srvc_dis.cc revision ee96a3c60fca590d38025925c072d264e06493c4
1/****************************************************************************** 2 * 3 * Copyright (C) 1999-2013 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19#define LOG_TAG "bt_srvc" 20 21#include "bt_target.h" 22#include "bt_utils.h" 23#include "gatt_api.h" 24#include "gatt_int.h" 25#include "osi/include/log.h" 26#include "osi/include/osi.h" 27#include "srvc_dis_int.h" 28#include "srvc_eng_int.h" 29#include "btcore/include/uuid.h" 30 31#define DIS_MAX_NUM_INC_SVR 0 32#define DIS_MAX_CHAR_NUM 9 33#define DIS_MAX_ATTR_NUM (DIS_MAX_CHAR_NUM * 2 + DIS_MAX_NUM_INC_SVR + 1) 34 35#ifndef DIS_ATTR_DB_SIZE 36#define DIS_ATTR_DB_SIZE GATT_DB_MEM_SIZE(DIS_MAX_NUM_INC_SVR, DIS_MAX_CHAR_NUM, 0) 37#endif 38 39#define uint64_t_TO_STREAM(p, u64) {*(p)++ = (uint8_t)(u64); *(p)++ = (uint8_t)((u64) >> 8);*(p)++ = (uint8_t)((u64) >> 16); *(p)++ = (uint8_t)((u64) >> 24); \ 40 *(p)++ = (uint8_t)((u64) >> 32); *(p)++ = (uint8_t)((u64) >> 40);*(p)++ = (uint8_t)((u64) >> 48); *(p)++ = (uint8_t)((u64) >> 56);} 41 42#define STREAM_TO_UINT64(u64, p) {(u64) = (((uint64_t)(*(p))) + ((((uint64_t)(*((p) + 1)))) << 8) + ((((uint64_t)(*((p) + 2)))) << 16) + ((((uint64_t)(*((p) + 3)))) << 24) \ 43 + ((((uint64_t)(*((p) + 4)))) << 32) + ((((uint64_t)(*((p) + 5)))) << 40) + ((((uint64_t)(*((p) + 6)))) << 48) + ((((uint64_t)(*((p) + 7)))) << 56)); (p) += 8;} 44 45static const uint16_t dis_attr_uuid[DIS_MAX_CHAR_NUM] = 46{ 47 GATT_UUID_SYSTEM_ID, 48 GATT_UUID_MODEL_NUMBER_STR, 49 GATT_UUID_SERIAL_NUMBER_STR, 50 GATT_UUID_FW_VERSION_STR, 51 GATT_UUID_HW_VERSION_STR, 52 GATT_UUID_SW_VERSION_STR, 53 GATT_UUID_MANU_NAME, 54 GATT_UUID_IEEE_DATA, 55 GATT_UUID_PNP_ID 56}; 57 58tDIS_CB dis_cb; 59 60static tDIS_ATTR_MASK dis_uuid_to_attr(uint16_t uuid) 61{ 62 switch (uuid) 63 { 64 case GATT_UUID_SYSTEM_ID: 65 return DIS_ATTR_SYS_ID_BIT; 66 case GATT_UUID_MODEL_NUMBER_STR: 67 return DIS_ATTR_MODEL_NUM_BIT; 68 case GATT_UUID_SERIAL_NUMBER_STR: 69 return DIS_ATTR_SERIAL_NUM_BIT; 70 case GATT_UUID_FW_VERSION_STR: 71 return DIS_ATTR_FW_NUM_BIT; 72 case GATT_UUID_HW_VERSION_STR: 73 return DIS_ATTR_HW_NUM_BIT; 74 case GATT_UUID_SW_VERSION_STR: 75 return DIS_ATTR_SW_NUM_BIT; 76 case GATT_UUID_MANU_NAME: 77 return DIS_ATTR_MANU_NAME_BIT; 78 case GATT_UUID_IEEE_DATA: 79 return DIS_ATTR_IEEE_DATA_BIT; 80 case GATT_UUID_PNP_ID: 81 return DIS_ATTR_PNP_ID_BIT; 82 default: 83 return 0; 84 }; 85} 86 87/******************************************************************************* 88 * dis_valid_handle_range 89 * 90 * validate a handle to be a DIS attribute handle or not. 91 ******************************************************************************/ 92bool dis_valid_handle_range(uint16_t handle) 93{ 94 if (handle >= dis_cb.service_handle && handle <= dis_cb.max_handle) 95 return true; 96 else 97 return false; 98} 99/******************************************************************************* 100 * dis_write_attr_value 101 * 102 * Process write DIS attribute request. 103 ******************************************************************************/ 104uint8_t dis_write_attr_value(UNUSED_ATTR tGATT_WRITE_REQ *p_data, tGATT_STATUS *p_status) 105{ 106 *p_status = GATT_WRITE_NOT_PERMIT; 107 return SRVC_ACT_RSP; 108} 109/******************************************************************************* 110 * DIS Attributes Database Server Request callback 111 ******************************************************************************/ 112uint8_t dis_read_attr_value (UNUSED_ATTR uint8_t clcb_idx, uint16_t handle, 113 tGATT_VALUE *p_value, 114 bool is_long, tGATT_STATUS *p_status) 115{ 116 tDIS_DB_ENTRY *p_db_attr = dis_cb.dis_attr; 117 uint8_t *p = p_value->value, i, *pp; 118 uint16_t offset = p_value->offset; 119 uint8_t act = SRVC_ACT_RSP; 120 tGATT_STATUS st = GATT_NOT_FOUND; 121 122 for (i = 0; i < DIS_MAX_CHAR_NUM; i ++, p_db_attr ++) 123 { 124 if (handle == p_db_attr->handle) 125 { 126 if ((p_db_attr->uuid == GATT_UUID_PNP_ID || p_db_attr->uuid == GATT_UUID_SYSTEM_ID)&& 127 is_long == true) 128 { 129 st = GATT_NOT_LONG; 130 break; 131 } 132 st = GATT_SUCCESS; 133 134 switch (p_db_attr->uuid) 135 { 136 case GATT_UUID_MANU_NAME: 137 case GATT_UUID_MODEL_NUMBER_STR: 138 case GATT_UUID_SERIAL_NUMBER_STR: 139 case GATT_UUID_FW_VERSION_STR: 140 case GATT_UUID_HW_VERSION_STR: 141 case GATT_UUID_SW_VERSION_STR: 142 case GATT_UUID_IEEE_DATA: 143 pp = dis_cb.dis_value.data_string[p_db_attr->uuid - GATT_UUID_MODEL_NUMBER_STR]; 144 if (pp != NULL) 145 { 146 if (strlen ((char *)pp) > GATT_MAX_ATTR_LEN) 147 p_value->len = GATT_MAX_ATTR_LEN; 148 else 149 p_value->len = (uint16_t)strlen ((char *)pp); 150 } 151 else 152 p_value->len = 0; 153 154 if (offset > p_value->len) 155 { 156 st = GATT_INVALID_OFFSET; 157 break; 158 } 159 else 160 { 161 p_value->len -= offset; 162 pp += offset; 163 ARRAY_TO_STREAM(p, pp, p_value->len); 164 GATT_TRACE_EVENT("GATT_UUID_MANU_NAME len=0x%04x", p_value->len); 165 } 166 break; 167 168 case GATT_UUID_SYSTEM_ID: 169 uint64_t_TO_STREAM(p, dis_cb.dis_value.system_id); /* int_min */ 170 p_value->len = DIS_SYSTEM_ID_SIZE; 171 break; 172 173 case GATT_UUID_PNP_ID: 174 UINT8_TO_STREAM(p, dis_cb.dis_value.pnp_id.vendor_id_src); 175 UINT16_TO_STREAM(p, dis_cb.dis_value.pnp_id.vendor_id); 176 UINT16_TO_STREAM(p, dis_cb.dis_value.pnp_id.product_id); 177 UINT16_TO_STREAM(p, dis_cb.dis_value.pnp_id.product_version); 178 p_value->len = DIS_PNP_ID_SIZE; 179 break; 180 181 } 182 break; 183 } 184 } 185 *p_status = st; 186 return act; 187} 188 189/******************************************************************************* 190 * 191 * Function dis_gatt_c_read_dis_value_cmpl 192 * 193 * Description Client read DIS database complete callback. 194 * 195 * Returns void 196 * 197 ******************************************************************************/ 198static void dis_gatt_c_read_dis_value_cmpl(uint16_t conn_id) 199{ 200 tSRVC_CLCB *p_clcb = srvc_eng_find_clcb_by_conn_id(conn_id); 201 202 dis_cb.dis_read_uuid_idx = 0xff; 203 204 srvc_eng_release_channel(conn_id); 205 206 if (dis_cb.p_read_dis_cback && p_clcb) 207 { 208 LOG_INFO(LOG_TAG, "%s conn_id:%d attr_mask = 0x%04x", __func__, conn_id, 209 p_clcb->dis_value.attr_mask); 210 211 (*dis_cb.p_read_dis_cback)(p_clcb->bda, &p_clcb->dis_value); 212 dis_cb.p_read_dis_cback = NULL; 213 } 214} 215 216/******************************************************************************* 217 * 218 * Function dis_gatt_c_read_dis_req 219 * 220 * Description Read remote device DIS attribute request. 221 * 222 * Returns void 223 * 224 ******************************************************************************/ 225bool dis_gatt_c_read_dis_req(uint16_t conn_id) 226{ 227 tGATT_READ_PARAM param; 228 229 memset(¶m, 0, sizeof(tGATT_READ_PARAM)); 230 231 param.service.uuid.len = LEN_UUID_16; 232 param.service.s_handle = 1; 233 param.service.e_handle = 0xFFFF; 234 param.service.auth_req = 0; 235 236 while (dis_cb.dis_read_uuid_idx < DIS_MAX_CHAR_NUM) 237 { 238 if (dis_uuid_to_attr(dis_attr_uuid[dis_cb.dis_read_uuid_idx]) & 239 dis_cb.request_mask) 240 { 241 param.service.uuid.uu.uuid16 = dis_attr_uuid[dis_cb.dis_read_uuid_idx]; 242 243 if (GATTC_Read(conn_id, GATT_READ_BY_TYPE, ¶m) == GATT_SUCCESS) 244 return true; 245 246 GATT_TRACE_ERROR ("Read DISInfo: 0x%04x GATT_Read Failed", param.service.uuid.uu.uuid16); 247 } 248 249 dis_cb.dis_read_uuid_idx++; 250 } 251 252 dis_gatt_c_read_dis_value_cmpl(conn_id); 253 254 return(false); 255} 256 257/******************************************************************************* 258 * 259 * Function dis_c_cmpl_cback 260 * 261 * Description Client operation complete callback. 262 * 263 * Returns void 264 * 265 ******************************************************************************/ 266void dis_c_cmpl_cback (tSRVC_CLCB *p_clcb, tGATTC_OPTYPE op, 267 tGATT_STATUS status, tGATT_CL_COMPLETE *p_data) 268{ 269 uint16_t read_type = dis_attr_uuid[dis_cb.dis_read_uuid_idx]; 270 uint8_t *pp = NULL, *p_str; 271 uint16_t conn_id = p_clcb->conn_id; 272 273 GATT_TRACE_EVENT ("dis_c_cmpl_cback() - op_code: 0x%02x status: 0x%02x \ 274 read_type: 0x%04x", op, status, read_type); 275 276 if (op != GATTC_OPTYPE_READ) 277 return; 278 279 if (p_data != NULL && status == GATT_SUCCESS) 280 { 281 pp = p_data->att_value.value; 282 283 switch (read_type) 284 { 285 case GATT_UUID_SYSTEM_ID: 286 GATT_TRACE_EVENT ("DIS_ATTR_SYS_ID_BIT"); 287 if (p_data->att_value.len == DIS_SYSTEM_ID_SIZE) 288 { 289 p_clcb->dis_value.attr_mask |= DIS_ATTR_SYS_ID_BIT; 290 /* save system ID*/ 291 STREAM_TO_UINT64 (p_clcb->dis_value.system_id, pp); 292 } 293 break; 294 295 case GATT_UUID_PNP_ID: 296 if (p_data->att_value.len == DIS_PNP_ID_SIZE) 297 { 298 p_clcb->dis_value.attr_mask |= DIS_ATTR_PNP_ID_BIT; 299 STREAM_TO_UINT8 (p_clcb->dis_value.pnp_id.vendor_id_src, pp); 300 STREAM_TO_UINT16 (p_clcb->dis_value.pnp_id.vendor_id, pp); 301 STREAM_TO_UINT16 (p_clcb->dis_value.pnp_id.product_id, pp); 302 STREAM_TO_UINT16 (p_clcb->dis_value.pnp_id.product_version, pp); 303 } 304 break; 305 306 case GATT_UUID_MODEL_NUMBER_STR: 307 case GATT_UUID_SERIAL_NUMBER_STR: 308 case GATT_UUID_FW_VERSION_STR: 309 case GATT_UUID_HW_VERSION_STR: 310 case GATT_UUID_SW_VERSION_STR: 311 case GATT_UUID_MANU_NAME: 312 case GATT_UUID_IEEE_DATA: 313 p_str = p_clcb->dis_value.data_string[read_type - GATT_UUID_MODEL_NUMBER_STR]; 314 osi_free(p_str); 315 p_str = (uint8_t *)osi_malloc(p_data->att_value.len + 1); 316 p_clcb->dis_value.attr_mask |= dis_uuid_to_attr(read_type); 317 memcpy(p_str, p_data->att_value.value, p_data->att_value.len); 318 p_str[p_data->att_value.len] = 0; 319 p_clcb->dis_value.data_string[read_type - GATT_UUID_MODEL_NUMBER_STR] = p_str; 320 break; 321 322 default: 323 break; 324 325 break; 326 }/* end switch */ 327 }/* end if */ 328 329 dis_cb.dis_read_uuid_idx ++; 330 331 dis_gatt_c_read_dis_req(conn_id); 332} 333 334/******************************************************************************* 335 * 336 * Function DIS_SrInit 337 * 338 * Description Initialize the Device Information Service Server. 339 * 340 ******************************************************************************/ 341tDIS_STATUS DIS_SrInit (tDIS_ATTR_MASK dis_attr_mask) 342{ 343 tGATT_STATUS status; 344 345 if (dis_cb.enabled) { 346 GATT_TRACE_ERROR("DIS already initalized"); 347 return DIS_SUCCESS; 348 } 349 350 memset(&dis_cb, 0, sizeof(tDIS_CB)); 351 352 btgatt_db_element_t service[DIS_MAX_ATTR_NUM] = { }; 353 354 bt_uuid_t svc_uuid; 355 uuid_128_from_16(&svc_uuid, UUID_SERVCLASS_DEVICE_INFO); 356 service[0].type = BTGATT_DB_PRIMARY_SERVICE; 357 service[0].uuid = svc_uuid; 358 359 for(int i=0; dis_attr_mask != 0 && i < DIS_MAX_CHAR_NUM; i++) { 360 dis_cb.dis_attr[i].uuid = dis_attr_uuid[i]; 361 362 bt_uuid_t char_uuid; 363 uuid_128_from_16(&char_uuid, dis_cb.dis_attr[i].uuid); 364 /* index 0 is service, so characteristics start from 1 */ 365 service[i+1].type = BTGATT_DB_CHARACTERISTIC; 366 service[i+1].uuid = char_uuid; 367 service[i+1].properties = GATT_CHAR_PROP_BIT_READ; 368 service[i+1].permissions = GATT_PERM_READ; 369 370 dis_attr_mask >>= 1; 371 } 372 373 /* Add a GAP service */ 374 status = GATTS_AddService(srvc_eng_cb.gatt_if, service, sizeof(service)/sizeof(btgatt_db_element_t)); 375 if (status != GATT_SERVICE_STARTED) { 376 GATT_TRACE_ERROR("Can not create service, DIS_Init failed!"); 377 return GATT_ERROR; 378 } 379 380 dis_cb.service_handle = service[0].attribute_handle; 381 dis_cb.max_handle = dis_cb.service_handle + DIS_MAX_ATTR_NUM; 382 383 for (int i = 0; i < DIS_MAX_CHAR_NUM; i++) { 384 dis_cb.dis_attr[i].handle = service[i+1].attribute_handle; 385 386 GATT_TRACE_DEBUG ("%s: handle of new attribute 0x%04 = x%d", __func__, 387 dis_cb.dis_attr[i].uuid, dis_cb.dis_attr[i].handle); 388 } 389 390 dis_cb.enabled = true; 391 return (tDIS_STATUS) status; 392} 393/******************************************************************************* 394 * 395 * Function DIS_SrUpdate 396 * 397 * Description Update the DIS server attribute values 398 * 399 ******************************************************************************/ 400tDIS_STATUS DIS_SrUpdate(tDIS_ATTR_BIT dis_attr_bit, tDIS_ATTR *p_info) 401{ 402 uint8_t i = 1; 403 tDIS_STATUS st = DIS_SUCCESS; 404 405 if (dis_attr_bit & DIS_ATTR_SYS_ID_BIT) 406 { 407 dis_cb.dis_value.system_id = p_info->system_id; 408 } 409 else if (dis_attr_bit & DIS_ATTR_PNP_ID_BIT) 410 { 411 dis_cb.dis_value.pnp_id.vendor_id = p_info->pnp_id.vendor_id; 412 dis_cb.dis_value.pnp_id.vendor_id_src = p_info->pnp_id.vendor_id_src; 413 dis_cb.dis_value.pnp_id.product_id = p_info->pnp_id.product_id; 414 dis_cb.dis_value.pnp_id.product_version = p_info->pnp_id.product_version; 415 } 416 else 417 { 418 st = DIS_ILLEGAL_PARAM; 419 420 while (dis_attr_bit && i < (DIS_MAX_CHAR_NUM -1 )) 421 { 422 if (dis_attr_bit & (uint16_t)(1 << i)) 423 { 424 osi_free(dis_cb.dis_value.data_string[i - 1]); 425/* coverity[OVERRUN-STATIC] False-positive : when i = 8, (1 << i) == DIS_ATTR_PNP_ID_BIT, and it will never come down here 426CID 49902: Out-of-bounds read (OVERRUN_STATIC) 427Overrunning static array "dis_cb.dis_value.data_string", with 7 elements, at position 7 with index variable "i". 428*/ 429 dis_cb.dis_value.data_string[i - 1] = (uint8_t *)osi_malloc(p_info->data_str.len + 1); 430 memcpy(dis_cb.dis_value.data_string[i - 1], p_info->data_str.p_data, p_info->data_str.len); 431 dis_cb.dis_value.data_string[i - 1][p_info->data_str.len] = 0; /* make sure null terminate */ 432 st = DIS_SUCCESS; 433 434 break; 435 } 436 i ++; 437 } 438 } 439 return st; 440} 441/******************************************************************************* 442 * 443 * Function DIS_ReadDISInfo 444 * 445 * Description Read remote device DIS information. 446 * 447 * Returns void 448 * 449 ******************************************************************************/ 450bool DIS_ReadDISInfo(BD_ADDR peer_bda, tDIS_READ_CBACK *p_cback, tDIS_ATTR_MASK mask) 451{ 452 uint16_t conn_id; 453 454 /* Initialize the DIS client if it hasn't been initialized already. */ 455 srvc_eng_init(); 456 457 /* For now we only handle one at a time */ 458 if (dis_cb.dis_read_uuid_idx != 0xff) 459 return(false); 460 461 if (p_cback == NULL) 462 return(false); 463 464 dis_cb.p_read_dis_cback = p_cback; 465 /* Mark currently active operation */ 466 dis_cb.dis_read_uuid_idx = 0; 467 468 dis_cb.request_mask = mask; 469 470 GATT_TRACE_EVENT ("DIS_ReadDISInfo() - BDA: %08x%04x cl_read_uuid: 0x%04x", 471 (peer_bda[0]<<24)+(peer_bda[1]<<16)+(peer_bda[2]<<8)+peer_bda[3], 472 (peer_bda[4]<<8)+peer_bda[5], dis_attr_uuid[dis_cb.dis_read_uuid_idx]); 473 474 GATT_GetConnIdIfConnected(srvc_eng_cb.gatt_if, peer_bda, &conn_id, BT_TRANSPORT_LE); 475 476 /* need to enhance it as multiple service is needed */ 477 srvc_eng_request_channel(peer_bda, SRVC_ID_DIS); 478 479 if (conn_id == GATT_INVALID_CONN_ID) 480 { 481 return GATT_Connect(srvc_eng_cb.gatt_if, peer_bda, true, BT_TRANSPORT_LE, false); 482 } 483 484 return dis_gatt_c_read_dis_req(conn_id); 485 486} 487