1 /******************************************************************************
2 *
3 * Copyright 2003-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains the GATT client action functions for the state
22 * machine.
23 *
24 ******************************************************************************/
25
26 #define LOG_TAG "bt_bta_gattc"
27
28 #include <base/functional/bind.h>
29 #include <base/logging.h>
30 #include <base/strings/stringprintf.h>
31
32 #include "bt_target.h" // Must be first to define build configuration
33 #include "bta/gatt/bta_gattc_int.h"
34 #include "bta/hh/bta_hh_int.h"
35 #include "btif/include/btif_debug_conn.h"
36 #include "btif/include/core_callbacks.h"
37 #include "btif/include/stack_manager.h"
38 #include "device/include/controller.h"
39 #include "device/include/interop.h"
40 #include "main/shim/dumpsys.h"
41 #include "osi/include/allocator.h"
42 #include "osi/include/log.h"
43 #include "osi/include/osi.h" // UNUSED_ATTR
44 #include "stack/include/bt_hdr.h"
45 #include "stack/include/btm_ble_api_types.h"
46 #include "stack/include/btu.h" // do_in_main_thread
47 #include "stack/include/l2c_api.h"
48 #include "types/bluetooth/uuid.h"
49 #include "types/raw_address.h"
50
51 using base::StringPrintf;
52 using bluetooth::Uuid;
53
54 /*****************************************************************************
55 * Constants
56 ****************************************************************************/
57 static void bta_gattc_conn_cback(tGATT_IF gattc_if, const RawAddress& bda,
58 uint16_t conn_id, bool connected,
59 tGATT_DISCONN_REASON reason,
60 tBT_TRANSPORT transport);
61
62 static void bta_gattc_cmpl_cback(uint16_t conn_id, tGATTC_OPTYPE op,
63 tGATT_STATUS status,
64 tGATT_CL_COMPLETE* p_data);
65 static void bta_gattc_deregister_cmpl(tBTA_GATTC_RCB* p_clreg);
66 static void bta_gattc_enc_cmpl_cback(tGATT_IF gattc_if, const RawAddress& bda);
67 static void bta_gattc_cong_cback(uint16_t conn_id, bool congested);
68 static void bta_gattc_phy_update_cback(tGATT_IF gatt_if, uint16_t conn_id,
69 uint8_t tx_phy, uint8_t rx_phy,
70 tGATT_STATUS status);
71 static void bta_gattc_conn_update_cback(tGATT_IF gatt_if, uint16_t conn_id,
72 uint16_t interval, uint16_t latency,
73 uint16_t timeout, tGATT_STATUS status);
74 static void bta_gattc_subrate_chg_cback(tGATT_IF gatt_if, uint16_t conn_id,
75 uint16_t subrate_factor,
76 uint16_t latency, uint16_t cont_num,
77 uint16_t timeout, tGATT_STATUS status);
78 static void bta_gattc_init_bk_conn(const tBTA_GATTC_API_OPEN* p_data,
79 tBTA_GATTC_RCB* p_clreg);
80
81 static tGATT_CBACK bta_gattc_cl_cback = {
82 .p_conn_cb = bta_gattc_conn_cback,
83 .p_cmpl_cb = bta_gattc_cmpl_cback,
84 .p_disc_res_cb = bta_gattc_disc_res_cback,
85 .p_disc_cmpl_cb = bta_gattc_disc_cmpl_cback,
86 .p_req_cb = nullptr,
87 .p_enc_cmpl_cb = bta_gattc_enc_cmpl_cback,
88 .p_congestion_cb = bta_gattc_cong_cback,
89 .p_phy_update_cb = bta_gattc_phy_update_cback,
90 .p_conn_update_cb = bta_gattc_conn_update_cback,
91 .p_subrate_chg_cb = bta_gattc_subrate_chg_cback,
92 };
93
94 /* opcode(tGATTC_OPTYPE) order has to be comply with internal event order */
95 static uint16_t bta_gattc_opcode_to_int_evt[] = {
96 /* Skip: GATTC_OPTYPE_NONE */
97 /* Skip: GATTC_OPTYPE_DISCOVERY */
98 BTA_GATTC_API_READ_EVT, /* GATTC_OPTYPE_READ */
99 BTA_GATTC_API_WRITE_EVT, /* GATTC_OPTYPE_WRITE */
100 BTA_GATTC_API_EXEC_EVT, /* GATTC_OPTYPE_EXE_WRITE */
101 BTA_GATTC_API_CFG_MTU_EVT /* GATTC_OPTYPE_CONFIG */
102 };
103
104 static const char* bta_gattc_op_code_name[] = {
105 "Unknown", /* GATTC_OPTYPE_NONE */
106 "Discovery", /* GATTC_OPTYPE_DISCOVERY */
107 "Read", /* GATTC_OPTYPE_READ */
108 "Write", /* GATTC_OPTYPE_WRITE */
109 "Exec", /* GATTC_OPTYPE_EXE_WRITE */
110 "Config", /* GATTC_OPTYPE_CONFIG */
111 "Notification", /* GATTC_OPTYPE_NOTIFICATION */
112 "Indication" /* GATTC_OPTYPE_INDICATION */
113 };
114
115 /*****************************************************************************
116 * Action Functions
117 ****************************************************************************/
118
119 void bta_gattc_reset_discover_st(tBTA_GATTC_SERV* p_srcb, tGATT_STATUS status);
120
121 /** Enables GATTC module */
bta_gattc_enable()122 static void bta_gattc_enable() {
123 VLOG(1) << __func__;
124
125 if (bta_gattc_cb.state == BTA_GATTC_STATE_DISABLED) {
126 /* initialize control block */
127 bta_gattc_cb = tBTA_GATTC_CB();
128 bta_gattc_cb.state = BTA_GATTC_STATE_ENABLED;
129 } else {
130 VLOG(1) << "GATTC is already enabled";
131 }
132 }
133
134 /** Disable GATTC module by cleaning up all active connections and deregister
135 * all application */
bta_gattc_disable()136 void bta_gattc_disable() {
137 uint8_t i;
138
139 VLOG(1) << __func__;
140
141 if (bta_gattc_cb.state != BTA_GATTC_STATE_ENABLED) {
142 LOG(ERROR) << "not enabled, or disabled in progress";
143 return;
144 }
145
146 for (i = 0; i < BTA_GATTC_CL_MAX; i++) {
147 if (!bta_gattc_cb.cl_rcb[i].in_use) continue;
148
149 bta_gattc_cb.state = BTA_GATTC_STATE_DISABLING;
150 bta_gattc_deregister(&bta_gattc_cb.cl_rcb[i]);
151 }
152
153 /* no registered apps, indicate disable completed */
154 if (bta_gattc_cb.state != BTA_GATTC_STATE_DISABLING) {
155 bta_gattc_cb = tBTA_GATTC_CB();
156 bta_gattc_cb.state = BTA_GATTC_STATE_DISABLED;
157 }
158 }
159
160 /** start an application interface */
bta_gattc_start_if(uint8_t client_if)161 static void bta_gattc_start_if(uint8_t client_if) {
162 LOG_DEBUG("client_if=%d", +client_if);
163 if (!bta_gattc_cl_get_regcb(client_if)) {
164 LOG_ERROR("Unable to start app.: Unknown client_if=%d", +client_if);
165 return;
166 }
167
168 GATT_StartIf(client_if);
169 }
170
171 /** Register a GATT client application with BTA */
bta_gattc_register(const Uuid & app_uuid,tBTA_GATTC_CBACK * p_cback,BtaAppRegisterCallback cb,bool eatt_support)172 void bta_gattc_register(const Uuid& app_uuid, tBTA_GATTC_CBACK* p_cback,
173 BtaAppRegisterCallback cb, bool eatt_support) {
174 tGATT_STATUS status = GATT_NO_RESOURCES;
175 uint8_t client_if = 0;
176 LOG_DEBUG("state: %d, uuid=%s", +bta_gattc_cb.state,
177 app_uuid.ToString().c_str());
178
179 /* check if GATTC module is already enabled . Else enable */
180 if (bta_gattc_cb.state == BTA_GATTC_STATE_DISABLED) {
181 LOG_DEBUG("GATTC module not enabled, enabling it");
182 bta_gattc_enable();
183 }
184 /* todo need to check duplicate uuid */
185 for (uint8_t i = 0; i < BTA_GATTC_CL_MAX; i++) {
186 if (!bta_gattc_cb.cl_rcb[i].in_use) {
187 bta_gattc_cb.cl_rcb[i].client_if = GATT_Register(
188 app_uuid, "GattClient", &bta_gattc_cl_cback, eatt_support);
189 if (bta_gattc_cb.cl_rcb[i].client_if == 0) {
190 LOG_ERROR(
191 "Register with GATT stack failed with index %d, trying next index",
192 +i);
193 status = GATT_ERROR;
194 } else {
195 bta_gattc_cb.cl_rcb[i].in_use = true;
196 bta_gattc_cb.cl_rcb[i].p_cback = p_cback;
197 bta_gattc_cb.cl_rcb[i].app_uuid = app_uuid;
198
199 /* BTA use the same client interface as BTE GATT statck */
200 client_if = bta_gattc_cb.cl_rcb[i].client_if;
201
202 LOG_DEBUG(
203 "Registered GATT client interface %d with uuid=%s, starting it on "
204 "main thread",
205 +client_if, app_uuid.ToString().c_str());
206
207 do_in_main_thread(FROM_HERE,
208 base::Bind(&bta_gattc_start_if, client_if));
209
210 status = GATT_SUCCESS;
211 break;
212 }
213 }
214 }
215
216 if (!cb.is_null()) {
217 cb.Run(client_if, status);
218 } else {
219 LOG_WARN("No GATT callback available, client_if=%d, status=%d", +client_if,
220 +status);
221 }
222 }
223
224 /** De-Register a GATT client application with BTA */
bta_gattc_deregister(tBTA_GATTC_RCB * p_clreg)225 void bta_gattc_deregister(tBTA_GATTC_RCB* p_clreg) {
226 uint8_t accept_list_size = 0;
227 if (controller_get_interface()->supports_ble()) {
228 accept_list_size = controller_get_interface()->get_ble_acceptlist_size();
229 }
230
231 /* remove bg connection associated with this rcb */
232 for (uint8_t i = 0; i < accept_list_size; i++) {
233 if (!bta_gattc_cb.bg_track[i].in_use) continue;
234
235 if (bta_gattc_cb.bg_track[i].cif_mask & ((tBTA_GATTC_CIF_MASK)1 << (p_clreg->client_if - 1))) {
236 bta_gattc_mark_bg_conn(p_clreg->client_if,
237 bta_gattc_cb.bg_track[i].remote_bda, false);
238 GATT_CancelConnect(p_clreg->client_if,
239 bta_gattc_cb.bg_track[i].remote_bda, false);
240 }
241 }
242
243 if (p_clreg->num_clcb == 0) {
244 bta_gattc_deregister_cmpl(p_clreg);
245 return;
246 }
247
248 /* close all CLCB related to this app */
249 for (uint8_t i = 0; i < BTA_GATTC_CLCB_MAX; i++) {
250 if (!bta_gattc_cb.clcb[i].in_use || (bta_gattc_cb.clcb[i].p_rcb != p_clreg))
251 continue;
252
253 p_clreg->dereg_pending = true;
254
255 BT_HDR_RIGID buf;
256 buf.event = BTA_GATTC_API_CLOSE_EVT;
257 buf.layer_specific = bta_gattc_cb.clcb[i].bta_conn_id;
258 bta_gattc_close(&bta_gattc_cb.clcb[i], (tBTA_GATTC_DATA*)&buf);
259 }
260 }
261
262 /** process connect API request */
bta_gattc_process_api_open(const tBTA_GATTC_DATA * p_msg)263 void bta_gattc_process_api_open(const tBTA_GATTC_DATA* p_msg) {
264 uint16_t event = ((BT_HDR_RIGID*)p_msg)->event;
265
266 tBTA_GATTC_RCB* p_clreg = bta_gattc_cl_get_regcb(p_msg->api_conn.client_if);
267 if (!p_clreg) {
268 LOG_ERROR("Failed, unknown client_if=%d", +p_msg->api_conn.client_if);
269 return;
270 }
271
272 if (p_msg->api_conn.connection_type != BTM_BLE_DIRECT_CONNECTION) {
273 bta_gattc_init_bk_conn(&p_msg->api_conn, p_clreg);
274 return;
275 }
276
277 tBTA_GATTC_CLCB* p_clcb = bta_gattc_find_alloc_clcb(
278 p_msg->api_conn.client_if, p_msg->api_conn.remote_bda,
279 p_msg->api_conn.transport);
280 if (p_clcb != nullptr) {
281 bta_gattc_sm_execute(p_clcb, event, p_msg);
282 } else {
283 LOG_ERROR("No resources to open a new connection.");
284
285 bta_gattc_send_open_cback(p_clreg, GATT_NO_RESOURCES,
286 p_msg->api_conn.remote_bda, GATT_INVALID_CONN_ID,
287 p_msg->api_conn.transport, 0);
288 }
289 }
290
291 /** process connect API request */
bta_gattc_process_api_open_cancel(const tBTA_GATTC_DATA * p_msg)292 void bta_gattc_process_api_open_cancel(const tBTA_GATTC_DATA* p_msg) {
293 CHECK(p_msg != nullptr);
294
295 uint16_t event = ((BT_HDR_RIGID*)p_msg)->event;
296
297 if (!p_msg->api_cancel_conn.is_direct) {
298 LOG_DEBUG("Cancel GATT client background connection");
299 bta_gattc_cancel_bk_conn(&p_msg->api_cancel_conn);
300 return;
301 }
302 LOG_DEBUG("Cancel GATT client direct connection");
303
304 tBTA_GATTC_CLCB* p_clcb = bta_gattc_find_clcb_by_cif(
305 p_msg->api_cancel_conn.client_if, p_msg->api_cancel_conn.remote_bda,
306 BT_TRANSPORT_LE);
307 if (p_clcb != NULL) {
308 bta_gattc_sm_execute(p_clcb, event, p_msg);
309 return;
310 }
311
312 LOG(ERROR) << "No such connection need to be cancelled";
313
314 tBTA_GATTC_RCB* p_clreg =
315 bta_gattc_cl_get_regcb(p_msg->api_cancel_conn.client_if);
316
317 if (p_clreg && p_clreg->p_cback) {
318 tBTA_GATTC cb_data;
319 cb_data.status = GATT_ERROR;
320 (*p_clreg->p_cback)(BTA_GATTC_CANCEL_OPEN_EVT, &cb_data);
321 }
322 }
323
324 /** process encryption complete message */
bta_gattc_process_enc_cmpl(tGATT_IF client_if,const RawAddress & bda)325 static void bta_gattc_process_enc_cmpl(tGATT_IF client_if,
326 const RawAddress& bda) {
327 tBTA_GATTC_RCB* p_clreg = bta_gattc_cl_get_regcb(client_if);
328
329 if (!p_clreg || !p_clreg->p_cback) return;
330
331 tBTA_GATTC cb_data;
332 memset(&cb_data, 0, sizeof(tBTA_GATTC));
333
334 cb_data.enc_cmpl.client_if = client_if;
335 cb_data.enc_cmpl.remote_bda = bda;
336
337 (*p_clreg->p_cback)(BTA_GATTC_ENC_CMPL_CB_EVT, &cb_data);
338 }
339
bta_gattc_cancel_open_error(tBTA_GATTC_CLCB * p_clcb,UNUSED_ATTR const tBTA_GATTC_DATA * p_data)340 void bta_gattc_cancel_open_error(tBTA_GATTC_CLCB* p_clcb,
341 UNUSED_ATTR const tBTA_GATTC_DATA* p_data) {
342 tBTA_GATTC cb_data;
343
344 cb_data.status = GATT_ERROR;
345
346 if (p_clcb && p_clcb->p_rcb && p_clcb->p_rcb->p_cback)
347 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_CANCEL_OPEN_EVT, &cb_data);
348 }
349
bta_gattc_open_error(tBTA_GATTC_CLCB * p_clcb,UNUSED_ATTR const tBTA_GATTC_DATA * p_data)350 void bta_gattc_open_error(tBTA_GATTC_CLCB* p_clcb,
351 UNUSED_ATTR const tBTA_GATTC_DATA* p_data) {
352 LOG(ERROR) << "Connection already opened. wrong state";
353
354 bta_gattc_send_open_cback(p_clcb->p_rcb, GATT_SUCCESS, p_clcb->bda,
355 p_clcb->bta_conn_id, p_clcb->transport, 0);
356 }
357
bta_gattc_open_fail(tBTA_GATTC_CLCB * p_clcb,UNUSED_ATTR const tBTA_GATTC_DATA * p_data)358 void bta_gattc_open_fail(tBTA_GATTC_CLCB* p_clcb,
359 UNUSED_ATTR const tBTA_GATTC_DATA* p_data) {
360 LOG(WARNING) << __func__ << ": Cannot establish Connection. conn_id="
361 << loghex(p_clcb->bta_conn_id) << ". Return GATT_ERROR("
362 << +GATT_ERROR << ")";
363
364 bta_gattc_send_open_cback(p_clcb->p_rcb, GATT_ERROR, p_clcb->bda,
365 p_clcb->bta_conn_id, p_clcb->transport, 0);
366 /* open failure, remove clcb */
367 bta_gattc_clcb_dealloc(p_clcb);
368 }
369
370 /** Process API connection function */
bta_gattc_open(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)371 void bta_gattc_open(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
372 tBTA_GATTC_DATA gattc_data;
373
374 /* open/hold a connection */
375 if (!GATT_Connect(p_clcb->p_rcb->client_if, p_data->api_conn.remote_bda,
376 p_data->api_conn.remote_addr_type,
377 BTM_BLE_DIRECT_CONNECTION, p_data->api_conn.transport,
378 p_data->api_conn.opportunistic,
379 p_data->api_conn.initiating_phys)) {
380 LOG(ERROR) << "Connection open failure";
381 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_OPEN_FAIL_EVT, p_data);
382 return;
383 }
384
385 tBTA_GATTC_RCB* p_clreg = p_clcb->p_rcb;
386 /* Re-enable notification registration for closed connection */
387 for (int i = 0; i < BTA_GATTC_NOTIF_REG_MAX; i++) {
388 if (p_clreg->notif_reg[i].in_use &&
389 p_clreg->notif_reg[i].remote_bda == p_clcb->bda &&
390 p_clreg->notif_reg[i].app_disconnected) {
391 p_clreg->notif_reg[i].app_disconnected = false;
392 }
393 }
394
395 /* a connected remote device */
396 if (GATT_GetConnIdIfConnected(
397 p_clcb->p_rcb->client_if, p_data->api_conn.remote_bda,
398 &p_clcb->bta_conn_id, p_data->api_conn.transport)) {
399 gattc_data.int_conn.hdr.layer_specific = p_clcb->bta_conn_id;
400
401 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_CONN_EVT, &gattc_data);
402 }
403 /* else wait for the callback event */
404 }
405
406 /** Process API Open for a background connection */
bta_gattc_init_bk_conn(const tBTA_GATTC_API_OPEN * p_data,tBTA_GATTC_RCB * p_clreg)407 static void bta_gattc_init_bk_conn(const tBTA_GATTC_API_OPEN* p_data,
408 tBTA_GATTC_RCB* p_clreg) {
409 if (!bta_gattc_mark_bg_conn(p_data->client_if, p_data->remote_bda, true)) {
410 LOG_WARN("Unable to find space for accept list connection mask");
411 bta_gattc_send_open_cback(p_clreg, GATT_NO_RESOURCES, p_data->remote_bda,
412 GATT_INVALID_CONN_ID, BT_TRANSPORT_LE, 0);
413 return;
414 }
415
416 /* always call open to hold a connection */
417 if (!GATT_Connect(p_data->client_if, p_data->remote_bda,
418 p_data->connection_type, p_data->transport, false)) {
419 LOG_ERROR("Unable to connect to remote bd_addr=%s",
420 ADDRESS_TO_LOGGABLE_CSTR(p_data->remote_bda));
421 bta_gattc_send_open_cback(p_clreg, GATT_ERROR, p_data->remote_bda,
422 GATT_INVALID_CONN_ID, BT_TRANSPORT_LE, 0);
423 return;
424 }
425
426 uint16_t conn_id;
427 if (!GATT_GetConnIdIfConnected(p_data->client_if, p_data->remote_bda,
428 &conn_id, p_data->transport)) {
429 LOG_INFO("Not a connected remote device yet");
430 return;
431 }
432
433 tBTA_GATTC_CLCB* p_clcb = bta_gattc_find_alloc_clcb(
434 p_data->client_if, p_data->remote_bda, BT_TRANSPORT_LE);
435 if (!p_clcb) {
436 LOG_WARN("Unable to find connection link for device:%s",
437 ADDRESS_TO_LOGGABLE_CSTR(p_data->remote_bda));
438 return;
439 }
440
441 p_clcb->bta_conn_id = conn_id;
442 tBTA_GATTC_DATA gattc_data = {
443 .hdr =
444 {
445 .layer_specific = conn_id,
446 },
447 };
448
449 /* open connection */
450 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_CONN_EVT,
451 static_cast<const tBTA_GATTC_DATA*>(&gattc_data));
452 }
453
454 /** Process API Cancel Open for a background connection */
bta_gattc_cancel_bk_conn(const tBTA_GATTC_API_CANCEL_OPEN * p_data)455 void bta_gattc_cancel_bk_conn(const tBTA_GATTC_API_CANCEL_OPEN* p_data) {
456 tBTA_GATTC_RCB* p_clreg;
457 tBTA_GATTC cb_data;
458 cb_data.status = GATT_ERROR;
459
460 /* remove the device from the bg connection mask */
461 if (bta_gattc_mark_bg_conn(p_data->client_if, p_data->remote_bda, false)) {
462 if (GATT_CancelConnect(p_data->client_if, p_data->remote_bda, false)) {
463 cb_data.status = GATT_SUCCESS;
464 } else {
465 LOG_ERROR("failed for client_if=%d, remote_bda=%s, is_direct=false",
466 static_cast<int>(p_data->client_if),
467 ADDRESS_TO_LOGGABLE_CSTR(p_data->remote_bda));
468 }
469 }
470 p_clreg = bta_gattc_cl_get_regcb(p_data->client_if);
471
472 if (p_clreg && p_clreg->p_cback) {
473 (*p_clreg->p_cback)(BTA_GATTC_CANCEL_OPEN_EVT, &cb_data);
474 }
475 }
476
bta_gattc_cancel_open_ok(tBTA_GATTC_CLCB * p_clcb,UNUSED_ATTR const tBTA_GATTC_DATA * p_data)477 void bta_gattc_cancel_open_ok(tBTA_GATTC_CLCB* p_clcb,
478 UNUSED_ATTR const tBTA_GATTC_DATA* p_data) {
479 tBTA_GATTC cb_data;
480
481 if (p_clcb->p_rcb->p_cback) {
482 cb_data.status = GATT_SUCCESS;
483 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_CANCEL_OPEN_EVT, &cb_data);
484 }
485
486 bta_gattc_clcb_dealloc(p_clcb);
487 }
488
bta_gattc_cancel_open(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)489 void bta_gattc_cancel_open(tBTA_GATTC_CLCB* p_clcb,
490 const tBTA_GATTC_DATA* p_data) {
491 tBTA_GATTC cb_data;
492
493 if (GATT_CancelConnect(p_clcb->p_rcb->client_if,
494 p_data->api_cancel_conn.remote_bda, true)) {
495 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_CANCEL_OPEN_OK_EVT, p_data);
496 } else {
497 if (p_clcb->p_rcb->p_cback) {
498 cb_data.status = GATT_ERROR;
499 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_CANCEL_OPEN_EVT, &cb_data);
500 }
501 }
502 }
503
504 /** receive connection callback from stack */
bta_gattc_conn(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)505 void bta_gattc_conn(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
506 tGATT_IF gatt_if;
507 VLOG(1) << __func__ << ": server cache state=" << +p_clcb->p_srcb->state;
508
509 if (p_data != NULL) {
510 VLOG(1) << __func__ << ": conn_id=" << loghex(p_data->hdr.layer_specific);
511 p_clcb->bta_conn_id = p_data->int_conn.hdr.layer_specific;
512
513 GATT_GetConnectionInfor(p_data->hdr.layer_specific, &gatt_if, p_clcb->bda,
514 &p_clcb->transport);
515 }
516
517 p_clcb->p_srcb->connected = true;
518
519 if (p_clcb->p_srcb->mtu == 0) p_clcb->p_srcb->mtu = GATT_DEF_BLE_MTU_SIZE;
520
521 tBTA_GATTC_RCB* p_clreg = p_clcb->p_rcb;
522 /* Re-enable notification registration for closed connection */
523 for (int i = 0; i < BTA_GATTC_NOTIF_REG_MAX; i++) {
524 if (p_clreg->notif_reg[i].in_use &&
525 p_clreg->notif_reg[i].remote_bda == p_clcb->bda &&
526 p_clreg->notif_reg[i].app_disconnected) {
527 p_clreg->notif_reg[i].app_disconnected = false;
528 }
529 }
530
531 /* start database cache if needed */
532 if (p_clcb->p_srcb->gatt_database.IsEmpty() ||
533 p_clcb->p_srcb->state != BTA_GATTC_SERV_IDLE) {
534 if (p_clcb->p_srcb->state == BTA_GATTC_SERV_IDLE) {
535 p_clcb->p_srcb->state = BTA_GATTC_SERV_LOAD;
536 // Consider the case that if GATT Server is changed, but no service
537 // changed indication is received, the database might be out of date. So
538 // if robust caching is known to be supported, always check the db hash
539 // first, before loading the stored database.
540
541 // Only load the database if we are bonded, since the device cache is
542 // meaningless otherwise (as we need to do rediscovery regardless)
543 gatt::Database db = btm_sec_is_a_bonded_dev(p_clcb->bda)
544 ? bta_gattc_cache_load(p_clcb->p_srcb->server_bda)
545 : gatt::Database();
546 auto robust_caching_support = GetRobustCachingSupport(p_clcb, db);
547 LOG_INFO("Connected to %s, robust caching support is %d",
548 p_clcb->bda.ToRedactedStringForLogging().c_str(),
549 robust_caching_support);
550
551 if (!db.IsEmpty()) p_clcb->p_srcb->gatt_database = db;
552
553 if (db.IsEmpty() ||
554 robust_caching_support == RobustCachingSupport::SUPPORTED) {
555 // If the peer device is expected to support robust caching, or if we
556 // don't know its services yet, then we should do discovery (which may
557 // short-circuit through a hash match, but might also do the full
558 // discovery).
559 p_clcb->p_srcb->state = BTA_GATTC_SERV_DISC;
560
561 /* set true to read database hash before service discovery */
562 if (bta_gattc_is_robust_caching_enabled()) {
563 p_clcb->p_srcb->srvc_hdl_db_hash = true;
564 }
565
566 /* cache load failure, start discovery */
567 bta_gattc_start_discover(p_clcb, NULL);
568 } else {
569 p_clcb->p_srcb->state = BTA_GATTC_SERV_IDLE;
570 bta_gattc_reset_discover_st(p_clcb->p_srcb, GATT_SUCCESS);
571 }
572 } else /* cache is building */
573 p_clcb->state = BTA_GATTC_DISCOVER_ST;
574 }
575
576 else {
577 /* a pending service handle change indication */
578 if (p_clcb->p_srcb->srvc_hdl_chg) {
579 p_clcb->p_srcb->srvc_hdl_chg = false;
580
581 /* set true to read database hash before service discovery */
582 if (bta_gattc_is_robust_caching_enabled()) {
583 p_clcb->p_srcb->srvc_hdl_db_hash = true;
584 }
585
586 /* start discovery */
587 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_DISCOVER_EVT, NULL);
588 }
589 }
590
591 if (p_clcb->p_rcb) {
592 /* there is no RM for GATT */
593 if (p_clcb->transport == BT_TRANSPORT_BR_EDR)
594 bta_sys_conn_open(BTA_ID_GATTC, BTA_ALL_APP_ID, p_clcb->bda);
595
596 bta_gattc_send_open_cback(p_clcb->p_rcb, GATT_SUCCESS, p_clcb->bda,
597 p_clcb->bta_conn_id, p_clcb->transport,
598 p_clcb->p_srcb->mtu);
599 }
600 }
601
602 /** close a connection */
bta_gattc_close_fail(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)603 void bta_gattc_close_fail(tBTA_GATTC_CLCB* p_clcb,
604 const tBTA_GATTC_DATA* p_data) {
605 tBTA_GATTC cb_data;
606
607 if (p_clcb->p_rcb->p_cback) {
608 memset(&cb_data, 0, sizeof(tBTA_GATTC));
609 cb_data.close.client_if = p_clcb->p_rcb->client_if;
610 cb_data.close.conn_id = p_data->hdr.layer_specific;
611 cb_data.close.remote_bda = p_clcb->bda;
612 cb_data.close.reason = BTA_GATT_CONN_NONE;
613 cb_data.close.status = GATT_ERROR;
614
615 LOG(WARNING) << __func__ << ": conn_id=" << loghex(cb_data.close.conn_id)
616 << ". Returns GATT_ERROR(" << +GATT_ERROR << ").";
617
618 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_CLOSE_EVT, &cb_data);
619 }
620 }
621
622 /** close a GATTC connection */
bta_gattc_close(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)623 void bta_gattc_close(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
624 tBTA_GATTC_CBACK* p_cback = p_clcb->p_rcb->p_cback;
625 tBTA_GATTC_RCB* p_clreg = p_clcb->p_rcb;
626 tBTA_GATTC cb_data = {
627 .close =
628 {
629 .conn_id = p_clcb->bta_conn_id,
630 .status = GATT_SUCCESS,
631 .client_if = p_clcb->p_rcb->client_if,
632 .remote_bda = p_clcb->bda,
633 .reason = GATT_CONN_OK,
634 },
635 };
636
637 if (p_clcb->transport == BT_TRANSPORT_BR_EDR) {
638 bta_sys_conn_close(BTA_ID_GATTC, BTA_ALL_APP_ID, p_clcb->bda);
639 }
640
641 /* Disable notification registration for closed connection */
642 for (int i = 0; i < BTA_GATTC_NOTIF_REG_MAX; i++) {
643 if (p_clreg->notif_reg[i].in_use &&
644 p_clreg->notif_reg[i].remote_bda == p_clcb->bda) {
645 p_clreg->notif_reg[i].app_disconnected = true;
646 }
647 }
648
649 if (p_data->hdr.event == BTA_GATTC_INT_DISCONN_EVT) {
650 /* Since link has been disconnected by and it is possible that here are
651 * already some new p_clcb created for the background connect, the number of
652 * p_srcb->num_clcb is NOT 0. This will prevent p_srcb to be cleared inside
653 * the bta_gattc_clcb_dealloc.
654 *
655 * In this point of time, we know that link does not exist, so let's make
656 * sure the connection state, mtu and database is cleared.
657 */
658 bta_gattc_server_disconnected(p_clcb->p_srcb);
659 }
660
661 bta_gattc_clcb_dealloc(p_clcb);
662
663 if (p_data->hdr.event == BTA_GATTC_API_CLOSE_EVT) {
664 cb_data.close.status = GATT_Disconnect(p_data->hdr.layer_specific);
665 cb_data.close.reason = GATT_CONN_TERMINATE_LOCAL_HOST;
666 LOG_DEBUG("Local close event client_if:%hu conn_id:%hu reason:%s",
667 cb_data.close.client_if, cb_data.close.conn_id,
668 gatt_disconnection_reason_text(
669 static_cast<tGATT_DISCONN_REASON>(cb_data.close.reason))
670 .c_str());
671 } else if (p_data->hdr.event == BTA_GATTC_INT_DISCONN_EVT) {
672 cb_data.close.status = static_cast<tGATT_STATUS>(p_data->int_conn.reason);
673 cb_data.close.reason = p_data->int_conn.reason;
674 LOG_DEBUG("Peer close disconnect event client_if:%hu conn_id:%hu reason:%s",
675 cb_data.close.client_if, cb_data.close.conn_id,
676 gatt_disconnection_reason_text(
677 static_cast<tGATT_DISCONN_REASON>(cb_data.close.reason))
678 .c_str());
679 }
680
681 if (p_cback) (*p_cback)(BTA_GATTC_CLOSE_EVT, &cb_data);
682
683 if (p_clreg->num_clcb == 0 && p_clreg->dereg_pending) {
684 bta_gattc_deregister_cmpl(p_clreg);
685 }
686 }
687
688 /** when a SRCB finished discovery, tell all related clcb */
bta_gattc_reset_discover_st(tBTA_GATTC_SERV * p_srcb,tGATT_STATUS status)689 void bta_gattc_reset_discover_st(tBTA_GATTC_SERV* p_srcb, tGATT_STATUS status) {
690 for (uint8_t i = 0; i < BTA_GATTC_CLCB_MAX; i++) {
691 if (bta_gattc_cb.clcb[i].p_srcb == p_srcb) {
692 bta_gattc_cb.clcb[i].status = status;
693 bta_gattc_sm_execute(&bta_gattc_cb.clcb[i], BTA_GATTC_DISCOVER_CMPL_EVT,
694 NULL);
695 }
696 }
697 }
698
699 /** close a GATTC connection while in discovery state */
bta_gattc_disc_close(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)700 void bta_gattc_disc_close(tBTA_GATTC_CLCB* p_clcb,
701 const tBTA_GATTC_DATA* p_data) {
702 VLOG(1) << __func__
703 << ": Discovery cancel conn_id=" << loghex(p_clcb->bta_conn_id);
704
705 if (p_clcb->disc_active)
706 bta_gattc_reset_discover_st(p_clcb->p_srcb, GATT_ERROR);
707 else
708 p_clcb->state = BTA_GATTC_CONN_ST;
709
710 // This function only gets called as the result of a BTA_GATTC_API_CLOSE_EVT
711 // while in the BTA_GATTC_DISCOVER_ST state. Once the state changes, the
712 // connection itself still needs to be closed to resolve the original event.
713 if (p_clcb->state == BTA_GATTC_CONN_ST) {
714 VLOG(1) << "State is back to BTA_GATTC_CONN_ST. Trigger connection close";
715 bta_gattc_close(p_clcb, p_data);
716 }
717 }
718
719 /** when a SRCB start discovery, tell all related clcb and set the state */
bta_gattc_set_discover_st(tBTA_GATTC_SERV * p_srcb)720 static void bta_gattc_set_discover_st(tBTA_GATTC_SERV* p_srcb) {
721 uint8_t i;
722
723 for (i = 0; i < BTA_GATTC_CLCB_MAX; i++) {
724 if (bta_gattc_cb.clcb[i].p_srcb == p_srcb) {
725 bta_gattc_cb.clcb[i].status = GATT_SUCCESS;
726 bta_gattc_cb.clcb[i].state = BTA_GATTC_DISCOVER_ST;
727 bta_gattc_cb.clcb[i].request_during_discovery =
728 BTA_GATTC_DISCOVER_REQ_NONE;
729 }
730 }
731 }
732
733 /** process service change in discovery state, mark up the auto update flag and
734 * set status to be discovery cancel for current discovery.
735 */
bta_gattc_restart_discover(tBTA_GATTC_CLCB * p_clcb,UNUSED_ATTR const tBTA_GATTC_DATA * p_data)736 void bta_gattc_restart_discover(tBTA_GATTC_CLCB* p_clcb,
737 UNUSED_ATTR const tBTA_GATTC_DATA* p_data) {
738 p_clcb->status = GATT_CANCEL;
739 p_clcb->auto_update = BTA_GATTC_DISC_WAITING;
740 }
741
742 /** Configure MTU size on the GATT connection */
bta_gattc_cfg_mtu(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)743 void bta_gattc_cfg_mtu(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
744 uint16_t current_mtu = 0;
745 auto result = GATTC_TryMtuRequest(p_clcb->bda, p_clcb->transport,
746 p_clcb->bta_conn_id, ¤t_mtu);
747 switch (result) {
748 case MTU_EXCHANGE_DEVICE_DISCONNECTED:
749 LOG_INFO("Device %s disconnected", ADDRESS_TO_LOGGABLE_CSTR(p_clcb->bda));
750 bta_gattc_cmpl_sendmsg(p_clcb->bta_conn_id, GATTC_OPTYPE_CONFIG,
751 GATT_NO_RESOURCES, NULL);
752 bta_gattc_continue(p_clcb);
753 return;
754 case MTU_EXCHANGE_NOT_ALLOWED:
755 LOG_INFO("Not allowed for BR/EDR devices %s",
756 ADDRESS_TO_LOGGABLE_CSTR(p_clcb->bda));
757 bta_gattc_cmpl_sendmsg(p_clcb->bta_conn_id, GATTC_OPTYPE_CONFIG,
758 GATT_ERR_UNLIKELY, NULL);
759 bta_gattc_continue(p_clcb);
760 return;
761 case MTU_EXCHANGE_ALREADY_DONE:
762 /* Check if MTU is not already set, if so, just report it back to the user
763 * and continue with other requests.
764 */
765 GATTC_UpdateUserAttMtuIfNeeded(p_clcb->bda, p_clcb->transport,
766 p_data->api_mtu.mtu);
767 bta_gattc_send_mtu_response(p_clcb, p_data, current_mtu);
768 return;
769 case MTU_EXCHANGE_IN_PROGRESS:
770 LOG_INFO("Enqueue MTU Request - waiting for response on p_clcb %p",
771 p_clcb);
772 bta_gattc_enqueue(p_clcb, p_data);
773 return;
774
775 case MTU_EXCHANGE_NOT_DONE_YET:
776 /* OK to proceed */
777 break;
778 }
779
780 if (bta_gattc_enqueue(p_clcb, p_data) == ENQUEUED_FOR_LATER) return;
781
782 tGATT_STATUS status =
783 GATTC_ConfigureMTU(p_clcb->bta_conn_id, p_data->api_mtu.mtu);
784
785 /* if failed, return callback here */
786 if (status != GATT_SUCCESS && status != GATT_CMD_STARTED) {
787 /* Dequeue the data, if it was enqueued */
788 if (p_clcb->p_q_cmd == p_data) p_clcb->p_q_cmd = NULL;
789
790 bta_gattc_cmpl_sendmsg(p_clcb->bta_conn_id, GATTC_OPTYPE_CONFIG, status,
791 NULL);
792 bta_gattc_continue(p_clcb);
793 }
794 }
795
bta_gattc_start_discover_internal(tBTA_GATTC_CLCB * p_clcb)796 void bta_gattc_start_discover_internal(tBTA_GATTC_CLCB* p_clcb) {
797 if (p_clcb->transport == BT_TRANSPORT_LE)
798 L2CA_EnableUpdateBleConnParams(p_clcb->p_srcb->server_bda, false);
799
800 bta_gattc_init_cache(p_clcb->p_srcb);
801 p_clcb->status = bta_gattc_discover_pri_service(
802 p_clcb->bta_conn_id, p_clcb->p_srcb, GATT_DISC_SRVC_ALL);
803 if (p_clcb->status != GATT_SUCCESS) {
804 LOG(ERROR) << "discovery on server failed";
805 bta_gattc_reset_discover_st(p_clcb->p_srcb, p_clcb->status);
806 } else
807 p_clcb->disc_active = true;
808 }
809
810 /** Start a discovery on server */
bta_gattc_start_discover(tBTA_GATTC_CLCB * p_clcb,UNUSED_ATTR const tBTA_GATTC_DATA * p_data)811 void bta_gattc_start_discover(tBTA_GATTC_CLCB* p_clcb,
812 UNUSED_ATTR const tBTA_GATTC_DATA* p_data) {
813 VLOG(1) << __func__ << ": conn_id:" << loghex(p_clcb->bta_conn_id)
814 << " p_clcb->p_srcb->state:" << +p_clcb->p_srcb->state;
815
816 if (((p_clcb->p_q_cmd == NULL ||
817 p_clcb->auto_update == BTA_GATTC_REQ_WAITING) &&
818 p_clcb->p_srcb->state == BTA_GATTC_SERV_IDLE) ||
819 p_clcb->p_srcb->state == BTA_GATTC_SERV_DISC)
820 /* no pending operation, start discovery right away */
821 {
822 p_clcb->auto_update = BTA_GATTC_NO_SCHEDULE;
823
824 if (p_clcb->p_srcb != NULL) {
825 /* set all srcb related clcb into discovery ST */
826 bta_gattc_set_discover_st(p_clcb->p_srcb);
827
828 // Before clear mask, set is_svc_chg to
829 // 1. true, invoked by service changed indication
830 // 2. false, invoked by connect API
831 bool is_svc_chg = p_clcb->p_srcb->srvc_hdl_chg;
832
833 /* clear the service change mask */
834 p_clcb->p_srcb->srvc_hdl_chg = false;
835 p_clcb->p_srcb->update_count = 0;
836 p_clcb->p_srcb->state = BTA_GATTC_SERV_DISC_ACT;
837
838 if (GetRobustCachingSupport(p_clcb, p_clcb->p_srcb->gatt_database) ==
839 RobustCachingSupport::UNSUPPORTED) {
840 // Skip initial DB hash read if we have strong reason (due to interop,
841 // or a prior discovery) to believe that it is unsupported.
842 p_clcb->p_srcb->srvc_hdl_db_hash = false;
843 }
844
845 /* read db hash if db hash characteristic exists */
846 if (bta_gattc_is_robust_caching_enabled() &&
847 p_clcb->p_srcb->srvc_hdl_db_hash &&
848 bta_gattc_read_db_hash(p_clcb, is_svc_chg)) {
849 LOG(INFO) << __func__
850 << ": pending service discovery, read db hash first";
851 p_clcb->p_srcb->srvc_hdl_db_hash = false;
852 return;
853 }
854
855 bta_gattc_start_discover_internal(p_clcb);
856 } else {
857 LOG(ERROR) << "unknown device, can not start discovery";
858 }
859 }
860 /* pending operation, wait until it finishes */
861 else {
862 p_clcb->auto_update = BTA_GATTC_DISC_WAITING;
863
864 if (p_clcb->p_srcb->state == BTA_GATTC_SERV_IDLE)
865 p_clcb->state = BTA_GATTC_CONN_ST; /* set clcb state */
866 }
867 }
868
869 /** discovery on server is finished */
bta_gattc_disc_cmpl(tBTA_GATTC_CLCB * p_clcb,UNUSED_ATTR const tBTA_GATTC_DATA * p_data)870 void bta_gattc_disc_cmpl(tBTA_GATTC_CLCB* p_clcb,
871 UNUSED_ATTR const tBTA_GATTC_DATA* p_data) {
872 const tBTA_GATTC_DATA* p_q_cmd = p_clcb->p_q_cmd;
873
874 VLOG(1) << __func__ << ": conn_id=" << loghex(p_clcb->bta_conn_id);
875
876 if (p_clcb->transport == BT_TRANSPORT_LE)
877 L2CA_EnableUpdateBleConnParams(p_clcb->p_srcb->server_bda, true);
878 p_clcb->p_srcb->state = BTA_GATTC_SERV_IDLE;
879 p_clcb->disc_active = false;
880
881 if (p_clcb->status != GATT_SUCCESS) {
882 /* clean up cache */
883 if (p_clcb->p_srcb) {
884 p_clcb->p_srcb->gatt_database.Clear();
885 }
886
887 /* used to reset cache in application */
888 bta_gattc_cache_reset(p_clcb->p_srcb->server_bda);
889 }
890
891 if (p_clcb->p_srcb) {
892 p_clcb->p_srcb->pending_discovery.Clear();
893 }
894
895 if (p_clcb->auto_update == BTA_GATTC_DISC_WAITING) {
896 /* start discovery again */
897 p_clcb->auto_update = BTA_GATTC_REQ_WAITING;
898 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_DISCOVER_EVT, NULL);
899 }
900 /* get any queued command to proceed */
901 else if (p_q_cmd != NULL) {
902 p_clcb->p_q_cmd = NULL;
903 /* execute pending operation of link block still present */
904 if (L2CA_IsLinkEstablished(p_clcb->p_srcb->server_bda, p_clcb->transport)) {
905 bta_gattc_sm_execute(p_clcb, p_q_cmd->hdr.event, p_q_cmd);
906 }
907 /* if the command executed requeued the cmd, we don't
908 * want to free the underlying buffer that's being
909 * referenced by p_clcb->p_q_cmd
910 */
911 if (p_q_cmd != p_clcb->p_q_cmd) osi_free_and_reset((void**)&p_q_cmd);
912 } else {
913 bta_gattc_continue(p_clcb);
914 }
915
916 if (p_clcb->p_rcb->p_cback) {
917 tBTA_GATTC bta_gattc;
918 bta_gattc.remote_bda = p_clcb->p_srcb->server_bda;
919 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_SRVC_DISC_DONE_EVT, &bta_gattc);
920 }
921 }
922
923 /** Read an attribute */
bta_gattc_read(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)924 void bta_gattc_read(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
925 if (bta_gattc_enqueue(p_clcb, p_data) == ENQUEUED_FOR_LATER) return;
926
927 tGATT_STATUS status;
928 if (p_data->api_read.handle != 0) {
929 tGATT_READ_PARAM read_param;
930 memset(&read_param, 0, sizeof(tGATT_READ_PARAM));
931 read_param.by_handle.handle = p_data->api_read.handle;
932 read_param.by_handle.auth_req = p_data->api_read.auth_req;
933 status = GATTC_Read(p_clcb->bta_conn_id, GATT_READ_BY_HANDLE, &read_param);
934 } else {
935 tGATT_READ_PARAM read_param;
936 memset(&read_param, 0, sizeof(tGATT_READ_BY_TYPE));
937
938 read_param.char_type.s_handle = p_data->api_read.s_handle;
939 read_param.char_type.e_handle = p_data->api_read.e_handle;
940 read_param.char_type.uuid = p_data->api_read.uuid;
941 read_param.char_type.auth_req = p_data->api_read.auth_req;
942 status = GATTC_Read(p_clcb->bta_conn_id, GATT_READ_BY_TYPE, &read_param);
943 }
944
945 /* read fail */
946 if (status != GATT_SUCCESS) {
947 /* Dequeue the data, if it was enqueued */
948 if (p_clcb->p_q_cmd == p_data) p_clcb->p_q_cmd = NULL;
949
950 bta_gattc_cmpl_sendmsg(p_clcb->bta_conn_id, GATTC_OPTYPE_READ, status,
951 NULL);
952 bta_gattc_continue(p_clcb);
953 }
954 }
955
956 /** read multiple */
bta_gattc_read_multi(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)957 void bta_gattc_read_multi(tBTA_GATTC_CLCB* p_clcb,
958 const tBTA_GATTC_DATA* p_data) {
959 if (bta_gattc_enqueue(p_clcb, p_data) == ENQUEUED_FOR_LATER) return;
960
961 tGATT_READ_PARAM read_param;
962 memset(&read_param, 0, sizeof(tGATT_READ_PARAM));
963
964 read_param.read_multiple.num_handles = p_data->api_read_multi.num_attr;
965 read_param.read_multiple.auth_req = p_data->api_read_multi.auth_req;
966 memcpy(&read_param.read_multiple.handles, p_data->api_read_multi.handles,
967 sizeof(uint16_t) * p_data->api_read_multi.num_attr);
968
969 tGATT_STATUS status =
970 GATTC_Read(p_clcb->bta_conn_id, GATT_READ_MULTIPLE, &read_param);
971 /* read fail */
972 if (status != GATT_SUCCESS) {
973 /* Dequeue the data, if it was enqueued */
974 if (p_clcb->p_q_cmd == p_data) p_clcb->p_q_cmd = NULL;
975
976 bta_gattc_cmpl_sendmsg(p_clcb->bta_conn_id, GATTC_OPTYPE_READ, status,
977 NULL);
978 bta_gattc_continue(p_clcb);
979 }
980 }
981
982 /** Write an attribute */
bta_gattc_write(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)983 void bta_gattc_write(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
984 if (bta_gattc_enqueue(p_clcb, p_data) == ENQUEUED_FOR_LATER) return;
985
986 tGATT_STATUS status = GATT_SUCCESS;
987 tGATT_VALUE attr;
988
989 attr.conn_id = p_clcb->bta_conn_id;
990 attr.handle = p_data->api_write.handle;
991 attr.offset = p_data->api_write.offset;
992 attr.len = p_data->api_write.len;
993 attr.auth_req = p_data->api_write.auth_req;
994
995 /* Before coping to the fixed array, make sure it fits. */
996 if (attr.len > GATT_MAX_ATTR_LEN) {
997 status = GATT_INVALID_ATTR_LEN;
998 } else {
999 if (p_data->api_write.p_value)
1000 memcpy(attr.value, p_data->api_write.p_value, p_data->api_write.len);
1001
1002 status =
1003 GATTC_Write(p_clcb->bta_conn_id, p_data->api_write.write_type, &attr);
1004 }
1005
1006 /* write fail */
1007 if (status != GATT_SUCCESS) {
1008 /* Dequeue the data, if it was enqueued */
1009 if (p_clcb->p_q_cmd == p_data) p_clcb->p_q_cmd = NULL;
1010
1011 bta_gattc_cmpl_sendmsg(p_clcb->bta_conn_id, GATTC_OPTYPE_WRITE, status,
1012 NULL);
1013 bta_gattc_continue(p_clcb);
1014 }
1015 }
1016
1017 /** send execute write */
bta_gattc_execute(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)1018 void bta_gattc_execute(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
1019 if (bta_gattc_enqueue(p_clcb, p_data) == ENQUEUED_FOR_LATER) return;
1020
1021 tGATT_STATUS status =
1022 GATTC_ExecuteWrite(p_clcb->bta_conn_id, p_data->api_exec.is_execute);
1023 if (status != GATT_SUCCESS) {
1024 /* Dequeue the data, if it was enqueued */
1025 if (p_clcb->p_q_cmd == p_data) p_clcb->p_q_cmd = NULL;
1026
1027 bta_gattc_cmpl_sendmsg(p_clcb->bta_conn_id, GATTC_OPTYPE_EXE_WRITE, status,
1028 NULL);
1029 bta_gattc_continue(p_clcb);
1030 }
1031 }
1032
1033 /** send handle value confirmation */
bta_gattc_confirm(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)1034 void bta_gattc_confirm(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
1035 uint16_t cid = p_data->api_confirm.cid;
1036
1037 if (GATTC_SendHandleValueConfirm(p_data->api_confirm.hdr.layer_specific,
1038 cid) != GATT_SUCCESS) {
1039 LOG(ERROR) << __func__ << ": to cid=" << loghex(cid) << " failed";
1040 } else {
1041 /* if over BR_EDR, inform PM for mode change */
1042 if (p_clcb->transport == BT_TRANSPORT_BR_EDR) {
1043 bta_sys_busy(BTA_ID_GATTC, BTA_ALL_APP_ID, p_clcb->bda);
1044 bta_sys_idle(BTA_ID_GATTC, BTA_ALL_APP_ID, p_clcb->bda);
1045 }
1046 }
1047 }
1048
1049 /** read complete */
bta_gattc_read_cmpl(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_OP_CMPL * p_data)1050 static void bta_gattc_read_cmpl(tBTA_GATTC_CLCB* p_clcb,
1051 const tBTA_GATTC_OP_CMPL* p_data) {
1052 GATT_READ_OP_CB cb = p_clcb->p_q_cmd->api_read.read_cb;
1053 void* my_cb_data = p_clcb->p_q_cmd->api_read.read_cb_data;
1054
1055 /* if it was read by handle, return the handle requested, if read by UUID, use
1056 * handle returned from remote
1057 */
1058 uint16_t handle = p_clcb->p_q_cmd->api_read.handle;
1059 if (handle == 0) handle = p_data->p_cmpl->att_value.handle;
1060
1061 osi_free_and_reset((void**)&p_clcb->p_q_cmd);
1062
1063 if (cb) {
1064 cb(p_clcb->bta_conn_id, p_data->status, handle,
1065 p_data->p_cmpl->att_value.len, p_data->p_cmpl->att_value.value,
1066 my_cb_data);
1067 }
1068 }
1069
1070 /** write complete */
bta_gattc_write_cmpl(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_OP_CMPL * p_data)1071 static void bta_gattc_write_cmpl(tBTA_GATTC_CLCB* p_clcb,
1072 const tBTA_GATTC_OP_CMPL* p_data) {
1073 GATT_WRITE_OP_CB cb = p_clcb->p_q_cmd->api_write.write_cb;
1074 void* my_cb_data = p_clcb->p_q_cmd->api_write.write_cb_data;
1075
1076 if (cb) {
1077 if (p_data->status == 0 &&
1078 p_clcb->p_q_cmd->api_write.write_type == BTA_GATTC_WRITE_PREPARE) {
1079 LOG_DEBUG("Handling prepare write success response: handle 0x%04x",
1080 p_data->p_cmpl->att_value.handle);
1081 /* If this is successful Prepare write, lets provide to the callback the
1082 * data provided by server */
1083 cb(p_clcb->bta_conn_id, p_data->status, p_data->p_cmpl->att_value.handle,
1084 p_data->p_cmpl->att_value.len, p_data->p_cmpl->att_value.value,
1085 my_cb_data);
1086 } else {
1087 LOG_DEBUG("Handling write response type: %d: handle 0x%04x",
1088 p_clcb->p_q_cmd->api_write.write_type,
1089 p_data->p_cmpl->att_value.handle);
1090 /* Otherwise, provide data which were intended to write. */
1091 cb(p_clcb->bta_conn_id, p_data->status, p_data->p_cmpl->att_value.handle,
1092 p_clcb->p_q_cmd->api_write.len, p_clcb->p_q_cmd->api_write.p_value,
1093 my_cb_data);
1094 }
1095 }
1096
1097 osi_free_and_reset((void**)&p_clcb->p_q_cmd);
1098 }
1099
1100 /** execute write complete */
bta_gattc_exec_cmpl(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_OP_CMPL * p_data)1101 static void bta_gattc_exec_cmpl(tBTA_GATTC_CLCB* p_clcb,
1102 const tBTA_GATTC_OP_CMPL* p_data) {
1103 tBTA_GATTC cb_data;
1104
1105 osi_free_and_reset((void**)&p_clcb->p_q_cmd);
1106 p_clcb->status = GATT_SUCCESS;
1107
1108 /* execute complete, callback */
1109 cb_data.exec_cmpl.conn_id = p_clcb->bta_conn_id;
1110 cb_data.exec_cmpl.status = p_data->status;
1111
1112 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_EXEC_EVT, &cb_data);
1113 }
1114
1115 /** configure MTU operation complete */
bta_gattc_cfg_mtu_cmpl(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_OP_CMPL * p_data)1116 static void bta_gattc_cfg_mtu_cmpl(tBTA_GATTC_CLCB* p_clcb,
1117 const tBTA_GATTC_OP_CMPL* p_data) {
1118 GATT_CONFIGURE_MTU_OP_CB cb = p_clcb->p_q_cmd->api_mtu.mtu_cb;
1119 void* my_cb_data = p_clcb->p_q_cmd->api_mtu.mtu_cb_data;
1120 tBTA_GATTC cb_data;
1121
1122 osi_free_and_reset((void**)&p_clcb->p_q_cmd);
1123
1124 if (p_data->p_cmpl && p_data->status == GATT_SUCCESS)
1125 p_clcb->p_srcb->mtu = p_data->p_cmpl->mtu;
1126
1127 /* configure MTU complete, callback */
1128 p_clcb->status = p_data->status;
1129 cb_data.cfg_mtu.conn_id = p_clcb->bta_conn_id;
1130 cb_data.cfg_mtu.status = p_data->status;
1131 cb_data.cfg_mtu.mtu = p_clcb->p_srcb->mtu;
1132
1133 if (cb) {
1134 cb(p_clcb->bta_conn_id, p_data->status, my_cb_data);
1135 }
1136
1137 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_CFG_MTU_EVT, &cb_data);
1138 }
1139
1140 /** operation completed */
bta_gattc_op_cmpl(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)1141 void bta_gattc_op_cmpl(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
1142 if (p_clcb->p_q_cmd == NULL) {
1143 LOG_ERROR("No pending command gatt client command");
1144 return;
1145 }
1146
1147 const tGATTC_OPTYPE op = p_data->op_cmpl.op_code;
1148 switch (op) {
1149 case GATTC_OPTYPE_READ:
1150 case GATTC_OPTYPE_WRITE:
1151 case GATTC_OPTYPE_EXE_WRITE:
1152 case GATTC_OPTYPE_CONFIG:
1153 break;
1154
1155 case GATTC_OPTYPE_NONE:
1156 case GATTC_OPTYPE_DISCOVERY:
1157 case GATTC_OPTYPE_NOTIFICATION:
1158 case GATTC_OPTYPE_INDICATION:
1159 default:
1160 LOG(ERROR) << "unexpected operation, ignored";
1161 return;
1162 }
1163
1164 if (p_clcb->p_q_cmd->hdr.event !=
1165 bta_gattc_opcode_to_int_evt[op - GATTC_OPTYPE_READ]) {
1166 uint8_t mapped_op =
1167 p_clcb->p_q_cmd->hdr.event - BTA_GATTC_API_READ_EVT + GATTC_OPTYPE_READ;
1168 if (mapped_op > GATTC_OPTYPE_INDICATION) mapped_op = 0;
1169
1170 LOG(ERROR) << StringPrintf(
1171 "expect op:(%s :0x%04x), receive unexpected operation (%s).",
1172 bta_gattc_op_code_name[mapped_op], p_clcb->p_q_cmd->hdr.event,
1173 bta_gattc_op_code_name[op]);
1174 return;
1175 }
1176
1177 /* Except for MTU configuration, discard responses if service change
1178 * indication is received before operation completed
1179 */
1180 if (p_clcb->auto_update == BTA_GATTC_DISC_WAITING &&
1181 p_clcb->p_srcb->srvc_hdl_chg && op != GATTC_OPTYPE_CONFIG) {
1182 VLOG(1) << "Discard all responses when service change indication is "
1183 "received.";
1184 // TODO Fix constness
1185 const_cast<tBTA_GATTC_DATA*>(p_data)->op_cmpl.status = GATT_ERROR;
1186 }
1187
1188 /* service handle change void the response, discard it */
1189 if (op == GATTC_OPTYPE_READ) {
1190 bta_gattc_read_cmpl(p_clcb, &p_data->op_cmpl);
1191 } else if (op == GATTC_OPTYPE_WRITE) {
1192 bta_gattc_write_cmpl(p_clcb, &p_data->op_cmpl);
1193 } else if (op == GATTC_OPTYPE_EXE_WRITE) {
1194 bta_gattc_exec_cmpl(p_clcb, &p_data->op_cmpl);
1195 } else if (op == GATTC_OPTYPE_CONFIG) {
1196 bta_gattc_cfg_mtu_cmpl(p_clcb, &p_data->op_cmpl);
1197
1198 /* If there are more clients waiting for the MTU results on the same device,
1199 * lets trigger them now.
1200 */
1201
1202 auto outstanding_conn_ids =
1203 GATTC_GetAndRemoveListOfConnIdsWaitingForMtuRequest(p_clcb->bda);
1204 for (auto conn_id : outstanding_conn_ids) {
1205 tBTA_GATTC_CLCB* p_clcb = bta_gattc_find_clcb_by_conn_id(conn_id);
1206 LOG_DEBUG("Continue MTU request clcb %p", p_clcb);
1207 if (p_clcb) {
1208 LOG_DEBUG("Continue MTU request for client conn_id=0x%04x", conn_id);
1209 bta_gattc_continue(p_clcb);
1210 }
1211 }
1212 }
1213
1214 // If receive DATABASE_OUT_OF_SYNC error code, bta_gattc should start service
1215 // discovery immediately
1216 if (bta_gattc_is_robust_caching_enabled() &&
1217 p_data->op_cmpl.status == GATT_DATABASE_OUT_OF_SYNC) {
1218 LOG(INFO) << __func__ << ": DATABASE_OUT_OF_SYNC, re-discover service";
1219 p_clcb->auto_update = BTA_GATTC_REQ_WAITING;
1220 /* request read db hash first */
1221 p_clcb->p_srcb->srvc_hdl_db_hash = true;
1222 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_DISCOVER_EVT, NULL);
1223 return;
1224 }
1225
1226 if (p_clcb->auto_update == BTA_GATTC_DISC_WAITING) {
1227 p_clcb->auto_update = BTA_GATTC_REQ_WAITING;
1228
1229 /* request read db hash first */
1230 if (bta_gattc_is_robust_caching_enabled()) {
1231 p_clcb->p_srcb->srvc_hdl_db_hash = true;
1232 }
1233
1234 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_DISCOVER_EVT, NULL);
1235 return;
1236 }
1237
1238 bta_gattc_continue(p_clcb);
1239 }
1240
1241 /** start a search in the local server cache */
bta_gattc_search(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)1242 void bta_gattc_search(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
1243 tGATT_STATUS status = GATT_INTERNAL_ERROR;
1244 tBTA_GATTC cb_data;
1245 VLOG(1) << __func__ << ": conn_id=" << loghex(p_clcb->bta_conn_id);
1246 if (p_clcb->p_srcb && !p_clcb->p_srcb->gatt_database.IsEmpty()) {
1247 status = GATT_SUCCESS;
1248 /* search the local cache of a server device */
1249 bta_gattc_search_service(p_clcb, p_data->api_search.p_srvc_uuid);
1250 }
1251 cb_data.search_cmpl.status = status;
1252 cb_data.search_cmpl.conn_id = p_clcb->bta_conn_id;
1253
1254 /* end of search or no server cache available */
1255 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_SEARCH_CMPL_EVT, &cb_data);
1256 }
1257
1258 /** enqueue a command into control block, usually because discovery operation is
1259 * busy */
bta_gattc_q_cmd(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)1260 void bta_gattc_q_cmd(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
1261 bta_gattc_enqueue(p_clcb, p_data);
1262 }
1263
1264 /** report API call failure back to apps */
bta_gattc_fail(tBTA_GATTC_CLCB * p_clcb,UNUSED_ATTR const tBTA_GATTC_DATA * p_data)1265 void bta_gattc_fail(tBTA_GATTC_CLCB* p_clcb,
1266 UNUSED_ATTR const tBTA_GATTC_DATA* p_data) {
1267 if (p_clcb->status == GATT_SUCCESS) {
1268 LOG(ERROR) << "operation not supported at current state " << +p_clcb->state;
1269 }
1270 }
1271
1272 /* De-Register a GATT client application with BTA completed */
bta_gattc_deregister_cmpl(tBTA_GATTC_RCB * p_clreg)1273 static void bta_gattc_deregister_cmpl(tBTA_GATTC_RCB* p_clreg) {
1274 tGATT_IF client_if = p_clreg->client_if;
1275 tBTA_GATTC cb_data;
1276 tBTA_GATTC_CBACK* p_cback = p_clreg->p_cback;
1277
1278 memset(&cb_data, 0, sizeof(tBTA_GATTC));
1279
1280 GATT_Deregister(p_clreg->client_if);
1281 memset(p_clreg, 0, sizeof(tBTA_GATTC_RCB));
1282
1283 cb_data.reg_oper.client_if = client_if;
1284 cb_data.reg_oper.status = GATT_SUCCESS;
1285
1286 if (p_cback) /* callback with de-register event */
1287 (*p_cback)(BTA_GATTC_DEREG_EVT, &cb_data);
1288
1289 if (bta_gattc_num_reg_app() == 0 &&
1290 bta_gattc_cb.state == BTA_GATTC_STATE_DISABLING) {
1291 bta_gattc_cb.state = BTA_GATTC_STATE_DISABLED;
1292 }
1293 }
1294
1295 /** callback functions to GATT client stack */
bta_gattc_conn_cback(tGATT_IF gattc_if,const RawAddress & bdaddr,uint16_t conn_id,bool connected,tGATT_DISCONN_REASON reason,tBT_TRANSPORT transport)1296 static void bta_gattc_conn_cback(tGATT_IF gattc_if, const RawAddress& bdaddr,
1297 uint16_t conn_id, bool connected,
1298 tGATT_DISCONN_REASON reason,
1299 tBT_TRANSPORT transport) {
1300 if (connected) {
1301 LOG_INFO("Connected client_if:%hhu addr:%s, transport:%s reason:%s",
1302 gattc_if, ADDRESS_TO_LOGGABLE_CSTR(bdaddr),
1303 bt_transport_text(transport).c_str(),
1304 gatt_disconnection_reason_text(reason).c_str());
1305 btif_debug_conn_state(bdaddr, BTIF_DEBUG_CONNECTED, GATT_CONN_OK);
1306 } else {
1307 LOG_INFO("Disconnected att_id:%hhu addr:%s, transport:%s reason:%s",
1308 gattc_if, ADDRESS_TO_LOGGABLE_CSTR(bdaddr),
1309 bt_transport_text(transport).c_str(),
1310 gatt_disconnection_reason_text(reason).c_str());
1311 btif_debug_conn_state(bdaddr, BTIF_DEBUG_DISCONNECTED, GATT_CONN_OK);
1312 }
1313
1314 tBTA_GATTC_DATA* p_buf =
1315 (tBTA_GATTC_DATA*)osi_calloc(sizeof(tBTA_GATTC_DATA));
1316 p_buf->int_conn.hdr.event =
1317 connected ? BTA_GATTC_INT_CONN_EVT : BTA_GATTC_INT_DISCONN_EVT;
1318 p_buf->int_conn.hdr.layer_specific = conn_id;
1319 p_buf->int_conn.client_if = gattc_if;
1320 p_buf->int_conn.role = L2CA_GetBleConnRole(bdaddr);
1321 p_buf->int_conn.reason = reason;
1322 p_buf->int_conn.transport = transport;
1323 p_buf->int_conn.remote_bda = bdaddr;
1324
1325 bta_sys_sendmsg(p_buf);
1326 }
1327
1328 /** encryption complete callback function to GATT client stack */
bta_gattc_enc_cmpl_cback(tGATT_IF gattc_if,const RawAddress & bda)1329 static void bta_gattc_enc_cmpl_cback(tGATT_IF gattc_if, const RawAddress& bda) {
1330 tBTA_GATTC_CLCB* p_clcb =
1331 bta_gattc_find_clcb_by_cif(gattc_if, bda, BT_TRANSPORT_LE);
1332
1333 if (p_clcb == NULL) return;
1334
1335 VLOG(1) << __func__ << ": cif:" << +gattc_if;
1336
1337 do_in_main_thread(FROM_HERE,
1338 base::Bind(&bta_gattc_process_enc_cmpl, gattc_if, bda));
1339 }
1340
1341 /** process refresh API to delete cache and start a new discovery if currently
1342 * connected */
bta_gattc_process_api_refresh(const RawAddress & remote_bda)1343 void bta_gattc_process_api_refresh(const RawAddress& remote_bda) {
1344 tBTA_GATTC_SERV* p_srvc_cb = bta_gattc_find_srvr_cache(remote_bda);
1345 if (p_srvc_cb) {
1346 /* try to find a CLCB */
1347 if (p_srvc_cb->connected && p_srvc_cb->num_clcb != 0) {
1348 bool found = false;
1349 tBTA_GATTC_CLCB* p_clcb = &bta_gattc_cb.clcb[0];
1350 for (uint8_t i = 0; i < BTA_GATTC_CLCB_MAX; i++, p_clcb++) {
1351 if (p_clcb->in_use && p_clcb->p_srcb == p_srvc_cb) {
1352 found = true;
1353 break;
1354 }
1355 }
1356 if (found) {
1357 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_DISCOVER_EVT, NULL);
1358 return;
1359 }
1360 }
1361 /* in all other cases, mark it and delete the cache */
1362
1363 p_srvc_cb->gatt_database.Clear();
1364 }
1365
1366 /* used to reset cache in application */
1367 bta_gattc_cache_reset(remote_bda);
1368 }
1369
1370 /** process service change indication */
bta_gattc_process_srvc_chg_ind(uint16_t conn_id,tBTA_GATTC_RCB * p_clrcb,tBTA_GATTC_SERV * p_srcb,tBTA_GATTC_CLCB * p_clcb,tBTA_GATTC_NOTIFY * p_notify,tGATT_VALUE * att_value)1371 static bool bta_gattc_process_srvc_chg_ind(uint16_t conn_id,
1372 tBTA_GATTC_RCB* p_clrcb,
1373 tBTA_GATTC_SERV* p_srcb,
1374 tBTA_GATTC_CLCB* p_clcb,
1375 tBTA_GATTC_NOTIFY* p_notify,
1376 tGATT_VALUE* att_value) {
1377 Uuid gattp_uuid = Uuid::From16Bit(UUID_SERVCLASS_GATT_SERVER);
1378 Uuid srvc_chg_uuid = Uuid::From16Bit(GATT_UUID_GATT_SRV_CHGD);
1379
1380 if (p_srcb->gatt_database.IsEmpty() && p_srcb->state == BTA_GATTC_SERV_IDLE) {
1381 gatt::Database db = bta_gattc_cache_load(p_srcb->server_bda);
1382 if (!db.IsEmpty()) {
1383 p_srcb->gatt_database = db;
1384 }
1385 }
1386
1387 const gatt::Characteristic* p_char =
1388 bta_gattc_get_characteristic_srcb(p_srcb, p_notify->handle);
1389 if (!p_char) return false;
1390 const gatt::Service* p_svc =
1391 bta_gattc_get_service_for_handle_srcb(p_srcb, p_char->value_handle);
1392 if (!p_svc || p_svc->uuid != gattp_uuid || p_char->uuid != srvc_chg_uuid) {
1393 return false;
1394 }
1395
1396 if (att_value->len != BTA_GATTC_SERVICE_CHANGED_LEN) {
1397 LOG(ERROR) << __func__
1398 << ": received malformed service changed indication, skipping";
1399 return false;
1400 }
1401
1402 uint8_t* p = att_value->value;
1403 uint16_t s_handle = ((uint16_t)(*(p)) + (((uint16_t)(*(p + 1))) << 8));
1404 uint16_t e_handle = ((uint16_t)(*(p + 2)) + (((uint16_t)(*(p + 3))) << 8));
1405
1406 LOG(ERROR) << __func__ << ": service changed s_handle=" << loghex(s_handle)
1407 << ", e_handle=" << loghex(e_handle);
1408
1409 /* mark service handle change pending */
1410 p_srcb->srvc_hdl_chg = true;
1411 /* clear up all notification/indication registration */
1412 bta_gattc_clear_notif_registration(p_srcb, conn_id, s_handle, e_handle);
1413 /* service change indication all received, do discovery update */
1414 if (++p_srcb->update_count == bta_gattc_num_reg_app()) {
1415 /* not an opened connection; or connection busy */
1416 /* search for first available clcb and start discovery */
1417 if (p_clcb == NULL || (p_clcb && p_clcb->p_q_cmd != NULL)) {
1418 for (size_t i = 0; i < BTA_GATTC_CLCB_MAX; i++) {
1419 if (bta_gattc_cb.clcb[i].in_use &&
1420 bta_gattc_cb.clcb[i].p_srcb == p_srcb &&
1421 bta_gattc_cb.clcb[i].p_q_cmd == NULL) {
1422 p_clcb = &bta_gattc_cb.clcb[i];
1423 break;
1424 }
1425 }
1426 }
1427 /* send confirmation here if this is an indication, it should always be */
1428 GATTC_SendHandleValueConfirm(conn_id, p_notify->cid);
1429
1430 /* if connection available, refresh cache by doing discovery now */
1431 if (p_clcb) {
1432 /* request read db hash first */
1433 if (bta_gattc_is_robust_caching_enabled()) {
1434 p_srcb->srvc_hdl_db_hash = true;
1435 }
1436 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_DISCOVER_EVT, NULL);
1437 }
1438 }
1439
1440 /* notify applicationf or service change */
1441 if (p_clrcb->p_cback) {
1442 tBTA_GATTC bta_gattc;
1443 bta_gattc.service_changed.remote_bda = p_srcb->server_bda;
1444 bta_gattc.service_changed.conn_id = conn_id;
1445 (*p_clrcb->p_cback)(BTA_GATTC_SRVC_CHG_EVT, &bta_gattc);
1446 }
1447
1448 return true;
1449 }
1450
1451 /** process all non-service change indication/notification */
bta_gattc_proc_other_indication(tBTA_GATTC_CLCB * p_clcb,uint8_t op,tGATT_CL_COMPLETE * p_data,tBTA_GATTC_NOTIFY * p_notify)1452 static void bta_gattc_proc_other_indication(tBTA_GATTC_CLCB* p_clcb, uint8_t op,
1453 tGATT_CL_COMPLETE* p_data,
1454 tBTA_GATTC_NOTIFY* p_notify) {
1455 VLOG(1) << __func__
1456 << StringPrintf(
1457 ": check p_data->att_value.handle=%d p_data->handle=%d",
1458 p_data->att_value.handle, p_data->handle);
1459 VLOG(1) << "is_notify " << p_notify->is_notify;
1460
1461 p_notify->is_notify = (op == GATTC_OPTYPE_INDICATION) ? false : true;
1462 p_notify->len = p_data->att_value.len;
1463 p_notify->bda = p_clcb->bda;
1464 memcpy(p_notify->value, p_data->att_value.value, p_data->att_value.len);
1465 p_notify->conn_id = p_clcb->bta_conn_id;
1466
1467 if (p_clcb->p_rcb->p_cback) {
1468 tBTA_GATTC bta_gattc;
1469 bta_gattc.notify = *p_notify;
1470 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_NOTIF_EVT, &bta_gattc);
1471 }
1472 }
1473
1474 /** process indication/notification */
bta_gattc_process_indicate(uint16_t conn_id,tGATTC_OPTYPE op,tGATT_CL_COMPLETE * p_data)1475 static void bta_gattc_process_indicate(uint16_t conn_id, tGATTC_OPTYPE op,
1476 tGATT_CL_COMPLETE* p_data) {
1477 uint16_t handle = p_data->att_value.handle;
1478 tBTA_GATTC_NOTIFY notify;
1479 RawAddress remote_bda;
1480 tGATT_IF gatt_if;
1481 tBT_TRANSPORT transport;
1482
1483 if (!GATT_GetConnectionInfor(conn_id, &gatt_if, remote_bda, &transport)) {
1484 LOG(ERROR) << __func__ << ": indication/notif for unknown app";
1485 if (op == GATTC_OPTYPE_INDICATION)
1486 GATTC_SendHandleValueConfirm(conn_id, p_data->cid);
1487 return;
1488 }
1489
1490 tBTA_GATTC_RCB* p_clrcb = bta_gattc_cl_get_regcb(gatt_if);
1491 if (p_clrcb == NULL) {
1492 LOG(ERROR) << __func__ << ": indication/notif for unregistered app";
1493 if (op == GATTC_OPTYPE_INDICATION)
1494 GATTC_SendHandleValueConfirm(conn_id, p_data->cid);
1495 return;
1496 }
1497
1498 tBTA_GATTC_SERV* p_srcb = bta_gattc_find_srcb(remote_bda);
1499 if (p_srcb == NULL) {
1500 LOG(ERROR) << __func__ << ": indication/notif for unknown device, ignore";
1501 if (op == GATTC_OPTYPE_INDICATION)
1502 GATTC_SendHandleValueConfirm(conn_id, p_data->cid);
1503 return;
1504 }
1505
1506 tBTA_GATTC_CLCB* p_clcb = bta_gattc_find_clcb_by_conn_id(conn_id);
1507
1508 notify.handle = handle;
1509 notify.cid = p_data->cid;
1510
1511 /* if service change indication/notification, don't forward to application */
1512 if (bta_gattc_process_srvc_chg_ind(conn_id, p_clrcb, p_srcb, p_clcb, ¬ify,
1513 &p_data->att_value))
1514 return;
1515
1516 /* if app registered for the notification */
1517 if (bta_gattc_check_notif_registry(p_clrcb, p_srcb, ¬ify)) {
1518 /* connection not open yet */
1519 if (p_clcb == NULL) {
1520 p_clcb = bta_gattc_clcb_alloc(gatt_if, remote_bda, transport);
1521
1522 if (p_clcb == NULL) {
1523 LOG(ERROR) << "No resources";
1524 return;
1525 }
1526
1527 p_clcb->bta_conn_id = conn_id;
1528 p_clcb->transport = transport;
1529
1530 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_CONN_EVT, NULL);
1531 }
1532
1533 if (p_clcb != NULL)
1534 bta_gattc_proc_other_indication(p_clcb, op, p_data, ¬ify);
1535 }
1536 /* no one intersted and need ack? */
1537 else if (op == GATTC_OPTYPE_INDICATION) {
1538 VLOG(1) << __func__ << " no one interested, ack now";
1539 GATTC_SendHandleValueConfirm(conn_id, p_data->cid);
1540 }
1541 }
1542
1543 /** client operation complete callback register with BTE GATT */
bta_gattc_cmpl_cback(uint16_t conn_id,tGATTC_OPTYPE op,tGATT_STATUS status,tGATT_CL_COMPLETE * p_data)1544 static void bta_gattc_cmpl_cback(uint16_t conn_id, tGATTC_OPTYPE op,
1545 tGATT_STATUS status,
1546 tGATT_CL_COMPLETE* p_data) {
1547 VLOG(1) << __func__ << ": conn_id:" << +conn_id << " op:" << +op
1548 << " status:" << +status;
1549
1550 /* notification and indication processed right away */
1551 if (op == GATTC_OPTYPE_NOTIFICATION || op == GATTC_OPTYPE_INDICATION) {
1552 bta_gattc_process_indicate(conn_id, op, p_data);
1553 return;
1554 }
1555 /* for all other operation, not expected if w/o connection */
1556 tBTA_GATTC_CLCB* p_clcb = bta_gattc_find_clcb_by_conn_id(conn_id);
1557 if (!p_clcb) {
1558 LOG(ERROR) << __func__ << ": unknown conn_id=" << loghex(conn_id)
1559 << " ignore data";
1560 return;
1561 }
1562
1563 /* if over BR_EDR, inform PM for mode change */
1564 if (p_clcb->transport == BT_TRANSPORT_BR_EDR) {
1565 bta_sys_busy(BTA_ID_GATTC, BTA_ALL_APP_ID, p_clcb->bda);
1566 bta_sys_idle(BTA_ID_GATTC, BTA_ALL_APP_ID, p_clcb->bda);
1567 }
1568
1569 bta_gattc_cmpl_sendmsg(conn_id, op, status, p_data);
1570 }
1571
1572 /** client operation complete send message */
bta_gattc_cmpl_sendmsg(uint16_t conn_id,tGATTC_OPTYPE op,tGATT_STATUS status,tGATT_CL_COMPLETE * p_data)1573 void bta_gattc_cmpl_sendmsg(uint16_t conn_id, tGATTC_OPTYPE op,
1574 tGATT_STATUS status, tGATT_CL_COMPLETE* p_data) {
1575 const size_t len = sizeof(tBTA_GATTC_OP_CMPL) + sizeof(tGATT_CL_COMPLETE);
1576 tBTA_GATTC_OP_CMPL* p_buf = (tBTA_GATTC_OP_CMPL*)osi_calloc(len);
1577
1578 p_buf->hdr.event = BTA_GATTC_OP_CMPL_EVT;
1579 p_buf->hdr.layer_specific = conn_id;
1580 p_buf->status = status;
1581 p_buf->op_code = op;
1582
1583 if (p_data) {
1584 p_buf->p_cmpl = (tGATT_CL_COMPLETE*)(p_buf + 1);
1585 memcpy(p_buf->p_cmpl, p_data, sizeof(tGATT_CL_COMPLETE));
1586 }
1587
1588 bta_sys_sendmsg(p_buf);
1589 }
1590
1591 /** congestion callback for BTA GATT client */
bta_gattc_cong_cback(uint16_t conn_id,bool congested)1592 static void bta_gattc_cong_cback(uint16_t conn_id, bool congested) {
1593 tBTA_GATTC_CLCB* p_clcb = bta_gattc_find_clcb_by_conn_id(conn_id);
1594 if (!p_clcb || !p_clcb->p_rcb->p_cback) return;
1595
1596 tBTA_GATTC cb_data;
1597 cb_data.congest.conn_id = conn_id;
1598 cb_data.congest.congested = congested;
1599
1600 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_CONGEST_EVT, &cb_data);
1601 }
1602
bta_gattc_phy_update_cback(tGATT_IF gatt_if,uint16_t conn_id,uint8_t tx_phy,uint8_t rx_phy,tGATT_STATUS status)1603 static void bta_gattc_phy_update_cback(tGATT_IF gatt_if, uint16_t conn_id,
1604 uint8_t tx_phy, uint8_t rx_phy,
1605 tGATT_STATUS status) {
1606 tBTA_GATTC_RCB* p_clreg = bta_gattc_cl_get_regcb(gatt_if);
1607
1608 if (!p_clreg || !p_clreg->p_cback) {
1609 LOG(ERROR) << __func__ << ": client_if=" << +gatt_if << " not found";
1610 return;
1611 }
1612
1613 tBTA_GATTC cb_data;
1614 cb_data.phy_update.conn_id = conn_id;
1615 cb_data.phy_update.server_if = gatt_if;
1616 cb_data.phy_update.tx_phy = tx_phy;
1617 cb_data.phy_update.rx_phy = rx_phy;
1618 cb_data.phy_update.status = status;
1619 (*p_clreg->p_cback)(BTA_GATTC_PHY_UPDATE_EVT, &cb_data);
1620 }
1621
bta_gattc_conn_update_cback(tGATT_IF gatt_if,uint16_t conn_id,uint16_t interval,uint16_t latency,uint16_t timeout,tGATT_STATUS status)1622 static void bta_gattc_conn_update_cback(tGATT_IF gatt_if, uint16_t conn_id,
1623 uint16_t interval, uint16_t latency,
1624 uint16_t timeout, tGATT_STATUS status) {
1625 tBTA_GATTC_RCB* p_clreg = bta_gattc_cl_get_regcb(gatt_if);
1626
1627 if (!p_clreg || !p_clreg->p_cback) {
1628 LOG(ERROR) << __func__ << ": client_if=" << gatt_if << " not found";
1629 return;
1630 }
1631
1632 tBTA_GATTC cb_data;
1633 cb_data.conn_update.conn_id = conn_id;
1634 cb_data.conn_update.interval = interval;
1635 cb_data.conn_update.latency = latency;
1636 cb_data.conn_update.timeout = timeout;
1637 cb_data.conn_update.status = status;
1638 (*p_clreg->p_cback)(BTA_GATTC_CONN_UPDATE_EVT, &cb_data);
1639 }
1640
bta_gattc_subrate_chg_cback(tGATT_IF gatt_if,uint16_t conn_id,uint16_t subrate_factor,uint16_t latency,uint16_t cont_num,uint16_t timeout,tGATT_STATUS status)1641 static void bta_gattc_subrate_chg_cback(tGATT_IF gatt_if, uint16_t conn_id,
1642 uint16_t subrate_factor,
1643 uint16_t latency, uint16_t cont_num,
1644 uint16_t timeout, tGATT_STATUS status) {
1645 tBTA_GATTC_RCB* p_clreg = bta_gattc_cl_get_regcb(gatt_if);
1646
1647 if (!p_clreg || !p_clreg->p_cback) {
1648 LOG(ERROR) << __func__ << ": client_if=" << gatt_if << " not found";
1649 return;
1650 }
1651
1652 tBTA_GATTC cb_data;
1653 cb_data.subrate_chg.conn_id = conn_id;
1654 cb_data.subrate_chg.subrate_factor = subrate_factor;
1655 cb_data.subrate_chg.latency = latency;
1656 cb_data.subrate_chg.cont_num = cont_num;
1657 cb_data.subrate_chg.timeout = timeout;
1658 cb_data.subrate_chg.status = status;
1659 (*p_clreg->p_cback)(BTA_GATTC_SUBRATE_CHG_EVT, &cb_data);
1660 }
1661