1 /******************************************************************************
2 *
3 * Copyright 2003-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains the GATT client action functions for the state
22 * machine.
23 *
24 ******************************************************************************/
25
26 #define LOG_TAG "bt_bta_gattc"
27
28 #include <base/functional/bind.h>
29 #include <bluetooth/log.h>
30 #include <com_android_bluetooth_flags.h>
31
32 #include "bta/gatt/bta_gattc_int.h"
33 #include "bta/include/bta_api.h"
34 #include "btif/include/btif_debug_conn.h"
35 #include "hardware/bt_gatt_types.h"
36 #include "hci/controller_interface.h"
37 #include "main/shim/entry.h"
38 #include "osi/include/allocator.h"
39 #include "stack/include/bt_hdr.h"
40 #include "stack/include/bt_uuid16.h"
41 #include "stack/include/btm_ble_api_types.h"
42 #include "stack/include/btm_sec_api.h"
43 #include "stack/include/l2cap_interface.h"
44 #include "stack/include/main_thread.h"
45 #include "types/bluetooth/uuid.h"
46 #include "types/raw_address.h"
47
48 using bluetooth::Uuid;
49 using namespace bluetooth;
50
51 /*****************************************************************************
52 * Constants
53 ****************************************************************************/
54 static void bta_gattc_conn_cback(tGATT_IF gattc_if, const RawAddress& bda, tCONN_ID conn_id,
55 bool connected, tGATT_DISCONN_REASON reason,
56 tBT_TRANSPORT transport);
57
58 static void bta_gattc_cmpl_cback(tCONN_ID conn_id, tGATTC_OPTYPE op, tGATT_STATUS status,
59 tGATT_CL_COMPLETE* p_data);
60 static void bta_gattc_deregister_cmpl(tBTA_GATTC_RCB* p_clreg);
61 static void bta_gattc_enc_cmpl_cback(tGATT_IF gattc_if, const RawAddress& bda);
62 static void bta_gattc_cong_cback(tCONN_ID conn_id, bool congested);
63 static void bta_gattc_phy_update_cback(tGATT_IF gatt_if, tCONN_ID conn_id, uint8_t tx_phy,
64 uint8_t rx_phy, tGATT_STATUS status);
65 static void bta_gattc_conn_update_cback(tGATT_IF gatt_if, tCONN_ID conn_id, uint16_t interval,
66 uint16_t latency, uint16_t timeout, tGATT_STATUS status);
67 static void bta_gattc_subrate_chg_cback(tGATT_IF gatt_if, tCONN_ID conn_id, uint16_t subrate_factor,
68 uint16_t latency, uint16_t cont_num, uint16_t timeout,
69 tGATT_STATUS status);
70 static void bta_gattc_init_bk_conn(const tBTA_GATTC_API_OPEN* p_data, tBTA_GATTC_RCB* p_clreg);
71
72 static tGATT_CBACK bta_gattc_cl_cback = {
73 .p_conn_cb = bta_gattc_conn_cback,
74 .p_cmpl_cb = bta_gattc_cmpl_cback,
75 .p_disc_res_cb = bta_gattc_disc_res_cback,
76 .p_disc_cmpl_cb = bta_gattc_disc_cmpl_cback,
77 .p_req_cb = nullptr,
78 .p_enc_cmpl_cb = bta_gattc_enc_cmpl_cback,
79 .p_congestion_cb = bta_gattc_cong_cback,
80 .p_phy_update_cb = bta_gattc_phy_update_cback,
81 .p_conn_update_cb = bta_gattc_conn_update_cback,
82 .p_subrate_chg_cb = bta_gattc_subrate_chg_cback,
83 };
84
85 /* opcode(tGATTC_OPTYPE) order has to be comply with internal event order */
86 static uint16_t bta_gattc_opcode_to_int_evt[] = {
87 /* Skip: GATTC_OPTYPE_NONE */
88 /* Skip: GATTC_OPTYPE_DISCOVERY */
89 BTA_GATTC_API_READ_EVT, /* GATTC_OPTYPE_READ */
90 BTA_GATTC_API_WRITE_EVT, /* GATTC_OPTYPE_WRITE */
91 BTA_GATTC_API_EXEC_EVT, /* GATTC_OPTYPE_EXE_WRITE */
92 BTA_GATTC_API_CFG_MTU_EVT /* GATTC_OPTYPE_CONFIG */
93 };
94
95 static const char* bta_gattc_op_code_name[] = {
96 "Unknown", /* GATTC_OPTYPE_NONE */
97 "Discovery", /* GATTC_OPTYPE_DISCOVERY */
98 "Read", /* GATTC_OPTYPE_READ */
99 "Write", /* GATTC_OPTYPE_WRITE */
100 "Exec", /* GATTC_OPTYPE_EXE_WRITE */
101 "Config", /* GATTC_OPTYPE_CONFIG */
102 "Notification", /* GATTC_OPTYPE_NOTIFICATION */
103 "Indication" /* GATTC_OPTYPE_INDICATION */
104 };
105
106 /*****************************************************************************
107 * Action Functions
108 ****************************************************************************/
109
110 /** Enables GATTC module */
bta_gattc_enable()111 static void bta_gattc_enable() {
112 log::verbose("");
113
114 if (bta_gattc_cb.state == BTA_GATTC_STATE_DISABLED) {
115 /* initialize control block */
116 bta_gattc_cb = tBTA_GATTC_CB();
117 bta_gattc_cb.state = BTA_GATTC_STATE_ENABLED;
118 } else {
119 log::verbose("GATTC is already enabled");
120 }
121 }
122
123 /** Disable GATTC module by cleaning up all active connections and deregister
124 * all application */
bta_gattc_disable()125 void bta_gattc_disable() {
126 uint8_t i;
127
128 log::verbose("");
129
130 if (bta_gattc_cb.state != BTA_GATTC_STATE_ENABLED) {
131 log::error("not enabled, or disabled in progress");
132 return;
133 }
134
135 if (!bta_gattc_cb.cl_rcb_map.empty()) {
136 bta_gattc_cb.state = BTA_GATTC_STATE_DISABLING;
137 }
138
139 // An entry can be erased during deregister, use a copied collection
140 std::vector<tGATT_IF> gatt_ifs;
141 for (auto& [gatt_if, p_rcb] : bta_gattc_cb.cl_rcb_map) {
142 gatt_ifs.push_back(gatt_if);
143 }
144 for (auto& gatt_if : gatt_ifs) {
145 bta_gattc_deregister(bta_gattc_cb.cl_rcb_map[gatt_if].get());
146 }
147
148 /* no registered apps, indicate disable completed */
149 if (bta_gattc_cb.state != BTA_GATTC_STATE_DISABLING) {
150 bta_gattc_cb = tBTA_GATTC_CB();
151 bta_gattc_cb.state = BTA_GATTC_STATE_DISABLED;
152 }
153 }
154
155 /** start an application interface */
bta_gattc_start_if(uint8_t client_if)156 static void bta_gattc_start_if(uint8_t client_if) {
157 log::debug("client_if={}", client_if);
158 if (!bta_gattc_cl_get_regcb(client_if)) {
159 log::error("Unable to start app.: Unknown client_if={}", client_if);
160 return;
161 }
162
163 GATT_StartIf(client_if);
164 }
165
166 /** Register a GATT client application with BTA */
bta_gattc_register(const Uuid & app_uuid,const std::string & name,tBTA_GATTC_CBACK * p_cback,BtaAppRegisterCallback cb,bool eatt_support)167 void bta_gattc_register(const Uuid& app_uuid, const std::string& name, tBTA_GATTC_CBACK* p_cback,
168 BtaAppRegisterCallback cb, bool eatt_support) {
169 tGATT_STATUS status = GATT_NO_RESOURCES;
170 uint8_t client_if = 0;
171 log::debug("state: {}, uuid={}", bta_gattc_cb.state, app_uuid.ToString());
172
173 /* check if GATTC module is already enabled . Else enable */
174 if (bta_gattc_cb.state == BTA_GATTC_STATE_DISABLED) {
175 log::debug("GATTC module not enabled, enabling it");
176 bta_gattc_enable();
177 }
178
179 client_if = GATT_Register(app_uuid, name, &bta_gattc_cl_cback, eatt_support);
180 if (client_if == 0) {
181 log::error("Register with GATT stack failed");
182 status = GATT_ERROR;
183 } else {
184 auto p_rcb = std::make_unique<tBTA_GATTC_RCB>();
185 p_rcb->in_use = true;
186 p_rcb->p_cback = p_cback;
187 p_rcb->app_uuid = app_uuid;
188 p_rcb->client_if = client_if;
189 bta_gattc_cb.cl_rcb_map.emplace(client_if, std::move(p_rcb));
190
191 log::debug(
192 "Registered GATT client interface {} with uuid={}, starting it on "
193 "main thread",
194 client_if, app_uuid.ToString());
195
196 do_in_main_thread(base::BindOnce(&bta_gattc_start_if, client_if));
197 status = GATT_SUCCESS;
198 }
199
200 if (!cb.is_null()) {
201 cb.Run(client_if, status);
202 } else {
203 log::warn("No GATT callback available, client_if={}, status={}", client_if, status);
204 }
205 }
206
207 /** De-Register a GATT client application with BTA */
bta_gattc_deregister(tBTA_GATTC_RCB * p_clreg)208 void bta_gattc_deregister(tBTA_GATTC_RCB* p_clreg) {
209 uint8_t accept_list_size = 0;
210 if (bluetooth::shim::GetController()->SupportsBle()) {
211 accept_list_size = bluetooth::shim::GetController()->GetLeFilterAcceptListSize();
212 }
213
214 /* remove bg connection associated with this rcb */
215 for (uint8_t i = 0; i < accept_list_size; i++) {
216 if (!bta_gattc_cb.bg_track[i].in_use) {
217 continue;
218 }
219
220 if (bta_gattc_cb.bg_track[i].cif_set.contains(p_clreg->client_if)) {
221 bta_gattc_mark_bg_conn(p_clreg->client_if, bta_gattc_cb.bg_track[i].remote_bda, false);
222 if (!GATT_CancelConnect(p_clreg->client_if, bta_gattc_cb.bg_track[i].remote_bda, false)) {
223 log::warn(
224 "Unable to cancel GATT connection client_if:{} peer:{} "
225 "is_direct:{}",
226 p_clreg->client_if, bta_gattc_cb.bg_track[i].remote_bda, false);
227 }
228 }
229 }
230
231 if (p_clreg->num_clcb == 0) {
232 bta_gattc_deregister_cmpl(p_clreg);
233 return;
234 }
235
236 /* close all CLCB related to this app */
237 for (auto& p_clcb : bta_gattc_cb.clcb_set) {
238 if (!p_clcb->in_use || p_clcb->p_rcb != p_clreg) {
239 continue;
240 }
241 p_clreg->dereg_pending = true;
242
243 tBTA_GATTC_DATA gattc_data = {
244 .hdr =
245 {
246 .event = BTA_GATTC_API_CLOSE_EVT,
247 .layer_specific = static_cast<uint16_t>(p_clcb->bta_conn_id),
248 },
249 };
250 bta_gattc_close(p_clcb.get(), &gattc_data);
251 }
252 // deallocated clcbs will not be accessed. Let them be claened up.
253 bta_gattc_cleanup_clcb();
254 }
255
256 /** process connect API request */
bta_gattc_process_api_open(const tBTA_GATTC_DATA * p_msg)257 void bta_gattc_process_api_open(const tBTA_GATTC_DATA* p_msg) {
258 uint16_t event = ((BT_HDR_RIGID*)p_msg)->event;
259
260 tBTA_GATTC_RCB* p_clreg = bta_gattc_cl_get_regcb(p_msg->api_conn.client_if);
261 if (!p_clreg) {
262 log::error("Failed, unknown client_if={}", p_msg->api_conn.client_if);
263 return;
264 }
265
266 if (p_msg->api_conn.connection_type != BTM_BLE_DIRECT_CONNECTION) {
267 bta_gattc_init_bk_conn(&p_msg->api_conn, p_clreg);
268 return;
269 }
270
271 tBTA_GATTC_CLCB* p_clcb = bta_gattc_find_alloc_clcb(
272 p_msg->api_conn.client_if, p_msg->api_conn.remote_bda, p_msg->api_conn.transport);
273 if (p_clcb != nullptr) {
274 bta_gattc_sm_execute(p_clcb, event, p_msg);
275 } else {
276 log::error("No resources to open a new connection.");
277
278 bta_gattc_send_open_cback(p_clreg, GATT_NO_RESOURCES, p_msg->api_conn.remote_bda,
279 GATT_INVALID_CONN_ID, p_msg->api_conn.transport, 0);
280 }
281 }
282
283 /** process connect API request */
bta_gattc_process_api_open_cancel(const tBTA_GATTC_DATA * p_msg)284 void bta_gattc_process_api_open_cancel(const tBTA_GATTC_DATA* p_msg) {
285 log::assert_that(p_msg != nullptr, "assert failed: p_msg != nullptr");
286
287 uint16_t event = ((BT_HDR_RIGID*)p_msg)->event;
288
289 if (!p_msg->api_cancel_conn.is_direct) {
290 log::debug("Cancel GATT client background connection");
291 bta_gattc_cancel_bk_conn(&p_msg->api_cancel_conn);
292 return;
293 }
294 log::debug("Cancel GATT client direct connection");
295
296 tBTA_GATTC_CLCB* p_clcb = bta_gattc_find_clcb_by_cif(
297 p_msg->api_cancel_conn.client_if, p_msg->api_cancel_conn.remote_bda, BT_TRANSPORT_LE);
298 if (p_clcb != NULL) {
299 bta_gattc_sm_execute(p_clcb, event, p_msg);
300 return;
301 }
302
303 log::error("No such connection need to be cancelled");
304
305 tBTA_GATTC_RCB* p_clreg = bta_gattc_cl_get_regcb(p_msg->api_cancel_conn.client_if);
306
307 if (p_clreg && p_clreg->p_cback) {
308 tBTA_GATTC cb_data;
309 cb_data.status = GATT_ERROR;
310 (*p_clreg->p_cback)(BTA_GATTC_CANCEL_OPEN_EVT, &cb_data);
311 }
312 }
313
314 /** process encryption complete message */
bta_gattc_process_enc_cmpl(tGATT_IF client_if,const RawAddress & bda)315 static void bta_gattc_process_enc_cmpl(tGATT_IF client_if, const RawAddress& bda) {
316 tBTA_GATTC_RCB* p_clreg = bta_gattc_cl_get_regcb(client_if);
317
318 if (!p_clreg || !p_clreg->p_cback) {
319 return;
320 }
321
322 tBTA_GATTC cb_data;
323 memset(&cb_data, 0, sizeof(tBTA_GATTC));
324
325 cb_data.enc_cmpl.client_if = client_if;
326 cb_data.enc_cmpl.remote_bda = bda;
327
328 (*p_clreg->p_cback)(BTA_GATTC_ENC_CMPL_CB_EVT, &cb_data);
329 }
330
bta_gattc_cancel_open_error(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA *)331 void bta_gattc_cancel_open_error(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* /* p_data */) {
332 tBTA_GATTC cb_data;
333
334 cb_data.status = GATT_ERROR;
335
336 if (p_clcb && p_clcb->p_rcb && p_clcb->p_rcb->p_cback) {
337 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_CANCEL_OPEN_EVT, &cb_data);
338 }
339 }
340
bta_gattc_open_error(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA *)341 void bta_gattc_open_error(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* /* p_data */) {
342 log::error("Connection already opened. wrong state");
343
344 bta_gattc_send_open_cback(p_clcb->p_rcb, GATT_SUCCESS, p_clcb->bda, p_clcb->bta_conn_id,
345 p_clcb->transport, 0);
346 }
347
bta_gattc_open_fail(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)348 void bta_gattc_open_fail(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
349 if (p_data->int_conn.reason == GATT_CONN_TIMEOUT) {
350 log::warn(
351 "Connection timed out after 30 seconds. conn_id=0x{:x}. Return "
352 "GATT_CONNECTION_TIMEOUT({})",
353 p_clcb->bta_conn_id, GATT_CONNECTION_TIMEOUT);
354 bta_gattc_send_open_cback(p_clcb->p_rcb, GATT_CONNECTION_TIMEOUT, p_clcb->bda,
355 p_clcb->bta_conn_id, p_clcb->transport, 0);
356 } else {
357 log::warn("Cannot establish Connection. conn_id=0x{:x}. Return GATT_ERROR({})",
358 p_clcb->bta_conn_id, GATT_ERROR);
359 bta_gattc_send_open_cback(p_clcb->p_rcb, GATT_ERROR, p_clcb->bda, p_clcb->bta_conn_id,
360 p_clcb->transport, 0);
361 }
362
363 /* open failure, remove clcb */
364 bta_gattc_clcb_dealloc(p_clcb);
365 }
366
367 /** Process API connection function */
bta_gattc_open(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)368 void bta_gattc_open(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
369 tBTA_GATTC_DATA gattc_data;
370
371 /* open/hold a connection */
372 if (!GATT_Connect(p_clcb->p_rcb->client_if, p_data->api_conn.remote_bda,
373 p_data->api_conn.remote_addr_type, BTM_BLE_DIRECT_CONNECTION,
374 p_data->api_conn.transport, p_data->api_conn.opportunistic,
375 p_data->api_conn.initiating_phys, p_data->api_conn.preferred_mtu)) {
376 log::error("Connection open failure");
377 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_OPEN_FAIL_EVT, p_data);
378 return;
379 }
380
381 tBTA_GATTC_RCB* p_clreg = p_clcb->p_rcb;
382 /* Re-enable notification registration for closed connection */
383 for (int i = 0; i < BTA_GATTC_NOTIF_REG_MAX; i++) {
384 if (p_clreg->notif_reg[i].in_use && p_clreg->notif_reg[i].remote_bda == p_clcb->bda &&
385 p_clreg->notif_reg[i].app_disconnected) {
386 p_clreg->notif_reg[i].app_disconnected = false;
387 }
388 }
389
390 /* a connected remote device */
391 if (GATT_GetConnIdIfConnected(p_clcb->p_rcb->client_if, p_data->api_conn.remote_bda,
392 &p_clcb->bta_conn_id, p_data->api_conn.transport)) {
393 gattc_data.int_conn.hdr.layer_specific = static_cast<uint16_t>(p_clcb->bta_conn_id);
394
395 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_CONN_EVT, &gattc_data);
396 }
397 /* else wait for the callback event */
398 }
399
400 /** Process API Open for a background connection */
bta_gattc_init_bk_conn(const tBTA_GATTC_API_OPEN * p_data,tBTA_GATTC_RCB * p_clreg)401 static void bta_gattc_init_bk_conn(const tBTA_GATTC_API_OPEN* p_data, tBTA_GATTC_RCB* p_clreg) {
402 if (!bta_gattc_mark_bg_conn(p_data->client_if, p_data->remote_bda, true)) {
403 log::warn("Unable to find space for accept list connection mask");
404 bta_gattc_send_open_cback(p_clreg, GATT_NO_RESOURCES, p_data->remote_bda, GATT_INVALID_CONN_ID,
405 BT_TRANSPORT_LE, 0);
406 return;
407 }
408
409 /* always call open to hold a connection */
410 if (!GATT_Connect(p_data->client_if, p_data->remote_bda, BLE_ADDR_PUBLIC, p_data->connection_type,
411 p_data->transport, false, LE_PHY_1M, p_data->preferred_mtu)) {
412 log::error("Unable to connect to remote bd_addr={}", p_data->remote_bda);
413 bta_gattc_send_open_cback(p_clreg, GATT_ILLEGAL_PARAMETER, p_data->remote_bda,
414 GATT_INVALID_CONN_ID, BT_TRANSPORT_LE, 0);
415 return;
416 }
417
418 tCONN_ID conn_id;
419 if (!GATT_GetConnIdIfConnected(p_data->client_if, p_data->remote_bda, &conn_id,
420 p_data->transport)) {
421 log::info("Not a connected remote device yet");
422 return;
423 }
424
425 tBTA_GATTC_CLCB* p_clcb =
426 bta_gattc_find_alloc_clcb(p_data->client_if, p_data->remote_bda, BT_TRANSPORT_LE);
427 if (!p_clcb) {
428 log::warn("Unable to find connection link for device:{}", p_data->remote_bda);
429 return;
430 }
431
432 p_clcb->bta_conn_id = conn_id;
433 tBTA_GATTC_DATA gattc_data = {
434 .hdr =
435 {
436 .layer_specific = static_cast<uint16_t>(conn_id),
437 },
438 };
439
440 /* open connection */
441 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_CONN_EVT,
442 static_cast<const tBTA_GATTC_DATA*>(&gattc_data));
443 }
444
445 /** Process API Cancel Open for a background connection */
bta_gattc_cancel_bk_conn(const tBTA_GATTC_API_CANCEL_OPEN * p_data)446 void bta_gattc_cancel_bk_conn(const tBTA_GATTC_API_CANCEL_OPEN* p_data) {
447 tBTA_GATTC_RCB* p_clreg;
448 tBTA_GATTC cb_data;
449 cb_data.status = GATT_ERROR;
450
451 /* remove the device from the bg connection mask */
452 if (bta_gattc_mark_bg_conn(p_data->client_if, p_data->remote_bda, false)) {
453 if (GATT_CancelConnect(p_data->client_if, p_data->remote_bda, false)) {
454 cb_data.status = GATT_SUCCESS;
455 } else {
456 log::error("failed for client_if={}, remote_bda={}, is_direct=false",
457 static_cast<int>(p_data->client_if), p_data->remote_bda);
458 }
459 }
460 p_clreg = bta_gattc_cl_get_regcb(p_data->client_if);
461
462 if (p_clreg && p_clreg->p_cback) {
463 (*p_clreg->p_cback)(BTA_GATTC_CANCEL_OPEN_EVT, &cb_data);
464 }
465 }
466
bta_gattc_cancel_open_ok(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA *)467 void bta_gattc_cancel_open_ok(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* /* p_data */) {
468 tBTA_GATTC cb_data;
469
470 if (p_clcb->p_rcb->p_cback) {
471 cb_data.status = GATT_SUCCESS;
472 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_CANCEL_OPEN_EVT, &cb_data);
473 }
474
475 bta_gattc_clcb_dealloc(p_clcb);
476 }
477
bta_gattc_cancel_open(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)478 void bta_gattc_cancel_open(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
479 tBTA_GATTC cb_data;
480
481 if (GATT_CancelConnect(p_clcb->p_rcb->client_if, p_data->api_cancel_conn.remote_bda, true)) {
482 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_CANCEL_OPEN_OK_EVT, p_data);
483 } else {
484 if (p_clcb->p_rcb->p_cback) {
485 cb_data.status = GATT_ERROR;
486 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_CANCEL_OPEN_EVT, &cb_data);
487 }
488 }
489 }
490
491 /** receive connection callback from stack */
bta_gattc_conn(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)492 void bta_gattc_conn(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
493 tGATT_IF gatt_if;
494 log::verbose("server cache state={}", p_clcb->p_srcb->state);
495
496 if (p_data != NULL) {
497 log::verbose("conn_id=0x{:x}", p_data->hdr.layer_specific);
498 p_clcb->bta_conn_id = static_cast<tCONN_ID>(p_data->int_conn.hdr.layer_specific);
499
500 if (!GATT_GetConnectionInfor(p_clcb->bta_conn_id, &gatt_if, p_clcb->bda, &p_clcb->transport)) {
501 log::warn("Unable to get GATT connection information peer:{}", p_clcb->bda);
502 }
503 }
504
505 p_clcb->p_srcb->connected = true;
506
507 if (p_clcb->p_srcb->mtu == 0) {
508 p_clcb->p_srcb->mtu = GATT_DEF_BLE_MTU_SIZE;
509 }
510
511 tBTA_GATTC_RCB* p_clreg = p_clcb->p_rcb;
512 /* Re-enable notification registration for closed connection */
513 for (int i = 0; i < BTA_GATTC_NOTIF_REG_MAX; i++) {
514 if (p_clreg->notif_reg[i].in_use && p_clreg->notif_reg[i].remote_bda == p_clcb->bda &&
515 p_clreg->notif_reg[i].app_disconnected) {
516 p_clreg->notif_reg[i].app_disconnected = false;
517 }
518 }
519
520 /* start database cache if needed */
521 if (p_clcb->p_srcb->gatt_database.IsEmpty() || p_clcb->p_srcb->state != BTA_GATTC_SERV_IDLE) {
522 if (p_clcb->p_srcb->state == BTA_GATTC_SERV_IDLE) {
523 p_clcb->p_srcb->state = BTA_GATTC_SERV_LOAD;
524 // Consider the case that if GATT Server is changed, but no service
525 // changed indication is received, the database might be out of date. So
526 // if robust caching is known to be supported, always check the db hash
527 // first, before loading the stored database.
528
529 // Only load the database if we are bonded, since the device cache is
530 // meaningless otherwise (as we need to do rediscovery regardless)
531 gatt::Database db = btm_sec_is_a_bonded_dev(p_clcb->bda)
532 ? bta_gattc_cache_load(p_clcb->p_srcb->server_bda)
533 : gatt::Database();
534 auto robust_caching_support = GetRobustCachingSupport(p_clcb, db);
535 log::info("Connected to {}, robust caching support is {}",
536 p_clcb->bda.ToRedactedStringForLogging(), robust_caching_support);
537
538 if (!db.IsEmpty()) {
539 p_clcb->p_srcb->gatt_database = db;
540 }
541
542 if (db.IsEmpty() || robust_caching_support != RobustCachingSupport::UNSUPPORTED) {
543 // If the peer device is expected to support robust caching, or if we
544 // don't know its services yet, then we should do discovery (which may
545 // short-circuit through a hash match, but might also do the full
546 // discovery).
547 p_clcb->p_srcb->state = BTA_GATTC_SERV_DISC;
548
549 /* set true to read database hash before service discovery */
550 p_clcb->p_srcb->srvc_hdl_db_hash = true;
551
552 /* cache load failure, start discovery */
553 bta_gattc_start_discover(p_clcb, NULL);
554 } else {
555 p_clcb->p_srcb->state = BTA_GATTC_SERV_IDLE;
556 bta_gattc_reset_discover_st(p_clcb->p_srcb, GATT_SUCCESS);
557 }
558 } else { /* cache is building */
559 p_clcb->state = BTA_GATTC_DISCOVER_ST;
560 }
561 } else {
562 /* a pending service handle change indication */
563 if (p_clcb->p_srcb->srvc_hdl_chg) {
564 p_clcb->p_srcb->srvc_hdl_chg = false;
565
566 /* set true to read database hash before service discovery */
567 p_clcb->p_srcb->srvc_hdl_db_hash = true;
568
569 /* start discovery */
570 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_DISCOVER_EVT, NULL);
571 }
572 }
573
574 if (p_clcb->p_rcb) {
575 /* there is no RM for GATT */
576 if (p_clcb->transport == BT_TRANSPORT_BR_EDR) {
577 bta_sys_conn_open(BTA_ID_GATTC, BTA_ALL_APP_ID, p_clcb->bda);
578 }
579
580 bta_gattc_send_open_cback(p_clcb->p_rcb, GATT_SUCCESS, p_clcb->bda, p_clcb->bta_conn_id,
581 p_clcb->transport, p_clcb->p_srcb->mtu);
582 }
583 }
584
585 /** close a connection */
bta_gattc_close_fail(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)586 void bta_gattc_close_fail(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
587 tBTA_GATTC cb_data;
588
589 if (p_clcb->p_rcb->p_cback) {
590 memset(&cb_data, 0, sizeof(tBTA_GATTC));
591 cb_data.close.client_if = p_clcb->p_rcb->client_if;
592 cb_data.close.conn_id = static_cast<tCONN_ID>(p_data->hdr.layer_specific);
593 cb_data.close.remote_bda = p_clcb->bda;
594 cb_data.close.reason = BTA_GATT_CONN_NONE;
595 cb_data.close.status = GATT_ERROR;
596
597 log::warn("conn_id=0x{:x}. Returns GATT_ERROR({}).", cb_data.close.conn_id, GATT_ERROR);
598
599 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_CLOSE_EVT, &cb_data);
600 }
601 }
602
603 /** close a GATTC connection */
bta_gattc_close(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)604 void bta_gattc_close(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
605 tBTA_GATTC_CBACK* p_cback = p_clcb->p_rcb->p_cback;
606 tBTA_GATTC_RCB* p_clreg = p_clcb->p_rcb;
607 tBTA_GATTC cb_data = {
608 .close =
609 {
610 .conn_id = p_clcb->bta_conn_id,
611 .status = GATT_SUCCESS,
612 .client_if = p_clcb->p_rcb->client_if,
613 .remote_bda = p_clcb->bda,
614 .reason = GATT_CONN_OK,
615 },
616 };
617
618 if (p_clcb->transport == BT_TRANSPORT_BR_EDR) {
619 bta_sys_conn_close(BTA_ID_GATTC, BTA_ALL_APP_ID, p_clcb->bda);
620 }
621
622 /* Disable notification registration for closed connection */
623 for (int i = 0; i < BTA_GATTC_NOTIF_REG_MAX; i++) {
624 if (p_clreg->notif_reg[i].in_use && p_clreg->notif_reg[i].remote_bda == p_clcb->bda) {
625 p_clreg->notif_reg[i].app_disconnected = true;
626 }
627 }
628
629 if (p_data->hdr.event == BTA_GATTC_INT_DISCONN_EVT) {
630 /* Since link has been disconnected by and it is possible that here are
631 * already some new p_clcb created for the background connect, the number of
632 * p_srcb->num_clcb is NOT 0. This will prevent p_srcb to be cleared inside
633 * the bta_gattc_clcb_dealloc.
634 *
635 * In this point of time, we know that link does not exist, so let's make
636 * sure the connection state, mtu and database is cleared.
637 */
638 bta_gattc_server_disconnected(p_clcb->p_srcb);
639 }
640
641 bta_gattc_clcb_dealloc(p_clcb);
642
643 if (p_data->hdr.event == BTA_GATTC_API_CLOSE_EVT) {
644 cb_data.close.status = GATT_Disconnect(static_cast<tCONN_ID>(p_data->hdr.layer_specific));
645 cb_data.close.reason = GATT_CONN_TERMINATE_LOCAL_HOST;
646 log::debug("Local close event client_if:{} conn_id:{} reason:{}", cb_data.close.client_if,
647 cb_data.close.conn_id,
648 gatt_disconnection_reason_text(
649 static_cast<tGATT_DISCONN_REASON>(cb_data.close.reason)));
650 } else if (p_data->hdr.event == BTA_GATTC_INT_DISCONN_EVT) {
651 cb_data.close.status = static_cast<tGATT_STATUS>(p_data->int_conn.reason);
652 cb_data.close.reason = p_data->int_conn.reason;
653 log::debug("Peer close disconnect event client_if:{} conn_id:{} reason:{}",
654 cb_data.close.client_if, cb_data.close.conn_id,
655 gatt_disconnection_reason_text(
656 static_cast<tGATT_DISCONN_REASON>(cb_data.close.reason)));
657 }
658
659 if (p_cback) {
660 (*p_cback)(BTA_GATTC_CLOSE_EVT, &cb_data);
661 }
662
663 if (p_clreg->num_clcb == 0 && p_clreg->dereg_pending) {
664 bta_gattc_deregister_cmpl(p_clreg);
665 }
666 }
667
668 /** when a SRCB finished discovery, tell all related clcb */
bta_gattc_reset_discover_st(tBTA_GATTC_SERV * p_srcb,tGATT_STATUS status)669 void bta_gattc_reset_discover_st(tBTA_GATTC_SERV* p_srcb, tGATT_STATUS status) {
670 for (auto& p_clcb : bta_gattc_cb.clcb_set) {
671 if (p_clcb->p_srcb != p_srcb) {
672 continue;
673 }
674 p_clcb->status = status;
675 bta_gattc_sm_execute(p_clcb.get(), BTA_GATTC_DISCOVER_CMPL_EVT, NULL);
676 }
677 }
678
679 /** close a GATTC connection while in discovery state */
bta_gattc_disc_close(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)680 void bta_gattc_disc_close(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
681 log::verbose("Discovery cancel conn_id=0x{:x}", p_clcb->bta_conn_id);
682
683 if (p_clcb->disc_active ||
684 (p_clcb->request_during_discovery == BTA_GATTC_DISCOVER_REQ_READ_DB_HASH ||
685 p_clcb->request_during_discovery == BTA_GATTC_DISCOVER_REQ_READ_DB_HASH_FOR_SVC_CHG)) {
686 bta_gattc_reset_discover_st(p_clcb->p_srcb, GATT_ERROR);
687 } else {
688 p_clcb->state = BTA_GATTC_CONN_ST;
689 }
690
691 // This function only gets called as the result of a BTA_GATTC_API_CLOSE_EVT
692 // while in the BTA_GATTC_DISCOVER_ST state. Once the state changes, the
693 // connection itself still needs to be closed to resolve the original event.
694 if (p_clcb->state == BTA_GATTC_CONN_ST) {
695 log::verbose("State is back to BTA_GATTC_CONN_ST. Trigger connection close");
696 bta_gattc_close(p_clcb, p_data);
697 }
698 }
699
700 /** when a SRCB start discovery, tell all related clcb and set the state */
bta_gattc_set_discover_st(tBTA_GATTC_SERV * p_srcb)701 static void bta_gattc_set_discover_st(tBTA_GATTC_SERV* p_srcb) {
702 for (auto& p_clcb : bta_gattc_cb.clcb_set) {
703 if (p_clcb->p_srcb != p_srcb) {
704 continue;
705 }
706 p_clcb->status = GATT_SUCCESS;
707 p_clcb->state = BTA_GATTC_DISCOVER_ST;
708 p_clcb->request_during_discovery = BTA_GATTC_DISCOVER_REQ_NONE;
709 }
710 }
711
712 /** process service change in discovery state, mark up the auto update flag and
713 * set status to be discovery cancel for current discovery.
714 */
bta_gattc_restart_discover(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA *)715 void bta_gattc_restart_discover(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* /* p_data */) {
716 p_clcb->status = GATT_CANCEL;
717 p_clcb->auto_update = BTA_GATTC_DISC_WAITING;
718 }
719
720 /** Configure MTU size on the GATT connection */
bta_gattc_cfg_mtu(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)721 void bta_gattc_cfg_mtu(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
722 uint16_t current_mtu = 0;
723 auto result =
724 GATTC_TryMtuRequest(p_clcb->bda, p_clcb->transport, p_clcb->bta_conn_id, ¤t_mtu);
725 switch (result) {
726 case MTU_EXCHANGE_DEVICE_DISCONNECTED:
727 log::info("Device {} disconnected", p_clcb->bda);
728 bta_gattc_cmpl_sendmsg(p_clcb->bta_conn_id, GATTC_OPTYPE_CONFIG, GATT_NO_RESOURCES, NULL);
729 bta_gattc_continue(p_clcb);
730 return;
731 case MTU_EXCHANGE_NOT_ALLOWED:
732 log::info("Not allowed for BR/EDR devices {}", p_clcb->bda);
733 bta_gattc_cmpl_sendmsg(p_clcb->bta_conn_id, GATTC_OPTYPE_CONFIG, GATT_ERR_UNLIKELY, NULL);
734 bta_gattc_continue(p_clcb);
735 return;
736 case MTU_EXCHANGE_ALREADY_DONE:
737 /* Check if MTU is not already set, if so, just report it back to the user
738 * and continue with other requests.
739 */
740 GATTC_UpdateUserAttMtuIfNeeded(p_clcb->bda, p_clcb->transport, p_data->api_mtu.mtu);
741 bta_gattc_send_mtu_response(p_clcb, p_data, current_mtu);
742 return;
743 case MTU_EXCHANGE_IN_PROGRESS:
744 log::info("Enqueue MTU Request - waiting for response on p_clcb {}",
745 std::format_ptr(p_clcb));
746 /* MTU request is in progress and this one will not be sent to remote
747 * device. Just push back on the queue and response will be sent up to
748 * the upper layer when MTU Exchange will be completed.
749 */
750 p_clcb->p_q_cmd_queue.push_back(p_data);
751 return;
752
753 case MTU_EXCHANGE_NOT_DONE_YET:
754 /* OK to proceed */
755 break;
756 }
757
758 if (bta_gattc_enqueue(p_clcb, p_data) == ENQUEUED_FOR_LATER) {
759 return;
760 }
761
762 tGATT_STATUS status = GATTC_ConfigureMTU(p_clcb->bta_conn_id, p_data->api_mtu.mtu);
763
764 /* if failed, return callback here */
765 if (status != GATT_SUCCESS && status != GATT_CMD_STARTED) {
766 /* Dequeue the data, if it was enqueued */
767 if (p_clcb->p_q_cmd == p_data) {
768 p_clcb->p_q_cmd = NULL;
769 }
770
771 bta_gattc_cmpl_sendmsg(p_clcb->bta_conn_id, GATTC_OPTYPE_CONFIG, status, NULL);
772 bta_gattc_continue(p_clcb);
773 }
774 }
775
bta_gattc_start_discover_internal(tBTA_GATTC_CLCB * p_clcb)776 void bta_gattc_start_discover_internal(tBTA_GATTC_CLCB* p_clcb) {
777 if (p_clcb->transport == BT_TRANSPORT_LE) {
778 bluetooth::stack::l2cap::get_interface().L2CA_LockBleConnParamsForServiceDiscovery(
779 p_clcb->p_srcb->server_bda, true);
780 }
781
782 bta_gattc_init_cache(p_clcb->p_srcb);
783 p_clcb->status =
784 bta_gattc_discover_pri_service(p_clcb->bta_conn_id, p_clcb->p_srcb, GATT_DISC_SRVC_ALL);
785 if (p_clcb->status != GATT_SUCCESS) {
786 log::error("discovery on server failed");
787 bta_gattc_reset_discover_st(p_clcb->p_srcb, p_clcb->status);
788 } else {
789 p_clcb->disc_active = true;
790 }
791 }
792
793 static void bta_gattc_continue_with_version_and_cache_known(tBTA_GATTC_CLCB* p_clcb,
794 RobustCachingSupport cache_support,
795 bool is_svc_chg);
796
797 /** Start a discovery on server */
bta_gattc_start_discover(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA *)798 void bta_gattc_start_discover(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* /* p_data */) {
799 log::verbose("conn_id:0x{:x} p_clcb->p_srcb->state:{}", p_clcb->bta_conn_id,
800 p_clcb->p_srcb->state);
801
802 if (((p_clcb->p_q_cmd == NULL || p_clcb->auto_update == BTA_GATTC_REQ_WAITING) &&
803 p_clcb->p_srcb->state == BTA_GATTC_SERV_IDLE) ||
804 p_clcb->p_srcb->state == BTA_GATTC_SERV_DISC)
805 /* no pending operation, start discovery right away */
806 {
807 p_clcb->auto_update = BTA_GATTC_NO_SCHEDULE;
808
809 if (p_clcb->p_srcb == NULL) {
810 log::error("unknown device, can not start discovery");
811 return;
812 }
813
814 /* set all srcb related clcb into discovery ST */
815 bta_gattc_set_discover_st(p_clcb->p_srcb);
816
817 // Before clear mask, set is_svc_chg to
818 // 1. true, invoked by service changed indication
819 // 2. false, invoked by connect API
820 bool is_svc_chg = p_clcb->p_srcb->srvc_hdl_chg;
821
822 /* clear the service change mask */
823 p_clcb->p_srcb->srvc_hdl_chg = false;
824 p_clcb->p_srcb->update_count = 0;
825 p_clcb->p_srcb->state = BTA_GATTC_SERV_DISC_ACT;
826 p_clcb->p_srcb->disc_blocked_waiting_on_version = false;
827
828 auto cache_support = GetRobustCachingSupport(p_clcb, p_clcb->p_srcb->gatt_database);
829 if (cache_support == RobustCachingSupport::W4_REMOTE_VERSION) {
830 log::info("Pausing service discovery till remote version is read conn_id:{}",
831 p_clcb->bta_conn_id);
832 p_clcb->p_srcb->disc_blocked_waiting_on_version = true;
833 p_clcb->p_srcb->blocked_conn_id = p_clcb->bta_conn_id;
834 return;
835 }
836
837 bta_gattc_continue_with_version_and_cache_known(p_clcb, cache_support, is_svc_chg);
838 } else {
839 /* pending operation, wait until it finishes */
840 p_clcb->auto_update = BTA_GATTC_DISC_WAITING;
841
842 if (p_clcb->p_srcb->state == BTA_GATTC_SERV_IDLE) {
843 p_clcb->state = BTA_GATTC_CONN_ST; /* set clcb state */
844 }
845 }
846 }
847
bta_gattc_continue_discovery_if_needed(const RawAddress & bd_addr,uint16_t)848 void bta_gattc_continue_discovery_if_needed(const RawAddress& bd_addr, uint16_t /* acl_handle */) {
849 tBTA_GATTC_SERV* p_srcb = bta_gattc_find_srvr_cache(bd_addr);
850 if (!p_srcb || !p_srcb->disc_blocked_waiting_on_version) {
851 return;
852 }
853
854 tCONN_ID conn_id = p_srcb->blocked_conn_id;
855
856 p_srcb->disc_blocked_waiting_on_version = false;
857 p_srcb->blocked_conn_id = 0;
858
859 log::info("Received remote version, continue service discovery for {}", bd_addr);
860
861 tBTA_GATTC_CLCB* p_clcb = bta_gattc_find_clcb_by_conn_id(conn_id);
862
863 if (!p_clcb) {
864 log::error("Can't find CLCB to continue service discovery, id:{}", conn_id);
865 return;
866 }
867
868 bool is_svc_chg = p_clcb->p_srcb->srvc_hdl_chg;
869
870 auto cache_support = GetRobustCachingSupport(p_clcb, p_clcb->p_srcb->gatt_database);
871 bta_gattc_continue_with_version_and_cache_known(p_clcb, cache_support, is_svc_chg);
872 }
873
bta_gattc_continue_with_version_and_cache_known(tBTA_GATTC_CLCB * p_clcb,RobustCachingSupport cache_support,bool is_svc_chg)874 void bta_gattc_continue_with_version_and_cache_known(tBTA_GATTC_CLCB* p_clcb,
875 RobustCachingSupport cache_support,
876 bool is_svc_chg) {
877 if (cache_support == RobustCachingSupport::UNSUPPORTED ||
878 (com::android::bluetooth::flags::skip_unknown_robust_caching() &&
879 cache_support == RobustCachingSupport::UNKNOWN)) {
880 // Skip initial DB hash read if no DB hash is known, or if
881 // we have strong reason (due to interop,
882 // or a prior discovery) to believe that it is unsupported.
883 p_clcb->p_srcb->srvc_hdl_db_hash = false;
884 }
885
886 /* read db hash if db hash characteristic exists */
887 if (p_clcb->p_srcb->srvc_hdl_db_hash && bta_gattc_read_db_hash(p_clcb, is_svc_chg)) {
888 log::info("pending service discovery, read db hash first conn_id:0x{:x}", p_clcb->bta_conn_id);
889 p_clcb->p_srcb->srvc_hdl_db_hash = false;
890 return;
891 }
892 bta_gattc_start_discover_internal(p_clcb);
893 }
894
895 /** discovery on server is finished */
bta_gattc_disc_cmpl(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA *)896 void bta_gattc_disc_cmpl(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* /* p_data */) {
897 const tBTA_GATTC_DATA* p_q_cmd = p_clcb->p_q_cmd;
898
899 log::verbose("conn_id=0x{:x}", p_clcb->bta_conn_id);
900
901 if (p_clcb->transport == BT_TRANSPORT_LE) {
902 bluetooth::stack::l2cap::get_interface().L2CA_LockBleConnParamsForServiceDiscovery(
903 p_clcb->p_srcb->server_bda, false);
904 }
905 p_clcb->p_srcb->state = BTA_GATTC_SERV_IDLE;
906 p_clcb->disc_active = false;
907
908 if (p_clcb->status != GATT_SUCCESS) {
909 /* clean up cache */
910 if (p_clcb->p_srcb) {
911 p_clcb->p_srcb->gatt_database.Clear();
912 }
913
914 /* used to reset cache in application */
915 bta_gattc_cache_reset(p_clcb->p_srcb->server_bda);
916 }
917
918 if (p_clcb->p_srcb) {
919 p_clcb->p_srcb->pending_discovery.Clear();
920 }
921
922 if (p_clcb->auto_update == BTA_GATTC_DISC_WAITING) {
923 /* start discovery again */
924 p_clcb->auto_update = BTA_GATTC_REQ_WAITING;
925 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_DISCOVER_EVT, NULL);
926 } else if (p_q_cmd != NULL) {
927 /* get any queued command to proceed */
928 p_clcb->p_q_cmd = NULL;
929 /* execute pending operation of link block still present */
930 if (bluetooth::stack::l2cap::get_interface().L2CA_IsLinkEstablished(p_clcb->p_srcb->server_bda,
931 p_clcb->transport)) {
932 bta_gattc_sm_execute(p_clcb, p_q_cmd->hdr.event, p_q_cmd);
933 }
934 /* if the command executed requeued the cmd, we don't
935 * want to free the underlying buffer that's being
936 * referenced by p_clcb->p_q_cmd
937 */
938 if (!bta_gattc_is_data_queued(p_clcb, p_q_cmd)) {
939 osi_free_and_reset((void**)&p_q_cmd);
940 }
941 } else {
942 bta_gattc_continue(p_clcb);
943 }
944
945 if (p_clcb->p_rcb->p_cback) {
946 tBTA_GATTC bta_gattc = {
947 .service_discovery_done.remote_bda = p_clcb->p_srcb->server_bda,
948 };
949 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_SRVC_DISC_DONE_EVT, &bta_gattc);
950 }
951 }
952
953 /** Read an attribute */
bta_gattc_read(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)954 void bta_gattc_read(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
955 if (bta_gattc_enqueue(p_clcb, p_data) == ENQUEUED_FOR_LATER) {
956 return;
957 }
958
959 tGATT_STATUS status;
960 if (p_data->api_read.handle != 0) {
961 tGATT_READ_PARAM read_param;
962 memset(&read_param, 0, sizeof(tGATT_READ_PARAM));
963 read_param.by_handle.handle = p_data->api_read.handle;
964 read_param.by_handle.auth_req = p_data->api_read.auth_req;
965 status = GATTC_Read(p_clcb->bta_conn_id, GATT_READ_BY_HANDLE, &read_param);
966 } else {
967 tGATT_READ_PARAM read_param;
968 memset(&read_param, 0, sizeof(tGATT_READ_BY_TYPE));
969
970 read_param.char_type.s_handle = p_data->api_read.s_handle;
971 read_param.char_type.e_handle = p_data->api_read.e_handle;
972 read_param.char_type.uuid = p_data->api_read.uuid;
973 read_param.char_type.auth_req = p_data->api_read.auth_req;
974 status = GATTC_Read(p_clcb->bta_conn_id, GATT_READ_BY_TYPE, &read_param);
975 }
976
977 /* read fail */
978 if (status != GATT_SUCCESS) {
979 /* Dequeue the data, if it was enqueued */
980 if (p_clcb->p_q_cmd == p_data) {
981 p_clcb->p_q_cmd = NULL;
982 }
983
984 bta_gattc_cmpl_sendmsg(p_clcb->bta_conn_id, GATTC_OPTYPE_READ, status, NULL);
985 bta_gattc_continue(p_clcb);
986 }
987 }
988
989 /** read multiple */
bta_gattc_read_multi(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)990 void bta_gattc_read_multi(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
991 if (bta_gattc_enqueue(p_clcb, p_data) == ENQUEUED_FOR_LATER) {
992 return;
993 }
994
995 if (p_data->api_read_multi.handles.num_attr > GATT_MAX_READ_MULTI_HANDLES) {
996 log::error("api_read_multi.num_attr > GATT_MAX_READ_MULTI_HANDLES");
997 return;
998 }
999
1000 tGATT_READ_PARAM read_param;
1001 memset(&read_param, 0, sizeof(tGATT_READ_PARAM));
1002
1003 read_param.read_multiple.num_handles = p_data->api_read_multi.handles.num_attr;
1004 read_param.read_multiple.auth_req = p_data->api_read_multi.auth_req;
1005 read_param.read_multiple.variable_len = p_data->api_read_multi.variable_len;
1006 memcpy(&read_param.read_multiple.handles, p_data->api_read_multi.handles.handles,
1007 sizeof(uint16_t) * p_data->api_read_multi.handles.num_attr);
1008
1009 tGATT_READ_TYPE read_type =
1010 (read_param.read_multiple.variable_len) ? GATT_READ_MULTIPLE_VAR_LEN : GATT_READ_MULTIPLE;
1011 tGATT_STATUS status = GATTC_Read(p_clcb->bta_conn_id, read_type, &read_param);
1012 /* read fail */
1013 if (status != GATT_SUCCESS) {
1014 /* Dequeue the data, if it was enqueued */
1015 if (p_clcb->p_q_cmd == p_data) {
1016 p_clcb->p_q_cmd = NULL;
1017 }
1018
1019 bta_gattc_cmpl_sendmsg(p_clcb->bta_conn_id, GATTC_OPTYPE_READ, status, NULL);
1020 bta_gattc_continue(p_clcb);
1021 }
1022 }
1023
1024 /** Write an attribute */
bta_gattc_write(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)1025 void bta_gattc_write(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
1026 if (bta_gattc_enqueue(p_clcb, p_data) == ENQUEUED_FOR_LATER) {
1027 return;
1028 }
1029
1030 tGATT_STATUS status = GATT_SUCCESS;
1031 tGATT_VALUE attr;
1032
1033 attr.conn_id = p_clcb->bta_conn_id;
1034 attr.handle = p_data->api_write.handle;
1035 attr.offset = p_data->api_write.offset;
1036 attr.len = p_data->api_write.len;
1037 attr.auth_req = p_data->api_write.auth_req;
1038
1039 /* Before coping to the fixed array, make sure it fits. */
1040 if (attr.len > GATT_MAX_ATTR_LEN) {
1041 status = GATT_INVALID_ATTR_LEN;
1042 } else {
1043 if (p_data->api_write.p_value) {
1044 memcpy(attr.value, p_data->api_write.p_value, p_data->api_write.len);
1045 }
1046
1047 status = GATTC_Write(p_clcb->bta_conn_id, p_data->api_write.write_type, &attr);
1048 }
1049
1050 /* write fail */
1051 if (status != GATT_SUCCESS) {
1052 /* Dequeue the data, if it was enqueued */
1053 if (p_clcb->p_q_cmd == p_data) {
1054 p_clcb->p_q_cmd = NULL;
1055 }
1056
1057 bta_gattc_cmpl_sendmsg(p_clcb->bta_conn_id, GATTC_OPTYPE_WRITE, status, NULL);
1058 bta_gattc_continue(p_clcb);
1059 }
1060 }
1061
1062 /** send execute write */
bta_gattc_execute(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)1063 void bta_gattc_execute(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
1064 if (bta_gattc_enqueue(p_clcb, p_data) == ENQUEUED_FOR_LATER) {
1065 return;
1066 }
1067
1068 tGATT_STATUS status = GATTC_ExecuteWrite(p_clcb->bta_conn_id, p_data->api_exec.is_execute);
1069 if (status != GATT_SUCCESS) {
1070 /* Dequeue the data, if it was enqueued */
1071 if (p_clcb->p_q_cmd == p_data) {
1072 p_clcb->p_q_cmd = NULL;
1073 }
1074
1075 bta_gattc_cmpl_sendmsg(p_clcb->bta_conn_id, GATTC_OPTYPE_EXE_WRITE, status, NULL);
1076 bta_gattc_continue(p_clcb);
1077 }
1078 }
1079
1080 /** send handle value confirmation */
bta_gattc_confirm(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)1081 void bta_gattc_confirm(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
1082 uint16_t cid = p_data->api_confirm.cid;
1083 auto conn_id = static_cast<tCONN_ID>(p_data->api_confirm.hdr.layer_specific);
1084 if (GATTC_SendHandleValueConfirm(conn_id, cid) != GATT_SUCCESS) {
1085 log::error("to cid=0x{:x} failed", cid);
1086 } else {
1087 /* if over BR_EDR, inform PM for mode change */
1088 if (p_clcb->transport == BT_TRANSPORT_BR_EDR) {
1089 bta_sys_busy(BTA_ID_GATTC, BTA_ALL_APP_ID, p_clcb->bda);
1090 bta_sys_idle(BTA_ID_GATTC, BTA_ALL_APP_ID, p_clcb->bda);
1091 }
1092 }
1093 }
1094
1095 /** read complete */
bta_gattc_read_cmpl(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_OP_CMPL * p_data)1096 static void bta_gattc_read_cmpl(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_OP_CMPL* p_data) {
1097 void* my_cb_data;
1098
1099 if (!p_clcb->p_q_cmd->api_read.is_multi_read) {
1100 GATT_READ_OP_CB cb = p_clcb->p_q_cmd->api_read.read_cb;
1101 my_cb_data = p_clcb->p_q_cmd->api_read.read_cb_data;
1102
1103 /* if it was read by handle, return the handle requested, if read by UUID,
1104 * use handle returned from remote
1105 */
1106 uint16_t handle = p_clcb->p_q_cmd->api_read.handle;
1107 if (handle == 0) {
1108 handle = p_data->p_cmpl->att_value.handle;
1109 }
1110
1111 osi_free_and_reset((void**)&p_clcb->p_q_cmd);
1112
1113 if (cb) {
1114 cb(p_clcb->bta_conn_id, p_data->status, handle, p_data->p_cmpl->att_value.len,
1115 p_data->p_cmpl->att_value.value, my_cb_data);
1116 }
1117 } else {
1118 GATT_READ_MULTI_OP_CB cb = p_clcb->p_q_cmd->api_read_multi.read_cb;
1119 my_cb_data = p_clcb->p_q_cmd->api_read_multi.read_cb_data;
1120 tBTA_GATTC_MULTI handles = p_clcb->p_q_cmd->api_read_multi.handles;
1121
1122 osi_free_and_reset((void**)&p_clcb->p_q_cmd);
1123
1124 if (cb) {
1125 cb(p_clcb->bta_conn_id, p_data->status, handles, p_data->p_cmpl->att_value.len,
1126 p_data->p_cmpl->att_value.value, my_cb_data);
1127 }
1128 }
1129 }
1130
1131 /** write complete */
bta_gattc_write_cmpl(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_OP_CMPL * p_data)1132 static void bta_gattc_write_cmpl(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_OP_CMPL* p_data) {
1133 GATT_WRITE_OP_CB cb = p_clcb->p_q_cmd->api_write.write_cb;
1134 void* my_cb_data = p_clcb->p_q_cmd->api_write.write_cb_data;
1135
1136 if (cb) {
1137 if (p_data->status == 0 && p_clcb->p_q_cmd->api_write.write_type == BTA_GATTC_WRITE_PREPARE) {
1138 log::debug("Handling prepare write success response: handle 0x{:04x}",
1139 p_data->p_cmpl->att_value.handle);
1140 /* If this is successful Prepare write, lets provide to the callback the
1141 * data provided by server */
1142 cb(p_clcb->bta_conn_id, p_data->status, p_data->p_cmpl->att_value.handle,
1143 p_data->p_cmpl->att_value.len, p_data->p_cmpl->att_value.value, my_cb_data);
1144 } else {
1145 log::debug("Handling write response type: {}: handle 0x{:04x}",
1146 p_clcb->p_q_cmd->api_write.write_type, p_data->p_cmpl->att_value.handle);
1147 /* Otherwise, provide data which were intended to write. */
1148 cb(p_clcb->bta_conn_id, p_data->status, p_data->p_cmpl->att_value.handle,
1149 p_clcb->p_q_cmd->api_write.len, p_clcb->p_q_cmd->api_write.p_value, my_cb_data);
1150 }
1151 }
1152
1153 osi_free_and_reset((void**)&p_clcb->p_q_cmd);
1154 }
1155
1156 /** execute write complete */
bta_gattc_exec_cmpl(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_OP_CMPL * p_data)1157 static void bta_gattc_exec_cmpl(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_OP_CMPL* p_data) {
1158 tBTA_GATTC cb_data;
1159
1160 osi_free_and_reset((void**)&p_clcb->p_q_cmd);
1161 p_clcb->status = GATT_SUCCESS;
1162
1163 /* execute complete, callback */
1164 cb_data.exec_cmpl.conn_id = p_clcb->bta_conn_id;
1165 cb_data.exec_cmpl.status = p_data->status;
1166
1167 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_EXEC_EVT, &cb_data);
1168 }
1169
1170 /** configure MTU operation complete */
bta_gattc_cfg_mtu_cmpl(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_OP_CMPL * p_data)1171 static void bta_gattc_cfg_mtu_cmpl(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_OP_CMPL* p_data) {
1172 tBTA_GATTC cb_data;
1173
1174 p_clcb->status = p_data->status;
1175 if (p_clcb->p_q_cmd) {
1176 GATT_CONFIGURE_MTU_OP_CB cb = p_clcb->p_q_cmd->api_mtu.mtu_cb;
1177 void* my_cb_data = p_clcb->p_q_cmd->api_mtu.mtu_cb_data;
1178
1179 osi_free_and_reset((void**)&p_clcb->p_q_cmd);
1180
1181 if (p_data->p_cmpl && p_data->status == GATT_SUCCESS) {
1182 p_clcb->p_srcb->mtu = p_data->p_cmpl->mtu;
1183 }
1184
1185 if (cb) {
1186 cb(p_clcb->bta_conn_id, p_data->status, my_cb_data);
1187 }
1188 }
1189
1190 /* configure MTU complete, callback */
1191 cb_data.cfg_mtu.conn_id = p_clcb->bta_conn_id;
1192 cb_data.cfg_mtu.status = p_data->status;
1193 cb_data.cfg_mtu.mtu = p_clcb->p_srcb->mtu;
1194
1195 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_CFG_MTU_EVT, &cb_data);
1196 }
1197
1198 /** operation completed */
bta_gattc_op_cmpl(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)1199 void bta_gattc_op_cmpl(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
1200 if (p_clcb->p_q_cmd == NULL) {
1201 if (com::android::bluetooth::flags::gatt_callback_on_failure() &&
1202 p_data->op_cmpl.op_code == GATTC_OPTYPE_CONFIG) {
1203 bta_gattc_cfg_mtu_cmpl(p_clcb, &p_data->op_cmpl);
1204 return;
1205 }
1206 log::error("No pending command gatt client command");
1207 return;
1208 }
1209 const tGATTC_OPTYPE op = p_data->op_cmpl.op_code;
1210 switch (op) {
1211 case GATTC_OPTYPE_READ:
1212 case GATTC_OPTYPE_WRITE:
1213 case GATTC_OPTYPE_EXE_WRITE:
1214 case GATTC_OPTYPE_CONFIG:
1215 break;
1216
1217 case GATTC_OPTYPE_NONE:
1218 case GATTC_OPTYPE_DISCOVERY:
1219 case GATTC_OPTYPE_NOTIFICATION:
1220 case GATTC_OPTYPE_INDICATION:
1221 default:
1222 log::error("unexpected operation, ignored");
1223 return;
1224 }
1225
1226 if (p_clcb->p_q_cmd->hdr.event != bta_gattc_opcode_to_int_evt[op - GATTC_OPTYPE_READ] &&
1227 (p_clcb->p_q_cmd->hdr.event != BTA_GATTC_API_READ_MULTI_EVT || op != GATTC_OPTYPE_READ)) {
1228 uint8_t mapped_op = p_clcb->p_q_cmd->hdr.event - BTA_GATTC_API_READ_EVT + GATTC_OPTYPE_READ;
1229
1230 if (mapped_op > GATTC_OPTYPE_INDICATION) {
1231 mapped_op = 0;
1232 }
1233
1234 log::error("expect op:({} :0x{:04x}), receive unexpected operation ({}).",
1235 bta_gattc_op_code_name[mapped_op], p_clcb->p_q_cmd->hdr.event,
1236 bta_gattc_op_code_name[op]);
1237 return;
1238 }
1239
1240 /* Except for MTU configuration, discard responses if service change
1241 * indication is received before operation completed
1242 */
1243 if (p_clcb->auto_update == BTA_GATTC_DISC_WAITING && p_clcb->p_srcb->srvc_hdl_chg &&
1244 op != GATTC_OPTYPE_CONFIG) {
1245 log::verbose("Discard all responses when service change indication is received.");
1246 // TODO Fix constness
1247 const_cast<tBTA_GATTC_DATA*>(p_data)->op_cmpl.status = GATT_ERROR;
1248 }
1249
1250 /* service handle change void the response, discard it */
1251 if (op == GATTC_OPTYPE_READ) {
1252 bta_gattc_read_cmpl(p_clcb, &p_data->op_cmpl);
1253 } else if (op == GATTC_OPTYPE_WRITE) {
1254 bta_gattc_write_cmpl(p_clcb, &p_data->op_cmpl);
1255 } else if (op == GATTC_OPTYPE_EXE_WRITE) {
1256 bta_gattc_exec_cmpl(p_clcb, &p_data->op_cmpl);
1257 } else if (op == GATTC_OPTYPE_CONFIG) {
1258 bta_gattc_cfg_mtu_cmpl(p_clcb, &p_data->op_cmpl);
1259
1260 /* If there are more clients waiting for the MTU results on the same device,
1261 * lets trigger them now.
1262 */
1263 auto outstanding_conn_ids = GATTC_GetAndRemoveListOfConnIdsWaitingForMtuRequest(p_clcb->bda);
1264 for (auto conn_id : outstanding_conn_ids) {
1265 tBTA_GATTC_CLCB* p_clcb = bta_gattc_find_clcb_by_conn_id(conn_id);
1266 log::debug("Continue MTU request clcb {}", std::format_ptr(p_clcb));
1267 if (p_clcb) {
1268 log::debug("Continue MTU request for client conn_id=0x{:04x}", conn_id);
1269 bta_gattc_continue(p_clcb);
1270 }
1271 }
1272 }
1273
1274 // If receive DATABASE_OUT_OF_SYNC error code, bta_gattc should start service
1275 // discovery immediately
1276 if (p_data->op_cmpl.status == GATT_DATABASE_OUT_OF_SYNC) {
1277 log::info("DATABASE_OUT_OF_SYNC, re-discover service");
1278 p_clcb->auto_update = BTA_GATTC_REQ_WAITING;
1279 /* request read db hash first */
1280 p_clcb->p_srcb->srvc_hdl_db_hash = true;
1281 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_DISCOVER_EVT, NULL);
1282 return;
1283 }
1284
1285 if (p_clcb->auto_update == BTA_GATTC_DISC_WAITING) {
1286 p_clcb->auto_update = BTA_GATTC_REQ_WAITING;
1287
1288 /* request read db hash first */
1289 p_clcb->p_srcb->srvc_hdl_db_hash = true;
1290
1291 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_DISCOVER_EVT, NULL);
1292 return;
1293 }
1294
1295 bta_gattc_continue(p_clcb);
1296 }
1297
1298 /** start a search in the local server cache */
bta_gattc_search(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)1299 void bta_gattc_search(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
1300 tGATT_STATUS status = GATT_INTERNAL_ERROR;
1301 tBTA_GATTC cb_data;
1302 log::verbose("conn_id=0x{:x}", p_clcb->bta_conn_id);
1303 if (p_clcb->p_srcb && !p_clcb->p_srcb->gatt_database.IsEmpty()) {
1304 status = GATT_SUCCESS;
1305 /* search the local cache of a server device */
1306 bta_gattc_search_service(p_clcb, p_data->api_search.p_srvc_uuid);
1307 }
1308 cb_data.search_cmpl.status = status;
1309 cb_data.search_cmpl.conn_id = p_clcb->bta_conn_id;
1310
1311 /* end of search or no server cache available */
1312 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_SEARCH_CMPL_EVT, &cb_data);
1313 }
1314
1315 /** enqueue a command into control block, usually because discovery operation is
1316 * busy */
bta_gattc_q_cmd(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA * p_data)1317 void bta_gattc_q_cmd(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* p_data) {
1318 bta_gattc_enqueue(p_clcb, p_data);
1319 }
1320
1321 /** report API call failure back to apps */
bta_gattc_fail(tBTA_GATTC_CLCB * p_clcb,const tBTA_GATTC_DATA *)1322 void bta_gattc_fail(tBTA_GATTC_CLCB* p_clcb, const tBTA_GATTC_DATA* /* p_data */) {
1323 if (p_clcb->status == GATT_SUCCESS) {
1324 log::error("operation not supported at current state {}", p_clcb->state);
1325 }
1326 }
1327
1328 /* De-Register a GATT client application with BTA completed */
bta_gattc_deregister_cmpl(tBTA_GATTC_RCB * p_clreg)1329 static void bta_gattc_deregister_cmpl(tBTA_GATTC_RCB* p_clreg) {
1330 tGATT_IF client_if = p_clreg->client_if;
1331 tBTA_GATTC cb_data;
1332 tBTA_GATTC_CBACK* p_cback = p_clreg->p_cback;
1333
1334 memset(&cb_data, 0, sizeof(tBTA_GATTC));
1335
1336 GATT_Deregister(p_clreg->client_if);
1337 if (bta_gattc_cb.cl_rcb_map.erase(p_clreg->client_if) == 0) {
1338 log::warn("deregistered unknown rcb client_if={}", p_clreg->client_if);
1339 }
1340
1341 cb_data.reg_oper.client_if = client_if;
1342 cb_data.reg_oper.status = GATT_SUCCESS;
1343
1344 if (p_cback) { /* callback with de-register event */
1345 (*p_cback)(BTA_GATTC_DEREG_EVT, &cb_data);
1346 }
1347
1348 if (bta_gattc_num_reg_app() == 0 && bta_gattc_cb.state == BTA_GATTC_STATE_DISABLING) {
1349 bta_gattc_cb.state = BTA_GATTC_STATE_DISABLED;
1350 }
1351 }
1352
1353 /** callback functions to GATT client stack */
bta_gattc_conn_cback(tGATT_IF gattc_if,const RawAddress & bdaddr,tCONN_ID conn_id,bool connected,tGATT_DISCONN_REASON reason,tBT_TRANSPORT transport)1354 static void bta_gattc_conn_cback(tGATT_IF gattc_if, const RawAddress& bdaddr, tCONN_ID conn_id,
1355 bool connected, tGATT_DISCONN_REASON reason,
1356 tBT_TRANSPORT transport) {
1357 if (connected) {
1358 log::info("Connected client_if:{} addr:{}, transport:{} reason:{}", gattc_if, bdaddr,
1359 bt_transport_text(transport), gatt_disconnection_reason_text(reason));
1360 btif_debug_conn_state(bdaddr, BTIF_DEBUG_CONNECTED, reason);
1361 } else {
1362 log::info("Disconnected att_id:{} addr:{}, transport:{} reason:{}", gattc_if, bdaddr,
1363 bt_transport_text(transport), gatt_disconnection_reason_text(reason));
1364 btif_debug_conn_state(bdaddr, BTIF_DEBUG_DISCONNECTED, reason);
1365 }
1366
1367 tBTA_GATTC_DATA* p_buf = (tBTA_GATTC_DATA*)osi_calloc(sizeof(tBTA_GATTC_DATA));
1368 p_buf->int_conn.hdr.event = connected ? BTA_GATTC_INT_CONN_EVT : BTA_GATTC_INT_DISCONN_EVT;
1369 p_buf->int_conn.hdr.layer_specific = static_cast<uint16_t>(conn_id);
1370 p_buf->int_conn.client_if = gattc_if;
1371 p_buf->int_conn.role = bluetooth::stack::l2cap::get_interface().L2CA_GetBleConnRole(bdaddr);
1372 p_buf->int_conn.reason = reason;
1373 p_buf->int_conn.transport = transport;
1374 p_buf->int_conn.remote_bda = bdaddr;
1375
1376 bta_sys_sendmsg(p_buf);
1377 }
1378
1379 /** encryption complete callback function to GATT client stack */
bta_gattc_enc_cmpl_cback(tGATT_IF gattc_if,const RawAddress & bda)1380 static void bta_gattc_enc_cmpl_cback(tGATT_IF gattc_if, const RawAddress& bda) {
1381 tBTA_GATTC_CLCB* p_clcb = bta_gattc_find_clcb_by_cif(gattc_if, bda, BT_TRANSPORT_LE);
1382
1383 if (p_clcb == NULL) {
1384 return;
1385 }
1386
1387 log::verbose("cif:{}", gattc_if);
1388
1389 do_in_main_thread(base::BindOnce(&bta_gattc_process_enc_cmpl, gattc_if, bda));
1390 }
1391
1392 /** process refresh API to delete cache and start a new discovery if currently
1393 * connected */
bta_gattc_process_api_refresh(const RawAddress & remote_bda)1394 void bta_gattc_process_api_refresh(const RawAddress& remote_bda) {
1395 tBTA_GATTC_SERV* p_srvc_cb = bta_gattc_find_srvr_cache(remote_bda);
1396 if (p_srvc_cb) {
1397 /* try to find a CLCB */
1398 if (p_srvc_cb->connected && p_srvc_cb->num_clcb != 0) {
1399 bool found = false;
1400 tBTA_GATTC_CLCB* p_clcb = &bta_gattc_cb.clcb[0];
1401 for (auto& p_clcb_i : bta_gattc_cb.clcb_set) {
1402 if (p_clcb_i->in_use && p_clcb_i->p_srcb == p_srvc_cb) {
1403 p_clcb = p_clcb_i.get();
1404 found = true;
1405 break;
1406 }
1407 }
1408 if (found) {
1409 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_DISCOVER_EVT, NULL);
1410 return;
1411 }
1412 }
1413 /* in all other cases, mark it and delete the cache */
1414
1415 p_srvc_cb->gatt_database.Clear();
1416 }
1417
1418 /* used to reset cache in application */
1419 bta_gattc_cache_reset(remote_bda);
1420 }
1421
1422 /** process service change indication */
bta_gattc_process_srvc_chg_ind(tCONN_ID conn_id,tBTA_GATTC_RCB * p_clrcb,tBTA_GATTC_SERV * p_srcb,tBTA_GATTC_CLCB * p_clcb,tBTA_GATTC_NOTIFY * p_notify,tGATT_VALUE * att_value)1423 static bool bta_gattc_process_srvc_chg_ind(tCONN_ID conn_id, tBTA_GATTC_RCB* p_clrcb,
1424 tBTA_GATTC_SERV* p_srcb, tBTA_GATTC_CLCB* p_clcb,
1425 tBTA_GATTC_NOTIFY* p_notify, tGATT_VALUE* att_value) {
1426 Uuid gattp_uuid = Uuid::From16Bit(UUID_SERVCLASS_GATT_SERVER);
1427 Uuid srvc_chg_uuid = Uuid::From16Bit(GATT_UUID_GATT_SRV_CHGD);
1428
1429 if (p_srcb->gatt_database.IsEmpty() && p_srcb->state == BTA_GATTC_SERV_IDLE) {
1430 gatt::Database db = bta_gattc_cache_load(p_srcb->server_bda);
1431 if (!db.IsEmpty()) {
1432 p_srcb->gatt_database = db;
1433 }
1434 }
1435
1436 const gatt::Characteristic* p_char = bta_gattc_get_characteristic_srcb(p_srcb, p_notify->handle);
1437 if (!p_char) {
1438 return false;
1439 }
1440 const gatt::Service* p_svc = bta_gattc_get_service_for_handle_srcb(p_srcb, p_char->value_handle);
1441 if (!p_svc || p_svc->uuid != gattp_uuid || p_char->uuid != srvc_chg_uuid) {
1442 return false;
1443 }
1444
1445 if (att_value->len != BTA_GATTC_SERVICE_CHANGED_LEN) {
1446 log::error("received malformed service changed indication, skipping");
1447 return false;
1448 }
1449
1450 uint8_t* p = att_value->value;
1451 uint16_t s_handle = ((uint16_t)(*(p)) + (((uint16_t)(*(p + 1))) << 8));
1452 uint16_t e_handle = ((uint16_t)(*(p + 2)) + (((uint16_t)(*(p + 3))) << 8));
1453
1454 log::error("service changed s_handle=0x{:x}, e_handle=0x{:x}", s_handle, e_handle);
1455
1456 /* mark service handle change pending */
1457 p_srcb->srvc_hdl_chg = true;
1458 /* clear up all notification/indication registration */
1459 bta_gattc_clear_notif_registration(p_srcb, conn_id, s_handle, e_handle);
1460 /* service change indication all received, do discovery update */
1461 if (++p_srcb->update_count == bta_gattc_num_reg_app()) {
1462 /* not an opened connection; or connection busy */
1463 /* search for first available clcb and start discovery */
1464 if (p_clcb == NULL || (p_clcb && p_clcb->p_q_cmd != NULL)) {
1465 for (auto& p_clcb_i : bta_gattc_cb.clcb_set) {
1466 if (p_clcb_i->in_use && p_clcb_i->p_srcb == p_srcb && p_clcb_i->p_q_cmd == NULL) {
1467 p_clcb = p_clcb_i.get();
1468 break;
1469 }
1470 }
1471 }
1472 // Use a busy CLCB to start discovery if no CLCB is available, this will be queued.
1473 if (com::android::bluetooth::flags::start_discover_service_changed() && p_clcb == NULL) {
1474 for (auto& p_clcb_i : bta_gattc_cb.clcb_set) {
1475 if (p_clcb_i->in_use && p_clcb_i->p_srcb == p_srcb) {
1476 p_clcb = p_clcb_i.get();
1477 break;
1478 }
1479 }
1480 }
1481
1482 /* send confirmation here if this is an indication, it should always be */
1483 if (GATTC_SendHandleValueConfirm(conn_id, p_notify->cid) != GATT_SUCCESS) {
1484 log::warn("Unable to send GATT client handle value confirmation conn_id:{} cid:{}", conn_id,
1485 p_notify->cid);
1486 }
1487
1488 /* if connection available, refresh cache by doing discovery now */
1489 if (p_clcb) {
1490 /* request read db hash first */
1491 p_srcb->srvc_hdl_db_hash = true;
1492 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_DISCOVER_EVT, NULL);
1493 } else {
1494 log::warn("No clcb is available to handle service change indication");
1495 }
1496 }
1497
1498 /* notify applicationf or service change */
1499 if (p_clrcb->p_cback) {
1500 tBTA_GATTC bta_gattc = {.service_changed = {
1501 .remote_bda = p_srcb->server_bda,
1502 .conn_id = conn_id,
1503 }};
1504 (*p_clrcb->p_cback)(BTA_GATTC_SRVC_CHG_EVT, &bta_gattc);
1505 }
1506
1507 return true;
1508 }
1509
1510 /** process all non-service change indication/notification */
bta_gattc_proc_other_indication(tBTA_GATTC_CLCB * p_clcb,uint8_t op,tGATT_CL_COMPLETE * p_data,tBTA_GATTC_NOTIFY * p_notify)1511 static void bta_gattc_proc_other_indication(tBTA_GATTC_CLCB* p_clcb, uint8_t op,
1512 tGATT_CL_COMPLETE* p_data,
1513 tBTA_GATTC_NOTIFY* p_notify) {
1514 log::verbose("check p_data->att_value.handle={} p_data->handle={}", p_data->att_value.handle,
1515 p_data->handle);
1516 log::verbose("is_notify {}", p_notify->is_notify);
1517
1518 p_notify->is_notify = (op == GATTC_OPTYPE_INDICATION) ? false : true;
1519 p_notify->len = p_data->att_value.len;
1520 p_notify->bda = p_clcb->bda;
1521 memcpy(p_notify->value, p_data->att_value.value, p_data->att_value.len);
1522 p_notify->conn_id = p_clcb->bta_conn_id;
1523
1524 if (p_clcb->p_rcb->p_cback) {
1525 tBTA_GATTC bta_gattc;
1526 bta_gattc.notify = *p_notify;
1527 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_NOTIF_EVT, &bta_gattc);
1528 }
1529 }
1530
1531 /** process indication/notification */
bta_gattc_process_indicate(tCONN_ID conn_id,tGATTC_OPTYPE op,tGATT_CL_COMPLETE * p_data)1532 static void bta_gattc_process_indicate(tCONN_ID conn_id, tGATTC_OPTYPE op,
1533 tGATT_CL_COMPLETE* p_data) {
1534 uint16_t handle = p_data->att_value.handle;
1535 tBTA_GATTC_NOTIFY notify;
1536 RawAddress remote_bda;
1537 tGATT_IF gatt_if;
1538 tBT_TRANSPORT transport;
1539
1540 if (!GATT_GetConnectionInfor(conn_id, &gatt_if, remote_bda, &transport)) {
1541 log::error("indication/notif for unknown app");
1542 if (op == GATTC_OPTYPE_INDICATION) {
1543 if (GATTC_SendHandleValueConfirm(conn_id, p_data->cid) != GATT_SUCCESS) {
1544 log::warn("Unable to send GATT client handle value confirmation conn_id:{} cid:{}", conn_id,
1545 p_data->cid);
1546 }
1547 }
1548 return;
1549 }
1550
1551 tBTA_GATTC_RCB* p_clrcb = bta_gattc_cl_get_regcb(gatt_if);
1552 if (p_clrcb == NULL) {
1553 log::error("indication/notif for unregistered app");
1554 if (op == GATTC_OPTYPE_INDICATION) {
1555 if (GATTC_SendHandleValueConfirm(conn_id, p_data->cid) != GATT_SUCCESS) {
1556 log::warn("Unable to send GATT client handle value confirmation conn_id:{} cid:{}", conn_id,
1557 p_data->cid);
1558 }
1559 }
1560 return;
1561 }
1562
1563 tBTA_GATTC_SERV* p_srcb = bta_gattc_find_srcb(remote_bda);
1564 if (p_srcb == NULL) {
1565 log::error("indication/notif for unknown device, ignore");
1566 if (op == GATTC_OPTYPE_INDICATION) {
1567 if (GATTC_SendHandleValueConfirm(conn_id, p_data->cid) != GATT_SUCCESS) {
1568 log::warn("Unable to send GATT client handle value confirmation conn_id:{} cid:{}", conn_id,
1569 p_data->cid);
1570 }
1571 }
1572 return;
1573 }
1574
1575 tBTA_GATTC_CLCB* p_clcb = bta_gattc_find_clcb_by_conn_id(conn_id);
1576
1577 notify.handle = handle;
1578 notify.cid = p_data->cid;
1579
1580 /* if service change indication/notification, don't forward to application */
1581 if (bta_gattc_process_srvc_chg_ind(conn_id, p_clrcb, p_srcb, p_clcb, ¬ify,
1582 &p_data->att_value)) {
1583 return;
1584 }
1585
1586 /* if app registered for the notification */
1587 if (bta_gattc_check_notif_registry(p_clrcb, p_srcb, ¬ify)) {
1588 /* connection not open yet */
1589 if (p_clcb == NULL) {
1590 p_clcb = bta_gattc_clcb_alloc(gatt_if, remote_bda, transport);
1591
1592 if (p_clcb == NULL) {
1593 log::error("No resources");
1594 return;
1595 }
1596
1597 p_clcb->bta_conn_id = conn_id;
1598 p_clcb->transport = transport;
1599
1600 bta_gattc_sm_execute(p_clcb, BTA_GATTC_INT_CONN_EVT, NULL);
1601 }
1602
1603 if (p_clcb != NULL) {
1604 bta_gattc_proc_other_indication(p_clcb, op, p_data, ¬ify);
1605 }
1606 } else if (op == GATTC_OPTYPE_INDICATION) {
1607 /* no one interested and need ack? */
1608 log::verbose("no one interested, ack now");
1609 if (GATTC_SendHandleValueConfirm(conn_id, p_data->cid) != GATT_SUCCESS) {
1610 log::warn("Unable to send GATT client handle value confirmation conn_id:{} cid:{}", conn_id,
1611 p_data->cid);
1612 }
1613 }
1614 }
1615
1616 /** client operation complete callback register with BTE GATT */
bta_gattc_cmpl_cback(tCONN_ID conn_id,tGATTC_OPTYPE op,tGATT_STATUS status,tGATT_CL_COMPLETE * p_data)1617 static void bta_gattc_cmpl_cback(tCONN_ID conn_id, tGATTC_OPTYPE op, tGATT_STATUS status,
1618 tGATT_CL_COMPLETE* p_data) {
1619 log::verbose("conn_id:{} op:{} status:{}", conn_id, op, status);
1620
1621 /* notification and indication processed right away */
1622 if (op == GATTC_OPTYPE_NOTIFICATION || op == GATTC_OPTYPE_INDICATION) {
1623 bta_gattc_process_indicate(conn_id, op, p_data);
1624 return;
1625 }
1626 /* for all other operation, not expected if w/o connection */
1627 tBTA_GATTC_CLCB* p_clcb = bta_gattc_find_clcb_by_conn_id(conn_id);
1628 if (!p_clcb) {
1629 log::error("unknown conn_id=0x{:x} ignore data", conn_id);
1630 return;
1631 }
1632
1633 /* if over BR_EDR, inform PM for mode change */
1634 if (p_clcb->transport == BT_TRANSPORT_BR_EDR) {
1635 bta_sys_busy(BTA_ID_GATTC, BTA_ALL_APP_ID, p_clcb->bda);
1636 bta_sys_idle(BTA_ID_GATTC, BTA_ALL_APP_ID, p_clcb->bda);
1637 }
1638
1639 bta_gattc_cmpl_sendmsg(conn_id, op, status, p_data);
1640 }
1641
1642 /** client operation complete send message */
bta_gattc_cmpl_sendmsg(tCONN_ID conn_id,tGATTC_OPTYPE op,tGATT_STATUS status,tGATT_CL_COMPLETE * p_data)1643 void bta_gattc_cmpl_sendmsg(tCONN_ID conn_id, tGATTC_OPTYPE op, tGATT_STATUS status,
1644 tGATT_CL_COMPLETE* p_data) {
1645 const size_t len = sizeof(tBTA_GATTC_OP_CMPL) + sizeof(tGATT_CL_COMPLETE);
1646 tBTA_GATTC_OP_CMPL* p_buf = (tBTA_GATTC_OP_CMPL*)osi_calloc(len);
1647
1648 p_buf->hdr.event = BTA_GATTC_OP_CMPL_EVT;
1649 p_buf->hdr.layer_specific = static_cast<uint16_t>(conn_id);
1650 p_buf->status = status;
1651 p_buf->op_code = op;
1652
1653 if (p_data) {
1654 p_buf->p_cmpl = (tGATT_CL_COMPLETE*)(p_buf + 1);
1655 memcpy(p_buf->p_cmpl, p_data, sizeof(tGATT_CL_COMPLETE));
1656 }
1657
1658 bta_sys_sendmsg(p_buf);
1659 }
1660
1661 /** congestion callback for BTA GATT client */
bta_gattc_cong_cback(tCONN_ID conn_id,bool congested)1662 static void bta_gattc_cong_cback(tCONN_ID conn_id, bool congested) {
1663 tBTA_GATTC_CLCB* p_clcb = bta_gattc_find_clcb_by_conn_id(conn_id);
1664 if (!p_clcb || !p_clcb->p_rcb->p_cback) {
1665 return;
1666 }
1667
1668 tBTA_GATTC cb_data;
1669 cb_data.congest.conn_id = conn_id;
1670 cb_data.congest.congested = congested;
1671
1672 (*p_clcb->p_rcb->p_cback)(BTA_GATTC_CONGEST_EVT, &cb_data);
1673 }
1674
bta_gattc_phy_update_cback(tGATT_IF gatt_if,tCONN_ID conn_id,uint8_t tx_phy,uint8_t rx_phy,tGATT_STATUS status)1675 static void bta_gattc_phy_update_cback(tGATT_IF gatt_if, tCONN_ID conn_id, uint8_t tx_phy,
1676 uint8_t rx_phy, tGATT_STATUS status) {
1677 tBTA_GATTC_RCB* p_clreg = bta_gattc_cl_get_regcb(gatt_if);
1678
1679 if (!p_clreg || !p_clreg->p_cback) {
1680 log::error("client_if={} not found", gatt_if);
1681 return;
1682 }
1683
1684 tBTA_GATTC cb_data;
1685 cb_data.phy_update.conn_id = conn_id;
1686 cb_data.phy_update.server_if = gatt_if;
1687 cb_data.phy_update.tx_phy = tx_phy;
1688 cb_data.phy_update.rx_phy = rx_phy;
1689 cb_data.phy_update.status = status;
1690 (*p_clreg->p_cback)(BTA_GATTC_PHY_UPDATE_EVT, &cb_data);
1691 }
1692
bta_gattc_conn_update_cback(tGATT_IF gatt_if,tCONN_ID conn_id,uint16_t interval,uint16_t latency,uint16_t timeout,tGATT_STATUS status)1693 static void bta_gattc_conn_update_cback(tGATT_IF gatt_if, tCONN_ID conn_id, uint16_t interval,
1694 uint16_t latency, uint16_t timeout, tGATT_STATUS status) {
1695 tBTA_GATTC_RCB* p_clreg = bta_gattc_cl_get_regcb(gatt_if);
1696
1697 if (!p_clreg || !p_clreg->p_cback) {
1698 log::error("client_if={} not found", gatt_if);
1699 return;
1700 }
1701
1702 tBTA_GATTC cb_data;
1703 cb_data.conn_update.conn_id = conn_id;
1704 cb_data.conn_update.interval = interval;
1705 cb_data.conn_update.latency = latency;
1706 cb_data.conn_update.timeout = timeout;
1707 cb_data.conn_update.status = status;
1708 (*p_clreg->p_cback)(BTA_GATTC_CONN_UPDATE_EVT, &cb_data);
1709 }
1710
bta_gattc_subrate_chg_cback(tGATT_IF gatt_if,tCONN_ID conn_id,uint16_t subrate_factor,uint16_t latency,uint16_t cont_num,uint16_t timeout,tGATT_STATUS status)1711 static void bta_gattc_subrate_chg_cback(tGATT_IF gatt_if, tCONN_ID conn_id, uint16_t subrate_factor,
1712 uint16_t latency, uint16_t cont_num, uint16_t timeout,
1713 tGATT_STATUS status) {
1714 tBTA_GATTC_RCB* p_clreg = bta_gattc_cl_get_regcb(gatt_if);
1715
1716 if (!p_clreg || !p_clreg->p_cback) {
1717 log::error("client_if={} not found", gatt_if);
1718 return;
1719 }
1720
1721 tBTA_GATTC cb_data;
1722 cb_data.subrate_chg.conn_id = conn_id;
1723 cb_data.subrate_chg.subrate_factor = subrate_factor;
1724 cb_data.subrate_chg.latency = latency;
1725 cb_data.subrate_chg.cont_num = cont_num;
1726 cb_data.subrate_chg.timeout = timeout;
1727 cb_data.subrate_chg.status = status;
1728 (*p_clreg->p_cback)(BTA_GATTC_SUBRATE_CHG_EVT, &cb_data);
1729 }
1730