| 5fe6f0cf6b223e3ed6be4912d55b3ed5b41ce0cd |
|
06-Feb-2016 |
Pavlin Radoslavov <pavlin@google.com> |
Removed checks for NULL returns after osi_calloc() / osi_malloc()
Removed explicit checks for NULL pointer returns after calls
to osi_calloc() and osi_malloc(), because those are not needed.
If the memory allocation fails, osi_calloc() and osi_malloc()
will trigger an assert.
Bug: 27048759
Change-Id: I2791eb2f69c08f991f8fcdef10e101a41568cd95
/system/bt/stack/sdp/sdp_server.c
|
| abd70abb5e42c9431df94fe9d2c4a78a0d8d9af9 |
|
05-Feb-2016 |
Pavlin Radoslavov <pavlin@google.com> |
Replaced osi_getbuf()/osi_freebuf() with osi_malloc()/osi_free()
Removed the alternative buffer allocation osi_getbuf() / osi_freebuf()
and use instead osi_malloc() / osi_free().
Correspondingly, replaced usage of osi_freebuf_and_reset()
with osi_free_and_reset().
Bug: 24914560
Change-Id: I7a9599ba7fa900321f087da684428133eb0ddd6b
/system/bt/stack/sdp/sdp_server.c
|
| ca57b25df827286c4996e17aefc251ecd79b33fc |
|
05-Feb-2016 |
Pavlin Radoslavov <pavlin@google.com> |
Removed function osi_get_buf_size()
Refactored code that uses function osi_get_buf_size(), and removed
the need for that function.
Bug: 24914560
Change-Id: I0d002635024a9703acb78f47735aafc957a2b761
/system/bt/stack/sdp/sdp_server.c
|
| 20524d393e8b3bea4c573f7980cd843500b0e6a4 |
|
03-Feb-2016 |
Pavlin Radoslavov <pavlin@google.com> |
Refactor usage of osi_free() and osi_freebuf()
* Allow to call osi_freebuf(ptr) on NULL pointers. This simplifies
the code: a notable number of "if (foo != NULL)" checks are removed.
* Add new function osi_free_and_reset(p_ptr) that frees the buffer,
and explicitly resets the pointer to NULL.
This prevents unintended usage of free memory.
* Add corresponding function osi_freebuf_and_reset(p_ptr)
* Minor cleanup around usages of osi_free() and osi_freebuf()
Also:
* Removed unused function btif_gattc_cleanup()
* Replaced usage of the following functions with osi_freebuf_and_reset()
- mca_free_buf()
- utl_freebuf()
- btif_hl_free_buf()
* Replaced usage of rc_supported_event_free() with osi_freebuf()
* Replaced usage of btif_hl_get_buf() with osi_getbuf()
* Eliminate some of the osi_get_buf_size() calls
Bug: 22948224
Change-Id: Ife860658b26274da6f228d7353cb0f1531587337
/system/bt/stack/sdp/sdp_server.c
|
| 78bcff79e1b1f0efce436b33bdd6da88745bfc8a |
|
05-Dec-2015 |
Pavlin Radoslavov <pavlin@google.com> |
Refactor the Bluetooth timers
* Updated the alarm API:
- Existing API alarm_new() is modified to take an alarm name
as an argument.
- New API alarm_new_periodic() is used to create a periodic
alarm.
- Added new API alarm_is_scheduled() to test whether an alarm is
scheduled.
- Existing API alarm_set_periodic() is removed: a periodic
alarm is created by alarm_new_periodic().
- Added new API alarm_set_on_queue() to set an alarm whose
callback is executed on a specific queue.
- Added new API alarm_register_processing_queue() and
alarm_unregister_processing_queue() to register/unregister
a queue and the corresponding thread for alarm processing.
- Added corresponding unit tests.
* Updated the alarm internals:
- Added alarm_info_t for collecting alarm-related information
and statistics.
- Collect and store alarm-related statistics into alarm_info_t
per alarm.
- Include the alarm-related statistics and info into the native
dumpsys output for Bluetooth.
- Once an alarm expires, the alarm execution is scheduled for
processing on another internal alarm-specific thread, not
on the thread that is maintaining the alarms.
- Implemented callback execution ordering guarantee among
timers on the same thread with exactly same timeout values.
* Refactor some of the usage of alarm_set() and simplify the
code by using alarm_set_on_queue() instead.
* Removed the non_repeating timers wrapper, and use directly
the alarm mechanism / API.
* Refactored all timer_entry_t timers and replaced them with alarm_t
timers:
- Replaced the btu_start_timer() / btu_stop_timer() /
btu_start_quick_timer() / btu_stop_quick_timer() /
btu_oneshot_alarm() mechanism with alarm_set_on_queue() and
alarm_cancel()
- Removed the whole mechanism around the BTU_TTYPE_* timers.
* Fixed a bug when processing the GATT indication confirmation timer
expiration (timer tGATT_TCB.conf_timer: b/26610829).
* Renamed and/or split misc. timeout functions, fields, and timers
* Renamed time-related constants and changed the values from seconds
to milliseconds
* Replaced timer tAVDT_CCB.timer_entry with three mutually exclusive timers:
idle_ccb_timer, ret_ccb_timer, rsp_ccb_timer
The reason we are using three timers, is because in the original code
function avdt_ccb_chk_timer() used the timer type in its logic: it
would stop the timer only if the type is "idle".
* Removed btm_ble_timeout() and replaced it with multiple timeout
callback functions (per timer)
* Fix the actual value of the global constant BT_1SEC_TIMEOUT and
rename it to BT_1SEC_TIMEOUT_MS
* Removed btu_cb and associated timers and events, because they are
never used.
* Removed unused timers, functions, struct and declarations that are
not used / needed.
Bug: 26611369
Bug: 26610829
Change-Id: I812c8c31710a5daefc58b01fcf35c353768f390f
/system/bt/stack/sdp/sdp_server.c
|
| 258c2538e3b62a8cdb403f2730c45d721e5292b4 |
|
28-Sep-2015 |
Pavlin Radoslavov <pavlin@google.com> |
GKI cleanup - moved GKI buffer allocation wrappers to OSI
* Moved the following GKI buffer allocation functions to OSI:
- GKI_getbuf() -> osi_getbuf()
- GKI_freebuf() -> osi_freebuf()
- GKI_get_buf_size() -> osi_get_buf_size()
For now we need the osi_getbuf() / osi_freebuf() allocation wrapper,
because we need to be able to call osi_get_buf_size() on the allocated
buffer.
In the future those should be replaced with osi_malloc() / osi_free().
Currently, the osi_malloc() buffer size internal allocation tracker
does not always track the size, hence we need the osi_getbuf() wrapper.
* Replaced GKI_MAX_BUF_SIZE with BT_DEFAULT_BUFFER_SIZE
* Added new file include/bt_common.h that can be usee to include
few files that should be included alost everywhere (e.g. bt_target.h"
NOTE: This file might be removed in the future and we should include
everywhere the right set of header files.
* Removed some of the GKI-related references
* Removed file include/gki_target.h
Change-Id: Ie87830e73143de200746d54235aa99f228a95024
/system/bt/stack/sdp/sdp_server.c
|
| 2e3d006b96eafb0651fe7f78d28250faf89405de |
|
18-Sep-2015 |
Pavlin Radoslavov <pavlin@google.com> |
GKI cleanup - Eliminate usage of pool buffers
* Replace usage of function GKI_getpoolbuf() with GKI_getbuf()
* Remove usage of function GKI_poolutilization()
* Remove usage of function GKI_poolfreecount()
Change-Id: Ide938192b878bbfb4912642c903fce548f2b5368
/system/bt/stack/sdp/sdp_server.c
|
| c0532307d35ac86f5427243809f2c98b4fd8cacd |
|
22-Dec-2014 |
Srinu Jella <sjella@codeaurora.org> |
Allocated requested buffer size in SDP attribute request
Use case: Allocated required GKI buf in sdp attr req
1. Enter UUID - 0100 for L2CAP or 110C for AVRCP Target so DUT sends
continuation frame for TSPX_sdp_service_search_pattern on PTS
2. Start Test case TP/SSA/BV-06 in PTSv6.0
Failure: Some PTS test cases request less attributes in first packet
and request more attributes in continuation packets.
As stack allocates the buf in start packet and using the same
buf in continuation packets, it's causing buffer corruption and crash
Root cause: Buffer allocated for start packet is not sufficient
in continuation packets
Fix: Fixing this issue by dynamically allocating buffer in continuation
packets of service_search_attr_req and service_attr_req
Bug: 21896912
Change-Id: I8daeffb7d6486c7b916ad2f0505ad422d91a613c
/system/bt/stack/sdp/sdp_server.c
|
| f751ba93654563f55cf5bd9a9ee8fe77da125743 |
|
04-Apr-2015 |
Simon Wilson <simonwilson@google.com> |
am 3f7ec12b: am dc69e2d5: GAP: Reset cont_offset in start frame of SDP
* commit '3f7ec12b23f9288d15e1392b67c30482f7db3afc':
GAP: Reset cont_offset in start frame of SDP
|
| dc69e2d5348de2ef64ac7f335a503a63c7cca0e6 |
|
03-Apr-2015 |
Simon Wilson <simonwilson@google.com> |
GAP: Reset cont_offset in start frame of SDP
If cont_offset of ccb is not reset in start frame, it's
appending previous SDP service search offset also to
current offset. Service search goes in a loop and
leads to crash on array index out of bounds.
Bug: 19810285
Change-Id: Ifee174555593f4df669977b74ce3725c75c9b426
/system/bt/stack/sdp/sdp_server.c
|
| 107660fcceaba6632b64fcba1864a51da9ad3a9c |
|
24-Sep-2013 |
Kim Schulz <k.schulz@samsung.com> |
SDP parameter checks too loose
SDP Server's client req handler currently only check that the parameter length field does not indicate the parameters to excite the packet length. Sending SDP PDUs with
- fixed sdp_server_client_req to also check for length filed
If an invalid SDP Service Search Request Packet has the continuation info length field set to SDP_CONTINUATION_LEN, but does not contain any continuation information, the SDP server should answer with SDP_INVALID_CONT_STATE.
- fixed process_service_search so the length field is correctly checked
- fixed possible access to 2 bytes of memory outside the packet boundry
Bug: 10904535
Change-Id: I41fd021327fbf4f810ee4319bc95fa0dba0b48df
/system/bt/stack/sdp/sdp_server.c
|
| 54966dcf830fb54b6b8221583470e3e78768d4c5 |
|
15-Nov-2014 |
Sharvil Nanavati <sharvil@google.com> |
Fix bug in SDP server where it would get into an infinite loop.
If the SDP database is mutated while a client is fetching SDP records,
we can end up in an infinite request/response loop. Specifically, if
an SDP record is deleted after a client has received the first fragment
of a multi-fragment response, the server will not be able to complete
the request. Instead, it will return the same continuation token back
to the client which will request the next fragment and the server,
again, will return the same continuation token. This process repeats
forever, resulting in a large amount of unncessary BT traffic and
power costs on both devices.
Unfortunately, this seems to be a design flaw in the current SDP
server implementation. This change simply detects the above condition
and aborts the transaction entirely by returning an error to the
client. Future changes will eliminate this class of problem entirely.
/system/bt/stack/sdp/sdp_server.c
|
| 86225e4a1489a73dc25473b58ef0d25ac53cec63 |
|
23-Jan-2014 |
Hemant Gupta <hemantg@codeaurora.org> |
GAP: Handle invalid SDP service search request
Handled the invalid SDP service search request by responding
with SDP_INVALID_REQ_SYNTAX.
Change-Id: Ide3e28bf552f75a915acc3dbb24fcee0b4cce9bb
/system/bt/stack/sdp/sdp_server.c
|
| a51c9d9d225e41fe36a0133f1c17fd981ea59c1d |
|
04-May-2014 |
Sharvil Nanavati <sharvil@google.com> |
Logging cleanup: L2CAP and SDP.
Change-Id: I62b5d4f330312dc466a758cb554952017f899696
/system/bt/stack/sdp/sdp_server.c
|
| 3a55ec216948d28224d3ab0d38fb8697daeed3e5 |
|
07-Feb-2014 |
Zhihai Xu <zhihaixu@google.com> |
SDP: Allocate proper sized scratch buffer for SDP response
The buffer allocated for attribute response is being reused
for subsequent requests for an SDP connection. Check the
buffer size before using for subsequent requests and
reallocate if required.
Change-Id: Ib00aff2c4512192c29265cf0adb89e380adf0b35
/system/bt/stack/sdp/sdp_server.c
|
| 5cd8bff2dd0337cb52bf48f312e3d2d55a8882fb |
|
01-Feb-2014 |
Mike J. Chen <mjchen@google.com> |
Major warnings cleanup
Mostly fixing unused parameter warnings.
A few other warnings also fixed like possible use of
unitialized variables (no real issue found, just compiler couldn't
follow the path), signed vs unsigned warning.
Also fixed some typos, indent issues, removal of dead code, etc.
Change-Id: I95eb887aefc4d559d7921f71a0af5f3bfb01ac01
Signed-off-by: Mike J. Chen <mjchen@google.com>
/system/bt/stack/sdp/sdp_server.c
|
| ead3cde4bac0c3e32cd31f149093f004eef8ceeb |
|
06-Feb-2013 |
Ganesh Ganapathi Batta <ganeshg@broadcom.com> |
Initial version of BLE support for Bluedroid
Change-Id: I9825a5cef9be2559c34c2a529b211b7d471147cf
/system/bt/stack/sdp/sdp_server.c
|
| 5738f83aeb59361a0a2eda2460113f6dc9194271 |
|
13-Dec-2012 |
The Android Open Source Project <initial-contribution@android.com> |
Snapshot cdeccf6fdd8c2d494ea2867cb37a025bf8879baf
Change-Id: Ia2de32ccb97a9641462c72363b0a8c4288f4f36d
/system/bt/stack/sdp/sdp_server.c
|