1 /******************************************************************************
2 *
3 * Copyright 2005-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18 #define LOG_TAG "bt_bta_hh"
19
20 #include <bluetooth/log.h>
21 #include <string.h> // memset
22
23 #include <cstdint>
24 #include <cstring>
25
26 #include "bt_name.h"
27 #include "bta/hh/bta_hh_int.h"
28 #include "bta_hh_api.h"
29 #include "btif/include/btif_storage.h"
30 #include "device/include/interop.h"
31 #include "hiddefs.h"
32 #include "internal_include/bt_target.h"
33 #include "osi/include/allocator.h"
34 #include "stack/include/btm_client_interface.h"
35 #include "stack/include/btm_status.h"
36 #include "stack/include/sdp_api.h"
37 #include "types/ble_address_with_type.h"
38 #include "types/bt_transport.h"
39 #include "types/raw_address.h"
40
41 using namespace bluetooth::legacy::stack::sdp;
42 using namespace bluetooth;
43
44 /* if SSR max latency is not defined by remote device, set the default value
45 as half of the link supervision timeout */
46 #define BTA_HH_GET_DEF_SSR_MAX_LAT(x) ((x) >> 1)
47
48 /*****************************************************************************
49 * Constants
50 ****************************************************************************/
51
52 namespace {
53
54 constexpr uint16_t kSsrMaxLatency = 18; /* slots * 0.625ms */
55
56 } // namespace
57
58 /*******************************************************************************
59 *
60 * Function bta_hh_get_cb_index
61 *
62 * Description Find suitable control block index for ACL link specification
63 *
64 * Returns void
65 *
66 ******************************************************************************/
bta_hh_get_cb_index(const tAclLinkSpec & link_spec)67 static uint8_t bta_hh_get_cb_index(const tAclLinkSpec& link_spec) {
68 if (link_spec.addrt.bda.IsEmpty()) {
69 return BTA_HH_IDX_INVALID;
70 }
71
72 uint8_t available_handle = BTA_HH_IDX_INVALID;
73 for (uint8_t i = 0; i < BTA_HH_MAX_DEVICE; i++) {
74 /* Check if any active/known devices is a match */
75 tBTA_HH_DEV_CB& dev = bta_hh_cb.kdev[i];
76 if (link_spec == dev.link_spec) {
77 log::verbose("Reusing handle {} for {}, ", i, link_spec);
78 return i;
79 } else if (available_handle == BTA_HH_IDX_INVALID && !dev.in_use) {
80 available_handle = i;
81 }
82 }
83
84 if (available_handle != BTA_HH_IDX_INVALID) {
85 log::verbose("Using unused handle {} for {}", available_handle, link_spec);
86 }
87 return available_handle;
88 }
89
90 /*******************************************************************************
91 *
92 * Function bta_hh_get_cb
93 *
94 * Description Find or allocate control block for ACL link specification
95 *
96 * Returns void
97 *
98 ******************************************************************************/
bta_hh_get_cb(const tAclLinkSpec & link_spec)99 tBTA_HH_DEV_CB* bta_hh_get_cb(const tAclLinkSpec& link_spec) {
100 uint8_t idx = bta_hh_get_cb_index(link_spec);
101 if (idx == BTA_HH_IDX_INVALID) {
102 log::error("No handle available for {}", link_spec);
103 return nullptr;
104 }
105
106 tBTA_HH_DEV_CB& dev = bta_hh_cb.kdev[idx];
107 dev.link_spec = link_spec;
108 dev.in_use = true;
109 return &dev;
110 }
111
112 /*******************************************************************************
113 *
114 * Function bta_hh_find_cb
115 *
116 * Description Find the existing control block for ACL link specification
117 *
118 * Returns void
119 *
120 ******************************************************************************/
bta_hh_find_cb(const tAclLinkSpec & link_spec)121 tBTA_HH_DEV_CB* bta_hh_find_cb(const tAclLinkSpec& link_spec) {
122 if (link_spec.addrt.bda.IsEmpty()) {
123 return nullptr;
124 }
125
126 for (uint8_t i = 0; i < BTA_HH_MAX_DEVICE; i++) {
127 /* check if any active/known devices is a match */
128 if (link_spec == bta_hh_cb.kdev[i].link_spec) {
129 return &bta_hh_cb.kdev[i];
130 }
131 }
132 return nullptr;
133 }
134
135 /*******************************************************************************
136 *
137 * Function bta_hh_dev_handle_to_cb_idx
138 *
139 * Description convert a HID device handle to the device control block
140 * index.
141 *
142 *
143 * Returns uint8_t: index of the device control block.
144 *
145 ******************************************************************************/
bta_hh_dev_handle_to_cb_idx(uint8_t dev_handle)146 static uint8_t bta_hh_dev_handle_to_cb_idx(uint8_t dev_handle) {
147 uint8_t index = BTA_HH_IDX_INVALID;
148
149 if (BTA_HH_IS_LE_DEV_HDL(dev_handle)) {
150 if (BTA_HH_IS_LE_DEV_HDL_VALID(dev_handle)) {
151 index = bta_hh_cb.le_cb_index[BTA_HH_GET_LE_CB_IDX(dev_handle)];
152 }
153 } else
154 /* regular HID device checking */
155 if (dev_handle < BTA_HH_MAX_KNOWN) {
156 index = bta_hh_cb.cb_index[dev_handle];
157 }
158
159 return index;
160 }
161
162 /*******************************************************************************
163 *
164 * Function bta_hh_find_cb
165 *
166 * Description Find the existing control block for handle
167 *
168 * Returns void
169 *
170 ******************************************************************************/
bta_hh_find_cb_by_handle(uint8_t hid_handle)171 tBTA_HH_DEV_CB* bta_hh_find_cb_by_handle(uint8_t hid_handle) {
172 uint8_t index = bta_hh_dev_handle_to_cb_idx(hid_handle);
173 if (index == BTA_HH_IDX_INVALID) {
174 return nullptr;
175 }
176
177 return &bta_hh_cb.kdev[index];
178 }
179
bta_hh_reset_cb(tBTA_HH_DEV_CB * p_cb)180 static void bta_hh_reset_cb(tBTA_HH_DEV_CB* p_cb) {
181 // Free buffer for report descriptor info
182 osi_free_and_reset((void**)&p_cb->dscp_info.descriptor.dsc_list);
183
184 // Cancel SDP if it had been started
185 if (p_cb->p_disc_db != nullptr) {
186 (void)get_legacy_stack_sdp_api()->service.SDP_CancelServiceSearch(p_cb->p_disc_db);
187 osi_free_and_reset((void**)&p_cb->p_disc_db);
188 }
189 *p_cb = {};
190 }
191
192 /*******************************************************************************
193 *
194 * Function bta_hh_clean_up_kdev
195 *
196 * Description Clean up device control block when device is removed from
197 * manitainace list, and update control block index map.
198 *
199 * Returns void
200 *
201 ******************************************************************************/
bta_hh_clean_up_kdev(tBTA_HH_DEV_CB * p_cb)202 void bta_hh_clean_up_kdev(tBTA_HH_DEV_CB* p_cb) {
203 if (p_cb->link_spec.transport == BT_TRANSPORT_LE) {
204 uint8_t le_hid_handle = BTA_HH_GET_LE_CB_IDX(p_cb->hid_handle);
205 if (le_hid_handle >= BTA_HH_LE_MAX_KNOWN) {
206 log::warn("Invalid LE hid_handle {}", p_cb->hid_handle);
207 } else {
208 bta_hh_cb.le_cb_index[le_hid_handle] = BTA_HH_IDX_INVALID;
209 }
210 } else {
211 if (p_cb->hid_handle >= BTA_HH_MAX_KNOWN) {
212 log::warn("Invalid hid_handle {}", p_cb->hid_handle);
213 } else {
214 bta_hh_cb.cb_index[p_cb->hid_handle] = BTA_HH_IDX_INVALID;
215 }
216 }
217
218 uint8_t index = p_cb->index; // Preserve index for this control block
219 bta_hh_reset_cb(p_cb); // Reset control block
220 p_cb->index = index; /* Restore index for this control block */
221 p_cb->state = BTA_HH_IDLE_ST;
222 p_cb->hid_handle = BTA_HH_INVALID_HANDLE;
223 }
224 /*******************************************************************************
225 *
226 * Function bta_hh_update_di_info
227 *
228 * Description Maintain a known device list for BTA HH.
229 *
230 * Returns void
231 *
232 ******************************************************************************/
bta_hh_update_di_info(tBTA_HH_DEV_CB * p_cb,uint16_t vendor_id,uint16_t product_id,uint16_t version,uint8_t flag,uint8_t ctry_code)233 void bta_hh_update_di_info(tBTA_HH_DEV_CB* p_cb, uint16_t vendor_id, uint16_t product_id,
234 uint16_t version, uint8_t flag, uint8_t ctry_code) {
235 #if (BTA_HH_DEBUG == TRUE)
236 log::verbose("vendor_id=0x{:2x} product_id=0x{:2x} version=0x{:2x}", vendor_id, product_id,
237 version);
238 #endif
239 p_cb->dscp_info.vendor_id = vendor_id;
240 p_cb->dscp_info.product_id = product_id;
241 p_cb->dscp_info.version = version;
242 p_cb->dscp_info.flag = flag;
243 p_cb->dscp_info.ctry_code = ctry_code;
244 }
245 /*******************************************************************************
246 *
247 * Function bta_hh_add_device_to_list
248 *
249 * Description Maintain a known device list for BTA HH.
250 *
251 * Returns void
252 *
253 ******************************************************************************/
bta_hh_add_device_to_list(tBTA_HH_DEV_CB * p_cb,uint8_t handle,uint16_t attr_mask,const tHID_DEV_DSCP_INFO * p_dscp_info,uint8_t sub_class,uint16_t ssr_max_latency,uint16_t ssr_min_tout,uint8_t app_id)254 void bta_hh_add_device_to_list(tBTA_HH_DEV_CB* p_cb, uint8_t handle, uint16_t attr_mask,
255 const tHID_DEV_DSCP_INFO* p_dscp_info, uint8_t sub_class,
256 uint16_t ssr_max_latency, uint16_t ssr_min_tout, uint8_t app_id) {
257 #if (BTA_HH_DEBUG == TRUE)
258 log::verbose("subclass=0x{:2x}", sub_class);
259 #endif
260
261 p_cb->hid_handle = handle;
262 p_cb->in_use = true;
263 p_cb->attr_mask = attr_mask;
264
265 p_cb->sub_class = sub_class;
266 p_cb->app_id = app_id;
267
268 p_cb->dscp_info.ssr_max_latency = ssr_max_latency;
269 p_cb->dscp_info.ssr_min_tout = ssr_min_tout;
270
271 /* store report descriptor info */
272 if (p_dscp_info) {
273 osi_free_and_reset((void**)&p_cb->dscp_info.descriptor.dsc_list);
274
275 if (p_dscp_info->dl_len) {
276 p_cb->dscp_info.descriptor.dsc_list = (uint8_t*)osi_malloc(p_dscp_info->dl_len);
277 p_cb->dscp_info.descriptor.dl_len = p_dscp_info->dl_len;
278 memcpy(p_cb->dscp_info.descriptor.dsc_list, p_dscp_info->dsc_list, p_dscp_info->dl_len);
279 }
280 }
281 }
282
283 /*******************************************************************************
284 *
285 * Function bta_hh_tod_spt
286 *
287 * Description Check to see if this type of device is supported
288 *
289 * Returns
290 *
291 ******************************************************************************/
bta_hh_tod_spt(tBTA_HH_DEV_CB * p_cb,uint8_t sub_class)292 bool bta_hh_tod_spt(tBTA_HH_DEV_CB* p_cb, uint8_t sub_class) {
293 uint8_t xx;
294 uint8_t cod = (sub_class >> 2); /* lower two bits are reserved */
295
296 for (xx = 0; xx < p_bta_hh_cfg->max_devt_spt; xx++) {
297 if (cod == (uint8_t)p_bta_hh_cfg->p_devt_list[xx].tod) {
298 p_cb->app_id = p_bta_hh_cfg->p_devt_list[xx].app_id;
299 #if (BTA_HH_DEBUG == TRUE)
300 log::verbose("sub_class:0x{:x} supported", sub_class);
301 #endif
302 return true;
303 }
304 }
305 #if (BTA_HH_DEBUG == TRUE)
306 log::verbose("sub_class:0x{:x} NOT supported", sub_class);
307 #endif
308 return false;
309 }
310
311 /*******************************************************************************
312 *
313 * Function bta_hh_read_ssr_param
314 *
315 * Description Read the SSR Parameter for the remote device
316 *
317 * Returns tBTA_HH_STATUS operation status
318 *
319 ******************************************************************************/
bta_hh_read_ssr_param(const tAclLinkSpec & link_spec,uint16_t * p_max_ssr_lat,uint16_t * p_min_ssr_tout)320 tBTA_HH_STATUS bta_hh_read_ssr_param(const tAclLinkSpec& link_spec, uint16_t* p_max_ssr_lat,
321 uint16_t* p_min_ssr_tout) {
322 tBTA_HH_DEV_CB* p_cb = bta_hh_find_cb(link_spec);
323 if (p_cb == nullptr) {
324 log::warn("Unable to find device:{}", link_spec);
325 return BTA_HH_ERR;
326 }
327
328 /* if remote device does not have HIDSSRHostMaxLatency attribute in SDP,
329 set SSR max latency default value here. */
330 if (p_cb->dscp_info.ssr_max_latency == HID_SSR_PARAM_INVALID) {
331 /* The default is calculated as half of link supervision timeout.*/
332
333 uint16_t ssr_max_latency;
334 if (get_btm_client_interface().link_controller.BTM_GetLinkSuperTout(
335 p_cb->link_spec.addrt.bda, &ssr_max_latency) != tBTM_STATUS::BTM_SUCCESS) {
336 log::warn("Unable to get supervision timeout for peer:{}", p_cb->link_spec);
337 return BTA_HH_ERR;
338 }
339 ssr_max_latency = BTA_HH_GET_DEF_SSR_MAX_LAT(ssr_max_latency);
340
341 /* per 1.1 spec, if the newly calculated max latency is greater than
342 BTA_HH_SSR_MAX_LATENCY_DEF which is 500ms, use
343 BTA_HH_SSR_MAX_LATENCY_DEF */
344 if (ssr_max_latency > BTA_HH_SSR_MAX_LATENCY_DEF) {
345 ssr_max_latency = BTA_HH_SSR_MAX_LATENCY_DEF;
346 }
347
348 char remote_name[BD_NAME_LEN] = "";
349 if (btif_storage_get_stored_remote_name(link_spec.addrt.bda, remote_name)) {
350 if (interop_match_name(INTEROP_HID_HOST_LIMIT_SNIFF_INTERVAL, remote_name)) {
351 if (ssr_max_latency > kSsrMaxLatency /* slots * 0.625ms */) {
352 ssr_max_latency = kSsrMaxLatency;
353 }
354 }
355 }
356
357 *p_max_ssr_lat = ssr_max_latency;
358 } else {
359 *p_max_ssr_lat = p_cb->dscp_info.ssr_max_latency;
360 }
361
362 if (p_cb->dscp_info.ssr_min_tout == HID_SSR_PARAM_INVALID) {
363 *p_min_ssr_tout = BTA_HH_SSR_MIN_TOUT_DEF;
364 } else {
365 *p_min_ssr_tout = p_cb->dscp_info.ssr_min_tout;
366 }
367
368 return BTA_HH_OK;
369 }
370
371 /*******************************************************************************
372 *
373 * Function bta_hh_cleanup_disable
374 *
375 * Description when disable finished, cleanup control block and send
376 * callback
377 *
378 *
379 * Returns void
380 *
381 ******************************************************************************/
bta_hh_cleanup_disable(tBTA_HH_STATUS status)382 void bta_hh_cleanup_disable(tBTA_HH_STATUS status) {
383 /* free buffer in CB holding report descriptors */
384 for (uint8_t i = 0; i < BTA_HH_MAX_DEVICE; i++) {
385 bta_hh_reset_cb(&bta_hh_cb.kdev[i]);
386 }
387
388 if (bta_hh_cb.p_cback) {
389 tBTA_HH bta_hh;
390 bta_hh.status = status;
391 (*bta_hh_cb.p_cback)(BTA_HH_DISABLE_EVT, &bta_hh);
392 /* all connections are down, no waiting for diconnect */
393 memset(&bta_hh_cb, 0, sizeof(tBTA_HH_CB));
394 }
395 }
396
397 #if (BTA_HH_DEBUG == TRUE)
398 /*******************************************************************************
399 *
400 * Function bta_hh_trace_dev_db
401 *
402 * Description Check to see if this type of device is supported
403 *
404 * Returns
405 *
406 ******************************************************************************/
bta_hh_trace_dev_db(void)407 void bta_hh_trace_dev_db(void) {
408 log::verbose("Device DB list*******************************************");
409 for (auto dev : bta_hh_cb.kdev) {
410 if (dev.in_use) {
411 log::verbose(
412 "kdev[{:02x}] handle[{:02x}] attr_mask[{:04x}] sub_class[{:02x}] state [{}] "
413 "device[{}] ",
414 dev.index, dev.hid_handle, dev.attr_mask, dev.sub_class, dev.state, dev.link_spec);
415 }
416 }
417 log::verbose("*********************************************************");
418 }
419 #endif
420