1 /******************************************************************************
2 *
3 * Copyright 1999-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains functions for the Bluetooth Device Manager
22 *
23 ******************************************************************************/
24
25 #include "stack/btm/btm_dev.h"
26
27 #include <stddef.h>
28 #include <stdio.h>
29 #include <stdlib.h>
30 #include <string.h>
31
32 #include "btm_api.h"
33 #include "btm_ble_int.h"
34 #include "device/include/controller.h"
35 #include "l2c_api.h"
36 #include "main/shim/btm_api.h"
37 #include "main/shim/dumpsys.h"
38 #include "main/shim/shim.h"
39 #include "osi/include/allocator.h"
40 #include "osi/include/compat.h"
41 #include "stack/include/acl_api.h"
42 #include "stack/include/bt_octets.h"
43 #include "types/raw_address.h"
44
45 extern tBTM_CB btm_cb;
46
47 /*******************************************************************************
48 *
49 * Function BTM_SecAddDevice
50 *
51 * Description Add/modify device. This function will be normally called
52 * during host startup to restore all required information
53 * stored in the NVRAM.
54 *
55 * Parameters: bd_addr - BD address of the peer
56 * dev_class - Device Class
57 * bd_name - Name of the peer device. NULL if unknown.
58 * features - Remote device's features (up to 3 pages).
59 * NULL if not known
60 * link_key - Connection link key. NULL if unknown.
61 *
62 * Returns true if added OK, else false
63 *
64 ******************************************************************************/
BTM_SecAddDevice(const RawAddress & bd_addr,DEV_CLASS dev_class,const BD_NAME & bd_name,uint8_t * features,LinkKey * p_link_key,uint8_t key_type,uint8_t pin_length)65 bool BTM_SecAddDevice(const RawAddress& bd_addr, DEV_CLASS dev_class,
66 const BD_NAME& bd_name, uint8_t* features,
67 LinkKey* p_link_key, uint8_t key_type,
68 uint8_t pin_length) {
69 tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev(bd_addr);
70 if (!p_dev_rec) {
71 p_dev_rec = btm_sec_allocate_dev_rec();
72 LOG_DEBUG(
73 "Caching new record from config file device:%s link_key_type:%x "
74 "name:%s",
75 PRIVATE_ADDRESS(bd_addr), key_type, bd_name);
76
77 p_dev_rec->bd_addr = bd_addr;
78 p_dev_rec->hci_handle = BTM_GetHCIConnHandle(bd_addr, BT_TRANSPORT_BR_EDR);
79
80 /* use default value for background connection params */
81 /* update conn params, use default value for background connection params */
82 memset(&p_dev_rec->conn_params, 0xff, sizeof(tBTM_LE_CONN_PRAMS));
83 } else {
84 LOG_DEBUG(
85 "Caching existing record from config file device:%s link_key_type:%x",
86 PRIVATE_ADDRESS(bd_addr), key_type);
87
88 /* "Bump" timestamp for existing record */
89 p_dev_rec->timestamp = btm_cb.dev_rec_count++;
90
91 /* TODO(eisenbach):
92 * Small refactor, but leaving original logic for now.
93 * On the surface, this does not make any sense at all. Why change the
94 * bond state for an existing device here? This logic should be verified
95 * as part of a larger refactor.
96 */
97 p_dev_rec->bond_type = tBTM_SEC_DEV_REC::BOND_TYPE_UNKNOWN;
98 }
99
100 if (dev_class) memcpy(p_dev_rec->dev_class, dev_class, DEV_CLASS_LEN);
101
102 memset(p_dev_rec->sec_bd_name, 0, sizeof(tBTM_BD_NAME));
103
104 if (bd_name && bd_name[0]) {
105 LOG_DEBUG(" Remote name known for device:%s name:%s",
106 PRIVATE_ADDRESS(bd_addr), bd_name);
107 p_dev_rec->sec_flags |= BTM_SEC_NAME_KNOWN;
108 strlcpy((char*)p_dev_rec->sec_bd_name, (char*)bd_name,
109 BTM_MAX_REM_BD_NAME_LEN + 1);
110 }
111
112 if (p_link_key) {
113 LOG_DEBUG(" Link key known for device:%s", PRIVATE_ADDRESS(bd_addr));
114 p_dev_rec->sec_flags |= BTM_SEC_LINK_KEY_KNOWN;
115 p_dev_rec->link_key = *p_link_key;
116 p_dev_rec->link_key_type = key_type;
117 p_dev_rec->pin_code_length = pin_length;
118
119 if (pin_length >= 16 || key_type == BTM_LKEY_TYPE_AUTH_COMB ||
120 key_type == BTM_LKEY_TYPE_AUTH_COMB_P_256) {
121 // Set the flag if the link key was made by using either a 16 digit
122 // pin or MITM.
123 p_dev_rec->sec_flags |=
124 BTM_SEC_16_DIGIT_PIN_AUTHED | BTM_SEC_LINK_KEY_AUTHED;
125 }
126 }
127
128 p_dev_rec->rmt_io_caps = BTM_IO_CAP_OUT;
129 p_dev_rec->device_type |= BT_DEVICE_TYPE_BREDR;
130
131 return true;
132 }
133
wipe_secrets_and_remove(tBTM_SEC_DEV_REC * p_dev_rec)134 void wipe_secrets_and_remove(tBTM_SEC_DEV_REC* p_dev_rec) {
135 p_dev_rec->link_key.fill(0);
136 memset(&p_dev_rec->ble.keys, 0, sizeof(tBTM_SEC_BLE_KEYS));
137 list_remove(btm_cb.sec_dev_rec, p_dev_rec);
138 }
139
140 /** Removes the device from acceptlist */
141 extern void BTM_AcceptlistRemove(const RawAddress& address);
142
143 /** Free resources associated with the device associated with |bd_addr| address.
144 *
145 * *** WARNING ***
146 * tBTM_SEC_DEV_REC associated with bd_addr becomes invalid after this function
147 * is called, also any of it's fields. i.e. if you use p_dev_rec->bd_addr, it is
148 * no longer valid!
149 * *** WARNING ***
150 *
151 * Returns true if removed OK, false if not found or ACL link is active.
152 */
BTM_SecDeleteDevice(const RawAddress & bd_addr)153 bool BTM_SecDeleteDevice(const RawAddress& bd_addr) {
154 if (bluetooth::shim::is_gd_shim_enabled()) {
155 return bluetooth::shim::BTM_SecDeleteDevice(bd_addr);
156 }
157
158 if (BTM_IsAclConnectionUp(bd_addr, BT_TRANSPORT_LE) ||
159 BTM_IsAclConnectionUp(bd_addr, BT_TRANSPORT_BR_EDR)) {
160 LOG_WARN("%s FAILED: Cannot Delete when connection to %s is active",
161 __func__, PRIVATE_ADDRESS(bd_addr));
162 return false;
163 }
164
165 tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev(bd_addr);
166 if (p_dev_rec != NULL) {
167 RawAddress bda = p_dev_rec->bd_addr;
168
169 if (p_dev_rec->ble.in_controller_list & BTM_ACCEPTLIST_BIT) {
170 LOG_INFO("Remove device %s from filter accept list before delete record",
171 PRIVATE_ADDRESS(bd_addr));
172 BTM_AcceptlistRemove(p_dev_rec->bd_addr);
173 }
174
175 /* Clear out any saved BLE keys */
176 btm_sec_clear_ble_keys(p_dev_rec);
177 wipe_secrets_and_remove(p_dev_rec);
178 /* Tell controller to get rid of the link key, if it has one stored */
179 BTM_DeleteStoredLinkKey(&bda, NULL);
180 LOG_INFO("%s %s complete", __func__, PRIVATE_ADDRESS(bd_addr));
181 } else {
182 LOG_WARN("%s Unable to delete link key for unknown device %s", __func__,
183 PRIVATE_ADDRESS(bd_addr));
184 }
185
186 return true;
187 }
188
189 /*******************************************************************************
190 *
191 * Function BTM_SecClearSecurityFlags
192 *
193 * Description Reset the security flags (mark as not-paired) for a given
194 * remove device.
195 *
196 ******************************************************************************/
BTM_SecClearSecurityFlags(const RawAddress & bd_addr)197 void BTM_SecClearSecurityFlags(const RawAddress& bd_addr) {
198 tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev(bd_addr);
199 if (p_dev_rec == NULL) return;
200
201 p_dev_rec->sec_flags = 0;
202 p_dev_rec->sec_state = BTM_SEC_STATE_IDLE;
203 p_dev_rec->sm4 = BTM_SM4_UNKNOWN;
204 }
205
206 /*******************************************************************************
207 *
208 * Function BTM_SecReadDevName
209 *
210 * Description Looks for the device name in the security database for the
211 * specified BD address.
212 *
213 * Returns Pointer to the name or NULL
214 *
215 ******************************************************************************/
BTM_SecReadDevName(const RawAddress & bd_addr)216 char* BTM_SecReadDevName(const RawAddress& bd_addr) {
217 char* p_name = NULL;
218 tBTM_SEC_DEV_REC* p_srec;
219
220 p_srec = btm_find_dev(bd_addr);
221 if (p_srec != NULL) p_name = (char*)p_srec->sec_bd_name;
222
223 return (p_name);
224 }
225
226 /*******************************************************************************
227 *
228 * Function btm_sec_alloc_dev
229 *
230 * Description Look for the record in the device database for the record
231 * with specified address
232 *
233 * Returns Pointer to the record or NULL
234 *
235 ******************************************************************************/
btm_sec_alloc_dev(const RawAddress & bd_addr)236 tBTM_SEC_DEV_REC* btm_sec_alloc_dev(const RawAddress& bd_addr) {
237 tBTM_INQ_INFO* p_inq_info;
238
239 tBTM_SEC_DEV_REC* p_dev_rec = btm_sec_allocate_dev_rec();
240
241 LOG_DEBUG("Allocated device record bd_addr:%s", PRIVATE_ADDRESS(bd_addr));
242
243 /* Check with the BT manager if details about remote device are known */
244 /* outgoing connection */
245 p_inq_info = BTM_InqDbRead(bd_addr);
246 if (p_inq_info != NULL) {
247 memcpy(p_dev_rec->dev_class, p_inq_info->results.dev_class, DEV_CLASS_LEN);
248
249 p_dev_rec->device_type = p_inq_info->results.device_type;
250 if (is_ble_addr_type_known(p_inq_info->results.ble_addr_type))
251 p_dev_rec->ble.SetAddressType(p_inq_info->results.ble_addr_type);
252 else
253 LOG_WARN(
254 "Please do not update device record from anonymous le advertisement");
255
256 } else if (bd_addr == btm_cb.connecting_bda)
257 memcpy(p_dev_rec->dev_class, btm_cb.connecting_dc, DEV_CLASS_LEN);
258
259 /* update conn params, use default value for background connection params */
260 memset(&p_dev_rec->conn_params, 0xff, sizeof(tBTM_LE_CONN_PRAMS));
261
262 p_dev_rec->bd_addr = bd_addr;
263
264 p_dev_rec->ble_hci_handle = BTM_GetHCIConnHandle(bd_addr, BT_TRANSPORT_LE);
265 p_dev_rec->hci_handle = BTM_GetHCIConnHandle(bd_addr, BT_TRANSPORT_BR_EDR);
266
267 return (p_dev_rec);
268 }
269
270 /*******************************************************************************
271 *
272 * Function btm_dev_support_role_switch
273 *
274 * Description This function is called by the L2CAP to check if remote
275 * device supports role switch
276 *
277 * Parameters: bd_addr - Address of the peer device
278 *
279 * Returns true if device is known and role switch is supported
280 * for the link.
281 *
282 ******************************************************************************/
btm_dev_support_role_switch(const RawAddress & bd_addr)283 bool btm_dev_support_role_switch(const RawAddress& bd_addr) {
284 if (BTM_IsScoActiveByBdaddr(bd_addr)) {
285 BTM_TRACE_DEBUG("%s Role switch is not allowed if a SCO is up", __func__);
286 return false;
287 }
288
289 tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev(bd_addr);
290 if (p_dev_rec == nullptr) {
291 BTM_TRACE_DEBUG("%s Unknown address for role switch", __func__);
292 return false;
293 }
294
295 if (!controller_get_interface()->supports_central_peripheral_role_switch()) {
296 BTM_TRACE_DEBUG("%s Local controller does not support role switch",
297 __func__);
298 return false;
299 }
300
301 if (p_dev_rec->remote_supports_hci_role_switch) {
302 BTM_TRACE_DEBUG("%s Peer controller supports role switch", __func__);
303 return true;
304 }
305
306 if (!p_dev_rec->remote_feature_received) {
307 BTM_TRACE_DEBUG(
308 "%s Unknown peer capabilities, assuming peer supports role switch",
309 __func__);
310 return true;
311 }
312
313 BTM_TRACE_DEBUG("%s Peer controller does not support role switch", __func__);
314 return false;
315 }
316
is_handle_equal(void * data,void * context)317 bool is_handle_equal(void* data, void* context) {
318 tBTM_SEC_DEV_REC* p_dev_rec = static_cast<tBTM_SEC_DEV_REC*>(data);
319 uint16_t* handle = static_cast<uint16_t*>(context);
320
321 if (p_dev_rec->hci_handle == *handle || p_dev_rec->ble_hci_handle == *handle)
322 return false;
323
324 return true;
325 }
326
327 /*******************************************************************************
328 *
329 * Function btm_find_dev_by_handle
330 *
331 * Description Look for the record in the device database for the record
332 * with specified handle
333 *
334 * Returns Pointer to the record or NULL
335 *
336 ******************************************************************************/
btm_find_dev_by_handle(uint16_t handle)337 tBTM_SEC_DEV_REC* btm_find_dev_by_handle(uint16_t handle) {
338 list_node_t* n = list_foreach(btm_cb.sec_dev_rec, is_handle_equal, &handle);
339 if (n) return static_cast<tBTM_SEC_DEV_REC*>(list_node(n));
340
341 return NULL;
342 }
343
is_address_equal(void * data,void * context)344 bool is_address_equal(void* data, void* context) {
345 tBTM_SEC_DEV_REC* p_dev_rec = static_cast<tBTM_SEC_DEV_REC*>(data);
346 const RawAddress* bd_addr = ((RawAddress*)context);
347
348 if (p_dev_rec->bd_addr == *bd_addr) return false;
349 // If a LE random address is looking for device record
350 if (p_dev_rec->ble.pseudo_addr == *bd_addr) return false;
351
352 if (btm_ble_addr_resolvable(*bd_addr, p_dev_rec)) return false;
353 return true;
354 }
355
356 /*******************************************************************************
357 *
358 * Function btm_find_dev
359 *
360 * Description Look for the record in the device database for the record
361 * with specified BD address
362 *
363 * Returns Pointer to the record or NULL
364 *
365 ******************************************************************************/
btm_find_dev(const RawAddress & bd_addr)366 tBTM_SEC_DEV_REC* btm_find_dev(const RawAddress& bd_addr) {
367 if (btm_cb.sec_dev_rec == nullptr) return nullptr;
368
369 list_node_t* n =
370 list_foreach(btm_cb.sec_dev_rec, is_address_equal, (void*)&bd_addr);
371 if (n) return static_cast<tBTM_SEC_DEV_REC*>(list_node(n));
372
373 return NULL;
374 }
375
has_lenc_and_address_is_equal(void * data,void * context)376 static bool has_lenc_and_address_is_equal(void* data, void* context) {
377 tBTM_SEC_DEV_REC* p_dev_rec = static_cast<tBTM_SEC_DEV_REC*>(data);
378 if (!(p_dev_rec->ble.key_type & BTM_LE_KEY_LENC)) return true;
379
380 return is_address_equal(data, context);
381 }
382
383 /*******************************************************************************
384 *
385 * Function btm_find_dev_with_lenc
386 *
387 * Description Look for the record in the device database with LTK and
388 * specified BD address
389 *
390 * Returns Pointer to the record or NULL
391 *
392 ******************************************************************************/
btm_find_dev_with_lenc(const RawAddress & bd_addr)393 tBTM_SEC_DEV_REC* btm_find_dev_with_lenc(const RawAddress& bd_addr) {
394 if (btm_cb.sec_dev_rec == nullptr) return nullptr;
395
396 list_node_t* n = list_foreach(btm_cb.sec_dev_rec, has_lenc_and_address_is_equal,
397 (void*)&bd_addr);
398 if (n) return static_cast<tBTM_SEC_DEV_REC*>(list_node(n));
399
400 return NULL;
401 }
402 /*******************************************************************************
403 *
404 * Function btm_consolidate_dev
405 5**
406 * Description combine security records if identified as same peer
407 *
408 * Returns none
409 *
410 ******************************************************************************/
btm_consolidate_dev(tBTM_SEC_DEV_REC * p_target_rec)411 void btm_consolidate_dev(tBTM_SEC_DEV_REC* p_target_rec) {
412 tBTM_SEC_DEV_REC temp_rec = *p_target_rec;
413
414 BTM_TRACE_DEBUG("%s", __func__);
415
416 list_node_t* end = list_end(btm_cb.sec_dev_rec);
417 list_node_t* node = list_begin(btm_cb.sec_dev_rec);
418 while (node != end) {
419 tBTM_SEC_DEV_REC* p_dev_rec =
420 static_cast<tBTM_SEC_DEV_REC*>(list_node(node));
421
422 // we do list_remove in some cases, must grab next before removing
423 node = list_next(node);
424
425 if (p_target_rec == p_dev_rec) continue;
426
427 if (p_dev_rec->bd_addr == p_target_rec->bd_addr) {
428 memcpy(p_target_rec, p_dev_rec, sizeof(tBTM_SEC_DEV_REC));
429 p_target_rec->ble = temp_rec.ble;
430 p_target_rec->ble_hci_handle = temp_rec.ble_hci_handle;
431 p_target_rec->enc_key_size = temp_rec.enc_key_size;
432 p_target_rec->conn_params = temp_rec.conn_params;
433 p_target_rec->device_type |= temp_rec.device_type;
434 p_target_rec->sec_flags |= temp_rec.sec_flags;
435
436 p_target_rec->new_encryption_key_is_p256 =
437 temp_rec.new_encryption_key_is_p256;
438 p_target_rec->bond_type = temp_rec.bond_type;
439
440 /* remove the combined record */
441 wipe_secrets_and_remove(p_dev_rec);
442 // p_dev_rec gets freed in list_remove, we should not access it further
443 continue;
444 }
445
446 /* an RPA device entry is a duplicate of the target record */
447 if (btm_ble_addr_resolvable(p_dev_rec->bd_addr, p_target_rec)) {
448 if (p_target_rec->ble.pseudo_addr == p_dev_rec->bd_addr) {
449 p_target_rec->ble.SetAddressType(p_dev_rec->ble.AddressType());
450 p_target_rec->device_type |= p_dev_rec->device_type;
451
452 /* remove the combined record */
453 wipe_secrets_and_remove(p_dev_rec);
454 }
455 }
456 }
457 }
458
459 /* combine security records of established LE connections after Classic pairing
460 * succeeded. */
btm_dev_consolidate_existing_connections(const RawAddress & bd_addr)461 void btm_dev_consolidate_existing_connections(const RawAddress& bd_addr) {
462 tBTM_SEC_DEV_REC* p_target_rec = btm_find_dev(bd_addr);
463 if (!p_target_rec) {
464 LOG_ERROR("No security record for just bonded device!?!?");
465 return;
466 }
467
468 if (p_target_rec->ble_hci_handle != HCI_INVALID_HANDLE) {
469 LOG_INFO("Not consolidating - already have LE connection");
470 return;
471 }
472
473 LOG_INFO("%s", PRIVATE_ADDRESS(bd_addr));
474
475 list_node_t* end = list_end(btm_cb.sec_dev_rec);
476 list_node_t* node = list_begin(btm_cb.sec_dev_rec);
477 while (node != end) {
478 tBTM_SEC_DEV_REC* p_dev_rec =
479 static_cast<tBTM_SEC_DEV_REC*>(list_node(node));
480
481 // we do list_remove in some cases, must grab next before removing
482 node = list_next(node);
483
484 if (p_target_rec == p_dev_rec) continue;
485
486 /* an RPA device entry is a duplicate of the target record */
487 if (btm_ble_addr_resolvable(p_dev_rec->bd_addr, p_target_rec)) {
488 if (p_dev_rec->ble_hci_handle == HCI_INVALID_HANDLE) {
489 LOG_INFO("already disconnected - erasing entry %s",
490 PRIVATE_ADDRESS(p_dev_rec->bd_addr));
491 wipe_secrets_and_remove(p_dev_rec);
492 continue;
493 }
494
495 LOG_INFO(
496 "Found existing LE connection to just bonded device on %s handle 0x%04x",
497 PRIVATE_ADDRESS(p_dev_rec->bd_addr), p_dev_rec->ble_hci_handle);
498
499 RawAddress ble_conn_addr = p_dev_rec->bd_addr;
500 p_target_rec->ble_hci_handle = p_dev_rec->ble_hci_handle;
501
502 /* remove the old LE record */
503 wipe_secrets_and_remove(p_dev_rec);
504
505 /* To avoid race conditions between central/peripheral starting encryption
506 * at same time, initiate it just from central. */
507 if (L2CA_GetBleConnRole(ble_conn_addr) == HCI_ROLE_CENTRAL) {
508 LOG_INFO("Will encrypt existing connection");
509 BTM_SetEncryption(ble_conn_addr, BT_TRANSPORT_LE, nullptr, nullptr,
510 BTM_BLE_SEC_ENCRYPT);
511 }
512 }
513 }
514 }
515
516 /*******************************************************************************
517 *
518 * Function btm_find_or_alloc_dev
519 *
520 * Description Look for the record in the device database for the record
521 * with specified BD address
522 *
523 * Returns Pointer to the record or NULL
524 *
525 ******************************************************************************/
btm_find_or_alloc_dev(const RawAddress & bd_addr)526 tBTM_SEC_DEV_REC* btm_find_or_alloc_dev(const RawAddress& bd_addr) {
527 tBTM_SEC_DEV_REC* p_dev_rec;
528 BTM_TRACE_EVENT("btm_find_or_alloc_dev");
529 p_dev_rec = btm_find_dev(bd_addr);
530 if (p_dev_rec == NULL) {
531 /* Allocate a new device record or reuse the oldest one */
532 p_dev_rec = btm_sec_alloc_dev(bd_addr);
533 }
534 return (p_dev_rec);
535 }
536
537 /*******************************************************************************
538 *
539 * Function btm_find_oldest_dev_rec
540 *
541 * Description Locates the oldest device in use. It first looks for
542 * the oldest non-paired device. If all devices are paired it
543 * returns the oldest paired device.
544 *
545 * Returns Pointer to the record or NULL
546 *
547 ******************************************************************************/
btm_find_oldest_dev_rec(void)548 static tBTM_SEC_DEV_REC* btm_find_oldest_dev_rec(void) {
549 tBTM_SEC_DEV_REC* p_oldest = NULL;
550 uint32_t ts_oldest = 0xFFFFFFFF;
551 tBTM_SEC_DEV_REC* p_oldest_paired = NULL;
552 uint32_t ts_oldest_paired = 0xFFFFFFFF;
553
554 list_node_t* end = list_end(btm_cb.sec_dev_rec);
555 for (list_node_t* node = list_begin(btm_cb.sec_dev_rec); node != end;
556 node = list_next(node)) {
557 tBTM_SEC_DEV_REC* p_dev_rec =
558 static_cast<tBTM_SEC_DEV_REC*>(list_node(node));
559
560 if ((p_dev_rec->sec_flags &
561 (BTM_SEC_LINK_KEY_KNOWN | BTM_SEC_LE_LINK_KEY_KNOWN)) == 0) {
562 // Device is not paired
563 if (p_dev_rec->timestamp < ts_oldest) {
564 p_oldest = p_dev_rec;
565 ts_oldest = p_dev_rec->timestamp;
566 }
567 } else {
568 // Paired device
569 if (p_dev_rec->timestamp < ts_oldest_paired) {
570 p_oldest_paired = p_dev_rec;
571 ts_oldest_paired = p_dev_rec->timestamp;
572 }
573 }
574 }
575
576 // If we did not find any non-paired devices, use the oldest paired one...
577 if (ts_oldest == 0xFFFFFFFF) p_oldest = p_oldest_paired;
578
579 return p_oldest;
580 }
581
582 /*******************************************************************************
583 *
584 * Function btm_sec_allocate_dev_rec
585 *
586 * Description Attempts to allocate a new device record. If we have
587 * exceeded the maximum number of allowable records to
588 * allocate, the oldest record will be deleted to make room
589 * for the new record.
590 *
591 * Returns Pointer to the newly allocated record
592 *
593 ******************************************************************************/
btm_sec_allocate_dev_rec(void)594 tBTM_SEC_DEV_REC* btm_sec_allocate_dev_rec(void) {
595 tBTM_SEC_DEV_REC* p_dev_rec = NULL;
596
597 if (list_length(btm_cb.sec_dev_rec) > BTM_SEC_MAX_DEVICE_RECORDS) {
598 p_dev_rec = btm_find_oldest_dev_rec();
599 wipe_secrets_and_remove(p_dev_rec);
600 }
601
602 p_dev_rec =
603 static_cast<tBTM_SEC_DEV_REC*>(osi_calloc(sizeof(tBTM_SEC_DEV_REC)));
604 list_append(btm_cb.sec_dev_rec, p_dev_rec);
605
606 // Initialize defaults
607 p_dev_rec->sec_flags = BTM_SEC_IN_USE;
608 p_dev_rec->bond_type = tBTM_SEC_DEV_REC::BOND_TYPE_UNKNOWN;
609 p_dev_rec->timestamp = btm_cb.dev_rec_count++;
610 p_dev_rec->rmt_io_caps = BTM_IO_CAP_UNKNOWN;
611
612 return p_dev_rec;
613 }
614
615 /*******************************************************************************
616 *
617 * Function btm_get_bond_type_dev
618 *
619 * Description Get the bond type for a device in the device database
620 * with specified BD address
621 *
622 * Returns The device bond type if known, otherwise BOND_TYPE_UNKNOWN
623 *
624 ******************************************************************************/
btm_get_bond_type_dev(const RawAddress & bd_addr)625 tBTM_SEC_DEV_REC::tBTM_BOND_TYPE btm_get_bond_type_dev(
626 const RawAddress& bd_addr) {
627 tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev(bd_addr);
628
629 if (p_dev_rec == NULL) return tBTM_SEC_DEV_REC::BOND_TYPE_UNKNOWN;
630
631 return p_dev_rec->bond_type;
632 }
633
634 /*******************************************************************************
635 *
636 * Function btm_set_bond_type_dev
637 *
638 * Description Set the bond type for a device in the device database
639 * with specified BD address
640 *
641 * Returns true on success, otherwise false
642 *
643 ******************************************************************************/
btm_set_bond_type_dev(const RawAddress & bd_addr,tBTM_SEC_DEV_REC::tBTM_BOND_TYPE bond_type)644 bool btm_set_bond_type_dev(const RawAddress& bd_addr,
645 tBTM_SEC_DEV_REC::tBTM_BOND_TYPE bond_type) {
646 tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev(bd_addr);
647
648 if (p_dev_rec == NULL) return false;
649
650 p_dev_rec->bond_type = bond_type;
651 return true;
652 }
653
654 /*******************************************************************************
655 *
656 * Function btm_get_sec_dev_rec
657 *
658 * Description Get security device records satisfying given filter
659 *
660 * Returns A vector containing pointers of security device records
661 *
662 ******************************************************************************/
btm_get_sec_dev_rec()663 std::vector<tBTM_SEC_DEV_REC*> btm_get_sec_dev_rec() {
664 std::vector<tBTM_SEC_DEV_REC*> result{};
665
666 list_node_t* end = list_end(btm_cb.sec_dev_rec);
667 for (list_node_t* node = list_begin(btm_cb.sec_dev_rec); node != end;
668 node = list_next(node)) {
669 tBTM_SEC_DEV_REC* p_dev_rec =
670 static_cast<tBTM_SEC_DEV_REC*>(list_node(node));
671 result.push_back(p_dev_rec);
672 }
673 return result;
674 }
675