is 0x%06x", __func__, cod); 571 if (cod == 0) { 572 /* Try to retrieve cod from storage */ 573 BTIF_TRACE_DEBUG("%s cod is 0, checking cod from storage", __func__); 574 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 575 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod); 576 status = btif_storage_get_remote_device_property( 577 &bdaddr, &properties[num_properties]); 578 BTIF_TRACE_DEBUG("%s cod retrieved from storage is 0x%06x", __func__, cod); 579 if (cod == 0) { 580 BTIF_TRACE_DEBUG("%s cod is again 0, set as unclassified", __func__); 581 cod = COD_UNCLASSIFIED; 582 } 583 } 584 585 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 586 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod); 587 status = btif_storage_set_remote_device_property(&bdaddr, 588 &properties[num_properties]); 589 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device class", 590 status); 591 num_properties++; 592 593 /* device type */ 594 bt_property_t prop_name; 595 uint8_t remote_dev_type; 596 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_TYPE_OF_DEVICE, 597 sizeof(uint8_t), &remote_dev_type); 598 if (btif_storage_get_remote_device_property(&bdaddr, &prop_name) == 599 BT_STATUS_SUCCESS) 600 dev_type = (bt_device_type_t)(remote_dev_type | device_type); 601 else 602 dev_type = (bt_device_type_t)device_type; 603 604 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 605 BT_PROPERTY_TYPE_OF_DEVICE, sizeof(dev_type), 606 &dev_type); 607 status = btif_storage_set_remote_device_property(&bdaddr, 608 &properties[num_properties]); 609 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device type", 610 status); 611 num_properties++; 612 613 auto tmp = bdaddr; 614 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, status, &tmp, 615 num_properties, properties); 616 } 617 618 /******************************************************************************* 619 * 620 * Function btif_dm_cb_hid_remote_name 621 * 622 * Description Remote name callback for HID device. Called in btif context 623 * Special handling for HID devices 624 * 625 * Returns void 626 * 627 ******************************************************************************/ 628 static void btif_dm_cb_hid_remote_name(tBTM_REMOTE_DEV_NAME* p_remote_name) { 629 BTIF_TRACE_DEBUG("%s: status=%d pairing_cb.state=%d", __func__, 630 p_remote_name->status, pairing_cb.state); 631 if (pairing_cb.state == BT_BOND_STATE_BONDING) { 632 if (p_remote_name->status == BTM_SUCCESS) { 633 bond_state_changed(BT_STATUS_SUCCESS, pairing_cb.bd_addr, 634 BT_BOND_STATE_BONDED); 635 } else 636 bond_state_changed(BT_STATUS_FAIL, pairing_cb.bd_addr, 637 BT_BOND_STATE_NONE); 638 } 639 } 640 641 /******************************************************************************* 642 * 643 * Function btif_dm_cb_create_bond 644 * 645 * Description Create bond initiated from the BTIF thread context 646 * Special handling for HID devices 647 * 648 * Returns void 649 * 650 ******************************************************************************/ 651 static void btif_dm_cb_create_bond(const RawAddress& bd_addr, 652 tBTA_TRANSPORT transport) { 653 bool is_hid = check_cod(&bd_addr, COD_HID_POINTING); 654 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 655 656 int device_type; 657 int addr_type; 658 std::string addrstr = bd_addr.ToString(); 659 const char* bdstr = addrstr.c_str(); 660 if (transport == BT_TRANSPORT_LE) { 661 if (!btif_config_get_int(bdstr, "DevType", &device_type)) { 662 btif_config_set_int(bdstr, "DevType", BT_DEVICE_TYPE_BLE); 663 } 664 if (btif_storage_get_remote_addr_type(&bd_addr, &addr_type) != 665 BT_STATUS_SUCCESS) { 666 // Try to read address type. OOB pairing might have set it earlier, but 667 // didn't store it, it defaults to BLE_ADDR_PUBLIC 668 uint8_t tmp_dev_type; 669 uint8_t tmp_addr_type; 670 BTM_ReadDevInfo(bd_addr, &tmp_dev_type, &tmp_addr_type); 671 addr_type = tmp_addr_type; 672 673 btif_storage_set_remote_addr_type(&bd_addr, addr_type); 674 } 675 } 676 if ((btif_config_get_int(bdstr, "DevType", &device_type) && 677 (btif_storage_get_remote_addr_type(&bd_addr, &addr_type) == 678 BT_STATUS_SUCCESS) && 679 (device_type & BT_DEVICE_TYPE_BLE) == BT_DEVICE_TYPE_BLE) || 680 (transport == BT_TRANSPORT_LE)) { 681 BTA_DmAddBleDevice(bd_addr, addr_type, device_type); 682 } 683 684 if (is_hid && (device_type & BT_DEVICE_TYPE_BLE) == 0) { 685 bt_status_t status; 686 status = (bt_status_t)btif_hh_connect(&bd_addr); 687 if (status != BT_STATUS_SUCCESS) 688 bond_state_changed(status, bd_addr, BT_BOND_STATE_NONE); 689 } else { 690 BTA_DmBondByTransport(bd_addr, transport); 691 } 692 /* Track originator of bond creation */ 693 pairing_cb.is_local_initiated = true; 694 } 695 696 /******************************************************************************* 697 * 698 * Function btif_dm_cb_remove_bond 699 * 700 * Description remove bond initiated from the BTIF thread context 701 * Special handling for HID devices 702 * 703 * Returns void 704 * 705 ******************************************************************************/ 706 void btif_dm_cb_remove_bond(const RawAddress* bd_addr) { 707 /*special handling for HID devices */ 708 /* VUP needs to be sent if its a HID Device. The HID HOST module will check if 709 there 710 is a valid hid connection with this bd_addr. If yes VUP will be issued.*/ 711 #if (BTA_HH_INCLUDED == TRUE) 712 if (btif_hh_virtual_unplug(bd_addr) != BT_STATUS_SUCCESS) 713 #endif 714 { 715 BTIF_TRACE_DEBUG("%s: Removing HH device", __func__); 716 BTA_DmRemoveDevice(*bd_addr); 717 } 718 } 719 720 /******************************************************************************* 721 * 722 * Function btif_dm_get_connection_state 723 * 724 * Description Returns whether the remote device is currently connected 725 * and whether encryption is active for the connection 726 * 727 * Returns 0 if not connected; 1 if connected and > 1 if connection is 728 * encrypted 729 * 730 ******************************************************************************/ 731 uint16_t btif_dm_get_connection_state(const RawAddress* bd_addr) { 732 uint16_t rc = BTA_DmGetConnectionState(*bd_addr); 733 734 if (rc != 0) { 735 uint8_t flags = 0; 736 737 BTM_GetSecurityFlagsByTransport(*bd_addr, &flags, BT_TRANSPORT_BR_EDR); 738 BTIF_TRACE_DEBUG("%s: security flags (BR/EDR)=0x%02x", __func__, flags); 739 if (flags & BTM_SEC_FLAG_ENCRYPTED) rc |= ENCRYPTED_BREDR; 740 741 BTM_GetSecurityFlagsByTransport(*bd_addr, &flags, BT_TRANSPORT_LE); 742 BTIF_TRACE_DEBUG("%s: security flags (LE)=0x%02x", __func__, flags); 743 if (flags & BTM_SEC_FLAG_ENCRYPTED) rc |= ENCRYPTED_LE; 744 } 745 746 return rc; 747 } 748 749 /******************************************************************************* 750 * 751 * Function search_devices_copy_cb 752 * 753 * Description Deep copy callback for search devices event 754 * 755 * Returns void 756 * 757 ******************************************************************************/ 758 static void search_devices_copy_cb(uint16_t event, char* p_dest, char* p_src) { 759 tBTA_DM_SEARCH* p_dest_data = (tBTA_DM_SEARCH*)p_dest; 760 tBTA_DM_SEARCH* p_src_data = (tBTA_DM_SEARCH*)p_src; 761 762 if (!p_src) return; 763 764 BTIF_TRACE_DEBUG("%s: event=%s", __func__, dump_dm_search_event(event)); 765 maybe_non_aligned_memcpy(p_dest_data, p_src_data, sizeof(*p_src_data)); 766 switch (event) { 767 case BTA_DM_INQ_RES_EVT: { 768 if (p_src_data->inq_res.p_eir) { 769 p_dest_data->inq_res.p_eir = 770 (uint8_t*)(p_dest + sizeof(tBTA_DM_SEARCH)); 771 memcpy(p_dest_data->inq_res.p_eir, p_src_data->inq_res.p_eir, 772 p_src_data->inq_res.eir_len); 773 p_dest_data->inq_res.eir_len = p_src_data->inq_res.eir_len; 774 } 775 } break; 776 777 case BTA_DM_DISC_RES_EVT: { 778 if (p_src_data->disc_res.raw_data_size && 779 p_src_data->disc_res.p_raw_data) { 780 p_dest_data->disc_res.p_raw_data = 781 (uint8_t*)(p_dest + sizeof(tBTA_DM_SEARCH)); 782 memcpy(p_dest_data->disc_res.p_raw_data, 783 p_src_data->disc_res.p_raw_data, 784 p_src_data->disc_res.raw_data_size); 785 } 786 } break; 787 } 788 } 789 790 static void search_services_copy_cb(uint16_t event, char* p_dest, char* p_src) { 791 tBTA_DM_SEARCH* p_dest_data = (tBTA_DM_SEARCH*)p_dest; 792 tBTA_DM_SEARCH* p_src_data = (tBTA_DM_SEARCH*)p_src; 793 794 if (!p_src) return; 795 maybe_non_aligned_memcpy(p_dest_data, p_src_data, sizeof(*p_src_data)); 796 switch (event) { 797 case BTA_DM_DISC_RES_EVT: { 798 if (p_src_data->disc_res.result == BTA_SUCCESS) { 799 if (p_src_data->disc_res.num_uuids > 0) { 800 p_dest_data->disc_res.p_uuid_list = 801 (Uuid*)(p_dest + sizeof(tBTA_DM_SEARCH)); 802 memcpy(p_dest_data->disc_res.p_uuid_list, 803 p_src_data->disc_res.p_uuid_list, 804 p_src_data->disc_res.num_uuids * sizeof(Uuid)); 805 osi_free_and_reset((void**)&p_src_data->disc_res.p_uuid_list); 806 } 807 osi_free_and_reset((void**)&p_src_data->disc_res.p_raw_data); 808 } 809 } break; 810 } 811 } 812 /****************************************************************************** 813 * 814 * BTIF DM callback events 815 * 816 ****************************************************************************/ 817 818 /******************************************************************************* 819 * 820 * Function btif_dm_pin_req_evt 821 * 822 * Description Executes pin request event in btif context 823 * 824 * Returns void 825 * 826 ******************************************************************************/ 827 static void btif_dm_pin_req_evt(tBTA_DM_PIN_REQ* p_pin_req) { 828 bt_bdname_t bd_name; 829 uint32_t cod; 830 bt_pin_code_t pin_code; 831 int dev_type; 832 833 /* Remote properties update */ 834 if (!btif_get_device_type(p_pin_req->bd_addr, &dev_type)) { 835 dev_type = BT_DEVICE_TYPE_BREDR; 836 } 837 btif_update_remote_properties(p_pin_req->bd_addr, p_pin_req->bd_name, 838 p_pin_req->dev_class, 839 (tBT_DEVICE_TYPE)dev_type); 840 841 const RawAddress& bd_addr = p_pin_req->bd_addr; 842 memcpy(bd_name.name, p_pin_req->bd_name, BD_NAME_LEN); 843 844 if (pairing_cb.state == BT_BOND_STATE_BONDING && 845 bd_addr != pairing_cb.bd_addr) { 846 BTIF_TRACE_WARNING("%s(): already in bonding state, reject request", 847 __FUNCTION__); 848 btif_dm_pin_reply(&bd_addr, 0, 0, NULL); 849 return; 850 } 851 852 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 853 854 cod = devclass2uint(p_pin_req->dev_class); 855 856 if (cod == 0) { 857 BTIF_TRACE_DEBUG("%s cod is 0, set as unclassified", __func__); 858 cod = COD_UNCLASSIFIED; 859 } 860 861 /* check for auto pair possiblity only if bond was initiated by local device 862 */ 863 if (pairing_cb.is_local_initiated && !p_pin_req->min_16_digit) { 864 if (check_cod(&bd_addr, COD_AV_HEADSETS) || 865 check_cod(&bd_addr, COD_AV_HEADPHONES) || 866 check_cod(&bd_addr, COD_AV_PORTABLE_AUDIO) || 867 check_cod(&bd_addr, COD_AV_HIFI_AUDIO) || 868 check_cod(&bd_addr, COD_HID_POINTING)) { 869 /* Check if this device can be auto paired */ 870 if (!interop_match_addr(INTEROP_DISABLE_AUTO_PAIRING, &bd_addr) && 871 !interop_match_name(INTEROP_DISABLE_AUTO_PAIRING, 872 (const char*)bd_name.name) && 873 (pairing_cb.autopair_attempts == 0)) { 874 BTIF_TRACE_DEBUG("%s() Attempting auto pair", __func__); 875 pin_code.pin[0] = 0x30; 876 pin_code.pin[1] = 0x30; 877 pin_code.pin[2] = 0x30; 878 pin_code.pin[3] = 0x30; 879 880 pairing_cb.autopair_attempts++; 881 BTA_DmPinReply(bd_addr, true, 4, pin_code.pin); 882 return; 883 } 884 } else if (check_cod(&bd_addr, COD_HID_KEYBOARD) || 885 check_cod(&bd_addr, COD_HID_COMBO)) { 886 if ((interop_match_addr(INTEROP_KEYBOARD_REQUIRES_FIXED_PIN, &bd_addr) == 887 true) && 888 (pairing_cb.autopair_attempts == 0)) { 889 BTIF_TRACE_DEBUG("%s() Attempting auto pair", __func__); 890 pin_code.pin[0] = 0x30; 891 pin_code.pin[1] = 0x30; 892 pin_code.pin[2] = 0x30; 893 pin_code.pin[3] = 0x30; 894 895 pairing_cb.autopair_attempts++; 896 BTA_DmPinReply(bd_addr, true, 4, pin_code.pin); 897 return; 898 } 899 } 900 } 901 // TODO: make cback accept const and get rid of tmp! 902 auto tmp = bd_addr; 903 HAL_CBACK(bt_hal_cbacks, pin_request_cb, &tmp, &bd_name, cod, 904 p_pin_req->min_16_digit); 905 } 906 907 /******************************************************************************* 908 * 909 * Function btif_dm_ssp_cfm_req_evt 910 * 911 * Description Executes SSP confirm request event in btif context 912 * 913 * Returns void 914 * 915 ******************************************************************************/ 916 static void btif_dm_ssp_cfm_req_evt(tBTA_DM_SP_CFM_REQ* p_ssp_cfm_req) { 917 bt_bdname_t bd_name; 918 uint32_t cod; 919 bool is_incoming = !(pairing_cb.state == BT_BOND_STATE_BONDING); 920 int dev_type; 921 922 BTIF_TRACE_DEBUG("%s", __func__); 923 924 /* Remote properties update */ 925 if (!btif_get_device_type(p_ssp_cfm_req->bd_addr, &dev_type)) { 926 dev_type = BT_DEVICE_TYPE_BREDR; 927 } 928 btif_update_remote_properties(p_ssp_cfm_req->bd_addr, p_ssp_cfm_req->bd_name, 929 p_ssp_cfm_req->dev_class, 930 (tBT_DEVICE_TYPE)dev_type); 931 932 RawAddress bd_addr = p_ssp_cfm_req->bd_addr; 933 memcpy(bd_name.name, p_ssp_cfm_req->bd_name, BD_NAME_LEN); 934 935 if (pairing_cb.state == BT_BOND_STATE_BONDING && 936 bd_addr != pairing_cb.bd_addr) { 937 BTIF_TRACE_WARNING("%s(): already in bonding state, reject request", 938 __FUNCTION__); 939 btif_dm_ssp_reply(&bd_addr, BT_SSP_VARIANT_PASSKEY_CONFIRMATION, 0, 0); 940 return; 941 } 942 943 /* Set the pairing_cb based on the local & remote authentication requirements 944 */ 945 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 946 947 BTIF_TRACE_EVENT("%s: just_works:%d, loc_auth_req=%d, rmt_auth_req=%d", 948 __func__, p_ssp_cfm_req->just_works, 949 p_ssp_cfm_req->loc_auth_req, p_ssp_cfm_req->rmt_auth_req); 950 951 /* if just_works and bonding bit is not set treat this as temporary */ 952 if (p_ssp_cfm_req->just_works && 953 !(p_ssp_cfm_req->loc_auth_req & BTM_AUTH_BONDS) && 954 !(p_ssp_cfm_req->rmt_auth_req & BTM_AUTH_BONDS) && 955 !(check_cod((RawAddress*)&p_ssp_cfm_req->bd_addr, COD_HID_POINTING))) 956 pairing_cb.bond_type = BOND_TYPE_TEMPORARY; 957 else 958 pairing_cb.bond_type = BOND_TYPE_PERSISTENT; 959 960 btm_set_bond_type_dev(p_ssp_cfm_req->bd_addr, pairing_cb.bond_type); 961 962 pairing_cb.is_ssp = true; 963 964 /* If JustWorks auto-accept */ 965 if (p_ssp_cfm_req->just_works) { 966 /* Pairing consent for JustWorks needed if: 967 * 1. Incoming (non-temporary) pairing is detected AND 968 * 2. local IO capabilities are DisplayYesNo AND 969 * 3. remote IO capabiltiies are DisplayOnly or NoInputNoOutput; 970 */ 971 if (is_incoming && pairing_cb.bond_type != BOND_TYPE_TEMPORARY && 972 ((p_ssp_cfm_req->loc_io_caps == HCI_IO_CAP_DISPLAY_YESNO) && 973 (p_ssp_cfm_req->rmt_io_caps == HCI_IO_CAP_DISPLAY_ONLY || 974 p_ssp_cfm_req->rmt_io_caps == HCI_IO_CAP_NO_IO))) { 975 BTIF_TRACE_EVENT( 976 "%s: User consent needed for incoming pairing request. loc_io_caps: " 977 "%d, rmt_io_caps: %d", 978 __func__, p_ssp_cfm_req->loc_io_caps, p_ssp_cfm_req->rmt_io_caps); 979 } else { 980 BTIF_TRACE_EVENT("%s: Auto-accept JustWorks pairing", __func__); 981 btif_dm_ssp_reply(&bd_addr, BT_SSP_VARIANT_CONSENT, true, 0); 982 return; 983 } 984 } 985 986 cod = devclass2uint(p_ssp_cfm_req->dev_class); 987 988 if (cod == 0) { 989 LOG_DEBUG(LOG_TAG, "%s cod is 0, set as unclassified", __func__); 990 cod = COD_UNCLASSIFIED; 991 } 992 993 pairing_cb.sdp_attempts = 0; 994 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod, 995 (p_ssp_cfm_req->just_works ? BT_SSP_VARIANT_CONSENT 996 : BT_SSP_VARIANT_PASSKEY_CONFIRMATION), 997 p_ssp_cfm_req->num_val); 998 } 999 1000 static void btif_dm_ssp_key_notif_evt(tBTA_DM_SP_KEY_NOTIF* p_ssp_key_notif) { 1001 bt_bdname_t bd_name; 1002 uint32_t cod; 1003 int dev_type; 1004 1005 BTIF_TRACE_DEBUG("%s", __func__); 1006 1007 /* Remote properties update */ 1008 if (!btif_get_device_type(p_ssp_key_notif->bd_addr, &dev_type)) { 1009 dev_type = BT_DEVICE_TYPE_BREDR; 1010 } 1011 btif_update_remote_properties( 1012 p_ssp_key_notif->bd_addr, p_ssp_key_notif->bd_name, 1013 p_ssp_key_notif->dev_class, (tBT_DEVICE_TYPE)dev_type); 1014 1015 RawAddress bd_addr = p_ssp_key_notif->bd_addr; 1016 memcpy(bd_name.name, p_ssp_key_notif->bd_name, BD_NAME_LEN); 1017 1018 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 1019 pairing_cb.is_ssp = true; 1020 cod = devclass2uint(p_ssp_key_notif->dev_class); 1021 1022 if (cod == 0) { 1023 LOG_DEBUG(LOG_TAG, "%s cod is 0, set as unclassified", __func__); 1024 cod = COD_UNCLASSIFIED; 1025 } 1026 1027 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod, 1028 BT_SSP_VARIANT_PASSKEY_NOTIFICATION, p_ssp_key_notif->passkey); 1029 } 1030 /******************************************************************************* 1031 * 1032 * Function btif_dm_auth_cmpl_evt 1033 * 1034 * Description Executes authentication complete event in btif context 1035 * 1036 * Returns void 1037 * 1038 ******************************************************************************/ 1039 static void btif_dm_auth_cmpl_evt(tBTA_DM_AUTH_CMPL* p_auth_cmpl) { 1040 /* Save link key, if not temporary */ 1041 bt_status_t status = BT_STATUS_FAIL; 1042 bt_bond_state_t state = BT_BOND_STATE_NONE; 1043 bool skip_sdp = false; 1044 1045 BTIF_TRACE_DEBUG("%s: bond state=%d, success=%d, key_present=%d", __func__, 1046 pairing_cb.state, p_auth_cmpl->success, 1047 p_auth_cmpl->key_present); 1048 1049 RawAddress bd_addr = p_auth_cmpl->bd_addr; 1050 if ((p_auth_cmpl->success) && (p_auth_cmpl->key_present)) { 1051 if ((p_auth_cmpl->key_type < HCI_LKEY_TYPE_DEBUG_COMB) || 1052 (p_auth_cmpl->key_type == HCI_LKEY_TYPE_AUTH_COMB) || 1053 (p_auth_cmpl->key_type == HCI_LKEY_TYPE_CHANGED_COMB) || 1054 (p_auth_cmpl->key_type == HCI_LKEY_TYPE_AUTH_COMB_P_256) || 1055 pairing_cb.bond_type == BOND_TYPE_PERSISTENT) { 1056 bt_status_t ret; 1057 BTIF_TRACE_DEBUG("%s: Storing link key. key_type=0x%x, bond_type=%d", 1058 __func__, p_auth_cmpl->key_type, pairing_cb.bond_type); 1059 ret = btif_storage_add_bonded_device(&bd_addr, p_auth_cmpl->key, 1060 p_auth_cmpl->key_type, 1061 pairing_cb.pin_code_len); 1062 ASSERTC(ret == BT_STATUS_SUCCESS, "storing link key failed", ret); 1063 } else { 1064 BTIF_TRACE_DEBUG( 1065 "%s: Temporary key. Not storing. key_type=0x%x, bond_type=%d", 1066 __func__, p_auth_cmpl->key_type, pairing_cb.bond_type); 1067 if (pairing_cb.bond_type == BOND_TYPE_TEMPORARY) { 1068 BTIF_TRACE_DEBUG("%s: sending BT_BOND_STATE_NONE for Temp pairing", 1069 __func__); 1070 btif_storage_remove_bonded_device(&bd_addr); 1071 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_NONE); 1072 return; 1073 } 1074 } 1075 } 1076 1077 if (p_auth_cmpl->success) { 1078 // We could have received a new link key without going through the pairing 1079 // flow. If so, we don't want to perform SDP or any other operations on the 1080 // authenticated device. Also, make sure that the link key is not derived 1081 // from secure LTK, because we will need to perform SDP in case of link key 1082 // derivation to allow bond state change notification for the BR/EDR 1083 // transport so that the subsequent BR/EDR connections to the remote can use 1084 // the derived link key. 1085 if (p_auth_cmpl->bd_addr != pairing_cb.bd_addr && 1086 (!pairing_cb.ble.is_penc_key_rcvd)) { 1087 LOG(INFO) << __func__ 1088 << " skipping SDP since we did not initiate pairing to " 1089 << p_auth_cmpl->bd_addr; 1090 return; 1091 } 1092 1093 btif_storage_set_remote_addr_type(&bd_addr, p_auth_cmpl->addr_type); 1094 btif_update_remote_properties(p_auth_cmpl->bd_addr, p_auth_cmpl->bd_name, 1095 NULL, p_auth_cmpl->dev_type); 1096 pairing_cb.timeout_retries = 0; 1097 status = BT_STATUS_SUCCESS; 1098 state = BT_BOND_STATE_BONDED; 1099 bd_addr = p_auth_cmpl->bd_addr; 1100 1101 if (check_sdp_bl(&bd_addr) && check_cod_hid(&bd_addr)) { 1102 LOG_WARN(LOG_TAG, "%s:skip SDP", __func__); 1103 skip_sdp = true; 1104 } 1105 if (!pairing_cb.is_local_initiated && skip_sdp) { 1106 bond_state_changed(status, bd_addr, state); 1107 1108 LOG_WARN(LOG_TAG, "%s: Incoming HID Connection", __func__); 1109 bt_property_t prop; 1110 RawAddress bd_addr; 1111 Uuid uuid = Uuid::From16Bit(UUID_SERVCLASS_HUMAN_INTERFACE); 1112 1113 prop.type = BT_PROPERTY_UUIDS; 1114 prop.val = &uuid; 1115 prop.len = Uuid::kNumBytes128; 1116 1117 /* Send the event to the BTIF */ 1118 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, BT_STATUS_SUCCESS, 1119 &bd_addr, 1, &prop); 1120 } else { 1121 bool is_crosskey = false; 1122 /* If bonded due to cross-key, save the static address too*/ 1123 if (pairing_cb.state == BT_BOND_STATE_BONDING && 1124 p_auth_cmpl->bd_addr != pairing_cb.bd_addr) { 1125 BTIF_TRACE_DEBUG( 1126 "%s: bonding initiated due to cross key, adding static address", 1127 __func__); 1128 pairing_cb.static_bdaddr = bd_addr; 1129 is_crosskey = true; 1130 } 1131 if (!is_crosskey || 1132 !(stack_config_get_interface()->get_pts_crosskey_sdp_disable())) { 1133 // Ensure inquiry is stopped before attempting service discovery 1134 btif_dm_cancel_discovery(); 1135 1136 /* Trigger SDP on the device */ 1137 pairing_cb.sdp_attempts = 1; 1138 btif_dm_get_remote_services(bd_addr); 1139 } 1140 } 1141 // Do not call bond_state_changed_cb yet. Wait until remote service 1142 // discovery is complete 1143 } else { 1144 // Map the HCI fail reason to bt status 1145 switch (p_auth_cmpl->fail_reason) { 1146 case HCI_ERR_PAGE_TIMEOUT: 1147 case HCI_ERR_LMP_RESPONSE_TIMEOUT: 1148 if (interop_match_addr(INTEROP_AUTO_RETRY_PAIRING, &bd_addr) && 1149 pairing_cb.timeout_retries) { 1150 BTIF_TRACE_WARNING("%s() - Pairing timeout; retrying (%d) ...", 1151 __func__, pairing_cb.timeout_retries); 1152 --pairing_cb.timeout_retries; 1153 btif_dm_cb_create_bond(bd_addr, BTA_TRANSPORT_UNKNOWN); 1154 return; 1155 } 1156 /* Fall-through */ 1157 case HCI_ERR_CONNECTION_TOUT: 1158 status = BT_STATUS_RMT_DEV_DOWN; 1159 break; 1160 1161 case HCI_ERR_PAIRING_NOT_ALLOWED: 1162 btif_storage_remove_bonded_device(&bd_addr); 1163 status = BT_STATUS_AUTH_REJECTED; 1164 break; 1165 1166 /* map the auth failure codes, so we can retry pairing if necessary */ 1167 case HCI_ERR_AUTH_FAILURE: 1168 case HCI_ERR_KEY_MISSING: 1169 btif_storage_remove_bonded_device(&bd_addr); 1170 case HCI_ERR_HOST_REJECT_SECURITY: 1171 case HCI_ERR_ENCRY_MODE_NOT_ACCEPTABLE: 1172 case HCI_ERR_UNIT_KEY_USED: 1173 case HCI_ERR_PAIRING_WITH_UNIT_KEY_NOT_SUPPORTED: 1174 case HCI_ERR_INSUFFCIENT_SECURITY: 1175 case HCI_ERR_PEER_USER: 1176 case HCI_ERR_UNSPECIFIED: 1177 BTIF_TRACE_DEBUG(" %s() Authentication fail reason %d", __func__, 1178 p_auth_cmpl->fail_reason); 1179 if (pairing_cb.autopair_attempts == 1) { 1180 /* Create the Bond once again */ 1181 BTIF_TRACE_WARNING("%s() auto pair failed. Reinitiate Bond", 1182 __func__); 1183 btif_dm_cb_create_bond(bd_addr, BTA_TRANSPORT_UNKNOWN); 1184 return; 1185 } else { 1186 /* if autopair attempts are more than 1, or not attempted */ 1187 status = BT_STATUS_AUTH_FAILURE; 1188 } 1189 break; 1190 1191 default: 1192 status = BT_STATUS_FAIL; 1193 } 1194 /* Special Handling for HID Devices */ 1195 if (check_cod(&bd_addr, COD_HID_POINTING)) { 1196 /* Remove Device as bonded in nvram as authentication failed */ 1197 BTIF_TRACE_DEBUG("%s(): removing hid pointing device from nvram", 1198 __func__); 1199 btif_storage_remove_bonded_device(&bd_addr); 1200 } 1201 bond_state_changed(status, bd_addr, state); 1202 } 1203 } 1204 1205 /****************************************************************************** 1206 * 1207 * Function btif_dm_search_devices_evt 1208 * 1209 * Description Executes search devices callback events in btif context 1210 * 1211 * Returns void 1212 * 1213 *****************************************************************************/ 1214 static void btif_dm_search_devices_evt(uint16_t event, char* p_param) { 1215 tBTA_DM_SEARCH* p_search_data; 1216 BTIF_TRACE_EVENT("%s event=%s", __func__, dump_dm_search_event(event)); 1217 1218 switch (event) { 1219 case BTA_DM_DISC_RES_EVT: { 1220 p_search_data = (tBTA_DM_SEARCH*)p_param; 1221 /* Remote name update */ 1222 if (strlen((const char*)p_search_data->disc_res.bd_name)) { 1223 bt_property_t properties[1]; 1224 bt_status_t status; 1225 1226 properties[0].type = BT_PROPERTY_BDNAME; 1227 properties[0].val = p_search_data->disc_res.bd_name; 1228 properties[0].len = strlen((char*)p_search_data->disc_res.bd_name); 1229 RawAddress& bdaddr = p_search_data->disc_res.bd_addr; 1230 1231 status = 1232 btif_storage_set_remote_device_property(&bdaddr, &properties[0]); 1233 ASSERTC(status == BT_STATUS_SUCCESS, 1234 "failed to save remote device property", status); 1235 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, status, &bdaddr, 1236 1, properties); 1237 } 1238 /* TODO: Services? */ 1239 } break; 1240 1241 case BTA_DM_INQ_RES_EVT: { 1242 /* inquiry result */ 1243 bt_bdname_t bdname; 1244 uint8_t remote_name_len; 1245 tBTA_SERVICE_MASK services = 0; 1246 1247 p_search_data = (tBTA_DM_SEARCH*)p_param; 1248 RawAddress& bdaddr = p_search_data->inq_res.bd_addr; 1249 1250 BTIF_TRACE_DEBUG("%s() %s device_type = 0x%x\n", __func__, 1251 bdaddr.ToString().c_str(), 1252 p_search_data->inq_res.device_type); 1253 bdname.name[0] = 0; 1254 1255 if (!check_eir_remote_name(p_search_data, bdname.name, &remote_name_len)) 1256 check_cached_remote_name(p_search_data, bdname.name, &remote_name_len); 1257 1258 /* Check EIR for remote name and services */ 1259 if (p_search_data->inq_res.p_eir) { 1260 BTA_GetEirService(p_search_data->inq_res.p_eir, 1261 p_search_data->inq_res.eir_len, &services); 1262 BTIF_TRACE_DEBUG("%s()EIR BTA services = %08X", __func__, 1263 (uint32_t)services); 1264 /* TODO: Get the service list and check to see which uuids we got and 1265 * send it back to the client. */ 1266 } 1267 1268 { 1269 bt_property_t properties[5]; 1270 bt_device_type_t dev_type; 1271 uint32_t num_properties = 0; 1272 bt_status_t status; 1273 int addr_type = 0; 1274 1275 memset(properties, 0, sizeof(properties)); 1276 /* RawAddress */ 1277 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1278 BT_PROPERTY_BDADDR, sizeof(bdaddr), &bdaddr); 1279 num_properties++; 1280 /* BD_NAME */ 1281 /* Don't send BDNAME if it is empty */ 1282 if (bdname.name[0]) { 1283 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1284 BT_PROPERTY_BDNAME, 1285 strlen((char*)bdname.name), &bdname); 1286 num_properties++; 1287 } 1288 1289 /* DEV_CLASS */ 1290 uint32_t cod = devclass2uint(p_search_data->inq_res.dev_class); 1291 BTIF_TRACE_DEBUG("%s cod is 0x%06x", __func__, cod); 1292 if (cod != 0) { 1293 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1294 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), 1295 &cod); 1296 num_properties++; 1297 } 1298 1299 /* DEV_TYPE */ 1300 /* FixMe: Assumption is that bluetooth.h and BTE enums match */ 1301 1302 /* Verify if the device is dual mode in NVRAM */ 1303 int stored_device_type = 0; 1304 if (btif_get_device_type(bdaddr, &stored_device_type) && 1305 ((stored_device_type != BT_DEVICE_TYPE_BREDR && 1306 p_search_data->inq_res.device_type == BT_DEVICE_TYPE_BREDR) || 1307 (stored_device_type != BT_DEVICE_TYPE_BLE && 1308 p_search_data->inq_res.device_type == BT_DEVICE_TYPE_BLE))) { 1309 dev_type = (bt_device_type_t)BT_DEVICE_TYPE_DUMO; 1310 } else { 1311 dev_type = (bt_device_type_t)p_search_data->inq_res.device_type; 1312 } 1313 1314 if (p_search_data->inq_res.device_type == BT_DEVICE_TYPE_BLE) 1315 addr_type = p_search_data->inq_res.ble_addr_type; 1316 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1317 BT_PROPERTY_TYPE_OF_DEVICE, sizeof(dev_type), 1318 &dev_type); 1319 num_properties++; 1320 /* RSSI */ 1321 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1322 BT_PROPERTY_REMOTE_RSSI, sizeof(int8_t), 1323 &(p_search_data->inq_res.rssi)); 1324 num_properties++; 1325 1326 status = 1327 btif_storage_add_remote_device(&bdaddr, num_properties, properties); 1328 ASSERTC(status == BT_STATUS_SUCCESS, 1329 "failed to save remote device (inquiry)", status); 1330 status = btif_storage_set_remote_addr_type(&bdaddr, addr_type); 1331 ASSERTC(status == BT_STATUS_SUCCESS, 1332 "failed to save remote addr type (inquiry)", status); 1333 /* Callback to notify upper layer of device */ 1334 HAL_CBACK(bt_hal_cbacks, device_found_cb, num_properties, properties); 1335 } 1336 } break; 1337 1338 case BTA_DM_INQ_CMPL_EVT: { 1339 do_in_bta_thread( 1340 FROM_HERE, 1341 base::Bind(&BTM_BleAdvFilterParamSetup, BTM_BLE_SCAN_COND_DELETE, 0, 1342 nullptr, base::Bind(&bte_scan_filt_param_cfg_evt, 0))); 1343 } break; 1344 case BTA_DM_DISC_CMPL_EVT: { 1345 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, 1346 BT_DISCOVERY_STOPPED); 1347 } break; 1348 case BTA_DM_SEARCH_CANCEL_CMPL_EVT: { 1349 /* if inquiry is not in progress and we get a cancel event, then 1350 * it means we are done with inquiry, but remote_name fetches are in 1351 * progress 1352 * 1353 * if inquiry is in progress, then we don't want to act on this 1354 * cancel_cmpl_evt 1355 * but instead wait for the cancel_cmpl_evt via the Busy Level 1356 * 1357 */ 1358 if (!btif_dm_inquiry_in_progress) { 1359 btgatt_filt_param_setup_t adv_filt_param; 1360 memset(&adv_filt_param, 0, sizeof(btgatt_filt_param_setup_t)); 1361 do_in_bta_thread( 1362 FROM_HERE, 1363 base::Bind(&BTM_BleAdvFilterParamSetup, BTM_BLE_SCAN_COND_DELETE, 0, 1364 nullptr, base::Bind(&bte_scan_filt_param_cfg_evt, 0))); 1365 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, 1366 BT_DISCOVERY_STOPPED); 1367 } 1368 } break; 1369 } 1370 } 1371 1372 /******************************************************************************* 1373 * 1374 * Function btif_dm_search_services_evt 1375 * 1376 * Description Executes search services event in btif context 1377 * 1378 * Returns void 1379 * 1380 ******************************************************************************/ 1381 static void btif_dm_search_services_evt(uint16_t event, char* p_param) { 1382 tBTA_DM_SEARCH* p_data = (tBTA_DM_SEARCH*)p_param; 1383 1384 BTIF_TRACE_EVENT("%s: event = %d", __func__, event); 1385 switch (event) { 1386 case BTA_DM_DISC_RES_EVT: { 1387 bt_property_t prop; 1388 uint32_t i = 0; 1389 bt_status_t ret; 1390 1391 RawAddress& bd_addr = p_data->disc_res.bd_addr; 1392 1393 BTIF_TRACE_DEBUG("%s:(result=0x%x, services 0x%x)", __func__, 1394 p_data->disc_res.result, p_data->disc_res.services); 1395 if ((p_data->disc_res.result != BTA_SUCCESS) && 1396 (pairing_cb.state == BT_BOND_STATE_BONDING) && 1397 (pairing_cb.sdp_attempts < BTIF_DM_MAX_SDP_ATTEMPTS_AFTER_PAIRING)) { 1398 BTIF_TRACE_WARNING("%s:SDP failed after bonding re-attempting", 1399 __func__); 1400 pairing_cb.sdp_attempts++; 1401 btif_dm_get_remote_services(bd_addr); 1402 return; 1403 } 1404 prop.type = BT_PROPERTY_UUIDS; 1405 prop.len = 0; 1406 if ((p_data->disc_res.result == BTA_SUCCESS) && 1407 (p_data->disc_res.num_uuids > 0)) { 1408 prop.val = p_data->disc_res.p_uuid_list; 1409 prop.len = p_data->disc_res.num_uuids * Uuid::kNumBytes128; 1410 for (i = 0; i < p_data->disc_res.num_uuids; i++) { 1411 std::string temp = ((p_data->disc_res.p_uuid_list + i))->ToString(); 1412 LOG_INFO(LOG_TAG, "%s index:%d uuid:%s", __func__, i, temp.c_str()); 1413 } 1414 } 1415 1416 /* onUuidChanged requires getBondedDevices to be populated. 1417 ** bond_state_changed needs to be sent prior to remote_device_property 1418 */ 1419 if ((pairing_cb.state == BT_BOND_STATE_BONDING) && 1420 (p_data->disc_res.bd_addr == pairing_cb.bd_addr || 1421 p_data->disc_res.bd_addr == pairing_cb.static_bdaddr) && 1422 pairing_cb.sdp_attempts > 0) { 1423 BTIF_TRACE_DEBUG( 1424 "%s Remote Service SDP done. Call bond_state_changed_cb BONDED", 1425 __func__); 1426 pairing_cb.sdp_attempts = 0; 1427 1428 // If bonding occured due to cross-key pairing, send bonding callback 1429 // for static address now 1430 if (p_data->disc_res.bd_addr == pairing_cb.static_bdaddr) 1431 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 1432 1433 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDED); 1434 } 1435 1436 if (p_data->disc_res.num_uuids != 0) { 1437 /* Also write this to the NVRAM */ 1438 ret = btif_storage_set_remote_device_property(&bd_addr, &prop); 1439 ASSERTC(ret == BT_STATUS_SUCCESS, "storing remote services failed", 1440 ret); 1441 /* Send the event to the BTIF */ 1442 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, BT_STATUS_SUCCESS, 1443 &bd_addr, 1, &prop); 1444 } 1445 } break; 1446 1447 case BTA_DM_DISC_CMPL_EVT: 1448 /* fixme */ 1449 break; 1450 1451 case BTA_DM_SEARCH_CANCEL_CMPL_EVT: 1452 /* no-op */ 1453 break; 1454 1455 case BTA_DM_DISC_BLE_RES_EVT: { 1456 BTIF_TRACE_DEBUG("%s: service %s", __func__, 1457 p_data->disc_ble_res.service.ToString().c_str()); 1458 int num_properties = 0; 1459 if (p_data->disc_ble_res.service.As16Bit() == UUID_SERVCLASS_LE_HID || 1460 p_data->disc_ble_res.service == UUID_HEARING_AID) { 1461 BTIF_TRACE_DEBUG("%s: Found HOGP or HEARING AID UUID", __func__); 1462 bt_property_t prop[2]; 1463 bt_status_t ret; 1464 1465 const auto& arr = p_data->disc_ble_res.service.To128BitBE(); 1466 1467 RawAddress& bd_addr = p_data->disc_ble_res.bd_addr; 1468 prop[0].type = BT_PROPERTY_UUIDS; 1469 prop[0].val = (void*)arr.data(); 1470 prop[0].len = Uuid::kNumBytes128; 1471 1472 /* Also write this to the NVRAM */ 1473 ret = btif_storage_set_remote_device_property(&bd_addr, &prop[0]); 1474 ASSERTC(ret == BT_STATUS_SUCCESS, "storing remote services failed", 1475 ret); 1476 num_properties++; 1477 1478 /* Remote name update */ 1479 if (strnlen((const char*)p_data->disc_ble_res.bd_name, BD_NAME_LEN)) { 1480 prop[1].type = BT_PROPERTY_BDNAME; 1481 prop[1].val = p_data->disc_ble_res.bd_name; 1482 prop[1].len = 1483 strnlen((char*)p_data->disc_ble_res.bd_name, BD_NAME_LEN); 1484 1485 ret = btif_storage_set_remote_device_property(&bd_addr, &prop[1]); 1486 ASSERTC(ret == BT_STATUS_SUCCESS, 1487 "failed to save remote device property", ret); 1488 num_properties++; 1489 } 1490 1491 /* Send the event to the BTIF */ 1492 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, BT_STATUS_SUCCESS, 1493 &bd_addr, num_properties, prop); 1494 } 1495 } break; 1496 1497 default: { ASSERTC(0, "unhandled search services event", event); } break; 1498 } 1499 } 1500 1501 /******************************************************************************* 1502 * 1503 * Function btif_dm_remote_service_record_evt 1504 * 1505 * Description Executes search service record event in btif context 1506 * 1507 * Returns void 1508 * 1509 ******************************************************************************/ 1510 static void btif_dm_remote_service_record_evt(uint16_t event, char* p_param) { 1511 tBTA_DM_SEARCH* p_data = (tBTA_DM_SEARCH*)p_param; 1512 1513 BTIF_TRACE_EVENT("%s: event = %d", __func__, event); 1514 switch (event) { 1515 case BTA_DM_DISC_RES_EVT: { 1516 bt_service_record_t rec; 1517 bt_property_t prop; 1518 1519 memset(&rec, 0, sizeof(bt_service_record_t)); 1520 RawAddress& bd_addr = p_data->disc_res.bd_addr; 1521 1522 BTIF_TRACE_DEBUG("%s:(result=0x%x, services 0x%x)", __func__, 1523 p_data->disc_res.result, p_data->disc_res.services); 1524 prop.type = BT_PROPERTY_SERVICE_RECORD; 1525 prop.val = (void*)&rec; 1526 prop.len = sizeof(rec); 1527 1528 /* disc_res.result is overloaded with SCN. Cannot check result */ 1529 p_data->disc_res.services &= ~BTA_USER_SERVICE_MASK; 1530 /* TODO: Get the UUID as well */ 1531 rec.channel = p_data->disc_res.result - 3; 1532 /* TODO: Need to get the service name using p_raw_data */ 1533 rec.name[0] = 0; 1534 1535 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, BT_STATUS_SUCCESS, 1536 &bd_addr, 1, &prop); 1537 } break; 1538 1539 default: { 1540 ASSERTC(0, "unhandled remote service record event", event); 1541 } break; 1542 } 1543 } 1544 1545 /******************************************************************************* 1546 * 1547 * Function btif_dm_upstreams_cback 1548 * 1549 * Description Executes UPSTREAMS events in btif context 1550 * 1551 * Returns void 1552 * 1553 ******************************************************************************/ 1554 static void btif_dm_upstreams_evt(uint16_t event, char* p_param) { 1555 tBTA_DM_SEC* p_data = (tBTA_DM_SEC*)p_param; 1556 tBTA_SERVICE_MASK service_mask; 1557 uint32_t i; 1558 RawAddress bd_addr; 1559 1560 BTIF_TRACE_EVENT("%s: ev: %s", __func__, dump_dm_event(event)); 1561 1562 switch (event) { 1563 case BTA_DM_ENABLE_EVT: { 1564 BD_NAME bdname; 1565 bt_status_t status; 1566 bt_property_t prop; 1567 prop.type = BT_PROPERTY_BDNAME; 1568 prop.len = BD_NAME_LEN; 1569 prop.val = (void*)bdname; 1570 1571 status = btif_storage_get_adapter_property(&prop); 1572 if (status == BT_STATUS_SUCCESS) { 1573 /* A name exists in the storage. Make this the device name */ 1574 BTA_DmSetDeviceName((char*)prop.val); 1575 } else { 1576 /* Storage does not have a name yet. 1577 * Use the default name and write it to the chip 1578 */ 1579 BTA_DmSetDeviceName(btif_get_default_local_name()); 1580 } 1581 1582 /* Enable local privacy */ 1583 BTA_DmBleConfigLocalPrivacy(BLE_LOCAL_PRIVACY_ENABLED); 1584 1585 /* for each of the enabled services in the mask, trigger the profile 1586 * enable */ 1587 service_mask = btif_get_enabled_services_mask(); 1588 for (i = 0; i <= BTA_MAX_SERVICE_ID; i++) { 1589 if (service_mask & 1590 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(i))) { 1591 btif_in_execute_service_request(i, true); 1592 } 1593 } 1594 /* clear control blocks */ 1595 memset(&pairing_cb, 0, sizeof(btif_dm_pairing_cb_t)); 1596 pairing_cb.bond_type = BOND_TYPE_PERSISTENT; 1597 1598 /* This function will also trigger the adapter_properties_cb 1599 ** and bonded_devices_info_cb 1600 */ 1601 btif_storage_load_bonded_devices(); 1602 1603 btif_enable_bluetooth_evt(p_data->enable.status); 1604 } break; 1605 1606 case BTA_DM_DISABLE_EVT: 1607 /* for each of the enabled services in the mask, trigger the profile 1608 * disable */ 1609 service_mask = btif_get_enabled_services_mask(); 1610 for (i = 0; i <= BTA_MAX_SERVICE_ID; i++) { 1611 if (service_mask & 1612 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(i))) { 1613 btif_in_execute_service_request(i, false); 1614 } 1615 } 1616 btif_disable_bluetooth_evt(); 1617 break; 1618 1619 case BTA_DM_PIN_REQ_EVT: 1620 btif_dm_pin_req_evt(&p_data->pin_req); 1621 break; 1622 1623 case BTA_DM_AUTH_CMPL_EVT: 1624 btif_dm_auth_cmpl_evt(&p_data->auth_cmpl); 1625 break; 1626 1627 case BTA_DM_BOND_CANCEL_CMPL_EVT: 1628 if (pairing_cb.state == BT_BOND_STATE_BONDING) { 1629 bd_addr = pairing_cb.bd_addr; 1630 btm_set_bond_type_dev(pairing_cb.bd_addr, BOND_TYPE_UNKNOWN); 1631 bond_state_changed((bt_status_t)p_data->bond_cancel_cmpl.result, 1632 bd_addr, BT_BOND_STATE_NONE); 1633 } 1634 break; 1635 1636 case BTA_DM_SP_CFM_REQ_EVT: 1637 btif_dm_ssp_cfm_req_evt(&p_data->cfm_req); 1638 break; 1639 case BTA_DM_SP_KEY_NOTIF_EVT: 1640 btif_dm_ssp_key_notif_evt(&p_data->key_notif); 1641 break; 1642 1643 case BTA_DM_DEV_UNPAIRED_EVT: 1644 bd_addr = p_data->link_down.bd_addr; 1645 btm_set_bond_type_dev(p_data->link_down.bd_addr, BOND_TYPE_UNKNOWN); 1646 1647 /*special handling for HID devices */ 1648 #if (defined(BTA_HH_INCLUDED) && (BTA_HH_INCLUDED == TRUE)) 1649 btif_hh_remove_device(bd_addr); 1650 #endif 1651 #if (defined(BTA_HD_INCLUDED) && (BTA_HD_INCLUDED == TRUE)) 1652 btif_hd_remove_device(bd_addr); 1653 #endif 1654 btif_hearing_aid_get_interface()->RemoveDevice(bd_addr); 1655 btif_storage_remove_bonded_device(&bd_addr); 1656 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_NONE); 1657 break; 1658 1659 case BTA_DM_BUSY_LEVEL_EVT: { 1660 if (p_data->busy_level.level_flags & BTM_BL_INQUIRY_PAGING_MASK) { 1661 if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_STARTED) { 1662 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, 1663 BT_DISCOVERY_STARTED); 1664 btif_dm_inquiry_in_progress = true; 1665 } else if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_CANCELLED) { 1666 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, 1667 BT_DISCOVERY_STOPPED); 1668 btif_dm_inquiry_in_progress = false; 1669 } else if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_COMPLETE) { 1670 btif_dm_inquiry_in_progress = false; 1671 } 1672 } 1673 } break; 1674 1675 case BTA_DM_LINK_UP_EVT: 1676 bd_addr = p_data->link_up.bd_addr; 1677 BTIF_TRACE_DEBUG("BTA_DM_LINK_UP_EVT. Sending BT_ACL_STATE_CONNECTED"); 1678 1679 btif_update_remote_version_property(&bd_addr); 1680 1681 HAL_CBACK(bt_hal_cbacks, acl_state_changed_cb, BT_STATUS_SUCCESS, 1682 &bd_addr, BT_ACL_STATE_CONNECTED); 1683 break; 1684 1685 case BTA_DM_LINK_DOWN_EVT: 1686 bd_addr = p_data->link_down.bd_addr; 1687 btm_set_bond_type_dev(p_data->link_down.bd_addr, BOND_TYPE_UNKNOWN); 1688 btif_av_acl_disconnected(bd_addr); 1689 BTIF_TRACE_DEBUG( 1690 "BTA_DM_LINK_DOWN_EVT. Sending BT_ACL_STATE_DISCONNECTED"); 1691 HAL_CBACK(bt_hal_cbacks, acl_state_changed_cb, BT_STATUS_SUCCESS, 1692 &bd_addr, BT_ACL_STATE_DISCONNECTED); 1693 break; 1694 1695 case BTA_DM_HW_ERROR_EVT: 1696 BTIF_TRACE_ERROR("Received H/W Error. "); 1697 /* Flush storage data */ 1698 btif_config_flush(); 1699 usleep(100000); /* 100milliseconds */ 1700 /* Killing the process to force a restart as part of fault tolerance */ 1701 kill(getpid(), SIGKILL); 1702 break; 1703 1704 case BTA_DM_BLE_KEY_EVT: 1705 BTIF_TRACE_DEBUG("BTA_DM_BLE_KEY_EVT key_type=0x%02x ", 1706 p_data->ble_key.key_type); 1707 1708 /* If this pairing is by-product of local initiated GATT client Read or 1709 Write, 1710 BTA would not have sent BTA_DM_BLE_SEC_REQ_EVT event and Bond state would 1711 not 1712 have setup properly. Setup pairing_cb and notify App about Bonding state 1713 now*/ 1714 if (pairing_cb.state != BT_BOND_STATE_BONDING) { 1715 BTIF_TRACE_DEBUG( 1716 "Bond state not sent to App so far.Notify the app now"); 1717 bond_state_changed(BT_STATUS_SUCCESS, p_data->ble_key.bd_addr, 1718 BT_BOND_STATE_BONDING); 1719 } else if (pairing_cb.bd_addr != p_data->ble_key.bd_addr) { 1720 BTIF_TRACE_ERROR("BD mismatch discard BLE key_type=%d ", 1721 p_data->ble_key.key_type); 1722 break; 1723 } 1724 1725 switch (p_data->ble_key.key_type) { 1726 case BTA_LE_KEY_PENC: 1727 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_PENC"); 1728 pairing_cb.ble.is_penc_key_rcvd = true; 1729 pairing_cb.ble.penc_key = p_data->ble_key.p_key_value->penc_key; 1730 break; 1731 1732 case BTA_LE_KEY_PID: 1733 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_PID"); 1734 pairing_cb.ble.is_pid_key_rcvd = true; 1735 pairing_cb.ble.pid_key = p_data->ble_key.p_key_value->pid_key; 1736 break; 1737 1738 case BTA_LE_KEY_PCSRK: 1739 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_PCSRK"); 1740 pairing_cb.ble.is_pcsrk_key_rcvd = true; 1741 pairing_cb.ble.pcsrk_key = p_data->ble_key.p_key_value->pcsrk_key; 1742 break; 1743 1744 case BTA_LE_KEY_LENC: 1745 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_LENC"); 1746 pairing_cb.ble.is_lenc_key_rcvd = true; 1747 pairing_cb.ble.lenc_key = p_data->ble_key.p_key_value->lenc_key; 1748 break; 1749 1750 case BTA_LE_KEY_LCSRK: 1751 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_LCSRK"); 1752 pairing_cb.ble.is_lcsrk_key_rcvd = true; 1753 pairing_cb.ble.lcsrk_key = p_data->ble_key.p_key_value->lcsrk_key; 1754 break; 1755 1756 case BTA_LE_KEY_LID: 1757 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_LID"); 1758 pairing_cb.ble.is_lidk_key_rcvd = true; 1759 break; 1760 1761 default: 1762 BTIF_TRACE_ERROR("unknown BLE key type (0x%02x)", 1763 p_data->ble_key.key_type); 1764 break; 1765 } 1766 break; 1767 case BTA_DM_BLE_SEC_REQ_EVT: 1768 BTIF_TRACE_DEBUG("BTA_DM_BLE_SEC_REQ_EVT. "); 1769 btif_dm_ble_sec_req_evt(&p_data->ble_req); 1770 break; 1771 case BTA_DM_BLE_PASSKEY_NOTIF_EVT: 1772 BTIF_TRACE_DEBUG("BTA_DM_BLE_PASSKEY_NOTIF_EVT. "); 1773 btif_dm_ble_key_notif_evt(&p_data->key_notif); 1774 break; 1775 case BTA_DM_BLE_PASSKEY_REQ_EVT: 1776 BTIF_TRACE_DEBUG("BTA_DM_BLE_PASSKEY_REQ_EVT. "); 1777 btif_dm_ble_passkey_req_evt(&p_data->pin_req); 1778 break; 1779 case BTA_DM_BLE_NC_REQ_EVT: 1780 BTIF_TRACE_DEBUG("BTA_DM_BLE_PASSKEY_REQ_EVT. "); 1781 btif_dm_ble_key_nc_req_evt(&p_data->key_notif); 1782 break; 1783 case BTA_DM_BLE_OOB_REQ_EVT: 1784 BTIF_TRACE_DEBUG("BTA_DM_BLE_OOB_REQ_EVT. "); 1785 btif_dm_ble_oob_req_evt(&p_data->rmt_oob); 1786 break; 1787 case BTA_DM_BLE_SC_OOB_REQ_EVT: 1788 BTIF_TRACE_DEBUG("BTA_DM_BLE_SC_OOB_REQ_EVT. "); 1789 btif_dm_ble_sc_oob_req_evt(&p_data->rmt_oob); 1790 break; 1791 case BTA_DM_BLE_LOCAL_IR_EVT: 1792 BTIF_TRACE_DEBUG("BTA_DM_BLE_LOCAL_IR_EVT. "); 1793 ble_local_key_cb.is_id_keys_rcvd = true; 1794 memcpy(&ble_local_key_cb.id_keys.irk[0], &p_data->ble_id_keys.irk[0], 1795 sizeof(BT_OCTET16)); 1796 memcpy(&ble_local_key_cb.id_keys.ir[0], &p_data->ble_id_keys.ir[0], 1797 sizeof(BT_OCTET16)); 1798 memcpy(&ble_local_key_cb.id_keys.dhk[0], &p_data->ble_id_keys.dhk[0], 1799 sizeof(BT_OCTET16)); 1800 btif_storage_add_ble_local_key((char*)&ble_local_key_cb.id_keys.irk[0], 1801 BTIF_DM_LE_LOCAL_KEY_IRK, BT_OCTET16_LEN); 1802 btif_storage_add_ble_local_key((char*)&ble_local_key_cb.id_keys.ir[0], 1803 BTIF_DM_LE_LOCAL_KEY_IR, BT_OCTET16_LEN); 1804 btif_storage_add_ble_local_key((char*)&ble_local_key_cb.id_keys.dhk[0], 1805 BTIF_DM_LE_LOCAL_KEY_DHK, BT_OCTET16_LEN); 1806 break; 1807 case BTA_DM_BLE_LOCAL_ER_EVT: 1808 BTIF_TRACE_DEBUG("BTA_DM_BLE_LOCAL_ER_EVT. "); 1809 ble_local_key_cb.is_er_rcvd = true; 1810 memcpy(&ble_local_key_cb.er[0], &p_data->ble_er[0], sizeof(BT_OCTET16)); 1811 btif_storage_add_ble_local_key((char*)&ble_local_key_cb.er[0], 1812 BTIF_DM_LE_LOCAL_KEY_ER, BT_OCTET16_LEN); 1813 break; 1814 1815 case BTA_DM_BLE_AUTH_CMPL_EVT: 1816 BTIF_TRACE_DEBUG("BTA_DM_BLE_AUTH_CMPL_EVT. "); 1817 btif_dm_ble_auth_cmpl_evt(&p_data->auth_cmpl); 1818 break; 1819 1820 case BTA_DM_LE_FEATURES_READ: { 1821 tBTM_BLE_VSC_CB cmn_vsc_cb; 1822 bt_local_le_features_t local_le_features; 1823 char buf[512]; 1824 bt_property_t prop; 1825 prop.type = BT_PROPERTY_LOCAL_LE_FEATURES; 1826 prop.val = (void*)buf; 1827 prop.len = sizeof(buf); 1828 1829 /* LE features are not stored in storage. Should be retrived from stack */ 1830 BTM_BleGetVendorCapabilities(&cmn_vsc_cb); 1831 local_le_features.local_privacy_enabled = BTM_BleLocalPrivacyEnabled(); 1832 1833 prop.len = sizeof(bt_local_le_features_t); 1834 if (cmn_vsc_cb.filter_support == 1) 1835 local_le_features.max_adv_filter_supported = cmn_vsc_cb.max_filter; 1836 else 1837 local_le_features.max_adv_filter_supported = 0; 1838 local_le_features.max_adv_instance = cmn_vsc_cb.adv_inst_max; 1839 local_le_features.max_irk_list_size = cmn_vsc_cb.max_irk_list_sz; 1840 local_le_features.rpa_offload_supported = cmn_vsc_cb.rpa_offloading; 1841 local_le_features.activity_energy_info_supported = 1842 cmn_vsc_cb.energy_support; 1843 local_le_features.scan_result_storage_size = 1844 cmn_vsc_cb.tot_scan_results_strg; 1845 local_le_features.version_supported = cmn_vsc_cb.version_supported; 1846 local_le_features.total_trackable_advertisers = 1847 cmn_vsc_cb.total_trackable_advertisers; 1848 1849 local_le_features.extended_scan_support = 1850 cmn_vsc_cb.extended_scan_support > 0; 1851 local_le_features.debug_logging_supported = 1852 cmn_vsc_cb.debug_logging_supported > 0; 1853 1854 const controller_t* controller = controller_get_interface(); 1855 1856 local_le_features.le_2m_phy_supported = controller->supports_ble_2m_phy(); 1857 local_le_features.le_coded_phy_supported = 1858 controller->supports_ble_coded_phy(); 1859 local_le_features.le_extended_advertising_supported = 1860 controller->supports_ble_extended_advertising(); 1861 local_le_features.le_periodic_advertising_supported = 1862 controller->supports_ble_periodic_advertising(); 1863 local_le_features.le_maximum_advertising_data_length = 1864 controller->get_ble_maxium_advertising_data_length(); 1865 1866 memcpy(prop.val, &local_le_features, prop.len); 1867 HAL_CBACK(bt_hal_cbacks, adapter_properties_cb, BT_STATUS_SUCCESS, 1, 1868 &prop); 1869 break; 1870 } 1871 1872 case BTA_DM_ENER_INFO_READ: { 1873 btif_activity_energy_info_cb_t* p_ener_data = 1874 (btif_activity_energy_info_cb_t*)p_param; 1875 bt_activity_energy_info energy_info; 1876 energy_info.status = p_ener_data->status; 1877 energy_info.ctrl_state = p_ener_data->ctrl_state; 1878 energy_info.rx_time = p_ener_data->rx_time; 1879 energy_info.tx_time = p_ener_data->tx_time; 1880 energy_info.idle_time = p_ener_data->idle_time; 1881 energy_info.energy_used = p_ener_data->energy_used; 1882 1883 bt_uid_traffic_t* data = uid_set_read_and_clear(uid_set); 1884 HAL_CBACK(bt_hal_cbacks, energy_info_cb, &energy_info, data); 1885 osi_free(data); 1886 break; 1887 } 1888 1889 case BTA_DM_AUTHORIZE_EVT: 1890 case BTA_DM_SIG_STRENGTH_EVT: 1891 case BTA_DM_SP_RMT_OOB_EVT: 1892 case BTA_DM_SP_KEYPRESS_EVT: 1893 case BTA_DM_ROLE_CHG_EVT: 1894 1895 default: 1896 BTIF_TRACE_WARNING("%s: unhandled event (%d)", __func__, event); 1897 break; 1898 } 1899 1900 btif_dm_data_free(event, p_data); 1901 } 1902 1903 /******************************************************************************* 1904 * 1905 * Function btif_dm_generic_evt 1906 * 1907 * Description Executes non-BTA upstream events in BTIF context 1908 * 1909 * Returns void 1910 * 1911 ******************************************************************************/ 1912 static void btif_dm_generic_evt(uint16_t event, char* p_param) { 1913 BTIF_TRACE_EVENT("%s: event=%d", __func__, event); 1914 switch (event) { 1915 case BTIF_DM_CB_DISCOVERY_STARTED: { 1916 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, 1917 BT_DISCOVERY_STARTED); 1918 } break; 1919 1920 case BTIF_DM_CB_CREATE_BOND: { 1921 pairing_cb.timeout_retries = NUM_TIMEOUT_RETRIES; 1922 btif_dm_create_bond_cb_t* create_bond_cb = 1923 (btif_dm_create_bond_cb_t*)p_param; 1924 btif_dm_cb_create_bond(create_bond_cb->bdaddr, create_bond_cb->transport); 1925 } break; 1926 1927 case BTIF_DM_CB_REMOVE_BOND: { 1928 btif_dm_cb_remove_bond((RawAddress*)p_param); 1929 } break; 1930 1931 case BTIF_DM_CB_HID_REMOTE_NAME: { 1932 btif_dm_cb_hid_remote_name((tBTM_REMOTE_DEV_NAME*)p_param); 1933 } break; 1934 1935 case BTIF_DM_CB_BOND_STATE_BONDING: { 1936 bond_state_changed(BT_STATUS_SUCCESS, *((RawAddress*)p_param), 1937 BT_BOND_STATE_BONDING); 1938 } break; 1939 case BTIF_DM_CB_LE_TX_TEST: 1940 case BTIF_DM_CB_LE_RX_TEST: { 1941 uint8_t status; 1942 STREAM_TO_UINT8(status, p_param); 1943 HAL_CBACK(bt_hal_cbacks, le_test_mode_cb, 1944 (status == 0) ? BT_STATUS_SUCCESS : BT_STATUS_FAIL, 0); 1945 } break; 1946 case BTIF_DM_CB_LE_TEST_END: { 1947 uint8_t status; 1948 uint16_t count = 0; 1949 STREAM_TO_UINT8(status, p_param); 1950 if (status == 0) STREAM_TO_UINT16(count, p_param); 1951 HAL_CBACK(bt_hal_cbacks, le_test_mode_cb, 1952 (status == 0) ? BT_STATUS_SUCCESS : BT_STATUS_FAIL, count); 1953 } break; 1954 default: { 1955 BTIF_TRACE_WARNING("%s : Unknown event 0x%x", __func__, event); 1956 } break; 1957 } 1958 } 1959 1960 /******************************************************************************* 1961 * 1962 * Function bte_dm_evt 1963 * 1964 * Description Switches context from BTE to BTIF for all DM events 1965 * 1966 * Returns void 1967 * 1968 ******************************************************************************/ 1969 1970 void bte_dm_evt(tBTA_DM_SEC_EVT event, tBTA_DM_SEC* p_data) { 1971 /* switch context to btif task context (copy full union size for convenience) 1972 */ 1973 bt_status_t status = btif_transfer_context( 1974 btif_dm_upstreams_evt, (uint16_t)event, (char*)p_data, 1975 sizeof(tBTA_DM_SEC), btif_dm_data_copy); 1976 1977 /* catch any failed context transfers */ 1978 ASSERTC(status == BT_STATUS_SUCCESS, "context transfer failed", status); 1979 } 1980 1981 /******************************************************************************* 1982 * 1983 * Function bte_search_devices_evt 1984 * 1985 * Description Switches context from BTE to BTIF for DM search events 1986 * 1987 * Returns void 1988 * 1989 ******************************************************************************/ 1990 static void bte_search_devices_evt(tBTA_DM_SEARCH_EVT event, 1991 tBTA_DM_SEARCH* p_data) { 1992 uint16_t param_len = 0; 1993 1994 if (p_data) param_len += sizeof(tBTA_DM_SEARCH); 1995 /* Allocate buffer to hold the pointers (deep copy). The pointers will point 1996 * to the end of the tBTA_DM_SEARCH */ 1997 switch (event) { 1998 case BTA_DM_INQ_RES_EVT: { 1999 if (p_data->inq_res.p_eir) param_len += p_data->inq_res.eir_len; 2000 } break; 2001 2002 case BTA_DM_DISC_RES_EVT: { 2003 if (p_data->disc_res.raw_data_size && p_data->disc_res.p_raw_data) 2004 param_len += p_data->disc_res.raw_data_size; 2005 } break; 2006 } 2007 BTIF_TRACE_DEBUG("%s event=%s param_len=%d", __func__, 2008 dump_dm_search_event(event), param_len); 2009 2010 /* if remote name is available in EIR, set teh flag so that stack doesnt 2011 * trigger RNR */ 2012 if (event == BTA_DM_INQ_RES_EVT) 2013 p_data->inq_res.remt_name_not_required = 2014 check_eir_remote_name(p_data, NULL, NULL); 2015 2016 btif_transfer_context( 2017 btif_dm_search_devices_evt, (uint16_t)event, (char*)p_data, param_len, 2018 (param_len > sizeof(tBTA_DM_SEARCH)) ? search_devices_copy_cb : NULL); 2019 } 2020 2021 /******************************************************************************* 2022 * 2023 * Function bte_dm_search_services_evt 2024 * 2025 * Description Switches context from BTE to BTIF for DM search services 2026 * event 2027 * 2028 * Returns void 2029 * 2030 ******************************************************************************/ 2031 static void bte_dm_search_services_evt(tBTA_DM_SEARCH_EVT event, 2032 tBTA_DM_SEARCH* p_data) { 2033 uint16_t param_len = 0; 2034 if (p_data) param_len += sizeof(tBTA_DM_SEARCH); 2035 switch (event) { 2036 case BTA_DM_DISC_RES_EVT: { 2037 if ((p_data->disc_res.result == BTA_SUCCESS) && 2038 (p_data->disc_res.num_uuids > 0)) { 2039 param_len += (p_data->disc_res.num_uuids * Uuid::kNumBytes128); 2040 } 2041 } break; 2042 } 2043 /* TODO: The only other member that needs a deep copy is the p_raw_data. But 2044 * not sure 2045 * if raw_data is needed. */ 2046 btif_transfer_context( 2047 btif_dm_search_services_evt, event, (char*)p_data, param_len, 2048 (param_len > sizeof(tBTA_DM_SEARCH)) ? search_services_copy_cb : NULL); 2049 } 2050 2051 /******************************************************************************* 2052 * 2053 * Function bte_dm_remote_service_record_evt 2054 * 2055 * Description Switches context from BTE to BTIF for DM search service 2056 * record event 2057 * 2058 * Returns void 2059 * 2060 ******************************************************************************/ 2061 static void bte_dm_remote_service_record_evt(tBTA_DM_SEARCH_EVT event, 2062 tBTA_DM_SEARCH* p_data) { 2063 /* TODO: The only member that needs a deep copy is the p_raw_data. But not 2064 * sure yet if this is needed. */ 2065 btif_transfer_context(btif_dm_remote_service_record_evt, event, (char*)p_data, 2066 sizeof(tBTA_DM_SEARCH), NULL); 2067 } 2068 2069 /******************************************************************************* 2070 * 2071 * Function bta_energy_info_cb 2072 * 2073 * Description Switches context from BTE to BTIF for DM energy info event 2074 * 2075 * Returns void 2076 * 2077 ******************************************************************************/ 2078 static void bta_energy_info_cb(tBTA_DM_BLE_TX_TIME_MS tx_time, 2079 tBTA_DM_BLE_RX_TIME_MS rx_time, 2080 tBTA_DM_BLE_IDLE_TIME_MS idle_time, 2081 tBTA_DM_BLE_ENERGY_USED energy_used, 2082 tBTA_DM_CONTRL_STATE ctrl_state, 2083 tBTA_STATUS status) { 2084 BTIF_TRACE_DEBUG( 2085 "energy_info_cb-Status:%d,state=%d,tx_t=%ld, rx_t=%ld, " 2086 "idle_time=%ld,used=%ld", 2087 status, ctrl_state, tx_time, rx_time, idle_time, energy_used); 2088 2089 btif_activity_energy_info_cb_t btif_cb; 2090 btif_cb.status = status; 2091 btif_cb.ctrl_state = ctrl_state; 2092 btif_cb.tx_time = (uint64_t)tx_time; 2093 btif_cb.rx_time = (uint64_t)rx_time; 2094 btif_cb.idle_time = (uint64_t)idle_time; 2095 btif_cb.energy_used = (uint64_t)energy_used; 2096 btif_transfer_context(btif_dm_upstreams_evt, BTA_DM_ENER_INFO_READ, 2097 (char*)&btif_cb, sizeof(btif_activity_energy_info_cb_t), 2098 NULL); 2099 } 2100 2101 /* Scan filter param config event */ 2102 static void bte_scan_filt_param_cfg_evt(uint8_t ref_value, uint8_t avbl_space, 2103 uint8_t action_type, uint8_t status) { 2104 /* This event occurs on calling BTA_DmBleCfgFilterCondition internally, 2105 ** and that is why there is no HAL callback 2106 */ 2107 if (BTA_SUCCESS != status) { 2108 BTIF_TRACE_ERROR("%s, %d", __func__, status); 2109 } else { 2110 BTIF_TRACE_DEBUG("%s", __func__); 2111 } 2112 } 2113 2114 /***************************************************************************** 2115 * 2116 * btif api functions (no context switch) 2117 * 2118 ****************************************************************************/ 2119 2120 /******************************************************************************* 2121 * 2122 * Function btif_dm_start_discovery 2123 * 2124 * Description Start device discovery/inquiry 2125 * 2126 * Returns bt_status_t 2127 * 2128 ******************************************************************************/ 2129 bt_status_t btif_dm_start_discovery(void) { 2130 tBTA_DM_INQ inq_params; 2131 tBTA_SERVICE_MASK services = 0; 2132 2133 BTIF_TRACE_EVENT("%s", __func__); 2134 2135 /* Cleanup anything remaining on index 0 */ 2136 do_in_bta_thread( 2137 FROM_HERE, 2138 base::Bind(&BTM_BleAdvFilterParamSetup, BTM_BLE_SCAN_COND_DELETE, 0, 2139 nullptr, base::Bind(&bte_scan_filt_param_cfg_evt, 0))); 2140 2141 auto adv_filt_param = std::make_unique<btgatt_filt_param_setup_t>(); 2142 /* Add an allow-all filter on index 0*/ 2143 adv_filt_param->dely_mode = IMMEDIATE_DELY_MODE; 2144 adv_filt_param->feat_seln = ALLOW_ALL_FILTER; 2145 adv_filt_param->filt_logic_type = BTA_DM_BLE_PF_FILT_LOGIC_OR; 2146 adv_filt_param->list_logic_type = BTA_DM_BLE_PF_LIST_LOGIC_OR; 2147 adv_filt_param->rssi_low_thres = LOWEST_RSSI_VALUE; 2148 adv_filt_param->rssi_high_thres = LOWEST_RSSI_VALUE; 2149 do_in_bta_thread( 2150 FROM_HERE, base::Bind(&BTM_BleAdvFilterParamSetup, BTM_BLE_SCAN_COND_ADD, 2151 0, base::Passed(&adv_filt_param), 2152 base::Bind(&bte_scan_filt_param_cfg_evt, 0))); 2153 2154 /* TODO: Do we need to handle multiple inquiries at the same time? */ 2155 2156 /* Set inquiry params and call API */ 2157 inq_params.mode = BTA_DM_GENERAL_INQUIRY | BTA_BLE_GENERAL_INQUIRY; 2158 inq_params.duration = BTIF_DM_DEFAULT_INQ_MAX_DURATION; 2159 2160 inq_params.max_resps = BTIF_DM_DEFAULT_INQ_MAX_RESULTS; 2161 inq_params.report_dup = true; 2162 2163 inq_params.filter_type = BTA_DM_INQ_CLR; 2164 /* TODO: Filter device by BDA needs to be implemented here */ 2165 2166 /* Will be enabled to true once inquiry busy level has been received */ 2167 btif_dm_inquiry_in_progress = false; 2168 /* find nearby devices */ 2169 BTA_DmSearch(&inq_params, services, bte_search_devices_evt); 2170 2171 return BT_STATUS_SUCCESS; 2172 } 2173 2174 /******************************************************************************* 2175 * 2176 * Function btif_dm_cancel_discovery 2177 * 2178 * Description Cancels search 2179 * 2180 * Returns bt_status_t 2181 * 2182 ******************************************************************************/ 2183 bt_status_t btif_dm_cancel_discovery(void) { 2184 BTIF_TRACE_EVENT("%s", __func__); 2185 BTA_DmSearchCancel(); 2186 return BT_STATUS_SUCCESS; 2187 } 2188 2189 /******************************************************************************* 2190 * 2191 * Function btif_dm_create_bond 2192 * 2193 * Description Initiate bonding with the specified device 2194 * 2195 * Returns bt_status_t 2196 * 2197 ******************************************************************************/ 2198 bt_status_t btif_dm_create_bond(const RawAddress* bd_addr, int transport) { 2199 btif_dm_create_bond_cb_t create_bond_cb; 2200 create_bond_cb.transport = transport; 2201 create_bond_cb.bdaddr = *bd_addr; 2202 2203 BTIF_TRACE_EVENT("%s: bd_addr=%s, transport=%d", __func__, 2204 bd_addr->ToString().c_str(), transport); 2205 if (pairing_cb.state != BT_BOND_STATE_NONE) return BT_STATUS_BUSY; 2206 2207 btif_stats_add_bond_event(*bd_addr, BTIF_DM_FUNC_CREATE_BOND, 2208 pairing_cb.state); 2209 2210 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_CREATE_BOND, 2211 (char*)&create_bond_cb, 2212 sizeof(btif_dm_create_bond_cb_t), NULL); 2213 2214 return BT_STATUS_SUCCESS; 2215 } 2216 2217 /******************************************************************************* 2218 * 2219 * Function btif_dm_create_bond_out_of_band 2220 * 2221 * Description Initiate bonding with the specified device using out of band 2222 * data 2223 * 2224 * Returns bt_status_t 2225 * 2226 ******************************************************************************/ 2227 bt_status_t btif_dm_create_bond_out_of_band( 2228 const RawAddress* bd_addr, int transport, 2229 const bt_out_of_band_data_t* oob_data) { 2230 oob_cb.bdaddr = *bd_addr; 2231 memcpy(&oob_cb.oob_data, oob_data, sizeof(bt_out_of_band_data_t)); 2232 2233 uint8_t empty[] = {0, 0, 0, 0, 0, 0, 0}; 2234 // If LE Bluetooth Device Address is provided, use provided address type 2235 // value. 2236 if (memcmp(oob_data->le_bt_dev_addr, empty, 7) != 0) { 2237 /* byte no 7 is address type in LE Bluetooth Address OOB data */ 2238 uint8_t address_type = oob_data->le_bt_dev_addr[6]; 2239 if (address_type == BLE_ADDR_PUBLIC || address_type == BLE_ADDR_RANDOM) { 2240 // bd_addr->address is already reversed, so use it instead of 2241 // oob_data->le_bt_dev_addr 2242 BTM_SecAddBleDevice(*bd_addr, NULL, BT_DEVICE_TYPE_BLE, address_type); 2243 } 2244 } 2245 2246 BTIF_TRACE_EVENT("%s: bd_addr=%s, transport=%d", __func__, 2247 bd_addr->ToString().c_str(), transport); 2248 return btif_dm_create_bond(bd_addr, transport); 2249 } 2250 2251 /******************************************************************************* 2252 * 2253 * Function btif_dm_cancel_bond 2254 * 2255 * Description Initiate bonding with the specified device 2256 * 2257 * Returns bt_status_t 2258 * 2259 ******************************************************************************/ 2260 2261 bt_status_t btif_dm_cancel_bond(const RawAddress* bd_addr) { 2262 BTIF_TRACE_EVENT("%s: bd_addr=%s", __func__, bd_addr->ToString().c_str()); 2263 2264 btif_stats_add_bond_event(*bd_addr, BTIF_DM_FUNC_CANCEL_BOND, 2265 pairing_cb.state); 2266 2267 /* TODO: 2268 ** 1. Restore scan modes 2269 ** 2. special handling for HID devices 2270 */ 2271 if (pairing_cb.state == BT_BOND_STATE_BONDING) { 2272 if (pairing_cb.is_ssp) { 2273 if (pairing_cb.is_le_only) { 2274 BTA_DmBleSecurityGrant(*bd_addr, BTA_DM_SEC_PAIR_NOT_SPT); 2275 } else { 2276 BTA_DmConfirm(*bd_addr, false); 2277 BTA_DmBondCancel(*bd_addr); 2278 btif_storage_remove_bonded_device(bd_addr); 2279 } 2280 } else { 2281 if (pairing_cb.is_le_only) { 2282 BTA_DmBondCancel(*bd_addr); 2283 } else { 2284 BTA_DmPinReply(*bd_addr, false, 0, NULL); 2285 } 2286 /* Cancel bonding, in case it is in ACL connection setup state */ 2287 BTA_DmBondCancel(*bd_addr); 2288 } 2289 } 2290 2291 return BT_STATUS_SUCCESS; 2292 } 2293 2294 /******************************************************************************* 2295 * 2296 * Function btif_dm_hh_open_failed 2297 * 2298 * Description informs the upper layers if the HH have failed during 2299 * bonding 2300 * 2301 * Returns none 2302 * 2303 ******************************************************************************/ 2304 2305 void btif_dm_hh_open_failed(RawAddress* bdaddr) { 2306 if (pairing_cb.state == BT_BOND_STATE_BONDING && 2307 *bdaddr == pairing_cb.bd_addr) { 2308 bond_state_changed(BT_STATUS_FAIL, *bdaddr, BT_BOND_STATE_NONE); 2309 } 2310 } 2311 2312 /******************************************************************************* 2313 * 2314 * Function btif_dm_remove_bond 2315 * 2316 * Description Removes bonding with the specified device 2317 * 2318 * Returns bt_status_t 2319 * 2320 ******************************************************************************/ 2321 2322 bt_status_t btif_dm_remove_bond(const RawAddress* bd_addr) { 2323 BTIF_TRACE_EVENT("%s: bd_addr=%s", __func__, bd_addr->ToString().c_str()); 2324 2325 btif_stats_add_bond_event(*bd_addr, BTIF_DM_FUNC_REMOVE_BOND, 2326 pairing_cb.state); 2327 2328 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_REMOVE_BOND, 2329 (char*)bd_addr, sizeof(RawAddress), NULL); 2330 2331 return BT_STATUS_SUCCESS; 2332 } 2333 2334 /******************************************************************************* 2335 * 2336 * Function btif_dm_pin_reply 2337 * 2338 * Description BT legacy pairing - PIN code reply 2339 * 2340 * Returns bt_status_t 2341 * 2342 ******************************************************************************/ 2343 2344 bt_status_t btif_dm_pin_reply(const RawAddress* bd_addr, uint8_t accept, 2345 uint8_t pin_len, bt_pin_code_t* pin_code) { 2346 BTIF_TRACE_EVENT("%s: accept=%d", __func__, accept); 2347 if (pin_code == NULL || pin_len > PIN_CODE_LEN) return BT_STATUS_FAIL; 2348 if (pairing_cb.is_le_only) { 2349 int i; 2350 uint32_t passkey = 0; 2351 int multi[] = {100000, 10000, 1000, 100, 10, 1}; 2352 for (i = 0; i < 6; i++) { 2353 passkey += (multi[i] * (pin_code->pin[i] - '0')); 2354 } 2355 BTIF_TRACE_DEBUG("btif_dm_pin_reply: passkey: %d", passkey); 2356 BTA_DmBlePasskeyReply(*bd_addr, accept, passkey); 2357 2358 } else { 2359 BTA_DmPinReply(*bd_addr, accept, pin_len, pin_code->pin); 2360 if (accept) pairing_cb.pin_code_len = pin_len; 2361 } 2362 return BT_STATUS_SUCCESS; 2363 } 2364 2365 /******************************************************************************* 2366 * 2367 * Function btif_dm_ssp_reply 2368 * 2369 * Description BT SSP Reply - Just Works, Numeric Comparison & Passkey 2370 * Entry 2371 * 2372 * Returns bt_status_t 2373 * 2374 ******************************************************************************/ 2375 bt_status_t btif_dm_ssp_reply(const RawAddress* bd_addr, 2376 bt_ssp_variant_t variant, uint8_t accept, 2377 UNUSED_ATTR uint32_t passkey) { 2378 if (variant == BT_SSP_VARIANT_PASSKEY_ENTRY) { 2379 /* This is not implemented in the stack. 2380 * For devices with display, this is not needed 2381 */ 2382 BTIF_TRACE_WARNING("%s: Not implemented", __func__); 2383 return BT_STATUS_FAIL; 2384 } 2385 /* BT_SSP_VARIANT_CONSENT & BT_SSP_VARIANT_PASSKEY_CONFIRMATION supported */ 2386 BTIF_TRACE_EVENT("%s: accept=%d", __func__, accept); 2387 if (pairing_cb.is_le_only) { 2388 if (pairing_cb.is_le_nc) { 2389 BTA_DmBleConfirmReply(*bd_addr, accept); 2390 } else { 2391 if (accept) 2392 BTA_DmBleSecurityGrant(*bd_addr, BTA_DM_SEC_GRANTED); 2393 else 2394 BTA_DmBleSecurityGrant(*bd_addr, BTA_DM_SEC_PAIR_NOT_SPT); 2395 } 2396 } else { 2397 BTA_DmConfirm(*bd_addr, accept); 2398 } 2399 return BT_STATUS_SUCCESS; 2400 } 2401 2402 /******************************************************************************* 2403 * 2404 * Function btif_dm_get_adapter_property 2405 * 2406 * Description Queries the BTA for the adapter property 2407 * 2408 * Returns bt_status_t 2409 * 2410 ******************************************************************************/ 2411 bt_status_t btif_dm_get_adapter_property(bt_property_t* prop) { 2412 BTIF_TRACE_EVENT("%s: type=0x%x", __func__, prop->type); 2413 switch (prop->type) { 2414 case BT_PROPERTY_BDNAME: { 2415 bt_bdname_t* bd_name = (bt_bdname_t*)prop->val; 2416 strncpy((char*)bd_name->name, (char*)btif_get_default_local_name(), 2417 sizeof(bd_name->name) - 1); 2418 bd_name->name[sizeof(bd_name->name) - 1] = 0; 2419 prop->len = strlen((char*)bd_name->name); 2420 } break; 2421 2422 case BT_PROPERTY_ADAPTER_SCAN_MODE: { 2423 /* if the storage does not have it. Most likely app never set it. Default 2424 * is NONE */ 2425 bt_scan_mode_t* mode = (bt_scan_mode_t*)prop->val; 2426 *mode = BT_SCAN_MODE_NONE; 2427 prop->len = sizeof(bt_scan_mode_t); 2428 } break; 2429 2430 case BT_PROPERTY_ADAPTER_DISCOVERY_TIMEOUT: { 2431 uint32_t* tmt = (uint32_t*)prop->val; 2432 *tmt = 120; /* default to 120s, if not found in NV */ 2433 prop->len = sizeof(uint32_t); 2434 } break; 2435 2436 case BT_PROPERTY_CLASS_OF_DEVICE: { 2437 DEV_CLASS dev_class = BTA_DM_COD; 2438 memcpy(prop->val, dev_class, sizeof(DEV_CLASS)); 2439 prop->len = sizeof(DEV_CLASS); 2440 } break; 2441 2442 default: 2443 prop->len = 0; 2444 return BT_STATUS_FAIL; 2445 } 2446 return BT_STATUS_SUCCESS; 2447 } 2448 2449 /******************************************************************************* 2450 * 2451 * Function btif_dm_get_remote_services 2452 * 2453 * Description Start SDP to get remote services 2454 * 2455 * Returns bt_status_t 2456 * 2457 ******************************************************************************/ 2458 bt_status_t btif_dm_get_remote_services(const RawAddress& remote_addr) { 2459 BTIF_TRACE_EVENT("%s: bd_addr=%s", __func__, remote_addr.ToString().c_str()); 2460 2461 BTA_DmDiscover(remote_addr, BTA_ALL_SERVICE_MASK, bte_dm_search_services_evt, 2462 true); 2463 2464 return BT_STATUS_SUCCESS; 2465 } 2466 2467 /******************************************************************************* 2468 * 2469 * Function btif_dm_get_remote_services_transport 2470 * 2471 * Description Start SDP to get remote services by transport 2472 * 2473 * Returns bt_status_t 2474 * 2475 ******************************************************************************/ 2476 bt_status_t btif_dm_get_remote_services_by_transport(RawAddress* remote_addr, 2477 const int transport) { 2478 BTIF_TRACE_EVENT("%s: transport=%d, remote_addr=%s", __func__, transport, 2479 remote_addr->ToString().c_str()); 2480 2481 /* Set the mask extension */ 2482 tBTA_SERVICE_MASK_EXT mask_ext; 2483 mask_ext.num_uuid = 0; 2484 mask_ext.p_uuid = NULL; 2485 mask_ext.srvc_mask = BTA_ALL_SERVICE_MASK; 2486 2487 BTA_DmDiscoverByTransport(*remote_addr, &mask_ext, bte_dm_search_services_evt, 2488 true, transport); 2489 2490 return BT_STATUS_SUCCESS; 2491 } 2492 2493 /******************************************************************************* 2494 * 2495 * Function btif_dm_get_remote_service_record 2496 * 2497 * Description Start SDP to get remote service record 2498 * 2499 * 2500 * Returns bt_status_t 2501 ******************************************************************************/ 2502 bt_status_t btif_dm_get_remote_service_record(const RawAddress& remote_addr, 2503 const Uuid& uuid) { 2504 BTIF_TRACE_EVENT("%s: bd_addr=%s", __func__, remote_addr.ToString().c_str()); 2505 BTA_DmDiscoverUUID(remote_addr, uuid, bte_dm_remote_service_record_evt, true); 2506 2507 return BT_STATUS_SUCCESS; 2508 } 2509 2510 void btif_dm_execute_service_request(uint16_t event, char* p_param) { 2511 bool b_enable = false; 2512 bt_status_t status; 2513 if (event == BTIF_DM_ENABLE_SERVICE) { 2514 b_enable = true; 2515 } 2516 status = 2517 btif_in_execute_service_request(*((tBTA_SERVICE_ID*)p_param), b_enable); 2518 if (status == BT_STATUS_SUCCESS) { 2519 bt_property_t property; 2520 Uuid local_uuids[BT_MAX_NUM_UUIDS]; 2521 2522 /* Now send the UUID_PROPERTY_CHANGED event to the upper layer */ 2523 BTIF_STORAGE_FILL_PROPERTY(&property, BT_PROPERTY_UUIDS, 2524 sizeof(local_uuids), local_uuids); 2525 btif_storage_get_adapter_property(&property); 2526 HAL_CBACK(bt_hal_cbacks, adapter_properties_cb, BT_STATUS_SUCCESS, 1, 2527 &property); 2528 } 2529 return; 2530 } 2531 2532 void btif_dm_proc_io_req(UNUSED_ATTR const RawAddress& bd_addr, 2533 UNUSED_ATTR tBTA_IO_CAP* p_io_cap, 2534 UNUSED_ATTR tBTA_OOB_DATA* p_oob_data, 2535 tBTA_AUTH_REQ* p_auth_req, bool is_orig) { 2536 uint8_t yes_no_bit = BTA_AUTH_SP_YES & *p_auth_req; 2537 /* if local initiated: 2538 ** 1. set DD + MITM 2539 ** if remote initiated: 2540 ** 1. Copy over the auth_req from peer's io_rsp 2541 ** 2. Set the MITM if peer has it set or if peer has DisplayYesNo 2542 *(iPhone) 2543 ** as a fallback set MITM+GB if peer had MITM set 2544 */ 2545 2546 BTIF_TRACE_DEBUG("+%s: p_auth_req=%d", __func__, *p_auth_req); 2547 if (pairing_cb.is_local_initiated) { 2548 /* if initing/responding to a dedicated bonding, use dedicate bonding bit */ 2549 *p_auth_req = BTA_AUTH_DD_BOND | BTA_AUTH_SP_YES; 2550 } else if (!is_orig) { 2551 /* peer initiated paring. They probably know what they want. 2552 ** Copy the mitm from peer device. 2553 */ 2554 BTIF_TRACE_DEBUG("%s: setting p_auth_req to peer's: %d", __func__, 2555 pairing_cb.auth_req); 2556 *p_auth_req = (pairing_cb.auth_req & BTA_AUTH_BONDS); 2557 2558 /* copy over the MITM bit as well. In addition if the peer has DisplayYesNo, 2559 * force MITM */ 2560 if ((yes_no_bit) || (pairing_cb.io_cap & BTM_IO_CAP_IO)) 2561 *p_auth_req |= BTA_AUTH_SP_YES; 2562 } else if (yes_no_bit) { 2563 /* set the general bonding bit for stored device */ 2564 *p_auth_req = BTA_AUTH_GEN_BOND | yes_no_bit; 2565 } 2566 BTIF_TRACE_DEBUG("-%s: p_auth_req=%d", __func__, *p_auth_req); 2567 } 2568 2569 void btif_dm_proc_io_rsp(UNUSED_ATTR const RawAddress& bd_addr, 2570 tBTA_IO_CAP io_cap, UNUSED_ATTR tBTA_OOB_DATA oob_data, 2571 tBTA_AUTH_REQ auth_req) { 2572 if (auth_req & BTA_AUTH_BONDS) { 2573 BTIF_TRACE_DEBUG("%s auth_req:%d", __func__, auth_req); 2574 pairing_cb.auth_req = auth_req; 2575 pairing_cb.io_cap = io_cap; 2576 } 2577 } 2578 2579 void btif_dm_set_oob_for_io_req(tBTA_OOB_DATA* p_has_oob_data) { 2580 if (is_empty_128bit(oob_cb.oob_data.c192)) { 2581 *p_has_oob_data = false; 2582 } else { 2583 *p_has_oob_data = true; 2584 } 2585 BTIF_TRACE_DEBUG("%s: *p_has_oob_data=%d", __func__, *p_has_oob_data); 2586 } 2587 2588 void btif_dm_set_oob_for_le_io_req(const RawAddress& bd_addr, 2589 tBTA_OOB_DATA* p_has_oob_data, 2590 tBTA_LE_AUTH_REQ* p_auth_req) { 2591 if (!is_empty_128bit(oob_cb.oob_data.le_sc_c) && 2592 !is_empty_128bit(oob_cb.oob_data.le_sc_r)) { 2593 /* We have LE SC OOB data */ 2594 2595 /* make sure OOB data is for this particular device */ 2596 if (bd_addr == oob_cb.bdaddr) { 2597 *p_auth_req = ((*p_auth_req) | BTM_LE_AUTH_REQ_SC_ONLY); 2598 *p_has_oob_data = true; 2599 } else { 2600 *p_has_oob_data = false; 2601 BTIF_TRACE_WARNING("%s: remote address didn't match OOB data address", 2602 __func__); 2603 } 2604 } else if (!is_empty_128bit(oob_cb.oob_data.sm_tk)) { 2605 /* We have security manager TK */ 2606 2607 /* make sure OOB data is for this particular device */ 2608 if (bd_addr == oob_cb.bdaddr) { 2609 // When using OOB with TK, SC Secure Connections bit must be disabled. 2610 tBTA_LE_AUTH_REQ mask = ~BTM_LE_AUTH_REQ_SC_ONLY; 2611 *p_auth_req = ((*p_auth_req) & mask); 2612 2613 *p_has_oob_data = true; 2614 } else { 2615 *p_has_oob_data = false; 2616 BTIF_TRACE_WARNING("%s: remote address didn't match OOB data address", 2617 __func__); 2618 } 2619 } else { 2620 *p_has_oob_data = false; 2621 } 2622 BTIF_TRACE_DEBUG("%s *p_has_oob_data=%d", __func__, *p_has_oob_data); 2623 } 2624 2625 #ifdef BTIF_DM_OOB_TEST 2626 void btif_dm_load_local_oob(void) { 2627 char prop_oob[PROPERTY_VALUE_MAX]; 2628 osi_property_get("service.brcm.bt.oob", prop_oob, "3"); 2629 BTIF_TRACE_DEBUG("%s: prop_oob = %s", __func__, prop_oob); 2630 if (prop_oob[0] != '3') { 2631 if (is_empty_128bit(oob_cb.oob_data.c192)) { 2632 BTIF_TRACE_DEBUG("%s: read OOB, call BTA_DmLocalOob()", __func__); 2633 BTA_DmLocalOob(); 2634 } 2635 } 2636 } 2637 2638 void btif_dm_proc_loc_oob(bool valid, BT_OCTET16 c, BT_OCTET16 r) { 2639 FILE* fp; 2640 const char* path_a = "/data/misc/bluedroid/LOCAL/a.key"; 2641 const char* path_b = "/data/misc/bluedroid/LOCAL/b.key"; 2642 const char* path = NULL; 2643 char prop_oob[PROPERTY_VALUE_MAX]; 2644 BTIF_TRACE_DEBUG("%s: valid=%d", __func__, valid); 2645 if (is_empty_128bit(oob_cb.oob_data.c192) && valid) { 2646 BTIF_TRACE_DEBUG("save local OOB data in memory"); 2647 memcpy(oob_cb.oob_data.c192, c, BT_OCTET16_LEN); 2648 memcpy(oob_cb.oob_data.r192, r, BT_OCTET16_LEN); 2649 osi_property_get("service.brcm.bt.oob", prop_oob, "3"); 2650 BTIF_TRACE_DEBUG("%s: prop_oob = %s", __func__, prop_oob); 2651 if (prop_oob[0] == '1') 2652 path = path_a; 2653 else if (prop_oob[0] == '2') 2654 path = path_b; 2655 if (path) { 2656 fp = fopen(path, "wb+"); 2657 if (fp == NULL) { 2658 BTIF_TRACE_DEBUG("%s: failed to save local OOB data to %s", __func__, 2659 path); 2660 } else { 2661 BTIF_TRACE_DEBUG("%s: save local OOB data into file %s", __func__, 2662 path); 2663 fwrite(c, 1, BT_OCTET16_LEN, fp); 2664 fwrite(r, 1, BT_OCTET16_LEN, fp); 2665 fclose(fp); 2666 } 2667 } 2668 } 2669 } 2670 2671 /******************************************************************************* 2672 * 2673 * Function btif_dm_get_smp_config 2674 * 2675 * Description Retrieve the SMP pairing options from the bt_stack.conf 2676 * file. To provide specific pairing options for the host 2677 * add a node with label "SmpOptions" to the config file 2678 * and assign it a comma separated list of 5 values in the 2679 * format: auth, io, ikey, rkey, ksize, oob 2680 * eg: PTS_SmpOptions=0xD,0x4,0xf,0xf,0x10 2681 * 2682 * Parameters: tBTE_APPL_CFG*: pointer to struct defining pairing options 2683 * 2684 * Returns true if the options were successfully read, else false 2685 * 2686 ******************************************************************************/ 2687 bool btif_dm_get_smp_config(tBTE_APPL_CFG* p_cfg) { 2688 const std::string* recv = stack_config_get_interface()->get_pts_smp_options(); 2689 if (!recv) { 2690 BTIF_TRACE_DEBUG("%s: SMP options not found in configuration", __func__); 2691 return false; 2692 } 2693 2694 char conf[64]; 2695 char* pch; 2696 char* endptr; 2697 2698 strncpy(conf, recv->c_str(), 64); 2699 conf[63] = 0; // null terminate 2700 2701 pch = strtok(conf, ","); 2702 if (pch != NULL) 2703 p_cfg->ble_auth_req = (uint8_t)strtoul(pch, &endptr, 16); 2704 else 2705 return false; 2706 2707 pch = strtok(NULL, ","); 2708 if (pch != NULL) 2709 p_cfg->ble_io_cap = (uint8_t)strtoul(pch, &endptr, 16); 2710 else 2711 return false; 2712 2713 pch = strtok(NULL, ","); 2714 if (pch != NULL) 2715 p_cfg->ble_init_key = (uint8_t)strtoul(pch, &endptr, 16); 2716 else 2717 return false; 2718 2719 pch = strtok(NULL, ","); 2720 if (pch != NULL) 2721 p_cfg->ble_resp_key = (uint8_t)strtoul(pch, &endptr, 16); 2722 else 2723 return false; 2724 2725 pch = strtok(NULL, ","); 2726 if (pch != NULL) 2727 p_cfg->ble_max_key_size = (uint8_t)strtoul(pch, &endptr, 16); 2728 else 2729 return false; 2730 2731 return true; 2732 } 2733 2734 bool btif_dm_proc_rmt_oob(const RawAddress& bd_addr, BT_OCTET16 p_c, 2735 BT_OCTET16 p_r) { 2736 const char* path_a = "/data/misc/bluedroid/LOCAL/a.key"; 2737 const char* path_b = "/data/misc/bluedroid/LOCAL/b.key"; 2738 const char* path = NULL; 2739 char prop_oob[PROPERTY_VALUE_MAX]; 2740 osi_property_get("service.brcm.bt.oob", prop_oob, "3"); 2741 BTIF_TRACE_DEBUG("%s: prop_oob = %s", __func__, prop_oob); 2742 if (prop_oob[0] == '1') 2743 path = path_b; 2744 else if (prop_oob[0] == '2') 2745 path = path_a; 2746 if (!path) { 2747 BTIF_TRACE_DEBUG("%s: can't open path!", __func__); 2748 return false; 2749 } 2750 2751 FILE* fp = fopen(path, "rb"); 2752 if (fp == NULL) { 2753 BTIF_TRACE_DEBUG("%s: failed to read OOB keys from %s", __func__, path); 2754 return false; 2755 } 2756 2757 BTIF_TRACE_DEBUG("%s: read OOB data from %s", __func__, path); 2758 fread(p_c, 1, BT_OCTET16_LEN, fp); 2759 fread(p_r, 1, BT_OCTET16_LEN, fp); 2760 fclose(fp); 2761 2762 RawAddress bt_bd_addr = bd_addr; 2763 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_BOND_STATE_BONDING, 2764 (char*)&bt_bd_addr, sizeof(RawAddress), NULL); 2765 return true; 2766 } 2767 #endif /* BTIF_DM_OOB_TEST */ 2768 2769 static void btif_dm_ble_key_notif_evt(tBTA_DM_SP_KEY_NOTIF* p_ssp_key_notif) { 2770 RawAddress bd_addr; 2771 bt_bdname_t bd_name; 2772 uint32_t cod; 2773 int dev_type; 2774 2775 BTIF_TRACE_DEBUG("%s", __func__); 2776 2777 /* Remote name update */ 2778 if (!btif_get_device_type(p_ssp_key_notif->bd_addr, &dev_type)) { 2779 dev_type = BT_DEVICE_TYPE_BLE; 2780 } 2781 btif_dm_update_ble_remote_properties(p_ssp_key_notif->bd_addr, 2782 p_ssp_key_notif->bd_name, 2783 (tBT_DEVICE_TYPE)dev_type); 2784 bd_addr = p_ssp_key_notif->bd_addr; 2785 memcpy(bd_name.name, p_ssp_key_notif->bd_name, BD_NAME_LEN); 2786 2787 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 2788 pairing_cb.is_ssp = false; 2789 cod = COD_UNCLASSIFIED; 2790 2791 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod, 2792 BT_SSP_VARIANT_PASSKEY_NOTIFICATION, p_ssp_key_notif->passkey); 2793 } 2794 2795 /******************************************************************************* 2796 * 2797 * Function btif_dm_ble_auth_cmpl_evt 2798 * 2799 * Description Executes authentication complete event in btif context 2800 * 2801 * Returns void 2802 * 2803 ******************************************************************************/ 2804 static void btif_dm_ble_auth_cmpl_evt(tBTA_DM_AUTH_CMPL* p_auth_cmpl) { 2805 /* Save link key, if not temporary */ 2806 bt_status_t status = BT_STATUS_FAIL; 2807 bt_bond_state_t state = BT_BOND_STATE_NONE; 2808 2809 RawAddress bd_addr = p_auth_cmpl->bd_addr; 2810 2811 /* Clear OOB data */ 2812 memset(&oob_cb, 0, sizeof(oob_cb)); 2813 2814 if ((p_auth_cmpl->success) && (p_auth_cmpl->key_present)) { 2815 /* store keys */ 2816 } 2817 if (p_auth_cmpl->success) { 2818 status = BT_STATUS_SUCCESS; 2819 state = BT_BOND_STATE_BONDED; 2820 int addr_type; 2821 RawAddress bdaddr = p_auth_cmpl->bd_addr; 2822 if (btif_storage_get_remote_addr_type(&bdaddr, &addr_type) != 2823 BT_STATUS_SUCCESS) 2824 btif_storage_set_remote_addr_type(&bdaddr, p_auth_cmpl->addr_type); 2825 2826 /* Test for temporary bonding */ 2827 if (btm_get_bond_type_dev(p_auth_cmpl->bd_addr) == BOND_TYPE_TEMPORARY) { 2828 BTIF_TRACE_DEBUG("%s: sending BT_BOND_STATE_NONE for Temp pairing", 2829 __func__); 2830 btif_storage_remove_bonded_device(&bdaddr); 2831 state = BT_BOND_STATE_NONE; 2832 } else { 2833 btif_dm_save_ble_bonding_keys(); 2834 BTA_GATTC_Refresh(bd_addr); 2835 btif_dm_get_remote_services_by_transport(&bd_addr, GATT_TRANSPORT_LE); 2836 } 2837 } else { 2838 /*Map the HCI fail reason to bt status */ 2839 switch (p_auth_cmpl->fail_reason) { 2840 case BTA_DM_AUTH_SMP_PAIR_AUTH_FAIL: 2841 case BTA_DM_AUTH_SMP_CONFIRM_VALUE_FAIL: 2842 case BTA_DM_AUTH_SMP_UNKNOWN_ERR: 2843 case BTA_DM_AUTH_SMP_CONN_TOUT: 2844 btif_dm_remove_ble_bonding_keys(); 2845 status = BT_STATUS_AUTH_FAILURE; 2846 break; 2847 case BTA_DM_AUTH_SMP_PAIR_NOT_SUPPORT: 2848 status = BT_STATUS_AUTH_REJECTED; 2849 break; 2850 default: 2851 btif_dm_remove_ble_bonding_keys(); 2852 status = BT_STATUS_FAIL; 2853 break; 2854 } 2855 } 2856 bond_state_changed(status, bd_addr, state); 2857 } 2858 2859 void btif_dm_load_ble_local_keys(void) { 2860 memset(&ble_local_key_cb, 0, sizeof(btif_dm_local_key_cb_t)); 2861 2862 if (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_ER, 2863 (char*)&ble_local_key_cb.er[0], 2864 BT_OCTET16_LEN) == BT_STATUS_SUCCESS) { 2865 ble_local_key_cb.is_er_rcvd = true; 2866 BTIF_TRACE_DEBUG("%s BLE ER key loaded", __func__); 2867 } 2868 2869 if ((btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_IR, 2870 (char*)&ble_local_key_cb.id_keys.ir[0], 2871 BT_OCTET16_LEN) == BT_STATUS_SUCCESS) && 2872 (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_IRK, 2873 (char*)&ble_local_key_cb.id_keys.irk[0], 2874 BT_OCTET16_LEN) == BT_STATUS_SUCCESS) && 2875 (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_DHK, 2876 (char*)&ble_local_key_cb.id_keys.dhk[0], 2877 BT_OCTET16_LEN) == BT_STATUS_SUCCESS)) { 2878 ble_local_key_cb.is_id_keys_rcvd = true; 2879 BTIF_TRACE_DEBUG("%s BLE ID keys loaded", __func__); 2880 } 2881 } 2882 void btif_dm_get_ble_local_keys(tBTA_DM_BLE_LOCAL_KEY_MASK* p_key_mask, 2883 BT_OCTET16 er, 2884 tBTA_BLE_LOCAL_ID_KEYS* p_id_keys) { 2885 if (ble_local_key_cb.is_er_rcvd) { 2886 memcpy(&er[0], &ble_local_key_cb.er[0], sizeof(BT_OCTET16)); 2887 *p_key_mask |= BTA_BLE_LOCAL_KEY_TYPE_ER; 2888 } 2889 2890 if (ble_local_key_cb.is_id_keys_rcvd) { 2891 memcpy(&p_id_keys->ir[0], &ble_local_key_cb.id_keys.ir[0], 2892 sizeof(BT_OCTET16)); 2893 memcpy(&p_id_keys->irk[0], &ble_local_key_cb.id_keys.irk[0], 2894 sizeof(BT_OCTET16)); 2895 memcpy(&p_id_keys->dhk[0], &ble_local_key_cb.id_keys.dhk[0], 2896 sizeof(BT_OCTET16)); 2897 *p_key_mask |= BTA_BLE_LOCAL_KEY_TYPE_ID; 2898 } 2899 BTIF_TRACE_DEBUG("%s *p_key_mask=0x%02x", __func__, *p_key_mask); 2900 } 2901 2902 void btif_dm_save_ble_bonding_keys(void) { 2903 BTIF_TRACE_DEBUG("%s", __func__); 2904 2905 RawAddress bd_addr = pairing_cb.bd_addr; 2906 2907 if (pairing_cb.ble.is_penc_key_rcvd) { 2908 btif_storage_add_ble_bonding_key( 2909 &bd_addr, (uint8_t*)&pairing_cb.ble.penc_key, BTIF_DM_LE_KEY_PENC, 2910 sizeof(tBTM_LE_PENC_KEYS)); 2911 } 2912 2913 if (pairing_cb.ble.is_pid_key_rcvd) { 2914 btif_storage_add_ble_bonding_key( 2915 &bd_addr, (uint8_t*)&pairing_cb.ble.pid_key, BTIF_DM_LE_KEY_PID, 2916 sizeof(tBTM_LE_PID_KEYS)); 2917 } 2918 2919 if (pairing_cb.ble.is_pcsrk_key_rcvd) { 2920 btif_storage_add_ble_bonding_key( 2921 &bd_addr, (uint8_t*)&pairing_cb.ble.pcsrk_key, BTIF_DM_LE_KEY_PCSRK, 2922 sizeof(tBTM_LE_PCSRK_KEYS)); 2923 } 2924 2925 if (pairing_cb.ble.is_lenc_key_rcvd) { 2926 btif_storage_add_ble_bonding_key( 2927 &bd_addr, (uint8_t*)&pairing_cb.ble.lenc_key, BTIF_DM_LE_KEY_LENC, 2928 sizeof(tBTM_LE_LENC_KEYS)); 2929 } 2930 2931 if (pairing_cb.ble.is_lcsrk_key_rcvd) { 2932 btif_storage_add_ble_bonding_key( 2933 &bd_addr, (uint8_t*)&pairing_cb.ble.lcsrk_key, BTIF_DM_LE_KEY_LCSRK, 2934 sizeof(tBTM_LE_LCSRK_KEYS)); 2935 } 2936 2937 if (pairing_cb.ble.is_lidk_key_rcvd) { 2938 btif_storage_add_ble_bonding_key(&bd_addr, NULL, BTIF_DM_LE_KEY_LID, 0); 2939 } 2940 } 2941 2942 void btif_dm_remove_ble_bonding_keys(void) { 2943 BTIF_TRACE_DEBUG("%s", __func__); 2944 2945 RawAddress bd_addr = pairing_cb.bd_addr; 2946 btif_storage_remove_ble_bonding_keys(&bd_addr); 2947 } 2948 2949 /******************************************************************************* 2950 * 2951 * Function btif_dm_ble_sec_req_evt 2952 * 2953 * Description Eprocess security request event in btif context 2954 * 2955 * Returns void 2956 * 2957 ******************************************************************************/ 2958 void btif_dm_ble_sec_req_evt(tBTA_DM_BLE_SEC_REQ* p_ble_req) { 2959 bt_bdname_t bd_name; 2960 uint32_t cod; 2961 int dev_type; 2962 2963 BTIF_TRACE_DEBUG("%s", __func__); 2964 2965 if (pairing_cb.state == BT_BOND_STATE_BONDING) { 2966 BTIF_TRACE_DEBUG("%s Discard security request", __func__); 2967 return; 2968 } 2969 2970 /* Remote name update */ 2971 if (!btif_get_device_type(p_ble_req->bd_addr, &dev_type)) { 2972 dev_type = BT_DEVICE_TYPE_BLE; 2973 } 2974 btif_dm_update_ble_remote_properties(p_ble_req->bd_addr, p_ble_req->bd_name, 2975 (tBT_DEVICE_TYPE)dev_type); 2976 2977 RawAddress bd_addr = p_ble_req->bd_addr; 2978 memcpy(bd_name.name, p_ble_req->bd_name, BD_NAME_LEN); 2979 2980 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 2981 2982 pairing_cb.bond_type = BOND_TYPE_PERSISTENT; 2983 pairing_cb.is_le_only = true; 2984 pairing_cb.is_le_nc = false; 2985 pairing_cb.is_ssp = true; 2986 btm_set_bond_type_dev(p_ble_req->bd_addr, pairing_cb.bond_type); 2987 2988 cod = COD_UNCLASSIFIED; 2989 2990 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod, 2991 BT_SSP_VARIANT_CONSENT, 0); 2992 } 2993 2994 /******************************************************************************* 2995 * 2996 * Function btif_dm_ble_passkey_req_evt 2997 * 2998 * Description Executes pin request event in btif context 2999 * 3000 * Returns void 3001 * 3002 ******************************************************************************/ 3003 static void btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ* p_pin_req) { 3004 bt_bdname_t bd_name; 3005 uint32_t cod; 3006 int dev_type; 3007 3008 /* Remote name update */ 3009 if (!btif_get_device_type(p_pin_req->bd_addr, &dev_type)) { 3010 dev_type = BT_DEVICE_TYPE_BLE; 3011 } 3012 btif_dm_update_ble_remote_properties(p_pin_req->bd_addr, p_pin_req->bd_name, 3013 (tBT_DEVICE_TYPE)dev_type); 3014 3015 RawAddress bd_addr = p_pin_req->bd_addr; 3016 memcpy(bd_name.name, p_pin_req->bd_name, BD_NAME_LEN); 3017 3018 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 3019 pairing_cb.is_le_only = true; 3020 3021 cod = COD_UNCLASSIFIED; 3022 3023 HAL_CBACK(bt_hal_cbacks, pin_request_cb, &bd_addr, &bd_name, cod, false); 3024 } 3025 static void btif_dm_ble_key_nc_req_evt(tBTA_DM_SP_KEY_NOTIF* p_notif_req) { 3026 /* TODO implement key notification for numeric comparison */ 3027 BTIF_TRACE_DEBUG("%s", __func__); 3028 3029 /* Remote name update */ 3030 btif_update_remote_properties(p_notif_req->bd_addr, p_notif_req->bd_name, 3031 NULL, BT_DEVICE_TYPE_BLE); 3032 3033 RawAddress bd_addr = p_notif_req->bd_addr; 3034 3035 bt_bdname_t bd_name; 3036 memcpy(bd_name.name, p_notif_req->bd_name, BD_NAME_LEN); 3037 3038 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 3039 pairing_cb.is_ssp = false; 3040 pairing_cb.is_le_only = true; 3041 pairing_cb.is_le_nc = true; 3042 3043 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, COD_UNCLASSIFIED, 3044 BT_SSP_VARIANT_PASSKEY_CONFIRMATION, p_notif_req->passkey); 3045 } 3046 3047 static void btif_dm_ble_oob_req_evt(tBTA_DM_SP_RMT_OOB* req_oob_type) { 3048 BTIF_TRACE_DEBUG("%s", __func__); 3049 3050 RawAddress bd_addr = req_oob_type->bd_addr; 3051 /* We already checked if OOB data is present in 3052 * btif_dm_set_oob_for_le_io_req, but check here again. If it's not present 3053 * do nothing, pairing will timeout. 3054 */ 3055 if (is_empty_128bit(oob_cb.oob_data.sm_tk)) { 3056 return; 3057 } 3058 3059 /* make sure OOB data is for this particular device */ 3060 if (req_oob_type->bd_addr != oob_cb.bdaddr) { 3061 BTIF_TRACE_WARNING("%s: remote address didn't match OOB data address", 3062 __func__); 3063 return; 3064 } 3065 3066 /* Remote name update */ 3067 btif_update_remote_properties(req_oob_type->bd_addr, req_oob_type->bd_name, 3068 NULL, BT_DEVICE_TYPE_BLE); 3069 3070 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 3071 pairing_cb.is_ssp = false; 3072 pairing_cb.is_le_only = true; 3073 pairing_cb.is_le_nc = false; 3074 3075 BTM_BleOobDataReply(req_oob_type->bd_addr, 0, 16, oob_cb.oob_data.sm_tk); 3076 } 3077 3078 static void btif_dm_ble_sc_oob_req_evt(tBTA_DM_SP_RMT_OOB* req_oob_type) { 3079 BTIF_TRACE_DEBUG("%s", __func__); 3080 3081 RawAddress bd_addr = req_oob_type->bd_addr; 3082 3083 /* We already checked if OOB data is present in 3084 * btif_dm_set_oob_for_le_io_req, but check here again. If it's not present 3085 * do nothing, pairing will timeout. 3086 */ 3087 if (is_empty_128bit(oob_cb.oob_data.le_sc_c) && 3088 is_empty_128bit(oob_cb.oob_data.le_sc_r)) { 3089 BTIF_TRACE_WARNING("%s: LE SC OOB data is empty", __func__); 3090 return; 3091 } 3092 3093 /* make sure OOB data is for this particular device */ 3094 if (req_oob_type->bd_addr != oob_cb.bdaddr) { 3095 BTIF_TRACE_WARNING("%s: remote address didn't match OOB data address", 3096 __func__); 3097 return; 3098 } 3099 3100 /* Remote name update */ 3101 btif_update_remote_properties(req_oob_type->bd_addr, req_oob_type->bd_name, 3102 NULL, BT_DEVICE_TYPE_BLE); 3103 3104 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 3105 pairing_cb.is_ssp = false; 3106 pairing_cb.is_le_only = 3107 true; // TODO: we can derive classic pairing from this one 3108 pairing_cb.is_le_nc = false; 3109 3110 BTM_BleSecureConnectionOobDataReply( 3111 req_oob_type->bd_addr, oob_cb.oob_data.le_sc_c, oob_cb.oob_data.le_sc_r); 3112 } 3113 3114 void btif_dm_update_ble_remote_properties(const RawAddress& bd_addr, 3115 BD_NAME bd_name, 3116 tBT_DEVICE_TYPE dev_type) { 3117 btif_update_remote_properties(bd_addr, bd_name, NULL, dev_type); 3118 } 3119 3120 static void btif_dm_ble_tx_test_cback(void* p) { 3121 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_TX_TEST, (char*)p, 1, 3122 NULL); 3123 } 3124 3125 static void btif_dm_ble_rx_test_cback(void* p) { 3126 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_RX_TEST, (char*)p, 1, 3127 NULL); 3128 } 3129 3130 static void btif_dm_ble_test_end_cback(void* p) { 3131 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_TEST_END, (char*)p, 3132 3, NULL); 3133 } 3134 /******************************************************************************* 3135 * 3136 * Function btif_le_test_mode 3137 * 3138 * Description Sends a HCI BLE Test command to the Controller 3139 * 3140 * Returns BT_STATUS_SUCCESS on success 3141 * 3142 ******************************************************************************/ 3143 bt_status_t btif_le_test_mode(uint16_t opcode, uint8_t* buf, uint8_t len) { 3144 switch (opcode) { 3145 case HCI_BLE_TRANSMITTER_TEST: 3146 if (len != 3) return BT_STATUS_PARM_INVALID; 3147 BTM_BleTransmitterTest(buf[0], buf[1], buf[2], btif_dm_ble_tx_test_cback); 3148 break; 3149 case HCI_BLE_RECEIVER_TEST: 3150 if (len != 1) return BT_STATUS_PARM_INVALID; 3151 BTM_BleReceiverTest(buf[0], btif_dm_ble_rx_test_cback); 3152 break; 3153 case HCI_BLE_TEST_END: 3154 BTM_BleTestEnd(btif_dm_ble_test_end_cback); 3155 break; 3156 default: 3157 BTIF_TRACE_ERROR("%s: Unknown LE Test Mode Command 0x%x", __func__, 3158 opcode); 3159 return BT_STATUS_UNSUPPORTED; 3160 } 3161 return BT_STATUS_SUCCESS; 3162 } 3163 3164 void btif_dm_on_disable() { 3165 /* cancel any pending pairing requests */ 3166 if (pairing_cb.state == BT_BOND_STATE_BONDING) { 3167 BTIF_TRACE_DEBUG("%s: Cancel pending pairing request", __func__); 3168 btif_dm_cancel_bond(&pairing_cb.bd_addr); 3169 } 3170 } 3171 3172 /******************************************************************************* 3173 * 3174 * Function btif_dm_read_energy_info 3175 * 3176 * Description Reads the energy info from controller 3177 * 3178 * Returns void 3179 * 3180 ******************************************************************************/ 3181 void btif_dm_read_energy_info() { BTA_DmBleGetEnergyInfo(bta_energy_info_cb); } 3182 3183 static char* btif_get_default_local_name() { 3184 if (btif_default_local_name[0] == '\0') { 3185 int max_len = sizeof(btif_default_local_name) - 1; 3186 if (BTM_DEF_LOCAL_NAME[0] != '\0') { 3187 strncpy(btif_default_local_name, BTM_DEF_LOCAL_NAME, max_len); 3188 } else { 3189 char prop_model[PROPERTY_VALUE_MAX]; 3190 osi_property_get(PROPERTY_PRODUCT_MODEL, prop_model, ""); 3191 strncpy(btif_default_local_name, prop_model, max_len); 3192 } 3193 btif_default_local_name[max_len] = '\0'; 3194 } 3195 return btif_default_local_name; 3196 } 3197 3198 static void btif_stats_add_bond_event(const RawAddress& bd_addr, 3199 bt_bond_function_t function, 3200 bt_bond_state_t state) { 3201 std::unique_lock<std::mutex> lock(bond_event_lock); 3202 3203 btif_bond_event_t* event = &btif_dm_bond_events[btif_events_end_index]; 3204 event->bd_addr = bd_addr; 3205 event->function = function; 3206 event->state = state; 3207 clock_gettime(CLOCK_REALTIME, &event->timestamp); 3208 3209 btif_num_bond_events++; 3210 btif_events_end_index = 3211 (btif_events_end_index + 1) % (MAX_BTIF_BOND_EVENT_ENTRIES + 1); 3212 if (btif_events_end_index == btif_events_start_index) { 3213 btif_events_start_index = 3214 (btif_events_start_index + 1) % (MAX_BTIF_BOND_EVENT_ENTRIES + 1); 3215 } 3216 3217 int type; 3218 btif_get_device_type(bd_addr, &type); 3219 3220 system_bt_osi::device_type_t device_type; 3221 switch (type) { 3222 case BT_DEVICE_TYPE_BREDR: 3223 device_type = system_bt_osi::DEVICE_TYPE_BREDR; 3224 break; 3225 case BT_DEVICE_TYPE_BLE: 3226 device_type = system_bt_osi::DEVICE_TYPE_LE; 3227 break; 3228 case BT_DEVICE_TYPE_DUMO: 3229 device_type = system_bt_osi::DEVICE_TYPE_DUMO; 3230 break; 3231 default: 3232 device_type = system_bt_osi::DEVICE_TYPE_UNKNOWN; 3233 break; 3234 } 3235 3236 uint32_t cod = get_cod(&bd_addr); 3237 uint64_t ts = 3238 event->timestamp.tv_sec * 1000 + event->timestamp.tv_nsec / 1000000; 3239 system_bt_osi::BluetoothMetricsLogger::GetInstance()->LogPairEvent( 3240 0, ts, cod, device_type); 3241 } 3242 3243 void btif_debug_bond_event_dump(int fd) { 3244 std::unique_lock<std::mutex> lock(bond_event_lock); 3245 dprintf(fd, "\nBond Events: \n"); 3246 dprintf(fd, " Total Number of events: %zu\n", btif_num_bond_events); 3247 if (btif_num_bond_events > 0) 3248 dprintf(fd, 3249 " Time address Function State\n"); 3250 3251 for (size_t i = btif_events_start_index; i != btif_events_end_index; 3252 i = (i + 1) % (MAX_BTIF_BOND_EVENT_ENTRIES + 1)) { 3253 btif_bond_event_t* event = &btif_dm_bond_events[i]; 3254 3255 char eventtime[20]; 3256 char temptime[20]; 3257 struct tm* tstamp = localtime(&event->timestamp.tv_sec); 3258 strftime(temptime, sizeof(temptime), "%H:%M:%S", tstamp); 3259 snprintf(eventtime, sizeof(eventtime), "%s.%03ld", temptime, 3260 event->timestamp.tv_nsec / 1000000); 3261 3262 const char* func_name; 3263 switch (event->function) { 3264 case BTIF_DM_FUNC_CREATE_BOND: 3265 func_name = "btif_dm_create_bond"; 3266 break; 3267 case BTIF_DM_FUNC_REMOVE_BOND: 3268 func_name = "btif_dm_remove_bond"; 3269 break; 3270 case BTIF_DM_FUNC_BOND_STATE_CHANGED: 3271 func_name = "bond_state_changed "; 3272 break; 3273 default: 3274 func_name = "Invalid value "; 3275 break; 3276 } 3277 3278 const char* bond_state; 3279 switch (event->state) { 3280 case BT_BOND_STATE_NONE: 3281 bond_state = "BOND_STATE_NONE"; 3282 break; 3283 case BT_BOND_STATE_BONDING: 3284 bond_state = "BOND_STATE_BONDING"; 3285 break; 3286 case BT_BOND_STATE_BONDED: 3287 bond_state = "BOND_STATE_BONDED"; 3288 break; 3289 default: 3290 bond_state = "Invalid bond state"; 3291 break; 3292 } 3293 3294 dprintf(fd, " %s %s %s %s\n", eventtime, 3295 event->bd_addr.ToString().c_str(), func_name, bond_state); 3296 } 3297 } 3298
