1 /******************************************************************************
2 *
3 * Copyright (C) 2009-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /************************************************************************************
20 *
21 * Filename: btif_dm.c
22 *
23 * Description: Contains Device Management (DM) related functionality
24 *
25 *
26 ***********************************************************************************/
27 #include <stdio.h>
28 #include <stdlib.h>
29 #include <unistd.h>
30
31 #include <hardware/bluetooth.h>
32
33 #include <utils/Log.h>
34 #include <cutils/properties.h>
35 #include "gki.h"
36 #include "btu.h"
37 #include "bd.h"
38 #include "bta_api.h"
39 #include "btif_api.h"
40 #include "btif_util.h"
41 #include "btif_dm.h"
42 #include "btif_storage.h"
43 #include "btif_hh.h"
44 #include "btif_config.h"
45
46 #include "bta_gatt_api.h"
47 /******************************************************************************
48 ** Constants & Macros
49 ******************************************************************************/
50
51 #define COD_UNCLASSIFIED ((0x1F) << 8)
52 #define COD_HID_KEYBOARD 0x0540
53 #define COD_HID_POINTING 0x0580
54 #define COD_HID_COMBO 0x05C0
55 #define COD_HID_MAJOR 0x0500
56 #define COD_AV_HEADSETS 0x0404
57 #define COD_AV_HANDSFREE 0x0408
58 #define COD_AV_HEADPHONES 0x0418
59 #define COD_AV_PORTABLE_AUDIO 0x041C
60 #define COD_AV_HIFI_AUDIO 0x0428
61
62
63 #define BTIF_DM_DEFAULT_INQ_MAX_RESULTS 0
64 #define BTIF_DM_DEFAULT_INQ_MAX_DURATION 10
65 #define BTIF_DM_MAX_SDP_ATTEMPTS_AFTER_PAIRING 2
66
67 #define PROPERTY_PRODUCT_MODEL "ro.product.model"
68 #define DEFAULT_LOCAL_NAME_MAX 31
69 #if (DEFAULT_LOCAL_NAME_MAX > BTM_MAX_LOC_BD_NAME_LEN)
70 #error "default btif local name size exceeds stack supported length"
71 #endif
72
73 #if (defined(BTA_HOST_INTERLEAVE_SEARCH) && BTA_HOST_INTERLEAVE_SEARCH == TRUE)
74 #define BTIF_DM_INTERLEAVE_DURATION_BR_ONE 2
75 #define BTIF_DM_INTERLEAVE_DURATION_LE_ONE 2
76 #define BTIF_DM_INTERLEAVE_DURATION_BR_TWO 3
77 #define BTIF_DM_INTERLEAVE_DURATION_LE_TWO 4
78 #endif
79
80 typedef struct
81 {
82 bt_bond_state_t state;
83 BD_ADDR bd_addr;
84 UINT8 is_temp;
85 UINT8 pin_code_len;
86 UINT8 is_ssp;
87 UINT8 autopair_attempts;
88 UINT8 is_local_initiated;
89 UINT8 sdp_attempts;
90 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
91 BOOLEAN is_le_only;
92 btif_dm_ble_cb_t ble;
93 #endif
94 } btif_dm_pairing_cb_t;
95
96
97 typedef struct
98 {
99 UINT8 ir[BT_OCTET16_LEN];
100 UINT8 irk[BT_OCTET16_LEN];
101 UINT8 dhk[BT_OCTET16_LEN];
102 }btif_dm_local_key_id_t;
103
104 typedef struct
105 {
106 BOOLEAN is_er_rcvd;
107 UINT8 er[BT_OCTET16_LEN];
108 BOOLEAN is_id_keys_rcvd;
109 btif_dm_local_key_id_t id_keys; /* ID kyes */
110
111 }btif_dm_local_key_cb_t;
112
113 typedef struct
114 {
115 BD_ADDR bd_addr;
116 BD_NAME bd_name;
117 } btif_dm_remote_name_t;
118
119 typedef struct
120 {
121 BT_OCTET16 sp_c;
122 BT_OCTET16 sp_r;
123 BD_ADDR oob_bdaddr; /* peer bdaddr*/
124 } btif_dm_oob_cb_t;
125 #define BTA_SERVICE_ID_TO_SERVICE_MASK(id) (1 << (id))
126
127 /* This flag will be true if HCI_Inquiry is in progress */
128 static BOOLEAN btif_dm_inquiry_in_progress = FALSE;
129
130 /************************************************************************************
131 ** Static variables
132 ************************************************************************************/
133 static char btif_default_local_name[DEFAULT_LOCAL_NAME_MAX+1] = {'\0'};
134
135 /******************************************************************************
136 ** Static functions
137 ******************************************************************************/
138 static btif_dm_pairing_cb_t pairing_cb;
139 static btif_dm_oob_cb_t oob_cb;
140 static void btif_dm_generic_evt(UINT16 event, char* p_param);
141 static void btif_dm_cb_create_bond(bt_bdaddr_t *bd_addr);
142 static void btif_dm_cb_hid_remote_name(tBTM_REMOTE_DEV_NAME *p_remote_name);
143 static void btif_update_remote_properties(BD_ADDR bd_addr, BD_NAME bd_name,
144 DEV_CLASS dev_class, tBT_DEVICE_TYPE dev_type);
145 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
146 static btif_dm_local_key_cb_t ble_local_key_cb;
147 static void btif_dm_ble_key_notif_evt(tBTA_DM_SP_KEY_NOTIF *p_ssp_key_notif);
148 static void btif_dm_ble_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl);
149 static void btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ *p_pin_req);
150 #endif
151 static char* btif_get_default_local_name();
152 /******************************************************************************
153 ** Externs
154 ******************************************************************************/
155 extern UINT16 bta_service_id_to_uuid_lkup_tbl [BTA_MAX_SERVICE_ID];
156 extern bt_status_t btif_hf_execute_service(BOOLEAN b_enable);
157 extern bt_status_t btif_av_execute_service(BOOLEAN b_enable);
158 extern bt_status_t btif_hh_execute_service(BOOLEAN b_enable);
159 extern int btif_hh_connect(bt_bdaddr_t *bd_addr);
160 extern void bta_gatt_convert_uuid16_to_uuid128(UINT8 uuid_128[LEN_UUID_128], UINT16 uuid_16);
161
162
163 /******************************************************************************
164 ** Functions
165 ******************************************************************************/
166
btif_in_execute_service_request(tBTA_SERVICE_ID service_id,BOOLEAN b_enable)167 bt_status_t btif_in_execute_service_request(tBTA_SERVICE_ID service_id,
168 BOOLEAN b_enable)
169 {
170 /* Check the service_ID and invoke the profile's BT state changed API */
171 switch (service_id)
172 {
173 case BTA_HFP_SERVICE_ID:
174 case BTA_HSP_SERVICE_ID:
175 {
176 btif_hf_execute_service(b_enable);
177 }break;
178 case BTA_A2DP_SERVICE_ID:
179 {
180 btif_av_execute_service(b_enable);
181 }break;
182 case BTA_HID_SERVICE_ID:
183 {
184 btif_hh_execute_service(b_enable);
185 }break;
186
187 default:
188 BTIF_TRACE_ERROR1("%s: Unknown service being enabled", __FUNCTION__);
189 return BT_STATUS_FAIL;
190 }
191 return BT_STATUS_SUCCESS;
192 }
193
194 /*******************************************************************************
195 **
196 ** Function check_eir_remote_name
197 **
198 ** Description Check if remote name is in the EIR data
199 **
200 ** Returns TRUE if remote name found
201 ** Populate p_remote_name, if provided and remote name found
202 **
203 *******************************************************************************/
check_eir_remote_name(tBTA_DM_SEARCH * p_search_data,UINT8 * p_remote_name,UINT8 * p_remote_name_len)204 static BOOLEAN check_eir_remote_name(tBTA_DM_SEARCH *p_search_data,
205 UINT8 *p_remote_name, UINT8 *p_remote_name_len)
206 {
207 UINT8 *p_eir_remote_name = NULL;
208 UINT8 remote_name_len = 0;
209
210 /* Check EIR for remote name and services */
211 if (p_search_data->inq_res.p_eir)
212 {
213 p_eir_remote_name = BTA_CheckEirData(p_search_data->inq_res.p_eir,
214 BTM_EIR_COMPLETE_LOCAL_NAME_TYPE, &remote_name_len);
215 if (!p_eir_remote_name)
216 {
217 p_eir_remote_name = BTA_CheckEirData(p_search_data->inq_res.p_eir,
218 BTM_EIR_SHORTENED_LOCAL_NAME_TYPE, &remote_name_len);
219 }
220
221 if (p_eir_remote_name)
222 {
223 if (remote_name_len > BD_NAME_LEN)
224 remote_name_len = BD_NAME_LEN;
225
226 if (p_remote_name && p_remote_name_len)
227 {
228 memcpy(p_remote_name, p_eir_remote_name, remote_name_len);
229 *(p_remote_name + remote_name_len) = 0;
230 *p_remote_name_len = remote_name_len;
231 }
232
233 return TRUE;
234 }
235 }
236
237 return FALSE;
238
239 }
240
241 /*******************************************************************************
242 **
243 ** Function check_cached_remote_name
244 **
245 ** Description Check if remote name is in the NVRAM cache
246 **
247 ** Returns TRUE if remote name found
248 ** Populate p_remote_name, if provided and remote name found
249 **
250 *******************************************************************************/
check_cached_remote_name(tBTA_DM_SEARCH * p_search_data,UINT8 * p_remote_name,UINT8 * p_remote_name_len)251 static BOOLEAN check_cached_remote_name(tBTA_DM_SEARCH *p_search_data,
252 UINT8 *p_remote_name, UINT8 *p_remote_name_len)
253 {
254 bt_bdname_t bdname;
255 bt_bdaddr_t remote_bdaddr;
256 bt_property_t prop_name;
257
258 /* check if we already have it in our btif_storage cache */
259 bdcpy(remote_bdaddr.address, p_search_data->inq_res.bd_addr);
260 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_BDNAME,
261 sizeof(bt_bdname_t), &bdname);
262 if (btif_storage_get_remote_device_property(
263 &remote_bdaddr, &prop_name) == BT_STATUS_SUCCESS)
264 {
265 if (p_remote_name && p_remote_name_len)
266 {
267 strcpy((char *)p_remote_name, (char *)bdname.name);
268 *p_remote_name_len = strlen((char *)p_remote_name);
269 }
270 return TRUE;
271 }
272
273 return FALSE;
274 }
275
check_cod(const bt_bdaddr_t * remote_bdaddr,uint32_t cod)276 BOOLEAN check_cod(const bt_bdaddr_t *remote_bdaddr, uint32_t cod)
277 {
278 uint32_t remote_cod;
279 bt_property_t prop_name;
280
281 /* check if we already have it in our btif_storage cache */
282 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_CLASS_OF_DEVICE,
283 sizeof(uint32_t), &remote_cod);
284 if (btif_storage_get_remote_device_property((bt_bdaddr_t *)remote_bdaddr, &prop_name) == BT_STATUS_SUCCESS)
285 {
286 if ((remote_cod & 0x7ff) == cod)
287 return TRUE;
288 }
289
290 return FALSE;
291 }
292
check_cod_hid(const bt_bdaddr_t * remote_bdaddr,uint32_t cod)293 BOOLEAN check_cod_hid(const bt_bdaddr_t *remote_bdaddr, uint32_t cod)
294 {
295 uint32_t remote_cod;
296 bt_property_t prop_name;
297
298 /* check if we already have it in our btif_storage cache */
299 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_CLASS_OF_DEVICE,
300 sizeof(uint32_t), &remote_cod);
301 if (btif_storage_get_remote_device_property((bt_bdaddr_t *)remote_bdaddr,
302 &prop_name) == BT_STATUS_SUCCESS)
303 {
304 if ((remote_cod & 0x700) == cod)
305 return TRUE;
306 }
307 return FALSE;
308 }
309
check_hid_le(const bt_bdaddr_t * remote_bdaddr)310 BOOLEAN check_hid_le(const bt_bdaddr_t *remote_bdaddr)
311 {
312 uint32_t remote_dev_type;
313 bt_property_t prop_name;
314
315 /* check if we already have it in our btif_storage cache */
316 BTIF_STORAGE_FILL_PROPERTY(&prop_name,BT_PROPERTY_TYPE_OF_DEVICE,
317 sizeof(uint32_t), &remote_dev_type);
318 if (btif_storage_get_remote_device_property((bt_bdaddr_t *)remote_bdaddr,
319 &prop_name) == BT_STATUS_SUCCESS)
320 {
321 if (remote_dev_type == BT_DEVICE_DEVTYPE_BLE)
322 {
323 bdstr_t bdstr;
324 bd2str(remote_bdaddr, &bdstr);
325 if(btif_config_exist("Remote", bdstr, "HidAppId"))
326 return TRUE;
327 }
328 }
329 return FALSE;
330 }
331
bond_state_changed(bt_status_t status,bt_bdaddr_t * bd_addr,bt_bond_state_t state)332 static void bond_state_changed(bt_status_t status, bt_bdaddr_t *bd_addr, bt_bond_state_t state)
333 {
334 /* Send bonding state only once - based on outgoing/incoming we may receive duplicates */
335 if ( (pairing_cb.state == state) && (state == BT_BOND_STATE_BONDING) )
336 return;
337
338 if (pairing_cb.is_temp)
339 {
340 state = BT_BOND_STATE_NONE;
341 }
342 BTIF_TRACE_DEBUG3("%s: state=%d prev_state=%d", __FUNCTION__, state, pairing_cb.state);
343
344 HAL_CBACK(bt_hal_cbacks, bond_state_changed_cb, status, bd_addr, state);
345
346 if (state == BT_BOND_STATE_BONDING)
347 {
348 pairing_cb.state = state;
349 bdcpy(pairing_cb.bd_addr, bd_addr->address);
350 }
351 else
352 {
353 memset(&pairing_cb, 0, sizeof(pairing_cb));
354 }
355
356 }
357
358 /* store remote version in bt config to always have access
359 to it post pairing*/
btif_update_remote_version_property(bt_bdaddr_t * p_bd)360 static void btif_update_remote_version_property(bt_bdaddr_t *p_bd)
361 {
362 bt_property_t property;
363 UINT8 lmp_ver = 0;
364 UINT16 lmp_subver = 0;
365 UINT16 mfct_set = 0;
366 tBTM_STATUS btm_status;
367 bt_remote_version_t info;
368 bt_status_t status;
369 bdstr_t bdstr;
370
371 btm_status = BTM_ReadRemoteVersion(*(BD_ADDR*)p_bd, &lmp_ver,
372 &mfct_set, &lmp_subver);
373
374 ALOGD("remote version info [%s]: %x, %x, %x", bd2str(p_bd, &bdstr),
375 lmp_ver, mfct_set, lmp_subver);
376
377 if (btm_status == BTM_SUCCESS)
378 {
379 /* always update cache to ensure we have availability whenever BTM API
380 is not populated */
381 info.manufacturer = mfct_set;
382 info.sub_ver = lmp_subver;
383 info.version = lmp_ver;
384 BTIF_STORAGE_FILL_PROPERTY(&property,
385 BT_PROPERTY_REMOTE_VERSION_INFO, sizeof(bt_remote_version_t),
386 &info);
387 status = btif_storage_set_remote_device_property(p_bd, &property);
388 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote version", status);
389 }
390 }
391
392
btif_update_remote_properties(BD_ADDR bd_addr,BD_NAME bd_name,DEV_CLASS dev_class,tBT_DEVICE_TYPE device_type)393 static void btif_update_remote_properties(BD_ADDR bd_addr, BD_NAME bd_name,
394 DEV_CLASS dev_class, tBT_DEVICE_TYPE device_type)
395 {
396 int num_properties = 0;
397 bt_property_t properties[3];
398 bt_bdaddr_t bdaddr;
399 bt_status_t status;
400 UINT32 cod;
401 bt_device_type_t dev_type;
402
403 memset(properties, 0, sizeof(properties));
404 bdcpy(bdaddr.address, bd_addr);
405
406 /* remote name */
407 if (strlen((const char *) bd_name))
408 {
409 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
410 BT_PROPERTY_BDNAME, strlen((char *)bd_name), bd_name);
411 status = btif_storage_set_remote_device_property(&bdaddr, &properties[num_properties]);
412 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device name", status);
413 num_properties++;
414 }
415
416 /* class of device */
417 cod = devclass2uint(dev_class);
418 if ( cod == 0) {
419 BTIF_TRACE_DEBUG1("%s():cod is 0, set as unclassified", __FUNCTION__);
420 cod = COD_UNCLASSIFIED;
421 }
422
423 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
424 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod);
425 status = btif_storage_set_remote_device_property(&bdaddr, &properties[num_properties]);
426 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device class", status);
427 num_properties++;
428
429 /* device type */
430 dev_type = device_type;
431 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
432 BT_PROPERTY_TYPE_OF_DEVICE, sizeof(dev_type), &dev_type);
433 status = btif_storage_set_remote_device_property(&bdaddr, &properties[num_properties]);
434 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device type", status);
435 num_properties++;
436
437 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb,
438 status, &bdaddr, num_properties, properties);
439 }
440 /*******************************************************************************
441 **
442 ** Function hid_remote_name_cback
443 **
444 ** Description Remote name callback for HID device. Called in stack context
445 ** Special handling for HID devices
446 **
447 ** Returns void
448 **
449 *******************************************************************************/
hid_remote_name_cback(void * p_param)450 static void hid_remote_name_cback(void *p_param)
451 {
452 BTIF_TRACE_DEBUG1("%s", __FUNCTION__);
453
454 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_HID_REMOTE_NAME,
455 (char *)p_param, sizeof(tBTM_REMOTE_DEV_NAME), NULL);
456 }
457
458 /*******************************************************************************
459 **
460 ** Function btif_dm_cb_hid_remote_name
461 **
462 ** Description Remote name callback for HID device. Called in btif context
463 ** Special handling for HID devices
464 **
465 ** Returns void
466 **
467 *******************************************************************************/
btif_dm_cb_hid_remote_name(tBTM_REMOTE_DEV_NAME * p_remote_name)468 static void btif_dm_cb_hid_remote_name(tBTM_REMOTE_DEV_NAME *p_remote_name)
469 {
470 BTIF_TRACE_DEBUG3("%s: status=%d pairing_cb.state=%d", __FUNCTION__, p_remote_name->status, pairing_cb.state);
471 if (pairing_cb.state == BT_BOND_STATE_BONDING)
472 {
473 bt_bdaddr_t remote_bd;
474
475 bdcpy(remote_bd.address, pairing_cb.bd_addr);
476
477 if (p_remote_name->status == BTM_SUCCESS)
478 {
479 bond_state_changed(BT_STATUS_SUCCESS, &remote_bd, BT_BOND_STATE_BONDED);
480 }
481 else
482 bond_state_changed(BT_STATUS_FAIL, &remote_bd, BT_BOND_STATE_NONE);
483 }
484 }
485
486 /*******************************************************************************
487 **
488 ** Function btif_dm_cb_create_bond
489 **
490 ** Description Create bond initiated from the BTIF thread context
491 ** Special handling for HID devices
492 **
493 ** Returns void
494 **
495 *******************************************************************************/
btif_dm_cb_create_bond(bt_bdaddr_t * bd_addr)496 static void btif_dm_cb_create_bond(bt_bdaddr_t *bd_addr)
497 {
498 BOOLEAN is_hid = check_cod(bd_addr, COD_HID_POINTING);
499
500
501 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);
502
503 if (is_hid){
504
505 int status;
506 status = btif_hh_connect(bd_addr);
507 if(status != BT_STATUS_SUCCESS)
508 bond_state_changed(status, bd_addr, BT_BOND_STATE_NONE);
509 }
510 else
511 {
512 #if BLE_INCLUDED == TRUE
513 int device_type;
514 int addr_type;
515 bdstr_t bdstr;
516 bd2str(bd_addr, &bdstr);
517 if(btif_config_get_int("Remote", (char const *)&bdstr,"DevType", &device_type) &&
518 (btif_storage_get_remote_addr_type(bd_addr, &addr_type) == BT_STATUS_SUCCESS) &&
519 (device_type == BT_DEVICE_TYPE_BLE))
520 {
521 BTA_DmAddBleDevice(bd_addr->address, addr_type, BT_DEVICE_TYPE_BLE);
522 }
523 #endif
524 BTA_DmBond ((UINT8 *)bd_addr->address);
525 }
526 /* Track originator of bond creation */
527 pairing_cb.is_local_initiated = TRUE;
528
529 }
530
531 /*******************************************************************************
532 **
533 ** Function btif_dm_cb_remove_bond
534 **
535 ** Description remove bond initiated from the BTIF thread context
536 ** Special handling for HID devices
537 **
538 ** Returns void
539 **
540 *******************************************************************************/
btif_dm_cb_remove_bond(bt_bdaddr_t * bd_addr)541 void btif_dm_cb_remove_bond(bt_bdaddr_t *bd_addr)
542 {
543 bdstr_t bdstr;
544 /*special handling for HID devices */
545 /* VUP needs to be sent if its a HID Device. The HID HOST module will check if there
546 is a valid hid connection with this bd_addr. If yes VUP will be issued.*/
547 #if (defined(BTA_HH_INCLUDED) && (BTA_HH_INCLUDED == TRUE))
548 if (btif_hh_virtual_unplug(bd_addr) != BT_STATUS_SUCCESS)
549 #endif
550 {
551 BTA_DmRemoveDevice((UINT8 *)bd_addr->address);
552 }
553 }
554
555 /*******************************************************************************
556 **
557 ** Function search_devices_copy_cb
558 **
559 ** Description Deep copy callback for search devices event
560 **
561 ** Returns void
562 **
563 *******************************************************************************/
search_devices_copy_cb(UINT16 event,char * p_dest,char * p_src)564 static void search_devices_copy_cb(UINT16 event, char *p_dest, char *p_src)
565 {
566 tBTA_DM_SEARCH *p_dest_data = (tBTA_DM_SEARCH *) p_dest;
567 tBTA_DM_SEARCH *p_src_data = (tBTA_DM_SEARCH *) p_src;
568
569 if (!p_src)
570 return;
571
572 BTIF_TRACE_DEBUG2("%s: event=%s", __FUNCTION__, dump_dm_search_event(event));
573 memcpy(p_dest_data, p_src_data, sizeof(tBTA_DM_SEARCH));
574 switch (event)
575 {
576 case BTA_DM_INQ_RES_EVT:
577 {
578 if (p_src_data->inq_res.p_eir)
579 {
580 p_dest_data->inq_res.p_eir = (UINT8 *)(p_dest + sizeof(tBTA_DM_SEARCH));
581 memcpy(p_dest_data->inq_res.p_eir, p_src_data->inq_res.p_eir, HCI_EXT_INQ_RESPONSE_LEN);
582 }
583 }
584 break;
585
586 case BTA_DM_DISC_RES_EVT:
587 {
588 if (p_src_data->disc_res.raw_data_size && p_src_data->disc_res.p_raw_data)
589 {
590 p_dest_data->disc_res.p_raw_data = (UINT8 *)(p_dest + sizeof(tBTA_DM_SEARCH));
591 memcpy(p_dest_data->disc_res.p_raw_data,
592 p_src_data->disc_res.p_raw_data, p_src_data->disc_res.raw_data_size);
593 }
594 }
595 break;
596 }
597 }
598
search_services_copy_cb(UINT16 event,char * p_dest,char * p_src)599 static void search_services_copy_cb(UINT16 event, char *p_dest, char *p_src)
600 {
601 tBTA_DM_SEARCH *p_dest_data = (tBTA_DM_SEARCH *) p_dest;
602 tBTA_DM_SEARCH *p_src_data = (tBTA_DM_SEARCH *) p_src;
603
604 if (!p_src)
605 return;
606 memcpy(p_dest_data, p_src_data, sizeof(tBTA_DM_SEARCH));
607 switch (event)
608 {
609 case BTA_DM_DISC_RES_EVT:
610 {
611 if (p_src_data->disc_res.result == BTA_SUCCESS)
612 {
613 if (p_src_data->disc_res.num_uuids > 0)
614 {
615 p_dest_data->disc_res.p_uuid_list =
616 (UINT8*)(p_dest + sizeof(tBTA_DM_SEARCH));
617 memcpy(p_dest_data->disc_res.p_uuid_list, p_src_data->disc_res.p_uuid_list,
618 p_src_data->disc_res.num_uuids*MAX_UUID_SIZE);
619 GKI_freebuf(p_src_data->disc_res.p_uuid_list);
620 }
621 if (p_src_data->disc_res.p_raw_data != NULL)
622 {
623 GKI_freebuf(p_src_data->disc_res.p_raw_data);
624 }
625 }
626 } break;
627 }
628 }
629 /******************************************************************************
630 **
631 ** BTIF DM callback events
632 **
633 *****************************************************************************/
634
635 /*******************************************************************************
636 **
637 ** Function btif_dm_pin_req_evt
638 **
639 ** Description Executes pin request event in btif context
640 **
641 ** Returns void
642 **
643 *******************************************************************************/
btif_dm_pin_req_evt(tBTA_DM_PIN_REQ * p_pin_req)644 static void btif_dm_pin_req_evt(tBTA_DM_PIN_REQ *p_pin_req)
645 {
646 bt_bdaddr_t bd_addr;
647 bt_bdname_t bd_name;
648 UINT32 cod;
649 bt_pin_code_t pin_code;
650
651 /* Remote properties update */
652 btif_update_remote_properties(p_pin_req->bd_addr, p_pin_req->bd_name,
653 p_pin_req->dev_class, BT_DEVICE_TYPE_BREDR);
654
655 bdcpy(bd_addr.address, p_pin_req->bd_addr);
656 memcpy(bd_name.name, p_pin_req->bd_name, BD_NAME_LEN);
657
658 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING);
659
660 cod = devclass2uint(p_pin_req->dev_class);
661
662 if ( cod == 0) {
663 BTIF_TRACE_DEBUG1("%s():cod is 0, set as unclassified", __FUNCTION__);
664 cod = COD_UNCLASSIFIED;
665 }
666
667 /* check for auto pair possiblity only if bond was initiated by local device */
668 if (pairing_cb.is_local_initiated)
669 {
670 if (check_cod(&bd_addr, COD_AV_HEADSETS) ||
671 check_cod(&bd_addr, COD_AV_HANDSFREE) ||
672 check_cod(&bd_addr, COD_AV_HEADPHONES) ||
673 check_cod(&bd_addr, COD_AV_PORTABLE_AUDIO) ||
674 check_cod(&bd_addr, COD_AV_HIFI_AUDIO) ||
675 check_cod(&bd_addr, COD_HID_POINTING))
676 {
677 BTIF_TRACE_DEBUG1("%s()cod matches for auto pair", __FUNCTION__);
678 /* Check if this device can be auto paired */
679 if ((btif_storage_is_device_autopair_blacklisted(&bd_addr) == FALSE) &&
680 (pairing_cb.autopair_attempts == 0))
681 {
682 BTIF_TRACE_DEBUG1("%s() Attempting auto pair", __FUNCTION__);
683 pin_code.pin[0] = 0x30;
684 pin_code.pin[1] = 0x30;
685 pin_code.pin[2] = 0x30;
686 pin_code.pin[3] = 0x30;
687
688 pairing_cb.autopair_attempts++;
689 BTA_DmPinReply( (UINT8*)bd_addr.address, TRUE, 4, pin_code.pin);
690 return;
691 }
692 }
693 else if (check_cod(&bd_addr, COD_HID_KEYBOARD) ||
694 check_cod(&bd_addr, COD_HID_COMBO))
695 {
696 if(( btif_storage_is_fixed_pin_zeros_keyboard (&bd_addr) == TRUE) &&
697 (pairing_cb.autopair_attempts == 0))
698 {
699 BTIF_TRACE_DEBUG1("%s() Attempting auto pair", __FUNCTION__);
700 pin_code.pin[0] = 0x30;
701 pin_code.pin[1] = 0x30;
702 pin_code.pin[2] = 0x30;
703 pin_code.pin[3] = 0x30;
704
705 pairing_cb.autopair_attempts++;
706 BTA_DmPinReply( (UINT8*)bd_addr.address, TRUE, 4, pin_code.pin);
707 return;
708 }
709 }
710 }
711 HAL_CBACK(bt_hal_cbacks, pin_request_cb,
712 &bd_addr, &bd_name, cod);
713 }
714
715 /*******************************************************************************
716 **
717 ** Function btif_dm_ssp_cfm_req_evt
718 **
719 ** Description Executes SSP confirm request event in btif context
720 **
721 ** Returns void
722 **
723 *******************************************************************************/
btif_dm_ssp_cfm_req_evt(tBTA_DM_SP_CFM_REQ * p_ssp_cfm_req)724 static void btif_dm_ssp_cfm_req_evt(tBTA_DM_SP_CFM_REQ *p_ssp_cfm_req)
725 {
726 bt_bdaddr_t bd_addr;
727 bt_bdname_t bd_name;
728 UINT32 cod;
729 BOOLEAN is_incoming = !(pairing_cb.state == BT_BOND_STATE_BONDING);
730
731 BTIF_TRACE_DEBUG1("%s", __FUNCTION__);
732
733 /* Remote properties update */
734 btif_update_remote_properties(p_ssp_cfm_req->bd_addr, p_ssp_cfm_req->bd_name,
735 p_ssp_cfm_req->dev_class, BT_DEVICE_TYPE_BREDR);
736
737 bdcpy(bd_addr.address, p_ssp_cfm_req->bd_addr);
738 memcpy(bd_name.name, p_ssp_cfm_req->bd_name, BD_NAME_LEN);
739
740 /* Set the pairing_cb based on the local & remote authentication requirements */
741 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING);
742
743 /* if just_works and bonding bit is not set treat this as temporary */
744 if (p_ssp_cfm_req->just_works && !(p_ssp_cfm_req->loc_auth_req & BTM_AUTH_BONDS) &&
745 !(p_ssp_cfm_req->rmt_auth_req & BTM_AUTH_BONDS) &&
746 !(check_cod((bt_bdaddr_t*)&p_ssp_cfm_req->bd_addr, COD_HID_POINTING)))
747 pairing_cb.is_temp = TRUE;
748 else
749 pairing_cb.is_temp = FALSE;
750
751 pairing_cb.is_ssp = TRUE;
752
753 /* If JustWorks auto-accept */
754 if (p_ssp_cfm_req->just_works)
755 {
756 /* Pairing consent for JustWorks needed if:
757 * 1. Incoming pairing is detected AND
758 * 2. local IO capabilities are DisplayYesNo AND
759 * 3. remote IO capabiltiies are DisplayOnly or NoInputNoOutput;
760 */
761 if ((is_incoming) && ((p_ssp_cfm_req->loc_io_caps == 0x01) &&
762 (p_ssp_cfm_req->rmt_io_caps == 0x00 || p_ssp_cfm_req->rmt_io_caps == 0x03)))
763 {
764 BTIF_TRACE_EVENT3("%s: User consent needed for incoming pairing request. loc_io_caps: %d, rmt_io_caps: %d",
765 __FUNCTION__, p_ssp_cfm_req->loc_io_caps, p_ssp_cfm_req->rmt_io_caps);
766 }
767 else
768 {
769 BTIF_TRACE_EVENT1("%s: Auto-accept JustWorks pairing", __FUNCTION__);
770 btif_dm_ssp_reply(&bd_addr, BT_SSP_VARIANT_CONSENT, TRUE, 0);
771 return;
772 }
773 }
774
775 cod = devclass2uint(p_ssp_cfm_req->dev_class);
776
777 if ( cod == 0) {
778 ALOGD("cod is 0, set as unclassified");
779 cod = COD_UNCLASSIFIED;
780 }
781
782 pairing_cb.sdp_attempts = 0;
783 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod,
784 (p_ssp_cfm_req->just_works ? BT_SSP_VARIANT_CONSENT : BT_SSP_VARIANT_PASSKEY_CONFIRMATION),
785 p_ssp_cfm_req->num_val);
786 }
787
btif_dm_ssp_key_notif_evt(tBTA_DM_SP_KEY_NOTIF * p_ssp_key_notif)788 static void btif_dm_ssp_key_notif_evt(tBTA_DM_SP_KEY_NOTIF *p_ssp_key_notif)
789 {
790 bt_bdaddr_t bd_addr;
791 bt_bdname_t bd_name;
792 UINT32 cod;
793
794 BTIF_TRACE_DEBUG1("%s", __FUNCTION__);
795
796 /* Remote properties update */
797 btif_update_remote_properties(p_ssp_key_notif->bd_addr, p_ssp_key_notif->bd_name,
798 p_ssp_key_notif->dev_class, BT_DEVICE_TYPE_BREDR);
799
800 bdcpy(bd_addr.address, p_ssp_key_notif->bd_addr);
801 memcpy(bd_name.name, p_ssp_key_notif->bd_name, BD_NAME_LEN);
802
803 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING);
804 pairing_cb.is_ssp = TRUE;
805 cod = devclass2uint(p_ssp_key_notif->dev_class);
806
807 if ( cod == 0) {
808 ALOGD("cod is 0, set as unclassified");
809 cod = COD_UNCLASSIFIED;
810 }
811
812 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name,
813 cod, BT_SSP_VARIANT_PASSKEY_NOTIFICATION,
814 p_ssp_key_notif->passkey);
815 }
816 /*******************************************************************************
817 **
818 ** Function btif_dm_auth_cmpl_evt
819 **
820 ** Description Executes authentication complete event in btif context
821 **
822 ** Returns void
823 **
824 *******************************************************************************/
btif_dm_auth_cmpl_evt(tBTA_DM_AUTH_CMPL * p_auth_cmpl)825 static void btif_dm_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl)
826 {
827 /* Save link key, if not temporary */
828 bt_bdaddr_t bd_addr;
829 bt_status_t status = BT_STATUS_FAIL;
830 bt_bond_state_t state = BT_BOND_STATE_NONE;
831
832 bdcpy(bd_addr.address, p_auth_cmpl->bd_addr);
833 if ( (p_auth_cmpl->success == TRUE) && (p_auth_cmpl->key_present) )
834 {
835 if ((p_auth_cmpl->key_type < HCI_LKEY_TYPE_DEBUG_COMB) || (p_auth_cmpl->key_type == HCI_LKEY_TYPE_AUTH_COMB) ||
836 (p_auth_cmpl->key_type == HCI_LKEY_TYPE_CHANGED_COMB) || (!pairing_cb.is_temp))
837 {
838 bt_status_t ret;
839 BTIF_TRACE_DEBUG3("%s: Storing link key. key_type=0x%x, is_temp=%d",
840 __FUNCTION__, p_auth_cmpl->key_type, pairing_cb.is_temp);
841 ret = btif_storage_add_bonded_device(&bd_addr,
842 p_auth_cmpl->key, p_auth_cmpl->key_type,
843 pairing_cb.pin_code_len);
844 ASSERTC(ret == BT_STATUS_SUCCESS, "storing link key failed", ret);
845 }
846 else
847 {
848 BTIF_TRACE_DEBUG3("%s: Temporary key. Not storing. key_type=0x%x, is_temp=%d",
849 __FUNCTION__, p_auth_cmpl->key_type, pairing_cb.is_temp);
850 }
851 }
852 if (p_auth_cmpl->success)
853 {
854 status = BT_STATUS_SUCCESS;
855 state = BT_BOND_STATE_BONDED;
856
857 /* Trigger SDP on the device */
858 pairing_cb.sdp_attempts = 1;;
859
860 if(btif_dm_inquiry_in_progress)
861 btif_dm_cancel_discovery();
862
863 btif_dm_get_remote_services(&bd_addr);
864 /* Do not call bond_state_changed_cb yet. Wait till fetch remote service is complete */
865 }
866 else
867 {
868 /*Map the HCI fail reason to bt status */
869 switch(p_auth_cmpl->fail_reason)
870 {
871 case HCI_ERR_PAGE_TIMEOUT:
872 case HCI_ERR_CONNECTION_TOUT:
873 status = BT_STATUS_RMT_DEV_DOWN;
874 break;
875
876 /* map the auth failure codes, so we can retry pairing if necessary */
877 case HCI_ERR_AUTH_FAILURE:
878 case HCI_ERR_HOST_REJECT_SECURITY:
879 case HCI_ERR_ENCRY_MODE_NOT_ACCEPTABLE:
880 case HCI_ERR_UNIT_KEY_USED:
881 case HCI_ERR_PAIRING_WITH_UNIT_KEY_NOT_SUPPORTED:
882 case HCI_ERR_INSUFFCIENT_SECURITY:
883 BTIF_TRACE_DEBUG1(" %s() Authentication fail ", __FUNCTION__);
884 if (pairing_cb.autopair_attempts == 1)
885 {
886 BTIF_TRACE_DEBUG1("%s(): Adding device to blacklist ", __FUNCTION__);
887
888 /* Add the device to dynamic black list only if this device belongs to Audio/pointing dev class */
889 if (check_cod(&bd_addr, COD_AV_HEADSETS) ||
890 check_cod(&bd_addr, COD_AV_HANDSFREE) ||
891 check_cod(&bd_addr, COD_AV_HEADPHONES) ||
892 check_cod(&bd_addr, COD_AV_PORTABLE_AUDIO) ||
893 check_cod(&bd_addr, COD_AV_HIFI_AUDIO) ||
894 check_cod(&bd_addr, COD_HID_POINTING))
895 {
896 btif_storage_add_device_to_autopair_blacklist (&bd_addr);
897 }
898 pairing_cb.autopair_attempts++;
899
900 /* Create the Bond once again */
901 BTIF_TRACE_DEBUG1("%s() auto pair failed. Reinitiate Bond", __FUNCTION__);
902 btif_dm_cb_create_bond (&bd_addr);
903 return;
904 }
905 else
906 {
907 /* if autopair attempts are more than 1, or not attempted */
908 status = BT_STATUS_AUTH_FAILURE;
909 }
910 break;
911
912 default:
913 status = BT_STATUS_FAIL;
914 }
915 bond_state_changed(status, &bd_addr, state);
916 }
917 }
918
919 /******************************************************************************
920 **
921 ** Function btif_dm_search_devices_evt
922 **
923 ** Description Executes search devices callback events in btif context
924 **
925 ** Returns void
926 **
927 ******************************************************************************/
btif_dm_search_devices_evt(UINT16 event,char * p_param)928 static void btif_dm_search_devices_evt (UINT16 event, char *p_param)
929 {
930 tBTA_DM_SEARCH *p_search_data;
931 BTIF_TRACE_EVENT2("%s event=%s", __FUNCTION__, dump_dm_search_event(event));
932
933 switch (event)
934 {
935 case BTA_DM_DISC_RES_EVT:
936 {
937 p_search_data = (tBTA_DM_SEARCH *)p_param;
938 /* Remote name update */
939 if (strlen((const char *) p_search_data->disc_res.bd_name))
940 {
941 bt_property_t properties[1];
942 bt_bdaddr_t bdaddr;
943 bt_status_t status;
944
945 properties[0].type = BT_PROPERTY_BDNAME;
946 properties[0].val = p_search_data->disc_res.bd_name;
947 properties[0].len = strlen((char *)p_search_data->disc_res.bd_name);
948 bdcpy(bdaddr.address, p_search_data->disc_res.bd_addr);
949
950 status = btif_storage_set_remote_device_property(&bdaddr, &properties[0]);
951 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device property", status);
952 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb,
953 status, &bdaddr, 1, properties);
954 }
955 /* TODO: Services? */
956 }
957 break;
958
959 case BTA_DM_INQ_RES_EVT:
960 {
961 /* inquiry result */
962 UINT32 cod;
963 UINT8 *p_eir_remote_name = NULL;
964 bt_bdname_t bdname;
965 bt_bdaddr_t bdaddr;
966 UINT8 remote_name_len;
967 UINT8 *p_cached_name = NULL;
968 tBTA_SERVICE_MASK services = 0;
969 bdstr_t bdstr;
970
971 p_search_data = (tBTA_DM_SEARCH *)p_param;
972 bdcpy(bdaddr.address, p_search_data->inq_res.bd_addr);
973
974 BTIF_TRACE_DEBUG3("%s() %s device_type = 0x%x\n", __FUNCTION__, bd2str(&bdaddr, &bdstr),
975 #if (BLE_INCLUDED == TRUE)
976 p_search_data->inq_res.device_type);
977 #else
978 BT_DEVICE_TYPE_BREDR);
979 #endif
980 bdname.name[0] = 0;
981
982 cod = devclass2uint (p_search_data->inq_res.dev_class);
983
984 if ( cod == 0) {
985 ALOGD("cod is 0, set as unclassified");
986 cod = COD_UNCLASSIFIED;
987 }
988
989 if (!check_eir_remote_name(p_search_data, bdname.name, &remote_name_len))
990 check_cached_remote_name(p_search_data, bdname.name, &remote_name_len);
991
992 /* Check EIR for remote name and services */
993 if (p_search_data->inq_res.p_eir)
994 {
995 BTA_GetEirService(p_search_data->inq_res.p_eir, &services);
996 BTIF_TRACE_DEBUG2("%s()EIR BTA services = %08X", __FUNCTION__, (UINT32)services);
997 /* TODO: Get the service list and check to see which uuids we got and send it back to the client. */
998 }
999
1000
1001 {
1002 bt_property_t properties[5];
1003 bt_device_type_t dev_type;
1004 UINT8 addr_type;
1005 uint32_t num_properties = 0;
1006 bt_status_t status;
1007
1008 memset(properties, 0, sizeof(properties));
1009 /* BD_ADDR */
1010 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
1011 BT_PROPERTY_BDADDR, sizeof(bdaddr), &bdaddr);
1012 num_properties++;
1013 /* BD_NAME */
1014 /* Don't send BDNAME if it is empty */
1015 if (bdname.name[0])
1016 {
1017 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
1018 BT_PROPERTY_BDNAME,
1019 strlen((char *)bdname.name), &bdname);
1020 num_properties++;
1021 }
1022
1023 /* DEV_CLASS */
1024 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
1025 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod);
1026 num_properties++;
1027 /* DEV_TYPE */
1028 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
1029 /* FixMe: Assumption is that bluetooth.h and BTE enums match */
1030 dev_type = p_search_data->inq_res.device_type;
1031 addr_type = p_search_data->inq_res.ble_addr_type;
1032 #else
1033 dev_type = BT_DEVICE_TYPE_BREDR;
1034 #endif
1035 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
1036 BT_PROPERTY_TYPE_OF_DEVICE, sizeof(dev_type), &dev_type);
1037 num_properties++;
1038 /* RSSI */
1039 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
1040 BT_PROPERTY_REMOTE_RSSI, sizeof(int8_t),
1041 &(p_search_data->inq_res.rssi));
1042 num_properties++;
1043
1044 status = btif_storage_add_remote_device(&bdaddr, num_properties, properties);
1045 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device (inquiry)", status);
1046 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
1047 status = btif_storage_set_remote_addr_type(&bdaddr, addr_type);
1048 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote addr type (inquiry)", status);
1049 #endif
1050 /* Callback to notify upper layer of device */
1051 HAL_CBACK(bt_hal_cbacks, device_found_cb,
1052 num_properties, properties);
1053 }
1054 }
1055 break;
1056
1057 case BTA_DM_INQ_CMPL_EVT:
1058 {
1059 }
1060 break;
1061 case BTA_DM_DISC_CMPL_EVT:
1062 {
1063 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, BT_DISCOVERY_STOPPED);
1064 }
1065 break;
1066 case BTA_DM_SEARCH_CANCEL_CMPL_EVT:
1067 {
1068 /* if inquiry is not in progress and we get a cancel event, then
1069 * it means we are done with inquiry, but remote_name fetches are in
1070 * progress
1071 *
1072 * if inquiry is in progress, then we don't want to act on this cancel_cmpl_evt
1073 * but instead wait for the cancel_cmpl_evt via the Busy Level
1074 *
1075 */
1076 if (btif_dm_inquiry_in_progress == FALSE)
1077 {
1078 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, BT_DISCOVERY_STOPPED);
1079 }
1080 }
1081 break;
1082 }
1083 }
1084
1085 /*******************************************************************************
1086 **
1087 ** Function btif_dm_search_services_evt
1088 **
1089 ** Description Executes search services event in btif context
1090 **
1091 ** Returns void
1092 **
1093 *******************************************************************************/
btif_dm_search_services_evt(UINT16 event,char * p_param)1094 static void btif_dm_search_services_evt(UINT16 event, char *p_param)
1095 {
1096 tBTA_DM_SEARCH *p_data = (tBTA_DM_SEARCH*)p_param;
1097
1098 BTIF_TRACE_EVENT2("%s: event = %d", __FUNCTION__, event);
1099 switch (event)
1100 {
1101 case BTA_DM_DISC_RES_EVT:
1102 {
1103 bt_uuid_t uuid_arr[BT_MAX_NUM_UUIDS]; /* Max 32 services */
1104 bt_property_t prop;
1105 uint32_t i = 0, j = 0;
1106 bt_bdaddr_t bd_addr;
1107 bt_status_t ret;
1108
1109 bdcpy(bd_addr.address, p_data->disc_res.bd_addr);
1110
1111 BTIF_TRACE_DEBUG3("%s:(result=0x%x, services 0x%x)", __FUNCTION__,
1112 p_data->disc_res.result, p_data->disc_res.services);
1113 if ((p_data->disc_res.result != BTA_SUCCESS) &&
1114 (pairing_cb.state == BT_BOND_STATE_BONDING ) &&
1115 (pairing_cb.sdp_attempts < BTIF_DM_MAX_SDP_ATTEMPTS_AFTER_PAIRING))
1116 {
1117 BTIF_TRACE_WARNING1("%s:SDP failed after bonding re-attempting", __FUNCTION__);
1118 pairing_cb.sdp_attempts++;
1119 btif_dm_get_remote_services(&bd_addr);
1120 return;
1121 }
1122 prop.type = BT_PROPERTY_UUIDS;
1123 prop.len = 0;
1124 if ((p_data->disc_res.result == BTA_SUCCESS) && (p_data->disc_res.num_uuids > 0))
1125 {
1126 prop.val = p_data->disc_res.p_uuid_list;
1127 prop.len = p_data->disc_res.num_uuids * MAX_UUID_SIZE;
1128 for (i=0; i < p_data->disc_res.num_uuids; i++)
1129 {
1130 char temp[256];
1131 uuid_to_string((bt_uuid_t*)(p_data->disc_res.p_uuid_list + (i*MAX_UUID_SIZE)), temp);
1132 BTIF_TRACE_ERROR2("Index: %d uuid:%s", i, temp);
1133 }
1134 }
1135
1136 /* onUuidChanged requires getBondedDevices to be populated.
1137 ** bond_state_changed needs to be sent prior to remote_device_property
1138 */
1139 if ((pairing_cb.state == BT_BOND_STATE_BONDING) &&
1140 (bdcmp(p_data->disc_res.bd_addr, pairing_cb.bd_addr) == 0)&&
1141 pairing_cb.sdp_attempts > 0)
1142 {
1143 BTIF_TRACE_DEBUG1("%s Remote Service SDP done. Call bond_state_changed_cb BONDED",
1144 __FUNCTION__);
1145 pairing_cb.sdp_attempts = 0;
1146 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDED);
1147 }
1148
1149 if(p_data->disc_res.num_uuids != 0)
1150 {
1151 /* Also write this to the NVRAM */
1152 ret = btif_storage_set_remote_device_property(&bd_addr, &prop);
1153 ASSERTC(ret == BT_STATUS_SUCCESS, "storing remote services failed", ret);
1154 /* Send the event to the BTIF */
1155 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb,
1156 BT_STATUS_SUCCESS, &bd_addr, 1, &prop);
1157 }
1158 }
1159 break;
1160
1161 case BTA_DM_DISC_CMPL_EVT:
1162 /* fixme */
1163 break;
1164
1165 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
1166 case BTA_DM_DISC_BLE_RES_EVT:
1167 BTIF_TRACE_DEBUG2("%s:, services 0x%x)", __FUNCTION__,
1168 p_data->disc_ble_res.service.uu.uuid16);
1169 bt_uuid_t uuid;
1170 int i = 0;
1171 int j = 15;
1172 if (p_data->disc_ble_res.service.uu.uuid16 == UUID_SERVCLASS_LE_HID)
1173 {
1174 BTIF_TRACE_DEBUG1("%s: Found HOGP UUID",__FUNCTION__);
1175 bt_property_t prop;
1176 bt_bdaddr_t bd_addr;
1177 char temp[256];
1178 bt_status_t ret;
1179
1180 bta_gatt_convert_uuid16_to_uuid128(uuid.uu,p_data->disc_ble_res.service.uu.uuid16);
1181
1182 while(i < j )
1183 {
1184 unsigned char c = uuid.uu[j];
1185 uuid.uu[j] = uuid.uu[i];
1186 uuid.uu[i] = c;
1187 i++;
1188 j--;
1189 }
1190
1191 uuid_to_string(&uuid, temp);
1192 BTIF_TRACE_ERROR1(" uuid:%s", temp);
1193
1194 bdcpy(bd_addr.address, p_data->disc_ble_res.bd_addr);
1195 prop.type = BT_PROPERTY_UUIDS;
1196 prop.val = uuid.uu;
1197 prop.len = MAX_UUID_SIZE;
1198
1199 /* Also write this to the NVRAM */
1200 ret = btif_storage_set_remote_device_property(&bd_addr, &prop);
1201 ASSERTC(ret == BT_STATUS_SUCCESS, "storing remote services failed", ret);
1202
1203 /* Send the event to the BTIF */
1204 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb,
1205 BT_STATUS_SUCCESS, &bd_addr, 1, &prop);
1206
1207 }
1208 break;
1209 #endif /* BLE_INCLUDED */
1210
1211 default:
1212 {
1213 ASSERTC(0, "unhandled search services event", event);
1214 }
1215 break;
1216 }
1217 }
1218
1219 /*******************************************************************************
1220 **
1221 ** Function btif_dm_remote_service_record_evt
1222 **
1223 ** Description Executes search service record event in btif context
1224 **
1225 ** Returns void
1226 **
1227 *******************************************************************************/
btif_dm_remote_service_record_evt(UINT16 event,char * p_param)1228 static void btif_dm_remote_service_record_evt(UINT16 event, char *p_param)
1229 {
1230 tBTA_DM_SEARCH *p_data = (tBTA_DM_SEARCH*)p_param;
1231
1232 BTIF_TRACE_EVENT2("%s: event = %d", __FUNCTION__, event);
1233 switch (event)
1234 {
1235 case BTA_DM_DISC_RES_EVT:
1236 {
1237 bt_service_record_t rec;
1238 bt_property_t prop;
1239 uint32_t i = 0;
1240 bt_bdaddr_t bd_addr;
1241
1242 memset(&rec, 0, sizeof(bt_service_record_t));
1243 bdcpy(bd_addr.address, p_data->disc_res.bd_addr);
1244
1245 BTIF_TRACE_DEBUG3("%s:(result=0x%x, services 0x%x)", __FUNCTION__,
1246 p_data->disc_res.result, p_data->disc_res.services);
1247 prop.type = BT_PROPERTY_SERVICE_RECORD;
1248 prop.val = (void*)&rec;
1249 prop.len = sizeof(rec);
1250
1251 /* disc_res.result is overloaded with SCN. Cannot check result */
1252 p_data->disc_res.services &= ~BTA_USER_SERVICE_MASK;
1253 /* TODO: Get the UUID as well */
1254 rec.channel = p_data->disc_res.result - 3;
1255 /* TODO: Need to get the service name using p_raw_data */
1256 rec.name[0] = 0;
1257
1258 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb,
1259 BT_STATUS_SUCCESS, &bd_addr, 1, &prop);
1260 }
1261 break;
1262
1263 default:
1264 {
1265 ASSERTC(0, "unhandled remote service record event", event);
1266 }
1267 break;
1268 }
1269 }
1270
1271 /*******************************************************************************
1272 **
1273 ** Function btif_dm_upstreams_cback
1274 **
1275 ** Description Executes UPSTREAMS events in btif context
1276 **
1277 ** Returns void
1278 **
1279 *******************************************************************************/
btif_dm_upstreams_evt(UINT16 event,char * p_param)1280 static void btif_dm_upstreams_evt(UINT16 event, char* p_param)
1281 {
1282 tBTA_DM_SEC_EVT dm_event = (tBTA_DM_SEC_EVT)event;
1283 tBTA_DM_SEC *p_data = (tBTA_DM_SEC*)p_param;
1284 tBTA_SERVICE_MASK service_mask;
1285 uint32_t i;
1286 bt_bdaddr_t bd_addr;
1287
1288 BTIF_TRACE_EVENT1("btif_dm_upstreams_cback ev: %s", dump_dm_event(event));
1289
1290 switch (event)
1291 {
1292 case BTA_DM_ENABLE_EVT:
1293 {
1294 BD_NAME bdname;
1295 bt_status_t status;
1296 bt_property_t prop;
1297 prop.type = BT_PROPERTY_BDNAME;
1298 prop.len = BD_NAME_LEN;
1299 prop.val = (void*)bdname;
1300
1301 status = btif_storage_get_adapter_property(&prop);
1302 if (status == BT_STATUS_SUCCESS)
1303 {
1304 /* A name exists in the storage. Make this the device name */
1305 BTA_DmSetDeviceName((char*)prop.val);
1306 }
1307 else
1308 {
1309 /* Storage does not have a name yet.
1310 * Use the default name and write it to the chip
1311 */
1312 BTA_DmSetDeviceName(btif_get_default_local_name());
1313 }
1314
1315 /* for each of the enabled services in the mask, trigger the profile
1316 * enable */
1317 service_mask = btif_get_enabled_services_mask();
1318 for (i=0; i <= BTA_MAX_SERVICE_ID; i++)
1319 {
1320 if (service_mask &
1321 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(i)))
1322 {
1323 btif_in_execute_service_request(i, TRUE);
1324 }
1325 }
1326 /* clear control blocks */
1327 memset(&pairing_cb, 0, sizeof(btif_dm_pairing_cb_t));
1328
1329 /* This function will also trigger the adapter_properties_cb
1330 ** and bonded_devices_info_cb
1331 */
1332 btif_storage_load_bonded_devices();
1333
1334 btif_storage_load_autopair_device_list();
1335
1336 btif_enable_bluetooth_evt(p_data->enable.status, p_data->enable.bd_addr);
1337 }
1338 break;
1339
1340 case BTA_DM_DISABLE_EVT:
1341 /* for each of the enabled services in the mask, trigger the profile
1342 * disable */
1343 service_mask = btif_get_enabled_services_mask();
1344 for (i=0; i <= BTA_MAX_SERVICE_ID; i++)
1345 {
1346 if (service_mask &
1347 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(i)))
1348 {
1349 btif_in_execute_service_request(i, FALSE);
1350 }
1351 }
1352 btif_disable_bluetooth_evt();
1353 break;
1354
1355 case BTA_DM_PIN_REQ_EVT:
1356 btif_dm_pin_req_evt(&p_data->pin_req);
1357 break;
1358
1359 case BTA_DM_AUTH_CMPL_EVT:
1360 btif_dm_auth_cmpl_evt(&p_data->auth_cmpl);
1361 break;
1362
1363 case BTA_DM_BOND_CANCEL_CMPL_EVT:
1364 if (pairing_cb.state == BT_BOND_STATE_BONDING)
1365 {
1366 bdcpy(bd_addr.address, pairing_cb.bd_addr);
1367 bond_state_changed(p_data->bond_cancel_cmpl.result, &bd_addr, BT_BOND_STATE_NONE);
1368 }
1369 break;
1370
1371 case BTA_DM_SP_CFM_REQ_EVT:
1372 btif_dm_ssp_cfm_req_evt(&p_data->cfm_req);
1373 break;
1374 case BTA_DM_SP_KEY_NOTIF_EVT:
1375 btif_dm_ssp_key_notif_evt(&p_data->key_notif);
1376 break;
1377
1378 case BTA_DM_DEV_UNPAIRED_EVT:
1379 bdcpy(bd_addr.address, p_data->link_down.bd_addr);
1380
1381 /*special handling for HID devices */
1382 #if (defined(BTA_HH_INCLUDED) && (BTA_HH_INCLUDED == TRUE))
1383 btif_hh_remove_device(bd_addr);
1384 #endif
1385 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
1386 btif_storage_remove_ble_bonding_keys(&bd_addr);
1387 #endif
1388 btif_storage_remove_bonded_device(&bd_addr);
1389 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_NONE);
1390 break;
1391
1392 case BTA_DM_BUSY_LEVEL_EVT:
1393 {
1394
1395 if (p_data->busy_level.level_flags & BTM_BL_INQUIRY_PAGING_MASK)
1396 {
1397 if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_STARTED)
1398 {
1399 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb,
1400 BT_DISCOVERY_STARTED);
1401 btif_dm_inquiry_in_progress = TRUE;
1402 }
1403 else if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_CANCELLED)
1404 {
1405 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb,
1406 BT_DISCOVERY_STOPPED);
1407 btif_dm_inquiry_in_progress = FALSE;
1408 }
1409 else if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_COMPLETE)
1410 {
1411 btif_dm_inquiry_in_progress = FALSE;
1412 }
1413 }
1414 }break;
1415
1416 case BTA_DM_LINK_UP_EVT:
1417 bdcpy(bd_addr.address, p_data->link_up.bd_addr);
1418 BTIF_TRACE_DEBUG0("BTA_DM_LINK_UP_EVT. Sending BT_ACL_STATE_CONNECTED");
1419
1420 btif_update_remote_version_property(&bd_addr);
1421
1422 HAL_CBACK(bt_hal_cbacks, acl_state_changed_cb, BT_STATUS_SUCCESS,
1423 &bd_addr, BT_ACL_STATE_CONNECTED);
1424 break;
1425
1426 case BTA_DM_LINK_DOWN_EVT:
1427 bdcpy(bd_addr.address, p_data->link_down.bd_addr);
1428 BTIF_TRACE_DEBUG0("BTA_DM_LINK_DOWN_EVT. Sending BT_ACL_STATE_DISCONNECTED");
1429 HAL_CBACK(bt_hal_cbacks, acl_state_changed_cb, BT_STATUS_SUCCESS,
1430 &bd_addr, BT_ACL_STATE_DISCONNECTED);
1431 break;
1432
1433 case BTA_DM_HW_ERROR_EVT:
1434 BTIF_TRACE_ERROR0("Received H/W Error. ");
1435 /* Flush storage data */
1436 btif_config_flush();
1437 usleep(100000); /* 100milliseconds */
1438 /* Killing the process to force a restart as part of fault tolerance */
1439 kill(getpid(), SIGKILL);
1440 break;
1441
1442 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
1443 case BTA_DM_BLE_KEY_EVT:
1444 BTIF_TRACE_DEBUG1("BTA_DM_BLE_KEY_EVT key_type=0x%02x ", p_data->ble_key.key_type);
1445
1446 /* If this pairing is by-product of local initiated GATT client Read or Write,
1447 BTA would not have sent BTA_DM_BLE_SEC_REQ_EVT event and Bond state would not
1448 have setup properly. Setup pairing_cb and notify App about Bonding state now*/
1449 if (pairing_cb.state != BT_BOND_STATE_BONDING)
1450 {
1451 BTIF_TRACE_DEBUG0("Bond state not sent to App so far.Notify the app now");
1452 bond_state_changed(BT_STATUS_SUCCESS, (bt_bdaddr_t*)p_data->ble_key.bd_addr,
1453 BT_BOND_STATE_BONDING);
1454 }
1455 else if (memcmp (pairing_cb.bd_addr, p_data->ble_key.bd_addr, BD_ADDR_LEN)!=0)
1456 {
1457 BTIF_TRACE_ERROR1("BD mismatch discard BLE key_type=%d ",p_data->ble_key.key_type);
1458 break;
1459 }
1460
1461 switch (p_data->ble_key.key_type)
1462 {
1463 case BTA_LE_KEY_PENC:
1464 BTIF_TRACE_DEBUG0("Rcv BTA_LE_KEY_PENC");
1465 pairing_cb.ble.is_penc_key_rcvd = TRUE;
1466 memcpy(pairing_cb.ble.penc_key.ltk,p_data->ble_key.key_value.penc_key.ltk, 16);
1467 memcpy(pairing_cb.ble.penc_key.rand, p_data->ble_key.key_value.penc_key.rand,8);
1468 pairing_cb.ble.penc_key.ediv = p_data->ble_key.key_value.penc_key.ediv;
1469 pairing_cb.ble.penc_key.sec_level = p_data->ble_key.key_value.penc_key.sec_level;
1470
1471 for (i=0; i<16; i++)
1472 {
1473 BTIF_TRACE_DEBUG2("pairing_cb.ble.penc_key.ltk[%d]=0x%02x",i,pairing_cb.ble.penc_key.ltk[i]);
1474 }
1475 for (i=0; i<8; i++)
1476 {
1477 BTIF_TRACE_DEBUG2("pairing_cb.ble.penc_key.rand[%d]=0x%02x",i,pairing_cb.ble.penc_key.rand[i]);
1478 }
1479 BTIF_TRACE_DEBUG1("pairing_cb.ble.penc_key.ediv=0x%04x",pairing_cb.ble.penc_key.ediv);
1480 BTIF_TRACE_DEBUG1("pairing_cb.ble.penc_key.sec_level=0x%02x",pairing_cb.ble.penc_key.sec_level);
1481 BTIF_TRACE_DEBUG1("pairing_cb.ble.penc_key.key_size=0x%02x",pairing_cb.ble.penc_key.key_size);
1482 break;
1483
1484 case BTA_LE_KEY_PID:
1485 BTIF_TRACE_DEBUG0("Rcv BTA_LE_KEY_PID");
1486 pairing_cb.ble.is_pid_key_rcvd = TRUE;
1487 memcpy(pairing_cb.ble.pid_key, p_data->ble_key.key_value.pid_key.irk, 16);
1488 for (i=0; i<16; i++)
1489 {
1490 BTIF_TRACE_DEBUG2("pairing_cb.ble.pid_key[%d]=0x%02x",i,pairing_cb.ble.pid_key[i]);
1491 }
1492 break;
1493
1494 case BTA_LE_KEY_PCSRK:
1495 BTIF_TRACE_DEBUG0("Rcv BTA_LE_KEY_PCSRK");
1496 pairing_cb.ble.is_pcsrk_key_rcvd = TRUE;
1497 pairing_cb.ble.pcsrk_key.counter = p_data->ble_key.key_value.pcsrk_key.counter;
1498 pairing_cb.ble.pcsrk_key.sec_level = p_data->ble_key.key_value.pcsrk_key.sec_level;
1499 memcpy(pairing_cb.ble.pcsrk_key.csrk,p_data->ble_key.key_value.pcsrk_key.csrk,16);
1500
1501 for (i=0; i<16; i++)
1502 {
1503 BTIF_TRACE_DEBUG2("pairing_cb.ble.pcsrk_key.csrk[%d]=0x%02x",i,pairing_cb.ble.pcsrk_key.csrk[i]);
1504 }
1505 BTIF_TRACE_DEBUG1("pairing_cb.ble.pcsrk_key.counter=0x%08x",pairing_cb.ble.pcsrk_key.counter);
1506 BTIF_TRACE_DEBUG1("pairing_cb.ble.pcsrk_key.sec_level=0x%02x",pairing_cb.ble.pcsrk_key.sec_level);
1507 break;
1508
1509 case BTA_LE_KEY_LENC:
1510 BTIF_TRACE_DEBUG0("Rcv BTA_LE_KEY_LENC");
1511 pairing_cb.ble.is_lenc_key_rcvd = TRUE;
1512 pairing_cb.ble.lenc_key.div = p_data->ble_key.key_value.lenc_key.div;
1513 pairing_cb.ble.lenc_key.key_size = p_data->ble_key.key_value.lenc_key.key_size;
1514 pairing_cb.ble.lenc_key.sec_level = p_data->ble_key.key_value.lenc_key.sec_level;
1515
1516 BTIF_TRACE_DEBUG1("pairing_cb.ble.lenc_key.div=0x%04x",pairing_cb.ble.lenc_key.div);
1517 BTIF_TRACE_DEBUG1("pairing_cb.ble.lenc_key.key_size=0x%02x",pairing_cb.ble.lenc_key.key_size);
1518 BTIF_TRACE_DEBUG1("pairing_cb.ble.lenc_key.sec_level=0x%02x",pairing_cb.ble.lenc_key.sec_level);
1519 break;
1520
1521
1522
1523 case BTA_LE_KEY_LCSRK:
1524 BTIF_TRACE_DEBUG0("Rcv BTA_LE_KEY_LCSRK");
1525 pairing_cb.ble.is_lcsrk_key_rcvd = TRUE;
1526 pairing_cb.ble.lcsrk_key.counter = p_data->ble_key.key_value.lcsrk_key.counter;
1527 pairing_cb.ble.lcsrk_key.div = p_data->ble_key.key_value.lcsrk_key.div;
1528 pairing_cb.ble.lcsrk_key.sec_level = p_data->ble_key.key_value.lcsrk_key.sec_level;
1529
1530 BTIF_TRACE_DEBUG1("pairing_cb.ble.lcsrk_key.div=0x%04x",pairing_cb.ble.lcsrk_key.div);
1531 BTIF_TRACE_DEBUG1("pairing_cb.ble.lcsrk_key.counter=0x%08x",pairing_cb.ble.lcsrk_key.counter);
1532 BTIF_TRACE_DEBUG1("pairing_cb.ble.lcsrk_key.sec_level=0x%02x",pairing_cb.ble.lcsrk_key.sec_level);
1533
1534 break;
1535
1536 default:
1537 BTIF_TRACE_ERROR1("unknown BLE key type (0x%02x)", p_data->ble_key.key_type);
1538 break;
1539 }
1540
1541 break;
1542 case BTA_DM_BLE_SEC_REQ_EVT:
1543 BTIF_TRACE_DEBUG0("BTA_DM_BLE_SEC_REQ_EVT. ");
1544 btif_dm_ble_sec_req_evt(&p_data->ble_req);
1545 break;
1546 case BTA_DM_BLE_PASSKEY_NOTIF_EVT:
1547 BTIF_TRACE_DEBUG0("BTA_DM_BLE_PASSKEY_NOTIF_EVT. ");
1548 btif_dm_ble_key_notif_evt(&p_data->key_notif);
1549 break;
1550 case BTA_DM_BLE_PASSKEY_REQ_EVT:
1551 BTIF_TRACE_DEBUG0("BTA_DM_BLE_PASSKEY_REQ_EVT. ");
1552 btif_dm_ble_passkey_req_evt(&p_data->pin_req);
1553 break;
1554 case BTA_DM_BLE_OOB_REQ_EVT:
1555 BTIF_TRACE_DEBUG0("BTA_DM_BLE_OOB_REQ_EVT. ");
1556 break;
1557 case BTA_DM_BLE_LOCAL_IR_EVT:
1558 BTIF_TRACE_DEBUG0("BTA_DM_BLE_LOCAL_IR_EVT. ");
1559 ble_local_key_cb.is_id_keys_rcvd = TRUE;
1560 memcpy(&ble_local_key_cb.id_keys.irk[0], &p_data->ble_id_keys.irk[0], sizeof(BT_OCTET16));
1561 memcpy(&ble_local_key_cb.id_keys.ir[0], &p_data->ble_id_keys.ir[0], sizeof(BT_OCTET16));
1562 memcpy(&ble_local_key_cb.id_keys.dhk[0], &p_data->ble_id_keys.dhk[0], sizeof(BT_OCTET16));
1563 btif_storage_add_ble_local_key( (char *)&ble_local_key_cb.id_keys.irk[0],
1564 BTIF_DM_LE_LOCAL_KEY_IR,
1565 BT_OCTET16_LEN);
1566 btif_storage_add_ble_local_key( (char *)&ble_local_key_cb.id_keys.ir[0],
1567 BTIF_DM_LE_LOCAL_KEY_IRK,
1568 BT_OCTET16_LEN);
1569 btif_storage_add_ble_local_key( (char *)&ble_local_key_cb.id_keys.dhk[0],
1570 BTIF_DM_LE_LOCAL_KEY_DHK,
1571 BT_OCTET16_LEN);
1572 break;
1573 case BTA_DM_BLE_LOCAL_ER_EVT:
1574 BTIF_TRACE_DEBUG0("BTA_DM_BLE_LOCAL_ER_EVT. ");
1575 ble_local_key_cb.is_er_rcvd = TRUE;
1576 memcpy(&ble_local_key_cb.er[0], &p_data->ble_er[0], sizeof(BT_OCTET16));
1577 btif_storage_add_ble_local_key( (char *)&ble_local_key_cb.er[0],
1578 BTIF_DM_LE_LOCAL_KEY_ER,
1579 BT_OCTET16_LEN);
1580 break;
1581
1582 case BTA_DM_BLE_AUTH_CMPL_EVT:
1583 BTIF_TRACE_DEBUG0("BTA_DM_BLE_KEY_EVT. ");
1584 btif_dm_ble_auth_cmpl_evt(&p_data->auth_cmpl);
1585 break;
1586 #endif
1587
1588 case BTA_DM_AUTHORIZE_EVT:
1589 case BTA_DM_SIG_STRENGTH_EVT:
1590 case BTA_DM_SP_RMT_OOB_EVT:
1591 case BTA_DM_SP_KEYPRESS_EVT:
1592 case BTA_DM_ROLE_CHG_EVT:
1593
1594 default:
1595 BTIF_TRACE_WARNING1( "btif_dm_cback : unhandled event (%d)", event );
1596 break;
1597 }
1598 } /* btui_security_cback() */
1599
1600
1601 /*******************************************************************************
1602 **
1603 ** Function btif_dm_generic_evt
1604 **
1605 ** Description Executes non-BTA upstream events in BTIF context
1606 **
1607 ** Returns void
1608 **
1609 *******************************************************************************/
btif_dm_generic_evt(UINT16 event,char * p_param)1610 static void btif_dm_generic_evt(UINT16 event, char* p_param)
1611 {
1612 BTIF_TRACE_EVENT2("%s: event=%d", __FUNCTION__, event);
1613 switch(event)
1614 {
1615 case BTIF_DM_CB_DISCOVERY_STARTED:
1616 {
1617 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, BT_DISCOVERY_STARTED);
1618 }
1619 break;
1620
1621 case BTIF_DM_CB_CREATE_BOND:
1622 {
1623 btif_dm_cb_create_bond((bt_bdaddr_t *)p_param);
1624 }
1625 break;
1626
1627 case BTIF_DM_CB_REMOVE_BOND:
1628 {
1629 btif_dm_cb_remove_bond((bt_bdaddr_t *)p_param);
1630 }
1631 break;
1632
1633 case BTIF_DM_CB_HID_REMOTE_NAME:
1634 {
1635 btif_dm_cb_hid_remote_name((tBTM_REMOTE_DEV_NAME *)p_param);
1636 }
1637 break;
1638
1639 case BTIF_DM_CB_BOND_STATE_BONDING:
1640 {
1641 bond_state_changed(BT_STATUS_SUCCESS, (bt_bdaddr_t *)p_param, BT_BOND_STATE_BONDING);
1642 }
1643 break;
1644 case BTIF_DM_CB_LE_TX_TEST:
1645 case BTIF_DM_CB_LE_RX_TEST:
1646 {
1647 uint8_t status;
1648 STREAM_TO_UINT8(status, p_param);
1649 HAL_CBACK(bt_hal_cbacks, le_test_mode_cb,
1650 (status == 0) ? BT_STATUS_SUCCESS : BT_STATUS_FAIL, 0);
1651 }
1652 break;
1653 case BTIF_DM_CB_LE_TEST_END:
1654 {
1655 uint8_t status;
1656 uint16_t count = 0;
1657 STREAM_TO_UINT8(status, p_param);
1658 if (status == 0)
1659 STREAM_TO_UINT16(count, p_param);
1660 HAL_CBACK(bt_hal_cbacks, le_test_mode_cb,
1661 (status == 0) ? BT_STATUS_SUCCESS : BT_STATUS_FAIL, count);
1662 }
1663 break;
1664 default:
1665 {
1666 BTIF_TRACE_WARNING2("%s : Unknown event 0x%x", __FUNCTION__, event);
1667 }
1668 break;
1669 }
1670 }
1671
1672 /*******************************************************************************
1673 **
1674 ** Function bte_dm_evt
1675 **
1676 ** Description Switches context from BTE to BTIF for all DM events
1677 **
1678 ** Returns void
1679 **
1680 *******************************************************************************/
1681
bte_dm_evt(tBTA_DM_SEC_EVT event,tBTA_DM_SEC * p_data)1682 void bte_dm_evt(tBTA_DM_SEC_EVT event, tBTA_DM_SEC *p_data)
1683 {
1684 bt_status_t status;
1685
1686 /* switch context to btif task context (copy full union size for convenience) */
1687 status = btif_transfer_context(btif_dm_upstreams_evt, (uint16_t)event, (void*)p_data, sizeof(tBTA_DM_SEC), NULL);
1688
1689 /* catch any failed context transfers */
1690 ASSERTC(status == BT_STATUS_SUCCESS, "context transfer failed", status);
1691 }
1692
1693 /*******************************************************************************
1694 **
1695 ** Function bte_search_devices_evt
1696 **
1697 ** Description Switches context from BTE to BTIF for DM search events
1698 **
1699 ** Returns void
1700 **
1701 *******************************************************************************/
bte_search_devices_evt(tBTA_DM_SEARCH_EVT event,tBTA_DM_SEARCH * p_data)1702 static void bte_search_devices_evt(tBTA_DM_SEARCH_EVT event, tBTA_DM_SEARCH *p_data)
1703 {
1704 UINT16 param_len = 0;
1705
1706 if (p_data)
1707 param_len += sizeof(tBTA_DM_SEARCH);
1708 /* Allocate buffer to hold the pointers (deep copy). The pointers will point to the end of the tBTA_DM_SEARCH */
1709 switch (event)
1710 {
1711 case BTA_DM_INQ_RES_EVT:
1712 {
1713 if (p_data->inq_res.p_eir)
1714 param_len += HCI_EXT_INQ_RESPONSE_LEN;
1715 }
1716 break;
1717
1718 case BTA_DM_DISC_RES_EVT:
1719 {
1720 if (p_data->disc_res.raw_data_size && p_data->disc_res.p_raw_data)
1721 param_len += p_data->disc_res.raw_data_size;
1722 }
1723 break;
1724 }
1725 BTIF_TRACE_DEBUG3("%s event=%s param_len=%d", __FUNCTION__, dump_dm_search_event(event), param_len);
1726
1727 /* if remote name is available in EIR, set teh flag so that stack doesnt trigger RNR */
1728 if (event == BTA_DM_INQ_RES_EVT)
1729 p_data->inq_res.remt_name_not_required = check_eir_remote_name(p_data, NULL, NULL);
1730
1731 btif_transfer_context (btif_dm_search_devices_evt , (UINT16) event, (void *)p_data, param_len,
1732 (param_len > sizeof(tBTA_DM_SEARCH)) ? search_devices_copy_cb : NULL);
1733 }
1734
1735 /*******************************************************************************
1736 **
1737 ** Function bte_dm_search_services_evt
1738 **
1739 ** Description Switches context from BTE to BTIF for DM search services
1740 ** event
1741 **
1742 ** Returns void
1743 **
1744 *******************************************************************************/
bte_dm_search_services_evt(tBTA_DM_SEARCH_EVT event,tBTA_DM_SEARCH * p_data)1745 static void bte_dm_search_services_evt(tBTA_DM_SEARCH_EVT event, tBTA_DM_SEARCH *p_data)
1746 {
1747 UINT16 param_len = 0;
1748 if (p_data)
1749 param_len += sizeof(tBTA_DM_SEARCH);
1750 switch (event)
1751 {
1752 case BTA_DM_DISC_RES_EVT:
1753 {
1754 if ((p_data->disc_res.result == BTA_SUCCESS) && (p_data->disc_res.num_uuids > 0)) {
1755 param_len += (p_data->disc_res.num_uuids * MAX_UUID_SIZE);
1756 }
1757 } break;
1758 }
1759 /* TODO: The only other member that needs a deep copy is the p_raw_data. But not sure
1760 * if raw_data is needed. */
1761 btif_transfer_context(btif_dm_search_services_evt, event, (char*)p_data, param_len,
1762 (param_len > sizeof(tBTA_DM_SEARCH)) ? search_services_copy_cb : NULL);
1763 }
1764
1765 /*******************************************************************************
1766 **
1767 ** Function bte_dm_remote_service_record_evt
1768 **
1769 ** Description Switches context from BTE to BTIF for DM search service
1770 ** record event
1771 **
1772 ** Returns void
1773 **
1774 *******************************************************************************/
bte_dm_remote_service_record_evt(tBTA_DM_SEARCH_EVT event,tBTA_DM_SEARCH * p_data)1775 static void bte_dm_remote_service_record_evt(tBTA_DM_SEARCH_EVT event, tBTA_DM_SEARCH *p_data)
1776 {
1777 /* TODO: The only member that needs a deep copy is the p_raw_data. But not sure yet if this is needed. */
1778 btif_transfer_context(btif_dm_remote_service_record_evt, event, (char*)p_data, sizeof(tBTA_DM_SEARCH), NULL);
1779 }
1780
1781 /*****************************************************************************
1782 **
1783 ** btif api functions (no context switch)
1784 **
1785 *****************************************************************************/
1786
1787 /*******************************************************************************
1788 **
1789 ** Function btif_dm_start_discovery
1790 **
1791 ** Description Start device discovery/inquiry
1792 **
1793 ** Returns bt_status_t
1794 **
1795 *******************************************************************************/
btif_dm_start_discovery(void)1796 bt_status_t btif_dm_start_discovery(void)
1797 {
1798 tBTA_DM_INQ inq_params;
1799 tBTA_SERVICE_MASK services = 0;
1800
1801 BTIF_TRACE_EVENT1("%s", __FUNCTION__);
1802 /* TODO: Do we need to handle multiple inquiries at the same time? */
1803
1804 /* Set inquiry params and call API */
1805 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
1806 inq_params.mode = BTA_DM_GENERAL_INQUIRY|BTA_BLE_GENERAL_INQUIRY;
1807 #if (defined(BTA_HOST_INTERLEAVE_SEARCH) && BTA_HOST_INTERLEAVE_SEARCH == TRUE)
1808 inq_params.intl_duration[0]= BTIF_DM_INTERLEAVE_DURATION_BR_ONE;
1809 inq_params.intl_duration[1]= BTIF_DM_INTERLEAVE_DURATION_LE_ONE;
1810 inq_params.intl_duration[2]= BTIF_DM_INTERLEAVE_DURATION_BR_TWO;
1811 inq_params.intl_duration[3]= BTIF_DM_INTERLEAVE_DURATION_LE_TWO;
1812 #endif
1813 #else
1814 inq_params.mode = BTA_DM_GENERAL_INQUIRY;
1815 #endif
1816 inq_params.duration = BTIF_DM_DEFAULT_INQ_MAX_DURATION;
1817
1818 inq_params.max_resps = BTIF_DM_DEFAULT_INQ_MAX_RESULTS;
1819 inq_params.report_dup = TRUE;
1820
1821 inq_params.filter_type = BTA_DM_INQ_CLR;
1822 /* TODO: Filter device by BDA needs to be implemented here */
1823
1824 /* Will be enabled to TRUE once inquiry busy level has been received */
1825 btif_dm_inquiry_in_progress = FALSE;
1826 /* find nearby devices */
1827 BTA_DmSearch(&inq_params, services, bte_search_devices_evt);
1828
1829 return BT_STATUS_SUCCESS;
1830 }
1831
1832 /*******************************************************************************
1833 **
1834 ** Function btif_dm_cancel_discovery
1835 **
1836 ** Description Cancels search
1837 **
1838 ** Returns bt_status_t
1839 **
1840 *******************************************************************************/
btif_dm_cancel_discovery(void)1841 bt_status_t btif_dm_cancel_discovery(void)
1842 {
1843 BTIF_TRACE_EVENT1("%s", __FUNCTION__);
1844 BTA_DmSearchCancel();
1845 return BT_STATUS_SUCCESS;
1846 }
1847
1848 /*******************************************************************************
1849 **
1850 ** Function btif_dm_create_bond
1851 **
1852 ** Description Initiate bonding with the specified device
1853 **
1854 ** Returns bt_status_t
1855 **
1856 *******************************************************************************/
btif_dm_create_bond(const bt_bdaddr_t * bd_addr)1857 bt_status_t btif_dm_create_bond(const bt_bdaddr_t *bd_addr)
1858 {
1859 bdstr_t bdstr;
1860
1861 BTIF_TRACE_EVENT2("%s: bd_addr=%s", __FUNCTION__, bd2str((bt_bdaddr_t *) bd_addr, &bdstr));
1862 if (pairing_cb.state != BT_BOND_STATE_NONE)
1863 return BT_STATUS_BUSY;
1864
1865 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_CREATE_BOND,
1866 (char *)bd_addr, sizeof(bt_bdaddr_t), NULL);
1867
1868 return BT_STATUS_SUCCESS;
1869 }
1870
1871 /*******************************************************************************
1872 **
1873 ** Function btif_dm_cancel_bond
1874 **
1875 ** Description Initiate bonding with the specified device
1876 **
1877 ** Returns bt_status_t
1878 **
1879 *******************************************************************************/
1880
btif_dm_cancel_bond(const bt_bdaddr_t * bd_addr)1881 bt_status_t btif_dm_cancel_bond(const bt_bdaddr_t *bd_addr)
1882 {
1883 bdstr_t bdstr;
1884
1885 BTIF_TRACE_EVENT2("%s: bd_addr=%s", __FUNCTION__, bd2str((bt_bdaddr_t *)bd_addr, &bdstr));
1886
1887 /* TODO:
1888 ** 1. Restore scan modes
1889 ** 2. special handling for HID devices
1890 */
1891 if (pairing_cb.state == BT_BOND_STATE_BONDING)
1892 {
1893
1894 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
1895
1896 if (pairing_cb.is_ssp)
1897 {
1898 if (pairing_cb.is_le_only)
1899 {
1900 BTA_DmBleSecurityGrant((UINT8 *)bd_addr->address,BTA_DM_SEC_PAIR_NOT_SPT);
1901 }
1902 else
1903 BTA_DmConfirm( (UINT8 *)bd_addr->address, FALSE);
1904 }
1905 else
1906 {
1907 if (pairing_cb.is_le_only)
1908 {
1909 BTA_DmBondCancel ((UINT8 *)bd_addr->address);
1910 }
1911 else
1912 {
1913 BTA_DmPinReply( (UINT8 *)bd_addr->address, FALSE, 0, NULL);
1914 }
1915 /* Cancel bonding, in case it is in ACL connection setup state */
1916 BTA_DmBondCancel ((UINT8 *)bd_addr->address);
1917 }
1918
1919 #else
1920 if (pairing_cb.is_ssp)
1921 {
1922 BTA_DmConfirm( (UINT8 *)bd_addr->address, FALSE);
1923 }
1924 else
1925 {
1926 BTA_DmPinReply( (UINT8 *)bd_addr->address, FALSE, 0, NULL);
1927 }
1928 /* Cancel bonding, in case it is in ACL connection setup state */
1929 BTA_DmBondCancel ((UINT8 *)bd_addr->address);
1930 btif_storage_remove_bonded_device((bt_bdaddr_t *)bd_addr);
1931 #endif
1932 }
1933
1934 return BT_STATUS_SUCCESS;
1935 }
1936
1937 /*******************************************************************************
1938 **
1939 ** Function btif_dm_remove_bond
1940 **
1941 ** Description Removes bonding with the specified device
1942 **
1943 ** Returns bt_status_t
1944 **
1945 *******************************************************************************/
1946
btif_dm_remove_bond(const bt_bdaddr_t * bd_addr)1947 bt_status_t btif_dm_remove_bond(const bt_bdaddr_t *bd_addr)
1948 {
1949 bdstr_t bdstr;
1950
1951 BTIF_TRACE_EVENT2("%s: bd_addr=%s", __FUNCTION__, bd2str((bt_bdaddr_t *)bd_addr, &bdstr));
1952 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_REMOVE_BOND,
1953 (char *)bd_addr, sizeof(bt_bdaddr_t), NULL);
1954
1955 return BT_STATUS_SUCCESS;
1956 }
1957
1958 /*******************************************************************************
1959 **
1960 ** Function btif_dm_pin_reply
1961 **
1962 ** Description BT legacy pairing - PIN code reply
1963 **
1964 ** Returns bt_status_t
1965 **
1966 *******************************************************************************/
1967
btif_dm_pin_reply(const bt_bdaddr_t * bd_addr,uint8_t accept,uint8_t pin_len,bt_pin_code_t * pin_code)1968 bt_status_t btif_dm_pin_reply( const bt_bdaddr_t *bd_addr, uint8_t accept,
1969 uint8_t pin_len, bt_pin_code_t *pin_code)
1970 {
1971 BTIF_TRACE_EVENT2("%s: accept=%d", __FUNCTION__, accept);
1972 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
1973
1974 if (pairing_cb.is_le_only)
1975 {
1976 int i;
1977 UINT32 passkey = 0;
1978 int multi[] = {100000, 10000, 1000, 100, 10,1};
1979 BD_ADDR remote_bd_addr;
1980 bdcpy(remote_bd_addr, bd_addr->address);
1981 for (i = 0; i < 6; i++)
1982 {
1983 passkey += (multi[i] * (pin_code->pin[i] - '0'));
1984 }
1985 BTIF_TRACE_DEBUG1("btif_dm_pin_reply: passkey: %d", passkey);
1986 BTA_DmBlePasskeyReply(remote_bd_addr, accept, passkey);
1987
1988 }
1989 else
1990 {
1991 BTA_DmPinReply( (UINT8 *)bd_addr->address, accept, pin_len, pin_code->pin);
1992 if (accept)
1993 pairing_cb.pin_code_len = pin_len;
1994 }
1995 #else
1996 BTA_DmPinReply( (UINT8 *)bd_addr->address, accept, pin_len, pin_code->pin);
1997
1998 if (accept)
1999 pairing_cb.pin_code_len = pin_len;
2000 #endif
2001 return BT_STATUS_SUCCESS;
2002 }
2003
2004 /*******************************************************************************
2005 **
2006 ** Function btif_dm_ssp_reply
2007 **
2008 ** Description BT SSP Reply - Just Works, Numeric Comparison & Passkey Entry
2009 **
2010 ** Returns bt_status_t
2011 **
2012 *******************************************************************************/
2013
btif_dm_ssp_reply(const bt_bdaddr_t * bd_addr,bt_ssp_variant_t variant,uint8_t accept,uint32_t passkey)2014 bt_status_t btif_dm_ssp_reply(const bt_bdaddr_t *bd_addr,
2015 bt_ssp_variant_t variant, uint8_t accept,
2016 uint32_t passkey)
2017 {
2018 if (variant == BT_SSP_VARIANT_PASSKEY_ENTRY)
2019 {
2020 /* This is not implemented in the stack.
2021 * For devices with display, this is not needed
2022 */
2023 BTIF_TRACE_WARNING1("%s: Not implemented", __FUNCTION__);
2024 return BT_STATUS_FAIL;
2025 }
2026 /* BT_SSP_VARIANT_CONSENT & BT_SSP_VARIANT_PASSKEY_CONFIRMATION supported */
2027 BTIF_TRACE_EVENT2("%s: accept=%d", __FUNCTION__, accept);
2028 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
2029 if (pairing_cb.is_le_only)
2030 {
2031 if (accept)
2032 BTA_DmBleSecurityGrant((UINT8 *)bd_addr->address,BTA_DM_SEC_GRANTED);
2033 else
2034 BTA_DmBleSecurityGrant((UINT8 *)bd_addr->address,BTA_DM_SEC_PAIR_NOT_SPT);
2035 }
2036 else
2037 BTA_DmConfirm( (UINT8 *)bd_addr->address, accept);
2038
2039 #else
2040 BTA_DmConfirm( (UINT8 *)bd_addr->address, accept);
2041 #endif
2042 return BT_STATUS_SUCCESS;
2043 }
2044
2045 /*******************************************************************************
2046 **
2047 ** Function btif_dm_get_adapter_property
2048 **
2049 ** Description Queries the BTA for the adapter property
2050 **
2051 ** Returns bt_status_t
2052 **
2053 *******************************************************************************/
btif_dm_get_adapter_property(bt_property_t * prop)2054 bt_status_t btif_dm_get_adapter_property(bt_property_t *prop)
2055 {
2056 bt_status_t status;
2057
2058 BTIF_TRACE_EVENT2("%s: type=0x%x", __FUNCTION__, prop->type);
2059 switch (prop->type)
2060 {
2061 case BT_PROPERTY_BDNAME:
2062 {
2063 bt_bdname_t *bd_name = (bt_bdname_t*)prop->val;
2064 strcpy((char *)bd_name->name, btif_get_default_local_name());
2065 prop->len = strlen((char *)bd_name->name);
2066 }
2067 break;
2068
2069 case BT_PROPERTY_ADAPTER_SCAN_MODE:
2070 {
2071 /* if the storage does not have it. Most likely app never set it. Default is NONE */
2072 bt_scan_mode_t *mode = (bt_scan_mode_t*)prop->val;
2073 *mode = BT_SCAN_MODE_NONE;
2074 prop->len = sizeof(bt_scan_mode_t);
2075 }
2076 break;
2077
2078 case BT_PROPERTY_ADAPTER_DISCOVERY_TIMEOUT:
2079 {
2080 uint32_t *tmt = (uint32_t*)prop->val;
2081 *tmt = 120; /* default to 120s, if not found in NV */
2082 prop->len = sizeof(uint32_t);
2083 }
2084 break;
2085
2086 default:
2087 prop->len = 0;
2088 return BT_STATUS_FAIL;
2089 }
2090 return BT_STATUS_SUCCESS;
2091 }
2092
2093 /*******************************************************************************
2094 **
2095 ** Function btif_dm_get_remote_services
2096 **
2097 ** Description Start SDP to get remote services
2098 **
2099 ** Returns bt_status_t
2100 **
2101 *******************************************************************************/
btif_dm_get_remote_services(bt_bdaddr_t * remote_addr)2102 bt_status_t btif_dm_get_remote_services(bt_bdaddr_t *remote_addr)
2103 {
2104 bdstr_t bdstr;
2105
2106 BTIF_TRACE_EVENT2("%s: remote_addr=%s", __FUNCTION__, bd2str(remote_addr, &bdstr));
2107
2108 BTA_DmDiscover(remote_addr->address, BTA_ALL_SERVICE_MASK,
2109 bte_dm_search_services_evt, TRUE);
2110
2111 return BT_STATUS_SUCCESS;
2112 }
2113
2114 /*******************************************************************************
2115 **
2116 ** Function btif_dm_get_remote_service_record
2117 **
2118 ** Description Start SDP to get remote service record
2119 **
2120 **
2121 ** Returns bt_status_t
2122 *******************************************************************************/
btif_dm_get_remote_service_record(bt_bdaddr_t * remote_addr,bt_uuid_t * uuid)2123 bt_status_t btif_dm_get_remote_service_record(bt_bdaddr_t *remote_addr,
2124 bt_uuid_t *uuid)
2125 {
2126 tSDP_UUID sdp_uuid;
2127 bdstr_t bdstr;
2128
2129 BTIF_TRACE_EVENT2("%s: remote_addr=%s", __FUNCTION__, bd2str(remote_addr, &bdstr));
2130
2131 sdp_uuid.len = MAX_UUID_SIZE;
2132 memcpy(sdp_uuid.uu.uuid128, uuid->uu, MAX_UUID_SIZE);
2133
2134 BTA_DmDiscoverUUID(remote_addr->address, &sdp_uuid,
2135 bte_dm_remote_service_record_evt, TRUE);
2136
2137 return BT_STATUS_SUCCESS;
2138 }
2139
btif_dm_execute_service_request(UINT16 event,char * p_param)2140 void btif_dm_execute_service_request(UINT16 event, char *p_param)
2141 {
2142 BOOLEAN b_enable = FALSE;
2143 bt_status_t status;
2144 if (event == BTIF_DM_ENABLE_SERVICE)
2145 {
2146 b_enable = TRUE;
2147 }
2148 status = btif_in_execute_service_request(*((tBTA_SERVICE_ID*)p_param), b_enable);
2149 if (status == BT_STATUS_SUCCESS)
2150 {
2151 bt_property_t property;
2152 bt_uuid_t local_uuids[BT_MAX_NUM_UUIDS];
2153
2154 /* Now send the UUID_PROPERTY_CHANGED event to the upper layer */
2155 BTIF_STORAGE_FILL_PROPERTY(&property, BT_PROPERTY_UUIDS,
2156 sizeof(local_uuids), local_uuids);
2157 btif_storage_get_adapter_property(&property);
2158 HAL_CBACK(bt_hal_cbacks, adapter_properties_cb,
2159 BT_STATUS_SUCCESS, 1, &property);
2160 }
2161 return;
2162 }
2163
2164 #if (BTM_OOB_INCLUDED == TRUE)
btif_dm_set_oob_for_io_req(tBTA_OOB_DATA * p_oob_data)2165 void btif_dm_set_oob_for_io_req(tBTA_OOB_DATA *p_oob_data)
2166 {
2167 if (oob_cb.sp_c[0] == 0 && oob_cb.sp_c[1] == 0 &&
2168 oob_cb.sp_c[2] == 0 && oob_cb.sp_c[3] == 0 )
2169 {
2170 *p_oob_data = FALSE;
2171 }
2172 else
2173 {
2174 *p_oob_data = TRUE;
2175 }
2176 BTIF_TRACE_DEBUG1("btif_dm_set_oob_for_io_req *p_oob_data=%d", *p_oob_data);
2177 }
2178 #endif /* BTM_OOB_INCLUDED */
2179
2180 #ifdef BTIF_DM_OOB_TEST
btif_dm_load_local_oob(void)2181 void btif_dm_load_local_oob(void)
2182 {
2183 char prop_oob[PROPERTY_VALUE_MAX];
2184 property_get("service.brcm.bt.oob", prop_oob, "3");
2185 BTIF_TRACE_DEBUG1("btif_dm_load_local_oob prop_oob = %s",prop_oob);
2186 if (prop_oob[0] != '3')
2187 {
2188 #if (BTM_OOB_INCLUDED == TRUE)
2189 if (oob_cb.sp_c[0] == 0 && oob_cb.sp_c[1] == 0 &&
2190 oob_cb.sp_c[2] == 0 && oob_cb.sp_c[3] == 0 )
2191 {
2192 BTIF_TRACE_DEBUG0("btif_dm_load_local_oob: read OOB, call BTA_DmLocalOob()");
2193 BTA_DmLocalOob();
2194 }
2195 #else
2196 BTIF_TRACE_ERROR0("BTM_OOB_INCLUDED is FALSE!!(btif_dm_load_local_oob)");
2197 #endif
2198 }
2199 }
2200
btif_dm_proc_loc_oob(BOOLEAN valid,BT_OCTET16 c,BT_OCTET16 r)2201 void btif_dm_proc_loc_oob(BOOLEAN valid, BT_OCTET16 c, BT_OCTET16 r)
2202 {
2203 FILE *fp;
2204 char *path_a = "/data/misc/bluedroid/LOCAL/a.key";
2205 char *path_b = "/data/misc/bluedroid/LOCAL/b.key";
2206 char *path = NULL;
2207 char prop_oob[PROPERTY_VALUE_MAX];
2208 BTIF_TRACE_DEBUG1("btif_dm_proc_loc_oob: valid=%d", valid);
2209 if (oob_cb.sp_c[0] == 0 && oob_cb.sp_c[1] == 0 &&
2210 oob_cb.sp_c[2] == 0 && oob_cb.sp_c[3] == 0 &&
2211 valid)
2212 {
2213 BTIF_TRACE_DEBUG0("save local OOB data in memory");
2214 memcpy(oob_cb.sp_c, c, BT_OCTET16_LEN);
2215 memcpy(oob_cb.sp_r, r, BT_OCTET16_LEN);
2216 property_get("service.brcm.bt.oob", prop_oob, "3");
2217 BTIF_TRACE_DEBUG1("btif_dm_proc_loc_oob prop_oob = %s",prop_oob);
2218 if (prop_oob[0] == '1')
2219 path = path_a;
2220 else if (prop_oob[0] == '2')
2221 path = path_b;
2222 if (path)
2223 {
2224 fp = fopen(path, "wb+");
2225 if (fp == NULL)
2226 {
2227 BTIF_TRACE_DEBUG1("btif_dm_proc_loc_oob: failed to save local OOB data to %s", path);
2228 }
2229 else
2230 {
2231 BTIF_TRACE_DEBUG1("btif_dm_proc_loc_oob: save local OOB data into file %s",path);
2232 fwrite (c , 1 , BT_OCTET16_LEN , fp );
2233 fwrite (r , 1 , BT_OCTET16_LEN , fp );
2234 fclose(fp);
2235 }
2236 }
2237 }
2238 }
btif_dm_proc_rmt_oob(BD_ADDR bd_addr,BT_OCTET16 p_c,BT_OCTET16 p_r)2239 BOOLEAN btif_dm_proc_rmt_oob(BD_ADDR bd_addr, BT_OCTET16 p_c, BT_OCTET16 p_r)
2240 {
2241 char t[128];
2242 FILE *fp;
2243 char *path_a = "/data/misc/bluedroid/LOCAL/a.key";
2244 char *path_b = "/data/misc/bluedroid/LOCAL/b.key";
2245 char *path = NULL;
2246 char prop_oob[PROPERTY_VALUE_MAX];
2247 BOOLEAN result = FALSE;
2248 bt_bdaddr_t bt_bd_addr;
2249 bdcpy(oob_cb.oob_bdaddr, bd_addr);
2250 property_get("service.brcm.bt.oob", prop_oob, "3");
2251 BTIF_TRACE_DEBUG1("btif_dm_proc_rmt_oob prop_oob = %s",prop_oob);
2252 if (prop_oob[0] == '1')
2253 path = path_b;
2254 else if (prop_oob[0] == '2')
2255 path = path_a;
2256 if (path)
2257 {
2258 fp = fopen(path, "rb");
2259 if (fp == NULL)
2260 {
2261 BTIF_TRACE_DEBUG1("btapp_dm_rmt_oob_reply: failed to read OOB keys from %s",path);
2262 return FALSE;
2263 }
2264 else
2265 {
2266 BTIF_TRACE_DEBUG1("btif_dm_proc_rmt_oob: read OOB data from %s",path);
2267 fread (p_c , 1 , BT_OCTET16_LEN , fp );
2268 fread (p_r , 1 , BT_OCTET16_LEN , fp );
2269 fclose(fp);
2270 }
2271 BTIF_TRACE_DEBUG0("----btif_dm_proc_rmt_oob: TRUE");
2272 sprintf(t, "%02x:%02x:%02x:%02x:%02x:%02x",
2273 oob_cb.oob_bdaddr[0], oob_cb.oob_bdaddr[1], oob_cb.oob_bdaddr[2],
2274 oob_cb.oob_bdaddr[3], oob_cb.oob_bdaddr[4], oob_cb.oob_bdaddr[5]);
2275 BTIF_TRACE_DEBUG1("----btif_dm_proc_rmt_oob: peer_bdaddr = %s", t);
2276 sprintf(t, "%02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x",
2277 p_c[0], p_c[1], p_c[2], p_c[3], p_c[4], p_c[5], p_c[6], p_c[7],
2278 p_c[8], p_c[9], p_c[10], p_c[11], p_c[12], p_c[13], p_c[14], p_c[15]);
2279 BTIF_TRACE_DEBUG1("----btif_dm_proc_rmt_oob: c = %s",t);
2280 sprintf(t, "%02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x",
2281 p_r[0], p_r[1], p_r[2], p_r[3], p_r[4], p_r[5], p_r[6], p_r[7],
2282 p_r[8], p_r[9], p_r[10], p_r[11], p_r[12], p_r[13], p_r[14], p_r[15]);
2283 BTIF_TRACE_DEBUG1("----btif_dm_proc_rmt_oob: r = %s",t);
2284 bdcpy(bt_bd_addr.address, bd_addr);
2285 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_BOND_STATE_BONDING,
2286 (char *)&bt_bd_addr, sizeof(bt_bdaddr_t), NULL);
2287 result = TRUE;
2288 }
2289 BTIF_TRACE_DEBUG1("btif_dm_proc_rmt_oob result=%d",result);
2290 return result;
2291 }
2292 #endif /* BTIF_DM_OOB_TEST */
2293 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
2294
btif_dm_ble_key_notif_evt(tBTA_DM_SP_KEY_NOTIF * p_ssp_key_notif)2295 static void btif_dm_ble_key_notif_evt(tBTA_DM_SP_KEY_NOTIF *p_ssp_key_notif)
2296 {
2297 bt_bdaddr_t bd_addr;
2298 bt_bdname_t bd_name;
2299 UINT32 cod;
2300
2301 BTIF_TRACE_DEBUG1("%s", __FUNCTION__);
2302
2303 /* Remote name update */
2304 btif_update_remote_properties(p_ssp_key_notif->bd_addr , p_ssp_key_notif->bd_name,
2305 NULL, BT_DEVICE_TYPE_BLE);
2306 bdcpy(bd_addr.address, p_ssp_key_notif->bd_addr);
2307 memcpy(bd_name.name, p_ssp_key_notif->bd_name, BD_NAME_LEN);
2308
2309 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING);
2310 pairing_cb.is_ssp = FALSE;
2311 cod = COD_UNCLASSIFIED;
2312
2313 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name,
2314 cod, BT_SSP_VARIANT_PASSKEY_NOTIFICATION,
2315 p_ssp_key_notif->passkey);
2316 }
2317
2318 /*******************************************************************************
2319 **
2320 ** Function btif_dm_ble_auth_cmpl_evt
2321 **
2322 ** Description Executes authentication complete event in btif context
2323 **
2324 ** Returns void
2325 **
2326 *******************************************************************************/
btif_dm_ble_auth_cmpl_evt(tBTA_DM_AUTH_CMPL * p_auth_cmpl)2327 static void btif_dm_ble_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl)
2328 {
2329 /* Save link key, if not temporary */
2330 bt_bdaddr_t bd_addr;
2331 bt_status_t status = BT_STATUS_FAIL;
2332 bt_bond_state_t state = BT_BOND_STATE_NONE;
2333
2334 bdcpy(bd_addr.address, p_auth_cmpl->bd_addr);
2335 if ( (p_auth_cmpl->success == TRUE) && (p_auth_cmpl->key_present) )
2336 {
2337 /* store keys */
2338 }
2339 if (p_auth_cmpl->success)
2340 {
2341 status = BT_STATUS_SUCCESS;
2342 state = BT_BOND_STATE_BONDED;
2343
2344 btif_dm_save_ble_bonding_keys();
2345 BTA_GATTC_Refresh(bd_addr.address);
2346 btif_dm_get_remote_services(&bd_addr);
2347 }
2348 else
2349 {
2350 /*Map the HCI fail reason to bt status */
2351 switch (p_auth_cmpl->fail_reason)
2352 {
2353 default:
2354 btif_dm_remove_ble_bonding_keys();
2355 status = BT_STATUS_FAIL;
2356 break;
2357 }
2358 }
2359 bond_state_changed(status, &bd_addr, state);
2360 }
2361
2362
2363
btif_dm_load_ble_local_keys(void)2364 void btif_dm_load_ble_local_keys(void)
2365 {
2366 bt_status_t bt_status;
2367
2368 memset(&ble_local_key_cb, 0, sizeof(btif_dm_local_key_cb_t));
2369
2370 if (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_ER,(char*)&ble_local_key_cb.er[0],
2371 BT_OCTET16_LEN)== BT_STATUS_SUCCESS)
2372 {
2373 ble_local_key_cb.is_er_rcvd = TRUE;
2374 BTIF_TRACE_DEBUG1("%s BLE ER key loaded",__FUNCTION__ );
2375 }
2376
2377 if ((btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_IR,(char*)&ble_local_key_cb.id_keys.ir[0],
2378 BT_OCTET16_LEN)== BT_STATUS_SUCCESS )&&
2379 (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_IRK, (char*)&ble_local_key_cb.id_keys.irk[0],
2380 BT_OCTET16_LEN)== BT_STATUS_SUCCESS)&&
2381 (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_DHK,(char*)&ble_local_key_cb.id_keys.dhk[0],
2382 BT_OCTET16_LEN)== BT_STATUS_SUCCESS))
2383 {
2384 ble_local_key_cb.is_id_keys_rcvd = TRUE;
2385 BTIF_TRACE_DEBUG1("%s BLE ID keys loaded",__FUNCTION__ );
2386 }
2387
2388 }
btif_dm_get_ble_local_keys(tBTA_DM_BLE_LOCAL_KEY_MASK * p_key_mask,BT_OCTET16 er,tBTA_BLE_LOCAL_ID_KEYS * p_id_keys)2389 void btif_dm_get_ble_local_keys(tBTA_DM_BLE_LOCAL_KEY_MASK *p_key_mask, BT_OCTET16 er,
2390 tBTA_BLE_LOCAL_ID_KEYS *p_id_keys)
2391 {
2392 if (ble_local_key_cb.is_er_rcvd )
2393 {
2394 memcpy(&er[0], &ble_local_key_cb.er[0], sizeof(BT_OCTET16));
2395 *p_key_mask |= BTA_BLE_LOCAL_KEY_TYPE_ER;
2396 }
2397
2398 if (ble_local_key_cb.is_id_keys_rcvd)
2399 {
2400 memcpy(&p_id_keys->ir[0], &ble_local_key_cb.id_keys.ir[0], sizeof(BT_OCTET16));
2401 memcpy(&p_id_keys->irk[0], &ble_local_key_cb.id_keys.irk[0], sizeof(BT_OCTET16));
2402 memcpy(&p_id_keys->dhk[0], &ble_local_key_cb.id_keys.dhk[0], sizeof(BT_OCTET16));
2403 *p_key_mask |= BTA_BLE_LOCAL_KEY_TYPE_ID;
2404 }
2405 BTIF_TRACE_DEBUG2("%s *p_key_mask=0x%02x",__FUNCTION__, *p_key_mask);
2406 }
2407
btif_dm_save_ble_bonding_keys(void)2408 void btif_dm_save_ble_bonding_keys(void)
2409 {
2410
2411 bt_bdaddr_t bd_addr;
2412
2413 BTIF_TRACE_DEBUG1("%s",__FUNCTION__ );
2414
2415 bdcpy(bd_addr.address, pairing_cb.bd_addr);
2416
2417 if (pairing_cb.ble.is_penc_key_rcvd)
2418 {
2419 btif_storage_add_ble_bonding_key(&bd_addr,
2420 (char *) &pairing_cb.ble.penc_key,
2421 BTIF_DM_LE_KEY_PENC,
2422 sizeof(btif_dm_ble_penc_keys_t));
2423 }
2424
2425 if (pairing_cb.ble.is_pid_key_rcvd)
2426 {
2427 btif_storage_add_ble_bonding_key(&bd_addr,
2428 (char *) &pairing_cb.ble.pid_key[0],
2429 BTIF_DM_LE_KEY_PID,
2430 BT_OCTET16_LEN);
2431 }
2432
2433
2434 if (pairing_cb.ble.is_pcsrk_key_rcvd)
2435 {
2436 btif_storage_add_ble_bonding_key(&bd_addr,
2437 (char *) &pairing_cb.ble.pcsrk_key,
2438 BTIF_DM_LE_KEY_PCSRK,
2439 sizeof(btif_dm_ble_pcsrk_keys_t));
2440 }
2441
2442
2443 if (pairing_cb.ble.is_lenc_key_rcvd)
2444 {
2445 btif_storage_add_ble_bonding_key(&bd_addr,
2446 (char *) &pairing_cb.ble.lenc_key,
2447 BTIF_DM_LE_KEY_LENC,
2448 sizeof(btif_dm_ble_lenc_keys_t));
2449 }
2450
2451 if (pairing_cb.ble.is_lcsrk_key_rcvd)
2452 {
2453 btif_storage_add_ble_bonding_key(&bd_addr,
2454 (char *) &pairing_cb.ble.lcsrk_key,
2455 BTIF_DM_LE_KEY_LCSRK,
2456 sizeof(btif_dm_ble_lcsrk_keys_t));
2457 }
2458
2459 }
2460
2461
btif_dm_remove_ble_bonding_keys(void)2462 void btif_dm_remove_ble_bonding_keys(void)
2463 {
2464 bt_bdaddr_t bd_addr;
2465
2466 BTIF_TRACE_DEBUG1("%s",__FUNCTION__ );
2467
2468 bdcpy(bd_addr.address, pairing_cb.bd_addr);
2469 btif_storage_remove_ble_bonding_keys(&bd_addr);
2470 }
2471
2472
2473 /*******************************************************************************
2474 **
2475 ** Function btif_dm_ble_sec_req_evt
2476 **
2477 ** Description Eprocess security request event in btif context
2478 **
2479 ** Returns void
2480 **
2481 *******************************************************************************/
btif_dm_ble_sec_req_evt(tBTA_DM_BLE_SEC_REQ * p_ble_req)2482 void btif_dm_ble_sec_req_evt(tBTA_DM_BLE_SEC_REQ *p_ble_req)
2483 {
2484 bt_bdaddr_t bd_addr;
2485 bt_bdname_t bd_name;
2486 UINT32 cod;
2487 BTIF_TRACE_DEBUG1("%s", __FUNCTION__);
2488
2489 if (pairing_cb.state == BT_BOND_STATE_BONDING)
2490 {
2491 BTIF_TRACE_DEBUG1("%s Discard security request", __FUNCTION__);
2492 return;
2493 }
2494
2495 /* Remote name update */
2496 btif_update_remote_properties(p_ble_req->bd_addr,p_ble_req->bd_name,NULL,BT_DEVICE_TYPE_BLE);
2497
2498 bdcpy(bd_addr.address, p_ble_req->bd_addr);
2499 memcpy(bd_name.name, p_ble_req->bd_name, BD_NAME_LEN);
2500
2501 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING);
2502
2503 pairing_cb.is_temp = FALSE;
2504 pairing_cb.is_le_only = TRUE;
2505 pairing_cb.is_ssp = TRUE;
2506
2507 cod = COD_UNCLASSIFIED;
2508
2509 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod,
2510 BT_SSP_VARIANT_CONSENT, 0);
2511 }
2512
2513
2514
2515 /*******************************************************************************
2516 **
2517 ** Function btif_dm_ble_passkey_req_evt
2518 **
2519 ** Description Executes pin request event in btif context
2520 **
2521 ** Returns void
2522 **
2523 *******************************************************************************/
btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ * p_pin_req)2524 static void btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ *p_pin_req)
2525 {
2526 bt_bdaddr_t bd_addr;
2527 bt_bdname_t bd_name;
2528 UINT32 cod;
2529
2530 /* Remote name update */
2531 btif_update_remote_properties(p_pin_req->bd_addr,p_pin_req->bd_name,NULL,BT_DEVICE_TYPE_BLE);
2532
2533 bdcpy(bd_addr.address, p_pin_req->bd_addr);
2534 memcpy(bd_name.name, p_pin_req->bd_name, BD_NAME_LEN);
2535
2536 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING);
2537 pairing_cb.is_le_only = TRUE;
2538
2539 cod = COD_UNCLASSIFIED;
2540
2541 HAL_CBACK(bt_hal_cbacks, pin_request_cb,
2542 &bd_addr, &bd_name, cod);
2543 }
2544
2545
btif_dm_update_ble_remote_properties(BD_ADDR bd_addr,BD_NAME bd_name,tBT_DEVICE_TYPE dev_type)2546 void btif_dm_update_ble_remote_properties( BD_ADDR bd_addr, BD_NAME bd_name,
2547 tBT_DEVICE_TYPE dev_type)
2548 {
2549 btif_update_remote_properties(bd_addr,bd_name,NULL,dev_type);
2550 }
2551
btif_dm_ble_tx_test_cback(void * p)2552 static void btif_dm_ble_tx_test_cback(void *p)
2553 {
2554 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_TX_TEST,
2555 (char *)p, 1, NULL);
2556 }
2557
btif_dm_ble_rx_test_cback(void * p)2558 static void btif_dm_ble_rx_test_cback(void *p)
2559 {
2560 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_RX_TEST,
2561 (char *)p, 1, NULL);
2562 }
2563
btif_dm_ble_test_end_cback(void * p)2564 static void btif_dm_ble_test_end_cback(void *p)
2565 {
2566 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_TEST_END,
2567 (char *)p, 3, NULL);
2568 }
2569 /*******************************************************************************
2570 **
2571 ** Function btif_le_test_mode
2572 **
2573 ** Description Sends a HCI BLE Test command to the Controller
2574 **
2575 ** Returns BT_STATUS_SUCCESS on success
2576 **
2577 *******************************************************************************/
btif_le_test_mode(uint16_t opcode,uint8_t * buf,uint8_t len)2578 bt_status_t btif_le_test_mode(uint16_t opcode, uint8_t *buf, uint8_t len)
2579 {
2580 switch (opcode) {
2581 case HCI_BLE_TRANSMITTER_TEST:
2582 if (len != 3) return BT_STATUS_PARM_INVALID;
2583 BTM_BleTransmitterTest(buf[0],buf[1],buf[2], btif_dm_ble_tx_test_cback);
2584 break;
2585 case HCI_BLE_RECEIVER_TEST:
2586 if (len != 1) return BT_STATUS_PARM_INVALID;
2587 BTM_BleReceiverTest(buf[0], btif_dm_ble_rx_test_cback);
2588 break;
2589 case HCI_BLE_TEST_END:
2590 BTM_BleTestEnd((tBTM_CMPL_CB*) btif_dm_ble_test_end_cback);
2591 break;
2592 default:
2593 BTIF_TRACE_ERROR2("%s: Unknown LE Test Mode Command 0x%x", __FUNCTION__, opcode);
2594 return BT_STATUS_UNSUPPORTED;
2595 }
2596 return BT_STATUS_SUCCESS;
2597 }
2598
2599 #endif
2600
btif_dm_on_disable()2601 void btif_dm_on_disable()
2602 {
2603 /* cancel any pending pairing requests */
2604 if (pairing_cb.state == BT_BOND_STATE_BONDING)
2605 {
2606 bt_bdaddr_t bd_addr;
2607
2608 BTIF_TRACE_DEBUG1("%s: Cancel pending pairing request", __FUNCTION__);
2609 bdcpy(bd_addr.address, pairing_cb.bd_addr);
2610 btif_dm_cancel_bond(&bd_addr);
2611 }
2612 }
2613
btif_get_default_local_name()2614 static char* btif_get_default_local_name() {
2615 if (btif_default_local_name[0] == '\0')
2616 {
2617 int max_len = sizeof(btif_default_local_name) - 1;
2618 if (BTM_DEF_LOCAL_NAME[0] != '\0')
2619 {
2620 strncpy(btif_default_local_name, BTM_DEF_LOCAL_NAME, max_len);
2621 }
2622 else
2623 {
2624 char prop_model[PROPERTY_VALUE_MAX];
2625 property_get(PROPERTY_PRODUCT_MODEL, prop_model, "");
2626 strncpy(btif_default_local_name, prop_model, max_len);
2627 }
2628 btif_default_local_name[max_len] = '\0';
2629 }
2630 return btif_default_local_name;
2631 }
2632