btif_dm.c revision 740def526e757f5ea8f30d9d28d1e7a668dadc42
1/****************************************************************************** 2 * 3 * Copyright (C) 2009-2012 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19/************************************************************************************ 20 * 21 * Filename: btif_dm.c 22 * 23 * Description: Contains Device Management (DM) related functionality 24 * 25 * 26 ***********************************************************************************/ 27#include <stdio.h> 28#include <stdlib.h> 29#include <unistd.h> 30 31#include <hardware/bluetooth.h> 32 33#include <utils/Log.h> 34#include <cutils/properties.h> 35#include "gki.h" 36#include "btu.h" 37#include "bd.h" 38#include "bta_api.h" 39#include "btif_api.h" 40#include "btif_util.h" 41#include "btif_dm.h" 42#include "btif_storage.h" 43#include "btif_hh.h" 44#include "btif_config.h" 45 46#include "bta_gatt_api.h" 47/****************************************************************************** 48** Constants & Macros 49******************************************************************************/ 50 51#define COD_UNCLASSIFIED ((0x1F) << 8) 52#define COD_HID_KEYBOARD 0x0540 53#define COD_HID_POINTING 0x0580 54#define COD_HID_COMBO 0x05C0 55#define COD_HID_MAJOR 0x0500 56#define COD_AV_HEADSETS 0x0404 57#define COD_AV_HANDSFREE 0x0408 58#define COD_AV_HEADPHONES 0x0418 59#define COD_AV_PORTABLE_AUDIO 0x041C 60#define COD_AV_HIFI_AUDIO 0x0428 61 62 63#define BTIF_DM_DEFAULT_INQ_MAX_RESULTS 0 64#define BTIF_DM_DEFAULT_INQ_MAX_DURATION 10 65#define BTIF_DM_MAX_SDP_ATTEMPTS_AFTER_PAIRING 2 66 67#define PROPERTY_PRODUCT_MODEL "ro.product.model" 68#define DEFAULT_LOCAL_NAME_MAX 31 69#if (DEFAULT_LOCAL_NAME_MAX > BTM_MAX_LOC_BD_NAME_LEN) 70 #error "default btif local name size exceeds stack supported length" 71#endif 72 73#if (defined(BTA_HOST_INTERLEAVE_SEARCH) && BTA_HOST_INTERLEAVE_SEARCH == TRUE) 74#define BTIF_DM_INTERLEAVE_DURATION_BR_ONE 2 75#define BTIF_DM_INTERLEAVE_DURATION_LE_ONE 2 76#define BTIF_DM_INTERLEAVE_DURATION_BR_TWO 3 77#define BTIF_DM_INTERLEAVE_DURATION_LE_TWO 4 78#endif 79 80typedef struct 81{ 82 bt_bond_state_t state; 83 BD_ADDR bd_addr; 84 UINT8 is_temp; 85 UINT8 pin_code_len; 86 UINT8 is_ssp; 87 UINT8 auth_req; 88 UINT8 io_cap; 89 UINT8 autopair_attempts; 90 UINT8 is_local_initiated; 91 UINT8 sdp_attempts; 92#if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 93 BOOLEAN is_le_only; 94 btif_dm_ble_cb_t ble; 95#endif 96} btif_dm_pairing_cb_t; 97 98 99typedef struct 100{ 101 UINT8 ir[BT_OCTET16_LEN]; 102 UINT8 irk[BT_OCTET16_LEN]; 103 UINT8 dhk[BT_OCTET16_LEN]; 104}btif_dm_local_key_id_t; 105 106typedef struct 107{ 108 BOOLEAN is_er_rcvd; 109 UINT8 er[BT_OCTET16_LEN]; 110 BOOLEAN is_id_keys_rcvd; 111 btif_dm_local_key_id_t id_keys; /* ID kyes */ 112 113}btif_dm_local_key_cb_t; 114 115typedef struct 116{ 117 BD_ADDR bd_addr; 118 BD_NAME bd_name; 119} btif_dm_remote_name_t; 120 121typedef struct 122{ 123 BT_OCTET16 sp_c; 124 BT_OCTET16 sp_r; 125 BD_ADDR oob_bdaddr; /* peer bdaddr*/ 126} btif_dm_oob_cb_t; 127#define BTA_SERVICE_ID_TO_SERVICE_MASK(id) (1 << (id)) 128 129/* This flag will be true if HCI_Inquiry is in progress */ 130static BOOLEAN btif_dm_inquiry_in_progress = FALSE; 131 132/************************************************************************************ 133** Static variables 134************************************************************************************/ 135static char btif_default_local_name[DEFAULT_LOCAL_NAME_MAX+1] = {'\0'}; 136 137/****************************************************************************** 138** Static functions 139******************************************************************************/ 140static btif_dm_pairing_cb_t pairing_cb; 141static btif_dm_oob_cb_t oob_cb; 142static void btif_dm_generic_evt(UINT16 event, char* p_param); 143static void btif_dm_cb_create_bond(bt_bdaddr_t *bd_addr); 144static void btif_dm_cb_hid_remote_name(tBTM_REMOTE_DEV_NAME *p_remote_name); 145static void btif_update_remote_properties(BD_ADDR bd_addr, BD_NAME bd_name, 146 DEV_CLASS dev_class, tBT_DEVICE_TYPE dev_type); 147#if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 148static btif_dm_local_key_cb_t ble_local_key_cb; 149static void btif_dm_ble_key_notif_evt(tBTA_DM_SP_KEY_NOTIF *p_ssp_key_notif); 150static void btif_dm_ble_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl); 151static void btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ *p_pin_req); 152#endif 153static char* btif_get_default_local_name(); 154/****************************************************************************** 155** Externs 156******************************************************************************/ 157extern UINT16 bta_service_id_to_uuid_lkup_tbl [BTA_MAX_SERVICE_ID]; 158extern bt_status_t btif_hf_execute_service(BOOLEAN b_enable); 159extern bt_status_t btif_av_execute_service(BOOLEAN b_enable); 160extern bt_status_t btif_hh_execute_service(BOOLEAN b_enable); 161extern int btif_hh_connect(bt_bdaddr_t *bd_addr); 162extern void bta_gatt_convert_uuid16_to_uuid128(UINT8 uuid_128[LEN_UUID_128], UINT16 uuid_16); 163 164 165/****************************************************************************** 166** Functions 167******************************************************************************/ 168 169bt_status_t btif_in_execute_service_request(tBTA_SERVICE_ID service_id, 170 BOOLEAN b_enable) 171{ 172 /* Check the service_ID and invoke the profile's BT state changed API */ 173 switch (service_id) 174 { 175 case BTA_HFP_SERVICE_ID: 176 case BTA_HSP_SERVICE_ID: 177 { 178 btif_hf_execute_service(b_enable); 179 }break; 180 case BTA_A2DP_SERVICE_ID: 181 { 182 btif_av_execute_service(b_enable); 183 }break; 184 case BTA_HID_SERVICE_ID: 185 { 186 btif_hh_execute_service(b_enable); 187 }break; 188 189 default: 190 BTIF_TRACE_ERROR1("%s: Unknown service being enabled", __FUNCTION__); 191 return BT_STATUS_FAIL; 192 } 193 return BT_STATUS_SUCCESS; 194} 195 196/******************************************************************************* 197** 198** Function check_eir_remote_name 199** 200** Description Check if remote name is in the EIR data 201** 202** Returns TRUE if remote name found 203** Populate p_remote_name, if provided and remote name found 204** 205*******************************************************************************/ 206static BOOLEAN check_eir_remote_name(tBTA_DM_SEARCH *p_search_data, 207 UINT8 *p_remote_name, UINT8 *p_remote_name_len) 208{ 209 UINT8 *p_eir_remote_name = NULL; 210 UINT8 remote_name_len = 0; 211 212 /* Check EIR for remote name and services */ 213 if (p_search_data->inq_res.p_eir) 214 { 215 p_eir_remote_name = BTA_CheckEirData(p_search_data->inq_res.p_eir, 216 BTM_EIR_COMPLETE_LOCAL_NAME_TYPE, &remote_name_len); 217 if (!p_eir_remote_name) 218 { 219 p_eir_remote_name = BTA_CheckEirData(p_search_data->inq_res.p_eir, 220 BTM_EIR_SHORTENED_LOCAL_NAME_TYPE, &remote_name_len); 221 } 222 223 if (p_eir_remote_name) 224 { 225 if (remote_name_len > BD_NAME_LEN) 226 remote_name_len = BD_NAME_LEN; 227 228 if (p_remote_name && p_remote_name_len) 229 { 230 memcpy(p_remote_name, p_eir_remote_name, remote_name_len); 231 *(p_remote_name + remote_name_len) = 0; 232 *p_remote_name_len = remote_name_len; 233 } 234 235 return TRUE; 236 } 237 } 238 239 return FALSE; 240 241} 242 243/******************************************************************************* 244** 245** Function check_cached_remote_name 246** 247** Description Check if remote name is in the NVRAM cache 248** 249** Returns TRUE if remote name found 250** Populate p_remote_name, if provided and remote name found 251** 252*******************************************************************************/ 253static BOOLEAN check_cached_remote_name(tBTA_DM_SEARCH *p_search_data, 254 UINT8 *p_remote_name, UINT8 *p_remote_name_len) 255{ 256 bt_bdname_t bdname; 257 bt_bdaddr_t remote_bdaddr; 258 bt_property_t prop_name; 259 260 /* check if we already have it in our btif_storage cache */ 261 bdcpy(remote_bdaddr.address, p_search_data->inq_res.bd_addr); 262 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_BDNAME, 263 sizeof(bt_bdname_t), &bdname); 264 if (btif_storage_get_remote_device_property( 265 &remote_bdaddr, &prop_name) == BT_STATUS_SUCCESS) 266 { 267 if (p_remote_name && p_remote_name_len) 268 { 269 strcpy((char *)p_remote_name, (char *)bdname.name); 270 *p_remote_name_len = strlen((char *)p_remote_name); 271 } 272 return TRUE; 273 } 274 275 return FALSE; 276} 277 278BOOLEAN check_cod(const bt_bdaddr_t *remote_bdaddr, uint32_t cod) 279{ 280 uint32_t remote_cod; 281 bt_property_t prop_name; 282 283 /* check if we already have it in our btif_storage cache */ 284 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_CLASS_OF_DEVICE, 285 sizeof(uint32_t), &remote_cod); 286 if (btif_storage_get_remote_device_property((bt_bdaddr_t *)remote_bdaddr, &prop_name) == BT_STATUS_SUCCESS) 287 { 288 BTIF_TRACE_ERROR2("%s: remote_cod = 0x%06x", __FUNCTION__, remote_cod); 289 if ((remote_cod & 0x7ff) == cod) 290 return TRUE; 291 } 292 293 return FALSE; 294} 295 296BOOLEAN check_cod_hid(const bt_bdaddr_t *remote_bdaddr, uint32_t cod) 297{ 298 uint32_t remote_cod; 299 bt_property_t prop_name; 300 301 /* check if we already have it in our btif_storage cache */ 302 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_CLASS_OF_DEVICE, 303 sizeof(uint32_t), &remote_cod); 304 if (btif_storage_get_remote_device_property((bt_bdaddr_t *)remote_bdaddr, 305 &prop_name) == BT_STATUS_SUCCESS) 306 { 307 BTIF_TRACE_DEBUG2("%s: remote_cod = 0x%06x", __FUNCTION__, remote_cod); 308 if ((remote_cod & 0x700) == cod) 309 return TRUE; 310 } 311 return FALSE; 312} 313 314BOOLEAN check_hid_le(const bt_bdaddr_t *remote_bdaddr) 315{ 316 uint32_t remote_dev_type; 317 bt_property_t prop_name; 318 319 /* check if we already have it in our btif_storage cache */ 320 BTIF_STORAGE_FILL_PROPERTY(&prop_name,BT_PROPERTY_TYPE_OF_DEVICE, 321 sizeof(uint32_t), &remote_dev_type); 322 if (btif_storage_get_remote_device_property((bt_bdaddr_t *)remote_bdaddr, 323 &prop_name) == BT_STATUS_SUCCESS) 324 { 325 if (remote_dev_type == BT_DEVICE_DEVTYPE_BLE) 326 { 327 bdstr_t bdstr; 328 bd2str(remote_bdaddr, &bdstr); 329 if(btif_config_exist("Remote", bdstr, "HidAppId")) 330 return TRUE; 331 } 332 } 333 return FALSE; 334} 335 336static void bond_state_changed(bt_status_t status, bt_bdaddr_t *bd_addr, bt_bond_state_t state) 337{ 338 /* Send bonding state only once - based on outgoing/incoming we may receive duplicates */ 339 if ( (pairing_cb.state == state) && (state == BT_BOND_STATE_BONDING) ) 340 return; 341 342 if (pairing_cb.is_temp) 343 { 344 state = BT_BOND_STATE_NONE; 345 } 346 BTIF_TRACE_DEBUG3("%s: state=%d prev_state=%d", __FUNCTION__, state, pairing_cb.state); 347 348 HAL_CBACK(bt_hal_cbacks, bond_state_changed_cb, status, bd_addr, state); 349 350 if (state == BT_BOND_STATE_BONDING) 351 { 352 pairing_cb.state = state; 353 bdcpy(pairing_cb.bd_addr, bd_addr->address); 354 } 355 else 356 { 357 memset(&pairing_cb, 0, sizeof(pairing_cb)); 358 } 359 360} 361 362/* store remote version in bt config to always have access 363 to it post pairing*/ 364static void btif_update_remote_version_property(bt_bdaddr_t *p_bd) 365{ 366 bt_property_t property; 367 UINT8 lmp_ver = 0; 368 UINT16 lmp_subver = 0; 369 UINT16 mfct_set = 0; 370 tBTM_STATUS btm_status; 371 bt_remote_version_t info; 372 bt_status_t status; 373 bdstr_t bdstr; 374 375 btm_status = BTM_ReadRemoteVersion(*(BD_ADDR*)p_bd, &lmp_ver, 376 &mfct_set, &lmp_subver); 377 378 ALOGD("remote version info [%s]: %x, %x, %x", bd2str(p_bd, &bdstr), 379 lmp_ver, mfct_set, lmp_subver); 380 381 if (btm_status == BTM_SUCCESS) 382 { 383 /* always update cache to ensure we have availability whenever BTM API 384 is not populated */ 385 info.manufacturer = mfct_set; 386 info.sub_ver = lmp_subver; 387 info.version = lmp_ver; 388 BTIF_STORAGE_FILL_PROPERTY(&property, 389 BT_PROPERTY_REMOTE_VERSION_INFO, sizeof(bt_remote_version_t), 390 &info); 391 status = btif_storage_set_remote_device_property(p_bd, &property); 392 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote version", status); 393 } 394} 395 396 397static void btif_update_remote_properties(BD_ADDR bd_addr, BD_NAME bd_name, 398 DEV_CLASS dev_class, tBT_DEVICE_TYPE device_type) 399{ 400 int num_properties = 0; 401 bt_property_t properties[3]; 402 bt_bdaddr_t bdaddr; 403 bt_status_t status; 404 UINT32 cod; 405 bt_device_type_t dev_type; 406 407 memset(properties, 0, sizeof(properties)); 408 bdcpy(bdaddr.address, bd_addr); 409 410 /* remote name */ 411 if (strlen((const char *) bd_name)) 412 { 413 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 414 BT_PROPERTY_BDNAME, strlen((char *)bd_name), bd_name); 415 status = btif_storage_set_remote_device_property(&bdaddr, &properties[num_properties]); 416 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device name", status); 417 num_properties++; 418 } 419 420 /* class of device */ 421 cod = devclass2uint(dev_class); 422 BTIF_TRACE_DEBUG2("%s():cod is 0x%06x", __FUNCTION__, cod); 423 if ( cod == 0) { 424 /* Try to retrieve cod from storage */ 425 BTIF_TRACE_DEBUG1("%s():cod is 0, checking cod from storage", __FUNCTION__); 426 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 427 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod); 428 status = btif_storage_get_remote_device_property(&bdaddr, &properties[num_properties]); 429 BTIF_TRACE_DEBUG2("%s():cod retreived from storage is 0x%06x", __FUNCTION__, cod); 430 if ( cod == 0) { 431 BTIF_TRACE_DEBUG1("%s():cod is again 0, set as unclassified", __FUNCTION__); 432 cod = COD_UNCLASSIFIED; 433 } 434 } 435 436 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 437 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod); 438 status = btif_storage_set_remote_device_property(&bdaddr, &properties[num_properties]); 439 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device class", status); 440 num_properties++; 441 442 /* device type */ 443 dev_type = device_type; 444 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 445 BT_PROPERTY_TYPE_OF_DEVICE, sizeof(dev_type), &dev_type); 446 status = btif_storage_set_remote_device_property(&bdaddr, &properties[num_properties]); 447 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device type", status); 448 num_properties++; 449 450 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, 451 status, &bdaddr, num_properties, properties); 452} 453 454/******************************************************************************* 455** 456** Function btif_dm_cb_hid_remote_name 457** 458** Description Remote name callback for HID device. Called in btif context 459** Special handling for HID devices 460** 461** Returns void 462** 463*******************************************************************************/ 464static void btif_dm_cb_hid_remote_name(tBTM_REMOTE_DEV_NAME *p_remote_name) 465{ 466 BTIF_TRACE_DEBUG3("%s: status=%d pairing_cb.state=%d", __FUNCTION__, p_remote_name->status, pairing_cb.state); 467 if (pairing_cb.state == BT_BOND_STATE_BONDING) 468 { 469 bt_bdaddr_t remote_bd; 470 471 bdcpy(remote_bd.address, pairing_cb.bd_addr); 472 473 if (p_remote_name->status == BTM_SUCCESS) 474 { 475 bond_state_changed(BT_STATUS_SUCCESS, &remote_bd, BT_BOND_STATE_BONDED); 476 } 477 else 478 bond_state_changed(BT_STATUS_FAIL, &remote_bd, BT_BOND_STATE_NONE); 479 } 480} 481 482/******************************************************************************* 483** 484** Function btif_dm_cb_create_bond 485** 486** Description Create bond initiated from the BTIF thread context 487** Special handling for HID devices 488** 489** Returns void 490** 491*******************************************************************************/ 492static void btif_dm_cb_create_bond(bt_bdaddr_t *bd_addr) 493{ 494 BOOLEAN is_hid = check_cod(bd_addr, COD_HID_POINTING); 495 496 497 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 498 499 if (is_hid){ 500 501 int status; 502 status = btif_hh_connect(bd_addr); 503 if(status != BT_STATUS_SUCCESS) 504 bond_state_changed(status, bd_addr, BT_BOND_STATE_NONE); 505 } 506 else 507 { 508#if BLE_INCLUDED == TRUE 509 int device_type; 510 int addr_type; 511 bdstr_t bdstr; 512 bd2str(bd_addr, &bdstr); 513 if(btif_config_get_int("Remote", (char const *)&bdstr,"DevType", &device_type) && 514 (btif_storage_get_remote_addr_type(bd_addr, &addr_type) == BT_STATUS_SUCCESS) && 515 (device_type == BT_DEVICE_TYPE_BLE)) 516 { 517 BTA_DmAddBleDevice(bd_addr->address, addr_type, BT_DEVICE_TYPE_BLE); 518 } 519#endif 520 BTA_DmBond ((UINT8 *)bd_addr->address); 521 } 522 /* Track originator of bond creation */ 523 pairing_cb.is_local_initiated = TRUE; 524 525} 526 527/******************************************************************************* 528** 529** Function btif_dm_cb_remove_bond 530** 531** Description remove bond initiated from the BTIF thread context 532** Special handling for HID devices 533** 534** Returns void 535** 536*******************************************************************************/ 537void btif_dm_cb_remove_bond(bt_bdaddr_t *bd_addr) 538{ 539 bdstr_t bdstr; 540 /*special handling for HID devices */ 541 /* VUP needs to be sent if its a HID Device. The HID HOST module will check if there 542 is a valid hid connection with this bd_addr. If yes VUP will be issued.*/ 543#if (defined(BTA_HH_INCLUDED) && (BTA_HH_INCLUDED == TRUE)) 544 if (btif_hh_virtual_unplug(bd_addr) != BT_STATUS_SUCCESS) 545#endif 546 { 547 BTA_DmRemoveDevice((UINT8 *)bd_addr->address); 548 } 549} 550 551/******************************************************************************* 552** 553** Function search_devices_copy_cb 554** 555** Description Deep copy callback for search devices event 556** 557** Returns void 558** 559*******************************************************************************/ 560static void search_devices_copy_cb(UINT16 event, char *p_dest, char *p_src) 561{ 562 tBTA_DM_SEARCH *p_dest_data = (tBTA_DM_SEARCH *) p_dest; 563 tBTA_DM_SEARCH *p_src_data = (tBTA_DM_SEARCH *) p_src; 564 565 if (!p_src) 566 return; 567 568 BTIF_TRACE_DEBUG2("%s: event=%s", __FUNCTION__, dump_dm_search_event(event)); 569 memcpy(p_dest_data, p_src_data, sizeof(tBTA_DM_SEARCH)); 570 switch (event) 571 { 572 case BTA_DM_INQ_RES_EVT: 573 { 574 if (p_src_data->inq_res.p_eir) 575 { 576 p_dest_data->inq_res.p_eir = (UINT8 *)(p_dest + sizeof(tBTA_DM_SEARCH)); 577 memcpy(p_dest_data->inq_res.p_eir, p_src_data->inq_res.p_eir, HCI_EXT_INQ_RESPONSE_LEN); 578 } 579 } 580 break; 581 582 case BTA_DM_DISC_RES_EVT: 583 { 584 if (p_src_data->disc_res.raw_data_size && p_src_data->disc_res.p_raw_data) 585 { 586 p_dest_data->disc_res.p_raw_data = (UINT8 *)(p_dest + sizeof(tBTA_DM_SEARCH)); 587 memcpy(p_dest_data->disc_res.p_raw_data, 588 p_src_data->disc_res.p_raw_data, p_src_data->disc_res.raw_data_size); 589 } 590 } 591 break; 592 } 593} 594 595static void search_services_copy_cb(UINT16 event, char *p_dest, char *p_src) 596{ 597 tBTA_DM_SEARCH *p_dest_data = (tBTA_DM_SEARCH *) p_dest; 598 tBTA_DM_SEARCH *p_src_data = (tBTA_DM_SEARCH *) p_src; 599 600 if (!p_src) 601 return; 602 memcpy(p_dest_data, p_src_data, sizeof(tBTA_DM_SEARCH)); 603 switch (event) 604 { 605 case BTA_DM_DISC_RES_EVT: 606 { 607 if (p_src_data->disc_res.result == BTA_SUCCESS) 608 { 609 if (p_src_data->disc_res.num_uuids > 0) 610 { 611 p_dest_data->disc_res.p_uuid_list = 612 (UINT8*)(p_dest + sizeof(tBTA_DM_SEARCH)); 613 memcpy(p_dest_data->disc_res.p_uuid_list, p_src_data->disc_res.p_uuid_list, 614 p_src_data->disc_res.num_uuids*MAX_UUID_SIZE); 615 GKI_freebuf(p_src_data->disc_res.p_uuid_list); 616 } 617 if (p_src_data->disc_res.p_raw_data != NULL) 618 { 619 GKI_freebuf(p_src_data->disc_res.p_raw_data); 620 } 621 } 622 } break; 623 } 624} 625/****************************************************************************** 626** 627** BTIF DM callback events 628** 629*****************************************************************************/ 630 631/******************************************************************************* 632** 633** Function btif_dm_pin_req_evt 634** 635** Description Executes pin request event in btif context 636** 637** Returns void 638** 639*******************************************************************************/ 640static void btif_dm_pin_req_evt(tBTA_DM_PIN_REQ *p_pin_req) 641{ 642 bt_bdaddr_t bd_addr; 643 bt_bdname_t bd_name; 644 UINT32 cod; 645 bt_pin_code_t pin_code; 646 647 /* Remote properties update */ 648 btif_update_remote_properties(p_pin_req->bd_addr, p_pin_req->bd_name, 649 p_pin_req->dev_class, BT_DEVICE_TYPE_BREDR); 650 651 bdcpy(bd_addr.address, p_pin_req->bd_addr); 652 memcpy(bd_name.name, p_pin_req->bd_name, BD_NAME_LEN); 653 654 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING); 655 656 cod = devclass2uint(p_pin_req->dev_class); 657 658 if ( cod == 0) { 659 BTIF_TRACE_DEBUG1("%s():cod is 0, set as unclassified", __FUNCTION__); 660 cod = COD_UNCLASSIFIED; 661 } 662 663 /* check for auto pair possiblity only if bond was initiated by local device */ 664 if (pairing_cb.is_local_initiated) 665 { 666 if (check_cod(&bd_addr, COD_AV_HEADSETS) || 667 check_cod(&bd_addr, COD_AV_HANDSFREE) || 668 check_cod(&bd_addr, COD_AV_HEADPHONES) || 669 check_cod(&bd_addr, COD_AV_PORTABLE_AUDIO) || 670 check_cod(&bd_addr, COD_AV_HIFI_AUDIO) || 671 check_cod(&bd_addr, COD_HID_POINTING)) 672 { 673 BTIF_TRACE_DEBUG1("%s()cod matches for auto pair", __FUNCTION__); 674 /* Check if this device can be auto paired */ 675 if ((btif_storage_is_device_autopair_blacklisted(&bd_addr) == FALSE) && 676 (pairing_cb.autopair_attempts == 0)) 677 { 678 BTIF_TRACE_DEBUG1("%s() Attempting auto pair", __FUNCTION__); 679 pin_code.pin[0] = 0x30; 680 pin_code.pin[1] = 0x30; 681 pin_code.pin[2] = 0x30; 682 pin_code.pin[3] = 0x30; 683 684 pairing_cb.autopair_attempts++; 685 BTA_DmPinReply( (UINT8*)bd_addr.address, TRUE, 4, pin_code.pin); 686 return; 687 } 688 } 689 else if (check_cod(&bd_addr, COD_HID_KEYBOARD) || 690 check_cod(&bd_addr, COD_HID_COMBO)) 691 { 692 if(( btif_storage_is_fixed_pin_zeros_keyboard (&bd_addr) == TRUE) && 693 (pairing_cb.autopair_attempts == 0)) 694 { 695 BTIF_TRACE_DEBUG1("%s() Attempting auto pair", __FUNCTION__); 696 pin_code.pin[0] = 0x30; 697 pin_code.pin[1] = 0x30; 698 pin_code.pin[2] = 0x30; 699 pin_code.pin[3] = 0x30; 700 701 pairing_cb.autopair_attempts++; 702 BTA_DmPinReply( (UINT8*)bd_addr.address, TRUE, 4, pin_code.pin); 703 return; 704 } 705 } 706 } 707 HAL_CBACK(bt_hal_cbacks, pin_request_cb, 708 &bd_addr, &bd_name, cod); 709} 710 711/******************************************************************************* 712** 713** Function btif_dm_ssp_cfm_req_evt 714** 715** Description Executes SSP confirm request event in btif context 716** 717** Returns void 718** 719*******************************************************************************/ 720static void btif_dm_ssp_cfm_req_evt(tBTA_DM_SP_CFM_REQ *p_ssp_cfm_req) 721{ 722 bt_bdaddr_t bd_addr; 723 bt_bdname_t bd_name; 724 UINT32 cod; 725 BOOLEAN is_incoming = !(pairing_cb.state == BT_BOND_STATE_BONDING); 726 727 BTIF_TRACE_DEBUG1("%s", __FUNCTION__); 728 729 /* Remote properties update */ 730 btif_update_remote_properties(p_ssp_cfm_req->bd_addr, p_ssp_cfm_req->bd_name, 731 p_ssp_cfm_req->dev_class, BT_DEVICE_TYPE_BREDR); 732 733 bdcpy(bd_addr.address, p_ssp_cfm_req->bd_addr); 734 memcpy(bd_name.name, p_ssp_cfm_req->bd_name, BD_NAME_LEN); 735 736 /* Set the pairing_cb based on the local & remote authentication requirements */ 737 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING); 738 739 /* if just_works and bonding bit is not set treat this as temporary */ 740 if (p_ssp_cfm_req->just_works && !(p_ssp_cfm_req->loc_auth_req & BTM_AUTH_BONDS) && 741 !(p_ssp_cfm_req->rmt_auth_req & BTM_AUTH_BONDS) && 742 !(check_cod((bt_bdaddr_t*)&p_ssp_cfm_req->bd_addr, COD_HID_POINTING))) 743 pairing_cb.is_temp = TRUE; 744 else 745 pairing_cb.is_temp = FALSE; 746 747 pairing_cb.is_ssp = TRUE; 748 749 /* If JustWorks auto-accept */ 750 if (p_ssp_cfm_req->just_works) 751 { 752 /* Pairing consent for JustWorks needed if: 753 * 1. Incoming pairing is detected AND 754 * 2. local IO capabilities are DisplayYesNo AND 755 * 3. remote IO capabiltiies are DisplayOnly or NoInputNoOutput; 756 */ 757 if ((is_incoming) && ((p_ssp_cfm_req->loc_io_caps == 0x01) && 758 (p_ssp_cfm_req->rmt_io_caps == 0x00 || p_ssp_cfm_req->rmt_io_caps == 0x03))) 759 { 760 BTIF_TRACE_EVENT3("%s: User consent needed for incoming pairing request. loc_io_caps: %d, rmt_io_caps: %d", 761 __FUNCTION__, p_ssp_cfm_req->loc_io_caps, p_ssp_cfm_req->rmt_io_caps); 762 } 763 else 764 { 765 BTIF_TRACE_EVENT1("%s: Auto-accept JustWorks pairing", __FUNCTION__); 766 btif_dm_ssp_reply(&bd_addr, BT_SSP_VARIANT_CONSENT, TRUE, 0); 767 return; 768 } 769 } 770 771 cod = devclass2uint(p_ssp_cfm_req->dev_class); 772 773 if ( cod == 0) { 774 ALOGD("cod is 0, set as unclassified"); 775 cod = COD_UNCLASSIFIED; 776 } 777 778 pairing_cb.sdp_attempts = 0; 779 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod, 780 (p_ssp_cfm_req->just_works ? BT_SSP_VARIANT_CONSENT : BT_SSP_VARIANT_PASSKEY_CONFIRMATION), 781 p_ssp_cfm_req->num_val); 782} 783 784static void btif_dm_ssp_key_notif_evt(tBTA_DM_SP_KEY_NOTIF *p_ssp_key_notif) 785{ 786 bt_bdaddr_t bd_addr; 787 bt_bdname_t bd_name; 788 UINT32 cod; 789 790 BTIF_TRACE_DEBUG1("%s", __FUNCTION__); 791 792 /* Remote properties update */ 793 btif_update_remote_properties(p_ssp_key_notif->bd_addr, p_ssp_key_notif->bd_name, 794 p_ssp_key_notif->dev_class, BT_DEVICE_TYPE_BREDR); 795 796 bdcpy(bd_addr.address, p_ssp_key_notif->bd_addr); 797 memcpy(bd_name.name, p_ssp_key_notif->bd_name, BD_NAME_LEN); 798 799 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING); 800 pairing_cb.is_ssp = TRUE; 801 cod = devclass2uint(p_ssp_key_notif->dev_class); 802 803 if ( cod == 0) { 804 ALOGD("cod is 0, set as unclassified"); 805 cod = COD_UNCLASSIFIED; 806 } 807 808 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, 809 cod, BT_SSP_VARIANT_PASSKEY_NOTIFICATION, 810 p_ssp_key_notif->passkey); 811} 812/******************************************************************************* 813** 814** Function btif_dm_auth_cmpl_evt 815** 816** Description Executes authentication complete event in btif context 817** 818** Returns void 819** 820*******************************************************************************/ 821static void btif_dm_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl) 822{ 823 /* Save link key, if not temporary */ 824 bt_bdaddr_t bd_addr; 825 bt_status_t status = BT_STATUS_FAIL; 826 bt_bond_state_t state = BT_BOND_STATE_NONE; 827 828 bdcpy(bd_addr.address, p_auth_cmpl->bd_addr); 829 if ( (p_auth_cmpl->success == TRUE) && (p_auth_cmpl->key_present) ) 830 { 831 if ((p_auth_cmpl->key_type < HCI_LKEY_TYPE_DEBUG_COMB) || (p_auth_cmpl->key_type == HCI_LKEY_TYPE_AUTH_COMB) || 832 (p_auth_cmpl->key_type == HCI_LKEY_TYPE_CHANGED_COMB) || (!pairing_cb.is_temp)) 833 { 834 bt_status_t ret; 835 BTIF_TRACE_DEBUG3("%s: Storing link key. key_type=0x%x, is_temp=%d", 836 __FUNCTION__, p_auth_cmpl->key_type, pairing_cb.is_temp); 837 ret = btif_storage_add_bonded_device(&bd_addr, 838 p_auth_cmpl->key, p_auth_cmpl->key_type, 839 pairing_cb.pin_code_len); 840 ASSERTC(ret == BT_STATUS_SUCCESS, "storing link key failed", ret); 841 } 842 else 843 { 844 BTIF_TRACE_DEBUG3("%s: Temporary key. Not storing. key_type=0x%x, is_temp=%d", 845 __FUNCTION__, p_auth_cmpl->key_type, pairing_cb.is_temp); 846 if(pairing_cb.is_temp) 847 { 848 BTIF_TRACE_DEBUG1("%s: sending BT_BOND_STATE_NONE for Temp pairing", 849 __FUNCTION__); 850 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_NONE); 851 return; 852 } 853 } 854 } 855 if (p_auth_cmpl->success) 856 { 857 status = BT_STATUS_SUCCESS; 858 state = BT_BOND_STATE_BONDED; 859 860 /* Trigger SDP on the device */ 861 pairing_cb.sdp_attempts = 1;; 862 863 if(btif_dm_inquiry_in_progress) 864 btif_dm_cancel_discovery(); 865 866 btif_dm_get_remote_services(&bd_addr); 867 /* Do not call bond_state_changed_cb yet. Wait till fetch remote service is complete */ 868 } 869 else 870 { 871 /*Map the HCI fail reason to bt status */ 872 switch(p_auth_cmpl->fail_reason) 873 { 874 case HCI_ERR_PAGE_TIMEOUT: 875 case HCI_ERR_CONNECTION_TOUT: 876 status = BT_STATUS_RMT_DEV_DOWN; 877 break; 878 879 /* map the auth failure codes, so we can retry pairing if necessary */ 880 case HCI_ERR_AUTH_FAILURE: 881 btif_storage_remove_bonded_device(&bd_addr); 882 case HCI_ERR_HOST_REJECT_SECURITY: 883 case HCI_ERR_ENCRY_MODE_NOT_ACCEPTABLE: 884 case HCI_ERR_UNIT_KEY_USED: 885 case HCI_ERR_PAIRING_WITH_UNIT_KEY_NOT_SUPPORTED: 886 case HCI_ERR_INSUFFCIENT_SECURITY: 887 case HCI_ERR_PEER_USER: 888 case HCI_ERR_UNSPECIFIED: 889 BTIF_TRACE_DEBUG2(" %s() Authentication fail reason %d", 890 __FUNCTION__, p_auth_cmpl->fail_reason); 891 if (pairing_cb.autopair_attempts == 1) 892 { 893 BTIF_TRACE_DEBUG1("%s(): Adding device to blacklist ", __FUNCTION__); 894 895 /* Add the device to dynamic black list only if this device belongs to Audio/pointing dev class */ 896 if (check_cod(&bd_addr, COD_AV_HEADSETS) || 897 check_cod(&bd_addr, COD_AV_HANDSFREE) || 898 check_cod(&bd_addr, COD_AV_HEADPHONES) || 899 check_cod(&bd_addr, COD_AV_PORTABLE_AUDIO) || 900 check_cod(&bd_addr, COD_AV_HIFI_AUDIO) || 901 check_cod(&bd_addr, COD_HID_POINTING)) 902 { 903 btif_storage_add_device_to_autopair_blacklist (&bd_addr); 904 } 905 pairing_cb.autopair_attempts++; 906 907 /* Create the Bond once again */ 908 BTIF_TRACE_DEBUG1("%s() auto pair failed. Reinitiate Bond", __FUNCTION__); 909 btif_dm_cb_create_bond (&bd_addr); 910 return; 911 } 912 else 913 { 914 /* if autopair attempts are more than 1, or not attempted */ 915 status = BT_STATUS_AUTH_FAILURE; 916 } 917 break; 918 919 default: 920 status = BT_STATUS_FAIL; 921 } 922 /* Special Handling for HID Devices */ 923 if (check_cod(&bd_addr, COD_HID_POINTING)) { 924 /* Remove Device as bonded in nvram as authentication failed */ 925 BTIF_TRACE_DEBUG1("%s(): removing hid pointing device from nvram", __FUNCTION__); 926 btif_storage_remove_bonded_device(&bd_addr); 927 } 928 bond_state_changed(status, &bd_addr, state); 929 } 930} 931 932/****************************************************************************** 933** 934** Function btif_dm_search_devices_evt 935** 936** Description Executes search devices callback events in btif context 937** 938** Returns void 939** 940******************************************************************************/ 941static void btif_dm_search_devices_evt (UINT16 event, char *p_param) 942{ 943 tBTA_DM_SEARCH *p_search_data; 944 BTIF_TRACE_EVENT2("%s event=%s", __FUNCTION__, dump_dm_search_event(event)); 945 946 switch (event) 947 { 948 case BTA_DM_DISC_RES_EVT: 949 { 950 p_search_data = (tBTA_DM_SEARCH *)p_param; 951 /* Remote name update */ 952 if (strlen((const char *) p_search_data->disc_res.bd_name)) 953 { 954 bt_property_t properties[1]; 955 bt_bdaddr_t bdaddr; 956 bt_status_t status; 957 958 properties[0].type = BT_PROPERTY_BDNAME; 959 properties[0].val = p_search_data->disc_res.bd_name; 960 properties[0].len = strlen((char *)p_search_data->disc_res.bd_name); 961 bdcpy(bdaddr.address, p_search_data->disc_res.bd_addr); 962 963 status = btif_storage_set_remote_device_property(&bdaddr, &properties[0]); 964 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device property", status); 965 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, 966 status, &bdaddr, 1, properties); 967 } 968 /* TODO: Services? */ 969 } 970 break; 971 972 case BTA_DM_INQ_RES_EVT: 973 { 974 /* inquiry result */ 975 UINT32 cod; 976 UINT8 *p_eir_remote_name = NULL; 977 bt_bdname_t bdname; 978 bt_bdaddr_t bdaddr; 979 UINT8 remote_name_len; 980 UINT8 *p_cached_name = NULL; 981 tBTA_SERVICE_MASK services = 0; 982 bdstr_t bdstr; 983 984 p_search_data = (tBTA_DM_SEARCH *)p_param; 985 bdcpy(bdaddr.address, p_search_data->inq_res.bd_addr); 986 987 BTIF_TRACE_DEBUG3("%s() %s device_type = 0x%x\n", __FUNCTION__, bd2str(&bdaddr, &bdstr), 988#if (BLE_INCLUDED == TRUE) 989 p_search_data->inq_res.device_type); 990#else 991 BT_DEVICE_TYPE_BREDR); 992#endif 993 bdname.name[0] = 0; 994 995 cod = devclass2uint (p_search_data->inq_res.dev_class); 996 997 if ( cod == 0) { 998 ALOGD("cod is 0, set as unclassified"); 999 cod = COD_UNCLASSIFIED; 1000 } 1001 1002 if (!check_eir_remote_name(p_search_data, bdname.name, &remote_name_len)) 1003 check_cached_remote_name(p_search_data, bdname.name, &remote_name_len); 1004 1005 /* Check EIR for remote name and services */ 1006 if (p_search_data->inq_res.p_eir) 1007 { 1008 BTA_GetEirService(p_search_data->inq_res.p_eir, &services); 1009 BTIF_TRACE_DEBUG2("%s()EIR BTA services = %08X", __FUNCTION__, (UINT32)services); 1010 /* TODO: Get the service list and check to see which uuids we got and send it back to the client. */ 1011 } 1012 1013 1014 { 1015 bt_property_t properties[5]; 1016 bt_device_type_t dev_type; 1017 UINT8 addr_type; 1018 uint32_t num_properties = 0; 1019 bt_status_t status; 1020 1021 memset(properties, 0, sizeof(properties)); 1022 /* BD_ADDR */ 1023 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1024 BT_PROPERTY_BDADDR, sizeof(bdaddr), &bdaddr); 1025 num_properties++; 1026 /* BD_NAME */ 1027 /* Don't send BDNAME if it is empty */ 1028 if (bdname.name[0]) 1029 { 1030 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1031 BT_PROPERTY_BDNAME, 1032 strlen((char *)bdname.name), &bdname); 1033 num_properties++; 1034 } 1035 1036 /* DEV_CLASS */ 1037 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1038 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod); 1039 num_properties++; 1040 /* DEV_TYPE */ 1041#if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 1042 /* FixMe: Assumption is that bluetooth.h and BTE enums match */ 1043 dev_type = p_search_data->inq_res.device_type; 1044 addr_type = p_search_data->inq_res.ble_addr_type; 1045#else 1046 dev_type = BT_DEVICE_TYPE_BREDR; 1047#endif 1048 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1049 BT_PROPERTY_TYPE_OF_DEVICE, sizeof(dev_type), &dev_type); 1050 num_properties++; 1051 /* RSSI */ 1052 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 1053 BT_PROPERTY_REMOTE_RSSI, sizeof(int8_t), 1054 &(p_search_data->inq_res.rssi)); 1055 num_properties++; 1056 1057 status = btif_storage_add_remote_device(&bdaddr, num_properties, properties); 1058 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device (inquiry)", status); 1059#if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 1060 status = btif_storage_set_remote_addr_type(&bdaddr, addr_type); 1061 if (( dev_type == BT_DEVICE_TYPE_DUMO)&& 1062 (p_search_data->inq_res.flag & BTA_BLE_DMT_CONTROLLER_SPT) && 1063 (p_search_data->inq_res.flag & BTA_BLE_DMT_HOST_SPT)) 1064 { 1065 btif_storage_set_dmt_support_type (&bdaddr, TRUE); 1066 } 1067 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote addr type (inquiry)", status); 1068#endif 1069 /* Callback to notify upper layer of device */ 1070 HAL_CBACK(bt_hal_cbacks, device_found_cb, 1071 num_properties, properties); 1072 } 1073 } 1074 break; 1075 1076 case BTA_DM_INQ_CMPL_EVT: 1077 { 1078 } 1079 break; 1080 case BTA_DM_DISC_CMPL_EVT: 1081 { 1082 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, BT_DISCOVERY_STOPPED); 1083 } 1084 break; 1085 case BTA_DM_SEARCH_CANCEL_CMPL_EVT: 1086 { 1087 /* if inquiry is not in progress and we get a cancel event, then 1088 * it means we are done with inquiry, but remote_name fetches are in 1089 * progress 1090 * 1091 * if inquiry is in progress, then we don't want to act on this cancel_cmpl_evt 1092 * but instead wait for the cancel_cmpl_evt via the Busy Level 1093 * 1094 */ 1095 if (btif_dm_inquiry_in_progress == FALSE) 1096 { 1097 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, BT_DISCOVERY_STOPPED); 1098 } 1099 } 1100 break; 1101 } 1102} 1103 1104/******************************************************************************* 1105** 1106** Function btif_dm_search_services_evt 1107** 1108** Description Executes search services event in btif context 1109** 1110** Returns void 1111** 1112*******************************************************************************/ 1113static void btif_dm_search_services_evt(UINT16 event, char *p_param) 1114{ 1115 tBTA_DM_SEARCH *p_data = (tBTA_DM_SEARCH*)p_param; 1116 1117 BTIF_TRACE_EVENT2("%s: event = %d", __FUNCTION__, event); 1118 switch (event) 1119 { 1120 case BTA_DM_DISC_RES_EVT: 1121 { 1122 bt_uuid_t uuid_arr[BT_MAX_NUM_UUIDS]; /* Max 32 services */ 1123 bt_property_t prop; 1124 uint32_t i = 0, j = 0; 1125 bt_bdaddr_t bd_addr; 1126 bt_status_t ret; 1127 1128 bdcpy(bd_addr.address, p_data->disc_res.bd_addr); 1129 1130 BTIF_TRACE_DEBUG3("%s:(result=0x%x, services 0x%x)", __FUNCTION__, 1131 p_data->disc_res.result, p_data->disc_res.services); 1132 if ((p_data->disc_res.result != BTA_SUCCESS) && 1133 (pairing_cb.state == BT_BOND_STATE_BONDING ) && 1134 (pairing_cb.sdp_attempts < BTIF_DM_MAX_SDP_ATTEMPTS_AFTER_PAIRING)) 1135 { 1136 BTIF_TRACE_WARNING1("%s:SDP failed after bonding re-attempting", __FUNCTION__); 1137 pairing_cb.sdp_attempts++; 1138 btif_dm_get_remote_services(&bd_addr); 1139 return; 1140 } 1141 prop.type = BT_PROPERTY_UUIDS; 1142 prop.len = 0; 1143 if ((p_data->disc_res.result == BTA_SUCCESS) && (p_data->disc_res.num_uuids > 0)) 1144 { 1145 prop.val = p_data->disc_res.p_uuid_list; 1146 prop.len = p_data->disc_res.num_uuids * MAX_UUID_SIZE; 1147 for (i=0; i < p_data->disc_res.num_uuids; i++) 1148 { 1149 char temp[256]; 1150 uuid_to_string((bt_uuid_t*)(p_data->disc_res.p_uuid_list + (i*MAX_UUID_SIZE)), temp); 1151 BTIF_TRACE_ERROR2("Index: %d uuid:%s", i, temp); 1152 } 1153 } 1154 1155 /* onUuidChanged requires getBondedDevices to be populated. 1156 ** bond_state_changed needs to be sent prior to remote_device_property 1157 */ 1158 if ((pairing_cb.state == BT_BOND_STATE_BONDING) && 1159 (bdcmp(p_data->disc_res.bd_addr, pairing_cb.bd_addr) == 0)&& 1160 pairing_cb.sdp_attempts > 0) 1161 { 1162 BTIF_TRACE_DEBUG1("%s Remote Service SDP done. Call bond_state_changed_cb BONDED", 1163 __FUNCTION__); 1164 pairing_cb.sdp_attempts = 0; 1165 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDED); 1166 } 1167 1168 if(p_data->disc_res.num_uuids != 0) 1169 { 1170 /* Also write this to the NVRAM */ 1171 ret = btif_storage_set_remote_device_property(&bd_addr, &prop); 1172 ASSERTC(ret == BT_STATUS_SUCCESS, "storing remote services failed", ret); 1173 /* Send the event to the BTIF */ 1174 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, 1175 BT_STATUS_SUCCESS, &bd_addr, 1, &prop); 1176 } 1177 } 1178 break; 1179 1180 case BTA_DM_DISC_CMPL_EVT: 1181 /* fixme */ 1182 break; 1183 1184#if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 1185 case BTA_DM_DISC_BLE_RES_EVT: 1186 BTIF_TRACE_DEBUG2("%s:, services 0x%x)", __FUNCTION__, 1187 p_data->disc_ble_res.service.uu.uuid16); 1188 bt_uuid_t uuid; 1189 int i = 0; 1190 int j = 15; 1191 if (p_data->disc_ble_res.service.uu.uuid16 == UUID_SERVCLASS_LE_HID) 1192 { 1193 BTIF_TRACE_DEBUG1("%s: Found HOGP UUID",__FUNCTION__); 1194 bt_property_t prop; 1195 bt_bdaddr_t bd_addr; 1196 char temp[256]; 1197 bt_status_t ret; 1198 1199 bta_gatt_convert_uuid16_to_uuid128(uuid.uu,p_data->disc_ble_res.service.uu.uuid16); 1200 1201 while(i < j ) 1202 { 1203 unsigned char c = uuid.uu[j]; 1204 uuid.uu[j] = uuid.uu[i]; 1205 uuid.uu[i] = c; 1206 i++; 1207 j--; 1208 } 1209 1210 uuid_to_string(&uuid, temp); 1211 BTIF_TRACE_ERROR1(" uuid:%s", temp); 1212 1213 bdcpy(bd_addr.address, p_data->disc_ble_res.bd_addr); 1214 prop.type = BT_PROPERTY_UUIDS; 1215 prop.val = uuid.uu; 1216 prop.len = MAX_UUID_SIZE; 1217 1218 /* Also write this to the NVRAM */ 1219 ret = btif_storage_set_remote_device_property(&bd_addr, &prop); 1220 ASSERTC(ret == BT_STATUS_SUCCESS, "storing remote services failed", ret); 1221 1222 /* Send the event to the BTIF */ 1223 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, 1224 BT_STATUS_SUCCESS, &bd_addr, 1, &prop); 1225 1226 } 1227 break; 1228#endif /* BLE_INCLUDED */ 1229 1230 default: 1231 { 1232 ASSERTC(0, "unhandled search services event", event); 1233 } 1234 break; 1235 } 1236} 1237 1238/******************************************************************************* 1239** 1240** Function btif_dm_remote_service_record_evt 1241** 1242** Description Executes search service record event in btif context 1243** 1244** Returns void 1245** 1246*******************************************************************************/ 1247static void btif_dm_remote_service_record_evt(UINT16 event, char *p_param) 1248{ 1249 tBTA_DM_SEARCH *p_data = (tBTA_DM_SEARCH*)p_param; 1250 1251 BTIF_TRACE_EVENT2("%s: event = %d", __FUNCTION__, event); 1252 switch (event) 1253 { 1254 case BTA_DM_DISC_RES_EVT: 1255 { 1256 bt_service_record_t rec; 1257 bt_property_t prop; 1258 uint32_t i = 0; 1259 bt_bdaddr_t bd_addr; 1260 1261 memset(&rec, 0, sizeof(bt_service_record_t)); 1262 bdcpy(bd_addr.address, p_data->disc_res.bd_addr); 1263 1264 BTIF_TRACE_DEBUG3("%s:(result=0x%x, services 0x%x)", __FUNCTION__, 1265 p_data->disc_res.result, p_data->disc_res.services); 1266 prop.type = BT_PROPERTY_SERVICE_RECORD; 1267 prop.val = (void*)&rec; 1268 prop.len = sizeof(rec); 1269 1270 /* disc_res.result is overloaded with SCN. Cannot check result */ 1271 p_data->disc_res.services &= ~BTA_USER_SERVICE_MASK; 1272 /* TODO: Get the UUID as well */ 1273 rec.channel = p_data->disc_res.result - 3; 1274 /* TODO: Need to get the service name using p_raw_data */ 1275 rec.name[0] = 0; 1276 1277 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, 1278 BT_STATUS_SUCCESS, &bd_addr, 1, &prop); 1279 } 1280 break; 1281 1282 default: 1283 { 1284 ASSERTC(0, "unhandled remote service record event", event); 1285 } 1286 break; 1287 } 1288} 1289 1290/******************************************************************************* 1291** 1292** Function btif_dm_upstreams_cback 1293** 1294** Description Executes UPSTREAMS events in btif context 1295** 1296** Returns void 1297** 1298*******************************************************************************/ 1299static void btif_dm_upstreams_evt(UINT16 event, char* p_param) 1300{ 1301 tBTA_DM_SEC_EVT dm_event = (tBTA_DM_SEC_EVT)event; 1302 tBTA_DM_SEC *p_data = (tBTA_DM_SEC*)p_param; 1303 tBTA_SERVICE_MASK service_mask; 1304 uint32_t i; 1305 bt_bdaddr_t bd_addr; 1306 1307 BTIF_TRACE_EVENT1("btif_dm_upstreams_cback ev: %s", dump_dm_event(event)); 1308 1309 switch (event) 1310 { 1311 case BTA_DM_ENABLE_EVT: 1312 { 1313 BD_NAME bdname; 1314 bt_status_t status; 1315 bt_property_t prop; 1316 prop.type = BT_PROPERTY_BDNAME; 1317 prop.len = BD_NAME_LEN; 1318 prop.val = (void*)bdname; 1319 1320 status = btif_storage_get_adapter_property(&prop); 1321 if (status == BT_STATUS_SUCCESS) 1322 { 1323 /* A name exists in the storage. Make this the device name */ 1324 BTA_DmSetDeviceName((char*)prop.val); 1325 } 1326 else 1327 { 1328 /* Storage does not have a name yet. 1329 * Use the default name and write it to the chip 1330 */ 1331 BTA_DmSetDeviceName(btif_get_default_local_name()); 1332 } 1333 1334 /* for each of the enabled services in the mask, trigger the profile 1335 * enable */ 1336 service_mask = btif_get_enabled_services_mask(); 1337 for (i=0; i <= BTA_MAX_SERVICE_ID; i++) 1338 { 1339 if (service_mask & 1340 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(i))) 1341 { 1342 btif_in_execute_service_request(i, TRUE); 1343 } 1344 } 1345 /* clear control blocks */ 1346 memset(&pairing_cb, 0, sizeof(btif_dm_pairing_cb_t)); 1347 1348 /* This function will also trigger the adapter_properties_cb 1349 ** and bonded_devices_info_cb 1350 */ 1351 btif_storage_load_bonded_devices(); 1352 1353 btif_storage_load_autopair_device_list(); 1354 1355 btif_enable_bluetooth_evt(p_data->enable.status, p_data->enable.bd_addr); 1356 } 1357 break; 1358 1359 case BTA_DM_DISABLE_EVT: 1360 /* for each of the enabled services in the mask, trigger the profile 1361 * disable */ 1362 service_mask = btif_get_enabled_services_mask(); 1363 for (i=0; i <= BTA_MAX_SERVICE_ID; i++) 1364 { 1365 if (service_mask & 1366 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(i))) 1367 { 1368 btif_in_execute_service_request(i, FALSE); 1369 } 1370 } 1371 btif_disable_bluetooth_evt(); 1372 break; 1373 1374 case BTA_DM_PIN_REQ_EVT: 1375 btif_dm_pin_req_evt(&p_data->pin_req); 1376 break; 1377 1378 case BTA_DM_AUTH_CMPL_EVT: 1379 btif_dm_auth_cmpl_evt(&p_data->auth_cmpl); 1380 break; 1381 1382 case BTA_DM_BOND_CANCEL_CMPL_EVT: 1383 if (pairing_cb.state == BT_BOND_STATE_BONDING) 1384 { 1385 bdcpy(bd_addr.address, pairing_cb.bd_addr); 1386 bond_state_changed(p_data->bond_cancel_cmpl.result, &bd_addr, BT_BOND_STATE_NONE); 1387 } 1388 break; 1389 1390 case BTA_DM_SP_CFM_REQ_EVT: 1391 btif_dm_ssp_cfm_req_evt(&p_data->cfm_req); 1392 break; 1393 case BTA_DM_SP_KEY_NOTIF_EVT: 1394 btif_dm_ssp_key_notif_evt(&p_data->key_notif); 1395 break; 1396 1397 case BTA_DM_DEV_UNPAIRED_EVT: 1398 bdcpy(bd_addr.address, p_data->link_down.bd_addr); 1399 1400 /*special handling for HID devices */ 1401 #if (defined(BTA_HH_INCLUDED) && (BTA_HH_INCLUDED == TRUE)) 1402 btif_hh_remove_device(bd_addr); 1403 #endif 1404 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 1405 btif_storage_remove_ble_bonding_keys(&bd_addr); 1406 #endif 1407 btif_storage_remove_bonded_device(&bd_addr); 1408 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_NONE); 1409 break; 1410 1411 case BTA_DM_BUSY_LEVEL_EVT: 1412 { 1413 1414 if (p_data->busy_level.level_flags & BTM_BL_INQUIRY_PAGING_MASK) 1415 { 1416 if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_STARTED) 1417 { 1418 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, 1419 BT_DISCOVERY_STARTED); 1420 btif_dm_inquiry_in_progress = TRUE; 1421 } 1422 else if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_CANCELLED) 1423 { 1424 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, 1425 BT_DISCOVERY_STOPPED); 1426 btif_dm_inquiry_in_progress = FALSE; 1427 } 1428 else if (p_data->busy_level.level_flags == BTM_BL_INQUIRY_COMPLETE) 1429 { 1430 btif_dm_inquiry_in_progress = FALSE; 1431 } 1432 } 1433 }break; 1434 1435 case BTA_DM_LINK_UP_EVT: 1436 bdcpy(bd_addr.address, p_data->link_up.bd_addr); 1437 BTIF_TRACE_DEBUG0("BTA_DM_LINK_UP_EVT. Sending BT_ACL_STATE_CONNECTED"); 1438 1439 btif_update_remote_version_property(&bd_addr); 1440 1441 HAL_CBACK(bt_hal_cbacks, acl_state_changed_cb, BT_STATUS_SUCCESS, 1442 &bd_addr, BT_ACL_STATE_CONNECTED); 1443 break; 1444 1445 case BTA_DM_LINK_DOWN_EVT: 1446 bdcpy(bd_addr.address, p_data->link_down.bd_addr); 1447 BTIF_TRACE_DEBUG0("BTA_DM_LINK_DOWN_EVT. Sending BT_ACL_STATE_DISCONNECTED"); 1448 HAL_CBACK(bt_hal_cbacks, acl_state_changed_cb, BT_STATUS_SUCCESS, 1449 &bd_addr, BT_ACL_STATE_DISCONNECTED); 1450 break; 1451 1452 case BTA_DM_HW_ERROR_EVT: 1453 BTIF_TRACE_ERROR0("Received H/W Error. "); 1454 /* Flush storage data */ 1455 btif_config_flush(); 1456 usleep(100000); /* 100milliseconds */ 1457 /* Killing the process to force a restart as part of fault tolerance */ 1458 kill(getpid(), SIGKILL); 1459 break; 1460 1461#if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 1462 case BTA_DM_BLE_KEY_EVT: 1463 BTIF_TRACE_DEBUG1("BTA_DM_BLE_KEY_EVT key_type=0x%02x ", p_data->ble_key.key_type); 1464 1465 /* If this pairing is by-product of local initiated GATT client Read or Write, 1466 BTA would not have sent BTA_DM_BLE_SEC_REQ_EVT event and Bond state would not 1467 have setup properly. Setup pairing_cb and notify App about Bonding state now*/ 1468 if (pairing_cb.state != BT_BOND_STATE_BONDING) 1469 { 1470 BTIF_TRACE_DEBUG0("Bond state not sent to App so far.Notify the app now"); 1471 bond_state_changed(BT_STATUS_SUCCESS, (bt_bdaddr_t*)p_data->ble_key.bd_addr, 1472 BT_BOND_STATE_BONDING); 1473 } 1474 else if (memcmp (pairing_cb.bd_addr, p_data->ble_key.bd_addr, BD_ADDR_LEN)!=0) 1475 { 1476 BTIF_TRACE_ERROR1("BD mismatch discard BLE key_type=%d ",p_data->ble_key.key_type); 1477 break; 1478 } 1479 1480 switch (p_data->ble_key.key_type) 1481 { 1482 case BTA_LE_KEY_PENC: 1483 BTIF_TRACE_DEBUG0("Rcv BTA_LE_KEY_PENC"); 1484 pairing_cb.ble.is_penc_key_rcvd = TRUE; 1485 memcpy(pairing_cb.ble.penc_key.ltk,p_data->ble_key.key_value.penc_key.ltk, 16); 1486 memcpy(pairing_cb.ble.penc_key.rand, p_data->ble_key.key_value.penc_key.rand,8); 1487 pairing_cb.ble.penc_key.ediv = p_data->ble_key.key_value.penc_key.ediv; 1488 pairing_cb.ble.penc_key.sec_level = p_data->ble_key.key_value.penc_key.sec_level; 1489 1490 for (i=0; i<16; i++) 1491 { 1492 BTIF_TRACE_DEBUG2("pairing_cb.ble.penc_key.ltk[%d]=0x%02x",i,pairing_cb.ble.penc_key.ltk[i]); 1493 } 1494 for (i=0; i<8; i++) 1495 { 1496 BTIF_TRACE_DEBUG2("pairing_cb.ble.penc_key.rand[%d]=0x%02x",i,pairing_cb.ble.penc_key.rand[i]); 1497 } 1498 BTIF_TRACE_DEBUG1("pairing_cb.ble.penc_key.ediv=0x%04x",pairing_cb.ble.penc_key.ediv); 1499 BTIF_TRACE_DEBUG1("pairing_cb.ble.penc_key.sec_level=0x%02x",pairing_cb.ble.penc_key.sec_level); 1500 BTIF_TRACE_DEBUG1("pairing_cb.ble.penc_key.key_size=0x%02x",pairing_cb.ble.penc_key.key_size); 1501 break; 1502 1503 case BTA_LE_KEY_PID: 1504 BTIF_TRACE_DEBUG0("Rcv BTA_LE_KEY_PID"); 1505 pairing_cb.ble.is_pid_key_rcvd = TRUE; 1506 memcpy(pairing_cb.ble.pid_key, p_data->ble_key.key_value.pid_key.irk, 16); 1507 for (i=0; i<16; i++) 1508 { 1509 BTIF_TRACE_DEBUG2("pairing_cb.ble.pid_key[%d]=0x%02x",i,pairing_cb.ble.pid_key[i]); 1510 } 1511 break; 1512 1513 case BTA_LE_KEY_PCSRK: 1514 BTIF_TRACE_DEBUG0("Rcv BTA_LE_KEY_PCSRK"); 1515 pairing_cb.ble.is_pcsrk_key_rcvd = TRUE; 1516 pairing_cb.ble.pcsrk_key.counter = p_data->ble_key.key_value.pcsrk_key.counter; 1517 pairing_cb.ble.pcsrk_key.sec_level = p_data->ble_key.key_value.pcsrk_key.sec_level; 1518 memcpy(pairing_cb.ble.pcsrk_key.csrk,p_data->ble_key.key_value.pcsrk_key.csrk,16); 1519 1520 for (i=0; i<16; i++) 1521 { 1522 BTIF_TRACE_DEBUG2("pairing_cb.ble.pcsrk_key.csrk[%d]=0x%02x",i,pairing_cb.ble.pcsrk_key.csrk[i]); 1523 } 1524 BTIF_TRACE_DEBUG1("pairing_cb.ble.pcsrk_key.counter=0x%08x",pairing_cb.ble.pcsrk_key.counter); 1525 BTIF_TRACE_DEBUG1("pairing_cb.ble.pcsrk_key.sec_level=0x%02x",pairing_cb.ble.pcsrk_key.sec_level); 1526 break; 1527 1528 case BTA_LE_KEY_LENC: 1529 BTIF_TRACE_DEBUG0("Rcv BTA_LE_KEY_LENC"); 1530 pairing_cb.ble.is_lenc_key_rcvd = TRUE; 1531 pairing_cb.ble.lenc_key.div = p_data->ble_key.key_value.lenc_key.div; 1532 pairing_cb.ble.lenc_key.key_size = p_data->ble_key.key_value.lenc_key.key_size; 1533 pairing_cb.ble.lenc_key.sec_level = p_data->ble_key.key_value.lenc_key.sec_level; 1534 1535 BTIF_TRACE_DEBUG1("pairing_cb.ble.lenc_key.div=0x%04x",pairing_cb.ble.lenc_key.div); 1536 BTIF_TRACE_DEBUG1("pairing_cb.ble.lenc_key.key_size=0x%02x",pairing_cb.ble.lenc_key.key_size); 1537 BTIF_TRACE_DEBUG1("pairing_cb.ble.lenc_key.sec_level=0x%02x",pairing_cb.ble.lenc_key.sec_level); 1538 break; 1539 1540 1541 1542 case BTA_LE_KEY_LCSRK: 1543 BTIF_TRACE_DEBUG0("Rcv BTA_LE_KEY_LCSRK"); 1544 pairing_cb.ble.is_lcsrk_key_rcvd = TRUE; 1545 pairing_cb.ble.lcsrk_key.counter = p_data->ble_key.key_value.lcsrk_key.counter; 1546 pairing_cb.ble.lcsrk_key.div = p_data->ble_key.key_value.lcsrk_key.div; 1547 pairing_cb.ble.lcsrk_key.sec_level = p_data->ble_key.key_value.lcsrk_key.sec_level; 1548 1549 BTIF_TRACE_DEBUG1("pairing_cb.ble.lcsrk_key.div=0x%04x",pairing_cb.ble.lcsrk_key.div); 1550 BTIF_TRACE_DEBUG1("pairing_cb.ble.lcsrk_key.counter=0x%08x",pairing_cb.ble.lcsrk_key.counter); 1551 BTIF_TRACE_DEBUG1("pairing_cb.ble.lcsrk_key.sec_level=0x%02x",pairing_cb.ble.lcsrk_key.sec_level); 1552 1553 break; 1554 1555 default: 1556 BTIF_TRACE_ERROR1("unknown BLE key type (0x%02x)", p_data->ble_key.key_type); 1557 break; 1558 } 1559 1560 break; 1561 case BTA_DM_BLE_SEC_REQ_EVT: 1562 BTIF_TRACE_DEBUG0("BTA_DM_BLE_SEC_REQ_EVT. "); 1563 btif_dm_ble_sec_req_evt(&p_data->ble_req); 1564 break; 1565 case BTA_DM_BLE_PASSKEY_NOTIF_EVT: 1566 BTIF_TRACE_DEBUG0("BTA_DM_BLE_PASSKEY_NOTIF_EVT. "); 1567 btif_dm_ble_key_notif_evt(&p_data->key_notif); 1568 break; 1569 case BTA_DM_BLE_PASSKEY_REQ_EVT: 1570 BTIF_TRACE_DEBUG0("BTA_DM_BLE_PASSKEY_REQ_EVT. "); 1571 btif_dm_ble_passkey_req_evt(&p_data->pin_req); 1572 break; 1573 case BTA_DM_BLE_OOB_REQ_EVT: 1574 BTIF_TRACE_DEBUG0("BTA_DM_BLE_OOB_REQ_EVT. "); 1575 break; 1576 case BTA_DM_BLE_LOCAL_IR_EVT: 1577 BTIF_TRACE_DEBUG0("BTA_DM_BLE_LOCAL_IR_EVT. "); 1578 ble_local_key_cb.is_id_keys_rcvd = TRUE; 1579 memcpy(&ble_local_key_cb.id_keys.irk[0], &p_data->ble_id_keys.irk[0], sizeof(BT_OCTET16)); 1580 memcpy(&ble_local_key_cb.id_keys.ir[0], &p_data->ble_id_keys.ir[0], sizeof(BT_OCTET16)); 1581 memcpy(&ble_local_key_cb.id_keys.dhk[0], &p_data->ble_id_keys.dhk[0], sizeof(BT_OCTET16)); 1582 btif_storage_add_ble_local_key( (char *)&ble_local_key_cb.id_keys.irk[0], 1583 BTIF_DM_LE_LOCAL_KEY_IR, 1584 BT_OCTET16_LEN); 1585 btif_storage_add_ble_local_key( (char *)&ble_local_key_cb.id_keys.ir[0], 1586 BTIF_DM_LE_LOCAL_KEY_IRK, 1587 BT_OCTET16_LEN); 1588 btif_storage_add_ble_local_key( (char *)&ble_local_key_cb.id_keys.dhk[0], 1589 BTIF_DM_LE_LOCAL_KEY_DHK, 1590 BT_OCTET16_LEN); 1591 break; 1592 case BTA_DM_BLE_LOCAL_ER_EVT: 1593 BTIF_TRACE_DEBUG0("BTA_DM_BLE_LOCAL_ER_EVT. "); 1594 ble_local_key_cb.is_er_rcvd = TRUE; 1595 memcpy(&ble_local_key_cb.er[0], &p_data->ble_er[0], sizeof(BT_OCTET16)); 1596 btif_storage_add_ble_local_key( (char *)&ble_local_key_cb.er[0], 1597 BTIF_DM_LE_LOCAL_KEY_ER, 1598 BT_OCTET16_LEN); 1599 break; 1600 1601 case BTA_DM_BLE_AUTH_CMPL_EVT: 1602 BTIF_TRACE_DEBUG0("BTA_DM_BLE_KEY_EVT. "); 1603 btif_dm_ble_auth_cmpl_evt(&p_data->auth_cmpl); 1604 break; 1605#endif 1606 1607 case BTA_DM_AUTHORIZE_EVT: 1608 case BTA_DM_SIG_STRENGTH_EVT: 1609 case BTA_DM_SP_RMT_OOB_EVT: 1610 case BTA_DM_SP_KEYPRESS_EVT: 1611 case BTA_DM_ROLE_CHG_EVT: 1612 1613 default: 1614 BTIF_TRACE_WARNING1( "btif_dm_cback : unhandled event (%d)", event ); 1615 break; 1616 } 1617} /* btui_security_cback() */ 1618 1619 1620/******************************************************************************* 1621** 1622** Function btif_dm_generic_evt 1623** 1624** Description Executes non-BTA upstream events in BTIF context 1625** 1626** Returns void 1627** 1628*******************************************************************************/ 1629static void btif_dm_generic_evt(UINT16 event, char* p_param) 1630{ 1631 BTIF_TRACE_EVENT2("%s: event=%d", __FUNCTION__, event); 1632 switch(event) 1633 { 1634 case BTIF_DM_CB_DISCOVERY_STARTED: 1635 { 1636 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, BT_DISCOVERY_STARTED); 1637 } 1638 break; 1639 1640 case BTIF_DM_CB_CREATE_BOND: 1641 { 1642 btif_dm_cb_create_bond((bt_bdaddr_t *)p_param); 1643 } 1644 break; 1645 1646 case BTIF_DM_CB_REMOVE_BOND: 1647 { 1648 btif_dm_cb_remove_bond((bt_bdaddr_t *)p_param); 1649 } 1650 break; 1651 1652 case BTIF_DM_CB_HID_REMOTE_NAME: 1653 { 1654 btif_dm_cb_hid_remote_name((tBTM_REMOTE_DEV_NAME *)p_param); 1655 } 1656 break; 1657 1658 case BTIF_DM_CB_BOND_STATE_BONDING: 1659 { 1660 bond_state_changed(BT_STATUS_SUCCESS, (bt_bdaddr_t *)p_param, BT_BOND_STATE_BONDING); 1661 } 1662 break; 1663 case BTIF_DM_CB_LE_TX_TEST: 1664 case BTIF_DM_CB_LE_RX_TEST: 1665 { 1666 uint8_t status; 1667 STREAM_TO_UINT8(status, p_param); 1668 HAL_CBACK(bt_hal_cbacks, le_test_mode_cb, 1669 (status == 0) ? BT_STATUS_SUCCESS : BT_STATUS_FAIL, 0); 1670 } 1671 break; 1672 case BTIF_DM_CB_LE_TEST_END: 1673 { 1674 uint8_t status; 1675 uint16_t count = 0; 1676 STREAM_TO_UINT8(status, p_param); 1677 if (status == 0) 1678 STREAM_TO_UINT16(count, p_param); 1679 HAL_CBACK(bt_hal_cbacks, le_test_mode_cb, 1680 (status == 0) ? BT_STATUS_SUCCESS : BT_STATUS_FAIL, count); 1681 } 1682 break; 1683 default: 1684 { 1685 BTIF_TRACE_WARNING2("%s : Unknown event 0x%x", __FUNCTION__, event); 1686 } 1687 break; 1688 } 1689} 1690 1691/******************************************************************************* 1692** 1693** Function bte_dm_evt 1694** 1695** Description Switches context from BTE to BTIF for all DM events 1696** 1697** Returns void 1698** 1699*******************************************************************************/ 1700 1701void bte_dm_evt(tBTA_DM_SEC_EVT event, tBTA_DM_SEC *p_data) 1702{ 1703 bt_status_t status; 1704 1705 /* switch context to btif task context (copy full union size for convenience) */ 1706 status = btif_transfer_context(btif_dm_upstreams_evt, (uint16_t)event, (void*)p_data, sizeof(tBTA_DM_SEC), NULL); 1707 1708 /* catch any failed context transfers */ 1709 ASSERTC(status == BT_STATUS_SUCCESS, "context transfer failed", status); 1710} 1711 1712/******************************************************************************* 1713** 1714** Function bte_search_devices_evt 1715** 1716** Description Switches context from BTE to BTIF for DM search events 1717** 1718** Returns void 1719** 1720*******************************************************************************/ 1721static void bte_search_devices_evt(tBTA_DM_SEARCH_EVT event, tBTA_DM_SEARCH *p_data) 1722{ 1723 UINT16 param_len = 0; 1724 1725 if (p_data) 1726 param_len += sizeof(tBTA_DM_SEARCH); 1727 /* Allocate buffer to hold the pointers (deep copy). The pointers will point to the end of the tBTA_DM_SEARCH */ 1728 switch (event) 1729 { 1730 case BTA_DM_INQ_RES_EVT: 1731 { 1732 if (p_data->inq_res.p_eir) 1733 param_len += HCI_EXT_INQ_RESPONSE_LEN; 1734 } 1735 break; 1736 1737 case BTA_DM_DISC_RES_EVT: 1738 { 1739 if (p_data->disc_res.raw_data_size && p_data->disc_res.p_raw_data) 1740 param_len += p_data->disc_res.raw_data_size; 1741 } 1742 break; 1743 } 1744 BTIF_TRACE_DEBUG3("%s event=%s param_len=%d", __FUNCTION__, dump_dm_search_event(event), param_len); 1745 1746 /* if remote name is available in EIR, set teh flag so that stack doesnt trigger RNR */ 1747 if (event == BTA_DM_INQ_RES_EVT) 1748 p_data->inq_res.remt_name_not_required = check_eir_remote_name(p_data, NULL, NULL); 1749 1750 btif_transfer_context (btif_dm_search_devices_evt , (UINT16) event, (void *)p_data, param_len, 1751 (param_len > sizeof(tBTA_DM_SEARCH)) ? search_devices_copy_cb : NULL); 1752} 1753 1754/******************************************************************************* 1755** 1756** Function bte_dm_search_services_evt 1757** 1758** Description Switches context from BTE to BTIF for DM search services 1759** event 1760** 1761** Returns void 1762** 1763*******************************************************************************/ 1764static void bte_dm_search_services_evt(tBTA_DM_SEARCH_EVT event, tBTA_DM_SEARCH *p_data) 1765{ 1766 UINT16 param_len = 0; 1767 if (p_data) 1768 param_len += sizeof(tBTA_DM_SEARCH); 1769 switch (event) 1770 { 1771 case BTA_DM_DISC_RES_EVT: 1772 { 1773 if ((p_data->disc_res.result == BTA_SUCCESS) && (p_data->disc_res.num_uuids > 0)) { 1774 param_len += (p_data->disc_res.num_uuids * MAX_UUID_SIZE); 1775 } 1776 } break; 1777 } 1778 /* TODO: The only other member that needs a deep copy is the p_raw_data. But not sure 1779 * if raw_data is needed. */ 1780 btif_transfer_context(btif_dm_search_services_evt, event, (char*)p_data, param_len, 1781 (param_len > sizeof(tBTA_DM_SEARCH)) ? search_services_copy_cb : NULL); 1782} 1783 1784/******************************************************************************* 1785** 1786** Function bte_dm_remote_service_record_evt 1787** 1788** Description Switches context from BTE to BTIF for DM search service 1789** record event 1790** 1791** Returns void 1792** 1793*******************************************************************************/ 1794static void bte_dm_remote_service_record_evt(tBTA_DM_SEARCH_EVT event, tBTA_DM_SEARCH *p_data) 1795{ 1796 /* TODO: The only member that needs a deep copy is the p_raw_data. But not sure yet if this is needed. */ 1797 btif_transfer_context(btif_dm_remote_service_record_evt, event, (char*)p_data, sizeof(tBTA_DM_SEARCH), NULL); 1798} 1799 1800/***************************************************************************** 1801** 1802** btif api functions (no context switch) 1803** 1804*****************************************************************************/ 1805 1806/******************************************************************************* 1807** 1808** Function btif_dm_start_discovery 1809** 1810** Description Start device discovery/inquiry 1811** 1812** Returns bt_status_t 1813** 1814*******************************************************************************/ 1815bt_status_t btif_dm_start_discovery(void) 1816{ 1817 tBTA_DM_INQ inq_params; 1818 tBTA_SERVICE_MASK services = 0; 1819 1820 BTIF_TRACE_EVENT1("%s", __FUNCTION__); 1821 /* TODO: Do we need to handle multiple inquiries at the same time? */ 1822 1823 /* Set inquiry params and call API */ 1824#if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 1825 inq_params.mode = BTA_DM_GENERAL_INQUIRY|BTA_BLE_GENERAL_INQUIRY; 1826#if (defined(BTA_HOST_INTERLEAVE_SEARCH) && BTA_HOST_INTERLEAVE_SEARCH == TRUE) 1827 inq_params.intl_duration[0]= BTIF_DM_INTERLEAVE_DURATION_BR_ONE; 1828 inq_params.intl_duration[1]= BTIF_DM_INTERLEAVE_DURATION_LE_ONE; 1829 inq_params.intl_duration[2]= BTIF_DM_INTERLEAVE_DURATION_BR_TWO; 1830 inq_params.intl_duration[3]= BTIF_DM_INTERLEAVE_DURATION_LE_TWO; 1831#endif 1832#else 1833 inq_params.mode = BTA_DM_GENERAL_INQUIRY; 1834#endif 1835 inq_params.duration = BTIF_DM_DEFAULT_INQ_MAX_DURATION; 1836 1837 inq_params.max_resps = BTIF_DM_DEFAULT_INQ_MAX_RESULTS; 1838 inq_params.report_dup = TRUE; 1839 1840 inq_params.filter_type = BTA_DM_INQ_CLR; 1841 /* TODO: Filter device by BDA needs to be implemented here */ 1842 1843 /* Will be enabled to TRUE once inquiry busy level has been received */ 1844 btif_dm_inquiry_in_progress = FALSE; 1845 /* find nearby devices */ 1846 BTA_DmSearch(&inq_params, services, bte_search_devices_evt); 1847 1848 return BT_STATUS_SUCCESS; 1849} 1850 1851/******************************************************************************* 1852** 1853** Function btif_dm_cancel_discovery 1854** 1855** Description Cancels search 1856** 1857** Returns bt_status_t 1858** 1859*******************************************************************************/ 1860bt_status_t btif_dm_cancel_discovery(void) 1861{ 1862 BTIF_TRACE_EVENT1("%s", __FUNCTION__); 1863 BTA_DmSearchCancel(); 1864 return BT_STATUS_SUCCESS; 1865} 1866 1867/******************************************************************************* 1868** 1869** Function btif_dm_create_bond 1870** 1871** Description Initiate bonding with the specified device 1872** 1873** Returns bt_status_t 1874** 1875*******************************************************************************/ 1876bt_status_t btif_dm_create_bond(const bt_bdaddr_t *bd_addr) 1877{ 1878 bdstr_t bdstr; 1879 1880 BTIF_TRACE_EVENT2("%s: bd_addr=%s", __FUNCTION__, bd2str((bt_bdaddr_t *) bd_addr, &bdstr)); 1881 if (pairing_cb.state != BT_BOND_STATE_NONE) 1882 return BT_STATUS_BUSY; 1883 1884 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_CREATE_BOND, 1885 (char *)bd_addr, sizeof(bt_bdaddr_t), NULL); 1886 1887 return BT_STATUS_SUCCESS; 1888} 1889 1890/******************************************************************************* 1891** 1892** Function btif_dm_cancel_bond 1893** 1894** Description Initiate bonding with the specified device 1895** 1896** Returns bt_status_t 1897** 1898*******************************************************************************/ 1899 1900bt_status_t btif_dm_cancel_bond(const bt_bdaddr_t *bd_addr) 1901{ 1902 bdstr_t bdstr; 1903 1904 BTIF_TRACE_EVENT2("%s: bd_addr=%s", __FUNCTION__, bd2str((bt_bdaddr_t *)bd_addr, &bdstr)); 1905 1906 /* TODO: 1907 ** 1. Restore scan modes 1908 ** 2. special handling for HID devices 1909 */ 1910 if (pairing_cb.state == BT_BOND_STATE_BONDING) 1911 { 1912 1913#if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 1914 1915 if (pairing_cb.is_ssp) 1916 { 1917 if (pairing_cb.is_le_only) 1918 { 1919 BTA_DmBleSecurityGrant((UINT8 *)bd_addr->address,BTA_DM_SEC_PAIR_NOT_SPT); 1920 } 1921 else 1922 BTA_DmConfirm( (UINT8 *)bd_addr->address, FALSE); 1923 } 1924 else 1925 { 1926 if (pairing_cb.is_le_only) 1927 { 1928 BTA_DmBondCancel ((UINT8 *)bd_addr->address); 1929 } 1930 else 1931 { 1932 BTA_DmPinReply( (UINT8 *)bd_addr->address, FALSE, 0, NULL); 1933 } 1934 /* Cancel bonding, in case it is in ACL connection setup state */ 1935 BTA_DmBondCancel ((UINT8 *)bd_addr->address); 1936 } 1937 1938#else 1939 if (pairing_cb.is_ssp) 1940 { 1941 BTA_DmConfirm( (UINT8 *)bd_addr->address, FALSE); 1942 } 1943 else 1944 { 1945 BTA_DmPinReply( (UINT8 *)bd_addr->address, FALSE, 0, NULL); 1946 } 1947 /* Cancel bonding, in case it is in ACL connection setup state */ 1948 BTA_DmBondCancel ((UINT8 *)bd_addr->address); 1949 btif_storage_remove_bonded_device((bt_bdaddr_t *)bd_addr); 1950#endif 1951 } 1952 1953 return BT_STATUS_SUCCESS; 1954} 1955 1956/******************************************************************************* 1957** 1958** Function btif_dm_hh_open_failed 1959** 1960** Description informs the upper layers if the HH have failed during bonding 1961** 1962** Returns none 1963** 1964*******************************************************************************/ 1965 1966void btif_dm_hh_open_failed(bt_bdaddr_t *bdaddr) 1967{ 1968 if (pairing_cb.state == BT_BOND_STATE_BONDING && 1969 bdcmp(bdaddr->address, pairing_cb.bd_addr) == 0) 1970 { 1971 bond_state_changed(BT_STATUS_FAIL, bdaddr, BT_BOND_STATE_NONE); 1972 } 1973} 1974 1975/******************************************************************************* 1976** 1977** Function btif_dm_remove_bond 1978** 1979** Description Removes bonding with the specified device 1980** 1981** Returns bt_status_t 1982** 1983*******************************************************************************/ 1984 1985bt_status_t btif_dm_remove_bond(const bt_bdaddr_t *bd_addr) 1986{ 1987 bdstr_t bdstr; 1988 1989 BTIF_TRACE_EVENT2("%s: bd_addr=%s", __FUNCTION__, bd2str((bt_bdaddr_t *)bd_addr, &bdstr)); 1990 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_REMOVE_BOND, 1991 (char *)bd_addr, sizeof(bt_bdaddr_t), NULL); 1992 1993 return BT_STATUS_SUCCESS; 1994} 1995 1996/******************************************************************************* 1997** 1998** Function btif_dm_pin_reply 1999** 2000** Description BT legacy pairing - PIN code reply 2001** 2002** Returns bt_status_t 2003** 2004*******************************************************************************/ 2005 2006bt_status_t btif_dm_pin_reply( const bt_bdaddr_t *bd_addr, uint8_t accept, 2007 uint8_t pin_len, bt_pin_code_t *pin_code) 2008{ 2009 BTIF_TRACE_EVENT2("%s: accept=%d", __FUNCTION__, accept); 2010#if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 2011 2012 if (pairing_cb.is_le_only) 2013 { 2014 int i; 2015 UINT32 passkey = 0; 2016 int multi[] = {100000, 10000, 1000, 100, 10,1}; 2017 BD_ADDR remote_bd_addr; 2018 bdcpy(remote_bd_addr, bd_addr->address); 2019 for (i = 0; i < 6; i++) 2020 { 2021 passkey += (multi[i] * (pin_code->pin[i] - '0')); 2022 } 2023 BTIF_TRACE_DEBUG1("btif_dm_pin_reply: passkey: %d", passkey); 2024 BTA_DmBlePasskeyReply(remote_bd_addr, accept, passkey); 2025 2026 } 2027 else 2028 { 2029 BTA_DmPinReply( (UINT8 *)bd_addr->address, accept, pin_len, pin_code->pin); 2030 if (accept) 2031 pairing_cb.pin_code_len = pin_len; 2032 } 2033#else 2034 BTA_DmPinReply( (UINT8 *)bd_addr->address, accept, pin_len, pin_code->pin); 2035 2036 if (accept) 2037 pairing_cb.pin_code_len = pin_len; 2038#endif 2039 return BT_STATUS_SUCCESS; 2040} 2041 2042/******************************************************************************* 2043** 2044** Function btif_dm_ssp_reply 2045** 2046** Description BT SSP Reply - Just Works, Numeric Comparison & Passkey Entry 2047** 2048** Returns bt_status_t 2049** 2050*******************************************************************************/ 2051bt_status_t btif_dm_ssp_reply(const bt_bdaddr_t *bd_addr, 2052 bt_ssp_variant_t variant, uint8_t accept, 2053 uint32_t passkey) 2054{ 2055 UNUSED(passkey); 2056 2057 if (variant == BT_SSP_VARIANT_PASSKEY_ENTRY) 2058 { 2059 /* This is not implemented in the stack. 2060 * For devices with display, this is not needed 2061 */ 2062 BTIF_TRACE_WARNING1("%s: Not implemented", __FUNCTION__); 2063 return BT_STATUS_FAIL; 2064 } 2065 /* BT_SSP_VARIANT_CONSENT & BT_SSP_VARIANT_PASSKEY_CONFIRMATION supported */ 2066 BTIF_TRACE_EVENT2("%s: accept=%d", __FUNCTION__, accept); 2067#if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 2068 if (pairing_cb.is_le_only) 2069 { 2070 if (accept) 2071 BTA_DmBleSecurityGrant((UINT8 *)bd_addr->address,BTA_DM_SEC_GRANTED); 2072 else 2073 BTA_DmBleSecurityGrant((UINT8 *)bd_addr->address,BTA_DM_SEC_PAIR_NOT_SPT); 2074 } 2075 else 2076 BTA_DmConfirm( (UINT8 *)bd_addr->address, accept); 2077 2078#else 2079 BTA_DmConfirm( (UINT8 *)bd_addr->address, accept); 2080#endif 2081 return BT_STATUS_SUCCESS; 2082} 2083 2084/******************************************************************************* 2085** 2086** Function btif_dm_get_adapter_property 2087** 2088** Description Queries the BTA for the adapter property 2089** 2090** Returns bt_status_t 2091** 2092*******************************************************************************/ 2093bt_status_t btif_dm_get_adapter_property(bt_property_t *prop) 2094{ 2095 bt_status_t status; 2096 2097 BTIF_TRACE_EVENT2("%s: type=0x%x", __FUNCTION__, prop->type); 2098 switch (prop->type) 2099 { 2100 case BT_PROPERTY_BDNAME: 2101 { 2102 bt_bdname_t *bd_name = (bt_bdname_t*)prop->val; 2103 strcpy((char *)bd_name->name, btif_get_default_local_name()); 2104 prop->len = strlen((char *)bd_name->name); 2105 } 2106 break; 2107 2108 case BT_PROPERTY_ADAPTER_SCAN_MODE: 2109 { 2110 /* if the storage does not have it. Most likely app never set it. Default is NONE */ 2111 bt_scan_mode_t *mode = (bt_scan_mode_t*)prop->val; 2112 *mode = BT_SCAN_MODE_NONE; 2113 prop->len = sizeof(bt_scan_mode_t); 2114 } 2115 break; 2116 2117 case BT_PROPERTY_ADAPTER_DISCOVERY_TIMEOUT: 2118 { 2119 uint32_t *tmt = (uint32_t*)prop->val; 2120 *tmt = 120; /* default to 120s, if not found in NV */ 2121 prop->len = sizeof(uint32_t); 2122 } 2123 break; 2124 2125 default: 2126 prop->len = 0; 2127 return BT_STATUS_FAIL; 2128 } 2129 return BT_STATUS_SUCCESS; 2130} 2131 2132/******************************************************************************* 2133** 2134** Function btif_dm_get_remote_services 2135** 2136** Description Start SDP to get remote services 2137** 2138** Returns bt_status_t 2139** 2140*******************************************************************************/ 2141bt_status_t btif_dm_get_remote_services(bt_bdaddr_t *remote_addr) 2142{ 2143 bdstr_t bdstr; 2144 2145 BTIF_TRACE_EVENT2("%s: remote_addr=%s", __FUNCTION__, bd2str(remote_addr, &bdstr)); 2146 2147 BTA_DmDiscover(remote_addr->address, BTA_ALL_SERVICE_MASK, 2148 bte_dm_search_services_evt, TRUE); 2149 2150 return BT_STATUS_SUCCESS; 2151} 2152 2153/******************************************************************************* 2154** 2155** Function btif_dm_get_remote_service_record 2156** 2157** Description Start SDP to get remote service record 2158** 2159** 2160** Returns bt_status_t 2161*******************************************************************************/ 2162bt_status_t btif_dm_get_remote_service_record(bt_bdaddr_t *remote_addr, 2163 bt_uuid_t *uuid) 2164{ 2165 tSDP_UUID sdp_uuid; 2166 bdstr_t bdstr; 2167 2168 BTIF_TRACE_EVENT2("%s: remote_addr=%s", __FUNCTION__, bd2str(remote_addr, &bdstr)); 2169 2170 sdp_uuid.len = MAX_UUID_SIZE; 2171 memcpy(sdp_uuid.uu.uuid128, uuid->uu, MAX_UUID_SIZE); 2172 2173 BTA_DmDiscoverUUID(remote_addr->address, &sdp_uuid, 2174 bte_dm_remote_service_record_evt, TRUE); 2175 2176 return BT_STATUS_SUCCESS; 2177} 2178 2179void btif_dm_execute_service_request(UINT16 event, char *p_param) 2180{ 2181 BOOLEAN b_enable = FALSE; 2182 bt_status_t status; 2183 if (event == BTIF_DM_ENABLE_SERVICE) 2184 { 2185 b_enable = TRUE; 2186 } 2187 status = btif_in_execute_service_request(*((tBTA_SERVICE_ID*)p_param), b_enable); 2188 if (status == BT_STATUS_SUCCESS) 2189 { 2190 bt_property_t property; 2191 bt_uuid_t local_uuids[BT_MAX_NUM_UUIDS]; 2192 2193 /* Now send the UUID_PROPERTY_CHANGED event to the upper layer */ 2194 BTIF_STORAGE_FILL_PROPERTY(&property, BT_PROPERTY_UUIDS, 2195 sizeof(local_uuids), local_uuids); 2196 btif_storage_get_adapter_property(&property); 2197 HAL_CBACK(bt_hal_cbacks, adapter_properties_cb, 2198 BT_STATUS_SUCCESS, 1, &property); 2199 } 2200 return; 2201} 2202 2203void btif_dm_proc_io_req(BD_ADDR bd_addr, tBTA_IO_CAP *p_io_cap, tBTA_OOB_DATA *p_oob_data, 2204 tBTA_AUTH_REQ *p_auth_req, BOOLEAN is_orig) 2205{ 2206 UINT8 yes_no_bit = BTA_AUTH_SP_YES & *p_auth_req; 2207 /* if local initiated: 2208 ** 1. set DD + MITM 2209 ** if remote initiated: 2210 ** 1. Copy over the auth_req from peer's io_rsp 2211 ** 2. Set the MITM if peer has it set or if peer has DisplayYesNo (iPhone) 2212 ** as a fallback set MITM+GB if peer had MITM set 2213 */ 2214 UNUSED (bd_addr); 2215 UNUSED (p_io_cap); 2216 UNUSED (p_oob_data); 2217 2218 2219 BTIF_TRACE_DEBUG2("+%s: p_auth_req=%d", __FUNCTION__, *p_auth_req); 2220 if(pairing_cb.is_local_initiated) 2221 { 2222 /* if initing/responding to a dedicated bonding, use dedicate bonding bit */ 2223 *p_auth_req = BTA_AUTH_DD_BOND | BTA_AUTH_SP_YES; 2224 } 2225 else if (!is_orig) 2226 { 2227 /* peer initiated paring. They probably know what they want. 2228 ** Copy the mitm from peer device. 2229 */ 2230 BTIF_TRACE_DEBUG2("%s: setting p_auth_req to peer's: %d", 2231 __FUNCTION__, pairing_cb.auth_req); 2232 *p_auth_req = (pairing_cb.auth_req & BTA_AUTH_BONDS); 2233 2234 /* copy over the MITM bit as well. In addition if the peer has DisplayYesNo, force MITM */ 2235 if ((yes_no_bit) || (pairing_cb.io_cap & BTM_IO_CAP_IO) ) 2236 *p_auth_req |= BTA_AUTH_SP_YES; 2237 } 2238 else if (yes_no_bit) 2239 { 2240 /* set the general bonding bit for stored device */ 2241 *p_auth_req = BTA_AUTH_GEN_BOND | yes_no_bit; 2242 } 2243 BTIF_TRACE_DEBUG2("-%s: p_auth_req=%d", __FUNCTION__, *p_auth_req); 2244} 2245 2246void btif_dm_proc_io_rsp(BD_ADDR bd_addr, tBTA_IO_CAP io_cap, 2247 tBTA_OOB_DATA oob_data, tBTA_AUTH_REQ auth_req) 2248{ 2249 UNUSED (bd_addr); 2250 UNUSED (oob_data); 2251 2252 if(auth_req & BTA_AUTH_BONDS) 2253 { 2254 BTIF_TRACE_DEBUG2("%s auth_req:%d", __FUNCTION__, auth_req); 2255 pairing_cb.auth_req = auth_req; 2256 pairing_cb.io_cap = io_cap; 2257 } 2258} 2259 2260#if (BTM_OOB_INCLUDED == TRUE) 2261void btif_dm_set_oob_for_io_req(tBTA_OOB_DATA *p_oob_data) 2262{ 2263 if (oob_cb.sp_c[0] == 0 && oob_cb.sp_c[1] == 0 && 2264 oob_cb.sp_c[2] == 0 && oob_cb.sp_c[3] == 0 ) 2265 { 2266 *p_oob_data = FALSE; 2267 } 2268 else 2269 { 2270 *p_oob_data = TRUE; 2271 } 2272 BTIF_TRACE_DEBUG1("btif_dm_set_oob_for_io_req *p_oob_data=%d", *p_oob_data); 2273} 2274#endif /* BTM_OOB_INCLUDED */ 2275 2276#ifdef BTIF_DM_OOB_TEST 2277void btif_dm_load_local_oob(void) 2278{ 2279 char prop_oob[PROPERTY_VALUE_MAX]; 2280 property_get("service.brcm.bt.oob", prop_oob, "3"); 2281 BTIF_TRACE_DEBUG1("btif_dm_load_local_oob prop_oob = %s",prop_oob); 2282 if (prop_oob[0] != '3') 2283 { 2284#if (BTM_OOB_INCLUDED == TRUE) 2285 if (oob_cb.sp_c[0] == 0 && oob_cb.sp_c[1] == 0 && 2286 oob_cb.sp_c[2] == 0 && oob_cb.sp_c[3] == 0 ) 2287 { 2288 BTIF_TRACE_DEBUG0("btif_dm_load_local_oob: read OOB, call BTA_DmLocalOob()"); 2289 BTA_DmLocalOob(); 2290 } 2291#else 2292 BTIF_TRACE_ERROR0("BTM_OOB_INCLUDED is FALSE!!(btif_dm_load_local_oob)"); 2293#endif 2294 } 2295} 2296 2297void btif_dm_proc_loc_oob(BOOLEAN valid, BT_OCTET16 c, BT_OCTET16 r) 2298{ 2299 FILE *fp; 2300 char *path_a = "/data/misc/bluedroid/LOCAL/a.key"; 2301 char *path_b = "/data/misc/bluedroid/LOCAL/b.key"; 2302 char *path = NULL; 2303 char prop_oob[PROPERTY_VALUE_MAX]; 2304 BTIF_TRACE_DEBUG1("btif_dm_proc_loc_oob: valid=%d", valid); 2305 if (oob_cb.sp_c[0] == 0 && oob_cb.sp_c[1] == 0 && 2306 oob_cb.sp_c[2] == 0 && oob_cb.sp_c[3] == 0 && 2307 valid) 2308 { 2309 BTIF_TRACE_DEBUG0("save local OOB data in memory"); 2310 memcpy(oob_cb.sp_c, c, BT_OCTET16_LEN); 2311 memcpy(oob_cb.sp_r, r, BT_OCTET16_LEN); 2312 property_get("service.brcm.bt.oob", prop_oob, "3"); 2313 BTIF_TRACE_DEBUG1("btif_dm_proc_loc_oob prop_oob = %s",prop_oob); 2314 if (prop_oob[0] == '1') 2315 path = path_a; 2316 else if (prop_oob[0] == '2') 2317 path = path_b; 2318 if (path) 2319 { 2320 fp = fopen(path, "wb+"); 2321 if (fp == NULL) 2322 { 2323 BTIF_TRACE_DEBUG1("btif_dm_proc_loc_oob: failed to save local OOB data to %s", path); 2324 } 2325 else 2326 { 2327 BTIF_TRACE_DEBUG1("btif_dm_proc_loc_oob: save local OOB data into file %s",path); 2328 fwrite (c , 1 , BT_OCTET16_LEN , fp ); 2329 fwrite (r , 1 , BT_OCTET16_LEN , fp ); 2330 fclose(fp); 2331 } 2332 } 2333 } 2334} 2335BOOLEAN btif_dm_proc_rmt_oob(BD_ADDR bd_addr, BT_OCTET16 p_c, BT_OCTET16 p_r) 2336{ 2337 char t[128]; 2338 FILE *fp; 2339 char *path_a = "/data/misc/bluedroid/LOCAL/a.key"; 2340 char *path_b = "/data/misc/bluedroid/LOCAL/b.key"; 2341 char *path = NULL; 2342 char prop_oob[PROPERTY_VALUE_MAX]; 2343 BOOLEAN result = FALSE; 2344 bt_bdaddr_t bt_bd_addr; 2345 bdcpy(oob_cb.oob_bdaddr, bd_addr); 2346 property_get("service.brcm.bt.oob", prop_oob, "3"); 2347 BTIF_TRACE_DEBUG1("btif_dm_proc_rmt_oob prop_oob = %s",prop_oob); 2348 if (prop_oob[0] == '1') 2349 path = path_b; 2350 else if (prop_oob[0] == '2') 2351 path = path_a; 2352 if (path) 2353 { 2354 fp = fopen(path, "rb"); 2355 if (fp == NULL) 2356 { 2357 BTIF_TRACE_DEBUG1("btapp_dm_rmt_oob_reply: failed to read OOB keys from %s",path); 2358 return FALSE; 2359 } 2360 else 2361 { 2362 BTIF_TRACE_DEBUG1("btif_dm_proc_rmt_oob: read OOB data from %s",path); 2363 fread (p_c , 1 , BT_OCTET16_LEN , fp ); 2364 fread (p_r , 1 , BT_OCTET16_LEN , fp ); 2365 fclose(fp); 2366 } 2367 BTIF_TRACE_DEBUG0("----btif_dm_proc_rmt_oob: TRUE"); 2368 sprintf(t, "%02x:%02x:%02x:%02x:%02x:%02x", 2369 oob_cb.oob_bdaddr[0], oob_cb.oob_bdaddr[1], oob_cb.oob_bdaddr[2], 2370 oob_cb.oob_bdaddr[3], oob_cb.oob_bdaddr[4], oob_cb.oob_bdaddr[5]); 2371 BTIF_TRACE_DEBUG1("----btif_dm_proc_rmt_oob: peer_bdaddr = %s", t); 2372 sprintf(t, "%02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x", 2373 p_c[0], p_c[1], p_c[2], p_c[3], p_c[4], p_c[5], p_c[6], p_c[7], 2374 p_c[8], p_c[9], p_c[10], p_c[11], p_c[12], p_c[13], p_c[14], p_c[15]); 2375 BTIF_TRACE_DEBUG1("----btif_dm_proc_rmt_oob: c = %s",t); 2376 sprintf(t, "%02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x", 2377 p_r[0], p_r[1], p_r[2], p_r[3], p_r[4], p_r[5], p_r[6], p_r[7], 2378 p_r[8], p_r[9], p_r[10], p_r[11], p_r[12], p_r[13], p_r[14], p_r[15]); 2379 BTIF_TRACE_DEBUG1("----btif_dm_proc_rmt_oob: r = %s",t); 2380 bdcpy(bt_bd_addr.address, bd_addr); 2381 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_BOND_STATE_BONDING, 2382 (char *)&bt_bd_addr, sizeof(bt_bdaddr_t), NULL); 2383 result = TRUE; 2384 } 2385 BTIF_TRACE_DEBUG1("btif_dm_proc_rmt_oob result=%d",result); 2386 return result; 2387} 2388#endif /* BTIF_DM_OOB_TEST */ 2389#if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 2390 2391static void btif_dm_ble_key_notif_evt(tBTA_DM_SP_KEY_NOTIF *p_ssp_key_notif) 2392{ 2393 bt_bdaddr_t bd_addr; 2394 bt_bdname_t bd_name; 2395 UINT32 cod; 2396 2397 BTIF_TRACE_DEBUG1("%s", __FUNCTION__); 2398 2399 /* Remote name update */ 2400 btif_update_remote_properties(p_ssp_key_notif->bd_addr , p_ssp_key_notif->bd_name, 2401 NULL, BT_DEVICE_TYPE_BLE); 2402 bdcpy(bd_addr.address, p_ssp_key_notif->bd_addr); 2403 memcpy(bd_name.name, p_ssp_key_notif->bd_name, BD_NAME_LEN); 2404 2405 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING); 2406 pairing_cb.is_ssp = FALSE; 2407 cod = COD_UNCLASSIFIED; 2408 2409 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, 2410 cod, BT_SSP_VARIANT_PASSKEY_NOTIFICATION, 2411 p_ssp_key_notif->passkey); 2412} 2413 2414/******************************************************************************* 2415** 2416** Function btif_dm_ble_auth_cmpl_evt 2417** 2418** Description Executes authentication complete event in btif context 2419** 2420** Returns void 2421** 2422*******************************************************************************/ 2423static void btif_dm_ble_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl) 2424{ 2425 /* Save link key, if not temporary */ 2426 bt_bdaddr_t bd_addr; 2427 bt_status_t status = BT_STATUS_FAIL; 2428 bt_bond_state_t state = BT_BOND_STATE_NONE; 2429 2430 bdcpy(bd_addr.address, p_auth_cmpl->bd_addr); 2431 if ( (p_auth_cmpl->success == TRUE) && (p_auth_cmpl->key_present) ) 2432 { 2433 /* store keys */ 2434 } 2435 if (p_auth_cmpl->success) 2436 { 2437 status = BT_STATUS_SUCCESS; 2438 state = BT_BOND_STATE_BONDED; 2439 2440 btif_dm_save_ble_bonding_keys(); 2441 BTA_GATTC_Refresh(bd_addr.address); 2442 btif_dm_get_remote_services(&bd_addr); 2443 } 2444 else 2445 { 2446 /*Map the HCI fail reason to bt status */ 2447 switch (p_auth_cmpl->fail_reason) 2448 { 2449 default: 2450 btif_dm_remove_ble_bonding_keys(); 2451 status = BT_STATUS_FAIL; 2452 break; 2453 } 2454 } 2455 bond_state_changed(status, &bd_addr, state); 2456} 2457 2458 2459 2460void btif_dm_load_ble_local_keys(void) 2461{ 2462 bt_status_t bt_status; 2463 2464 memset(&ble_local_key_cb, 0, sizeof(btif_dm_local_key_cb_t)); 2465 2466 if (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_ER,(char*)&ble_local_key_cb.er[0], 2467 BT_OCTET16_LEN)== BT_STATUS_SUCCESS) 2468 { 2469 ble_local_key_cb.is_er_rcvd = TRUE; 2470 BTIF_TRACE_DEBUG1("%s BLE ER key loaded",__FUNCTION__ ); 2471 } 2472 2473 if ((btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_IR,(char*)&ble_local_key_cb.id_keys.ir[0], 2474 BT_OCTET16_LEN)== BT_STATUS_SUCCESS )&& 2475 (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_IRK, (char*)&ble_local_key_cb.id_keys.irk[0], 2476 BT_OCTET16_LEN)== BT_STATUS_SUCCESS)&& 2477 (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_DHK,(char*)&ble_local_key_cb.id_keys.dhk[0], 2478 BT_OCTET16_LEN)== BT_STATUS_SUCCESS)) 2479 { 2480 ble_local_key_cb.is_id_keys_rcvd = TRUE; 2481 BTIF_TRACE_DEBUG1("%s BLE ID keys loaded",__FUNCTION__ ); 2482 } 2483 2484} 2485void btif_dm_get_ble_local_keys(tBTA_DM_BLE_LOCAL_KEY_MASK *p_key_mask, BT_OCTET16 er, 2486 tBTA_BLE_LOCAL_ID_KEYS *p_id_keys) 2487{ 2488 if (ble_local_key_cb.is_er_rcvd ) 2489 { 2490 memcpy(&er[0], &ble_local_key_cb.er[0], sizeof(BT_OCTET16)); 2491 *p_key_mask |= BTA_BLE_LOCAL_KEY_TYPE_ER; 2492 } 2493 2494 if (ble_local_key_cb.is_id_keys_rcvd) 2495 { 2496 memcpy(&p_id_keys->ir[0], &ble_local_key_cb.id_keys.ir[0], sizeof(BT_OCTET16)); 2497 memcpy(&p_id_keys->irk[0], &ble_local_key_cb.id_keys.irk[0], sizeof(BT_OCTET16)); 2498 memcpy(&p_id_keys->dhk[0], &ble_local_key_cb.id_keys.dhk[0], sizeof(BT_OCTET16)); 2499 *p_key_mask |= BTA_BLE_LOCAL_KEY_TYPE_ID; 2500 } 2501 BTIF_TRACE_DEBUG2("%s *p_key_mask=0x%02x",__FUNCTION__, *p_key_mask); 2502} 2503 2504void btif_dm_save_ble_bonding_keys(void) 2505{ 2506 2507 bt_bdaddr_t bd_addr; 2508 2509 BTIF_TRACE_DEBUG1("%s",__FUNCTION__ ); 2510 2511 bdcpy(bd_addr.address, pairing_cb.bd_addr); 2512 2513 if (pairing_cb.ble.is_penc_key_rcvd) 2514 { 2515 btif_storage_add_ble_bonding_key(&bd_addr, 2516 (char *) &pairing_cb.ble.penc_key, 2517 BTIF_DM_LE_KEY_PENC, 2518 sizeof(btif_dm_ble_penc_keys_t)); 2519 } 2520 2521 if (pairing_cb.ble.is_pid_key_rcvd) 2522 { 2523 btif_storage_add_ble_bonding_key(&bd_addr, 2524 (char *) &pairing_cb.ble.pid_key[0], 2525 BTIF_DM_LE_KEY_PID, 2526 BT_OCTET16_LEN); 2527 } 2528 2529 2530 if (pairing_cb.ble.is_pcsrk_key_rcvd) 2531 { 2532 btif_storage_add_ble_bonding_key(&bd_addr, 2533 (char *) &pairing_cb.ble.pcsrk_key, 2534 BTIF_DM_LE_KEY_PCSRK, 2535 sizeof(btif_dm_ble_pcsrk_keys_t)); 2536 } 2537 2538 2539 if (pairing_cb.ble.is_lenc_key_rcvd) 2540 { 2541 btif_storage_add_ble_bonding_key(&bd_addr, 2542 (char *) &pairing_cb.ble.lenc_key, 2543 BTIF_DM_LE_KEY_LENC, 2544 sizeof(btif_dm_ble_lenc_keys_t)); 2545 } 2546 2547 if (pairing_cb.ble.is_lcsrk_key_rcvd) 2548 { 2549 btif_storage_add_ble_bonding_key(&bd_addr, 2550 (char *) &pairing_cb.ble.lcsrk_key, 2551 BTIF_DM_LE_KEY_LCSRK, 2552 sizeof(btif_dm_ble_lcsrk_keys_t)); 2553 } 2554 2555} 2556 2557 2558void btif_dm_remove_ble_bonding_keys(void) 2559{ 2560 bt_bdaddr_t bd_addr; 2561 2562 BTIF_TRACE_DEBUG1("%s",__FUNCTION__ ); 2563 2564 bdcpy(bd_addr.address, pairing_cb.bd_addr); 2565 btif_storage_remove_ble_bonding_keys(&bd_addr); 2566} 2567 2568 2569/******************************************************************************* 2570** 2571** Function btif_dm_ble_sec_req_evt 2572** 2573** Description Eprocess security request event in btif context 2574** 2575** Returns void 2576** 2577*******************************************************************************/ 2578void btif_dm_ble_sec_req_evt(tBTA_DM_BLE_SEC_REQ *p_ble_req) 2579{ 2580 bt_bdaddr_t bd_addr; 2581 bt_bdname_t bd_name; 2582 UINT32 cod; 2583 BTIF_TRACE_DEBUG1("%s", __FUNCTION__); 2584 2585 if (pairing_cb.state == BT_BOND_STATE_BONDING) 2586 { 2587 BTIF_TRACE_DEBUG1("%s Discard security request", __FUNCTION__); 2588 return; 2589 } 2590 2591 /* Remote name update */ 2592 btif_update_remote_properties(p_ble_req->bd_addr,p_ble_req->bd_name,NULL,BT_DEVICE_TYPE_BLE); 2593 2594 bdcpy(bd_addr.address, p_ble_req->bd_addr); 2595 memcpy(bd_name.name, p_ble_req->bd_name, BD_NAME_LEN); 2596 2597 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING); 2598 2599 pairing_cb.is_temp = FALSE; 2600 pairing_cb.is_le_only = TRUE; 2601 pairing_cb.is_ssp = TRUE; 2602 2603 cod = COD_UNCLASSIFIED; 2604 2605 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod, 2606 BT_SSP_VARIANT_CONSENT, 0); 2607} 2608 2609 2610 2611/******************************************************************************* 2612** 2613** Function btif_dm_ble_passkey_req_evt 2614** 2615** Description Executes pin request event in btif context 2616** 2617** Returns void 2618** 2619*******************************************************************************/ 2620static void btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ *p_pin_req) 2621{ 2622 bt_bdaddr_t bd_addr; 2623 bt_bdname_t bd_name; 2624 UINT32 cod; 2625 2626 /* Remote name update */ 2627 btif_update_remote_properties(p_pin_req->bd_addr,p_pin_req->bd_name,NULL,BT_DEVICE_TYPE_BLE); 2628 2629 bdcpy(bd_addr.address, p_pin_req->bd_addr); 2630 memcpy(bd_name.name, p_pin_req->bd_name, BD_NAME_LEN); 2631 2632 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING); 2633 pairing_cb.is_le_only = TRUE; 2634 2635 cod = COD_UNCLASSIFIED; 2636 2637 HAL_CBACK(bt_hal_cbacks, pin_request_cb, 2638 &bd_addr, &bd_name, cod); 2639} 2640 2641 2642void btif_dm_update_ble_remote_properties( BD_ADDR bd_addr, BD_NAME bd_name, 2643 tBT_DEVICE_TYPE dev_type) 2644{ 2645 btif_update_remote_properties(bd_addr,bd_name,NULL,dev_type); 2646} 2647 2648static void btif_dm_ble_tx_test_cback(void *p) 2649{ 2650 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_TX_TEST, 2651 (char *)p, 1, NULL); 2652} 2653 2654static void btif_dm_ble_rx_test_cback(void *p) 2655{ 2656 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_RX_TEST, 2657 (char *)p, 1, NULL); 2658} 2659 2660static void btif_dm_ble_test_end_cback(void *p) 2661{ 2662 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_LE_TEST_END, 2663 (char *)p, 3, NULL); 2664} 2665/******************************************************************************* 2666** 2667** Function btif_le_test_mode 2668** 2669** Description Sends a HCI BLE Test command to the Controller 2670** 2671** Returns BT_STATUS_SUCCESS on success 2672** 2673*******************************************************************************/ 2674bt_status_t btif_le_test_mode(uint16_t opcode, uint8_t *buf, uint8_t len) 2675{ 2676 switch (opcode) { 2677 case HCI_BLE_TRANSMITTER_TEST: 2678 if (len != 3) return BT_STATUS_PARM_INVALID; 2679 BTM_BleTransmitterTest(buf[0],buf[1],buf[2], btif_dm_ble_tx_test_cback); 2680 break; 2681 case HCI_BLE_RECEIVER_TEST: 2682 if (len != 1) return BT_STATUS_PARM_INVALID; 2683 BTM_BleReceiverTest(buf[0], btif_dm_ble_rx_test_cback); 2684 break; 2685 case HCI_BLE_TEST_END: 2686 BTM_BleTestEnd((tBTM_CMPL_CB*) btif_dm_ble_test_end_cback); 2687 break; 2688 default: 2689 BTIF_TRACE_ERROR2("%s: Unknown LE Test Mode Command 0x%x", __FUNCTION__, opcode); 2690 return BT_STATUS_UNSUPPORTED; 2691 } 2692 return BT_STATUS_SUCCESS; 2693} 2694 2695#endif 2696 2697void btif_dm_on_disable() 2698{ 2699 /* cancel any pending pairing requests */ 2700 if (pairing_cb.state == BT_BOND_STATE_BONDING) 2701 { 2702 bt_bdaddr_t bd_addr; 2703 2704 BTIF_TRACE_DEBUG1("%s: Cancel pending pairing request", __FUNCTION__); 2705 bdcpy(bd_addr.address, pairing_cb.bd_addr); 2706 btif_dm_cancel_bond(&bd_addr); 2707 } 2708} 2709 2710static char* btif_get_default_local_name() { 2711 if (btif_default_local_name[0] == '\0') 2712 { 2713 int max_len = sizeof(btif_default_local_name) - 1; 2714 if (BTM_DEF_LOCAL_NAME[0] != '\0') 2715 { 2716 strncpy(btif_default_local_name, BTM_DEF_LOCAL_NAME, max_len); 2717 } 2718 else 2719 { 2720 char prop_model[PROPERTY_VALUE_MAX]; 2721 property_get(PROPERTY_PRODUCT_MODEL, prop_model, ""); 2722 strncpy(btif_default_local_name, prop_model, max_len); 2723 } 2724 btif_default_local_name[max_len] = '\0'; 2725 } 2726 return btif_default_local_name; 2727} 2728