1 /******************************************************************************
2 *
3 * Copyright 1999-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains functions for BLE controller based privacy.
22 *
23 ******************************************************************************/
24 #define LOG_TAG "ble_priv"
25
26 #include "stack/include/btm_ble_privacy.h"
27
28 #include <bluetooth/log.h>
29
30 #include "btm_dev.h"
31 #include "btm_sec_cb.h"
32 #include "btm_sec_int_types.h"
33 #include "hci/controller_interface.h"
34 #include "main/shim/acl_api.h"
35 #include "main/shim/entry.h"
36 #include "osi/include/allocator.h"
37 #include "stack/btm/btm_int_types.h"
38 #include "stack/include/ble_hci_link_interface.h"
39 #include "stack/include/bt_octets.h"
40 #include "stack/include/bt_types.h"
41 #include "stack/include/btm_client_interface.h"
42 #include "types/raw_address.h"
43
44 using namespace bluetooth;
45
46 extern tBTM_CB btm_cb;
47
48 /* RPA offload VSC specifics */
49 #define HCI_VENDOR_BLE_RPA_VSC (0x0155 | HCI_GRP_VENDOR_SPECIFIC)
50
51 #define BTM_BLE_META_IRK_ENABLE 0x01
52 #define BTM_BLE_META_ADD_IRK_ENTRY 0x02
53 #define BTM_BLE_META_REMOVE_IRK_ENTRY 0x03
54 #define BTM_BLE_META_CLEAR_IRK_LIST 0x04
55 #define BTM_BLE_META_READ_IRK_ENTRY 0x05
56 #define BTM_BLE_META_CS_RESOLVE_ADDR 0x00000001
57 #define BTM_BLE_IRK_ENABLE_LEN 2
58
59 #define BTM_BLE_META_ADD_IRK_LEN 24
60 #define BTM_BLE_META_REMOVE_IRK_LEN 8
61 #define BTM_BLE_META_CLEAR_IRK_LEN 1
62 #define BTM_BLE_META_READ_IRK_LEN 2
63 #define BTM_BLE_META_ADD_WL_ATTR_LEN 9
64
65 /*******************************************************************************
66 * Functions implemented controller based privacy using Resolving List
67 ******************************************************************************/
68 /*******************************************************************************
69 *
70 * Function btm_ble_enq_resolving_list_pending
71 *
72 * Description add target address into resolving pending operation queue
73 *
74 * Parameters target_bda: target device address
75 * add_entry: true for add entry, false for remove entry
76 *
77 * Returns void
78 *
79 ******************************************************************************/
btm_ble_enq_resolving_list_pending(const RawAddress & pseudo_bda,uint8_t op_code)80 static void btm_ble_enq_resolving_list_pending(const RawAddress& pseudo_bda, uint8_t op_code) {
81 tBTM_BLE_RESOLVE_Q* p_q = &btm_cb.ble_ctr_cb.resolving_list_pend_q;
82
83 p_q->resolve_q_random_pseudo[p_q->q_next] = pseudo_bda;
84 p_q->resolve_q_action[p_q->q_next] = op_code;
85 p_q->q_next++;
86 p_q->q_next %= bluetooth::shim::GetController()->GetLeResolvingListSize();
87 }
88
89 /*******************************************************************************
90 *
91 * Function btm_ble_brcm_find_resolving_pending_entry
92 *
93 * Description check to see if the action is in pending list
94 *
95 * Parameters true: action pending;
96 * false: new action
97 *
98 * Returns void
99 *
100 ******************************************************************************/
btm_ble_brcm_find_resolving_pending_entry(const RawAddress & pseudo_addr,uint8_t action)101 static bool btm_ble_brcm_find_resolving_pending_entry(const RawAddress& pseudo_addr,
102 uint8_t action) {
103 tBTM_BLE_RESOLVE_Q* p_q = &btm_cb.ble_ctr_cb.resolving_list_pend_q;
104
105 for (uint8_t i = p_q->q_pending; i != p_q->q_next;) {
106 if (p_q->resolve_q_random_pseudo[i] == pseudo_addr && action == p_q->resolve_q_action[i]) {
107 return true;
108 }
109
110 i++;
111 i %= bluetooth::shim::GetController()->GetLeResolvingListSize();
112 }
113 return false;
114 }
115
116 /*******************************************************************************
117 *
118 * Function btm_ble_deq_resolving_pending
119 *
120 * Description dequeue target address from resolving pending operation
121 * queue
122 *
123 * Parameters pseudo_addr: pseudo_addr device address
124 *
125 * Returns void
126 *
127 ******************************************************************************/
btm_ble_deq_resolving_pending(RawAddress & pseudo_addr)128 static bool btm_ble_deq_resolving_pending(RawAddress& pseudo_addr) {
129 tBTM_BLE_RESOLVE_Q* p_q = &btm_cb.ble_ctr_cb.resolving_list_pend_q;
130
131 if (p_q->q_next != p_q->q_pending) {
132 pseudo_addr = p_q->resolve_q_random_pseudo[p_q->q_pending];
133 p_q->resolve_q_random_pseudo[p_q->q_pending] = RawAddress::kEmpty;
134 p_q->q_pending++;
135 p_q->q_pending %= bluetooth::shim::GetController()->GetLeResolvingListSize();
136 return true;
137 }
138
139 return false;
140 }
141
142 /*******************************************************************************
143 *
144 * Function btm_ble_clear_irk_index
145 *
146 * Description clear IRK list index mask for availability
147 *
148 * Returns none
149 *
150 ******************************************************************************/
btm_ble_clear_irk_index(uint8_t index)151 static void btm_ble_clear_irk_index(uint8_t index) {
152 uint8_t byte;
153 uint8_t bit;
154
155 if (index < bluetooth::shim::GetController()->GetLeResolvingListSize()) {
156 byte = index / 8;
157 bit = index % 8;
158 btm_cb.ble_ctr_cb.irk_list_mask[byte] &= (~(1 << bit));
159 }
160 }
161
162 /*******************************************************************************
163 *
164 * Function btm_ble_find_irk_index
165 *
166 * Description find the first available IRK list index
167 *
168 * Returns index from 0 ~ max (127 default)
169 *
170 ******************************************************************************/
btm_ble_find_irk_index(void)171 static uint8_t btm_ble_find_irk_index(void) {
172 uint8_t i = 0;
173 uint8_t byte;
174 uint8_t bit;
175
176 while (i < bluetooth::shim::GetController()->GetLeResolvingListSize()) {
177 byte = i / 8;
178 bit = i % 8;
179
180 if ((btm_cb.ble_ctr_cb.irk_list_mask[byte] & (1 << bit)) == 0) {
181 btm_cb.ble_ctr_cb.irk_list_mask[byte] |= (1 << bit);
182 return i;
183 }
184 i++;
185 }
186
187 log::error("no index found");
188 return i;
189 }
190
191 /*******************************************************************************
192 *
193 * Function btm_ble_update_resolving_list
194 *
195 * Description update resolving list entry in host maintained record
196 *
197 * Returns void
198 *
199 ******************************************************************************/
btm_ble_update_resolving_list(const RawAddress & pseudo_bda,bool add)200 static void btm_ble_update_resolving_list(const RawAddress& pseudo_bda, bool add) {
201 tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev(pseudo_bda);
202 if (p_dev_rec == NULL) {
203 return;
204 }
205
206 if (add) {
207 p_dev_rec->ble.in_controller_list |= BTM_RESOLVING_LIST_BIT;
208 if (!bluetooth::shim::GetController()->SupportsBlePrivacy()) {
209 p_dev_rec->ble.resolving_list_index = btm_ble_find_irk_index();
210 }
211 } else {
212 p_dev_rec->ble.in_controller_list &= ~BTM_RESOLVING_LIST_BIT;
213 if (!bluetooth::shim::GetController()->SupportsBlePrivacy()) {
214 /* clear IRK list index mask */
215 btm_ble_clear_irk_index(p_dev_rec->ble.resolving_list_index);
216 p_dev_rec->ble.resolving_list_index = 0;
217 }
218 }
219 }
220
clear_resolving_list_bit(void * data,void *)221 static bool clear_resolving_list_bit(void* data, void* /* context */) {
222 tBTM_SEC_DEV_REC* p_dev_rec = static_cast<tBTM_SEC_DEV_REC*>(data);
223 p_dev_rec->ble.in_controller_list &= ~BTM_RESOLVING_LIST_BIT;
224 return true;
225 }
226
227 /*******************************************************************************
228 *
229 * Function btm_ble_clear_resolving_list_complete
230 *
231 * Description This function is called when command complete for
232 * clear resolving list
233 *
234 * Returns void
235 *
236 ******************************************************************************/
btm_ble_clear_resolving_list_complete(uint8_t * p,uint16_t evt_len)237 void btm_ble_clear_resolving_list_complete(uint8_t* p, uint16_t evt_len) {
238 uint8_t status = 0;
239
240 if (evt_len < 1) {
241 log::error("malformatted event packet: containing zero bytes");
242 return;
243 }
244
245 STREAM_TO_UINT8(status, p);
246
247 log::verbose("status={}", status);
248
249 if (status == HCI_SUCCESS) {
250 if (evt_len >= 3) {
251 /* VSC complete has one extra byte for op code and list size, skip it here
252 */
253 p++;
254
255 /* updated the available list size, and current list size */
256 uint8_t irk_list_sz_max = 0;
257 STREAM_TO_UINT8(irk_list_sz_max, p);
258
259 if (bluetooth::shim::GetController()->GetLeResolvingListSize() == 0) {
260 btm_ble_resolving_list_init(irk_list_sz_max);
261 }
262
263 uint8_t irk_mask_size =
264 (irk_list_sz_max % 8) ? (irk_list_sz_max / 8 + 1) : (irk_list_sz_max / 8);
265 memset(btm_cb.ble_ctr_cb.irk_list_mask, 0, irk_mask_size);
266 }
267
268 btm_cb.ble_ctr_cb.resolving_list_avail_size =
269 bluetooth::shim::GetController()->GetLeResolvingListSize();
270
271 log::verbose("resolving_list_avail_size={}", btm_cb.ble_ctr_cb.resolving_list_avail_size);
272
273 list_foreach(btm_sec_cb.sec_dev_rec, clear_resolving_list_bit, NULL);
274 }
275 }
276
277 /*******************************************************************************
278 *
279 * Function btm_ble_add_resolving_list_entry_complete
280 *
281 * Description This function is called when command complete for
282 * add resolving list entry
283 *
284 * Returns void
285 *
286 ******************************************************************************/
btm_ble_add_resolving_list_entry_complete(uint8_t * p,uint16_t evt_len)287 void btm_ble_add_resolving_list_entry_complete(uint8_t* p, uint16_t evt_len) {
288 uint8_t status;
289
290 if (evt_len < 1) {
291 log::error("malformatted event packet: containing zero byte");
292 return;
293 }
294
295 STREAM_TO_UINT8(status, p);
296
297 log::verbose("status={}", status);
298
299 RawAddress pseudo_bda;
300 if (!btm_ble_deq_resolving_pending(pseudo_bda)) {
301 log::verbose("no pending resolving list operation");
302 return;
303 }
304
305 if (status == HCI_SUCCESS) {
306 btm_ble_update_resolving_list(pseudo_bda, true);
307 /* privacy 1.2 command complete does not have these extra byte */
308 if (evt_len > 2) {
309 /* VSC complete has one extra byte for op code, skip it here */
310 p++;
311 STREAM_TO_UINT8(btm_cb.ble_ctr_cb.resolving_list_avail_size, p);
312 } else {
313 btm_cb.ble_ctr_cb.resolving_list_avail_size--;
314 }
315 } else if (status == HCI_ERR_MEMORY_FULL) /* BT_ERROR_CODE_MEMORY_CAPACITY_EXCEEDED */
316 {
317 btm_cb.ble_ctr_cb.resolving_list_avail_size = 0;
318 log::verbose("Resolving list Full");
319 }
320 }
321
322 /*******************************************************************************
323 *
324 * Function btm_ble_remove_resolving_list_entry_complete
325 *
326 * Description This function is called when command complete for
327 * remove resolving list entry
328 *
329 * Returns void
330 *
331 ******************************************************************************/
btm_ble_remove_resolving_list_entry_complete(uint8_t * p,uint16_t evt_len)332 void btm_ble_remove_resolving_list_entry_complete(uint8_t* p, uint16_t evt_len) {
333 RawAddress pseudo_bda;
334 uint8_t status;
335
336 STREAM_TO_UINT8(status, p);
337
338 log::verbose("status={}", status);
339
340 if (!btm_ble_deq_resolving_pending(pseudo_bda)) {
341 log::error("no pending resolving list operation");
342 return;
343 }
344
345 if (status == HCI_SUCCESS) {
346 /* proprietary: spec does not have these extra bytes */
347 if (evt_len > 2) {
348 p++; /* skip opcode */
349 STREAM_TO_UINT8(btm_cb.ble_ctr_cb.resolving_list_avail_size, p);
350 } else {
351 btm_cb.ble_ctr_cb.resolving_list_avail_size++;
352 }
353 }
354 }
355
356 /*******************************************************************************
357 *
358 * Function btm_ble_read_resolving_list_entry_complete
359 *
360 * Description This function is called when command complete for
361 * remove resolving list entry
362 *
363 * Returns void
364 *
365 ******************************************************************************/
btm_ble_read_resolving_list_entry_complete(const uint8_t * p,uint16_t evt_len)366 void btm_ble_read_resolving_list_entry_complete(const uint8_t* p, uint16_t evt_len) {
367 uint8_t status;
368 RawAddress rra, pseudo_bda;
369
370 STREAM_TO_UINT8(status, p);
371
372 log::verbose("status={}", status);
373
374 if (!btm_ble_deq_resolving_pending(pseudo_bda)) {
375 log::error("no pending resolving list operation");
376 return;
377 }
378
379 if (status == HCI_SUCCESS) {
380 /* proprietary spec has extra bytes */
381 if (evt_len > 8) {
382 /* skip subcode, index, IRK value, address type, identity addr type */
383 p += (2 + 16 + 1 + 6);
384 STREAM_TO_BDADDR(rra, p);
385
386 log::info("peer_addr:{}", rra);
387 } else {
388 STREAM_TO_BDADDR(rra, p);
389 }
390 btm_ble_refresh_peer_resolvable_private_addr(pseudo_bda, rra,
391 tBLE_RAND_ADDR_TYPE::BTM_BLE_ADDR_PSEUDO);
392 }
393 }
394 /*******************************************************************************
395 VSC that implement controller based privacy
396 ******************************************************************************/
397 /*******************************************************************************
398 *
399 * Function btm_ble_resolving_list_vsc_op_cmpl
400 *
401 * Description IRK operation VSC complete handler
402 *
403 * Parameters
404 *
405 * Returns void
406 *
407 ******************************************************************************/
btm_ble_resolving_list_vsc_op_cmpl(tBTM_VSC_CMPL * p_params)408 static void btm_ble_resolving_list_vsc_op_cmpl(tBTM_VSC_CMPL* p_params) {
409 uint8_t *p = p_params->p_param_buf, op_subcode;
410 uint16_t evt_len = p_params->param_len;
411
412 op_subcode = *(p + 1);
413
414 log::verbose("op_subcode={}", op_subcode);
415
416 if (op_subcode == BTM_BLE_META_CLEAR_IRK_LIST) {
417 btm_ble_clear_resolving_list_complete(p, evt_len);
418 } else if (op_subcode == BTM_BLE_META_ADD_IRK_ENTRY) {
419 btm_ble_add_resolving_list_entry_complete(p, evt_len);
420 } else if (op_subcode == BTM_BLE_META_REMOVE_IRK_ENTRY) {
421 btm_ble_remove_resolving_list_entry_complete(p, evt_len);
422 } else if (op_subcode == BTM_BLE_META_READ_IRK_ENTRY) {
423 btm_ble_read_resolving_list_entry_complete(p, evt_len);
424 } else if (op_subcode == BTM_BLE_META_IRK_ENABLE) {
425 /* RPA offloading enable/disabled */
426 }
427 }
428
429 /*******************************************************************************
430 *
431 * Function btm_ble_remove_resolving_list_entry
432 *
433 * Description This function to remove an IRK entry from the list
434 *
435 * Parameters ble_addr_type: address type
436 * ble_addr: LE adddress
437 *
438 * Returns status
439 *
440 ******************************************************************************/
btm_ble_remove_resolving_list_entry(tBTM_SEC_DEV_REC * p_dev_rec)441 static tBTM_STATUS btm_ble_remove_resolving_list_entry(tBTM_SEC_DEV_REC* p_dev_rec) {
442 /* if controller does not support RPA offloading or privacy 1.2, skip */
443 if (bluetooth::shim::GetController()->GetLeResolvingListSize() == 0) {
444 return tBTM_STATUS::BTM_WRONG_MODE;
445 }
446
447 if (bluetooth::shim::GetController()->SupportsBlePrivacy()) {
448 bluetooth::shim::ACL_RemoveFromAddressResolution(p_dev_rec->ble.identity_address_with_type);
449 } else {
450 uint8_t param[20] = {0};
451 uint8_t* p = param;
452
453 UINT8_TO_STREAM(p, BTM_BLE_META_REMOVE_IRK_ENTRY);
454 UINT8_TO_STREAM(p, p_dev_rec->ble.identity_address_with_type.type);
455 BDADDR_TO_STREAM(p, p_dev_rec->ble.identity_address_with_type.bda);
456
457 get_btm_client_interface().vendor.BTM_VendorSpecificCommand(HCI_VENDOR_BLE_RPA_VSC,
458 BTM_BLE_META_REMOVE_IRK_LEN, param,
459 btm_ble_resolving_list_vsc_op_cmpl);
460 btm_ble_enq_resolving_list_pending(p_dev_rec->bd_addr, BTM_BLE_META_REMOVE_IRK_ENTRY);
461 }
462 return tBTM_STATUS::BTM_CMD_STARTED;
463 }
464
465 /*******************************************************************************
466 *
467 * Function btm_ble_clear_resolving_list
468 *
469 * Description This function clears the resolving list
470 *
471 * Parameters None.
472 *
473 ******************************************************************************/
btm_ble_clear_resolving_list(void)474 static void btm_ble_clear_resolving_list(void) {
475 if (bluetooth::shim::GetController()->SupportsBlePrivacy()) {
476 bluetooth::shim::ACL_ClearAddressResolution();
477 } else {
478 uint8_t param[20] = {0};
479 uint8_t* p = param;
480
481 UINT8_TO_STREAM(p, BTM_BLE_META_CLEAR_IRK_LIST);
482 get_btm_client_interface().vendor.BTM_VendorSpecificCommand(HCI_VENDOR_BLE_RPA_VSC,
483 BTM_BLE_META_CLEAR_IRK_LEN, param,
484 btm_ble_resolving_list_vsc_op_cmpl);
485 }
486 }
487
488 /*******************************************************************************
489 *
490 * Function btm_ble_read_resolving_list_entry
491 *
492 * Description This function read an IRK entry by index
493 *
494 * Parameters entry index.
495 *
496 * Returns true if command successfully sent, false otherwise
497 *
498 ******************************************************************************/
btm_ble_read_resolving_list_entry(tBTM_SEC_DEV_REC * p_dev_rec)499 bool btm_ble_read_resolving_list_entry(tBTM_SEC_DEV_REC* p_dev_rec) {
500 if (btm_cb.ble_ctr_cb.privacy_mode < BTM_PRIVACY_1_2) {
501 log::debug("Privacy 1.2 is not enabled");
502 return false;
503 }
504 if (!(p_dev_rec->ble.in_controller_list & BTM_RESOLVING_LIST_BIT)) {
505 log::info("Unable to read resolving list entry as resolving bit not set");
506 return false;
507 }
508
509 if (bluetooth::shim::GetController()->SupportsBlePrivacy()) {
510 btsnd_hcic_ble_read_resolvable_addr_peer(p_dev_rec->ble.identity_address_with_type.type,
511 p_dev_rec->ble.identity_address_with_type.bda);
512 } else {
513 uint8_t param[20] = {0};
514 uint8_t* p = param;
515
516 UINT8_TO_STREAM(p, BTM_BLE_META_READ_IRK_ENTRY);
517 UINT8_TO_STREAM(p, p_dev_rec->ble.resolving_list_index);
518
519 get_btm_client_interface().vendor.BTM_VendorSpecificCommand(HCI_VENDOR_BLE_RPA_VSC,
520 BTM_BLE_META_READ_IRK_LEN, param,
521 btm_ble_resolving_list_vsc_op_cmpl);
522
523 btm_ble_enq_resolving_list_pending(p_dev_rec->bd_addr, BTM_BLE_META_READ_IRK_ENTRY);
524 }
525 return true;
526 }
527
btm_ble_ble_unsupported_resolving_list_load_dev(tBTM_SEC_DEV_REC * p_dev_rec)528 static void btm_ble_ble_unsupported_resolving_list_load_dev(tBTM_SEC_DEV_REC* p_dev_rec) {
529 log::info("Controller does not support BLE privacy");
530 uint8_t param[40] = {0};
531 uint8_t* p = param;
532
533 UINT8_TO_STREAM(p, BTM_BLE_META_ADD_IRK_ENTRY);
534 ARRAY_TO_STREAM(p, p_dev_rec->sec_rec.ble_keys.irk, OCTET16_LEN);
535 UINT8_TO_STREAM(p, p_dev_rec->ble.identity_address_with_type.type);
536 BDADDR_TO_STREAM(p, p_dev_rec->ble.identity_address_with_type.bda);
537
538 get_btm_client_interface().vendor.BTM_VendorSpecificCommand(HCI_VENDOR_BLE_RPA_VSC,
539 BTM_BLE_META_ADD_IRK_LEN, param,
540 btm_ble_resolving_list_vsc_op_cmpl);
541
542 btm_ble_enq_resolving_list_pending(p_dev_rec->bd_addr, BTM_BLE_META_ADD_IRK_ENTRY);
543 return;
544 }
545
is_peer_identity_key_valid(const tBTM_SEC_DEV_REC & dev_rec)546 static bool is_peer_identity_key_valid(const tBTM_SEC_DEV_REC& dev_rec) {
547 return dev_rec.sec_rec.ble_keys.key_type & BTM_LE_KEY_PID;
548 }
549
get_local_irk()550 static Octet16 get_local_irk() { return btm_sec_cb.devcb.id_keys.irk; }
551
btm_ble_resolving_list_load_dev(tBTM_SEC_DEV_REC & dev_rec)552 void btm_ble_resolving_list_load_dev(tBTM_SEC_DEV_REC& dev_rec) {
553 if (btm_cb.ble_ctr_cb.privacy_mode < BTM_PRIVACY_1_2) {
554 log::debug("Privacy 1.2 is not enabled");
555 return;
556 }
557 if (bluetooth::shim::GetController()->GetLeResolvingListSize() == 0) {
558 log::info("Controller does not support RPA offloading or privacy 1.2");
559 return;
560 }
561
562 if (!bluetooth::shim::GetController()->SupportsBlePrivacy()) {
563 return btm_ble_ble_unsupported_resolving_list_load_dev(&dev_rec);
564 }
565
566 // No need to check for local identity key validity. It remains unchanged.
567 if (!is_peer_identity_key_valid(dev_rec)) {
568 log::info("Peer is not an RPA enabled device:{}", dev_rec.ble.identity_address_with_type);
569 return;
570 }
571
572 if (dev_rec.ble.in_controller_list & BTM_RESOLVING_LIST_BIT) {
573 log::warn("Already in Address Resolving list device:{}",
574 dev_rec.ble.identity_address_with_type);
575 return;
576 }
577
578 const Octet16& peer_irk = dev_rec.sec_rec.ble_keys.irk;
579 const Octet16& local_irk = get_local_irk();
580
581 if (dev_rec.ble.identity_address_with_type.bda.IsEmpty()) {
582 dev_rec.ble.identity_address_with_type = {
583 .type = dev_rec.ble.AddressType(),
584 .bda = dev_rec.bd_addr,
585 };
586 }
587
588 if (!is_ble_addr_type_known(dev_rec.ble.identity_address_with_type.type)) {
589 log::error("Adding unknown address type({}) to Address Resolving list.",
590 dev_rec.ble.identity_address_with_type.type);
591 return;
592 }
593
594 bluetooth::shim::ACL_AddToAddressResolution(dev_rec.ble.identity_address_with_type, peer_irk,
595 local_irk);
596
597 log::debug("Added to Address Resolving list device:{}", dev_rec.ble.identity_address_with_type);
598
599 dev_rec.ble.in_controller_list |= BTM_RESOLVING_LIST_BIT;
600 }
601
602 /*******************************************************************************
603 *
604 * Function btm_ble_resolving_list_remove_dev
605 *
606 * Description This function removes the device from resolving list
607 *
608 * Parameters
609 *
610 * Returns status
611 *
612 ******************************************************************************/
btm_ble_resolving_list_remove_dev(tBTM_SEC_DEV_REC * p_dev_rec)613 void btm_ble_resolving_list_remove_dev(tBTM_SEC_DEV_REC* p_dev_rec) {
614 if (btm_cb.ble_ctr_cb.privacy_mode < BTM_PRIVACY_1_2) {
615 log::debug("Privacy 1.2 is not enabled");
616 return;
617 }
618
619 if ((p_dev_rec->ble.in_controller_list & BTM_RESOLVING_LIST_BIT) &&
620 !btm_ble_brcm_find_resolving_pending_entry(p_dev_rec->bd_addr,
621 BTM_BLE_META_REMOVE_IRK_ENTRY)) {
622 btm_ble_update_resolving_list(p_dev_rec->bd_addr, false);
623 btm_ble_remove_resolving_list_entry(p_dev_rec);
624 } else {
625 log::verbose("Device not in resolving list");
626 }
627 }
628
629 /*******************************************************************************
630 *
631 * Function btm_ble_resolving_list_init
632 *
633 * Description Initialize resolving list in host stack
634 *
635 * Parameters Max resolving list size
636 *
637 * Returns void
638 *
639 ******************************************************************************/
btm_ble_resolving_list_init(uint8_t max_irk_list_sz)640 void btm_ble_resolving_list_init(uint8_t max_irk_list_sz) {
641 tBTM_BLE_RESOLVE_Q* p_q = &btm_cb.ble_ctr_cb.resolving_list_pend_q;
642 uint8_t irk_mask_size = (max_irk_list_sz % 8) ? (max_irk_list_sz / 8 + 1) : (max_irk_list_sz / 8);
643
644 if (max_irk_list_sz > 0 && p_q->resolve_q_random_pseudo == nullptr) {
645 // NOTE: This memory is never freed
646 p_q->resolve_q_random_pseudo = (RawAddress*)osi_malloc(sizeof(RawAddress) * max_irk_list_sz);
647 // NOTE: This memory is never freed
648 p_q->resolve_q_action = (uint8_t*)osi_malloc(max_irk_list_sz);
649
650 /* RPA offloading feature */
651 if (btm_cb.ble_ctr_cb.irk_list_mask == NULL) {
652 // NOTE: This memory is never freed
653 btm_cb.ble_ctr_cb.irk_list_mask = (uint8_t*)osi_malloc(irk_mask_size);
654 }
655
656 log::verbose("max_irk_list_sz={}", max_irk_list_sz);
657 }
658
659 btm_ble_clear_resolving_list();
660 btm_cb.ble_ctr_cb.resolving_list_avail_size = max_irk_list_sz;
661 }
662