1 /******************************************************************************
2 *
3 * Copyright (C) 2009-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /************************************************************************************
20 *
21 * Filename: btif_dm.c
22 *
23 * Description: Contains Device Management (DM) related functionality
24 *
25 *
26 ***********************************************************************************/
27 #include <stdio.h>
28 #include <stdlib.h>
29 #include <unistd.h>
30
31 #include <hardware/bluetooth.h>
32
33 #include <utils/Log.h>
34 #include <cutils/properties.h>
35 #include "gki.h"
36 #include "btu.h"
37 #include "bd.h"
38 #include "bta_api.h"
39 #include "btif_api.h"
40 #include "btif_util.h"
41 #include "btif_dm.h"
42 #include "btif_storage.h"
43 #include "btif_hh.h"
44 #include "btif_config.h"
45
46 #include "bta_gatt_api.h"
47
48 /******************************************************************************
49 ** Device specific workarounds
50 ******************************************************************************/
51
52 /**
53 * The devices below have proven problematic during the pairing process, often
54 * requiring multiple retries to complete pairing. To avoid degrading the user
55 * experience for other devices, explicitely blacklist troubled devices here.
56 */
57 static const UINT8 blacklist_pairing_retries[][3] = {
58 {0x9C, 0xDF, 0x03} // BMW car kits (Harman/Becker)
59 };
60
blacklistPairingRetries(BD_ADDR bd_addr)61 BOOLEAN blacklistPairingRetries(BD_ADDR bd_addr)
62 {
63 const unsigned blacklist_size = sizeof(blacklist_pairing_retries)
64 / sizeof(blacklist_pairing_retries[0]);
65 for (unsigned i = 0; i != blacklist_size; ++i)
66 {
67 if (blacklist_pairing_retries[i][0] == bd_addr[0] &&
68 blacklist_pairing_retries[i][1] == bd_addr[1] &&
69 blacklist_pairing_retries[i][2] == bd_addr[2])
70 return TRUE;
71 }
72 return FALSE;
73 }
74
75 /******************************************************************************
76 ** Constants & Macros
77 ******************************************************************************/
78
79 #define COD_UNCLASSIFIED ((0x1F) << 8)
80 #define COD_HID_KEYBOARD 0x0540
81 #define COD_HID_POINTING 0x0580
82 #define COD_HID_COMBO 0x05C0
83 #define COD_HID_MAJOR 0x0500
84 #define COD_AV_HEADSETS 0x0404
85 #define COD_AV_HANDSFREE 0x0408
86 #define COD_AV_HEADPHONES 0x0418
87 #define COD_AV_PORTABLE_AUDIO 0x041C
88 #define COD_AV_HIFI_AUDIO 0x0428
89
90
91 #define BTIF_DM_DEFAULT_INQ_MAX_RESULTS 0
92 #define BTIF_DM_DEFAULT_INQ_MAX_DURATION 10
93 #define BTIF_DM_MAX_SDP_ATTEMPTS_AFTER_PAIRING 2
94
95 #define NUM_TIMEOUT_RETRIES 5
96
97 #define PROPERTY_PRODUCT_MODEL "ro.product.model"
98 #define DEFAULT_LOCAL_NAME_MAX 31
99 #if (DEFAULT_LOCAL_NAME_MAX > BTM_MAX_LOC_BD_NAME_LEN)
100 #error "default btif local name size exceeds stack supported length"
101 #endif
102
103 #if (defined(BTA_HOST_INTERLEAVE_SEARCH) && BTA_HOST_INTERLEAVE_SEARCH == TRUE)
104 #define BTIF_DM_INTERLEAVE_DURATION_BR_ONE 2
105 #define BTIF_DM_INTERLEAVE_DURATION_LE_ONE 2
106 #define BTIF_DM_INTERLEAVE_DURATION_BR_TWO 3
107 #define BTIF_DM_INTERLEAVE_DURATION_LE_TWO 4
108 #endif
109
110 #define MAX_SDP_BL_ENTRIES 3
111
112 typedef struct
113 {
114 bt_bond_state_t state;
115 BD_ADDR bd_addr;
116 UINT8 is_temp;
117 UINT8 pin_code_len;
118 UINT8 is_ssp;
119 UINT8 auth_req;
120 UINT8 io_cap;
121 UINT8 autopair_attempts;
122 UINT8 timeout_retries;
123 UINT8 is_local_initiated;
124 UINT8 sdp_attempts;
125 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
126 BOOLEAN is_le_only;
127 btif_dm_ble_cb_t ble;
128 #endif
129 } btif_dm_pairing_cb_t;
130
131
132 typedef struct
133 {
134 UINT8 ir[BT_OCTET16_LEN];
135 UINT8 irk[BT_OCTET16_LEN];
136 UINT8 dhk[BT_OCTET16_LEN];
137 }btif_dm_local_key_id_t;
138
139 typedef struct
140 {
141 BOOLEAN is_er_rcvd;
142 UINT8 er[BT_OCTET16_LEN];
143 BOOLEAN is_id_keys_rcvd;
144 btif_dm_local_key_id_t id_keys; /* ID kyes */
145
146 }btif_dm_local_key_cb_t;
147
148 typedef struct
149 {
150 BD_ADDR bd_addr;
151 BD_NAME bd_name;
152 } btif_dm_remote_name_t;
153
154 typedef struct
155 {
156 BT_OCTET16 sp_c;
157 BT_OCTET16 sp_r;
158 BD_ADDR oob_bdaddr; /* peer bdaddr*/
159 } btif_dm_oob_cb_t;
160
161 typedef struct
162 {
163 bt_bdaddr_t bdaddr;
164 UINT8 transport; /* 0=Unknown, 1=BR/EDR, 2=LE */
165 } btif_dm_create_bond_cb_t;
166
167 typedef struct
168 {
169 uint8_t status;
170 uint8_t ctrl_state;
171 uint64_t tx_time;
172 uint64_t rx_time;
173 uint64_t idle_time;
174 uint64_t energy_used;
175 } btif_activity_energy_info_cb_t;
176
177 typedef struct
178 {
179 unsigned int manufact_id;
180 }skip_sdp_entry_t;
181
182 #define BTA_SERVICE_ID_TO_SERVICE_MASK(id) (1 << (id))
183
184 #define MAX_SDP_BL_ENTRIES 3
185 #define UUID_HUMAN_INTERFACE_DEVICE "00001124-0000-1000-8000-00805f9b34fb"
186
187 static skip_sdp_entry_t sdp_blacklist[] = {{76}}; //Apple Mouse and Keyboard
188
189
190 /* This flag will be true if HCI_Inquiry is in progress */
191 static BOOLEAN btif_dm_inquiry_in_progress = FALSE;
192
193
194
195 /************************************************************************************
196 ** Static variables
197 ************************************************************************************/
198 static char btif_default_local_name[DEFAULT_LOCAL_NAME_MAX+1] = {'\0'};
199
200 /******************************************************************************
201 ** Static functions
202 ******************************************************************************/
203 static btif_dm_pairing_cb_t pairing_cb;
204 static btif_dm_oob_cb_t oob_cb;
205 static void btif_dm_generic_evt(UINT16 event, char* p_param);
206 static void btif_dm_cb_create_bond(bt_bdaddr_t *bd_addr, tBTA_TRANSPORT transport);
207 static void btif_dm_cb_hid_remote_name(tBTM_REMOTE_DEV_NAME *p_remote_name);
208 static void btif_update_remote_properties(BD_ADDR bd_addr, BD_NAME bd_name,
209 DEV_CLASS dev_class, tBT_DEVICE_TYPE dev_type);
210 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
211 static btif_dm_local_key_cb_t ble_local_key_cb;
212 static void btif_dm_ble_key_notif_evt(tBTA_DM_SP_KEY_NOTIF *p_ssp_key_notif);
213 static void btif_dm_ble_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl);
214 static void btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ *p_pin_req);
215 #endif
216
217 static void bte_scan_filt_param_cfg_evt(UINT8 action_type,
218 tBTA_DM_BLE_PF_AVBL_SPACE avbl_space,
219 tBTA_DM_BLE_REF_VALUE ref_value, tBTA_STATUS status);
220
221 static char* btif_get_default_local_name();
222 /******************************************************************************
223 ** Externs
224 ******************************************************************************/
225 extern UINT16 bta_service_id_to_uuid_lkup_tbl [BTA_MAX_SERVICE_ID];
226 extern bt_status_t btif_hf_execute_service(BOOLEAN b_enable);
227 extern bt_status_t btif_av_execute_service(BOOLEAN b_enable);
228 extern bt_status_t btif_hh_execute_service(BOOLEAN b_enable);
229 extern bt_status_t btif_hf_client_execute_service(BOOLEAN b_enable);
230 extern bt_status_t btif_mce_execute_service(BOOLEAN b_enable);
231 extern int btif_hh_connect(bt_bdaddr_t *bd_addr);
232 extern void bta_gatt_convert_uuid16_to_uuid128(UINT8 uuid_128[LEN_UUID_128], UINT16 uuid_16);
233
234
235 /******************************************************************************
236 ** Functions
237 ******************************************************************************/
238
btif_in_execute_service_request(tBTA_SERVICE_ID service_id,BOOLEAN b_enable)239 bt_status_t btif_in_execute_service_request(tBTA_SERVICE_ID service_id,
240 BOOLEAN b_enable)
241 {
242 /* Check the service_ID and invoke the profile's BT state changed API */
243 switch (service_id)
244 {
245 case BTA_HFP_SERVICE_ID:
246 case BTA_HSP_SERVICE_ID:
247 {
248 btif_hf_execute_service(b_enable);
249 }break;
250 case BTA_A2DP_SERVICE_ID:
251 {
252 btif_av_execute_service(b_enable);
253 }break;
254 case BTA_HID_SERVICE_ID:
255 {
256 btif_hh_execute_service(b_enable);
257 }break;
258 case BTA_HFP_HS_SERVICE_ID:
259 {
260 btif_hf_client_execute_service(b_enable);
261 }break;
262 case BTA_MAP_SERVICE_ID:
263 {
264 btif_mce_execute_service(b_enable);
265 }break;
266 default:
267 BTIF_TRACE_ERROR("%s: Unknown service being enabled", __FUNCTION__);
268 return BT_STATUS_FAIL;
269 }
270 return BT_STATUS_SUCCESS;
271 }
272
273 /*******************************************************************************
274 **
275 ** Function check_eir_remote_name
276 **
277 ** Description Check if remote name is in the EIR data
278 **
279 ** Returns TRUE if remote name found
280 ** Populate p_remote_name, if provided and remote name found
281 **
282 *******************************************************************************/
check_eir_remote_name(tBTA_DM_SEARCH * p_search_data,UINT8 * p_remote_name,UINT8 * p_remote_name_len)283 static BOOLEAN check_eir_remote_name(tBTA_DM_SEARCH *p_search_data,
284 UINT8 *p_remote_name, UINT8 *p_remote_name_len)
285 {
286 UINT8 *p_eir_remote_name = NULL;
287 UINT8 remote_name_len = 0;
288
289 /* Check EIR for remote name and services */
290 if (p_search_data->inq_res.p_eir)
291 {
292 p_eir_remote_name = BTA_CheckEirData(p_search_data->inq_res.p_eir,
293 BTM_EIR_COMPLETE_LOCAL_NAME_TYPE, &remote_name_len);
294 if (!p_eir_remote_name)
295 {
296 p_eir_remote_name = BTA_CheckEirData(p_search_data->inq_res.p_eir,
297 BTM_EIR_SHORTENED_LOCAL_NAME_TYPE, &remote_name_len);
298 }
299
300 if (p_eir_remote_name)
301 {
302 if (remote_name_len > BD_NAME_LEN)
303 remote_name_len = BD_NAME_LEN;
304
305 if (p_remote_name && p_remote_name_len)
306 {
307 memcpy(p_remote_name, p_eir_remote_name, remote_name_len);
308 *(p_remote_name + remote_name_len) = 0;
309 *p_remote_name_len = remote_name_len;
310 }
311
312 return TRUE;
313 }
314 }
315
316 return FALSE;
317
318 }
319
320 /*******************************************************************************
321 **
322 ** Function check_cached_remote_name
323 **
324 ** Description Check if remote name is in the NVRAM cache
325 **
326 ** Returns TRUE if remote name found
327 ** Populate p_remote_name, if provided and remote name found
328 **
329 *******************************************************************************/
check_cached_remote_name(tBTA_DM_SEARCH * p_search_data,UINT8 * p_remote_name,UINT8 * p_remote_name_len)330 static BOOLEAN check_cached_remote_name(tBTA_DM_SEARCH *p_search_data,
331 UINT8 *p_remote_name, UINT8 *p_remote_name_len)
332 {
333 bt_bdname_t bdname;
334 bt_bdaddr_t remote_bdaddr;
335 bt_property_t prop_name;
336
337 /* check if we already have it in our btif_storage cache */
338 bdcpy(remote_bdaddr.address, p_search_data->inq_res.bd_addr);
339 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_BDNAME,
340 sizeof(bt_bdname_t), &bdname);
341 if (btif_storage_get_remote_device_property(
342 &remote_bdaddr, &prop_name) == BT_STATUS_SUCCESS)
343 {
344 if (p_remote_name && p_remote_name_len)
345 {
346 strcpy((char *)p_remote_name, (char *)bdname.name);
347 *p_remote_name_len = strlen((char *)p_remote_name);
348 }
349 return TRUE;
350 }
351
352 return FALSE;
353 }
354
check_cod(const bt_bdaddr_t * remote_bdaddr,uint32_t cod)355 BOOLEAN check_cod(const bt_bdaddr_t *remote_bdaddr, uint32_t cod)
356 {
357 uint32_t remote_cod;
358 bt_property_t prop_name;
359
360 /* check if we already have it in our btif_storage cache */
361 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_CLASS_OF_DEVICE,
362 sizeof(uint32_t), &remote_cod);
363 if (btif_storage_get_remote_device_property((bt_bdaddr_t *)remote_bdaddr, &prop_name) == BT_STATUS_SUCCESS)
364 {
365 BTIF_TRACE_ERROR("%s: remote_cod = 0x%06x", __FUNCTION__, remote_cod);
366 if ((remote_cod & 0x7ff) == cod)
367 return TRUE;
368 }
369
370 return FALSE;
371 }
372
check_cod_hid(const bt_bdaddr_t * remote_bdaddr,uint32_t cod)373 BOOLEAN check_cod_hid(const bt_bdaddr_t *remote_bdaddr, uint32_t cod)
374 {
375 uint32_t remote_cod;
376 bt_property_t prop_name;
377
378 /* check if we already have it in our btif_storage cache */
379 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_CLASS_OF_DEVICE,
380 sizeof(uint32_t), &remote_cod);
381 if (btif_storage_get_remote_device_property((bt_bdaddr_t *)remote_bdaddr,
382 &prop_name) == BT_STATUS_SUCCESS)
383 {
384 BTIF_TRACE_DEBUG("%s: remote_cod = 0x%06x", __FUNCTION__, remote_cod);
385 if ((remote_cod & 0x700) == cod)
386 return TRUE;
387 }
388 return FALSE;
389 }
390
check_hid_le(const bt_bdaddr_t * remote_bdaddr)391 BOOLEAN check_hid_le(const bt_bdaddr_t *remote_bdaddr)
392 {
393 uint32_t remote_dev_type;
394 bt_property_t prop_name;
395
396 /* check if we already have it in our btif_storage cache */
397 BTIF_STORAGE_FILL_PROPERTY(&prop_name,BT_PROPERTY_TYPE_OF_DEVICE,
398 sizeof(uint32_t), &remote_dev_type);
399 if (btif_storage_get_remote_device_property((bt_bdaddr_t *)remote_bdaddr,
400 &prop_name) == BT_STATUS_SUCCESS)
401 {
402 if (remote_dev_type == BT_DEVICE_DEVTYPE_BLE)
403 {
404 bdstr_t bdstr;
405 bd2str(remote_bdaddr, &bdstr);
406 if(btif_config_exist("Remote", bdstr, "HidAppId"))
407 return TRUE;
408 }
409 }
410 return FALSE;
411 }
412
413 /*****************************************************************************
414 **
415 ** Function check_sdp_bl
416 **
417 ** Description Checks if a given device is blacklisted to skip sdp
418 **
419 ** Parameters skip_sdp_entry
420 **
421 ** Returns TRUE if the device is present in blacklist, else FALSE
422 **
423 *******************************************************************************/
check_sdp_bl(const bt_bdaddr_t * remote_bdaddr)424 BOOLEAN check_sdp_bl(const bt_bdaddr_t *remote_bdaddr)
425 {
426 UINT8 i = 0;
427 UINT16 manufacturer = 0;
428 UINT8 lmp_ver = 0;
429 UINT16 lmp_subver = 0;
430 tBTM_STATUS btm_status;
431 bt_property_t prop_name;
432 bt_remote_version_t info;
433 bt_status_t status;
434
435
436 if (remote_bdaddr == NULL)
437 return FALSE;
438
439 /* fetch additional info about remote device used in iop query */
440 btm_status = BTM_ReadRemoteVersion(*(BD_ADDR*)remote_bdaddr, &lmp_ver,
441 &manufacturer, &lmp_subver);
442
443
444
445 /* if not available yet, try fetching from config database */
446 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_REMOTE_VERSION_INFO,
447 sizeof(bt_remote_version_t), &info);
448
449 if (btif_storage_get_remote_device_property((bt_bdaddr_t *)remote_bdaddr,
450 &prop_name) != BT_STATUS_SUCCESS)
451 {
452
453 return FALSE;
454 }
455 manufacturer = info.manufacturer;
456
457 for (int i = 0; i < MAX_SDP_BL_ENTRIES; i++)
458 {
459 if (manufacturer == sdp_blacklist[i].manufact_id)
460 return TRUE;
461 }
462 return FALSE;
463 }
464
465
bond_state_changed(bt_status_t status,bt_bdaddr_t * bd_addr,bt_bond_state_t state)466 static void bond_state_changed(bt_status_t status, bt_bdaddr_t *bd_addr, bt_bond_state_t state)
467 {
468 /* Send bonding state only once - based on outgoing/incoming we may receive duplicates */
469 if ( (pairing_cb.state == state) && (state == BT_BOND_STATE_BONDING) )
470 return;
471
472 if (pairing_cb.is_temp)
473 {
474 state = BT_BOND_STATE_NONE;
475 }
476 BTIF_TRACE_DEBUG("%s: state=%d prev_state=%d", __FUNCTION__, state, pairing_cb.state);
477
478 HAL_CBACK(bt_hal_cbacks, bond_state_changed_cb, status, bd_addr, state);
479
480 if (state == BT_BOND_STATE_BONDING)
481 {
482 pairing_cb.state = state;
483 bdcpy(pairing_cb.bd_addr, bd_addr->address);
484 }
485 else
486 {
487 memset(&pairing_cb, 0, sizeof(pairing_cb));
488 }
489
490 }
491
492 /* store remote version in bt config to always have access
493 to it post pairing*/
btif_update_remote_version_property(bt_bdaddr_t * p_bd)494 static void btif_update_remote_version_property(bt_bdaddr_t *p_bd)
495 {
496 bt_property_t property;
497 UINT8 lmp_ver = 0;
498 UINT16 lmp_subver = 0;
499 UINT16 mfct_set = 0;
500 tBTM_STATUS btm_status;
501 bt_remote_version_t info;
502 bt_status_t status;
503 bdstr_t bdstr;
504
505 btm_status = BTM_ReadRemoteVersion(*(BD_ADDR*)p_bd, &lmp_ver,
506 &mfct_set, &lmp_subver);
507
508 ALOGD("remote version info [%s]: %x, %x, %x", bd2str(p_bd, &bdstr),
509 lmp_ver, mfct_set, lmp_subver);
510
511 if (btm_status == BTM_SUCCESS)
512 {
513 /* always update cache to ensure we have availability whenever BTM API
514 is not populated */
515 info.manufacturer = mfct_set;
516 info.sub_ver = lmp_subver;
517 info.version = lmp_ver;
518 BTIF_STORAGE_FILL_PROPERTY(&property,
519 BT_PROPERTY_REMOTE_VERSION_INFO, sizeof(bt_remote_version_t),
520 &info);
521 status = btif_storage_set_remote_device_property(p_bd, &property);
522 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote version", status);
523 }
524 }
525
526
btif_update_remote_properties(BD_ADDR bd_addr,BD_NAME bd_name,DEV_CLASS dev_class,tBT_DEVICE_TYPE device_type)527 static void btif_update_remote_properties(BD_ADDR bd_addr, BD_NAME bd_name,
528 DEV_CLASS dev_class, tBT_DEVICE_TYPE device_type)
529 {
530 int num_properties = 0;
531 bt_property_t properties[3];
532 bt_bdaddr_t bdaddr;
533 bt_status_t status;
534 UINT32 cod;
535 bt_device_type_t dev_type;
536
537 memset(properties, 0, sizeof(properties));
538 bdcpy(bdaddr.address, bd_addr);
539
540 /* remote name */
541 if (strlen((const char *) bd_name))
542 {
543 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
544 BT_PROPERTY_BDNAME, strlen((char *)bd_name), bd_name);
545 status = btif_storage_set_remote_device_property(&bdaddr, &properties[num_properties]);
546 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device name", status);
547 num_properties++;
548 }
549
550 /* class of device */
551 cod = devclass2uint(dev_class);
552 BTIF_TRACE_DEBUG("%s():cod is 0x%06x", __FUNCTION__, cod);
553 if ( cod == 0) {
554 /* Try to retrieve cod from storage */
555 BTIF_TRACE_DEBUG("%s():cod is 0, checking cod from storage", __FUNCTION__);
556 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
557 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod);
558 status = btif_storage_get_remote_device_property(&bdaddr, &properties[num_properties]);
559 BTIF_TRACE_DEBUG("%s():cod retreived from storage is 0x%06x", __FUNCTION__, cod);
560 if ( cod == 0) {
561 BTIF_TRACE_DEBUG("%s():cod is again 0, set as unclassified", __FUNCTION__);
562 cod = COD_UNCLASSIFIED;
563 }
564 }
565
566 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
567 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod);
568 status = btif_storage_set_remote_device_property(&bdaddr, &properties[num_properties]);
569 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device class", status);
570 num_properties++;
571
572 /* device type */
573 dev_type = device_type;
574 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
575 BT_PROPERTY_TYPE_OF_DEVICE, sizeof(dev_type), &dev_type);
576 status = btif_storage_set_remote_device_property(&bdaddr, &properties[num_properties]);
577 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device type", status);
578 num_properties++;
579
580 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb,
581 status, &bdaddr, num_properties, properties);
582 }
583
584 /*******************************************************************************
585 **
586 ** Function btif_dm_cb_hid_remote_name
587 **
588 ** Description Remote name callback for HID device. Called in btif context
589 ** Special handling for HID devices
590 **
591 ** Returns void
592 **
593 *******************************************************************************/
btif_dm_cb_hid_remote_name(tBTM_REMOTE_DEV_NAME * p_remote_name)594 static void btif_dm_cb_hid_remote_name(tBTM_REMOTE_DEV_NAME *p_remote_name)
595 {
596 BTIF_TRACE_DEBUG("%s: status=%d pairing_cb.state=%d", __FUNCTION__, p_remote_name->status, pairing_cb.state);
597 if (pairing_cb.state == BT_BOND_STATE_BONDING)
598 {
599 bt_bdaddr_t remote_bd;
600
601 bdcpy(remote_bd.address, pairing_cb.bd_addr);
602
603 if (p_remote_name->status == BTM_SUCCESS)
604 {
605 bond_state_changed(BT_STATUS_SUCCESS, &remote_bd, BT_BOND_STATE_BONDED);
606 }
607 else
608 bond_state_changed(BT_STATUS_FAIL, &remote_bd, BT_BOND_STATE_NONE);
609 }
610 }
611
612 /*******************************************************************************
613 **
614 ** Function btif_dm_cb_create_bond
615 **
616 ** Description Create bond initiated from the BTIF thread context
617 ** Special handling for HID devices
618 **
619 ** Returns void
620 **
621 *******************************************************************************/
btif_dm_cb_create_bond(bt_bdaddr_t * bd_addr,tBTA_TRANSPORT transport)622 static void btif_dm_cb_create_bond(bt_bdaddr_t *bd_addr, tBTA_TRANSPORT transport)
623 {
624 BOOLEAN is_hid = check_cod(bd_addr, COD_HID_POINTING);
625 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);
626
627 #if BLE_INCLUDED == TRUE
628 int device_type;
629 int addr_type;
630 bdstr_t bdstr;
631 bd2str(bd_addr, &bdstr);
632 if (transport == BT_TRANSPORT_LE)
633 {
634 if (!btif_config_get_int("Remote", (char const *)&bdstr,"DevType", &device_type))
635 {
636 btif_config_set_int("Remote", bdstr, "DevType", BT_DEVICE_TYPE_BLE);
637 }
638 if (btif_storage_get_remote_addr_type(bd_addr, &addr_type) != BT_STATUS_SUCCESS)
639 {
640 btif_storage_set_remote_addr_type(bd_addr, BLE_ADDR_PUBLIC);
641 }
642 }
643 if((btif_config_get_int("Remote", (char const *)&bdstr,"DevType", &device_type) &&
644 (btif_storage_get_remote_addr_type(bd_addr, &addr_type) == BT_STATUS_SUCCESS) &&
645 (device_type == BT_DEVICE_TYPE_BLE)) || (transport == BT_TRANSPORT_LE))
646 {
647 BTA_DmAddBleDevice(bd_addr->address, addr_type, BT_DEVICE_TYPE_BLE);
648 }
649 #endif
650
651 #if BLE_INCLUDED == TRUE
652 if(is_hid && device_type != BT_DEVICE_TYPE_BLE)
653 #else
654 if(is_hid)
655 #endif
656 {
657 int status;
658 status = btif_hh_connect(bd_addr);
659 if(status != BT_STATUS_SUCCESS)
660 bond_state_changed(status, bd_addr, BT_BOND_STATE_NONE);
661 }
662 else
663 {
664 BTA_DmBondByTransport((UINT8 *)bd_addr->address, transport);
665 }
666 /* Track originator of bond creation */
667 pairing_cb.is_local_initiated = TRUE;
668
669 }
670
671 /*******************************************************************************
672 **
673 ** Function btif_dm_cb_remove_bond
674 **
675 ** Description remove bond initiated from the BTIF thread context
676 ** Special handling for HID devices
677 **
678 ** Returns void
679 **
680 *******************************************************************************/
btif_dm_cb_remove_bond(bt_bdaddr_t * bd_addr)681 void btif_dm_cb_remove_bond(bt_bdaddr_t *bd_addr)
682 {
683 bdstr_t bdstr;
684 /*special handling for HID devices */
685 /* VUP needs to be sent if its a HID Device. The HID HOST module will check if there
686 is a valid hid connection with this bd_addr. If yes VUP will be issued.*/
687 #if (defined(BTA_HH_INCLUDED) && (BTA_HH_INCLUDED == TRUE))
688 if (btif_hh_virtual_unplug(bd_addr) != BT_STATUS_SUCCESS)
689 #endif
690 {
691 BTA_DmRemoveDevice((UINT8 *)bd_addr->address);
692 }
693 }
694
695 /*******************************************************************************
696 **
697 ** Function btif_dm_get_connection_state
698 **
699 ** Description Returns whether the remote device is currently connected
700 **
701 ** Returns 0 if not connected
702 **
703 *******************************************************************************/
btif_dm_get_connection_state(const bt_bdaddr_t * bd_addr)704 uint16_t btif_dm_get_connection_state(const bt_bdaddr_t *bd_addr)
705 {
706 return BTA_DmGetConnectionState((UINT8 *)bd_addr->address);
707 }
708
709 /*******************************************************************************
710 **
711 ** Function search_devices_copy_cb
712 **
713 ** Description Deep copy callback for search devices event
714 **
715 ** Returns void
716 **
717 *******************************************************************************/
search_devices_copy_cb(UINT16 event,char * p_dest,char * p_src)718 static void search_devices_copy_cb(UINT16 event, char *p_dest, char *p_src)
719 {
720 tBTA_DM_SEARCH *p_dest_data = (tBTA_DM_SEARCH *) p_dest;
721 tBTA_DM_SEARCH *p_src_data = (tBTA_DM_SEARCH *) p_src;
722
723 if (!p_src)
724 return;
725
726 BTIF_TRACE_DEBUG("%s: event=%s", __FUNCTION__, dump_dm_search_event(event));
727 memcpy(p_dest_data, p_src_data, sizeof(tBTA_DM_SEARCH));
728 switch (event)
729 {
730 case BTA_DM_INQ_RES_EVT:
731 {
732 if (p_src_data->inq_res.p_eir)
733 {
734 p_dest_data->inq_res.p_eir = (UINT8 *)(p_dest + sizeof(tBTA_DM_SEARCH));
735 memcpy(p_dest_data->inq_res.p_eir, p_src_data->inq_res.p_eir, HCI_EXT_INQ_RESPONSE_LEN);
736 }
737 }
738 break;
739
740 case BTA_DM_DISC_RES_EVT:
741 {
742 if (p_src_data->disc_res.raw_data_size && p_src_data->disc_res.p_raw_data)
743 {
744 p_dest_data->disc_res.p_raw_data = (UINT8 *)(p_dest + sizeof(tBTA_DM_SEARCH));
745 memcpy(p_dest_data->disc_res.p_raw_data,
746 p_src_data->disc_res.p_raw_data, p_src_data->disc_res.raw_data_size);
747 }
748 }
749 break;
750 }
751 }
752
search_services_copy_cb(UINT16 event,char * p_dest,char * p_src)753 static void search_services_copy_cb(UINT16 event, char *p_dest, char *p_src)
754 {
755 tBTA_DM_SEARCH *p_dest_data = (tBTA_DM_SEARCH *) p_dest;
756 tBTA_DM_SEARCH *p_src_data = (tBTA_DM_SEARCH *) p_src;
757
758 if (!p_src)
759 return;
760 memcpy(p_dest_data, p_src_data, sizeof(tBTA_DM_SEARCH));
761 switch (event)
762 {
763 case BTA_DM_DISC_RES_EVT:
764 {
765 if (p_src_data->disc_res.result == BTA_SUCCESS)
766 {
767 if (p_src_data->disc_res.num_uuids > 0)
768 {
769 p_dest_data->disc_res.p_uuid_list =
770 (UINT8*)(p_dest + sizeof(tBTA_DM_SEARCH));
771 memcpy(p_dest_data->disc_res.p_uuid_list, p_src_data->disc_res.p_uuid_list,
772 p_src_data->disc_res.num_uuids*MAX_UUID_SIZE);
773 GKI_freebuf(p_src_data->disc_res.p_uuid_list);
774 }
775 if (p_src_data->disc_res.p_raw_data != NULL)
776 {
777 GKI_freebuf(p_src_data->disc_res.p_raw_data);
778 }
779 }
780 } break;
781 }
782 }
783 /******************************************************************************
784 **
785 ** BTIF DM callback events
786 **
787 *****************************************************************************/
788
789 /*******************************************************************************
790 **
791 ** Function btif_dm_pin_req_evt
792 **
793 ** Description Executes pin request event in btif context
794 **
795 ** Returns void
796 **
797 *******************************************************************************/
btif_dm_pin_req_evt(tBTA_DM_PIN_REQ * p_pin_req)798 static void btif_dm_pin_req_evt(tBTA_DM_PIN_REQ *p_pin_req)
799 {
800 bt_bdaddr_t bd_addr;
801 bt_bdname_t bd_name;
802 UINT32 cod;
803 bt_pin_code_t pin_code;
804
805 /* Remote properties update */
806 btif_update_remote_properties(p_pin_req->bd_addr, p_pin_req->bd_name,
807 p_pin_req->dev_class, BT_DEVICE_TYPE_BREDR);
808
809 bdcpy(bd_addr.address, p_pin_req->bd_addr);
810 memcpy(bd_name.name, p_pin_req->bd_name, BD_NAME_LEN);
811
812 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING);
813
814 cod = devclass2uint(p_pin_req->dev_class);
815
816 if ( cod == 0) {
817 BTIF_TRACE_DEBUG("%s():cod is 0, set as unclassified", __FUNCTION__);
818 cod = COD_UNCLASSIFIED;
819 }
820
821 /* check for auto pair possiblity only if bond was initiated by local device */
822 if (pairing_cb.is_local_initiated)
823 {
824 if (check_cod(&bd_addr, COD_AV_HEADSETS) ||
825 check_cod(&bd_addr, COD_AV_HANDSFREE) ||
826 check_cod(&bd_addr, COD_AV_HEADPHONES) ||
827 check_cod(&bd_addr, COD_AV_PORTABLE_AUDIO) ||
828 check_cod(&bd_addr, COD_AV_HIFI_AUDIO) ||
829 check_cod(&bd_addr, COD_HID_POINTING))
830 {
831 BTIF_TRACE_DEBUG("%s()cod matches for auto pair", __FUNCTION__);
832 /* Check if this device can be auto paired */
833 if ((btif_storage_is_device_autopair_blacklisted(&bd_addr) == FALSE) &&
834 (pairing_cb.autopair_attempts == 0))
835 {
836 BTIF_TRACE_DEBUG("%s() Attempting auto pair", __FUNCTION__);
837 pin_code.pin[0] = 0x30;
838 pin_code.pin[1] = 0x30;
839 pin_code.pin[2] = 0x30;
840 pin_code.pin[3] = 0x30;
841
842 pairing_cb.autopair_attempts++;
843 BTA_DmPinReply( (UINT8*)bd_addr.address, TRUE, 4, pin_code.pin);
844 return;
845 }
846 }
847 else if (check_cod(&bd_addr, COD_HID_KEYBOARD) ||
848 check_cod(&bd_addr, COD_HID_COMBO))
849 {
850 if(( btif_storage_is_fixed_pin_zeros_keyboard (&bd_addr) == TRUE) &&
851 (pairing_cb.autopair_attempts == 0))
852 {
853 BTIF_TRACE_DEBUG("%s() Attempting auto pair", __FUNCTION__);
854 pin_code.pin[0] = 0x30;
855 pin_code.pin[1] = 0x30;
856 pin_code.pin[2] = 0x30;
857 pin_code.pin[3] = 0x30;
858
859 pairing_cb.autopair_attempts++;
860 BTA_DmPinReply( (UINT8*)bd_addr.address, TRUE, 4, pin_code.pin);
861 return;
862 }
863 }
864 }
865 HAL_CBACK(bt_hal_cbacks, pin_request_cb,
866 &bd_addr, &bd_name, cod);
867 }
868
869 /*******************************************************************************
870 **
871 ** Function btif_dm_ssp_cfm_req_evt
872 **
873 ** Description Executes SSP confirm request event in btif context
874 **
875 ** Returns void
876 **
877 *******************************************************************************/
btif_dm_ssp_cfm_req_evt(tBTA_DM_SP_CFM_REQ * p_ssp_cfm_req)878 static void btif_dm_ssp_cfm_req_evt(tBTA_DM_SP_CFM_REQ *p_ssp_cfm_req)
879 {
880 bt_bdaddr_t bd_addr;
881 bt_bdname_t bd_name;
882 UINT32 cod;
883 BOOLEAN is_incoming = !(pairing_cb.state == BT_BOND_STATE_BONDING);
884
885 BTIF_TRACE_DEBUG("%s", __FUNCTION__);
886
887 /* Remote properties update */
888 btif_update_remote_properties(p_ssp_cfm_req->bd_addr, p_ssp_cfm_req->bd_name,
889 p_ssp_cfm_req->dev_class, BT_DEVICE_TYPE_BREDR);
890
891 bdcpy(bd_addr.address, p_ssp_cfm_req->bd_addr);
892 memcpy(bd_name.name, p_ssp_cfm_req->bd_name, BD_NAME_LEN);
893
894 /* Set the pairing_cb based on the local & remote authentication requirements */
895 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING);
896
897 /* if just_works and bonding bit is not set treat this as temporary */
898 if (p_ssp_cfm_req->just_works && !(p_ssp_cfm_req->loc_auth_req & BTM_AUTH_BONDS) &&
899 !(p_ssp_cfm_req->rmt_auth_req & BTM_AUTH_BONDS) &&
900 !(check_cod((bt_bdaddr_t*)&p_ssp_cfm_req->bd_addr, COD_HID_POINTING)))
901 pairing_cb.is_temp = TRUE;
902 else
903 pairing_cb.is_temp = FALSE;
904
905 pairing_cb.is_ssp = TRUE;
906
907 /* If JustWorks auto-accept */
908 if (p_ssp_cfm_req->just_works)
909 {
910 /* Pairing consent for JustWorks needed if:
911 * 1. Incoming pairing is detected AND
912 * 2. local IO capabilities are DisplayYesNo AND
913 * 3. remote IO capabiltiies are DisplayOnly or NoInputNoOutput;
914 */
915 if ((is_incoming) && ((p_ssp_cfm_req->loc_io_caps == 0x01) &&
916 (p_ssp_cfm_req->rmt_io_caps == 0x00 || p_ssp_cfm_req->rmt_io_caps == 0x03)))
917 {
918 BTIF_TRACE_EVENT("%s: User consent needed for incoming pairing request. loc_io_caps: %d, rmt_io_caps: %d",
919 __FUNCTION__, p_ssp_cfm_req->loc_io_caps, p_ssp_cfm_req->rmt_io_caps);
920 }
921 else
922 {
923 BTIF_TRACE_EVENT("%s: Auto-accept JustWorks pairing", __FUNCTION__);
924 btif_dm_ssp_reply(&bd_addr, BT_SSP_VARIANT_CONSENT, TRUE, 0);
925 return;
926 }
927 }
928
929 cod = devclass2uint(p_ssp_cfm_req->dev_class);
930
931 if ( cod == 0) {
932 ALOGD("cod is 0, set as unclassified");
933 cod = COD_UNCLASSIFIED;
934 }
935
936 pairing_cb.sdp_attempts = 0;
937 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod,
938 (p_ssp_cfm_req->just_works ? BT_SSP_VARIANT_CONSENT : BT_SSP_VARIANT_PASSKEY_CONFIRMATION),
939 p_ssp_cfm_req->num_val);
940 }
941
btif_dm_ssp_key_notif_evt(tBTA_DM_SP_KEY_NOTIF * p_ssp_key_notif)942 static void btif_dm_ssp_key_notif_evt(tBTA_DM_SP_KEY_NOTIF *p_ssp_key_notif)
943 {
944 bt_bdaddr_t bd_addr;
945 bt_bdname_t bd_name;
946 UINT32 cod;
947
948 BTIF_TRACE_DEBUG("%s", __FUNCTION__);
949
950 /* Remote properties update */
951 btif_update_remote_properties(p_ssp_key_notif->bd_addr, p_ssp_key_notif->bd_name,
952 p_ssp_key_notif->dev_class, BT_DEVICE_TYPE_BREDR);
953
954 bdcpy(bd_addr.address, p_ssp_key_notif->bd_addr);
955 memcpy(bd_name.name, p_ssp_key_notif->bd_name, BD_NAME_LEN);
956
957 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING);
958 pairing_cb.is_ssp = TRUE;
959 cod = devclass2uint(p_ssp_key_notif->dev_class);
960
961 if ( cod == 0) {
962 ALOGD("cod is 0, set as unclassified");
963 cod = COD_UNCLASSIFIED;
964 }
965
966 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name,
967 cod, BT_SSP_VARIANT_PASSKEY_NOTIFICATION,
968 p_ssp_key_notif->passkey);
969 }
970 /*******************************************************************************
971 **
972 ** Function btif_dm_auth_cmpl_evt
973 **
974 ** Description Executes authentication complete event in btif context
975 **
976 ** Returns void
977 **
978 *******************************************************************************/
btif_dm_auth_cmpl_evt(tBTA_DM_AUTH_CMPL * p_auth_cmpl)979 static void btif_dm_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl)
980 {
981 /* Save link key, if not temporary */
982 bt_bdaddr_t bd_addr;
983 bt_status_t status = BT_STATUS_FAIL;
984 bt_bond_state_t state = BT_BOND_STATE_NONE;
985 BOOLEAN skip_sdp = FALSE;
986
987 bdcpy(bd_addr.address, p_auth_cmpl->bd_addr);
988 if ( (p_auth_cmpl->success == TRUE) && (p_auth_cmpl->key_present) )
989 {
990 if ((p_auth_cmpl->key_type < HCI_LKEY_TYPE_DEBUG_COMB) || (p_auth_cmpl->key_type == HCI_LKEY_TYPE_AUTH_COMB) ||
991 (p_auth_cmpl->key_type == HCI_LKEY_TYPE_CHANGED_COMB) || (!pairing_cb.is_temp))
992 {
993 bt_status_t ret;
994 BTIF_TRACE_DEBUG("%s: Storing link key. key_type=0x%x, is_temp=%d",
995 __FUNCTION__, p_auth_cmpl->key_type, pairing_cb.is_temp);
996 ret = btif_storage_add_bonded_device(&bd_addr,
997 p_auth_cmpl->key, p_auth_cmpl->key_type,
998 pairing_cb.pin_code_len);
999 ASSERTC(ret == BT_STATUS_SUCCESS, "storing link key failed", ret);
1000 }
1001 else
1002 {
1003 BTIF_TRACE_DEBUG("%s: Temporary key. Not storing. key_type=0x%x, is_temp=%d",
1004 __FUNCTION__, p_auth_cmpl->key_type, pairing_cb.is_temp);
1005 if(pairing_cb.is_temp)
1006 {
1007 BTIF_TRACE_DEBUG("%s: sending BT_BOND_STATE_NONE for Temp pairing",
1008 __FUNCTION__);
1009 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_NONE);
1010 return;
1011 }
1012 }
1013 }
1014
1015 // Skip SDP for certain HID Devices
1016 if (p_auth_cmpl->success)
1017 {
1018 pairing_cb.timeout_retries = 0;
1019 status = BT_STATUS_SUCCESS;
1020 state = BT_BOND_STATE_BONDED;
1021 bdcpy(bd_addr.address, p_auth_cmpl->bd_addr);
1022
1023 if (check_sdp_bl(&bd_addr) && check_cod_hid(&bd_addr, COD_HID_MAJOR))
1024 {
1025 ALOGW("%s:skip SDP",
1026 __FUNCTION__);
1027 skip_sdp = TRUE;
1028 }
1029 if(!pairing_cb.is_local_initiated && skip_sdp)
1030 {
1031 bond_state_changed(status, &bd_addr, state);
1032
1033 ALOGW("%s: Incoming HID Connection",__FUNCTION__);
1034 bt_property_t prop;
1035 bt_bdaddr_t bd_addr;
1036 bt_uuid_t uuid;
1037 char uuid_str[128] = UUID_HUMAN_INTERFACE_DEVICE;
1038
1039 string_to_uuid(uuid_str, &uuid);
1040
1041 prop.type = BT_PROPERTY_UUIDS;
1042 prop.val = uuid.uu;
1043 prop.len = MAX_UUID_SIZE;
1044
1045 /* Send the event to the BTIF */
1046 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb,
1047 BT_STATUS_SUCCESS, &bd_addr, 1, &prop);
1048 }
1049 else
1050 {
1051 /* Trigger SDP on the device */
1052 pairing_cb.sdp_attempts = 1;;
1053
1054 if(btif_dm_inquiry_in_progress)
1055 btif_dm_cancel_discovery();
1056
1057 btif_dm_get_remote_services(&bd_addr);
1058 }
1059 /* Do not call bond_state_changed_cb yet. Wait till fetch remote service is complete */
1060 }
1061 else
1062 {
1063 /*Map the HCI fail reason to bt status */
1064 switch(p_auth_cmpl->fail_reason)
1065 {
1066 case HCI_ERR_PAGE_TIMEOUT:
1067 if (blacklistPairingRetries(bd_addr.address) && pairing_cb.timeout_retries)
1068 {
1069 BTIF_TRACE_WARNING("%s() - Pairing timeout; retrying (%d) ...", __FUNCTION__, pairing_cb.timeout_retries);
1070 --pairing_cb.timeout_retries;
1071 btif_dm_cb_create_bond (&bd_addr, BTA_TRANSPORT_UNKNOWN);
1072 return;
1073 }
1074 /* Fall-through */
1075 case HCI_ERR_CONNECTION_TOUT:
1076 status = BT_STATUS_RMT_DEV_DOWN;
1077 break;
1078
1079 case HCI_ERR_PAIRING_NOT_ALLOWED:
1080 status = BT_STATUS_AUTH_REJECTED;
1081 break;
1082
1083 case HCI_ERR_LMP_RESPONSE_TIMEOUT:
1084 status = BT_STATUS_AUTH_FAILURE;
1085 break;
1086
1087 /* map the auth failure codes, so we can retry pairing if necessary */
1088 case HCI_ERR_AUTH_FAILURE:
1089 case HCI_ERR_KEY_MISSING:
1090 btif_storage_remove_bonded_device(&bd_addr);
1091 case HCI_ERR_HOST_REJECT_SECURITY:
1092 case HCI_ERR_ENCRY_MODE_NOT_ACCEPTABLE:
1093 case HCI_ERR_UNIT_KEY_USED:
1094 case HCI_ERR_PAIRING_WITH_UNIT_KEY_NOT_SUPPORTED:
1095 case HCI_ERR_INSUFFCIENT_SECURITY:
1096 case HCI_ERR_PEER_USER:
1097 case HCI_ERR_UNSPECIFIED:
1098 BTIF_TRACE_DEBUG(" %s() Authentication fail reason %d",
1099 __FUNCTION__, p_auth_cmpl->fail_reason);
1100 if (pairing_cb.autopair_attempts == 1)
1101 {
1102 BTIF_TRACE_DEBUG("%s(): Adding device to blacklist ", __FUNCTION__);
1103
1104 /* Add the device to dynamic black list only if this device belongs to Audio/pointing dev class */
1105 if (check_cod(&bd_addr, COD_AV_HEADSETS) ||
1106 check_cod(&bd_addr, COD_AV_HANDSFREE) ||
1107 check_cod(&bd_addr, COD_AV_HEADPHONES) ||
1108 check_cod(&bd_addr, COD_AV_PORTABLE_AUDIO) ||
1109 check_cod(&bd_addr, COD_AV_HIFI_AUDIO) ||
1110 check_cod(&bd_addr, COD_HID_POINTING))
1111 {
1112 btif_storage_add_device_to_autopair_blacklist (&bd_addr);
1113 }
1114 pairing_cb.autopair_attempts++;
1115
1116 /* Create the Bond once again */
1117 BTIF_TRACE_DEBUG("%s() auto pair failed. Reinitiate Bond", __FUNCTION__);
1118 btif_dm_cb_create_bond (&bd_addr, BTA_TRANSPORT_UNKNOWN);
1119 return;
1120 }
1121 else
1122 {
1123 /* if autopair attempts are more than 1, or not attempted */
1124 status = BT_STATUS_AUTH_FAILURE;
1125 }
1126 break;
1127
1128 default:
1129 status = BT_STATUS_FAIL;
1130 }
1131 /* Special Handling for HID Devices */
1132 if (check_cod(&bd_addr, COD_HID_POINTING)) {
1133 /* Remove Device as bonded in nvram as authentication failed */
1134 BTIF_TRACE_DEBUG("%s(): removing hid pointing device from nvram", __FUNCTION__);
1135 btif_storage_remove_bonded_device(&bd_addr);
1136 }
1137 bond_state_changed(status, &bd_addr, state);
1138 }
1139 }
1140
1141 /******************************************************************************
1142 **
1143 ** Function btif_dm_search_devices_evt
1144 **
1145 ** Description Executes search devices callback events in btif context
1146 **
1147 ** Returns void
1148 **
1149 ******************************************************************************/
btif_dm_search_devices_evt(UINT16 event,char * p_param)1150 static void btif_dm_search_devices_evt (UINT16 event, char *p_param)
1151 {
1152 tBTA_DM_SEARCH *p_search_data;
1153 BTIF_TRACE_EVENT("%s event=%s", __FUNCTION__, dump_dm_search_event(event));
1154
1155 switch (event)
1156 {
1157 case BTA_DM_DISC_RES_EVT:
1158 {
1159 p_search_data = (tBTA_DM_SEARCH *)p_param;
1160 /* Remote name update */
1161 if (strlen((const char *) p_search_data->disc_res.bd_name))
1162 {
1163 bt_property_t properties[1];
1164 bt_bdaddr_t bdaddr;
1165 bt_status_t status;
1166
1167 properties[0].type = BT_PROPERTY_BDNAME;
1168 properties[0].val = p_search_data->disc_res.bd_name;
1169 properties[0].len = strlen((char *)p_search_data->disc_res.bd_name);
1170 bdcpy(bdaddr.address, p_search_data->disc_res.bd_addr);
1171
1172 status = btif_storage_set_remote_device_property(&bdaddr, &properties[0]);
1173 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device property", status);
1174 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb,
1175 status, &bdaddr, 1, properties);
1176 }
1177 /* TODO: Services? */
1178 }
1179 break;
1180
1181 case BTA_DM_INQ_RES_EVT:
1182 {
1183 /* inquiry result */
1184 UINT32 cod;
1185 UINT8 *p_eir_remote_name = NULL;
1186 bt_bdname_t bdname;
1187 bt_bdaddr_t bdaddr;
1188 UINT8 remote_name_len;
1189 UINT8 *p_cached_name = NULL;
1190 tBTA_SERVICE_MASK services = 0;
1191 bdstr_t bdstr;
1192
1193 p_search_data = (tBTA_DM_SEARCH *)p_param;
1194 bdcpy(bdaddr.address, p_search_data->inq_res.bd_addr);
1195
1196 BTIF_TRACE_DEBUG("%s() %s device_type = 0x%x\n", __FUNCTION__, bd2str(&bdaddr, &bdstr),
1197 #if (BLE_INCLUDED == TRUE)
1198 p_search_data->inq_res.device_type);
1199 #else
1200 BT_DEVICE_TYPE_BREDR);
1201 #endif
1202 bdname.name[0] = 0;
1203
1204 cod = devclass2uint (p_search_data->inq_res.dev_class);
1205
1206 if ( cod == 0) {
1207 ALOGD("cod is 0, set as unclassified");
1208 cod = COD_UNCLASSIFIED;
1209 }
1210
1211 if (!check_eir_remote_name(p_search_data, bdname.name, &remote_name_len))
1212 check_cached_remote_name(p_search_data, bdname.name, &remote_name_len);
1213
1214 /* Check EIR for remote name and services */
1215 if (p_search_data->inq_res.p_eir)
1216 {
1217 BTA_GetEirService(p_search_data->inq_res.p_eir, &services);
1218 BTIF_TRACE_DEBUG("%s()EIR BTA services = %08X", __FUNCTION__, (UINT32)services);
1219 /* TODO: Get the service list and check to see which uuids we got and send it back to the client. */
1220 }
1221
1222
1223 {
1224 bt_property_t properties[5];
1225 bt_device_type_t dev_type;
1226 UINT8 addr_type;
1227 uint32_t num_properties = 0;
1228 bt_status_t status;
1229
1230 memset(properties, 0, sizeof(properties));
1231 /* BD_ADDR */
1232 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
1233 BT_PROPERTY_BDADDR, sizeof(bdaddr), &bdaddr);
1234 num_properties++;
1235 /* BD_NAME */
1236 /* Don't send BDNAME if it is empty */
1237 if (bdname.name[0])
1238 {
1239 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
1240 BT_PROPERTY_BDNAME,
1241 strlen((char *)bdname.name), &bdname);
1242 num_properties++;
1243 }
1244
1245 /* DEV_CLASS */
1246 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
1247 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod);
1248 num_properties++;
1249 /* DEV_TYPE */
1250 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
1251 /* FixMe: Assumption is that bluetooth.h and BTE enums match */
1252 dev_type = p_search_data->inq_res.device_type;
1253 addr_type = p_search_data->inq_res.ble_addr_type;
1254 #else
1255 dev_type = BT_DEVICE_TYPE_BREDR;
1256 #endif
1257 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
1258 BT_PROPERTY_TYPE_OF_DEVICE, sizeof(dev_type), &dev_type);
1259 num_properties++;
1260 /* RSSI */
1261 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties],
1262 BT_PROPERTY_REMOTE_RSSI, sizeof(int8_t),
1263 &(p_search_data->inq_res.rssi));
1264 num_properties++;
1265
1266 status = btif_storage_add_remote_device(&bdaddr, num_properties, properties);
1267 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device (inquiry)", status);
1268 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
1269 status = btif_storage_set_remote_addr_type(&bdaddr, addr_type);
1270 if (( dev_type == BT_DEVICE_TYPE_DUMO)&&
1271 (p_search_data->inq_res.flag & BTA_BLE_DMT_CONTROLLER_SPT) &&
1272 (p_search_data->inq_res.flag & BTA_BLE_DMT_HOST_SPT))
1273 {
1274 btif_storage_set_dmt_support_type (&bdaddr, TRUE);
1275 }
1276 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote addr type (inquiry)", status);
1277 #endif
1278 /* Callback to notify upper layer of device */
1279 HAL_CBACK(bt_hal_cbacks, device_found_cb,
1280 num_properties, properties);
1281 }
1282 }
1283 break;
1284
1285 case BTA_DM_INQ_CMPL_EVT:
1286 {
1287 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
1288 tBTA_DM_BLE_PF_FILT_PARAMS adv_filt_param;
1289 memset(&adv_filt_param, 0, sizeof(tBTA_DM_BLE_PF_FILT_PARAMS));
1290 BTA_DmBleScanFilterSetup(BTA_DM_BLE_SCAN_COND_DELETE, 0, &adv_filt_param, NULL,
1291 bte_scan_filt_param_cfg_evt, 0);
1292 #endif
1293 }
1294 break;
1295 case BTA_DM_DISC_CMPL_EVT:
1296 {
1297 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, BT_DISCOVERY_STOPPED);
1298 }
1299 break;
1300 case BTA_DM_SEARCH_CANCEL_CMPL_EVT:
1301 {
1302 /* if inquiry is not in progress and we get a cancel event, then
1303 * it means we are done with inquiry, but remote_name fetches are in
1304 * progress
1305 *
1306 * if inquiry is in progress, then we don't want to act on this cancel_cmpl_evt
1307 * but instead wait for the cancel_cmpl_evt via the Busy Level
1308 *
1309 */
1310 if (btif_dm_inquiry_in_progress == FALSE)
1311 {
1312 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, BT_DISCOVERY_STOPPED);
1313 }
1314 }
1315 break;
1316 }
1317 }
1318
1319 /*******************************************************************************
1320 **
1321 ** Function btif_dm_search_services_evt
1322 **
1323 ** Description Executes search services event in btif context
1324 **
1325 ** Returns void
1326 **
1327 *******************************************************************************/
btif_dm_search_services_evt(UINT16 event,char * p_param)1328 static void btif_dm_search_services_evt(UINT16 event, char *p_param)
1329 {
1330 tBTA_DM_SEARCH *p_data = (tBTA_DM_SEARCH*)p_param;
1331
1332 BTIF_TRACE_EVENT("%s: event = %d", __FUNCTION__, event);
1333 switch (event)
1334 {
1335 case BTA_DM_DISC_RES_EVT:
1336 {
1337 bt_uuid_t uuid_arr[BT_MAX_NUM_UUIDS]; /* Max 32 services */
1338 bt_property_t prop;
1339 uint32_t i = 0, j = 0;
1340 bt_bdaddr_t bd_addr;
1341 bt_status_t ret;
1342
1343 bdcpy(bd_addr.address, p_data->disc_res.bd_addr);
1344
1345 BTIF_TRACE_DEBUG("%s:(result=0x%x, services 0x%x)", __FUNCTION__,
1346 p_data->disc_res.result, p_data->disc_res.services);
1347 if ((p_data->disc_res.result != BTA_SUCCESS) &&
1348 (pairing_cb.state == BT_BOND_STATE_BONDING ) &&
1349 (pairing_cb.sdp_attempts < BTIF_DM_MAX_SDP_ATTEMPTS_AFTER_PAIRING))
1350 {
1351 BTIF_TRACE_WARNING("%s:SDP failed after bonding re-attempting", __FUNCTION__);
1352 pairing_cb.sdp_attempts++;
1353 btif_dm_get_remote_services(&bd_addr);
1354 return;
1355 }
1356 prop.type = BT_PROPERTY_UUIDS;
1357 prop.len = 0;
1358 if ((p_data->disc_res.result == BTA_SUCCESS) && (p_data->disc_res.num_uuids > 0))
1359 {
1360 prop.val = p_data->disc_res.p_uuid_list;
1361 prop.len = p_data->disc_res.num_uuids * MAX_UUID_SIZE;
1362 for (i=0; i < p_data->disc_res.num_uuids; i++)
1363 {
1364 char temp[256];
1365 uuid_to_string((bt_uuid_t*)(p_data->disc_res.p_uuid_list + (i*MAX_UUID_SIZE)), temp);
1366 BTIF_TRACE_ERROR("Index: %d uuid:%s", i, temp);
1367 }
1368 }
1369
1370 /* onUuidChanged requires getBondedDevices to be populated.
1371 ** bond_state_changed needs to be sent prior to remote_device_property
1372 */
1373 if ((pairing_cb.state == BT_BOND_STATE_BONDING) &&
1374 (bdcmp(p_data->disc_res.bd_addr, pairing_cb.bd_addr) == 0)&&
1375 pairing_cb.sdp_attempts > 0)
1376 {
1377 BTIF_TRACE_DEBUG("%s Remote Service SDP done. Call bond_state_changed_cb BONDED",
1378 __FUNCTION__);
1379 pairing_cb.sdp_attempts = 0;
1380 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDED);
1381 }
1382
1383 if(p_data->disc_res.num_uuids != 0)
1384 {
1385 /* Also write this to the NVRAM */
1386 ret = btif_storage_set_remote_device_property(&bd_addr, &prop);
1387 ASSERTC(ret == BT_STATUS_SUCCESS, "storing remote services failed", ret);
1388 /* Send the event to the BTIF */
1389 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb,
1390 BT_STATUS_SUCCESS, &bd_addr, 1, &prop);
1391 }
1392 }
1393 break;
1394
1395 case BTA_DM_DISC_CMPL_EVT:
1396 /* fixme */
1397 break;
1398
1399 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
1400 case BTA_DM_DISC_BLE_RES_EVT:
1401 BTIF_TRACE_DEBUG("%s:, services 0x%x)", __FUNCTION__,
1402 p_data->disc_ble_res.service.uu.uuid16);
1403 bt_uuid_t uuid;
1404 int i = 0;
1405 int j = 15;
1406 if (p_data->disc_ble_res.service.uu.uuid16 == UUID_SERVCLASS_LE_HID)
1407 {
1408 BTIF_TRACE_DEBUG("%s: Found HOGP UUID",__FUNCTION__);
1409 bt_property_t prop;
1410 bt_bdaddr_t bd_addr;
1411 char temp[256];
1412 bt_status_t ret;
1413
1414 bta_gatt_convert_uuid16_to_uuid128(uuid.uu,p_data->disc_ble_res.service.uu.uuid16);
1415
1416 while(i < j )
1417 {
1418 unsigned char c = uuid.uu[j];
1419 uuid.uu[j] = uuid.uu[i];
1420 uuid.uu[i] = c;
1421 i++;
1422 j--;
1423 }
1424
1425 uuid_to_string(&uuid, temp);
1426 BTIF_TRACE_ERROR(" uuid:%s", temp);
1427
1428 bdcpy(bd_addr.address, p_data->disc_ble_res.bd_addr);
1429 prop.type = BT_PROPERTY_UUIDS;
1430 prop.val = uuid.uu;
1431 prop.len = MAX_UUID_SIZE;
1432
1433 /* Also write this to the NVRAM */
1434 ret = btif_storage_set_remote_device_property(&bd_addr, &prop);
1435 ASSERTC(ret == BT_STATUS_SUCCESS, "storing remote services failed", ret);
1436
1437 /* Send the event to the BTIF */
1438 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb,
1439 BT_STATUS_SUCCESS, &bd_addr, 1, &prop);
1440
1441 }
1442 break;
1443 #endif /* BLE_INCLUDED */
1444
1445 default:
1446 {
1447 ASSERTC(0, "unhandled search services event", event);
1448 }
1449 break;
1450 }
1451 }
1452
1453 /*******************************************************************************
1454 **
1455 ** Function btif_dm_remote_service_record_evt
1456 **
1457 ** Description Executes search service record event in btif context
1458 **
1459 ** Returns void
1460 **
1461 *******************************************************************************/
btif_dm_remote_service_record_evt(UINT16 event,char * p_param)1462 static void btif_dm_remote_service_record_evt(UINT16 event, char *p_param)
1463 {
1464 tBTA_DM_SEARCH *p_data = (tBTA_DM_SEARCH*)p_param;
1465
1466 BTIF_TRACE_EVENT("%s: event = %d", __FUNCTION__, event);
1467 switch (event)
1468 {
1469 case BTA_DM_DISC_RES_EVT:
1470 {
1471 bt_service_record_t rec;
1472 bt_property_t prop;
1473 uint32_t i = 0;
1474 bt_bdaddr_t bd_addr;
1475
1476 memset(&rec, 0, sizeof(bt_service_record_t));
1477 bdcpy(bd_addr.address, p_data->disc_res.bd_addr);
1478
1479 BTIF_TRACE_DEBUG("%s:(result=0x%x, services 0x%x)", __FUNCTION__,
1480 p_data->disc_res.result, p_data->disc_res.services);
1481 prop.type = BT_PROPERTY_SERVICE_RECORD;
1482 prop.val = (void*)&rec;
1483 prop.len = sizeof(rec);
1484
1485 /* disc_res.result is overloaded with SCN. Cannot check result */
1486 p_data->disc_res.services &= ~BTA_USER_SERVICE_MASK;
1487 /* TODO: Get the UUID as well */
1488 rec.channel = p_data->disc_res.result - 3;
1489 /* TODO: Need to get the service name using p_raw_data */
1490 rec.name[0] = 0;
1491
1492 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb,
1493 BT_STATUS_SUCCESS, &bd_addr, 1, &prop);
1494 }
1495 break;
1496
1497 default:
1498 {
1499 ASSERTC(0, "unhandled remote service record event", event);
1500 }
1501 break;
1502 }
1503 }
1504
1505 /*******************************************************************************
1506 **
1507 ** Function btif_dm_upstreams_cback
1508 **
1509 ** Description Executes UPSTREAMS events in btif context
1510 **
1511 ** Returns void
1512 **
1513 *******************************************************************************/
btif_dm_upstreams_evt(UINT16 event,char * p_param)1514 static void btif_dm_upstreams_evt(UINT16 event, char* p_param)
1515 {
1516 tBTA_DM_SEC_EVT dm_event = (tBTA_DM_SEC_EVT)event;
1517 tBTA_DM_SEC *p_data = (tBTA_DM_SEC*)p_param;
1518 tBTA_SERVICE_MASK service_mask;
1519 uint32_t i;
1520 bt_bdaddr_t bd_addr;
1521
1522 BTIF_TRACE_EVENT("btif_dm_upstreams_cback ev: %s", dump_dm_event(event));
1523
1524 switch (event)
1525 {
1526 case BTA_DM_ENABLE_EVT:
1527 {
1528 BD_NAME bdname;
1529 bt_status_t status;
1530 bt_property_t prop;
1531 prop.type = BT_PROPERTY_BDNAME;
1532 prop.len = BD_NAME_LEN;
1533 prop.val = (void*)bdname;
1534
1535 status = btif_storage_get_adapter_property(&prop);
1536 if (status == BT_STATUS_SUCCESS)
1537 {
1538 /* A name exists in the storage. Make this the device name */
1539 BTA_DmSetDeviceName((char*)prop.val);
1540 }
1541 else
1542 {
1543 /* Storage does not have a name yet.
1544 * Use the default name and write it to the chip
1545 */
1546 BTA_DmSetDeviceName(btif_get_default_local_name());
1547 }
1548
1549 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
1550 /* Enable local privacy */
1551 BTA_DmBleConfigLocalPrivacy(TRUE);
1552 #endif
1553
1554 /* for each of the enabled services in the mask, trigger the profile
1555 * enable */
1556 service_mask = btif_get_enabled_services_mask();
1557 for (i=0; i <= BTA_MAX_SERVICE_ID; i++)
1558 {
1559 if (service_mask &
1560 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(i)))
1561 {
1562 btif_in_execute_service_request(i, TRUE);
1563 }
1564 }
1565 /* clear control blocks */
1566 memset(&pairing_cb, 0, sizeof(btif_dm_pairing_cb_t));
1567
1568 /* This function will also trigger the adapter_properties_cb
1569 ** and bonded_devices_info_cb
1570 */
1571 btif_storage_load_bonded_devices();
1572
1573 btif_storage_load_autopair_device_list();
1574
1575 btif_enable_bluetooth_evt(p_data->enable.status, p_data->enable.bd_addr);
1576 }
1577 break;
1578
1579 case BTA_DM_DISABLE_EVT:
1580 /* for each of the enabled services in the mask, trigger the profile
1581 * disable */
1582 service_mask = btif_get_enabled_services_mask();
1583 for (i=0; i <= BTA_MAX_SERVICE_ID; i++)
1584 {
1585 if (service_mask &
1586 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(i)))
1587 {
1588 btif_in_execute_service_request(i, FALSE);
1589 }
1590 }
1591 btif_disable_bluetooth_evt();
1592 break;
1593
1594 case BTA_DM_PIN_REQ_EVT:
1595 btif_dm_pin_req_evt(&p_data->pin_req);
1596 break;
1597
1598 case BTA_DM_AUTH_CMPL_EVT:
1599 btif_dm_auth_cmpl_evt(&p_data->auth_cmpl);
1600 break;
1601
1602 case BTA_DM_BOND_CANCEL_CMPL_EVT:
1603 if (pairing_cb.state == BT_BOND_STATE_BONDING)
1604 {
1605 bdcpy(bd_addr.address, pairing_cb.bd_addr);
1606 bond_state_changed(p_data->bond_cancel_cmpl.result, &bd_addr, BT_BOND_STATE_NONE);
1607 }
1608 break;
1609
1610 case BTA_DM_SP_CFM_REQ_EVT:
1611 btif_dm_ssp_cfm_req_evt(&p_data->cfm_req);
1612 break;
1613 case BTA_DM_SP_KEY_NOTIF_EVT:
1614 btif_dm_ssp_key_notif_evt(&p_data->key_notif);
1615 break;
1616
1617 case BTA_DM_DEV_UNPAIRED_EVT:
1618 bdcpy(bd_addr.address, p_data->link_down.bd_addr);
1619
1620 /*special handling for HID devices */
1621 #if (defined(BTA_HH_INCLUDED) && (BTA_HH_INCLUDED == TRUE))
1622 btif_hh_remove_device(bd_addr);
1623 #endif
1624 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
1625 btif_storage_remove_ble_bonding_keys(&bd_addr);
1626 #endif
1627 btif_storage_remove_bonded_device(&bd_addr);
1628 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_NONE);
1629 break;
1630
1631 case BTA_DM_BUSY_LEVEL_EVT:
1632 {
1633
1634 if (p_data->busy_level.level_flags & BTM_BL_INQUIRY_PAGING_MASK)
1635 {
1636 if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_STARTED)
1637 {
1638 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb,
1639 BT_DISCOVERY_STARTED);
1640 btif_dm_inquiry_in_progress = TRUE;
1641 }
1642 else if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_CANCELLED)
1643 {
1644 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb,
1645 BT_DISCOVERY_STOPPED);
1646 btif_dm_inquiry_in_progress = FALSE;
1647 }
1648 else if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_COMPLETE)
1649 {
1650 btif_dm_inquiry_in_progress = FALSE;
1651 }
1652 }
1653 }break;
1654
1655 case BTA_DM_LINK_UP_EVT:
1656 bdcpy(bd_addr.address, p_data->link_up.bd_addr);
1657 BTIF_TRACE_DEBUG("BTA_DM_LINK_UP_EVT. Sending BT_ACL_STATE_CONNECTED");
1658
1659 btif_update_remote_version_property(&bd_addr);
1660
1661 HAL_CBACK(bt_hal_cbacks, acl_state_changed_cb, BT_STATUS_SUCCESS,
1662 &bd_addr, BT_ACL_STATE_CONNECTED);
1663 break;
1664
1665 case BTA_DM_LINK_DOWN_EVT:
1666 bdcpy(bd_addr.address, p_data->link_down.bd_addr);
1667 BTIF_TRACE_DEBUG("BTA_DM_LINK_DOWN_EVT. Sending BT_ACL_STATE_DISCONNECTED");
1668 HAL_CBACK(bt_hal_cbacks, acl_state_changed_cb, BT_STATUS_SUCCESS,
1669 &bd_addr, BT_ACL_STATE_DISCONNECTED);
1670 break;
1671
1672 case BTA_DM_HW_ERROR_EVT:
1673 BTIF_TRACE_ERROR("Received H/W Error. ");
1674 /* Flush storage data */
1675 btif_config_flush();
1676 usleep(100000); /* 100milliseconds */
1677 /* Killing the process to force a restart as part of fault tolerance */
1678 kill(getpid(), SIGKILL);
1679 break;
1680
1681 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
1682 case BTA_DM_BLE_KEY_EVT:
1683 BTIF_TRACE_DEBUG("BTA_DM_BLE_KEY_EVT key_type=0x%02x ", p_data->ble_key.key_type);
1684
1685 /* If this pairing is by-product of local initiated GATT client Read or Write,
1686 BTA would not have sent BTA_DM_BLE_SEC_REQ_EVT event and Bond state would not
1687 have setup properly. Setup pairing_cb and notify App about Bonding state now*/
1688 if (pairing_cb.state != BT_BOND_STATE_BONDING)
1689 {
1690 BTIF_TRACE_DEBUG("Bond state not sent to App so far.Notify the app now");
1691 bond_state_changed(BT_STATUS_SUCCESS, (bt_bdaddr_t*)p_data->ble_key.bd_addr,
1692 BT_BOND_STATE_BONDING);
1693 }
1694 else if (memcmp (pairing_cb.bd_addr, p_data->ble_key.bd_addr, BD_ADDR_LEN)!=0)
1695 {
1696 BTIF_TRACE_ERROR("BD mismatch discard BLE key_type=%d ",p_data->ble_key.key_type);
1697 break;
1698 }
1699
1700 switch (p_data->ble_key.key_type)
1701 {
1702 case BTA_LE_KEY_PENC:
1703 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_PENC");
1704 pairing_cb.ble.is_penc_key_rcvd = TRUE;
1705 memcpy(pairing_cb.ble.penc_key.ltk,p_data->ble_key.key_value.penc_key.ltk, 16);
1706 memcpy(pairing_cb.ble.penc_key.rand, p_data->ble_key.key_value.penc_key.rand,8);
1707 pairing_cb.ble.penc_key.ediv = p_data->ble_key.key_value.penc_key.ediv;
1708 pairing_cb.ble.penc_key.sec_level = p_data->ble_key.key_value.penc_key.sec_level;
1709
1710 for (i=0; i<16; i++)
1711 {
1712 BTIF_TRACE_DEBUG("pairing_cb.ble.penc_key.ltk[%d]=0x%02x",i,pairing_cb.ble.penc_key.ltk[i]);
1713 }
1714 for (i=0; i<8; i++)
1715 {
1716 BTIF_TRACE_DEBUG("pairing_cb.ble.penc_key.rand[%d]=0x%02x",i,pairing_cb.ble.penc_key.rand[i]);
1717 }
1718 BTIF_TRACE_DEBUG("pairing_cb.ble.penc_key.ediv=0x%04x",pairing_cb.ble.penc_key.ediv);
1719 BTIF_TRACE_DEBUG("pairing_cb.ble.penc_key.sec_level=0x%02x",pairing_cb.ble.penc_key.sec_level);
1720 BTIF_TRACE_DEBUG("pairing_cb.ble.penc_key.key_size=0x%02x",pairing_cb.ble.penc_key.key_size);
1721 break;
1722
1723 case BTA_LE_KEY_PID:
1724 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_PID");
1725 pairing_cb.ble.is_pid_key_rcvd = TRUE;
1726 pairing_cb.ble.pid_key.addr_type = p_data->ble_key.key_value.pid_key.addr_type;
1727 memcpy(pairing_cb.ble.pid_key.irk, p_data->ble_key.key_value.pid_key.irk, 16);
1728 memcpy(pairing_cb.ble.pid_key.static_addr,
1729 p_data->ble_key.key_value.pid_key.static_addr,BD_ADDR_LEN);
1730 for (i=0; i<16; i++)
1731 {
1732 BTIF_TRACE_DEBUG("pairing_cb.ble.pid_key.irk[%d]=0x%02x"
1733 ,i,pairing_cb.ble.pid_key.irk[i]);
1734 }
1735 for (i=0; i<BD_ADDR_LEN; i++)
1736 {
1737 BTIF_TRACE_DEBUG("piaring_cb.ble.pid_address[%d] = %x"
1738 ,i, pairing_cb.ble.pid_key.static_addr[i]);
1739 }
1740 break;
1741
1742 case BTA_LE_KEY_PCSRK:
1743 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_PCSRK");
1744 pairing_cb.ble.is_pcsrk_key_rcvd = TRUE;
1745 pairing_cb.ble.pcsrk_key.counter = p_data->ble_key.key_value.pcsrk_key.counter;
1746 pairing_cb.ble.pcsrk_key.sec_level = p_data->ble_key.key_value.pcsrk_key.sec_level;
1747 memcpy(pairing_cb.ble.pcsrk_key.csrk,p_data->ble_key.key_value.pcsrk_key.csrk,16);
1748
1749 for (i=0; i<16; i++)
1750 {
1751 BTIF_TRACE_DEBUG("pairing_cb.ble.pcsrk_key.csrk[%d]=0x%02x",i,pairing_cb.ble.pcsrk_key.csrk[i]);
1752 }
1753 BTIF_TRACE_DEBUG("pairing_cb.ble.pcsrk_key.counter=0x%08x",pairing_cb.ble.pcsrk_key.counter);
1754 BTIF_TRACE_DEBUG("pairing_cb.ble.pcsrk_key.sec_level=0x%02x",pairing_cb.ble.pcsrk_key.sec_level);
1755 break;
1756
1757 case BTA_LE_KEY_LENC:
1758 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_LENC");
1759 pairing_cb.ble.is_lenc_key_rcvd = TRUE;
1760 pairing_cb.ble.lenc_key.div = p_data->ble_key.key_value.lenc_key.div;
1761 pairing_cb.ble.lenc_key.key_size = p_data->ble_key.key_value.lenc_key.key_size;
1762 pairing_cb.ble.lenc_key.sec_level = p_data->ble_key.key_value.lenc_key.sec_level;
1763
1764 BTIF_TRACE_DEBUG("pairing_cb.ble.lenc_key.div=0x%04x",pairing_cb.ble.lenc_key.div);
1765 BTIF_TRACE_DEBUG("pairing_cb.ble.lenc_key.key_size=0x%02x",pairing_cb.ble.lenc_key.key_size);
1766 BTIF_TRACE_DEBUG("pairing_cb.ble.lenc_key.sec_level=0x%02x",pairing_cb.ble.lenc_key.sec_level);
1767 break;
1768
1769
1770
1771 case BTA_LE_KEY_LCSRK:
1772 BTIF_TRACE_DEBUG("Rcv BTA_LE_KEY_LCSRK");
1773 pairing_cb.ble.is_lcsrk_key_rcvd = TRUE;
1774 pairing_cb.ble.lcsrk_key.counter = p_data->ble_key.key_value.lcsrk_key.counter;
1775 pairing_cb.ble.lcsrk_key.div = p_data->ble_key.key_value.lcsrk_key.div;
1776 pairing_cb.ble.lcsrk_key.sec_level = p_data->ble_key.key_value.lcsrk_key.sec_level;
1777
1778 BTIF_TRACE_DEBUG("pairing_cb.ble.lcsrk_key.div=0x%04x",pairing_cb.ble.lcsrk_key.div);
1779 BTIF_TRACE_DEBUG("pairing_cb.ble.lcsrk_key.counter=0x%08x",pairing_cb.ble.lcsrk_key.counter);
1780 BTIF_TRACE_DEBUG("pairing_cb.ble.lcsrk_key.sec_level=0x%02x",pairing_cb.ble.lcsrk_key.sec_level);
1781
1782 break;
1783
1784 default:
1785 BTIF_TRACE_ERROR("unknown BLE key type (0x%02x)", p_data->ble_key.key_type);
1786 break;
1787 }
1788
1789 break;
1790 case BTA_DM_BLE_SEC_REQ_EVT:
1791 BTIF_TRACE_DEBUG("BTA_DM_BLE_SEC_REQ_EVT. ");
1792 btif_dm_ble_sec_req_evt(&p_data->ble_req);
1793 break;
1794 case BTA_DM_BLE_PASSKEY_NOTIF_EVT:
1795 BTIF_TRACE_DEBUG("BTA_DM_BLE_PASSKEY_NOTIF_EVT. ");
1796 btif_dm_ble_key_notif_evt(&p_data->key_notif);
1797 break;
1798 case BTA_DM_BLE_PASSKEY_REQ_EVT:
1799 BTIF_TRACE_DEBUG("BTA_DM_BLE_PASSKEY_REQ_EVT. ");
1800 btif_dm_ble_passkey_req_evt(&p_data->pin_req);
1801 break;
1802 case BTA_DM_BLE_OOB_REQ_EVT:
1803 BTIF_TRACE_DEBUG("BTA_DM_BLE_OOB_REQ_EVT. ");
1804 break;
1805 case BTA_DM_BLE_LOCAL_IR_EVT:
1806 BTIF_TRACE_DEBUG("BTA_DM_BLE_LOCAL_IR_EVT. ");
1807 ble_local_key_cb.is_id_keys_rcvd = TRUE;
1808 memcpy(&ble_local_key_cb.id_keys.irk[0], &p_data->ble_id_keys.irk[0], sizeof(BT_OCTET16));
1809 memcpy(&ble_local_key_cb.id_keys.ir[0], &p_data->ble_id_keys.ir[0], sizeof(BT_OCTET16));
1810 memcpy(&ble_local_key_cb.id_keys.dhk[0], &p_data->ble_id_keys.dhk[0], sizeof(BT_OCTET16));
1811 btif_storage_add_ble_local_key( (char *)&ble_local_key_cb.id_keys.irk[0],
1812 BTIF_DM_LE_LOCAL_KEY_IR,
1813 BT_OCTET16_LEN);
1814 btif_storage_add_ble_local_key( (char *)&ble_local_key_cb.id_keys.ir[0],
1815 BTIF_DM_LE_LOCAL_KEY_IRK,
1816 BT_OCTET16_LEN);
1817 btif_storage_add_ble_local_key( (char *)&ble_local_key_cb.id_keys.dhk[0],
1818 BTIF_DM_LE_LOCAL_KEY_DHK,
1819 BT_OCTET16_LEN);
1820 break;
1821 case BTA_DM_BLE_LOCAL_ER_EVT:
1822 BTIF_TRACE_DEBUG("BTA_DM_BLE_LOCAL_ER_EVT. ");
1823 ble_local_key_cb.is_er_rcvd = TRUE;
1824 memcpy(&ble_local_key_cb.er[0], &p_data->ble_er[0], sizeof(BT_OCTET16));
1825 btif_storage_add_ble_local_key( (char *)&ble_local_key_cb.er[0],
1826 BTIF_DM_LE_LOCAL_KEY_ER,
1827 BT_OCTET16_LEN);
1828 break;
1829
1830 case BTA_DM_BLE_AUTH_CMPL_EVT:
1831 BTIF_TRACE_DEBUG("BTA_DM_BLE_KEY_EVT. ");
1832 btif_dm_ble_auth_cmpl_evt(&p_data->auth_cmpl);
1833 break;
1834
1835 case BTA_DM_LE_FEATURES_READ:
1836 {
1837 tBTM_BLE_VSC_CB cmn_vsc_cb;
1838 bt_local_le_features_t local_le_features;
1839 char buf[512];
1840 bt_property_t prop;
1841 prop.type = BT_PROPERTY_LOCAL_LE_FEATURES;
1842 prop.val = (void*)buf;
1843 prop.len = sizeof(buf);
1844
1845 /* LE features are not stored in storage. Should be retrived from stack */
1846 BTM_BleGetVendorCapabilities(&cmn_vsc_cb);
1847 local_le_features.local_privacy_enabled = BTM_BleLocalPrivacyEnabled();
1848
1849 prop.len = sizeof (bt_local_le_features_t);
1850 if (cmn_vsc_cb.filter_support == 1)
1851 local_le_features.max_adv_filter_supported = cmn_vsc_cb.max_filter;
1852 else
1853 local_le_features.max_adv_filter_supported = 0;
1854 local_le_features.max_adv_instance = cmn_vsc_cb.adv_inst_max;
1855 local_le_features.max_irk_list_size = cmn_vsc_cb.max_irk_list_sz;
1856 local_le_features.rpa_offload_supported = cmn_vsc_cb.rpa_offloading;
1857 local_le_features.scan_result_storage_size_hibyte =
1858 (cmn_vsc_cb.tot_scan_results_strg >> 8) & (0xFF);
1859 local_le_features.scan_result_storage_size_lobyte =
1860 (cmn_vsc_cb.tot_scan_results_strg) & (0xFF);
1861 local_le_features.activity_energy_info_supported = cmn_vsc_cb.energy_support;
1862 memcpy(prop.val, &local_le_features, prop.len);
1863 HAL_CBACK(bt_hal_cbacks, adapter_properties_cb, BT_STATUS_SUCCESS, 1, &prop);
1864 break;
1865 }
1866
1867 case BTA_DM_ENER_INFO_READ:
1868 {
1869 btif_activity_energy_info_cb_t *p_ener_data = (btif_activity_energy_info_cb_t*) p_param;
1870 bt_activity_energy_info energy_info;
1871 energy_info.status = p_ener_data->status;
1872 energy_info.ctrl_state = p_ener_data->ctrl_state;
1873 energy_info.rx_time = p_ener_data->rx_time;
1874 energy_info.tx_time = p_ener_data->tx_time;
1875 energy_info.idle_time = p_ener_data->idle_time;
1876 energy_info.energy_used = p_ener_data->energy_used;
1877 HAL_CBACK(bt_hal_cbacks, energy_info_cb, &energy_info);
1878 break;
1879 }
1880 #endif
1881
1882 case BTA_DM_AUTHORIZE_EVT:
1883 case BTA_DM_SIG_STRENGTH_EVT:
1884 case BTA_DM_SP_RMT_OOB_EVT:
1885 case BTA_DM_SP_KEYPRESS_EVT:
1886 case BTA_DM_ROLE_CHG_EVT:
1887
1888 default:
1889 BTIF_TRACE_WARNING( "btif_dm_cback : unhandled event (%d)", event );
1890 break;
1891 }
1892 } /* btui_security_cback() */
1893
1894
1895 /*******************************************************************************
1896 **
1897 ** Function btif_dm_generic_evt
1898 **
1899 ** Description Executes non-BTA upstream events in BTIF context
1900 **
1901 ** Returns void
1902 **
1903 *******************************************************************************/
btif_dm_generic_evt(UINT16 event,char * p_param)1904 static void btif_dm_generic_evt(UINT16 event, char* p_param)
1905 {
1906 BTIF_TRACE_EVENT("%s: event=%d", __FUNCTION__, event);
1907 switch(event)
1908 {
1909 case BTIF_DM_CB_DISCOVERY_STARTED:
1910 {
1911 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, BT_DISCOVERY_STARTED);
1912 }
1913 break;
1914
1915 case BTIF_DM_CB_CREATE_BOND:
1916 {
1917 pairing_cb.timeout_retries = NUM_TIMEOUT_RETRIES;
1918 btif_dm_create_bond_cb_t *create_bond_cb = (btif_dm_create_bond_cb_t*)p_param;
1919 btif_dm_cb_create_bond(&create_bond_cb->bdaddr, create_bond_cb->transport);
1920 }
1921 break;
1922
1923 case BTIF_DM_CB_REMOVE_BOND:
1924 {
1925 btif_dm_cb_remove_bond((bt_bdaddr_t *)p_param);
1926 }
1927 break;
1928
1929 case BTIF_DM_CB_HID_REMOTE_NAME:
1930 {
1931 btif_dm_cb_hid_remote_name((tBTM_REMOTE_DEV_NAME *)p_param);
1932 }
1933 break;
1934
1935 case BTIF_DM_CB_BOND_STATE_BONDING:
1936 {
1937 bond_state_changed(BT_STATUS_SUCCESS, (bt_bdaddr_t *)p_param, BT_BOND_STATE_BONDING);
1938 }
1939 break;
1940 case BTIF_DM_CB_LE_TX_TEST:
1941 case BTIF_DM_CB_LE_RX_TEST:
1942 {
1943 uint8_t status;
1944 STREAM_TO_UINT8(status, p_param);
1945 HAL_CBACK(bt_hal_cbacks, le_test_mode_cb,
1946 (status == 0) ? BT_STATUS_SUCCESS : BT_STATUS_FAIL, 0);
1947 }
1948 break;
1949 case BTIF_DM_CB_LE_TEST_END:
1950 {
1951 uint8_t status;
1952 uint16_t count = 0;
1953 STREAM_TO_UINT8(status, p_param);
1954 if (status == 0)
1955 STREAM_TO_UINT16(count, p_param);
1956 HAL_CBACK(bt_hal_cbacks, le_test_mode_cb,
1957 (status == 0) ? BT_STATUS_SUCCESS : BT_STATUS_FAIL, count);
1958 }
1959 break;
1960 default:
1961 {
1962 BTIF_TRACE_WARNING("%s : Unknown event 0x%x", __FUNCTION__, event);
1963 }
1964 break;
1965 }
1966 }
1967
1968 /*******************************************************************************
1969 **
1970 ** Function bte_dm_evt
1971 **
1972 ** Description Switches context from BTE to BTIF for all DM events
1973 **
1974 ** Returns void
1975 **
1976 *******************************************************************************/
1977
bte_dm_evt(tBTA_DM_SEC_EVT event,tBTA_DM_SEC * p_data)1978 void bte_dm_evt(tBTA_DM_SEC_EVT event, tBTA_DM_SEC *p_data)
1979 {
1980 bt_status_t status;
1981
1982 /* switch context to btif task context (copy full union size for convenience) */
1983 status = btif_transfer_context(btif_dm_upstreams_evt, (uint16_t)event, (void*)p_data, sizeof(tBTA_DM_SEC), NULL);
1984
1985 /* catch any failed context transfers */
1986 ASSERTC(status == BT_STATUS_SUCCESS, "context transfer failed", status);
1987 }
1988
1989 /*******************************************************************************
1990 **
1991 ** Function bte_search_devices_evt
1992 **
1993 ** Description Switches context from BTE to BTIF for DM search events
1994 **
1995 ** Returns void
1996 **
1997 *******************************************************************************/
bte_search_devices_evt(tBTA_DM_SEARCH_EVT event,tBTA_DM_SEARCH * p_data)1998 static void bte_search_devices_evt(tBTA_DM_SEARCH_EVT event, tBTA_DM_SEARCH *p_data)
1999 {
2000 UINT16 param_len = 0;
2001
2002 if (p_data)
2003 param_len += sizeof(tBTA_DM_SEARCH);
2004 /* Allocate buffer to hold the pointers (deep copy). The pointers will point to the end of the tBTA_DM_SEARCH */
2005 switch (event)
2006 {
2007 case BTA_DM_INQ_RES_EVT:
2008 {
2009 if (p_data->inq_res.p_eir)
2010 param_len += HCI_EXT_INQ_RESPONSE_LEN;
2011 }
2012 break;
2013
2014 case BTA_DM_DISC_RES_EVT:
2015 {
2016 if (p_data->disc_res.raw_data_size && p_data->disc_res.p_raw_data)
2017 param_len += p_data->disc_res.raw_data_size;
2018 }
2019 break;
2020 }
2021 BTIF_TRACE_DEBUG("%s event=%s param_len=%d", __FUNCTION__, dump_dm_search_event(event), param_len);
2022
2023 /* if remote name is available in EIR, set teh flag so that stack doesnt trigger RNR */
2024 if (event == BTA_DM_INQ_RES_EVT)
2025 p_data->inq_res.remt_name_not_required = check_eir_remote_name(p_data, NULL, NULL);
2026
2027 btif_transfer_context (btif_dm_search_devices_evt , (UINT16) event, (void *)p_data, param_len,
2028 (param_len > sizeof(tBTA_DM_SEARCH)) ? search_devices_copy_cb : NULL);
2029 }
2030
2031 /*******************************************************************************
2032 **
2033 ** Function bte_dm_search_services_evt
2034 **
2035 ** Description Switches context from BTE to BTIF for DM search services
2036 ** event
2037 **
2038 ** Returns void
2039 **
2040 *******************************************************************************/
bte_dm_search_services_evt(tBTA_DM_SEARCH_EVT event,tBTA_DM_SEARCH * p_data)2041 static void bte_dm_search_services_evt(tBTA_DM_SEARCH_EVT event, tBTA_DM_SEARCH *p_data)
2042 {
2043 UINT16 param_len = 0;
2044 if (p_data)
2045 param_len += sizeof(tBTA_DM_SEARCH);
2046 switch (event)
2047 {
2048 case BTA_DM_DISC_RES_EVT:
2049 {
2050 if ((p_data->disc_res.result == BTA_SUCCESS) && (p_data->disc_res.num_uuids > 0)) {
2051 param_len += (p_data->disc_res.num_uuids * MAX_UUID_SIZE);
2052 }
2053 } break;
2054 }
2055 /* TODO: The only other member that needs a deep copy is the p_raw_data. But not sure
2056 * if raw_data is needed. */
2057 btif_transfer_context(btif_dm_search_services_evt, event, (char*)p_data, param_len,
2058 (param_len > sizeof(tBTA_DM_SEARCH)) ? search_services_copy_cb : NULL);
2059 }
2060
2061 /*******************************************************************************
2062 **
2063 ** Function bte_dm_remote_service_record_evt
2064 **
2065 ** Description Switches context from BTE to BTIF for DM search service
2066 ** record event
2067 **
2068 ** Returns void
2069 **
2070 *******************************************************************************/
bte_dm_remote_service_record_evt(tBTA_DM_SEARCH_EVT event,tBTA_DM_SEARCH * p_data)2071 static void bte_dm_remote_service_record_evt(tBTA_DM_SEARCH_EVT event, tBTA_DM_SEARCH *p_data)
2072 {
2073 /* TODO: The only member that needs a deep copy is the p_raw_data. But not sure yet if this is needed. */
2074 btif_transfer_context(btif_dm_remote_service_record_evt, event, (char*)p_data, sizeof(tBTA_DM_SEARCH), NULL);
2075 }
2076
2077 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
2078 /*******************************************************************************
2079 **
2080 ** Function bta_energy_info_cb
2081 **
2082 ** Description Switches context from BTE to BTIF for DM energy info event
2083 **
2084 ** Returns void
2085 **
2086 *******************************************************************************/
bta_energy_info_cb(tBTA_DM_BLE_TX_TIME_MS tx_time,tBTA_DM_BLE_RX_TIME_MS rx_time,tBTA_DM_BLE_IDLE_TIME_MS idle_time,tBTA_DM_BLE_ENERGY_USED energy_used,tBTA_DM_CONTRL_STATE ctrl_state,tBTA_STATUS status)2087 static void bta_energy_info_cb(tBTA_DM_BLE_TX_TIME_MS tx_time, tBTA_DM_BLE_RX_TIME_MS rx_time,
2088 tBTA_DM_BLE_IDLE_TIME_MS idle_time,
2089 tBTA_DM_BLE_ENERGY_USED energy_used,
2090 tBTA_DM_CONTRL_STATE ctrl_state, tBTA_STATUS status)
2091 {
2092 BTIF_TRACE_DEBUG("energy_info_cb-Status:%d,state=%d,tx_t=%ld, rx_t=%ld, idle_time=%ld,used=%ld",
2093 status, ctrl_state, tx_time, rx_time, idle_time, energy_used);
2094
2095 btif_activity_energy_info_cb_t btif_cb;
2096 btif_cb.status = status;
2097 btif_cb.ctrl_state = ctrl_state;
2098 btif_cb.tx_time = (uint64_t) tx_time;
2099 btif_cb.rx_time = (uint64_t) rx_time;
2100 btif_cb.idle_time =(uint64_t) idle_time;
2101 btif_cb.energy_used =(uint64_t) energy_used;
2102 btif_transfer_context(btif_dm_upstreams_evt, BTA_DM_ENER_INFO_READ,
2103 (char*) &btif_cb, sizeof(btif_activity_energy_info_cb_t), NULL);
2104 }
2105 #endif
2106
2107 /*******************************************************************************
2108 **
2109 ** Function bte_scan_filt_param_cfg_evt
2110 **
2111 ** Description Scan filter param config event
2112 **
2113 ** Returns void
2114 **
2115 *******************************************************************************/
bte_scan_filt_param_cfg_evt(UINT8 action_type,tBTA_DM_BLE_PF_AVBL_SPACE avbl_space,tBTA_DM_BLE_REF_VALUE ref_value,tBTA_STATUS status)2116 static void bte_scan_filt_param_cfg_evt(UINT8 action_type,
2117 tBTA_DM_BLE_PF_AVBL_SPACE avbl_space,
2118 tBTA_DM_BLE_REF_VALUE ref_value, tBTA_STATUS status)
2119 {
2120 /* This event occurs on calling BTA_DmBleCfgFilterCondition internally,
2121 ** and that is why there is no HAL callback
2122 */
2123 if(BTA_SUCCESS != status)
2124 {
2125 BTIF_TRACE_ERROR("%s, %d", __FUNCTION__, status);
2126 }
2127 else
2128 {
2129 BTIF_TRACE_DEBUG("%s", __FUNCTION__);
2130 }
2131 }
2132
2133 /*****************************************************************************
2134 **
2135 ** btif api functions (no context switch)
2136 **
2137 *****************************************************************************/
2138
2139 /*******************************************************************************
2140 **
2141 ** Function btif_dm_start_discovery
2142 **
2143 ** Description Start device discovery/inquiry
2144 **
2145 ** Returns bt_status_t
2146 **
2147 *******************************************************************************/
btif_dm_start_discovery(void)2148 bt_status_t btif_dm_start_discovery(void)
2149 {
2150 tBTA_DM_INQ inq_params;
2151 tBTA_SERVICE_MASK services = 0;
2152 tBTA_DM_BLE_PF_FILT_PARAMS adv_filt_param;
2153
2154 BTIF_TRACE_EVENT("%s", __FUNCTION__);
2155
2156 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
2157 memset(&adv_filt_param, 0, sizeof(tBTA_DM_BLE_PF_FILT_PARAMS));
2158 /* Cleanup anything remaining on index 0 */
2159 BTA_DmBleScanFilterSetup(BTA_DM_BLE_SCAN_COND_DELETE, 0, &adv_filt_param, NULL,
2160 bte_scan_filt_param_cfg_evt, 0);
2161
2162 /* Add an allow-all filter on index 0*/
2163 adv_filt_param.dely_mode = IMMEDIATE_DELY_MODE;
2164 adv_filt_param.feat_seln = ALLOW_ALL_FILTER;
2165 adv_filt_param.filt_logic_type = BTA_DM_BLE_PF_FILT_LOGIC_OR;
2166 adv_filt_param.list_logic_type = BTA_DM_BLE_PF_LIST_LOGIC_OR;
2167 adv_filt_param.rssi_low_thres = LOWEST_RSSI_VALUE;
2168 adv_filt_param.rssi_high_thres = LOWEST_RSSI_VALUE;
2169 BTA_DmBleScanFilterSetup(BTA_DM_BLE_SCAN_COND_ADD, 0, &adv_filt_param, NULL,
2170 bte_scan_filt_param_cfg_evt, 0);
2171
2172 /* TODO: Do we need to handle multiple inquiries at the same time? */
2173
2174 /* Set inquiry params and call API */
2175 inq_params.mode = BTA_DM_GENERAL_INQUIRY|BTA_BLE_GENERAL_INQUIRY;
2176 #if (defined(BTA_HOST_INTERLEAVE_SEARCH) && BTA_HOST_INTERLEAVE_SEARCH == TRUE)
2177 inq_params.intl_duration[0]= BTIF_DM_INTERLEAVE_DURATION_BR_ONE;
2178 inq_params.intl_duration[1]= BTIF_DM_INTERLEAVE_DURATION_LE_ONE;
2179 inq_params.intl_duration[2]= BTIF_DM_INTERLEAVE_DURATION_BR_TWO;
2180 inq_params.intl_duration[3]= BTIF_DM_INTERLEAVE_DURATION_LE_TWO;
2181 #endif
2182 #else
2183 inq_params.mode = BTA_DM_GENERAL_INQUIRY;
2184 #endif
2185 inq_params.duration = BTIF_DM_DEFAULT_INQ_MAX_DURATION;
2186
2187 inq_params.max_resps = BTIF_DM_DEFAULT_INQ_MAX_RESULTS;
2188 inq_params.report_dup = TRUE;
2189
2190 inq_params.filter_type = BTA_DM_INQ_CLR;
2191 /* TODO: Filter device by BDA needs to be implemented here */
2192
2193 /* Will be enabled to TRUE once inquiry busy level has been received */
2194 btif_dm_inquiry_in_progress = FALSE;
2195 /* find nearby devices */
2196 BTA_DmSearch(&inq_params, services, bte_search_devices_evt);
2197
2198 return BT_STATUS_SUCCESS;
2199 }
2200
2201 /*******************************************************************************
2202 **
2203 ** Function btif_dm_cancel_discovery
2204 **
2205 ** Description Cancels search
2206 **
2207 ** Returns bt_status_t
2208 **
2209 *******************************************************************************/
btif_dm_cancel_discovery(void)2210 bt_status_t btif_dm_cancel_discovery(void)
2211 {
2212 BTIF_TRACE_EVENT("%s", __FUNCTION__);
2213 BTA_DmSearchCancel();
2214 return BT_STATUS_SUCCESS;
2215 }
2216
2217 /*******************************************************************************
2218 **
2219 ** Function btif_dm_create_bond
2220 **
2221 ** Description Initiate bonding with the specified device
2222 **
2223 ** Returns bt_status_t
2224 **
2225 *******************************************************************************/
btif_dm_create_bond(const bt_bdaddr_t * bd_addr,int transport)2226 bt_status_t btif_dm_create_bond(const bt_bdaddr_t *bd_addr, int transport)
2227 {
2228 btif_dm_create_bond_cb_t create_bond_cb;
2229 create_bond_cb.transport = transport;
2230 bdcpy(create_bond_cb.bdaddr.address, bd_addr->address);
2231
2232 bdstr_t bdstr;
2233 BTIF_TRACE_EVENT("%s: bd_addr=%s, transport=%d", __FUNCTION__,
2234 bd2str((bt_bdaddr_t *) bd_addr, &bdstr), transport);
2235 if (pairing_cb.state != BT_BOND_STATE_NONE)
2236 return BT_STATUS_BUSY;
2237
2238 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_CREATE_BOND,
2239 (char *)&create_bond_cb, sizeof(btif_dm_create_bond_cb_t), NULL);
2240
2241 return BT_STATUS_SUCCESS;
2242 }
2243
2244 /*******************************************************************************
2245 **
2246 ** Function btif_dm_cancel_bond
2247 **
2248 ** Description Initiate bonding with the specified device
2249 **
2250 ** Returns bt_status_t
2251 **
2252 *******************************************************************************/
2253
btif_dm_cancel_bond(const bt_bdaddr_t * bd_addr)2254 bt_status_t btif_dm_cancel_bond(const bt_bdaddr_t *bd_addr)
2255 {
2256 bdstr_t bdstr;
2257
2258 BTIF_TRACE_EVENT("%s: bd_addr=%s", __FUNCTION__, bd2str((bt_bdaddr_t *)bd_addr, &bdstr));
2259
2260 /* TODO:
2261 ** 1. Restore scan modes
2262 ** 2. special handling for HID devices
2263 */
2264 if (pairing_cb.state == BT_BOND_STATE_BONDING)
2265 {
2266
2267 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
2268
2269 if (pairing_cb.is_ssp)
2270 {
2271 if (pairing_cb.is_le_only)
2272 {
2273 BTA_DmBleSecurityGrant((UINT8 *)bd_addr->address,BTA_DM_SEC_PAIR_NOT_SPT);
2274 }
2275 else
2276 {
2277 BTA_DmConfirm( (UINT8 *)bd_addr->address, FALSE);
2278 BTA_DmBondCancel ((UINT8 *)bd_addr->address);
2279 btif_storage_remove_bonded_device((bt_bdaddr_t *)bd_addr);
2280 }
2281 }
2282 else
2283 {
2284 if (pairing_cb.is_le_only)
2285 {
2286 BTA_DmBondCancel ((UINT8 *)bd_addr->address);
2287 }
2288 else
2289 {
2290 BTA_DmPinReply( (UINT8 *)bd_addr->address, FALSE, 0, NULL);
2291 }
2292 /* Cancel bonding, in case it is in ACL connection setup state */
2293 BTA_DmBondCancel ((UINT8 *)bd_addr->address);
2294 }
2295
2296 #else
2297 if (pairing_cb.is_ssp)
2298 {
2299 BTA_DmConfirm( (UINT8 *)bd_addr->address, FALSE);
2300 }
2301 else
2302 {
2303 BTA_DmPinReply( (UINT8 *)bd_addr->address, FALSE, 0, NULL);
2304 }
2305 /* Cancel bonding, in case it is in ACL connection setup state */
2306 BTA_DmBondCancel ((UINT8 *)bd_addr->address);
2307 btif_storage_remove_bonded_device((bt_bdaddr_t *)bd_addr);
2308 #endif
2309 }
2310
2311 return BT_STATUS_SUCCESS;
2312 }
2313
2314 /*******************************************************************************
2315 **
2316 ** Function btif_dm_hh_open_failed
2317 **
2318 ** Description informs the upper layers if the HH have failed during bonding
2319 **
2320 ** Returns none
2321 **
2322 *******************************************************************************/
2323
btif_dm_hh_open_failed(bt_bdaddr_t * bdaddr)2324 void btif_dm_hh_open_failed(bt_bdaddr_t *bdaddr)
2325 {
2326 if (pairing_cb.state == BT_BOND_STATE_BONDING &&
2327 bdcmp(bdaddr->address, pairing_cb.bd_addr) == 0)
2328 {
2329 bond_state_changed(BT_STATUS_FAIL, bdaddr, BT_BOND_STATE_NONE);
2330 }
2331 }
2332
2333 /*******************************************************************************
2334 **
2335 ** Function btif_dm_remove_bond
2336 **
2337 ** Description Removes bonding with the specified device
2338 **
2339 ** Returns bt_status_t
2340 **
2341 *******************************************************************************/
2342
btif_dm_remove_bond(const bt_bdaddr_t * bd_addr)2343 bt_status_t btif_dm_remove_bond(const bt_bdaddr_t *bd_addr)
2344 {
2345 bdstr_t bdstr;
2346
2347 BTIF_TRACE_EVENT("%s: bd_addr=%s", __FUNCTION__, bd2str((bt_bdaddr_t *)bd_addr, &bdstr));
2348 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_REMOVE_BOND,
2349 (char *)bd_addr, sizeof(bt_bdaddr_t), NULL);
2350
2351 return BT_STATUS_SUCCESS;
2352 }
2353
2354 /*******************************************************************************
2355 **
2356 ** Function btif_dm_pin_reply
2357 **
2358 ** Description BT legacy pairing - PIN code reply
2359 **
2360 ** Returns bt_status_t
2361 **
2362 *******************************************************************************/
2363
btif_dm_pin_reply(const bt_bdaddr_t * bd_addr,uint8_t accept,uint8_t pin_len,bt_pin_code_t * pin_code)2364 bt_status_t btif_dm_pin_reply( const bt_bdaddr_t *bd_addr, uint8_t accept,
2365 uint8_t pin_len, bt_pin_code_t *pin_code)
2366 {
2367 BTIF_TRACE_EVENT("%s: accept=%d", __FUNCTION__, accept);
2368 if (pin_code == NULL)
2369 return BT_STATUS_FAIL;
2370 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
2371
2372 if (pairing_cb.is_le_only)
2373 {
2374 int i;
2375 UINT32 passkey = 0;
2376 int multi[] = {100000, 10000, 1000, 100, 10,1};
2377 BD_ADDR remote_bd_addr;
2378 bdcpy(remote_bd_addr, bd_addr->address);
2379 for (i = 0; i < 6; i++)
2380 {
2381 passkey += (multi[i] * (pin_code->pin[i] - '0'));
2382 }
2383 BTIF_TRACE_DEBUG("btif_dm_pin_reply: passkey: %d", passkey);
2384 BTA_DmBlePasskeyReply(remote_bd_addr, accept, passkey);
2385
2386 }
2387 else
2388 {
2389 BTA_DmPinReply( (UINT8 *)bd_addr->address, accept, pin_len, pin_code->pin);
2390 if (accept)
2391 pairing_cb.pin_code_len = pin_len;
2392 }
2393 #else
2394 BTA_DmPinReply( (UINT8 *)bd_addr->address, accept, pin_len, pin_code->pin);
2395
2396 if (accept)
2397 pairing_cb.pin_code_len = pin_len;
2398 #endif
2399 return BT_STATUS_SUCCESS;
2400 }
2401
2402 /*******************************************************************************
2403 **
2404 ** Function btif_dm_ssp_reply
2405 **
2406 ** Description BT SSP Reply - Just Works, Numeric Comparison & Passkey Entry
2407 **
2408 ** Returns bt_status_t
2409 **
2410 *******************************************************************************/
btif_dm_ssp_reply(const bt_bdaddr_t * bd_addr,bt_ssp_variant_t variant,uint8_t accept,uint32_t passkey)2411 bt_status_t btif_dm_ssp_reply(const bt_bdaddr_t *bd_addr,
2412 bt_ssp_variant_t variant, uint8_t accept,
2413 uint32_t passkey)
2414 {
2415 UNUSED(passkey);
2416
2417 if (variant == BT_SSP_VARIANT_PASSKEY_ENTRY)
2418 {
2419 /* This is not implemented in the stack.
2420 * For devices with display, this is not needed
2421 */
2422 BTIF_TRACE_WARNING("%s: Not implemented", __FUNCTION__);
2423 return BT_STATUS_FAIL;
2424 }
2425 /* BT_SSP_VARIANT_CONSENT & BT_SSP_VARIANT_PASSKEY_CONFIRMATION supported */
2426 BTIF_TRACE_EVENT("%s: accept=%d", __FUNCTION__, accept);
2427 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
2428 if (pairing_cb.is_le_only)
2429 {
2430 if (accept)
2431 BTA_DmBleSecurityGrant((UINT8 *)bd_addr->address,BTA_DM_SEC_GRANTED);
2432 else
2433 BTA_DmBleSecurityGrant((UINT8 *)bd_addr->address,BTA_DM_SEC_PAIR_NOT_SPT);
2434 }
2435 else
2436 BTA_DmConfirm( (UINT8 *)bd_addr->address, accept);
2437
2438 #else
2439 BTA_DmConfirm( (UINT8 *)bd_addr->address, accept);
2440 #endif
2441 return BT_STATUS_SUCCESS;
2442 }
2443
2444 /*******************************************************************************
2445 **
2446 ** Function btif_dm_get_adapter_property
2447 **
2448 ** Description Queries the BTA for the adapter property
2449 **
2450 ** Returns bt_status_t
2451 **
2452 *******************************************************************************/
btif_dm_get_adapter_property(bt_property_t * prop)2453 bt_status_t btif_dm_get_adapter_property(bt_property_t *prop)
2454 {
2455 bt_status_t status;
2456
2457 BTIF_TRACE_EVENT("%s: type=0x%x", __FUNCTION__, prop->type);
2458 switch (prop->type)
2459 {
2460 case BT_PROPERTY_BDNAME:
2461 {
2462 bt_bdname_t *bd_name = (bt_bdname_t*)prop->val;
2463 strcpy((char *)bd_name->name, btif_get_default_local_name());
2464 prop->len = strlen((char *)bd_name->name);
2465 }
2466 break;
2467
2468 case BT_PROPERTY_ADAPTER_SCAN_MODE:
2469 {
2470 /* if the storage does not have it. Most likely app never set it. Default is NONE */
2471 bt_scan_mode_t *mode = (bt_scan_mode_t*)prop->val;
2472 *mode = BT_SCAN_MODE_NONE;
2473 prop->len = sizeof(bt_scan_mode_t);
2474 }
2475 break;
2476
2477 case BT_PROPERTY_ADAPTER_DISCOVERY_TIMEOUT:
2478 {
2479 uint32_t *tmt = (uint32_t*)prop->val;
2480 *tmt = 120; /* default to 120s, if not found in NV */
2481 prop->len = sizeof(uint32_t);
2482 }
2483 break;
2484
2485 default:
2486 prop->len = 0;
2487 return BT_STATUS_FAIL;
2488 }
2489 return BT_STATUS_SUCCESS;
2490 }
2491
2492 /*******************************************************************************
2493 **
2494 ** Function btif_dm_get_remote_services
2495 **
2496 ** Description Start SDP to get remote services
2497 **
2498 ** Returns bt_status_t
2499 **
2500 *******************************************************************************/
btif_dm_get_remote_services(bt_bdaddr_t * remote_addr)2501 bt_status_t btif_dm_get_remote_services(bt_bdaddr_t *remote_addr)
2502 {
2503 bdstr_t bdstr;
2504
2505 BTIF_TRACE_EVENT("%s: remote_addr=%s", __FUNCTION__, bd2str(remote_addr, &bdstr));
2506
2507 BTA_DmDiscover(remote_addr->address, BTA_ALL_SERVICE_MASK,
2508 bte_dm_search_services_evt, TRUE);
2509
2510 return BT_STATUS_SUCCESS;
2511 }
2512
2513 /*******************************************************************************
2514 **
2515 ** Function btif_dm_get_remote_service_record
2516 **
2517 ** Description Start SDP to get remote service record
2518 **
2519 **
2520 ** Returns bt_status_t
2521 *******************************************************************************/
btif_dm_get_remote_service_record(bt_bdaddr_t * remote_addr,bt_uuid_t * uuid)2522 bt_status_t btif_dm_get_remote_service_record(bt_bdaddr_t *remote_addr,
2523 bt_uuid_t *uuid)
2524 {
2525 tSDP_UUID sdp_uuid;
2526 bdstr_t bdstr;
2527
2528 BTIF_TRACE_EVENT("%s: remote_addr=%s", __FUNCTION__, bd2str(remote_addr, &bdstr));
2529
2530 sdp_uuid.len = MAX_UUID_SIZE;
2531 memcpy(sdp_uuid.uu.uuid128, uuid->uu, MAX_UUID_SIZE);
2532
2533 BTA_DmDiscoverUUID(remote_addr->address, &sdp_uuid,
2534 bte_dm_remote_service_record_evt, TRUE);
2535
2536 return BT_STATUS_SUCCESS;
2537 }
2538
btif_dm_execute_service_request(UINT16 event,char * p_param)2539 void btif_dm_execute_service_request(UINT16 event, char *p_param)
2540 {
2541 BOOLEAN b_enable = FALSE;
2542 bt_status_t status;
2543 if (event == BTIF_DM_ENABLE_SERVICE)
2544 {
2545 b_enable = TRUE;
2546 }
2547 status = btif_in_execute_service_request(*((tBTA_SERVICE_ID*)p_param), b_enable);
2548 if (status == BT_STATUS_SUCCESS)
2549 {
2550 bt_property_t property;
2551 bt_uuid_t local_uuids[BT_MAX_NUM_UUIDS];
2552
2553 /* Now send the UUID_PROPERTY_CHANGED event to the upper layer */
2554 BTIF_STORAGE_FILL_PROPERTY(&property, BT_PROPERTY_UUIDS,
2555 sizeof(local_uuids), local_uuids);
2556 btif_storage_get_adapter_property(&property);
2557 HAL_CBACK(bt_hal_cbacks, adapter_properties_cb,
2558 BT_STATUS_SUCCESS, 1, &property);
2559 }
2560 return;
2561 }
2562
btif_dm_proc_io_req(BD_ADDR bd_addr,tBTA_IO_CAP * p_io_cap,tBTA_OOB_DATA * p_oob_data,tBTA_AUTH_REQ * p_auth_req,BOOLEAN is_orig)2563 void btif_dm_proc_io_req(BD_ADDR bd_addr, tBTA_IO_CAP *p_io_cap, tBTA_OOB_DATA *p_oob_data,
2564 tBTA_AUTH_REQ *p_auth_req, BOOLEAN is_orig)
2565 {
2566 UINT8 yes_no_bit = BTA_AUTH_SP_YES & *p_auth_req;
2567 /* if local initiated:
2568 ** 1. set DD + MITM
2569 ** if remote initiated:
2570 ** 1. Copy over the auth_req from peer's io_rsp
2571 ** 2. Set the MITM if peer has it set or if peer has DisplayYesNo (iPhone)
2572 ** as a fallback set MITM+GB if peer had MITM set
2573 */
2574 UNUSED (bd_addr);
2575 UNUSED (p_io_cap);
2576 UNUSED (p_oob_data);
2577
2578
2579 BTIF_TRACE_DEBUG("+%s: p_auth_req=%d", __FUNCTION__, *p_auth_req);
2580 if(pairing_cb.is_local_initiated)
2581 {
2582 /* if initing/responding to a dedicated bonding, use dedicate bonding bit */
2583 *p_auth_req = BTA_AUTH_DD_BOND | BTA_AUTH_SP_YES;
2584 }
2585 else if (!is_orig)
2586 {
2587 /* peer initiated paring. They probably know what they want.
2588 ** Copy the mitm from peer device.
2589 */
2590 BTIF_TRACE_DEBUG("%s: setting p_auth_req to peer's: %d",
2591 __FUNCTION__, pairing_cb.auth_req);
2592 *p_auth_req = (pairing_cb.auth_req & BTA_AUTH_BONDS);
2593
2594 /* copy over the MITM bit as well. In addition if the peer has DisplayYesNo, force MITM */
2595 if ((yes_no_bit) || (pairing_cb.io_cap & BTM_IO_CAP_IO) )
2596 *p_auth_req |= BTA_AUTH_SP_YES;
2597 }
2598 else if (yes_no_bit)
2599 {
2600 /* set the general bonding bit for stored device */
2601 *p_auth_req = BTA_AUTH_GEN_BOND | yes_no_bit;
2602 }
2603 BTIF_TRACE_DEBUG("-%s: p_auth_req=%d", __FUNCTION__, *p_auth_req);
2604 }
2605
btif_dm_proc_io_rsp(BD_ADDR bd_addr,tBTA_IO_CAP io_cap,tBTA_OOB_DATA oob_data,tBTA_AUTH_REQ auth_req)2606 void btif_dm_proc_io_rsp(BD_ADDR bd_addr, tBTA_IO_CAP io_cap,
2607 tBTA_OOB_DATA oob_data, tBTA_AUTH_REQ auth_req)
2608 {
2609 UNUSED (bd_addr);
2610 UNUSED (oob_data);
2611
2612 if(auth_req & BTA_AUTH_BONDS)
2613 {
2614 BTIF_TRACE_DEBUG("%s auth_req:%d", __FUNCTION__, auth_req);
2615 pairing_cb.auth_req = auth_req;
2616 pairing_cb.io_cap = io_cap;
2617 }
2618 }
2619
2620 #if (BTM_OOB_INCLUDED == TRUE)
btif_dm_set_oob_for_io_req(tBTA_OOB_DATA * p_oob_data)2621 void btif_dm_set_oob_for_io_req(tBTA_OOB_DATA *p_oob_data)
2622 {
2623 if (oob_cb.sp_c[0] == 0 && oob_cb.sp_c[1] == 0 &&
2624 oob_cb.sp_c[2] == 0 && oob_cb.sp_c[3] == 0 )
2625 {
2626 *p_oob_data = FALSE;
2627 }
2628 else
2629 {
2630 *p_oob_data = TRUE;
2631 }
2632 BTIF_TRACE_DEBUG("btif_dm_set_oob_for_io_req *p_oob_data=%d", *p_oob_data);
2633 }
2634 #endif /* BTM_OOB_INCLUDED */
2635
2636 #ifdef BTIF_DM_OOB_TEST
btif_dm_load_local_oob(void)2637 void btif_dm_load_local_oob(void)
2638 {
2639 char prop_oob[PROPERTY_VALUE_MAX];
2640 property_get("service.brcm.bt.oob", prop_oob, "3");
2641 BTIF_TRACE_DEBUG("btif_dm_load_local_oob prop_oob = %s",prop_oob);
2642 if (prop_oob[0] != '3')
2643 {
2644 #if (BTM_OOB_INCLUDED == TRUE)
2645 if (oob_cb.sp_c[0] == 0 && oob_cb.sp_c[1] == 0 &&
2646 oob_cb.sp_c[2] == 0 && oob_cb.sp_c[3] == 0 )
2647 {
2648 BTIF_TRACE_DEBUG("btif_dm_load_local_oob: read OOB, call BTA_DmLocalOob()");
2649 BTA_DmLocalOob();
2650 }
2651 #else
2652 BTIF_TRACE_ERROR("BTM_OOB_INCLUDED is FALSE!!(btif_dm_load_local_oob)");
2653 #endif
2654 }
2655 }
2656
btif_dm_proc_loc_oob(BOOLEAN valid,BT_OCTET16 c,BT_OCTET16 r)2657 void btif_dm_proc_loc_oob(BOOLEAN valid, BT_OCTET16 c, BT_OCTET16 r)
2658 {
2659 FILE *fp;
2660 char *path_a = "/data/misc/bluedroid/LOCAL/a.key";
2661 char *path_b = "/data/misc/bluedroid/LOCAL/b.key";
2662 char *path = NULL;
2663 char prop_oob[PROPERTY_VALUE_MAX];
2664 BTIF_TRACE_DEBUG("btif_dm_proc_loc_oob: valid=%d", valid);
2665 if (oob_cb.sp_c[0] == 0 && oob_cb.sp_c[1] == 0 &&
2666 oob_cb.sp_c[2] == 0 && oob_cb.sp_c[3] == 0 &&
2667 valid)
2668 {
2669 BTIF_TRACE_DEBUG("save local OOB data in memory");
2670 memcpy(oob_cb.sp_c, c, BT_OCTET16_LEN);
2671 memcpy(oob_cb.sp_r, r, BT_OCTET16_LEN);
2672 property_get("service.brcm.bt.oob", prop_oob, "3");
2673 BTIF_TRACE_DEBUG("btif_dm_proc_loc_oob prop_oob = %s",prop_oob);
2674 if (prop_oob[0] == '1')
2675 path = path_a;
2676 else if (prop_oob[0] == '2')
2677 path = path_b;
2678 if (path)
2679 {
2680 fp = fopen(path, "wb+");
2681 if (fp == NULL)
2682 {
2683 BTIF_TRACE_DEBUG("btif_dm_proc_loc_oob: failed to save local OOB data to %s", path);
2684 }
2685 else
2686 {
2687 BTIF_TRACE_DEBUG("btif_dm_proc_loc_oob: save local OOB data into file %s",path);
2688 fwrite (c , 1 , BT_OCTET16_LEN , fp );
2689 fwrite (r , 1 , BT_OCTET16_LEN , fp );
2690 fclose(fp);
2691 }
2692 }
2693 }
2694 }
btif_dm_proc_rmt_oob(BD_ADDR bd_addr,BT_OCTET16 p_c,BT_OCTET16 p_r)2695 BOOLEAN btif_dm_proc_rmt_oob(BD_ADDR bd_addr, BT_OCTET16 p_c, BT_OCTET16 p_r)
2696 {
2697 char t[128];
2698 FILE *fp;
2699 char *path_a = "/data/misc/bluedroid/LOCAL/a.key";
2700 char *path_b = "/data/misc/bluedroid/LOCAL/b.key";
2701 char *path = NULL;
2702 char prop_oob[PROPERTY_VALUE_MAX];
2703 BOOLEAN result = FALSE;
2704 bt_bdaddr_t bt_bd_addr;
2705 bdcpy(oob_cb.oob_bdaddr, bd_addr);
2706 property_get("service.brcm.bt.oob", prop_oob, "3");
2707 BTIF_TRACE_DEBUG("btif_dm_proc_rmt_oob prop_oob = %s",prop_oob);
2708 if (prop_oob[0] == '1')
2709 path = path_b;
2710 else if (prop_oob[0] == '2')
2711 path = path_a;
2712 if (path)
2713 {
2714 fp = fopen(path, "rb");
2715 if (fp == NULL)
2716 {
2717 BTIF_TRACE_DEBUG("btapp_dm_rmt_oob_reply: failed to read OOB keys from %s",path);
2718 return FALSE;
2719 }
2720 else
2721 {
2722 BTIF_TRACE_DEBUG("btif_dm_proc_rmt_oob: read OOB data from %s",path);
2723 fread (p_c , 1 , BT_OCTET16_LEN , fp );
2724 fread (p_r , 1 , BT_OCTET16_LEN , fp );
2725 fclose(fp);
2726 }
2727 BTIF_TRACE_DEBUG("----btif_dm_proc_rmt_oob: TRUE");
2728 sprintf(t, "%02x:%02x:%02x:%02x:%02x:%02x",
2729 oob_cb.oob_bdaddr[0], oob_cb.oob_bdaddr[1], oob_cb.oob_bdaddr[2],
2730 oob_cb.oob_bdaddr[3], oob_cb.oob_bdaddr[4], oob_cb.oob_bdaddr[5]);
2731 BTIF_TRACE_DEBUG("----btif_dm_proc_rmt_oob: peer_bdaddr = %s", t);
2732 sprintf(t, "%02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x",
2733 p_c[0], p_c[1], p_c[2], p_c[3], p_c[4], p_c[5], p_c[6], p_c[7],
2734 p_c[8], p_c[9], p_c[10], p_c[11], p_c[12], p_c[13], p_c[14], p_c[15]);
2735 BTIF_TRACE_DEBUG("----btif_dm_proc_rmt_oob: c = %s",t);
2736 sprintf(t, "%02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x",
2737 p_r[0], p_r[1], p_r[2], p_r[3], p_r[4], p_r[5], p_r[6], p_r[7],
2738 p_r[8], p_r[9], p_r[10], p_r[11], p_r[12], p_r[13], p_r[14], p_r[15]);
2739 BTIF_TRACE_DEBUG("----btif_dm_proc_rmt_oob: r = %s",t);
2740 bdcpy(bt_bd_addr.address, bd_addr);
2741 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_BOND_STATE_BONDING,
2742 (char *)&bt_bd_addr, sizeof(bt_bdaddr_t), NULL);
2743 result = TRUE;
2744 }
2745 BTIF_TRACE_DEBUG("btif_dm_proc_rmt_oob result=%d",result);
2746 return result;
2747 }
2748 #endif /* BTIF_DM_OOB_TEST */
2749 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
2750
btif_dm_ble_key_notif_evt(tBTA_DM_SP_KEY_NOTIF * p_ssp_key_notif)2751 static void btif_dm_ble_key_notif_evt(tBTA_DM_SP_KEY_NOTIF *p_ssp_key_notif)
2752 {
2753 bt_bdaddr_t bd_addr;
2754 bt_bdname_t bd_name;
2755 UINT32 cod;
2756
2757 BTIF_TRACE_DEBUG("%s", __FUNCTION__);
2758
2759 /* Remote name update */
2760 btif_update_remote_properties(p_ssp_key_notif->bd_addr , p_ssp_key_notif->bd_name,
2761 NULL, BT_DEVICE_TYPE_BLE);
2762 bdcpy(bd_addr.address, p_ssp_key_notif->bd_addr);
2763 memcpy(bd_name.name, p_ssp_key_notif->bd_name, BD_NAME_LEN);
2764
2765 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING);
2766 pairing_cb.is_ssp = FALSE;
2767 cod = COD_UNCLASSIFIED;
2768
2769 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name,
2770 cod, BT_SSP_VARIANT_PASSKEY_NOTIFICATION,
2771 p_ssp_key_notif->passkey);
2772 }
2773
2774 /*******************************************************************************
2775 **
2776 ** Function btif_dm_ble_auth_cmpl_evt
2777 **
2778 ** Description Executes authentication complete event in btif context
2779 **
2780 ** Returns void
2781 **
2782 *******************************************************************************/
btif_dm_ble_auth_cmpl_evt(tBTA_DM_AUTH_CMPL * p_auth_cmpl)2783 static void btif_dm_ble_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl)
2784 {
2785 /* Save link key, if not temporary */
2786 bt_bdaddr_t bd_addr;
2787 bt_status_t status = BT_STATUS_FAIL;
2788 bt_bond_state_t state = BT_BOND_STATE_NONE;
2789
2790 bdcpy(bd_addr.address, p_auth_cmpl->bd_addr);
2791 if ( (p_auth_cmpl->success == TRUE) && (p_auth_cmpl->key_present) )
2792 {
2793 /* store keys */
2794 }
2795 if (p_auth_cmpl->success)
2796 {
2797 status = BT_STATUS_SUCCESS;
2798 state = BT_BOND_STATE_BONDED;
2799
2800 btif_dm_save_ble_bonding_keys();
2801 BTA_GATTC_Refresh(bd_addr.address);
2802 btif_dm_get_remote_services(&bd_addr);
2803 }
2804 else
2805 {
2806 /*Map the HCI fail reason to bt status */
2807 switch (p_auth_cmpl->fail_reason)
2808 {
2809 case BTA_DM_AUTH_SMP_PAIR_AUTH_FAIL:
2810 case BTA_DM_AUTH_SMP_CONFIRM_VALUE_FAIL:
2811 btif_dm_remove_ble_bonding_keys();
2812 status = BT_STATUS_AUTH_FAILURE;
2813 break;
2814 case BTA_DM_AUTH_SMP_PAIR_NOT_SUPPORT:
2815 status = BT_STATUS_AUTH_REJECTED;
2816 break;
2817 default:
2818 btif_dm_remove_ble_bonding_keys();
2819 status = BT_STATUS_FAIL;
2820 break;
2821 }
2822 }
2823 bond_state_changed(status, &bd_addr, state);
2824 }
2825
2826
2827
btif_dm_load_ble_local_keys(void)2828 void btif_dm_load_ble_local_keys(void)
2829 {
2830 bt_status_t bt_status;
2831
2832 memset(&ble_local_key_cb, 0, sizeof(btif_dm_local_key_cb_t));
2833
2834 if (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_ER,(char*)&ble_local_key_cb.er[0],
2835 BT_OCTET16_LEN)== BT_STATUS_SUCCESS)
2836 {
2837 ble_local_key_cb.is_er_rcvd = TRUE;
2838 BTIF_TRACE_DEBUG("%s BLE ER key loaded",__FUNCTION__ );
2839 }
2840
2841 if ((btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_IR,(char*)&ble_local_key_cb.id_keys.ir[0],
2842 BT_OCTET16_LEN)== BT_STATUS_SUCCESS )&&
2843 (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_IRK, (char*)&ble_local_key_cb.id_keys.irk[0],
2844 BT_OCTET16_LEN)== BT_STATUS_SUCCESS)&&
2845 (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_DHK,(char*)&ble_local_key_cb.id_keys.dhk[0],
2846 BT_OCTET16_LEN)== BT_STATUS_SUCCESS))
2847 {
2848 ble_local_key_cb.is_id_keys_rcvd = TRUE;
2849 BTIF_TRACE_DEBUG("%s BLE ID keys loaded",__FUNCTION__ );
2850 }
2851
2852 }
btif_dm_get_ble_local_keys(tBTA_DM_BLE_LOCAL_KEY_MASK * p_key_mask,BT_OCTET16 er,tBTA_BLE_LOCAL_ID_KEYS * p_id_keys)2853 void btif_dm_get_ble_local_keys(tBTA_DM_BLE_LOCAL_KEY_MASK *p_key_mask, BT_OCTET16 er,
2854 tBTA_BLE_LOCAL_ID_KEYS *p_id_keys)
2855 {
2856 if (ble_local_key_cb.is_er_rcvd )
2857 {
2858 memcpy(&er[0], &ble_local_key_cb.er[0], sizeof(BT_OCTET16));
2859 *p_key_mask |= BTA_BLE_LOCAL_KEY_TYPE_ER;
2860 }
2861
2862 if (ble_local_key_cb.is_id_keys_rcvd)
2863 {
2864 memcpy(&p_id_keys->ir[0], &ble_local_key_cb.id_keys.ir[0], sizeof(BT_OCTET16));
2865 memcpy(&p_id_keys->irk[0], &ble_local_key_cb.id_keys.irk[0], sizeof(BT_OCTET16));
2866 memcpy(&p_id_keys->dhk[0], &ble_local_key_cb.id_keys.dhk[0], sizeof(BT_OCTET16));
2867 *p_key_mask |= BTA_BLE_LOCAL_KEY_TYPE_ID;
2868 }
2869 BTIF_TRACE_DEBUG("%s *p_key_mask=0x%02x",__FUNCTION__, *p_key_mask);
2870 }
2871
btif_dm_save_ble_bonding_keys(void)2872 void btif_dm_save_ble_bonding_keys(void)
2873 {
2874
2875 bt_bdaddr_t bd_addr;
2876
2877 BTIF_TRACE_DEBUG("%s",__FUNCTION__ );
2878
2879 bdcpy(bd_addr.address, pairing_cb.bd_addr);
2880
2881 if (pairing_cb.ble.is_penc_key_rcvd)
2882 {
2883 btif_storage_add_ble_bonding_key(&bd_addr,
2884 (char *) &pairing_cb.ble.penc_key,
2885 BTIF_DM_LE_KEY_PENC,
2886 sizeof(btif_dm_ble_penc_keys_t));
2887 }
2888
2889 if (pairing_cb.ble.is_pid_key_rcvd)
2890 {
2891 btif_storage_add_ble_bonding_key(&bd_addr,
2892 (char *) &pairing_cb.ble.pid_key,
2893 BTIF_DM_LE_KEY_PID,
2894 sizeof(btif_dm_ble_pid_keys_t));
2895 }
2896
2897
2898 if (pairing_cb.ble.is_pcsrk_key_rcvd)
2899 {
2900 btif_storage_add_ble_bonding_key(&bd_addr,
2901 (char *) &pairing_cb.ble.pcsrk_key,
2902 BTIF_DM_LE_KEY_PCSRK,
2903 sizeof(btif_dm_ble_pcsrk_keys_t));
2904 }
2905
2906
2907 if (pairing_cb.ble.is_lenc_key_rcvd)
2908 {
2909 btif_storage_add_ble_bonding_key(&bd_addr,
2910 (char *) &pairing_cb.ble.lenc_key,
2911 BTIF_DM_LE_KEY_LENC,
2912 sizeof(btif_dm_ble_lenc_keys_t));
2913 }
2914
2915 if (pairing_cb.ble.is_lcsrk_key_rcvd)
2916 {
2917 btif_storage_add_ble_bonding_key(&bd_addr,
2918 (char *) &pairing_cb.ble.lcsrk_key,
2919 BTIF_DM_LE_KEY_LCSRK,
2920 sizeof(btif_dm_ble_lcsrk_keys_t));
2921 }
2922
2923 }
2924
2925
btif_dm_remove_ble_bonding_keys(void)2926 void btif_dm_remove_ble_bonding_keys(void)
2927 {
2928 bt_bdaddr_t bd_addr;
2929
2930 BTIF_TRACE_DEBUG("%s",__FUNCTION__ );
2931
2932 bdcpy(bd_addr.address, pairing_cb.bd_addr);
2933 btif_storage_remove_ble_bonding_keys(&bd_addr);
2934 }
2935
2936
2937 /*******************************************************************************
2938 **
2939 ** Function btif_dm_ble_sec_req_evt
2940 **
2941 ** Description Eprocess security request event in btif context
2942 **
2943 ** Returns void
2944 **
2945 *******************************************************************************/
btif_dm_ble_sec_req_evt(tBTA_DM_BLE_SEC_REQ * p_ble_req)2946 void btif_dm_ble_sec_req_evt(tBTA_DM_BLE_SEC_REQ *p_ble_req)
2947 {
2948 bt_bdaddr_t bd_addr;
2949 bt_bdname_t bd_name;
2950 UINT32 cod;
2951 BTIF_TRACE_DEBUG("%s", __FUNCTION__);
2952
2953 if (pairing_cb.state == BT_BOND_STATE_BONDING)
2954 {
2955 BTIF_TRACE_DEBUG("%s Discard security request", __FUNCTION__);
2956 return;
2957 }
2958
2959 /* Remote name update */
2960 btif_update_remote_properties(p_ble_req->bd_addr,p_ble_req->bd_name,NULL,BT_DEVICE_TYPE_BLE);
2961
2962 bdcpy(bd_addr.address, p_ble_req->bd_addr);
2963 memcpy(bd_name.name, p_ble_req->bd_name, BD_NAME_LEN);
2964
2965 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING);
2966
2967 pairing_cb.is_temp = FALSE;
2968 pairing_cb.is_le_only = TRUE;
2969 pairing_cb.is_ssp = TRUE;
2970
2971 cod = COD_UNCLASSIFIED;
2972
2973 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod,
2974 BT_SSP_VARIANT_CONSENT, 0);
2975 }
2976
2977
2978
2979 /*******************************************************************************
2980 **
2981 ** Function btif_dm_ble_passkey_req_evt
2982 **
2983 ** Description Executes pin request event in btif context
2984 **
2985 ** Returns void
2986 **
2987 *******************************************************************************/
btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ * p_pin_req)2988 static void btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ *p_pin_req)
2989 {
2990 bt_bdaddr_t bd_addr;
2991 bt_bdname_t bd_name;
2992 UINT32 cod;
2993
2994 /* Remote name update */
2995 btif_update_remote_properties(p_pin_req->bd_addr,p_pin_req->bd_name,NULL,BT_DEVICE_TYPE_BLE);
2996
2997 bdcpy(bd_addr.address, p_pin_req->bd_addr);
2998 memcpy(bd_name.name, p_pin_req->bd_name, BD_NAME_LEN);
2999
3000 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING);
3001 pairing_cb.is_le_only = TRUE;
3002
3003 cod = COD_UNCLASSIFIED;
3004
3005 HAL_CBACK(bt_hal_cbacks, pin_request_cb,
3006 &bd_addr, &bd_name, cod);
3007 }
3008
3009
btif_dm_update_ble_remote_properties(BD_ADDR bd_addr,BD_NAME bd_name,tBT_DEVICE_TYPE dev_type)3010 void btif_dm_update_ble_remote_properties( BD_ADDR bd_addr, BD_NAME bd_name,
3011 tBT_DEVICE_TYPE dev_type)
3012 {
3013 btif_update_remote_properties(bd_addr,bd_name,NULL,dev_type);
3014 }
3015
btif_dm_ble_tx_test_cback(void * p)3016 static void btif_dm_ble_tx_test_cback(void *p)
3017 {
3018 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_TX_TEST,
3019 (char *)p, 1, NULL);
3020 }
3021
btif_dm_ble_rx_test_cback(void * p)3022 static void btif_dm_ble_rx_test_cback(void *p)
3023 {
3024 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_RX_TEST,
3025 (char *)p, 1, NULL);
3026 }
3027
btif_dm_ble_test_end_cback(void * p)3028 static void btif_dm_ble_test_end_cback(void *p)
3029 {
3030 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_TEST_END,
3031 (char *)p, 3, NULL);
3032 }
3033 /*******************************************************************************
3034 **
3035 ** Function btif_le_test_mode
3036 **
3037 ** Description Sends a HCI BLE Test command to the Controller
3038 **
3039 ** Returns BT_STATUS_SUCCESS on success
3040 **
3041 *******************************************************************************/
btif_le_test_mode(uint16_t opcode,uint8_t * buf,uint8_t len)3042 bt_status_t btif_le_test_mode(uint16_t opcode, uint8_t *buf, uint8_t len)
3043 {
3044 switch (opcode) {
3045 case HCI_BLE_TRANSMITTER_TEST:
3046 if (len != 3) return BT_STATUS_PARM_INVALID;
3047 BTM_BleTransmitterTest(buf[0],buf[1],buf[2], btif_dm_ble_tx_test_cback);
3048 break;
3049 case HCI_BLE_RECEIVER_TEST:
3050 if (len != 1) return BT_STATUS_PARM_INVALID;
3051 BTM_BleReceiverTest(buf[0], btif_dm_ble_rx_test_cback);
3052 break;
3053 case HCI_BLE_TEST_END:
3054 BTM_BleTestEnd((tBTM_CMPL_CB*) btif_dm_ble_test_end_cback);
3055 break;
3056 default:
3057 BTIF_TRACE_ERROR("%s: Unknown LE Test Mode Command 0x%x", __FUNCTION__, opcode);
3058 return BT_STATUS_UNSUPPORTED;
3059 }
3060 return BT_STATUS_SUCCESS;
3061 }
3062
3063 #endif
3064
btif_dm_on_disable()3065 void btif_dm_on_disable()
3066 {
3067 /* cancel any pending pairing requests */
3068 if (pairing_cb.state == BT_BOND_STATE_BONDING)
3069 {
3070 bt_bdaddr_t bd_addr;
3071
3072 BTIF_TRACE_DEBUG("%s: Cancel pending pairing request", __FUNCTION__);
3073 bdcpy(bd_addr.address, pairing_cb.bd_addr);
3074 btif_dm_cancel_bond(&bd_addr);
3075 }
3076 }
3077
3078 /*******************************************************************************
3079 **
3080 ** Function btif_dm_read_energy_info
3081 **
3082 ** Description Reads the energy info from controller
3083 **
3084 ** Returns void
3085 **
3086 *******************************************************************************/
btif_dm_read_energy_info()3087 void btif_dm_read_energy_info()
3088 {
3089 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
3090 BTA_DmBleGetEnergyInfo(bta_energy_info_cb);
3091 #endif
3092 }
3093
btif_get_default_local_name()3094 static char* btif_get_default_local_name() {
3095 if (btif_default_local_name[0] == '\0')
3096 {
3097 int max_len = sizeof(btif_default_local_name) - 1;
3098 if (BTM_DEF_LOCAL_NAME[0] != '\0')
3099 {
3100 strncpy(btif_default_local_name, BTM_DEF_LOCAL_NAME, max_len);
3101 }
3102 else
3103 {
3104 char prop_model[PROPERTY_VALUE_MAX];
3105 property_get(PROPERTY_PRODUCT_MODEL, prop_model, "");
3106 strncpy(btif_default_local_name, prop_model, max_len);
3107 }
3108 btif_default_local_name[max_len] = '\0';
3109 }
3110 return btif_default_local_name;
3111 }
3112