srvc_dis.c revision 2e7fa68bfd9723b7ec7b6b0b128d89f31a2e06ee
1/***************************************************************************** 2** 3** Name: srvc_dis.c 4** 5** Description: this file contains the main Device Information Service over GATT 6** server/client and request handling functions. 7** 8** Copyright (c) 2008-2011, Broadcom Corp., All Rights Reserved. 9** Broadcom Bluetooth Core. Proprietary and confidential. 10******************************************************************************/ 11 12#include "bt_target.h" 13 14#include "gatt_api.h" 15#include "gatt_int.h" 16#include "srvc_eng_int.h" 17#include "srvc_dis_int.h" 18 19#if BLE_INCLUDED == TRUE 20 21#define DIS_UUID_TO_ATTR_MASK(x) (UINT16)(1 << ((x) - GATT_UUID_SYSTEM_ID)) 22 23#define DIS_MAX_NUM_INC_SVR 0 24#define DIS_MAX_CHAR_NUM 9 25#define DIS_MAX_ATTR_NUM (DIS_MAX_CHAR_NUM * 2 + DIS_MAX_NUM_INC_SVR + 1) 26 27#ifndef DIS_ATTR_DB_SIZE 28#define DIS_ATTR_DB_SIZE GATT_DB_MEM_SIZE(DIS_MAX_NUM_INC_SVR, DIS_MAX_CHAR_NUM, 0) 29#endif 30 31#define UINT64_TO_STREAM(p, u64) {*(p)++ = (UINT8)(u64); *(p)++ = (UINT8)((u64) >> 8);*(p)++ = (UINT8)((u64) >> 16); *(p)++ = (UINT8)((u64) >> 24); \ 32 *(p)++ = (UINT8)((u64) >> 32); *(p)++ = (UINT8)((u64) >> 40);*(p)++ = (UINT8)((u64) >> 48); *(p)++ = (UINT8)((u64) >> 56);} 33 34#define STREAM_TO_UINT64(u64, p) {u64 = (((UINT64)(*(p))) + ((((UINT64)(*((p) + 1)))) << 8) + ((((UINT64)(*((p) + 2)))) << 16) + ((((UINT64)(*((p) + 3)))) << 24) \ 35 + ((((UINT64)(*((p) + 4)))) << 32) + ((((UINT64)(*((p) + 5)))) << 40) + ((((UINT64)(*((p) + 6)))) << 48) + ((((UINT64)(*((p) + 7)))) << 56)); (p) += 8;} 36 37 38 39static const UINT16 dis_attr_uuid[DIS_MAX_CHAR_NUM] = 40{ 41 GATT_UUID_SYSTEM_ID, 42 GATT_UUID_MODEL_NUMBER_STR, 43 GATT_UUID_SERIAL_NUMBER_STR, 44 GATT_UUID_FW_VERSION_STR, 45 GATT_UUID_HW_VERSION_STR, 46 GATT_UUID_SW_VERSION_STR, 47 GATT_UUID_MANU_NAME, 48 GATT_UUID_IEEE_DATA, 49 GATT_UUID_PNP_ID 50}; 51 52tDIS_CB dis_cb; 53/******************************************************************************* 54** dis_valid_handle_range 55** 56** validate a handle to be a DIS attribute handle or not. 57*******************************************************************************/ 58BOOLEAN dis_valid_handle_range(UINT16 handle) 59{ 60 if (handle >= dis_cb.service_handle && handle <= dis_cb.max_handle) 61 return TRUE; 62 else 63 return FALSE; 64} 65/******************************************************************************* 66** dis_write_attr_value 67** 68** Process write DIS attribute request. 69*******************************************************************************/ 70UINT8 dis_write_attr_value(tGATT_WRITE_REQ * p_data, tGATT_STATUS *p_status) 71{ 72 *p_status = GATT_WRITE_NOT_PERMIT; 73 return SRVC_ACT_RSP; 74} 75/******************************************************************************* 76** DIS Attributes Database Server Request callback 77*******************************************************************************/ 78UINT8 dis_read_attr_value (UINT8 clcb_idx, UINT16 handle, tGATT_VALUE *p_value, 79 BOOLEAN is_long, tGATT_STATUS *p_status) 80{ 81 tDIS_DB_ENTRY *p_db_attr = dis_cb.dis_attr; 82 UINT8 *p = p_value->value, i, *pp; 83 UINT16 offset = p_value->offset; 84 UINT8 act = SRVC_ACT_RSP; 85 tGATT_STATUS st = GATT_NOT_FOUND; 86 87 for (i = 0; i < DIS_MAX_CHAR_NUM; i ++, p_db_attr ++) 88 { 89 if (handle == p_db_attr->handle) 90 { 91 if ((p_db_attr->uuid == GATT_UUID_PNP_ID || p_db_attr->uuid == GATT_UUID_SYSTEM_ID)&& 92 is_long == TRUE) 93 { 94 st = GATT_NOT_LONG; 95 break; 96 } 97 st = GATT_SUCCESS; 98 99 switch (p_db_attr->uuid) 100 { 101 case GATT_UUID_MANU_NAME: 102 case GATT_UUID_MODEL_NUMBER_STR: 103 case GATT_UUID_SERIAL_NUMBER_STR: 104 case GATT_UUID_FW_VERSION_STR: 105 case GATT_UUID_HW_VERSION_STR: 106 case GATT_UUID_SW_VERSION_STR: 107 case GATT_UUID_IEEE_DATA: 108 pp = dis_cb.dis_value.data_string[p_db_attr->uuid - GATT_UUID_MODEL_NUMBER_STR]; 109 if (pp != NULL) 110 { 111 if (strlen ((char *)pp) > GATT_MAX_ATTR_LEN) 112 p_value->len = GATT_MAX_ATTR_LEN; 113 else 114 p_value->len = (UINT16)strlen ((char *)pp); 115 } 116 else 117 p_value->len = 0; 118 119 if (offset > p_value->len) 120 { 121 st = GATT_INVALID_OFFSET; 122 break; 123 } 124 else 125 { 126 p_value->len -= offset; 127 pp += offset; 128 ARRAY_TO_STREAM(p, pp, p_value->len); 129 GATT_TRACE_EVENT1("GATT_UUID_MANU_NAME len=0x%04x", p_value->len); 130 } 131 break; 132 133 134 case GATT_UUID_SYSTEM_ID: 135 UINT64_TO_STREAM(p, dis_cb.dis_value.system_id); /* int_min */ 136 p_value->len = DIS_SYSTEM_ID_SIZE; 137 break; 138 139 case GATT_UUID_PNP_ID: 140 UINT8_TO_STREAM(p, dis_cb.dis_value.pnp_id.vendor_id_src); 141 UINT16_TO_STREAM(p, dis_cb.dis_value.pnp_id.vendor_id); 142 UINT16_TO_STREAM(p, dis_cb.dis_value.pnp_id.product_id); 143 UINT16_TO_STREAM(p, dis_cb.dis_value.pnp_id.product_version); 144 p_value->len = DIS_PNP_ID_SIZE; 145 break; 146 147 } 148 break; 149 } 150 } 151 *p_status = st; 152 return act; 153} 154 155/******************************************************************************* 156** 157** Function dis_gatt_c_read_dis_value_cmpl 158** 159** Description Client read DIS database complete callback. 160** 161** Returns void 162** 163*******************************************************************************/ 164void dis_gatt_c_read_dis_value_cmpl(UINT16 conn_id) 165{ 166 tSRVC_CLCB *p_clcb = srvc_eng_find_clcb_by_conn_id(conn_id); 167 168 dis_cb.dis_read_uuid_idx = 0xff; 169 170 srvc_eng_release_channel(conn_id); 171 172 if (dis_cb.p_read_dis_cback && p_clcb) 173 { 174 GATT_TRACE_ERROR1("dis_gatt_c_read_dis_value_cmpl: attr_mask = 0x%04x", p_clcb->dis_value.attr_mask); 175 GATT_TRACE_EVENT0("calling p_read_dis_cbackd"); 176 177 (*dis_cb.p_read_dis_cback)(p_clcb->bda, &p_clcb->dis_value); 178 dis_cb.p_read_dis_cback=NULL; 179 } 180 181} 182 183/******************************************************************************* 184** 185** Function dis_gatt_c_read_dis_req 186** 187** Description Read remote device DIS attribute request. 188** 189** Returns void 190** 191*******************************************************************************/ 192BOOLEAN dis_gatt_c_read_dis_req(UINT16 conn_id) 193{ 194 tGATT_READ_PARAM param; 195 196 memset(¶m, 0, sizeof(tGATT_READ_PARAM)); 197 198 param.service.uuid.len = LEN_UUID_16; 199 param.service.s_handle = 1; 200 param.service.e_handle = 0xFFFF; 201 param.service.auth_req = 0; 202 203 while (dis_cb.dis_read_uuid_idx < DIS_MAX_CHAR_NUM) 204 { 205 param.service.uuid.uu.uuid16 = dis_attr_uuid[dis_cb.dis_read_uuid_idx]; 206 207 if (GATTC_Read(conn_id, GATT_READ_BY_TYPE, ¶m) == GATT_SUCCESS) 208 { 209 return(TRUE); 210 } 211 else 212 { 213 GATT_TRACE_ERROR1 ("Read DISInfo: 0x%04x GATT_Read Failed", param.service.uuid.uu.uuid16); 214 dis_cb.dis_read_uuid_idx ++; 215 } 216 } 217 218 dis_gatt_c_read_dis_value_cmpl(conn_id); 219 220 return(FALSE); 221} 222 223/******************************************************************************* 224** 225** Function dis_c_cmpl_cback 226** 227** Description Client operation complete callback. 228** 229** Returns void 230** 231*******************************************************************************/ 232void dis_c_cmpl_cback (tSRVC_CLCB *p_clcb, tGATTC_OPTYPE op, 233 tGATT_STATUS status, tGATT_CL_COMPLETE *p_data) 234{ 235 UINT16 read_type = dis_attr_uuid[dis_cb.dis_read_uuid_idx]; 236 UINT8 *pp = NULL, *p_str; 237 UINT16 conn_id = p_clcb->conn_id; 238 239 GATT_TRACE_EVENT3 ("dis_c_cmpl_cback() - op_code: 0x%02x status: 0x%02x \ 240 read_type: 0x%04x", op, status, read_type); 241 242 if (op != GATTC_OPTYPE_READ) 243 return; 244 245 if (p_data != NULL && status == GATT_SUCCESS) 246 { 247 pp = p_data->att_value.value; 248 249 switch (read_type) 250 { 251 case GATT_UUID_SYSTEM_ID: 252 GATT_TRACE_EVENT0 ("DIS_ATTR_SYS_ID_BIT"); 253 if (p_data->att_value.len == DIS_SYSTEM_ID_SIZE) 254 { 255 p_clcb->dis_value.attr_mask |= DIS_ATTR_SYS_ID_BIT; 256 /* save system ID*/ 257 STREAM_TO_UINT64 (p_clcb->dis_value.system_id, pp); 258 } 259 break; 260 261 case GATT_UUID_PNP_ID: 262 if (p_data->att_value.len == DIS_PNP_ID_SIZE) 263 { 264 p_clcb->dis_value.attr_mask |= DIS_ATTR_PNP_ID_BIT; 265 STREAM_TO_UINT8 (p_clcb->dis_value.pnp_id.vendor_id_src, pp); 266 STREAM_TO_UINT16 (p_clcb->dis_value.pnp_id.vendor_id, pp); 267 STREAM_TO_UINT16 (p_clcb->dis_value.pnp_id.product_id, pp); 268 STREAM_TO_UINT16 (p_clcb->dis_value.pnp_id.product_version, pp); 269 } 270 break; 271 272 case GATT_UUID_MODEL_NUMBER_STR: 273 case GATT_UUID_SERIAL_NUMBER_STR: 274 case GATT_UUID_FW_VERSION_STR: 275 case GATT_UUID_HW_VERSION_STR: 276 case GATT_UUID_SW_VERSION_STR: 277 case GATT_UUID_MANU_NAME: 278 case GATT_UUID_IEEE_DATA: 279 p_str = p_clcb->dis_value.data_string[read_type - GATT_UUID_MODEL_NUMBER_STR]; 280 if (p_str != NULL) 281 GKI_freebuf(p_str); 282 if ((p_str = (UINT8 *)GKI_getbuf((UINT16)(p_data->att_value.len + 1))) != NULL) 283 { 284 memset(p_str, 0, p_data->att_value.len + 1); 285 p_clcb->dis_value.attr_mask |= DIS_UUID_TO_ATTR_MASK (read_type); 286 memcpy(p_str, p_data->att_value.value, p_data->att_value.len); 287 } 288 break; 289 290 default: 291 break; 292 293 break; 294 }/* end switch */ 295 }/* end if */ 296 297 dis_cb.dis_read_uuid_idx ++; 298 299 dis_gatt_c_read_dis_req(conn_id); 300} 301 302 303/******************************************************************************* 304** 305** Function DIS_SrInit 306** 307** Description Initializa the Device Information Service Server. 308** 309*******************************************************************************/ 310tDIS_STATUS DIS_SrInit (tDIS_ATTR_MASK dis_attr_mask) 311{ 312 tBT_UUID uuid = {LEN_UUID_16, {UUID_SERVCLASS_DEVICE_INFO}}; 313 UINT16 i = 0; 314 tGATT_STATUS status; 315 tDIS_DB_ENTRY *p_db_attr = &dis_cb.dis_attr[0]; 316 317 if (dis_cb.enabled) 318 { 319 GATT_TRACE_ERROR0("DIS already initalized"); 320 return DIS_SUCCESS; 321 } 322 323 memset(&dis_cb, 0, sizeof(tDIS_CB)); 324 325 dis_cb.service_handle = GATTS_CreateService (srvc_eng_cb.gatt_if , &uuid, 0, DIS_MAX_ATTR_NUM, TRUE); 326 327 if (dis_cb.service_handle == 0) 328 { 329 GATT_TRACE_ERROR0("Can not create service, DIS_Init failed!"); 330 return GATT_ERROR; 331 } 332 dis_cb.max_handle = dis_cb.service_handle + DIS_MAX_ATTR_NUM; 333 334 while (dis_attr_mask != 0 && i < DIS_MAX_CHAR_NUM) 335 { 336 /* add Manufacturer name 337 */ 338 uuid.uu.uuid16 = p_db_attr->uuid = dis_attr_uuid[i]; 339 p_db_attr->handle = GATTS_AddCharacteristic(dis_cb.service_handle, &uuid, GATT_PERM_READ, GATT_CHAR_PROP_BIT_READ); 340 GATT_TRACE_DEBUG2 ("DIS_SrInit: handle of new attribute 0x%04 = x%d", uuid.uu.uuid16, p_db_attr->handle ); 341 p_db_attr ++; 342 i ++; 343 dis_attr_mask >>= 1; 344 } 345 346 /* start service 347 */ 348 status = GATTS_StartService (srvc_eng_cb.gatt_if, dis_cb.service_handle, GATT_TRANSPORT_LE_BR_EDR); 349 350 dis_cb.enabled = TRUE; 351 352 return (tDIS_STATUS) status; 353} 354/******************************************************************************* 355** 356** Function DIS_SrUpdate 357** 358** Description Update the DIS server attribute values 359** 360*******************************************************************************/ 361tDIS_STATUS DIS_SrUpdate(tDIS_ATTR_BIT dis_attr_bit, tDIS_ATTR *p_info) 362{ 363 UINT8 i = 1; 364 tDIS_STATUS st = DIS_SUCCESS; 365 366 if (dis_attr_bit & DIS_ATTR_SYS_ID_BIT) 367 { 368 dis_cb.dis_value.system_id = p_info->system_id; 369 } 370 else if (dis_attr_bit & DIS_ATTR_PNP_ID_BIT) 371 { 372 dis_cb.dis_value.pnp_id.vendor_id = p_info->pnp_id.vendor_id; 373 dis_cb.dis_value.pnp_id.vendor_id_src = p_info->pnp_id.vendor_id_src; 374 dis_cb.dis_value.pnp_id.product_id = p_info->pnp_id.product_id; 375 dis_cb.dis_value.pnp_id.product_version = p_info->pnp_id.product_version; 376 } 377 else 378 { 379 st = DIS_ILLEGAL_PARAM; 380 381 while (dis_attr_bit && i < (DIS_MAX_CHAR_NUM -1 )) 382 { 383 if (dis_attr_bit & (UINT16)(1 << i)) 384 { 385 if (dis_cb.dis_value.data_string[i - 1] != NULL) 386 GKI_freebuf(dis_cb.dis_value.data_string[i]); 387/* coverity[OVERRUN-STATIC] False-positive : when i = 8, (1 << i) == DIS_ATTR_PNP_ID_BIT, and it will never come down here 388CID 49902: Out-of-bounds read (OVERRUN_STATIC) 389Overrunning static array "dis_cb.dis_value.data_string", with 7 elements, at position 7 with index variable "i". 390*/ 391 if ((dis_cb.dis_value.data_string[i - 1] = (UINT8 *)GKI_getbuf((UINT16)(p_info->data_str.len + 1))) != NULL) 392 { 393 memset(dis_cb.dis_value.data_string[i - 1], 0, p_info->data_str.len + 1); /* make sure null terminate */ 394 memcpy(dis_cb.dis_value.data_string[i - 1], p_info->data_str.p_data, p_info->data_str.len); 395 st = DIS_SUCCESS; 396 } 397 else 398 st = DIS_NO_RESOURCES; 399 400 break; 401 } 402 i ++; 403 } 404 } 405 return st; 406} 407/******************************************************************************* 408** 409** Function DIS_ReadDISInfo 410** 411** Description Read remote device DIS information. 412** 413** Returns void 414** 415*******************************************************************************/ 416BOOLEAN DIS_ReadDISInfo(BD_ADDR peer_bda, tDIS_READ_CBACK *p_cback) 417{ 418 UINT16 conn_id; 419 420 /* For now we only handle one at a time */ 421 if (dis_cb.dis_read_uuid_idx != 0xff) 422 return(FALSE); 423 424 if (p_cback == NULL) 425 return(FALSE); 426 427 dis_cb.p_read_dis_cback = p_cback; 428 /* Mark currently active operation */ 429 dis_cb.dis_read_uuid_idx = 0; 430 431 GATT_TRACE_EVENT3 ("DIS_ReadDISInfo() - BDA: %08x%04x cl_read_uuid: 0x%04x", 432 (peer_bda[0]<<24)+(peer_bda[1]<<16)+(peer_bda[2]<<8)+peer_bda[3], 433 (peer_bda[4]<<8)+peer_bda[5], dis_attr_uuid[dis_cb.dis_read_uuid_idx]); 434 435 436 GATT_GetConnIdIfConnected(srvc_eng_cb.gatt_if, peer_bda, &conn_id); 437 438 /* need to enhance it as multiple service is needed */ 439 srvc_eng_request_channel(peer_bda, SRVC_ID_DIS); 440 441 if (conn_id == GATT_INVALID_CONN_ID) 442 { 443 return GATT_Connect(srvc_eng_cb.gatt_if, peer_bda, TRUE); 444 } 445 446 return dis_gatt_c_read_dis_req(conn_id); 447 448} 449#endif /* BLE_INCLUDED */ 450 451 452