1 /******************************************************************************
2 *
3 * Copyright (C) 2016-2017 The Linux Foundation
4 * Copyright 2009-2012 Broadcom Corporation
5 *
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at:
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 *
18 ******************************************************************************/
19
20 /*******************************************************************************
21 *
22 * Filename: btif_dm.c
23 *
24 * Description: Contains Device Management (DM) related functionality
25 *
26 *
27 ******************************************************************************/
28
29 #define LOG_TAG "bt_btif_dm"
30
31 #include "btif_dm.h"
32
33 #include <base/functional/bind.h>
34 #include <base/strings/stringprintf.h>
35 #include <bluetooth/log.h>
36 #include <com_android_bluetooth_flags.h>
37 #include <hardware/bluetooth.h>
38 #include <hardware/bt_csis.h>
39 #include <hardware/bt_hearing_aid.h>
40 #include <hardware/bt_le_audio.h>
41 #include <hardware/bt_vc.h>
42 #include <stdlib.h>
43 #include <string.h>
44 #include <sys/types.h>
45 #include <time.h>
46 #include <unistd.h>
47
48 #include <mutex>
49 #include <optional>
50
51 #include "advertise_data_parser.h"
52 #include "bt_dev_class.h"
53 #include "bt_name.h"
54 #include "bta/dm/bta_dm_disc.h"
55 #include "bta/include/bta_api.h"
56 #include "bta/include/bta_hh_api.h"
57 #include "btif/include/stack_manager_t.h"
58 #include "btif_api.h"
59 #include "btif_bqr.h"
60 #include "btif_config.h"
61 #include "btif_metrics_logging.h"
62 #include "btif_sdp.h"
63 #include "btif_storage.h"
64 #include "btif_util.h"
65 #include "common/lru_cache.h"
66 #include "common/metrics.h"
67 #include "device/include/interop.h"
68 #include "hci/controller_interface.h"
69 #include "hci/le_rand_callback.h"
70 #include "internal_include/bt_target.h"
71 #include "internal_include/stack_config.h"
72 #include "main/shim/acl_api.h"
73 #include "main/shim/entry.h"
74 #include "main/shim/helpers.h"
75 #include "main/shim/le_advertising_manager.h"
76 #include "main_thread.h"
77 #include "metrics/bluetooth_event.h"
78 #include "os/logging/log_adapter.h"
79 #include "osi/include/properties.h"
80 #include "osi/include/stack_power_telemetry.h"
81 #include "stack/btm/btm_dev.h"
82 #include "stack/btm/btm_sec.h"
83 #include "stack/include/acl_api.h"
84 #include "stack/include/acl_api_types.h"
85 #include "stack/include/bt_dev_class.h"
86 #include "stack/include/bt_octets.h"
87 #include "stack/include/bt_types.h"
88 #include "stack/include/bt_uuid16.h"
89 #include "stack/include/btm_ble_addr.h"
90 #include "stack/include/btm_ble_api.h"
91 #include "stack/include/btm_ble_sec_api.h"
92 #include "stack/include/btm_ble_sec_api_types.h"
93 #include "stack/include/btm_client_interface.h"
94 #include "stack/include/btm_log_history.h"
95 #include "stack/include/btm_sec_api.h"
96 #include "stack/include/btm_sec_api_types.h"
97 #include "stack/include/l2cap_interface.h"
98 #include "stack/include/rnr_interface.h"
99 #include "stack/include/smp_api.h"
100 #include "stack/include/srvc_api.h" // tDIS_VALUE
101 #include "storage/config_keys.h"
102 #include "types/bluetooth/uuid.h"
103 #include "types/raw_address.h"
104
105 #ifdef __ANDROID__
106 #include <android/sysprop/BluetoothProperties.sysprop.h>
107 #endif
108
109 using bluetooth::Uuid;
110 using namespace bluetooth;
111
112 namespace {
113 constexpr char kBtmLogTag[] = "API";
114 constexpr char kBtmLogTagCallback[] = "CBACK";
115 constexpr char kBtmLogTagSdp[] = "SDP";
116 } // namespace
117
118 /******************************************************************************
119 * Constants & Macros
120 *****************************************************************************/
121
122 const Uuid UUID_HEARING_AID = Uuid::FromString("FDF0");
123 const Uuid UUID_VC = Uuid::FromString("1844");
124 const Uuid UUID_CSIS = Uuid::FromString("1846");
125 const Uuid UUID_LE_AUDIO = Uuid::FromString("184E");
126 const Uuid UUID_LE_MIDI = Uuid::FromString("03B80E5A-EDE8-4B33-A751-6CE34EC4C700");
127 const Uuid UUID_HAS = Uuid::FromString("1854");
128 const Uuid UUID_BASS = Uuid::FromString("184F");
129 const Uuid UUID_BATTERY = Uuid::FromString("180F");
130 const Uuid UUID_A2DP_SINK = Uuid::FromString("110B");
131
132 #define BTIF_DM_MAX_SDP_ATTEMPTS_AFTER_PAIRING 2
133
134 #ifndef PROPERTY_CLASS_OF_DEVICE
135 #define PROPERTY_CLASS_OF_DEVICE "bluetooth.device.class_of_device"
136 #endif
137
138 #define NUM_TIMEOUT_RETRIES 5
139 #ifndef PROPERTY_DEFAULT_DEVICE_NAME
140 #define PROPERTY_DEFAULT_DEVICE_NAME "bluetooth.device.default_name"
141 #endif
142 #ifndef PROPERTY_PRODUCT_MODEL
143 #define PROPERTY_PRODUCT_MODEL "ro.product.model"
144 #endif
145 #define DEFAULT_LOCAL_NAME_MAX 31
146 #if (DEFAULT_LOCAL_NAME_MAX > BD_NAME_LEN)
147 #error "default btif local name size exceeds stack supported length"
148 #endif
149
150 #ifndef PROPERTY_BLE_PRIVACY_ENABLED
151 #define PROPERTY_BLE_PRIVACY_ENABLED "bluetooth.core.gap.le.privacy.enabled"
152 #endif
153
154 #define ENCRYPTED_BREDR 2
155 #define ENCRYPTED_LE 4
156
157 struct btif_dm_pairing_cb_t {
158 bt_bond_state_t state;
159 RawAddress static_bdaddr;
160 RawAddress bd_addr;
161 tBTM_BOND_TYPE bond_type;
162 uint8_t pin_code_len;
163 uint8_t is_ssp;
164 uint8_t auth_req;
165 uint8_t io_cap;
166 uint8_t autopair_attempts;
167 uint8_t timeout_retries;
168 uint8_t is_local_initiated;
169 uint8_t sdp_attempts;
170 bool is_le_only;
171 bool is_le_nc; /* LE Numeric comparison */
172 btif_dm_ble_cb_t ble;
173 uint8_t fail_reason;
174
175 enum ServiceDiscoveryState { NOT_STARTED, SCHEDULED, FINISHED };
176
177 ServiceDiscoveryState gatt_over_le;
178 ServiceDiscoveryState sdp_over_classic;
179 };
180
181 namespace std {
182 template <>
183 struct formatter<btif_dm_pairing_cb_t::ServiceDiscoveryState>
184 : enum_formatter<btif_dm_pairing_cb_t::ServiceDiscoveryState> {};
185 } // namespace std
186
187 // TODO(jpawlowski): unify ?
188 // btif_dm_local_key_id_t == tBTM_BLE_LOCAL_ID_KEYS == tBTA_BLE_LOCAL_ID_KEYS
189 typedef struct {
190 Octet16 ir;
191 Octet16 irk;
192 Octet16 dhk;
193 } btif_dm_local_key_id_t;
194
195 typedef struct {
196 bool is_er_rcvd;
197 Octet16 er;
198 bool is_id_keys_rcvd;
199 btif_dm_local_key_id_t id_keys; /* ID kyes */
200 } btif_dm_local_key_cb_t;
201
202 /* this structure holds optional OOB data for remote device */
203 typedef struct {
204 RawAddress bdaddr; /* peer bdaddr */
205 tBT_TRANSPORT transport; /* BR/EDR or LE */
206 int data_present; /* What type(s) of OOB Data present */
207 bt_oob_data_t p192_data; /* P192 Data or empty */
208 bt_oob_data_t p256_data; /* P256 Data or empty */
209 } btif_dm_oob_cb_t;
210
211 typedef struct {
212 unsigned int manufact_id;
213 } skip_sdp_entry_t;
214
215 typedef struct {
216 bluetooth::common::LruCache<RawAddress, std::vector<uint8_t>> le_audio_cache;
217 } btif_dm_metadata_cb_t;
218
219 typedef enum {
220 BTIF_DM_FUNC_CREATE_BOND,
221 BTIF_DM_FUNC_CANCEL_BOND,
222 BTIF_DM_FUNC_REMOVE_BOND,
223 BTIF_DM_FUNC_BOND_STATE_CHANGED,
224 } bt_bond_function_t;
225
226 typedef struct {
227 RawAddress bd_addr;
228 bt_bond_function_t function;
229 bt_bond_state_t state;
230 struct timespec timestamp;
231 } btif_bond_event_t;
232
233 #define BTA_SERVICE_ID_TO_SERVICE_MASK(id) (1 << (id))
234
235 #define MAX_BTIF_BOND_EVENT_ENTRIES 15
236
237 #define MAX_NUM_DEVICES_IN_EIR_UUID_CACHE 128
238
239 static bluetooth::common::LruCache<RawAddress, std::set<Uuid>> eir_uuids_cache(
240 MAX_NUM_DEVICES_IN_EIR_UUID_CACHE);
241
242 static skip_sdp_entry_t sdp_rejectlist[] = {{76}}; // Apple Mouse and Keyboard
243
244 /* This flag will be true if HCI_Inquiry is in progress */
245 static bool btif_dm_inquiry_in_progress = false;
246
247 /*******************************************************************************
248 * Static variables
249 ******************************************************************************/
250 static char btif_default_local_name[DEFAULT_LOCAL_NAME_MAX + 1] = {'\0'};
251 static uid_set_t* uid_set = NULL;
252
253 /* A circular array to keep track of the most recent bond events */
254 static btif_bond_event_t btif_dm_bond_events[MAX_BTIF_BOND_EVENT_ENTRIES + 1];
255
256 static std::mutex bond_event_lock;
257
258 /* |btif_num_bond_events| keeps track of the total number of events and can be
259 greater than |MAX_BTIF_BOND_EVENT_ENTRIES| */
260 static size_t btif_num_bond_events = 0;
261 static size_t btif_events_start_index = 0;
262 static size_t btif_events_end_index = 0;
263
264 /******************************************************************************
265 * Static functions
266 *****************************************************************************/
267 static void btif_dm_ble_sec_req_evt(tBTA_DM_BLE_SEC_REQ* p_ble_req, bool is_consent);
268 static void btif_dm_remove_ble_bonding_keys(void);
269 static void btif_dm_save_ble_bonding_keys(RawAddress& bd_addr);
270 static btif_dm_pairing_cb_t pairing_cb;
271 static btif_dm_oob_cb_t oob_cb;
272 static btif_dm_metadata_cb_t metadata_cb{.le_audio_cache{40}};
273 static void btif_dm_cb_create_bond(const RawAddress bd_addr, tBT_TRANSPORT transport);
274 static void btif_dm_cb_create_bond_le(const RawAddress bd_addr, tBLE_ADDR_TYPE addr_type);
275 static btif_dm_local_key_cb_t ble_local_key_cb;
276 static void btif_dm_ble_passkey_notif_evt(tBTA_DM_SP_KEY_NOTIF* p_ssp_key_notif);
277 static void btif_dm_ble_auth_cmpl_evt(tBTA_DM_AUTH_CMPL* p_auth_cmpl);
278 static void btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ* p_pin_req);
279 static void btif_dm_ble_key_nc_req_evt(tBTA_DM_SP_KEY_NOTIF* p_notif_req);
280 static void btif_dm_ble_oob_req_evt(tBTA_DM_SP_RMT_OOB* req_oob_type);
281 static void btif_dm_ble_sc_oob_req_evt(tBTA_DM_SP_RMT_OOB* req_oob_type);
282
283 static const char* btif_get_default_local_name();
284
285 static void btif_stats_add_bond_event(const RawAddress& bd_addr, bt_bond_function_t function,
286 bt_bond_state_t state);
287
288 static void btif_on_name_read(RawAddress bd_addr, tHCI_ERROR_CODE hci_status, const BD_NAME bd_name,
289 bool during_device_search);
290
291 /******************************************************************************
292 * Externs
293 *****************************************************************************/
294 void btif_iot_update_remote_info(tBTA_DM_AUTH_CMPL* p_auth_cmpl, bool is_ble, bool is_ssp);
295
296 /******************************************************************************
297 * Functions
298 *****************************************************************************/
299
is_empty_128bit(uint8_t * data)300 static bool is_empty_128bit(uint8_t* data) {
301 static const uint8_t zero[16] = {0};
302 return !memcmp(zero, data, sizeof(zero));
303 }
304
is_bonding_or_sdp()305 static bool is_bonding_or_sdp() {
306 return pairing_cb.state == BT_BOND_STATE_BONDING ||
307 (pairing_cb.state == BT_BOND_STATE_BONDED && pairing_cb.sdp_attempts);
308 }
309
btif_dm_init(uid_set_t * set)310 void btif_dm_init(uid_set_t* set) { uid_set = set; }
311
btif_dm_cleanup(void)312 void btif_dm_cleanup(void) {
313 if (uid_set) {
314 uid_set_destroy(uid_set);
315 uid_set = NULL;
316 }
317 }
318
btif_in_execute_service_request(tBTA_SERVICE_ID service_id,bool b_enable)319 static bt_status_t btif_in_execute_service_request(tBTA_SERVICE_ID service_id, bool b_enable) {
320 log::verbose("service_id:{}", service_id);
321
322 if (service_id == BTA_SDP_SERVICE_ID) {
323 btif_sdp_execute_service(b_enable);
324 return BT_STATUS_SUCCESS;
325 }
326
327 return GetInterfaceToProfiles()->toggleProfile(service_id, b_enable);
328 }
329
330 /**
331 * Helper method to get asha advertising service data
332 * @param inq_res {@code tBTA_DM_INQ_RES} inquiry result
333 * @param asha_capability value will be updated as non-negative if found,
334 * otherwise return -1
335 * @param asha_truncated_hi_sync_id value will be updated if found, otherwise no
336 * change
337 */
get_asha_service_data(const tBTA_DM_INQ_RES & inq_res,int16_t & asha_capability,uint32_t & asha_truncated_hi_sync_id)338 static void get_asha_service_data(const tBTA_DM_INQ_RES& inq_res, int16_t& asha_capability,
339 uint32_t& asha_truncated_hi_sync_id) {
340 asha_capability = -1;
341 if (inq_res.p_eir) {
342 const RawAddress& bdaddr = inq_res.bd_addr;
343
344 // iterate through advertisement service data
345 const uint8_t* p_service_data = inq_res.p_eir;
346 uint8_t service_data_len = 0;
347 while ((p_service_data = AdvertiseDataParser::GetFieldByType(
348 p_service_data + service_data_len,
349 inq_res.eir_len - (p_service_data - inq_res.p_eir) - service_data_len,
350 BTM_BLE_AD_TYPE_SERVICE_DATA_TYPE, &service_data_len))) {
351 if (service_data_len < 2) {
352 continue;
353 }
354 uint16_t uuid;
355 const uint8_t* p_uuid = p_service_data;
356 STREAM_TO_UINT16(uuid, p_uuid);
357
358 if (uuid == 0xfdf0 /* ASHA service*/) {
359 log::info("ASHA found in {}", bdaddr);
360
361 // ASHA advertisement service data length should be at least 8
362 if (service_data_len < 8) {
363 log::warn("ASHA device service_data_len too short");
364 } else {
365 // It is intended to save ASHA capability byte to int16_t
366 asha_capability = p_service_data[3];
367 log::info("asha_capability: {}", asha_capability);
368
369 const uint8_t* p_truncated_hisyncid = &(p_service_data[4]);
370 STREAM_TO_UINT32(asha_truncated_hi_sync_id, p_truncated_hisyncid);
371 }
372 break;
373 }
374 }
375 }
376 }
377
378 /*******************************************************************************
379 *
380 * Function check_eir_remote_name
381 *
382 * Description Check if remote name is in the EIR data
383 *
384 * Returns true if remote name found
385 * Populate p_remote_name, if provided and remote name found
386 *
387 ******************************************************************************/
check_eir_remote_name(tBTA_DM_SEARCH * p_search_data,uint8_t * p_remote_name,uint8_t * p_remote_name_len)388 static bool check_eir_remote_name(tBTA_DM_SEARCH* p_search_data, uint8_t* p_remote_name,
389 uint8_t* p_remote_name_len) {
390 const uint8_t* p_eir_remote_name = NULL;
391 uint8_t remote_name_len = 0;
392
393 /* Check EIR for remote name and services */
394 if (p_search_data->inq_res.p_eir) {
395 p_eir_remote_name = AdvertiseDataParser::GetFieldByType(
396 p_search_data->inq_res.p_eir, p_search_data->inq_res.eir_len,
397 HCI_EIR_COMPLETE_LOCAL_NAME_TYPE, &remote_name_len);
398 if (!p_eir_remote_name) {
399 p_eir_remote_name = AdvertiseDataParser::GetFieldByType(
400 p_search_data->inq_res.p_eir, p_search_data->inq_res.eir_len,
401 HCI_EIR_SHORTENED_LOCAL_NAME_TYPE, &remote_name_len);
402 }
403
404 if (p_eir_remote_name) {
405 if (remote_name_len > BD_NAME_LEN) {
406 remote_name_len = BD_NAME_LEN;
407 }
408
409 if (p_remote_name && p_remote_name_len) {
410 memcpy(p_remote_name, p_eir_remote_name, remote_name_len);
411 *(p_remote_name + remote_name_len) = 0;
412 *p_remote_name_len = remote_name_len;
413 }
414
415 return true;
416 }
417 }
418
419 return false;
420 }
421
422 /*******************************************************************************
423 *
424 * Function check_eir_appearance
425 *
426 * Description Check if appearance is in the EIR data
427 *
428 * Returns true if appearance found
429 * Populate p_appearance, if provided and appearance found
430 *
431 ******************************************************************************/
check_eir_appearance(tBTA_DM_SEARCH * p_search_data,uint16_t * p_appearance)432 static bool check_eir_appearance(tBTA_DM_SEARCH* p_search_data, uint16_t* p_appearance) {
433 const uint8_t* p_eir_appearance = NULL;
434 uint8_t appearance_len = 0;
435
436 /* Check EIR for remote name and services */
437 if (p_search_data->inq_res.p_eir) {
438 p_eir_appearance = AdvertiseDataParser::GetFieldByType(
439 p_search_data->inq_res.p_eir, p_search_data->inq_res.eir_len, HCI_EIR_APPEARANCE_TYPE,
440 &appearance_len);
441
442 if (p_eir_appearance && appearance_len >= 2) {
443 if (p_appearance) {
444 *p_appearance = *((uint16_t*)p_eir_appearance);
445 }
446
447 return true;
448 }
449 }
450
451 return false;
452 }
453
454 /*******************************************************************************
455 *
456 * Function get_cached_remote_name
457 *
458 * Description Check if remote name is in the NVRAM cache
459 *
460 * Returns true if remote name found
461 * Populate p_remote_name, if provided and remote name found
462 *
463 ******************************************************************************/
get_cached_remote_name(const RawAddress & bd_addr,bt_bdname_t * p_remote_name,uint8_t * p_remote_name_len)464 static bool get_cached_remote_name(const RawAddress& bd_addr, bt_bdname_t* p_remote_name,
465 uint8_t* p_remote_name_len) {
466 bt_bdname_t bdname;
467 bt_property_t prop_name;
468
469 /* check if we already have it in our btif_storage cache */
470
471 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_BDNAME, sizeof(bt_bdname_t), &bdname);
472 if (btif_storage_get_remote_device_property(&bd_addr, &prop_name) == BT_STATUS_SUCCESS) {
473 if (p_remote_name && p_remote_name_len) {
474 snprintf((char*)p_remote_name->name, sizeof(p_remote_name->name), "%s", (char*)bdname.name);
475 *p_remote_name_len = strlen((char*)p_remote_name);
476 }
477 return true;
478 }
479
480 return false;
481 }
482
get_cod(const RawAddress * remote_bdaddr)483 static uint32_t get_cod(const RawAddress* remote_bdaddr) {
484 uint32_t remote_cod = 0;
485 if (!btif_storage_get_cod(*remote_bdaddr, &remote_cod)) {
486 remote_cod = 0;
487 }
488
489 return remote_cod;
490 }
491
check_cod(const RawAddress * remote_bdaddr,uint32_t cod)492 static bool check_cod(const RawAddress* remote_bdaddr, uint32_t cod) {
493 return (get_cod(remote_bdaddr) & COD_DEVICE_MASK) == cod;
494 }
495
check_cod_hid(const RawAddress & bd_addr)496 bool check_cod_hid(const RawAddress& bd_addr) {
497 return (get_cod(&bd_addr) & COD_HID_MASK) == COD_HID_MAJOR;
498 }
499
check_cod_hid_major(const RawAddress & bd_addr,uint32_t cod)500 bool check_cod_hid_major(const RawAddress& bd_addr, uint32_t cod) {
501 uint32_t remote_cod = get_cod(&bd_addr);
502 return (remote_cod & COD_HID_MASK) == COD_HID_MAJOR &&
503 (remote_cod & COD_HID_SUB_MAJOR) == (cod & COD_HID_SUB_MAJOR);
504 }
505
check_cod_le_audio(const RawAddress & bd_addr)506 static bool check_cod_le_audio(const RawAddress& bd_addr) {
507 return (get_cod(&bd_addr) & COD_CLASS_LE_AUDIO) == COD_CLASS_LE_AUDIO;
508 }
509
510 /*****************************************************************************
511 *
512 * Function check_sdp_bl
513 *
514 * Description Checks if a given device is rejectlisted to skip sdp
515 *
516 * Parameters skip_sdp_entry
517 *
518 * Returns true if the device is present in rejectlist, else false
519 *
520 ******************************************************************************/
check_sdp_bl(const RawAddress * remote_bdaddr)521 static bool check_sdp_bl(const RawAddress* remote_bdaddr) {
522 bt_property_t prop_name;
523 bt_remote_version_t info;
524
525 if (remote_bdaddr == NULL) {
526 return false;
527 }
528
529 /* if not available yet, try fetching from config database */
530 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_REMOTE_VERSION_INFO,
531 sizeof(bt_remote_version_t), &info);
532
533 if (btif_storage_get_remote_device_property(remote_bdaddr, &prop_name) != BT_STATUS_SUCCESS) {
534 return false;
535 }
536 uint16_t manufacturer = info.manufacturer;
537
538 for (unsigned int i = 0; i < ARRAY_SIZE(sdp_rejectlist); i++) {
539 if (manufacturer == sdp_rejectlist[i].manufact_id) {
540 return true;
541 }
542 }
543 return false;
544 }
545
bond_state_changed(bt_status_t status,const RawAddress & bd_addr,bt_bond_state_t state)546 static void bond_state_changed(bt_status_t status, const RawAddress& bd_addr,
547 bt_bond_state_t state) {
548 btif_stats_add_bond_event(bd_addr, BTIF_DM_FUNC_BOND_STATE_CHANGED, state);
549
550 if ((pairing_cb.state == state) && (state == BT_BOND_STATE_BONDING)) {
551 // Cross key pairing so send callback for static address
552 if (!pairing_cb.static_bdaddr.IsEmpty()) {
553 BTM_LogHistory(
554 kBtmLogTagCallback, bd_addr, "Bond state changed",
555 base::StringPrintf(
556 "Crosskey bt_status:%s bond_state:%u reason:%s",
557 bt_status_text(status).c_str(), state,
558 hci_reason_code_text(to_hci_reason_code(pairing_cb.fail_reason)).c_str()));
559 GetInterfaceToProfiles()->events->invoke_bond_state_changed_cb(status, bd_addr, state,
560 pairing_cb.fail_reason);
561 }
562 return;
563 }
564
565 if (pairing_cb.bond_type == BOND_TYPE_TEMPORARY) {
566 state = BT_BOND_STATE_NONE;
567 }
568 log::info(
569 "Bond state changed to state={}[0:none, 1:bonding, "
570 "2:bonded],prev_state={}, sdp_attempts={}",
571 state, pairing_cb.state, pairing_cb.sdp_attempts);
572
573 if (state == BT_BOND_STATE_NONE) {
574 forget_device_from_metric_id_allocator(bd_addr);
575
576 if (com::android::bluetooth::flags::bond_transport_after_bond_cancel_fix()) {
577 btif_config_remove_device(bd_addr.ToString());
578 }
579 } else if (state == BT_BOND_STATE_BONDED) {
580 allocate_metric_id_from_metric_id_allocator(bd_addr);
581 if (!save_metric_id_from_metric_id_allocator(bd_addr)) {
582 log::error("Fail to save metric id for device:{}", bd_addr);
583 }
584 }
585 BTM_LogHistory(
586 kBtmLogTagCallback, bd_addr, "Bond state changed",
587 base::StringPrintf(
588 "bt_status:%s bond_state:%u reason:%s", bt_status_text(status).c_str(), state,
589 hci_reason_code_text(to_hci_reason_code(pairing_cb.fail_reason)).c_str()));
590 GetInterfaceToProfiles()->events->invoke_bond_state_changed_cb(status, bd_addr, state,
591 pairing_cb.fail_reason);
592
593 if ((state == BT_BOND_STATE_NONE) && (pairing_cb.bd_addr != bd_addr) && is_bonding_or_sdp()) {
594 log::warn("Ignoring bond state changed for unexpected device: {} pairing: {}", bd_addr,
595 pairing_cb.bd_addr);
596 return;
597 }
598
599 if (state == BT_BOND_STATE_BONDING ||
600 (state == BT_BOND_STATE_BONDED &&
601 (pairing_cb.sdp_attempts > 0 ||
602 pairing_cb.gatt_over_le == btif_dm_pairing_cb_t::ServiceDiscoveryState::SCHEDULED))) {
603 // Save state for the device is bonding or SDP or GATT over LE discovery
604 pairing_cb.state = state;
605 pairing_cb.bd_addr = bd_addr;
606 } else {
607 log::debug("clearing btif pairing_cb");
608 pairing_cb = {};
609 }
610 }
611
612 /* store remote version in bt config to always have access
613 to it post pairing*/
btif_update_remote_version_property(RawAddress * p_bd)614 static void btif_update_remote_version_property(RawAddress* p_bd) {
615 bt_property_t property;
616 uint8_t lmp_ver = 0;
617 uint16_t lmp_subver = 0;
618 uint16_t mfct_set = 0;
619 bt_remote_version_t info;
620 bt_status_t status;
621
622 log::assert_that(p_bd != nullptr, "assert failed: p_bd != nullptr");
623
624 const bool version_info_valid = get_btm_client_interface().peer.BTM_ReadRemoteVersion(
625 *p_bd, &lmp_ver, &mfct_set, &lmp_subver);
626
627 log::info("Remote version info valid:{} [{}]:0x{:x},0x{:x},0x{:x}", version_info_valid, *p_bd,
628 lmp_ver, mfct_set, lmp_subver);
629
630 if (version_info_valid) {
631 // Always update cache to ensure we have availability whenever BTM API is
632 // not populated
633 info.manufacturer = mfct_set;
634 info.sub_ver = lmp_subver;
635 info.version = lmp_ver;
636 BTIF_STORAGE_FILL_PROPERTY(&property, BT_PROPERTY_REMOTE_VERSION_INFO,
637 sizeof(bt_remote_version_t), &info);
638 status = btif_storage_set_remote_device_property(p_bd, &property);
639 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote version", status);
640 }
641 }
642
btif_update_remote_properties(const RawAddress & bdaddr,BD_NAME bd_name,DEV_CLASS dev_class,tBT_DEVICE_TYPE device_type)643 void btif_update_remote_properties(const RawAddress& bdaddr, BD_NAME bd_name, DEV_CLASS dev_class,
644 tBT_DEVICE_TYPE device_type) {
645 std::vector<bt_property_t> properties;
646 bt_status_t status = BT_STATUS_UNHANDLED;
647 uint32_t cod;
648 uint32_t dev_type;
649
650 /* remote name */
651 if (strlen((const char*)bd_name)) {
652 properties.push_back(
653 bt_property_t{BT_PROPERTY_BDNAME, static_cast<int>(strlen((char*)bd_name)), bd_name});
654 status = btif_storage_set_remote_device_property(&bdaddr, &properties.back());
655 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device name", status);
656 }
657
658 uint32_t old_cod = get_cod(&bdaddr);
659
660 /* class of device */
661 cod = devclass2uint(dev_class);
662 if ((cod == 0 || cod == COD_UNCLASSIFIED) && old_cod != 0) {
663 cod = old_cod;
664 }
665
666 if (cod == 0) {
667 /* Spec says UNCLASSIFIED is default value */
668 log::info("CoD from storage was zero");
669 cod = COD_UNCLASSIFIED;
670 }
671
672 if (old_cod != cod) {
673 log::info("{} CoD: 0x{:06x} -> 0x{:06x}", bdaddr, old_cod, cod);
674 }
675
676 properties.push_back(bt_property_t{BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod});
677
678 status = btif_storage_set_remote_device_property(&bdaddr, &properties.back());
679 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device class", status);
680
681 /* device type */
682 bt_property_t prop_name;
683 uint32_t remote_dev_type;
684 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_TYPE_OF_DEVICE, sizeof(uint32_t),
685 &remote_dev_type);
686 if (btif_storage_get_remote_device_property(&bdaddr, &prop_name) == BT_STATUS_SUCCESS) {
687 dev_type = remote_dev_type | device_type;
688 } else {
689 dev_type = device_type;
690 }
691
692 properties.push_back(bt_property_t{BT_PROPERTY_TYPE_OF_DEVICE, sizeof(dev_type), &dev_type});
693 status = btif_storage_set_remote_device_property(&bdaddr, &properties.back());
694 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device type", status);
695
696 GetInterfaceToProfiles()->events->invoke_remote_device_properties_cb(
697 status, bdaddr, properties.size(), properties.data());
698 }
699
700 /* If device is LE Audio capable, we prefer LE connection first, this speeds
701 * up LE profile connection, and limits all possible service discovery
702 * ordering issues (first Classic, GATT over SDP, etc) */
is_device_le_audio_capable(const RawAddress bd_addr)703 bool is_device_le_audio_capable(const RawAddress bd_addr) {
704 if (!GetInterfaceToProfiles()->profileSpecific_HACK->IsLeAudioClientRunning()) {
705 /* If LE Audio profile is not enabled, do nothing. */
706 return false;
707 }
708
709 if (!check_cod_le_audio(bd_addr) && !BTA_DmCheckLeAudioCapable(bd_addr)) {
710 /* LE Audio not present in CoD or in LE Advertisement, do nothing.*/
711 return false;
712 }
713
714 /* First try reading device type from BTIF - it persists over multiple
715 * inquiry sessions */
716 int dev_type = 0;
717 if (btif_get_device_type(bd_addr, &dev_type) &&
718 (dev_type & BT_DEVICE_TYPE_BLE) == BT_DEVICE_TYPE_BLE) {
719 /* LE Audio capable device is discoverable over both LE and Classic using
720 * same address. Prefer to use LE transport, as we don't know if it can do
721 * CTKD from Classic to LE */
722 return true;
723 }
724
725 tBT_DEVICE_TYPE tmp_dev_type;
726 tBLE_ADDR_TYPE addr_type = BLE_ADDR_PUBLIC;
727 get_btm_client_interface().peer.BTM_ReadDevInfo(bd_addr, &tmp_dev_type, &addr_type);
728 if (tmp_dev_type & BT_DEVICE_TYPE_BLE) {
729 /* LE Audio capable device is discoverable over both LE and Classic using
730 * same address. Prefer to use LE transport, as we don't know if it can do
731 * CTKD from Classic to LE */
732 return true;
733 }
734
735 return false;
736 }
737
738 /* use to check if device is LE Audio Capable during bonding */
is_le_audio_capable_during_service_discovery(const RawAddress & bd_addr)739 bool is_le_audio_capable_during_service_discovery(const RawAddress& bd_addr) {
740 if (!GetInterfaceToProfiles()->profileSpecific_HACK->IsLeAudioClientRunning()) {
741 /* If LE Audio profile is not enabled, do nothing. */
742 return false;
743 }
744
745 if (bd_addr != pairing_cb.bd_addr && bd_addr != pairing_cb.static_bdaddr) {
746 return false;
747 }
748
749 if (check_cod_le_audio(bd_addr) || metadata_cb.le_audio_cache.contains(bd_addr) ||
750 metadata_cb.le_audio_cache.contains(pairing_cb.bd_addr) ||
751 BTA_DmCheckLeAudioCapable(bd_addr)) {
752 return true;
753 }
754
755 return false;
756 }
757
758 /*******************************************************************************
759 *
760 * Function btif_dm_cb_create_bond
761 *
762 * Description Create bond initiated from the BTIF thread context
763 * Special handling for HID devices
764 *
765 * Returns void
766 *
767 ******************************************************************************/
btif_dm_cb_create_bond(const RawAddress bd_addr,tBT_TRANSPORT transport)768 static void btif_dm_cb_create_bond(const RawAddress bd_addr, tBT_TRANSPORT transport) {
769 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);
770
771 if (transport == BT_TRANSPORT_AUTO && is_device_le_audio_capable(bd_addr)) {
772 log::debug("LE Audio capable, forcing LE transport for Bonding");
773 transport = BT_TRANSPORT_LE;
774 }
775
776 int device_type = 0;
777 tBLE_ADDR_TYPE addr_type = BLE_ADDR_PUBLIC;
778 std::string addrstr = bd_addr.ToString();
779 const char* bdstr = addrstr.c_str();
780 if (transport == BT_TRANSPORT_LE) {
781 if (!btif_config_get_int(bdstr, BTIF_STORAGE_KEY_DEV_TYPE, &device_type)) {
782 btif_config_set_int(bdstr, BTIF_STORAGE_KEY_DEV_TYPE, BT_DEVICE_TYPE_BLE);
783 }
784 if (btif_storage_get_remote_addr_type(&bd_addr, &addr_type) != BT_STATUS_SUCCESS) {
785 // Try to read address type. OOB pairing might have set it earlier, but
786 // didn't store it, it defaults to BLE_ADDR_PUBLIC
787 uint8_t tmp_dev_type;
788 tBLE_ADDR_TYPE tmp_addr_type = BLE_ADDR_PUBLIC;
789 get_btm_client_interface().peer.BTM_ReadDevInfo(bd_addr, &tmp_dev_type, &tmp_addr_type);
790 addr_type = tmp_addr_type;
791
792 btif_storage_set_remote_addr_type(&bd_addr, addr_type);
793 }
794 }
795 if ((btif_config_get_int(bdstr, BTIF_STORAGE_KEY_DEV_TYPE, &device_type) &&
796 (btif_storage_get_remote_addr_type(&bd_addr, &addr_type) == BT_STATUS_SUCCESS) &&
797 (device_type & BT_DEVICE_TYPE_BLE) == BT_DEVICE_TYPE_BLE) ||
798 (transport == BT_TRANSPORT_LE)) {
799 BTA_DmAddBleDevice(bd_addr, addr_type, static_cast<tBT_DEVICE_TYPE>(device_type));
800 }
801
802 /* Track originator of bond creation */
803 pairing_cb.is_local_initiated = true;
804 bluetooth::os::LogMetricBluetoothEvent(
805 ToGdAddress(bd_addr), android::bluetooth::EventType::TRANSPORT,
806 transport == BT_TRANSPORT_LE ? android::bluetooth::State::LE
807 : android::bluetooth::State::CLASSIC);
808 BTA_DmBond(bd_addr, addr_type, transport, device_type);
809 }
810
811 /*******************************************************************************
812 *
813 * Function btif_dm_cb_create_bond_le
814 *
815 * Description Create bond initiated with le device from the BTIF thread
816 * context
817 *
818 * Returns void
819 *
820 ******************************************************************************/
btif_dm_cb_create_bond_le(const RawAddress bd_addr,tBLE_ADDR_TYPE addr_type)821 static void btif_dm_cb_create_bond_le(const RawAddress bd_addr, tBLE_ADDR_TYPE addr_type) {
822 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);
823 /* Handle only LE create bond with random address case */
824 BTA_DmAddBleDevice(bd_addr, addr_type, BT_DEVICE_TYPE_BLE);
825 BTA_DmBond(bd_addr, addr_type, BT_TRANSPORT_LE, BT_DEVICE_TYPE_BLE);
826 /* Track originator of bond creation */
827 pairing_cb.is_local_initiated = true;
828 }
829
830 /*******************************************************************************
831 *
832 * Function btif_dm_get_connection_state
833 *
834 * Description Returns whether the remote device is currently connected
835 * and whether encryption is active for the connection
836 *
837 * Returns 0 if not connected; 1 if connected and > 1 if connection is
838 * encrypted
839 *
840 ******************************************************************************/
btif_dm_get_connection_state(const RawAddress & bd_addr)841 uint16_t btif_dm_get_connection_state(const RawAddress& bd_addr) {
842 uint16_t rc = 0;
843 if (BTA_DmGetConnectionState(bd_addr)) {
844 rc = (uint16_t)true;
845 if (BTM_IsEncrypted(bd_addr, BT_TRANSPORT_BR_EDR)) {
846 rc |= ENCRYPTED_BREDR;
847 }
848 if (BTM_IsEncrypted(bd_addr, BT_TRANSPORT_LE)) {
849 rc |= ENCRYPTED_LE;
850 }
851 } else {
852 log::info("Acl is not connected to peer:{}", bd_addr);
853 }
854 return rc;
855 }
856
btif_dm_get_resolved_connection_state(tBLE_BD_ADDR ble_bd_addr)857 static uint16_t btif_dm_get_resolved_connection_state(tBLE_BD_ADDR ble_bd_addr) {
858 uint16_t rc = 0;
859 if (maybe_resolve_address(&ble_bd_addr.bda, &ble_bd_addr.type)) {
860 if (BTA_DmGetConnectionState(ble_bd_addr.bda)) {
861 rc = 0x0001;
862 if (BTM_IsEncrypted(ble_bd_addr.bda, BT_TRANSPORT_BR_EDR)) {
863 rc |= ENCRYPTED_BREDR;
864 }
865 if (BTM_IsEncrypted(ble_bd_addr.bda, BT_TRANSPORT_LE)) {
866 rc |= ENCRYPTED_LE;
867 }
868 }
869 }
870 return rc;
871 }
872
btif_dm_get_connection_state_sync(const RawAddress & bd_addr)873 uint16_t btif_dm_get_connection_state_sync(const RawAddress& bd_addr) {
874 std::promise<uint16_t> promise;
875 std::future future = promise.get_future();
876
877 auto status = do_in_main_thread(base::BindOnce(
878 [](const RawAddress bd_addr, std::promise<uint16_t> promise) {
879 // Experiment to try with maybe resolved address
880 uint16_t state = btif_dm_get_resolved_connection_state({
881 .type = BLE_ADDR_RANDOM,
882 .bda = bd_addr,
883 });
884 state |= btif_dm_get_connection_state(bd_addr);
885 promise.set_value(state);
886 },
887 bd_addr, std::move(promise)));
888 log::assert_that(BT_STATUS_SUCCESS == status, "assert failed: BT_STATUS_SUCCESS == status");
889 return future.get();
890 }
891
892 /******************************************************************************
893 *
894 * BTIF DM callback events
895 *
896 ****************************************************************************/
897
898 /*******************************************************************************
899 *
900 * Function btif_dm_pin_req_evt
901 *
902 * Description Executes pin request event in btif context
903 *
904 * Returns void
905 *
906 ******************************************************************************/
btif_dm_pin_req_evt(tBTA_DM_PIN_REQ * p_pin_req)907 static void btif_dm_pin_req_evt(tBTA_DM_PIN_REQ* p_pin_req) {
908 bt_bdname_t bd_name;
909 uint32_t cod;
910 bt_pin_code_t pin_code;
911 int dev_type;
912
913 /* Remote properties update */
914 if (get_btm_client_interface().peer.BTM_GetPeerDeviceTypeFromFeatures(p_pin_req->bd_addr) ==
915 BT_DEVICE_TYPE_DUMO) {
916 dev_type = BT_DEVICE_TYPE_DUMO;
917 } else if (!btif_get_device_type(p_pin_req->bd_addr, &dev_type)) {
918 // Failed to get device type, defaulting to BR/EDR.
919 dev_type = BT_DEVICE_TYPE_BREDR;
920 }
921 btif_update_remote_properties(p_pin_req->bd_addr, p_pin_req->bd_name, p_pin_req->dev_class,
922 (tBT_DEVICE_TYPE)dev_type);
923
924 const RawAddress& bd_addr = p_pin_req->bd_addr;
925 bd_name_copy(bd_name.name, p_pin_req->bd_name);
926
927 if (pairing_cb.state == BT_BOND_STATE_BONDING && bd_addr != pairing_cb.bd_addr) {
928 log::warn("already in bonding state, reject request");
929 return;
930 }
931
932 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);
933
934 cod = devclass2uint(p_pin_req->dev_class);
935
936 if (cod == 0) {
937 log::warn("cod is 0, set as unclassified");
938 cod = COD_UNCLASSIFIED;
939 }
940
941 /* check for auto pair possiblity only if bond was initiated by local device
942 */
943 if (pairing_cb.is_local_initiated && !p_pin_req->min_16_digit) {
944 if (check_cod(&bd_addr, COD_AV_HEADSETS) || check_cod(&bd_addr, COD_AV_HEADPHONES) ||
945 check_cod(&bd_addr, COD_AV_PORTABLE_AUDIO) || check_cod(&bd_addr, COD_AV_HIFI_AUDIO) ||
946 check_cod_hid_major(bd_addr, COD_HID_POINTING)) {
947 /* Check if this device can be auto paired */
948 if (!interop_match_addr(INTEROP_DISABLE_AUTO_PAIRING, &bd_addr) &&
949 !interop_match_name(INTEROP_DISABLE_AUTO_PAIRING, (const char*)bd_name.name) &&
950 (pairing_cb.autopair_attempts == 0)) {
951 log::debug("Attempting auto pair w/ IOP");
952 pin_code.pin[0] = 0x30;
953 pin_code.pin[1] = 0x30;
954 pin_code.pin[2] = 0x30;
955 pin_code.pin[3] = 0x30;
956
957 pairing_cb.autopair_attempts++;
958 BTA_DmPinReply(bd_addr, true, 4, pin_code.pin);
959 return;
960 }
961 } else if (check_cod_hid_major(bd_addr, COD_HID_KEYBOARD) ||
962 check_cod_hid_major(bd_addr, COD_HID_COMBO)) {
963 if ((interop_match_addr(INTEROP_KEYBOARD_REQUIRES_FIXED_PIN, &bd_addr) == true) &&
964 (pairing_cb.autopair_attempts == 0)) {
965 log::debug("Attempting auto pair w/ IOP");
966 pin_code.pin[0] = 0x30;
967 pin_code.pin[1] = 0x30;
968 pin_code.pin[2] = 0x30;
969 pin_code.pin[3] = 0x30;
970
971 pairing_cb.autopair_attempts++;
972 BTA_DmPinReply(bd_addr, true, 4, pin_code.pin);
973 return;
974 }
975 }
976 }
977 BTM_LogHistory(kBtmLogTagCallback, bd_addr, "Pin request",
978 base::StringPrintf("name:\"%s\" min16:%c",
979 PRIVATE_NAME(reinterpret_cast<char const*>(bd_name.name)),
980 (p_pin_req->min_16_digit) ? 'T' : 'F'));
981 GetInterfaceToProfiles()->events->invoke_pin_request_cb(bd_addr, bd_name, cod,
982 p_pin_req->min_16_digit);
983 }
984
985 /*******************************************************************************
986 *
987 * Function btif_dm_ssp_cfm_req_evt
988 *
989 * Description Executes SSP confirm request event in btif context
990 *
991 * Returns void
992 *
993 ******************************************************************************/
btif_dm_ssp_cfm_req_evt(tBTA_DM_SP_CFM_REQ * p_ssp_cfm_req)994 static void btif_dm_ssp_cfm_req_evt(tBTA_DM_SP_CFM_REQ* p_ssp_cfm_req) {
995 bool is_incoming = !(pairing_cb.state == BT_BOND_STATE_BONDING);
996 int dev_type;
997
998 log::info("addr:{}, CoD: {}, just_works:{}, loc_auth_req={}, rmt_auth_req={}",
999 p_ssp_cfm_req->bd_addr, dev_class_text(p_ssp_cfm_req->dev_class),
1000 p_ssp_cfm_req->just_works, p_ssp_cfm_req->loc_auth_req, p_ssp_cfm_req->rmt_auth_req);
1001 /* Remote properties update */
1002 if (get_btm_client_interface().peer.BTM_GetPeerDeviceTypeFromFeatures(p_ssp_cfm_req->bd_addr) ==
1003 BT_DEVICE_TYPE_DUMO) {
1004 dev_type = BT_DEVICE_TYPE_DUMO;
1005 } else if (!btif_get_device_type(p_ssp_cfm_req->bd_addr, &dev_type)) {
1006 // Failed to get device type, defaulting to BR/EDR.
1007 dev_type = BT_DEVICE_TYPE_BREDR;
1008 }
1009 btif_update_remote_properties(p_ssp_cfm_req->bd_addr, p_ssp_cfm_req->bd_name,
1010 p_ssp_cfm_req->dev_class, (tBT_DEVICE_TYPE)dev_type);
1011
1012 RawAddress bd_addr = p_ssp_cfm_req->bd_addr;
1013
1014 if (pairing_cb.state == BT_BOND_STATE_BONDING && bd_addr != pairing_cb.bd_addr) {
1015 log::warn("already in bonding state, reject request");
1016 btif_dm_ssp_reply(bd_addr, BT_SSP_VARIANT_PASSKEY_CONFIRMATION, 0);
1017 return;
1018 }
1019
1020 /* Set the pairing_cb based on the local & remote authentication requirements
1021 */
1022 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);
1023
1024 /* if just_works and bonding bit is not set treat this as temporary */
1025 if (p_ssp_cfm_req->just_works && !(p_ssp_cfm_req->loc_auth_req & BTM_AUTH_BONDS) &&
1026 !(p_ssp_cfm_req->rmt_auth_req & BTM_AUTH_BONDS) &&
1027 !(check_cod_hid_major(p_ssp_cfm_req->bd_addr, COD_HID_POINTING))) {
1028 pairing_cb.bond_type = BOND_TYPE_TEMPORARY;
1029 } else {
1030 pairing_cb.bond_type = BOND_TYPE_PERSISTENT;
1031 }
1032
1033 btm_set_bond_type_dev(p_ssp_cfm_req->bd_addr, pairing_cb.bond_type);
1034
1035 pairing_cb.is_ssp = true;
1036
1037 /* If JustWorks auto-accept */
1038 if (p_ssp_cfm_req->just_works) {
1039 /* Pairing consent for JustWorks NOT needed if:
1040 * Incoming temporary pairing is detected
1041 */
1042 if (is_incoming && pairing_cb.bond_type == BOND_TYPE_TEMPORARY) {
1043 log::debug("Auto-accept JustWorks incoming pairing for temporary bonding");
1044 btif_dm_ssp_reply(bd_addr, BT_SSP_VARIANT_CONSENT, true);
1045 return;
1046 }
1047 }
1048
1049 pairing_cb.sdp_attempts = 0;
1050 BTM_LogHistory(kBtmLogTagCallback, bd_addr, "Ssp request",
1051 base::StringPrintf("just_works:%c pin:%u", (p_ssp_cfm_req->just_works) ? 'T' : 'F',
1052 p_ssp_cfm_req->num_val));
1053 GetInterfaceToProfiles()->events->invoke_ssp_request_cb(
1054 bd_addr,
1055 (p_ssp_cfm_req->just_works ? BT_SSP_VARIANT_CONSENT
1056 : BT_SSP_VARIANT_PASSKEY_CONFIRMATION),
1057 p_ssp_cfm_req->num_val);
1058 }
1059
btif_dm_ssp_key_notif_evt(tBTA_DM_SP_KEY_NOTIF * p_ssp_key_notif)1060 static void btif_dm_ssp_key_notif_evt(tBTA_DM_SP_KEY_NOTIF* p_ssp_key_notif) {
1061 int dev_type;
1062
1063 log::verbose("addr:{}", p_ssp_key_notif->bd_addr);
1064
1065 /* Remote properties update */
1066 if (get_btm_client_interface().peer.BTM_GetPeerDeviceTypeFromFeatures(p_ssp_key_notif->bd_addr) ==
1067 BT_DEVICE_TYPE_DUMO) {
1068 dev_type = BT_DEVICE_TYPE_DUMO;
1069 } else if (!btif_get_device_type(p_ssp_key_notif->bd_addr, &dev_type)) {
1070 // Failed to get device type, defaulting to BR/EDR.
1071 dev_type = BT_DEVICE_TYPE_BREDR;
1072 }
1073 btif_update_remote_properties(p_ssp_key_notif->bd_addr, p_ssp_key_notif->bd_name,
1074 p_ssp_key_notif->dev_class, (tBT_DEVICE_TYPE)dev_type);
1075
1076 RawAddress bd_addr = p_ssp_key_notif->bd_addr;
1077
1078 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);
1079 pairing_cb.is_ssp = true;
1080
1081 BTM_LogHistory(kBtmLogTagCallback, bd_addr, "Ssp request",
1082 base::StringPrintf("passkey:%u", p_ssp_key_notif->passkey));
1083 GetInterfaceToProfiles()->events->invoke_ssp_request_cb(
1084 bd_addr, BT_SSP_VARIANT_PASSKEY_NOTIFICATION, p_ssp_key_notif->passkey);
1085 }
1086 /*******************************************************************************
1087 *
1088 * Function btif_dm_auth_cmpl_evt
1089 *
1090 * Description Executes authentication complete event in btif context
1091 *
1092 * Returns void
1093 *
1094 ******************************************************************************/
btif_dm_auth_cmpl_evt(tBTA_DM_AUTH_CMPL * p_auth_cmpl)1095 static void btif_dm_auth_cmpl_evt(tBTA_DM_AUTH_CMPL* p_auth_cmpl) {
1096 /* Save link key, if not temporary */
1097 bt_status_t status = BT_STATUS_FAIL;
1098 bt_bond_state_t state = BT_BOND_STATE_NONE;
1099 bool skip_sdp = false;
1100
1101 log::info("bond state={}, success={}, key_present={}", pairing_cb.state, p_auth_cmpl->success,
1102 p_auth_cmpl->key_present);
1103
1104 pairing_cb.fail_reason = p_auth_cmpl->fail_reason;
1105
1106 RawAddress bd_addr = p_auth_cmpl->bd_addr;
1107 tBLE_ADDR_TYPE addr_type = p_auth_cmpl->addr_type;
1108 if ((p_auth_cmpl->success) && (p_auth_cmpl->key_present)) {
1109 if ((p_auth_cmpl->key_type < HCI_LKEY_TYPE_DEBUG_COMB) ||
1110 (p_auth_cmpl->key_type == HCI_LKEY_TYPE_AUTH_COMB) ||
1111 (p_auth_cmpl->key_type == HCI_LKEY_TYPE_CHANGED_COMB) ||
1112 (p_auth_cmpl->key_type == HCI_LKEY_TYPE_AUTH_COMB_P_256) ||
1113 pairing_cb.bond_type == BOND_TYPE_PERSISTENT) {
1114 bt_status_t ret;
1115
1116 if (!bd_addr.IsEmpty()) {
1117 log::debug("Storing link key. key_type=0x{:x}, bond_type={}", p_auth_cmpl->key_type,
1118 pairing_cb.bond_type);
1119 ret = btif_storage_add_bonded_device(&bd_addr, p_auth_cmpl->key, p_auth_cmpl->key_type,
1120 pairing_cb.pin_code_len);
1121 } else {
1122 log::warn("bd_addr is empty");
1123 ret = BT_STATUS_PARM_INVALID;
1124 }
1125 ASSERTC(ret == BT_STATUS_SUCCESS, "storing link key failed", ret);
1126 } else {
1127 log::debug("Temporary key. Not storing. key_type=0x{:x}, bond_type={}", p_auth_cmpl->key_type,
1128 pairing_cb.bond_type);
1129 if (pairing_cb.bond_type == BOND_TYPE_TEMPORARY) {
1130 log::debug("sending BT_BOND_STATE_NONE for Temp pairing");
1131 btif_storage_remove_bonded_device(&bd_addr);
1132 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_NONE);
1133 return;
1134 }
1135 }
1136 }
1137
1138 if (p_auth_cmpl->success) {
1139 // save remote info to iot conf file
1140 btif_iot_update_remote_info(p_auth_cmpl, false, pairing_cb.is_ssp);
1141
1142 // We could have received a new link key without going through the pairing
1143 // flow. If so, we don't want to perform SDP or any other operations on the
1144 // authenticated device. Also, make sure that the link key is not derived
1145 // from secure LTK, because we will need to perform SDP in case of link key
1146 // derivation to allow bond state change notification for the BR/EDR
1147 // transport so that the subsequent BR/EDR connections to the remote can use
1148 // the derived link key.
1149 if (p_auth_cmpl->bd_addr != pairing_cb.bd_addr && (!pairing_cb.ble.is_penc_key_rcvd)) {
1150 log::warn("skipping SDP for unknown device {}", p_auth_cmpl->bd_addr);
1151 return;
1152 }
1153
1154 btif_storage_set_remote_addr_type(&bd_addr, p_auth_cmpl->addr_type);
1155
1156 int dev_type;
1157 if (get_btm_client_interface().peer.BTM_GetPeerDeviceTypeFromFeatures(bd_addr) ==
1158 BT_DEVICE_TYPE_DUMO) {
1159 dev_type = BT_DEVICE_TYPE_DUMO;
1160 } else {
1161 dev_type = p_auth_cmpl->dev_type;
1162 }
1163
1164 bool is_crosskey = false;
1165 if (pairing_cb.state == BT_BOND_STATE_BONDING && p_auth_cmpl->is_ctkd) {
1166 log::debug("bonding initiated due to cross key pairing");
1167 is_crosskey = true;
1168 }
1169
1170 if (!is_crosskey) {
1171 btif_update_remote_properties(p_auth_cmpl->bd_addr, p_auth_cmpl->bd_name, kDevClassEmpty,
1172 dev_type);
1173 }
1174
1175 pairing_cb.timeout_retries = 0;
1176 status = BT_STATUS_SUCCESS;
1177 state = BT_BOND_STATE_BONDED;
1178 bd_addr = p_auth_cmpl->bd_addr;
1179
1180 if (check_sdp_bl(&bd_addr) && check_cod_hid(bd_addr)) {
1181 log::warn("skip SDP");
1182 skip_sdp = true;
1183 }
1184 if (!pairing_cb.is_local_initiated && skip_sdp) {
1185 bond_state_changed(status, bd_addr, state);
1186
1187 log::warn("Incoming HID Connection");
1188 bt_property_t prop;
1189 Uuid uuid = Uuid::From16Bit(UUID_SERVCLASS_HUMAN_INTERFACE);
1190
1191 prop.type = BT_PROPERTY_UUIDS;
1192 prop.val = &uuid;
1193 prop.len = Uuid::kNumBytes128;
1194
1195 GetInterfaceToProfiles()->events->invoke_remote_device_properties_cb(BT_STATUS_SUCCESS,
1196 bd_addr, 1, &prop);
1197 } else {
1198 /* If bonded due to cross-key, save the static address too*/
1199 if (is_crosskey) {
1200 log::debug("bonding initiated due to cross key, adding static address");
1201 pairing_cb.static_bdaddr = bd_addr;
1202 }
1203 if (!is_crosskey || !(stack_config_get_interface()->get_pts_crosskey_sdp_disable())) {
1204 // Ensure inquiry is stopped before attempting service discovery
1205 btif_dm_cancel_discovery();
1206
1207 /* Trigger SDP on the device */
1208 pairing_cb.sdp_attempts = 1;
1209
1210 if (is_crosskey) {
1211 // If bonding occurred due to cross-key pairing, send address
1212 // consolidate callback
1213 BTM_LogHistory(
1214 kBtmLogTagCallback, bd_addr, "Consolidate",
1215 base::StringPrintf(" <=> %s", ADDRESS_TO_LOGGABLE_CSTR(pairing_cb.bd_addr)));
1216 GetInterfaceToProfiles()->events->invoke_address_consolidate_cb(pairing_cb.bd_addr,
1217 bd_addr);
1218 } else {
1219 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDED);
1220 }
1221
1222 if (pairing_cb.sdp_over_classic ==
1223 btif_dm_pairing_cb_t::ServiceDiscoveryState::NOT_STARTED) {
1224 log::info("scheduling SDP for {}", bd_addr);
1225 pairing_cb.sdp_over_classic = btif_dm_pairing_cb_t::ServiceDiscoveryState::SCHEDULED;
1226 btif_dm_get_remote_services(bd_addr, BT_TRANSPORT_BR_EDR);
1227 }
1228 }
1229 }
1230 // Do not call bond_state_changed_cb yet. Wait until remote service
1231 // discovery is complete
1232 } else {
1233 log::warn("Bonding failed with failure reason:{}",
1234 hci_reason_code_text(p_auth_cmpl->fail_reason));
1235 bool is_bonded_device_removed = false;
1236 // Map the HCI fail reason to bt status
1237 switch (p_auth_cmpl->fail_reason) {
1238 case HCI_ERR_PAGE_TIMEOUT:
1239 case HCI_ERR_LMP_RESPONSE_TIMEOUT:
1240 if (interop_match_addr(INTEROP_AUTO_RETRY_PAIRING, &bd_addr) &&
1241 pairing_cb.timeout_retries) {
1242 log::warn("Pairing timeout; retrying ({}) ...", pairing_cb.timeout_retries);
1243 --pairing_cb.timeout_retries;
1244 if (addr_type == BLE_ADDR_RANDOM) {
1245 btif_dm_cb_create_bond_le(bd_addr, addr_type);
1246 } else {
1247 btif_dm_cb_create_bond(bd_addr, BT_TRANSPORT_AUTO);
1248 }
1249 return;
1250 }
1251 FALLTHROUGH_INTENDED; /* FALLTHROUGH */
1252 case HCI_ERR_CONNECTION_TOUT:
1253 status = BT_STATUS_RMT_DEV_DOWN;
1254 break;
1255
1256 case HCI_ERR_PAIRING_NOT_ALLOWED:
1257 is_bonded_device_removed = false;
1258 status = BT_STATUS_AUTH_REJECTED;
1259 break;
1260
1261 /* map the auth failure codes, so we can retry pairing if necessary */
1262 case HCI_ERR_AUTH_FAILURE:
1263 case HCI_ERR_KEY_MISSING:
1264 is_bonded_device_removed = false;
1265 [[fallthrough]];
1266 case HCI_ERR_HOST_REJECT_SECURITY:
1267 case HCI_ERR_ENCRY_MODE_NOT_ACCEPTABLE:
1268 case HCI_ERR_UNIT_KEY_USED:
1269 case HCI_ERR_PAIRING_WITH_UNIT_KEY_NOT_SUPPORTED:
1270 case HCI_ERR_INSUFFCIENT_SECURITY:
1271 case HCI_ERR_PEER_USER:
1272 case HCI_ERR_UNSPECIFIED:
1273 log::warn("Authentication fail:{}", hci_reason_code_text(p_auth_cmpl->fail_reason));
1274 if (pairing_cb.autopair_attempts == 1) {
1275 /* Create the Bond once again */
1276 log::warn("auto pair failed. Reinitiate Bond");
1277 if (addr_type == BLE_ADDR_RANDOM) {
1278 btif_dm_cb_create_bond_le(bd_addr, addr_type);
1279 } else {
1280 btif_dm_cb_create_bond(bd_addr, BT_TRANSPORT_AUTO);
1281 }
1282 return;
1283 } else {
1284 /* if autopair attempts are more than 1, or not attempted */
1285 status = BT_STATUS_AUTH_FAILURE;
1286 }
1287 break;
1288
1289 default:
1290 status = BT_STATUS_UNHANDLED;
1291 }
1292 /* Special Handling for HID Devices */
1293 if (check_cod_hid_major(bd_addr, COD_HID_POINTING)) {
1294 /* Remove Device as bonded in nvram as authentication failed */
1295 log::verbose("removing hid pointing device from nvram");
1296 is_bonded_device_removed = false;
1297 }
1298 // Report bond state change to java only if we are bonding to a device or
1299 // a device is removed from the pairing list.
1300 if (pairing_cb.state == BT_BOND_STATE_BONDING || is_bonded_device_removed) {
1301 bond_state_changed(status, bd_addr, state);
1302 }
1303 }
1304 }
1305
1306 /******************************************************************************
1307 *
1308 * Function btif_dm_search_devices_evt
1309 *
1310 * Description Executes search devices callback events in btif context
1311 *
1312 * Returns void
1313 *
1314 *****************************************************************************/
btif_dm_search_devices_evt(tBTA_DM_SEARCH_EVT event,tBTA_DM_SEARCH * p_search_data)1315 static void btif_dm_search_devices_evt(tBTA_DM_SEARCH_EVT event, tBTA_DM_SEARCH* p_search_data) {
1316 log::verbose("event={}", dump_dm_search_event(event));
1317
1318 switch (event) {
1319 case BTA_DM_NAME_READ_EVT: {
1320 btif_on_name_read(p_search_data->name_res.bd_addr, HCI_SUCCESS,
1321 p_search_data->name_res.bd_name, true /* during_device_search */);
1322 } break;
1323
1324 case BTA_DM_INQ_RES_EVT: {
1325 RawAddress& bdaddr = p_search_data->inq_res.bd_addr;
1326
1327 // Do not update device properties of already bonded devices.
1328 if (com::android::bluetooth::flags::guard_bonded_device_properties() &&
1329 btm_sec_is_a_bonded_dev(bdaddr)) {
1330 log::debug("Ignore device properties from discovery results for the bonded device: {}",
1331 bdaddr);
1332
1333 bool restrict_report =
1334 osi_property_get_bool("bluetooth.restrict_discovered_device.enabled", false);
1335 if (restrict_report && p_search_data->inq_res.device_type == BT_DEVICE_TYPE_BLE &&
1336 !(p_search_data->inq_res.ble_evt_type & BTM_BLE_CONNECTABLE_MASK)) {
1337 log::debug("Ble device {} is not connectable", bdaddr);
1338 break;
1339 }
1340
1341 bt_property_t bt_property[] = {
1342 {BT_PROPERTY_BDADDR, sizeof(bdaddr), &bdaddr},
1343 {BT_PROPERTY_REMOTE_RSSI, sizeof(p_search_data->inq_res.rssi),
1344 &(p_search_data->inq_res.rssi)}};
1345 GetInterfaceToProfiles()->events->invoke_device_found_cb(ARRAY_SIZE(bt_property),
1346 bt_property);
1347 break;
1348 }
1349
1350 /* inquiry result */
1351 bt_bdname_t bdname;
1352 uint8_t remote_name_len = 0;
1353 uint8_t num_uuids = 0, max_num_uuid = 32;
1354 uint8_t uuid_list[32 * Uuid::kNumBytes16];
1355
1356 if (p_search_data->inq_res.inq_result_type != BT_DEVICE_TYPE_BLE) {
1357 p_search_data->inq_res.remt_name_not_required =
1358 check_eir_remote_name(p_search_data, NULL, NULL);
1359 }
1360
1361 log::verbose("addr:{} device_type=0x{:x}", bdaddr, p_search_data->inq_res.device_type);
1362 bdname.name[0] = 0;
1363
1364 if (!check_eir_remote_name(p_search_data, bdname.name, &remote_name_len)) {
1365 get_cached_remote_name(p_search_data->inq_res.bd_addr, &bdname, &remote_name_len);
1366 }
1367
1368 /* Check EIR for services */
1369 if (p_search_data->inq_res.p_eir) {
1370 if (!get_btm_client_interface().eir.BTM_GetEirUuidList(
1371 p_search_data->inq_res.p_eir, p_search_data->inq_res.eir_len, Uuid::kNumBytes16,
1372 &num_uuids, uuid_list, max_num_uuid)) {
1373 log::debug("Unable to find service uuids in EIR peer:{}", bdaddr);
1374 }
1375 }
1376
1377 {
1378 std::vector<bt_property_t> bt_properties;
1379 uint32_t dev_type;
1380 bt_status_t status;
1381 tBLE_ADDR_TYPE addr_type = BLE_ADDR_PUBLIC;
1382
1383 /* RawAddress */
1384 bt_properties.push_back(bt_property_t{BT_PROPERTY_BDADDR, sizeof(bdaddr), &bdaddr});
1385
1386 /* BD_NAME */
1387 /* Don't send BDNAME if it is empty */
1388 if (bdname.name[0]) {
1389 bt_properties.push_back(bt_property_t{
1390 BT_PROPERTY_BDNAME, static_cast<int>(strlen((char*)bdname.name)), &bdname});
1391 }
1392
1393 /* DEV_CLASS */
1394 uint32_t cod = devclass2uint(p_search_data->inq_res.dev_class);
1395
1396 if (cod != 0) {
1397 /* Use the existing class of device when the one reported from inquiry
1398 is unclassified. Inquiry results coming from BLE can have an
1399 inferred device class based on the service uuids or appearence. We
1400 don't want this to replace the existing value below when we call
1401 btif_storage_add_remote_device */
1402 uint32_t old_cod = get_cod(&bdaddr);
1403 if (cod == COD_UNCLASSIFIED && old_cod != 0) {
1404 cod = old_cod;
1405 }
1406
1407 if (old_cod != cod) {
1408 log::info("{} CoD: 0x{:06x} -> 0x{:06x}", bdaddr, old_cod, cod);
1409 }
1410 bt_properties.push_back(bt_property_t{BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod});
1411 }
1412
1413 log::verbose("clock_offset is 0x{:x}", p_search_data->inq_res.clock_offset);
1414 if (p_search_data->inq_res.clock_offset & BTM_CLOCK_OFFSET_VALID) {
1415 btif_set_device_clockoffset(bdaddr, (int)p_search_data->inq_res.clock_offset);
1416 }
1417
1418 /* DEV_TYPE */
1419 /* FixMe: Assumption is that bluetooth.h and BTE enums match */
1420
1421 /* Verify if the device is dual mode in NVRAM */
1422 int stored_device_type = 0;
1423 if (btif_get_device_type(bdaddr, &stored_device_type) &&
1424 ((stored_device_type != BT_DEVICE_TYPE_BREDR &&
1425 p_search_data->inq_res.device_type == BT_DEVICE_TYPE_BREDR) ||
1426 (stored_device_type != BT_DEVICE_TYPE_BLE &&
1427 p_search_data->inq_res.device_type == BT_DEVICE_TYPE_BLE))) {
1428 dev_type = (bt_device_type_t)BT_DEVICE_TYPE_DUMO;
1429 } else {
1430 dev_type = (bt_device_type_t)p_search_data->inq_res.device_type;
1431 }
1432
1433 if (p_search_data->inq_res.device_type == BT_DEVICE_TYPE_BLE) {
1434 addr_type = p_search_data->inq_res.ble_addr_type;
1435 }
1436 bt_properties.push_back(
1437 bt_property_t{BT_PROPERTY_TYPE_OF_DEVICE, sizeof(dev_type), &dev_type});
1438 /* RSSI */
1439 bt_properties.push_back(bt_property_t{BT_PROPERTY_REMOTE_RSSI, sizeof(int8_t),
1440 &(p_search_data->inq_res.rssi)});
1441
1442 /* CSIP supported device */
1443 bt_properties.push_back(bt_property_t{BT_PROPERTY_REMOTE_IS_COORDINATED_SET_MEMBER,
1444 sizeof(bool), &(p_search_data->inq_res.include_rsi)});
1445
1446 // The default negative value means ASHA capability not found.
1447 // A non-negative value represents ASHA capability information is valid.
1448 // Because ASHA's capability is 1 byte, so int16_t is large enough.
1449 int16_t asha_capability = -1;
1450
1451 // contains ASHA truncated HiSyncId if asha_capability is non-negative
1452 uint32_t asha_truncated_hi_sync_id = 0;
1453
1454 get_asha_service_data(p_search_data->inq_res, asha_capability, asha_truncated_hi_sync_id);
1455
1456 bt_properties.push_back(bt_property_t{BT_PROPERTY_REMOTE_ASHA_CAPABILITY, sizeof(int16_t),
1457 &asha_capability});
1458
1459 bt_properties.push_back(bt_property_t{BT_PROPERTY_REMOTE_ASHA_TRUNCATED_HISYNCID,
1460 sizeof(uint32_t), &asha_truncated_hi_sync_id});
1461
1462 // Floss expects that EIR uuids are immediately reported when the
1463 // device is found and doesn't wait for the pairing intent.
1464 //
1465 // If a subsequent SDP is completed, the new UUIDs should replace
1466 // the existing UUIDs.
1467 #if TARGET_FLOSS
1468 bool report_eir_uuids = true;
1469 #else
1470 bool report_eir_uuids = false;
1471 #endif
1472 // Scope needs to persist until `invoke_device_found_cb` below.
1473 std::vector<uint8_t> property_value;
1474 /* Cache EIR queried services */
1475 if (num_uuids > 0) {
1476 uint16_t* p_uuid16 = (uint16_t*)uuid_list;
1477 auto uuid_iter = eir_uuids_cache.find(bdaddr);
1478 if (uuid_iter == eir_uuids_cache.end()) {
1479 auto triple = eir_uuids_cache.try_emplace(bdaddr, std::set<Uuid>{});
1480 uuid_iter = std::get<0>(triple);
1481 }
1482 log::info("EIR UUIDs for {}:", bdaddr);
1483 for (int i = 0; i < num_uuids; ++i) {
1484 Uuid uuid = Uuid::From16Bit(p_uuid16[i]);
1485 log::info("{}", uuid.ToString());
1486 uuid_iter->second.insert(uuid);
1487 }
1488
1489 if (report_eir_uuids) {
1490 for (auto uuid : uuid_iter->second) {
1491 auto uuid_128bit = uuid.To128BitBE();
1492 property_value.insert(property_value.end(), uuid_128bit.begin(), uuid_128bit.end());
1493 }
1494
1495 bt_properties.push_back(
1496 bt_property_t{BT_PROPERTY_UUIDS,
1497 static_cast<int>(uuid_iter->second.size() * Uuid::kNumBytes128),
1498 (void*)property_value.data()});
1499 }
1500 }
1501
1502 // Floss needs appearance for metrics purposes
1503 uint16_t appearance = 0;
1504 if (check_eir_appearance(p_search_data, &appearance)) {
1505 bt_properties.push_back(
1506 bt_property_t{BT_PROPERTY_APPEARANCE, sizeof(appearance), &appearance});
1507 }
1508
1509 status =
1510 btif_storage_add_remote_device(&bdaddr, bt_properties.size(), bt_properties.data());
1511 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device (inquiry)", status);
1512 status = btif_storage_set_remote_addr_type(&bdaddr, addr_type);
1513 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote addr type (inquiry)", status);
1514
1515 bool restrict_report =
1516 osi_property_get_bool("bluetooth.restrict_discovered_device.enabled", false);
1517 if (restrict_report && p_search_data->inq_res.device_type == BT_DEVICE_TYPE_BLE &&
1518 !(p_search_data->inq_res.ble_evt_type & BTM_BLE_CONNECTABLE_MASK)) {
1519 log::debug("Ble device {} is not connectable", bdaddr);
1520 break;
1521 }
1522
1523 /* Callback to notify upper layer of device */
1524 GetInterfaceToProfiles()->events->invoke_device_found_cb(bt_properties.size(),
1525 bt_properties.data());
1526 }
1527 } break;
1528
1529 case BTA_DM_DISC_CMPL_EVT: {
1530 GetInterfaceToProfiles()->events->invoke_discovery_state_changed_cb(BT_DISCOVERY_STOPPED);
1531 } break;
1532 case BTA_DM_SEARCH_CANCEL_CMPL_EVT: {
1533 /* if inquiry is not in progress and we get a cancel event, then
1534 * it means we are done with inquiry, but remote_name fetches are in
1535 * progress
1536 *
1537 * if inquiry is in progress, then we don't want to act on this
1538 * cancel_cmpl_evt
1539 * but instead wait for the cancel_cmpl_evt via the Busy Level
1540 *
1541 */
1542 if (!btif_dm_inquiry_in_progress) {
1543 GetInterfaceToProfiles()->events->invoke_discovery_state_changed_cb(BT_DISCOVERY_STOPPED);
1544 }
1545 } break;
1546 default:
1547 log::warn("Unhandled event:{}", bta_dm_search_evt_text(event));
1548 break;
1549 }
1550 }
1551
1552 /* Returns true if |uuid| should be passed as device property */
btif_is_interesting_le_service(bluetooth::Uuid uuid)1553 static bool btif_is_interesting_le_service(bluetooth::Uuid uuid) {
1554 return uuid.As16Bit() == UUID_SERVCLASS_LE_HID || uuid == UUID_HEARING_AID || uuid == UUID_VC ||
1555 uuid == UUID_CSIS || uuid == UUID_LE_AUDIO || uuid == UUID_LE_MIDI || uuid == UUID_HAS ||
1556 uuid == UUID_BASS || uuid == UUID_BATTERY ||
1557 (com::android::bluetooth::flags::android_headtracker_service() &&
1558 uuid == ANDROID_HEADTRACKER_SERVICE_UUID);
1559 }
1560
btif_get_existing_uuids(RawAddress * bd_addr,Uuid * existing_uuids)1561 static bt_status_t btif_get_existing_uuids(RawAddress* bd_addr, Uuid* existing_uuids) {
1562 bt_property_t tmp_prop;
1563 BTIF_STORAGE_FILL_PROPERTY(&tmp_prop, BT_PROPERTY_UUIDS, sizeof(*existing_uuids), existing_uuids);
1564
1565 return btif_storage_get_remote_device_property(bd_addr, &tmp_prop);
1566 }
1567
btif_should_ignore_uuid(const Uuid & uuid)1568 static bool btif_should_ignore_uuid(const Uuid& uuid) { return uuid.IsEmpty() || uuid.IsBase(); }
1569
btif_is_gatt_service_discovery_post_pairing(const RawAddress bd_addr)1570 static bool btif_is_gatt_service_discovery_post_pairing(const RawAddress bd_addr) {
1571 return (bd_addr == pairing_cb.bd_addr || bd_addr == pairing_cb.static_bdaddr) &&
1572 (pairing_cb.gatt_over_le == btif_dm_pairing_cb_t::ServiceDiscoveryState::SCHEDULED);
1573 }
1574
btif_merge_existing_uuids(RawAddress & addr,std::set<Uuid> * uuids)1575 static void btif_merge_existing_uuids(RawAddress& addr, std::set<Uuid>* uuids) {
1576 Uuid existing_uuids[BT_MAX_NUM_UUIDS] = {};
1577 bt_status_t lookup_result = btif_get_existing_uuids(&addr, existing_uuids);
1578
1579 if (lookup_result == BT_STATUS_FAIL) {
1580 return;
1581 }
1582
1583 for (int i = 0; i < BT_MAX_NUM_UUIDS; i++) {
1584 Uuid uuid = existing_uuids[i];
1585 if (btif_should_ignore_uuid(uuid)) {
1586 continue;
1587 }
1588 if (btif_is_interesting_le_service(uuid)) {
1589 log::info("interesting le service {} insert", uuid.ToString());
1590 uuids->insert(uuid);
1591 }
1592 }
1593 }
1594
btif_on_service_discovery_results(RawAddress bd_addr,const std::vector<bluetooth::Uuid> & uuids_param,tBTA_STATUS result)1595 static void btif_on_service_discovery_results(RawAddress bd_addr,
1596 const std::vector<bluetooth::Uuid>& uuids_param,
1597 tBTA_STATUS result) {
1598 bt_property_t prop;
1599 std::vector<uint8_t> property_value;
1600 std::set<Uuid> uuids;
1601 bool a2dp_sink_capable = false;
1602
1603 bool results_for_bonding_device =
1604 (bd_addr == pairing_cb.bd_addr || bd_addr == pairing_cb.static_bdaddr);
1605
1606 if (results_for_bonding_device && result != BTA_SUCCESS &&
1607 pairing_cb.state == BT_BOND_STATE_BONDED &&
1608 pairing_cb.sdp_attempts < BTIF_DM_MAX_SDP_ATTEMPTS_AFTER_PAIRING) {
1609 if (pairing_cb.sdp_attempts) {
1610 log::warn("SDP failed after bonding re-attempting for {}", bd_addr);
1611 pairing_cb.sdp_attempts++;
1612 bluetooth::metrics::LogSDPComplete(bd_addr, result);
1613 btif_dm_get_remote_services(bd_addr, BT_TRANSPORT_BR_EDR);
1614 } else {
1615 log::warn("SDP triggered by someone failed when bonding");
1616 }
1617 return;
1618 }
1619
1620 if (results_for_bonding_device) {
1621 // success for SDP
1622 bluetooth::metrics::LogSDPComplete(bd_addr, tBTA_STATUS::BTA_SUCCESS);
1623 log::info("SDP finished for {}:", bd_addr);
1624 pairing_cb.sdp_over_classic = btif_dm_pairing_cb_t::ServiceDiscoveryState::FINISHED;
1625 }
1626
1627 prop.type = BT_PROPERTY_UUIDS;
1628 prop.len = 0;
1629 if ((result == BTA_SUCCESS) && !uuids_param.empty()) {
1630 log::info("New UUIDs for {}:", bd_addr);
1631 for (const auto& uuid : uuids_param) {
1632 if (btif_should_ignore_uuid(uuid)) {
1633 continue;
1634 }
1635 log::info("uuid:{}", uuid.ToString());
1636 uuids.insert(uuid);
1637 }
1638
1639 if (results_for_bonding_device) {
1640 btif_merge_existing_uuids(pairing_cb.static_bdaddr, &uuids);
1641 btif_merge_existing_uuids(pairing_cb.bd_addr, &uuids);
1642 } else {
1643 btif_merge_existing_uuids(bd_addr, &uuids);
1644 }
1645
1646 for (auto& uuid : uuids) {
1647 auto uuid_128bit = uuid.To128BitBE();
1648 property_value.insert(property_value.end(), uuid_128bit.begin(), uuid_128bit.end());
1649 if (uuid == UUID_A2DP_SINK) {
1650 a2dp_sink_capable = true;
1651 }
1652 }
1653 prop.val = (void*)property_value.data();
1654 prop.len = Uuid::kNumBytes128 * uuids.size();
1655 }
1656
1657 bool skip_reporting_wait_for_le = false;
1658 /* If we are doing service discovery for device that just bonded, that is
1659 * capable of a2dp, and both sides can do LE Audio, and it haven't
1660 * finished GATT over LE yet, then wait for LE service discovery to finish
1661 * before before passing services to upper layers. */
1662 if (results_for_bonding_device && a2dp_sink_capable &&
1663 pairing_cb.gatt_over_le != btif_dm_pairing_cb_t::ServiceDiscoveryState::FINISHED &&
1664 is_le_audio_capable_during_service_discovery(bd_addr)) {
1665 skip_reporting_wait_for_le = true;
1666 }
1667
1668 /* onUuidChanged requires getBondedDevices to be populated.
1669 ** bond_state_changed needs to be sent prior to remote_device_property
1670 */
1671 size_t num_eir_uuids = 0U;
1672 Uuid uuid = {};
1673 if (results_for_bonding_device && pairing_cb.state == BT_BOND_STATE_BONDED &&
1674 pairing_cb.sdp_attempts) {
1675 log::info("SDP search done for {}", bd_addr);
1676 pairing_cb.sdp_attempts = 0;
1677
1678 // Send UUIDs discovered through EIR to Java to unblock pairing intent
1679 // when SDP failed
1680 if (result != BTA_SUCCESS) {
1681 auto uuids_iter = eir_uuids_cache.find(bd_addr);
1682 if (uuids_iter != eir_uuids_cache.end()) {
1683 num_eir_uuids = uuids_iter->second.size();
1684 log::info("SDP failed, send {} EIR UUIDs to unblock bonding {}", num_eir_uuids, bd_addr);
1685 for (auto eir_uuid : uuids_iter->second) {
1686 auto uuid_128bit = eir_uuid.To128BitBE();
1687 property_value.insert(property_value.end(), uuid_128bit.begin(), uuid_128bit.end());
1688 }
1689 eir_uuids_cache.erase(uuids_iter);
1690 }
1691 if (num_eir_uuids > 0) {
1692 prop.val = (void*)property_value.data();
1693 prop.len = num_eir_uuids * Uuid::kNumBytes128;
1694 } else {
1695 log::warn("SDP failed and we have no EIR UUIDs to report either");
1696 prop.val = &uuid;
1697 prop.len = Uuid::kNumBytes128;
1698 }
1699 }
1700
1701 if (!skip_reporting_wait_for_le) {
1702 // Both SDP and bonding are done, clear pairing control block in case
1703 // it is not already cleared
1704 pairing_cb = {};
1705 log::debug("clearing btif pairing_cb");
1706 }
1707 }
1708
1709 const tBTA_STATUS bta_status = result;
1710 BTM_LogHistory(kBtmLogTagSdp, bd_addr, "Discovered services",
1711 base::StringPrintf("bta_status:%s sdp_uuids:%zu eir_uuids:%zu",
1712 bta_status_text(bta_status).c_str(), uuids_param.size(),
1713 num_eir_uuids));
1714
1715 if (!uuids_param.empty() || num_eir_uuids != 0) {
1716 /* Also write this to the NVRAM */
1717 const bt_status_t ret = btif_storage_set_remote_device_property(&bd_addr, &prop);
1718 ASSERTC(ret == BT_STATUS_SUCCESS, "storing remote services failed", ret);
1719
1720 if (skip_reporting_wait_for_le) {
1721 log::info(
1722 "Bonding LE Audio sink - must wait for le services discovery to pass "
1723 "all services to java {}",
1724 bd_addr);
1725 /* For LE Audio capable devices, we care more about passing GATT LE
1726 * services than about just finishing pairing. Service discovery
1727 * should be scheduled when LE pairing finishes, by call to
1728 * btif_dm_get_remote_services(bd_addr, BT_TRANSPORT_LE) */
1729 return;
1730 }
1731
1732 /* Send the event to the BTIF */
1733 GetInterfaceToProfiles()->events->invoke_remote_device_properties_cb(BT_STATUS_SUCCESS, bd_addr,
1734 1, &prop);
1735 }
1736 }
1737
btif_on_gatt_results(RawAddress bd_addr,std::vector<bluetooth::Uuid> & services,bool is_transport_le)1738 static void btif_on_gatt_results(RawAddress bd_addr, std::vector<bluetooth::Uuid>& services,
1739 bool is_transport_le) {
1740 std::vector<bt_property_t> prop;
1741 std::vector<uint8_t> property_value;
1742 std::set<Uuid> uuids;
1743 RawAddress static_addr_copy = pairing_cb.static_bdaddr;
1744 bool lea_supported = is_le_audio_capable_during_service_discovery(bd_addr);
1745
1746 if (is_transport_le) {
1747 log::info("New GATT over LE UUIDs for {}:", bd_addr);
1748 BTM_LogHistory(kBtmLogTag, bd_addr, "Discovered GATT services using LE transport");
1749 if (btif_is_gatt_service_discovery_post_pairing(bd_addr)) {
1750 pairing_cb.gatt_over_le = btif_dm_pairing_cb_t::ServiceDiscoveryState::FINISHED;
1751
1752 if (pairing_cb.sdp_over_classic != btif_dm_pairing_cb_t::ServiceDiscoveryState::SCHEDULED) {
1753 // Both SDP and bonding are either done, or not scheduled,
1754 // we are safe to clear the service discovery part of CB.
1755 log::debug("clearing pairing_cb");
1756 pairing_cb = {};
1757 }
1758
1759 if (lea_supported) {
1760 /* LE Audio profile should relax parameters when it connects. If
1761 * profile is not enabled, relax parameters after timeout. */
1762 log::debug("Scheduling conn params unlock for {}", bd_addr);
1763 do_in_main_thread_delayed(
1764 base::BindOnce(
1765 [](RawAddress bd_addr) {
1766 stack::l2cap::get_interface().L2CA_LockBleConnParamsForProfileConnection(
1767 bd_addr, false);
1768 },
1769 bd_addr),
1770 std::chrono::seconds(15));
1771 }
1772 }
1773 } else {
1774 log::debug("New GATT over SDP UUIDs for {}:", bd_addr);
1775 BTM_LogHistory(kBtmLogTag, bd_addr, "Discovered GATT services using SDP transport");
1776 }
1777
1778 for (Uuid uuid : services) {
1779 if (btif_is_interesting_le_service(uuid)) {
1780 if (btif_should_ignore_uuid(uuid)) {
1781 continue;
1782 }
1783 log::info("index:{} uuid:{}", static_cast<int>(uuids.size()), uuid.ToString());
1784 uuids.insert(uuid);
1785 }
1786 }
1787
1788 if (uuids.empty()) {
1789 log::info("No well known GATT services discovered");
1790
1791 /* If services were returned as part of SDP discovery, we will
1792 * immediately send them with rest of SDP results in
1793 * on_service_discovery_results
1794 */
1795 if (!is_transport_le) {
1796 return;
1797 }
1798
1799 if (!lea_supported) {
1800 log::info("LE audio not supported, no need to report any UUIDs");
1801 return;
1802 }
1803 log::info("Will return Classic SDP results, if done, to unblock bonding");
1804 }
1805
1806 Uuid existing_uuids[BT_MAX_NUM_UUIDS] = {};
1807
1808 // Look up UUIDs using pseudo address (either RPA or static address)
1809 bt_status_t existing_lookup_result = btif_get_existing_uuids(&bd_addr, existing_uuids);
1810
1811 if (existing_lookup_result != BT_STATUS_FAIL) {
1812 log::info("Got some existing UUIDs by address {}", bd_addr);
1813
1814 for (int i = 0; i < BT_MAX_NUM_UUIDS; i++) {
1815 Uuid uuid = existing_uuids[i];
1816 if (uuid.IsEmpty()) {
1817 continue;
1818 }
1819 uuids.insert(uuid);
1820 }
1821 }
1822
1823 if (bd_addr != static_addr_copy) {
1824 // Look up UUID using static address, if different than sudo address
1825 existing_lookup_result = btif_get_existing_uuids(&static_addr_copy, existing_uuids);
1826 if (existing_lookup_result != BT_STATUS_FAIL) {
1827 log::info("Got some existing UUIDs by static address {}", static_addr_copy);
1828 for (int i = 0; i < BT_MAX_NUM_UUIDS; i++) {
1829 Uuid uuid = existing_uuids[i];
1830 if (uuid.IsEmpty()) {
1831 continue;
1832 }
1833 uuids.insert(uuid);
1834 }
1835 }
1836 }
1837
1838 for (auto& uuid : uuids) {
1839 auto uuid_128bit = uuid.To128BitBE();
1840 property_value.insert(property_value.end(), uuid_128bit.begin(), uuid_128bit.end());
1841 }
1842
1843 prop.push_back(bt_property_t{BT_PROPERTY_UUIDS,
1844 static_cast<int>(Uuid::kNumBytes128 * uuids.size()),
1845 (void*)property_value.data()});
1846
1847 /* Also write this to the NVRAM */
1848 bt_status_t ret = btif_storage_set_remote_device_property(&bd_addr, &prop[0]);
1849 ASSERTC(ret == BT_STATUS_SUCCESS, "storing remote services failed", ret);
1850
1851 if (!is_transport_le) {
1852 /* If services were returned as part of SDP discovery, we will immediately
1853 * send them with rest of SDP results in on_service_discovery_results */
1854 return;
1855 } else {
1856 if (pairing_cb.sdp_over_classic == btif_dm_pairing_cb_t::ServiceDiscoveryState::SCHEDULED &&
1857 com::android::bluetooth::flags::bta_dm_discover_both()) {
1858 /* Don't report services yet, they will be reported together once SDP
1859 * finishes. */
1860 log::info("will report services later, with SDP results {}", bd_addr);
1861 return;
1862 }
1863 }
1864
1865 /* Send the event to the BTIF */
1866 GetInterfaceToProfiles()->events->invoke_remote_device_properties_cb(BT_STATUS_SUCCESS, bd_addr,
1867 prop.size(), prop.data());
1868 }
1869
btif_on_name_read(RawAddress bd_addr,tHCI_ERROR_CODE hci_status,const BD_NAME bd_name,bool during_device_search)1870 static void btif_on_name_read(RawAddress bd_addr, tHCI_ERROR_CODE hci_status, const BD_NAME bd_name,
1871 bool during_device_search) {
1872 if (hci_status != HCI_SUCCESS) {
1873 log::warn("Received RNR event with bad status addr:{} hci_status:{}", bd_addr,
1874 hci_error_code_text(hci_status));
1875 return;
1876 }
1877 if (bd_name[0] == '\0') {
1878 log::warn("Received RNR event without valid name addr:{}", bd_addr);
1879 return;
1880 }
1881
1882 // Needs 3 properties if during_device_search is true
1883 std::vector<bt_property_t> properties;
1884
1885 properties.push_back(bt_property_t{BT_PROPERTY_BDNAME,
1886 static_cast<int>(strnlen((char*)bd_name, BD_NAME_LEN)),
1887 (void*)(bd_name)});
1888
1889 const bt_status_t status = btif_storage_set_remote_device_property(&bd_addr, properties.data());
1890 log::assert_that(status == BT_STATUS_SUCCESS, "Failed to save remote device property status:{}",
1891 bt_status_text(status));
1892 GetInterfaceToProfiles()->events->invoke_remote_device_properties_cb(
1893 status, bd_addr, properties.size(), properties.data());
1894 log::info("Callback for read name event addr:{} name:{}", bd_addr,
1895 PRIVATE_NAME(reinterpret_cast<char const*>(bd_name)));
1896
1897 if (!during_device_search) {
1898 return;
1899 }
1900
1901 uint32_t cod = get_cod(&bd_addr);
1902 if (cod != 0) {
1903 properties.push_back(bt_property_t{BT_PROPERTY_BDADDR, sizeof(bd_addr), &bd_addr});
1904 properties.push_back(bt_property_t{BT_PROPERTY_CLASS_OF_DEVICE, sizeof(uint32_t), &cod});
1905 log::debug("report new device to JNI");
1906 GetInterfaceToProfiles()->events->invoke_device_found_cb(properties.size(), properties.data());
1907 } else {
1908 log::info("Skipping device found callback because cod is zero addr:{} name:{}", bd_addr,
1909 PRIVATE_NAME(reinterpret_cast<char const*>(bd_name)));
1910 }
1911 }
1912
btif_on_name_read_from_btm(const RawAddress & bd_addr,DEV_CLASS,BD_NAME bd_name)1913 static void btif_on_name_read_from_btm(const RawAddress& bd_addr, DEV_CLASS /* dc */,
1914 BD_NAME bd_name) {
1915 log::info("{} {}", bd_addr, reinterpret_cast<char const*>(bd_name));
1916 btif_on_name_read(bd_addr, HCI_SUCCESS, bd_name, false /* during_device_search */);
1917 }
1918
btif_on_did_received(RawAddress bd_addr,uint8_t vendor_id_src,uint16_t vendor_id,uint16_t product_id,uint16_t version)1919 static void btif_on_did_received(RawAddress bd_addr, uint8_t vendor_id_src, uint16_t vendor_id,
1920 uint16_t product_id, uint16_t version) {
1921 bt_vendor_product_info_t vp_info{
1922 .vendor_id_src = vendor_id_src,
1923 .vendor_id = vendor_id,
1924 .product_id = product_id,
1925 .version = version,
1926 };
1927
1928 bt_property_t prop_did{
1929 .type = BT_PROPERTY_VENDOR_PRODUCT_INFO,
1930 .len = sizeof(vp_info),
1931 .val = &vp_info,
1932 };
1933
1934 bt_status_t ret = btif_storage_set_remote_device_property(&bd_addr, &prop_did);
1935 ASSERTC(ret == BT_STATUS_SUCCESS, "storing remote services failed", ret);
1936
1937 /* Send the event to the BTIF */
1938 GetInterfaceToProfiles()->events->invoke_remote_device_properties_cb(BT_STATUS_SUCCESS, bd_addr,
1939 1, &prop_did);
1940 }
1941
BTIF_dm_report_inquiry_status_change(tBTM_INQUIRY_STATE status)1942 void BTIF_dm_report_inquiry_status_change(tBTM_INQUIRY_STATE status) {
1943 btif_dm_inquiry_in_progress = (status == tBTM_INQUIRY_STATE::BTM_INQUIRY_STARTED);
1944
1945 if (status == tBTM_INQUIRY_STATE::BTM_INQUIRY_STARTED) {
1946 GetInterfaceToProfiles()->events->invoke_discovery_state_changed_cb(BT_DISCOVERY_STARTED);
1947 } else if (status == tBTM_INQUIRY_STATE::BTM_INQUIRY_CANCELLED) {
1948 GetInterfaceToProfiles()->events->invoke_discovery_state_changed_cb(BT_DISCOVERY_STOPPED);
1949 }
1950 }
1951
BTIF_dm_enable()1952 void BTIF_dm_enable() {
1953 if (com::android::bluetooth::flags::guest_mode_bond()) {
1954 btif_storage_prune_devices();
1955 }
1956
1957 BD_NAME bdname;
1958 bt_status_t status;
1959 bt_property_t prop;
1960 prop.type = BT_PROPERTY_BDNAME;
1961 prop.len = BD_NAME_LEN;
1962 prop.val = (void*)bdname;
1963
1964 status = btif_storage_get_adapter_property(&prop);
1965 if (status == BT_STATUS_SUCCESS) {
1966 /* A name exists in the storage. Make this the device name */
1967 BTA_DmSetDeviceName((const char*)prop.val);
1968 } else {
1969 /* Storage does not have a name yet.
1970 * Use the default name and write it to the chip
1971 */
1972 BTA_DmSetDeviceName(btif_get_default_local_name());
1973 }
1974
1975 /* Enable or disable local privacy */
1976 bool ble_privacy_enabled = osi_property_get_bool(PROPERTY_BLE_PRIVACY_ENABLED, /*default=*/true);
1977
1978 log::info("Local BLE Privacy enabled:{}", ble_privacy_enabled);
1979 BTA_DmBleConfigLocalPrivacy(ble_privacy_enabled);
1980
1981 get_stack_rnr_interface().BTM_SecAddRmtNameNotifyCallback(btif_on_name_read_from_btm);
1982
1983 /* for each of the enabled services in the mask, trigger the profile
1984 * enable */
1985 tBTA_SERVICE_MASK service_mask = btif_get_enabled_services_mask();
1986 for (uint32_t i = 0; i <= BTA_MAX_SERVICE_ID; i++) {
1987 if (service_mask & (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(i))) {
1988 btif_in_execute_service_request(i, true);
1989 }
1990 }
1991 /* clear control blocks */
1992 pairing_cb = {};
1993 pairing_cb.bond_type = BOND_TYPE_PERSISTENT;
1994
1995 /* Bluetooth Core Specification version 5.4
1996 * 7.8.5 LE Set Advertising Parameters command
1997 * 7.8.53 LE Set Extended Advertising Parameters command
1998 * 7.8.64 LE Set Extended Scan Parameters command
1999 * 7.8.12 LE Create Connection command
2000 * 7.8.66 LE Extended Create Connection command
2001 * Set all-zero set to resolving list to make controller generate RPA for
2002 * un-direct (broadcast) advertising RPA */
2003 if (bluetooth::shim::GetController()->IsRpaGenerationSupported()) {
2004 log::info("Support RPA offload, set all-zero set in resolving list");
2005 tBLE_BD_ADDR all_zero_address_with_type = {0};
2006 const Octet16 all_zero_peer_irk = {0};
2007 bluetooth::shim::ACL_AddToAddressResolution(all_zero_address_with_type, all_zero_peer_irk,
2008 ble_local_key_cb.id_keys.irk);
2009 }
2010
2011 // Enable address consolidation.
2012 btif_storage_load_le_devices();
2013
2014 /* This function will also trigger the adapter_properties_cb
2015 ** and bonded_devices_info_cb
2016 */
2017 btif_storage_load_bonded_devices();
2018 bluetooth::bqr::EnableBtQualityReport(get_main());
2019 btif_enable_bluetooth_evt();
2020 }
2021
BTIF_dm_disable()2022 void BTIF_dm_disable() {
2023 get_stack_rnr_interface().BTM_SecDeleteRmtNameNotifyCallback(&btif_on_name_read_from_btm);
2024
2025 /* for each of the enabled services in the mask, trigger the profile
2026 * disable */
2027 tBTA_SERVICE_MASK service_mask = btif_get_enabled_services_mask();
2028 for (uint32_t i = 0; i <= BTA_MAX_SERVICE_ID; i++) {
2029 if (service_mask & (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(i))) {
2030 btif_in_execute_service_request(i, false);
2031 }
2032 }
2033 bluetooth::bqr::DisableBtQualityReport();
2034 log::info("Stack device manager shutdown finished");
2035 future_ready(stack_manager_get_hack_future(), FUTURE_SUCCESS);
2036 }
2037
2038 /*******************************************************************************
2039 *
2040 * Function btif_dm_sec_evt
2041 *
2042 * Description Executes security related events
2043 *
2044 * Returns void
2045 *
2046 ******************************************************************************/
btif_dm_sec_evt(tBTA_DM_SEC_EVT event,tBTA_DM_SEC * p_data)2047 void btif_dm_sec_evt(tBTA_DM_SEC_EVT event, tBTA_DM_SEC* p_data) {
2048 RawAddress bd_addr;
2049
2050 log::verbose("ev:{}", dump_dm_event(event));
2051
2052 switch (event) {
2053 case BTA_DM_PIN_REQ_EVT:
2054 btif_dm_pin_req_evt(&p_data->pin_req);
2055 break;
2056
2057 case BTA_DM_AUTH_CMPL_EVT:
2058 btif_dm_auth_cmpl_evt(&p_data->auth_cmpl);
2059 break;
2060
2061 case BTA_DM_BOND_CANCEL_CMPL_EVT:
2062 if (is_bonding_or_sdp()) {
2063 bd_addr = pairing_cb.bd_addr;
2064 btm_set_bond_type_dev(pairing_cb.bd_addr, BOND_TYPE_UNKNOWN);
2065 bond_state_changed((bt_status_t)p_data->bond_cancel_cmpl.result, bd_addr,
2066 BT_BOND_STATE_NONE);
2067 }
2068 break;
2069
2070 case BTA_DM_SP_CFM_REQ_EVT:
2071 btif_dm_ssp_cfm_req_evt(&p_data->cfm_req);
2072 break;
2073 case BTA_DM_SP_KEY_NOTIF_EVT:
2074 btif_dm_ssp_key_notif_evt(&p_data->key_notif);
2075 break;
2076
2077 case BTA_DM_DEV_UNPAIRED_EVT:
2078 bd_addr = p_data->dev_unpair.bd_addr;
2079 btm_set_bond_type_dev(p_data->dev_unpair.bd_addr, BOND_TYPE_UNKNOWN);
2080
2081 GetInterfaceToProfiles()->removeDeviceFromProfiles(bd_addr);
2082 btif_storage_remove_bonded_device(&bd_addr);
2083 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_NONE);
2084 break;
2085
2086 case BTA_DM_BLE_KEY_EVT:
2087 log::verbose("BTA_DM_BLE_KEY_EVT key_type=0x{:02x}", p_data->ble_key.key_type);
2088
2089 /* If this pairing is by-product of local initiated GATT client Read or
2090 Write,
2091 BTA would not have sent BTA_DM_BLE_SEC_REQ_EVT event and Bond state would
2092 not
2093 have setup properly. Setup pairing_cb and notify App about Bonding state
2094 now*/
2095 if (pairing_cb.state != BT_BOND_STATE_BONDING) {
2096 log::verbose("Bond state not sent to App so far.Notify the app now");
2097 bond_state_changed(BT_STATUS_SUCCESS, p_data->ble_key.bd_addr, BT_BOND_STATE_BONDING);
2098 } else if (pairing_cb.bd_addr != p_data->ble_key.bd_addr) {
2099 log::error("BD mismatch discard BLE key_type={}", p_data->ble_key.key_type);
2100 break;
2101 }
2102
2103 switch (p_data->ble_key.key_type) {
2104 case BTM_LE_KEY_PENC:
2105 log::verbose("Rcv BTM_LE_KEY_PENC");
2106 pairing_cb.ble.is_penc_key_rcvd = true;
2107 pairing_cb.ble.penc_key = p_data->ble_key.p_key_value->penc_key;
2108 break;
2109
2110 case BTM_LE_KEY_PID:
2111 log::verbose("Rcv BTM_LE_KEY_PID");
2112 pairing_cb.ble.is_pid_key_rcvd = true;
2113 pairing_cb.ble.pid_key = p_data->ble_key.p_key_value->pid_key;
2114 break;
2115
2116 case BTM_LE_KEY_PCSRK:
2117 log::verbose("Rcv BTM_LE_KEY_PCSRK");
2118 pairing_cb.ble.is_pcsrk_key_rcvd = true;
2119 pairing_cb.ble.pcsrk_key = p_data->ble_key.p_key_value->pcsrk_key;
2120 break;
2121
2122 case BTM_LE_KEY_LENC:
2123 log::verbose("Rcv BTM_LE_KEY_LENC");
2124 pairing_cb.ble.is_lenc_key_rcvd = true;
2125 pairing_cb.ble.lenc_key = p_data->ble_key.p_key_value->lenc_key;
2126 break;
2127
2128 case BTM_LE_KEY_LCSRK:
2129 log::verbose("Rcv BTM_LE_KEY_LCSRK");
2130 pairing_cb.ble.is_lcsrk_key_rcvd = true;
2131 pairing_cb.ble.lcsrk_key = p_data->ble_key.p_key_value->lcsrk_key;
2132 break;
2133
2134 case BTM_LE_KEY_LID:
2135 log::verbose("Rcv BTM_LE_KEY_LID");
2136 pairing_cb.ble.is_lidk_key_rcvd = true;
2137 break;
2138
2139 default:
2140 log::error("unknown BLE key type (0x{:02x})", p_data->ble_key.key_type);
2141 break;
2142 }
2143 break;
2144 case BTA_DM_BLE_CONSENT_REQ_EVT:
2145 log::verbose("BTA_DM_BLE_CONSENT_REQ_EVT");
2146 btif_dm_ble_sec_req_evt(&p_data->ble_req, true);
2147 break;
2148 case BTA_DM_BLE_SEC_REQ_EVT:
2149 log::verbose("BTA_DM_BLE_SEC_REQ_EVT");
2150 btif_dm_ble_sec_req_evt(&p_data->ble_req, false);
2151 break;
2152 case BTA_DM_BLE_PASSKEY_NOTIF_EVT:
2153 log::verbose("BTA_DM_BLE_PASSKEY_NOTIF_EVT");
2154 btif_dm_ble_passkey_notif_evt(&p_data->key_notif);
2155 break;
2156 case BTA_DM_BLE_PASSKEY_REQ_EVT:
2157 log::verbose("BTA_DM_BLE_PASSKEY_REQ_EVT");
2158 btif_dm_ble_passkey_req_evt(&p_data->pin_req);
2159 break;
2160 case BTA_DM_BLE_NC_REQ_EVT:
2161 log::verbose("BTA_DM_BLE_PASSKEY_REQ_EVT");
2162 btif_dm_ble_key_nc_req_evt(&p_data->key_notif);
2163 break;
2164 case BTA_DM_BLE_OOB_REQ_EVT:
2165 log::verbose("BTA_DM_BLE_OOB_REQ_EVT");
2166 btif_dm_ble_oob_req_evt(&p_data->rmt_oob);
2167 break;
2168 case BTA_DM_BLE_SC_OOB_REQ_EVT:
2169 log::verbose("BTA_DM_BLE_SC_OOB_REQ_EVT");
2170 btif_dm_ble_sc_oob_req_evt(&p_data->rmt_oob);
2171 break;
2172 case BTA_DM_BLE_SC_CR_LOC_OOB_EVT:
2173 log::verbose("BTA_DM_BLE_SC_CR_LOC_OOB_EVT");
2174 btif_dm_proc_loc_oob(BT_TRANSPORT_LE, true, p_data->local_oob_data.local_oob_c,
2175 p_data->local_oob_data.local_oob_r);
2176 break;
2177
2178 case BTA_DM_BLE_LOCAL_IR_EVT:
2179 log::verbose("BTA_DM_BLE_LOCAL_IR_EVT");
2180 ble_local_key_cb.is_id_keys_rcvd = true;
2181 ble_local_key_cb.id_keys.irk = p_data->ble_id_keys.irk;
2182 ble_local_key_cb.id_keys.ir = p_data->ble_id_keys.ir;
2183 ble_local_key_cb.id_keys.dhk = p_data->ble_id_keys.dhk;
2184 btif_storage_add_ble_local_key(ble_local_key_cb.id_keys.irk, BTIF_DM_LE_LOCAL_KEY_IRK);
2185 btif_storage_add_ble_local_key(ble_local_key_cb.id_keys.ir, BTIF_DM_LE_LOCAL_KEY_IR);
2186 btif_storage_add_ble_local_key(ble_local_key_cb.id_keys.dhk, BTIF_DM_LE_LOCAL_KEY_DHK);
2187 break;
2188 case BTA_DM_BLE_LOCAL_ER_EVT:
2189 log::verbose("BTA_DM_BLE_LOCAL_ER_EVT");
2190 ble_local_key_cb.is_er_rcvd = true;
2191 ble_local_key_cb.er = p_data->ble_er;
2192 btif_storage_add_ble_local_key(ble_local_key_cb.er, BTIF_DM_LE_LOCAL_KEY_ER);
2193 break;
2194
2195 case BTA_DM_BLE_AUTH_CMPL_EVT:
2196 log::verbose("BTA_DM_BLE_AUTH_CMPL_EVT");
2197 btif_dm_ble_auth_cmpl_evt(&p_data->auth_cmpl);
2198 break;
2199
2200 case BTA_DM_LE_ADDR_ASSOC_EVT:
2201 GetInterfaceToProfiles()->events->invoke_le_address_associate_cb(
2202 p_data->proc_id_addr.pairing_bda, p_data->proc_id_addr.id_addr,
2203 p_data->proc_id_addr.id_addr_type);
2204 break;
2205
2206 case BTA_DM_SIRK_VERIFICATION_REQ_EVT:
2207 GetInterfaceToProfiles()->events->invoke_le_address_associate_cb(
2208 p_data->proc_id_addr.pairing_bda, p_data->proc_id_addr.id_addr,
2209 p_data->proc_id_addr.id_addr_type);
2210 break;
2211
2212 case BTA_DM_KEY_MISSING_EVT:
2213 GetInterfaceToProfiles()->events->invoke_key_missing_cb(p_data->key_missing.bd_addr);
2214 break;
2215
2216 case BTA_DM_ENCRYPTION_CHANGE_EVT:
2217 GetInterfaceToProfiles()->events->invoke_encryption_change_cb(p_data->encryption_change);
2218 break;
2219
2220 default:
2221 log::warn("unhandled event({})", event);
2222 break;
2223 }
2224 }
2225
2226 /*******************************************************************************
2227 *
2228 * Function bte_dm_acl_evt
2229 *
2230 * Description BTIF handler for ACL up/down, identity address report events
2231 *
2232 * Returns void
2233 *
2234 ******************************************************************************/
btif_dm_acl_evt(tBTA_DM_ACL_EVT event,tBTA_DM_ACL * p_data)2235 void btif_dm_acl_evt(tBTA_DM_ACL_EVT event, tBTA_DM_ACL* p_data) {
2236 RawAddress bd_addr;
2237
2238 switch (event) {
2239 case BTA_DM_LINK_UP_EVT:
2240 bd_addr = p_data->link_up.bd_addr;
2241 log::verbose("BTA_DM_LINK_UP_EVT. Sending BT_ACL_STATE_CONNECTED");
2242
2243 btif_update_remote_version_property(&bd_addr);
2244
2245 GetInterfaceToProfiles()->events->invoke_acl_state_changed_cb(
2246 BT_STATUS_SUCCESS, bd_addr, BT_ACL_STATE_CONNECTED,
2247 (int)p_data->link_up.transport_link_type, HCI_SUCCESS,
2248 btm_is_acl_locally_initiated() ? bt_conn_direction_t::BT_CONN_DIRECTION_OUTGOING
2249 : bt_conn_direction_t::BT_CONN_DIRECTION_INCOMING,
2250 p_data->link_up.acl_handle);
2251
2252 if (p_data->link_up.transport_link_type == BT_TRANSPORT_LE && pairing_cb.bd_addr == bd_addr &&
2253 is_device_le_audio_capable(bd_addr)) {
2254 stack::l2cap::get_interface().L2CA_LockBleConnParamsForProfileConnection(bd_addr, true);
2255 }
2256 break;
2257
2258 case BTA_DM_LINK_UP_FAILED_EVT:
2259 GetInterfaceToProfiles()->events->invoke_acl_state_changed_cb(
2260 hci_error_to_bt_status(p_data->link_up_failed.status), p_data->link_up_failed.bd_addr,
2261 BT_ACL_STATE_DISCONNECTED, p_data->link_up_failed.transport_link_type,
2262 p_data->link_up_failed.status,
2263 btm_is_acl_locally_initiated() ? bt_conn_direction_t::BT_CONN_DIRECTION_OUTGOING
2264 : bt_conn_direction_t::BT_CONN_DIRECTION_INCOMING,
2265 INVALID_ACL_HANDLE);
2266 break;
2267
2268 case BTA_DM_LINK_DOWN_EVT: {
2269 bd_addr = p_data->link_down.bd_addr;
2270 btm_set_bond_type_dev(p_data->link_down.bd_addr, BOND_TYPE_UNKNOWN);
2271 GetInterfaceToProfiles()->onLinkDown(bd_addr, p_data->link_down.transport_link_type);
2272
2273 bt_conn_direction_t direction;
2274 switch (btm_get_acl_disc_reason_code()) {
2275 case HCI_ERR_PEER_USER:
2276 case HCI_ERR_REMOTE_LOW_RESOURCE:
2277 case HCI_ERR_REMOTE_POWER_OFF:
2278 direction = bt_conn_direction_t::BT_CONN_DIRECTION_INCOMING;
2279 break;
2280 case HCI_ERR_CONN_CAUSE_LOCAL_HOST:
2281 case HCI_ERR_HOST_REJECT_SECURITY:
2282 direction = bt_conn_direction_t::BT_CONN_DIRECTION_OUTGOING;
2283 break;
2284 default:
2285 direction = bt_conn_direction_t::BT_CONN_DIRECTION_UNKNOWN;
2286 }
2287 GetInterfaceToProfiles()->events->invoke_acl_state_changed_cb(
2288 BT_STATUS_SUCCESS, bd_addr, BT_ACL_STATE_DISCONNECTED,
2289 (int)p_data->link_down.transport_link_type,
2290 static_cast<bt_hci_error_code_t>(btm_get_acl_disc_reason_code()), direction,
2291 INVALID_ACL_HANDLE);
2292 log::debug(
2293 "Sent BT_ACL_STATE_DISCONNECTED upward as ACL link down event "
2294 "device:{} reason:{}",
2295 bd_addr,
2296 hci_reason_code_text(static_cast<tHCI_REASON>(btm_get_acl_disc_reason_code())));
2297 } break;
2298 case BTA_DM_LE_FEATURES_READ:
2299 btif_get_adapter_property(BT_PROPERTY_LOCAL_LE_FEATURES);
2300 break;
2301 case BTA_DM_LPP_OFFLOAD_FEATURES_READ:
2302 btif_get_adapter_property(BT_PROPERTY_LPP_OFFLOAD_FEATURES);
2303 break;
2304
2305 default: {
2306 log::error("Unexpected tBTA_DM_ACL_EVT:{}", event);
2307 } break;
2308 }
2309 }
2310
2311 /*******************************************************************************
2312 *
2313 * Function bta_energy_info_cb
2314 *
2315 * Description Switches context from BTE to BTIF for DM energy info event
2316 *
2317 * Returns void
2318 *
2319 ******************************************************************************/
bta_energy_info_cb(tBTM_BLE_TX_TIME_MS tx_time,tBTM_BLE_RX_TIME_MS rx_time,tBTM_BLE_IDLE_TIME_MS idle_time,tBTM_BLE_ENERGY_USED energy_used,tBTM_CONTRL_STATE ctrl_state,tBTA_STATUS status)2320 static void bta_energy_info_cb(tBTM_BLE_TX_TIME_MS tx_time, tBTM_BLE_RX_TIME_MS rx_time,
2321 tBTM_BLE_IDLE_TIME_MS idle_time, tBTM_BLE_ENERGY_USED energy_used,
2322 tBTM_CONTRL_STATE ctrl_state, tBTA_STATUS status) {
2323 log::verbose(
2324 "energy_info_cb-Status:{},state={},tx_t={}, rx_t={}, "
2325 "idle_time={},used={}",
2326 status, ctrl_state, tx_time, rx_time, idle_time, energy_used);
2327
2328 if (uid_set != nullptr) {
2329 bt_activity_energy_info energy_info;
2330 energy_info.status = status;
2331 energy_info.ctrl_state = ctrl_state;
2332 energy_info.rx_time = rx_time;
2333 energy_info.tx_time = tx_time;
2334 energy_info.idle_time = idle_time;
2335 energy_info.energy_used = energy_used;
2336
2337 bt_uid_traffic_t* data = uid_set_read_and_clear(uid_set);
2338 GetInterfaceToProfiles()->events->invoke_energy_info_cb(energy_info, data);
2339 } else {
2340 log::warn("Energy info event dropped as module is inactive");
2341 }
2342 }
2343
2344 /*****************************************************************************
2345 *
2346 * btif api functions (no context switch)
2347 *
2348 ****************************************************************************/
2349
2350 /*******************************************************************************
2351 *
2352 * Function btif_dm_start_discovery
2353 *
2354 * Description Start device discovery/inquiry
2355 *
2356 ******************************************************************************/
btif_dm_start_discovery(void)2357 void btif_dm_start_discovery(void) {
2358 log::verbose("start device discover/inquiry");
2359
2360 BTM_LogHistory(kBtmLogTag, RawAddress::kEmpty, "Device discovery",
2361 base::StringPrintf("is_request_queued:%c",
2362 bta_dm_is_search_request_queued() ? 'T' : 'F'));
2363
2364 /* no race here because we're guaranteed to be in the main thread */
2365 if (bta_dm_is_search_request_queued()) {
2366 log::info("skipping start discovery because a request is queued");
2367 return;
2368 }
2369
2370 /* Will be enabled to true once inquiry busy level has been received */
2371 btif_dm_inquiry_in_progress = false;
2372 /* find nearby devices */
2373 BTA_DmSearch(btif_dm_search_devices_evt);
2374 power_telemetry::GetInstance().LogScanStarted();
2375 }
2376
2377 /*******************************************************************************
2378 *
2379 * Function btif_dm_cancel_discovery
2380 *
2381 * Description Cancels search
2382 *
2383 ******************************************************************************/
btif_dm_cancel_discovery(void)2384 void btif_dm_cancel_discovery(void) {
2385 log::info("Cancel search");
2386 BTM_LogHistory(kBtmLogTag, RawAddress::kEmpty, "Cancel discovery");
2387
2388 BTA_DmSearchCancel();
2389 }
2390
btif_dm_pairing_is_busy()2391 bool btif_dm_pairing_is_busy() { return pairing_cb.state != BT_BOND_STATE_NONE; }
2392
2393 /*******************************************************************************
2394 *
2395 * Function btif_dm_create_bond
2396 *
2397 * Description Initiate bonding with the specified device
2398 *
2399 ******************************************************************************/
btif_dm_create_bond(const RawAddress bd_addr,tBT_TRANSPORT transport)2400 void btif_dm_create_bond(const RawAddress bd_addr, tBT_TRANSPORT transport) {
2401 log::verbose("bd_addr={}, transport={}", bd_addr, transport);
2402
2403 BTM_LogHistory(kBtmLogTag, bd_addr, "Create bond",
2404 base::StringPrintf("transport:%s", bt_transport_text(transport).c_str()));
2405
2406 btif_stats_add_bond_event(bd_addr, BTIF_DM_FUNC_CREATE_BOND, pairing_cb.state);
2407
2408 pairing_cb.timeout_retries = NUM_TIMEOUT_RETRIES;
2409 btif_dm_cb_create_bond(bd_addr, transport);
2410 }
2411
2412 /*******************************************************************************
2413 *
2414 * Function btif_dm_create_bond_le
2415 *
2416 * Description Initiate bonding with the specified device over le transport
2417 *
2418 ******************************************************************************/
btif_dm_create_bond_le(const RawAddress bd_addr,tBLE_ADDR_TYPE addr_type)2419 void btif_dm_create_bond_le(const RawAddress bd_addr, tBLE_ADDR_TYPE addr_type) {
2420 log::verbose("bd_addr={}, addr_type={}", bd_addr, addr_type);
2421 const tBLE_BD_ADDR ble_bd_addr{
2422 .type = addr_type,
2423 .bda = bd_addr,
2424 };
2425 BTM_LogHistory(kBtmLogTag, ble_bd_addr, "Create bond",
2426 base::StringPrintf("transport:%s", bt_transport_text(BT_TRANSPORT_LE).c_str()));
2427
2428 btif_stats_add_bond_event(bd_addr, BTIF_DM_FUNC_CREATE_BOND, pairing_cb.state);
2429
2430 pairing_cb.timeout_retries = NUM_TIMEOUT_RETRIES;
2431 btif_dm_cb_create_bond_le(bd_addr, addr_type);
2432 }
2433
2434 /*******************************************************************************
2435 *
2436 * Function btif_dm_create_bond_out_of_band
2437 *
2438 * Description Initiate bonding with the specified device using out of band
2439 * data
2440 *
2441 ******************************************************************************/
btif_dm_create_bond_out_of_band(const RawAddress bd_addr,tBT_TRANSPORT transport,const bt_oob_data_t p192_data,const bt_oob_data_t p256_data)2442 void btif_dm_create_bond_out_of_band(const RawAddress bd_addr, tBT_TRANSPORT transport,
2443 const bt_oob_data_t p192_data, const bt_oob_data_t p256_data) {
2444 bt_oob_data_t empty_data;
2445 memset(&empty_data, 0, sizeof(empty_data));
2446
2447 oob_cb.bdaddr = bd_addr;
2448 oob_cb.transport = transport;
2449 oob_cb.data_present = (int)BTM_OOB_NONE;
2450 if (memcmp(&p192_data, &empty_data, sizeof(p192_data)) != 0) {
2451 memcpy(&oob_cb.p192_data, &p192_data, sizeof(bt_oob_data_t));
2452 oob_cb.data_present = (int)BTM_OOB_PRESENT_192;
2453 }
2454
2455 if (memcmp(&p256_data, &empty_data, sizeof(p256_data)) != 0) {
2456 memcpy(&oob_cb.p256_data, &p256_data, sizeof(bt_oob_data_t));
2457 if (oob_cb.data_present == (int)BTM_OOB_PRESENT_192) {
2458 oob_cb.data_present = (int)BTM_OOB_PRESENT_192_AND_256;
2459 } else {
2460 oob_cb.data_present = (int)BTM_OOB_PRESENT_256;
2461 }
2462 }
2463
2464 BTM_LogHistory(kBtmLogTag, bd_addr, "Create bond",
2465 base::StringPrintf("transport:%s oob:%s", bt_transport_text(transport).c_str(),
2466 btm_oob_data_text(oob_cb.data_present).c_str()));
2467
2468 uint8_t empty[] = {0, 0, 0, 0, 0, 0, 0};
2469 switch (transport) {
2470 case BT_TRANSPORT_BR_EDR:
2471 // TODO(182162589): Flesh out classic impl in legacy BTMSec
2472 // Nothing to do yet, but not an error
2473
2474 // The controller only supports P192
2475 switch (oob_cb.data_present) {
2476 case BTM_OOB_PRESENT_192_AND_256:
2477 log::info("Have both P192 and P256");
2478 [[fallthrough]];
2479 case BTM_OOB_PRESENT_192:
2480 log::info("Using P192");
2481 break;
2482 case BTM_OOB_PRESENT_256:
2483 log::info("Using P256");
2484 // TODO(181889116):
2485 // Upgrade to support p256 (for now we just ignore P256)
2486 // because the controllers do not yet support it.
2487 bond_state_changed(BT_STATUS_UNSUPPORTED, bd_addr, BT_BOND_STATE_NONE);
2488 return;
2489 default:
2490 log::error("Invalid data present for controller:{}", oob_cb.data_present);
2491 bond_state_changed(BT_STATUS_PARM_INVALID, bd_addr, BT_BOND_STATE_NONE);
2492 return;
2493 }
2494 pairing_cb.is_local_initiated = true;
2495 log::error("Classic not implemented yet");
2496 bond_state_changed(BT_STATUS_UNSUPPORTED, bd_addr, BT_BOND_STATE_NONE);
2497 return;
2498 case BT_TRANSPORT_LE: {
2499 // Guess default RANDOM for address type for LE
2500 tBLE_ADDR_TYPE address_type = BLE_ADDR_RANDOM;
2501 log::info("Using LE Transport");
2502 switch (oob_cb.data_present) {
2503 case BTM_OOB_PRESENT_192_AND_256:
2504 log::info("Have both P192 and P256");
2505 [[fallthrough]];
2506 // Always prefer 256 for LE
2507 case BTM_OOB_PRESENT_256:
2508 log::info("Using P256");
2509 // If we have an address, lets get the type
2510 if (memcmp(p256_data.address, empty, 7) != 0) {
2511 /* byte no 7 is address type in LE Bluetooth Address OOB data */
2512 address_type = static_cast<tBLE_ADDR_TYPE>(p256_data.address[6]);
2513 }
2514 break;
2515 case BTM_OOB_PRESENT_192:
2516 log::info("Using P192");
2517 // If we have an address, lets get the type
2518 if (memcmp(p192_data.address, empty, 7) != 0) {
2519 /* byte no 7 is address type in LE Bluetooth Address OOB data */
2520 address_type = static_cast<tBLE_ADDR_TYPE>(p192_data.address[6]);
2521 }
2522 break;
2523 }
2524 pairing_cb.is_local_initiated = true;
2525 get_btm_client_interface().security.BTM_SecAddBleDevice(bd_addr, BT_DEVICE_TYPE_BLE,
2526 address_type);
2527 BTA_DmBond(bd_addr, address_type, transport, BT_DEVICE_TYPE_BLE);
2528 break;
2529 }
2530 default:
2531 log::error("Invalid transport: {}", transport);
2532 bond_state_changed(BT_STATUS_PARM_INVALID, bd_addr, BT_BOND_STATE_NONE);
2533 return;
2534 }
2535 }
2536
2537 /*******************************************************************************
2538 *
2539 * Function btif_dm_cancel_bond
2540 *
2541 * Description Initiate bonding with the specified device
2542 *
2543 ******************************************************************************/
btif_dm_cancel_bond(const RawAddress bd_addr)2544 void btif_dm_cancel_bond(const RawAddress bd_addr) {
2545 log::verbose("bd_addr={}", bd_addr);
2546
2547 BTM_LogHistory(kBtmLogTag, bd_addr, "Cancel bond");
2548
2549 btif_stats_add_bond_event(bd_addr, BTIF_DM_FUNC_CANCEL_BOND, pairing_cb.state);
2550
2551 /* TODO:
2552 ** 1. Restore scan modes
2553 ** 2. special handling for HID devices
2554 */
2555 if (is_bonding_or_sdp()) {
2556 if (com::android::bluetooth::flags::ignore_unrelated_cancel_bond() &&
2557 (pairing_cb.bd_addr != bd_addr)) {
2558 log::warn("Ignoring bond cancel for unrelated device: {} pairing: {}", bd_addr,
2559 pairing_cb.bd_addr);
2560 return;
2561 }
2562 if (pairing_cb.is_ssp) {
2563 if (pairing_cb.is_le_only) {
2564 BTA_DmBleSecurityGrant(bd_addr, tBTA_DM_BLE_SEC_GRANT::BTA_DM_SEC_PAIR_NOT_SPT);
2565 } else {
2566 BTA_DmConfirm(bd_addr, false);
2567 BTA_DmBondCancel(bd_addr);
2568 btif_storage_remove_bonded_device(&bd_addr);
2569 }
2570 } else {
2571 if (pairing_cb.is_le_only) {
2572 BTA_DmBondCancel(bd_addr);
2573 } else {
2574 BTA_DmPinReply(bd_addr, false, 0, NULL);
2575 }
2576 /* Cancel bonding, in case it is in ACL connection setup state */
2577 BTA_DmBondCancel(bd_addr);
2578 }
2579 }
2580 }
2581
2582 /*******************************************************************************
2583 *
2584 * Function btif_dm_hh_open_failed
2585 *
2586 * Description informs the upper layers if the HH have failed during
2587 * bonding
2588 *
2589 * Returns none
2590 *
2591 ******************************************************************************/
2592
btif_dm_hh_open_failed(RawAddress * bdaddr)2593 void btif_dm_hh_open_failed(RawAddress* bdaddr) {
2594 if (pairing_cb.state == BT_BOND_STATE_BONDING && *bdaddr == pairing_cb.bd_addr) {
2595 bond_state_changed(BT_STATUS_RMT_DEV_DOWN, *bdaddr, BT_BOND_STATE_NONE);
2596 }
2597 }
2598
2599 /*******************************************************************************
2600 *
2601 * Function btif_dm_remove_bond
2602 *
2603 * Description Removes bonding with the specified device
2604 *
2605 ******************************************************************************/
2606
btif_dm_remove_bond(const RawAddress bd_addr)2607 void btif_dm_remove_bond(const RawAddress bd_addr) {
2608 log::verbose("bd_addr={}", bd_addr);
2609
2610 BTM_LogHistory(kBtmLogTag, bd_addr, "Remove bond");
2611
2612 btif_stats_add_bond_event(bd_addr, BTIF_DM_FUNC_REMOVE_BOND, pairing_cb.state);
2613
2614 // special handling for HID devices
2615 // VUP needs to be sent if its a HID Device. The HID HOST module will check if
2616 // there is a valid hid connection with this bd_addr. If yes VUP will be
2617 // issued.
2618 #if (BTA_HH_INCLUDED == TRUE)
2619 tAclLinkSpec link_spec;
2620 link_spec.addrt.bda = bd_addr;
2621 link_spec.transport = BT_TRANSPORT_AUTO;
2622 link_spec.addrt.type = BLE_ADDR_PUBLIC;
2623
2624 if (GetInterfaceToProfiles()->profileSpecific_HACK->btif_hh_virtual_unplug(link_spec) !=
2625 BT_STATUS_SUCCESS)
2626 #endif
2627 {
2628 log::debug("Removing HH device");
2629 BTA_DmRemoveDevice(bd_addr);
2630 }
2631 }
2632
2633 /*******************************************************************************
2634 *
2635 * Function btif_dm_pin_reply
2636 *
2637 * Description BT legacy pairing - PIN code reply
2638 *
2639 ******************************************************************************/
2640
btif_dm_pin_reply(const RawAddress bd_addr,uint8_t accept,uint8_t pin_len,bt_pin_code_t pin_code)2641 void btif_dm_pin_reply(const RawAddress bd_addr, uint8_t accept, uint8_t pin_len,
2642 bt_pin_code_t pin_code) {
2643 log::verbose("accept={}", accept);
2644
2645 if (pairing_cb.is_le_only) {
2646 int i;
2647 uint32_t passkey = 0;
2648 int multi[] = {100000, 10000, 1000, 100, 10, 1};
2649 for (i = 0; i < 6; i++) {
2650 passkey += (multi[i] * (pin_code.pin[i] - '0'));
2651 }
2652 // TODO:
2653 // FIXME: should we hide part of passkey here?
2654 log::verbose("btif_dm_pin_reply: passkey: {}", passkey);
2655 BTA_DmBlePasskeyReply(bd_addr, accept, passkey);
2656
2657 } else {
2658 BTA_DmPinReply(bd_addr, accept, pin_len, pin_code.pin);
2659 if (accept) {
2660 pairing_cb.pin_code_len = pin_len;
2661 }
2662 }
2663 }
2664
2665 /*******************************************************************************
2666 *
2667 * Function btif_dm_ssp_reply
2668 *
2669 * Description BT SSP Reply - Just Works, Numeric Comparison & Passkey
2670 * Entry
2671 *
2672 ******************************************************************************/
btif_dm_ssp_reply(const RawAddress bd_addr,bt_ssp_variant_t variant,uint8_t accept)2673 void btif_dm_ssp_reply(const RawAddress bd_addr, bt_ssp_variant_t variant, uint8_t accept) {
2674 log::verbose("accept={}", accept);
2675 BTM_LogHistory(
2676 kBtmLogTag, bd_addr, "Ssp reply",
2677 base::StringPrintf("originator:%s variant:%d accept:%c le:%c numeric_comparison:%c",
2678 (pairing_cb.is_local_initiated) ? "local" : "remote", variant,
2679 (accept) ? 'Y' : 'N', (pairing_cb.is_le_only) ? 'T' : 'F',
2680 (pairing_cb.is_le_nc) ? 'T' : 'F'));
2681 if (pairing_cb.is_le_only) {
2682 if (pairing_cb.is_le_nc) {
2683 BTA_DmBleConfirmReply(bd_addr, accept);
2684 } else {
2685 if (accept) {
2686 BTA_DmBleSecurityGrant(bd_addr, tBTA_DM_BLE_SEC_GRANT::BTA_DM_SEC_GRANTED);
2687 } else {
2688 BTA_DmBleSecurityGrant(bd_addr, tBTA_DM_BLE_SEC_GRANT::BTA_DM_SEC_PAIR_NOT_SPT);
2689 }
2690 }
2691 } else {
2692 BTA_DmConfirm(bd_addr, accept);
2693 }
2694 }
2695
2696 /*******************************************************************************
2697 *
2698 * Function btif_dm_get_local_class_of_device
2699 *
2700 * Description Reads the system property configured class of device
2701 *
2702 * Returns A DEV_CLASS containing the current class of device.
2703 * If no value is present, or the value is malformed
2704 * the default kEmpty value will be used
2705 *
2706 ******************************************************************************/
btif_dm_get_local_class_of_device()2707 DEV_CLASS btif_dm_get_local_class_of_device() {
2708 /* A class of device is a {SERVICE_CLASS, MAJOR_CLASS, MINOR_CLASS}
2709 *
2710 * The input is expected to be a string of the following format:
2711 * <decimal number>,<decimal number>,<decimal number>
2712 *
2713 * For example, "90,2,12" (Hex: 0x5A, 0x2, 0xC)
2714 *
2715 * Notice there is always two commas and no spaces.
2716 */
2717 char prop_cod[PROPERTY_VALUE_MAX];
2718 osi_property_get(PROPERTY_CLASS_OF_DEVICE, prop_cod, "");
2719
2720 // If the property is empty, use the default
2721 if (prop_cod[0] == '\0') {
2722 log::error("COD property is empty");
2723 return kDevClassUnclassified;
2724 }
2725
2726 // Start reading the contents of the property string. If at any point anything
2727 // is malformed, use the default.
2728 DEV_CLASS temp_device_class;
2729 int i = 0;
2730 int j = 0;
2731 for (;;) {
2732 // Build a string of all the chars until the next comma, null, or end of the
2733 // buffer is reached. If any char is not a digit, then return the default.
2734 std::string value;
2735 while (i < PROPERTY_VALUE_MAX && prop_cod[i] != ',' && prop_cod[i] != '\0') {
2736 char c = prop_cod[i++];
2737 if (!std::isdigit(c)) {
2738 log::error("COD malformed, '{:c}' is a non-digit", c);
2739 return kDevClassUnclassified;
2740 }
2741 value += c;
2742 }
2743
2744 // If we hit the end and it wasn't null terminated then return the default
2745 if (i == PROPERTY_VALUE_MAX && prop_cod[PROPERTY_VALUE_MAX - 1] != '\0') {
2746 log::error("COD malformed, value was truncated");
2747 return kDevClassUnclassified;
2748 }
2749
2750 // Each number in the list must be one byte, meaning 0 (0x00) -> 255 (0xFF)
2751 if (value.size() > 3 || value.size() == 0) {
2752 log::error("COD malformed, '{}' must be between [0, 255]", value);
2753 return kDevClassUnclassified;
2754 }
2755
2756 // Grab the value. If it's too large, then return the default
2757 uint32_t uint32_val = static_cast<uint32_t>(std::stoul(value.c_str()));
2758 if (uint32_val > 0xFF) {
2759 log::error("COD malformed, '{}' must be between [0, 255]", value);
2760 return kDevClassUnclassified;
2761 }
2762
2763 // Otherwise, it's safe to use
2764 temp_device_class[j++] = uint32_val;
2765
2766 // If we've reached 3 numbers then make sure we're at a null terminator
2767 if (j >= 3) {
2768 if (prop_cod[i] != '\0') {
2769 log::error("COD malformed, more than three numbers");
2770 return kDevClassUnclassified;
2771 }
2772 break;
2773 }
2774
2775 // If we're at a null terminator then we're done
2776 if (prop_cod[i] == '\0') {
2777 break;
2778 }
2779
2780 // Otherwise, skip over the comma
2781 ++i;
2782 }
2783
2784 // We must have read exactly 3 numbers
2785 DEV_CLASS device_class = kDevClassUnclassified;
2786 if (j == 3) {
2787 device_class[0] = temp_device_class[0];
2788 device_class[1] = temp_device_class[1];
2789 device_class[2] = temp_device_class[2];
2790 } else {
2791 log::error("COD malformed, fewer than three numbers");
2792 }
2793
2794 log::debug("Using class of device '0x{:x}, 0x{:x}, 0x{:x}' from CoD system property",
2795 device_class[0], device_class[1], device_class[2]);
2796
2797 #ifdef __ANDROID__
2798 // Per BAP 1.0.1, 8.2.3. Device discovery, the stack needs to set Class of
2799 // Device (CoD) field Major Service Class bit 14 to 0b1 when Unicast Server,
2800 // Unicast Client, Broadcast Source, Broadcast Sink, Scan Delegator, or
2801 // Broadcast Assistant is supported on this device
2802 if (android::sysprop::BluetoothProperties::isProfileBapUnicastClientEnabled().value_or(false) ||
2803 android::sysprop::BluetoothProperties::isProfileBapBroadcastAssistEnabled().value_or(false) ||
2804 android::sysprop::BluetoothProperties::isProfileBapBroadcastSourceEnabled().value_or(false)) {
2805 device_class[1] |= 0x01 << 6;
2806 } else {
2807 device_class[1] &= ~(0x01 << 6);
2808 }
2809 log::debug(
2810 "Check LE audio enabled status, update class of device to '0x{:x}, "
2811 "0x{:x}, 0x{:x}'",
2812 device_class[0], device_class[1], device_class[2]);
2813 #endif
2814 return device_class;
2815 }
2816
2817 /*******************************************************************************
2818 *
2819 * Function btif_dm_get_adapter_property
2820 *
2821 * Description Queries the BTA for the adapter property
2822 *
2823 * Returns bt_status_t
2824 *
2825 ******************************************************************************/
btif_dm_get_adapter_property(bt_property_t * prop)2826 bt_status_t btif_dm_get_adapter_property(bt_property_t* prop) {
2827 log::verbose("type=0x{:x}", prop->type);
2828 switch (prop->type) {
2829 case BT_PROPERTY_BDNAME: {
2830 bt_bdname_t* bd_name = (bt_bdname_t*)prop->val;
2831 strncpy((char*)bd_name->name, (char*)btif_get_default_local_name(),
2832 sizeof(bd_name->name) - 1);
2833 bd_name->name[sizeof(bd_name->name) - 1] = 0;
2834 prop->len = strlen((char*)bd_name->name);
2835 } break;
2836
2837 case BT_PROPERTY_ADAPTER_DISCOVERABLE_TIMEOUT: {
2838 uint32_t* tmt = (uint32_t*)prop->val;
2839 *tmt = 120; /* default to 120s, if not found in NV */
2840 prop->len = sizeof(uint32_t);
2841 } break;
2842
2843 default:
2844 prop->len = 0;
2845 return BT_STATUS_FAIL;
2846 }
2847 return BT_STATUS_SUCCESS;
2848 }
2849
2850 /*******************************************************************************
2851 *
2852 * Function btif_dm_get_remote_services
2853 *
2854 * Description Start SDP to get remote services by transport
2855 *
2856 * Returns bt_status_t
2857 *
2858 ******************************************************************************/
btif_dm_get_remote_services(RawAddress remote_addr,const tBT_TRANSPORT transport)2859 void btif_dm_get_remote_services(RawAddress remote_addr, const tBT_TRANSPORT transport) {
2860 log::verbose("transport={}, remote_addr={}", bt_transport_text(transport), remote_addr);
2861
2862 BTM_LogHistory(kBtmLogTag, remote_addr, "Service discovery",
2863 base::StringPrintf("transport:%s", bt_transport_text(transport).c_str()));
2864
2865 BTA_DmDiscover(remote_addr,
2866 service_discovery_callbacks{
2867 .on_gatt_results = btif_on_gatt_results,
2868 .on_did_received = btif_on_did_received,
2869 .on_service_discovery_results = btif_on_service_discovery_results},
2870 transport);
2871 }
2872
btif_dm_enable_service(tBTA_SERVICE_ID service_id,bool enable)2873 void btif_dm_enable_service(tBTA_SERVICE_ID service_id, bool enable) {
2874 bt_status_t status = btif_in_execute_service_request(service_id, enable);
2875 if (status == BT_STATUS_SUCCESS) {
2876 bt_property_t property;
2877 Uuid local_uuids[BT_MAX_NUM_UUIDS];
2878
2879 /* Now send the UUID_PROPERTY_CHANGED event to the upper layer */
2880 BTIF_STORAGE_FILL_PROPERTY(&property, BT_PROPERTY_UUIDS, sizeof(local_uuids), local_uuids);
2881 btif_storage_get_adapter_property(&property);
2882 GetInterfaceToProfiles()->events->invoke_adapter_properties_cb(BT_STATUS_SUCCESS, 1, &property);
2883 }
2884 return;
2885 }
2886
btif_dm_proc_io_req(tBTM_AUTH_REQ * p_auth_req,bool is_orig)2887 void btif_dm_proc_io_req(tBTM_AUTH_REQ* p_auth_req, bool is_orig) {
2888 uint8_t yes_no_bit = BTA_AUTH_SP_YES & *p_auth_req;
2889 /* if local initiated:
2890 ** 1. set DD + MITM
2891 ** if remote initiated:
2892 ** 1. Copy over the auth_req from peer's io_rsp
2893 ** 2. Set the MITM if peer has it set or if peer has DisplayYesNo
2894 *(iPhone)
2895 ** as a fallback set MITM+GB if peer had MITM set
2896 */
2897
2898 log::verbose("original p_auth_req={}", *p_auth_req);
2899 if (pairing_cb.is_local_initiated) {
2900 /* if initing/responding to a dedicated bonding, use dedicate bonding bit */
2901 *p_auth_req = BTA_AUTH_DD_BOND | BTA_AUTH_SP_YES;
2902 } else if (!is_orig) {
2903 /* peer initiated paring. They probably know what they want.
2904 ** Copy the mitm from peer device.
2905 */
2906 log::debug("peer initiated, setting p_auth_req to peer's: {}", pairing_cb.auth_req);
2907 *p_auth_req = (pairing_cb.auth_req & BTA_AUTH_BONDS);
2908
2909 /* copy over the MITM bit as well. In addition if the peer has DisplayYesNo,
2910 * force MITM */
2911 if ((yes_no_bit) || (pairing_cb.io_cap & BTM_IO_CAP_IO)) {
2912 *p_auth_req |= BTA_AUTH_SP_YES;
2913 }
2914 } else if (yes_no_bit) {
2915 /* set the general bonding bit for stored device */
2916 *p_auth_req = BTA_AUTH_GEN_BOND | yes_no_bit;
2917 }
2918 log::verbose("updated p_auth_req={}", *p_auth_req);
2919 }
2920
btif_dm_proc_io_rsp(const RawAddress &,tBTM_IO_CAP io_cap,tBTM_OOB_DATA,tBTM_AUTH_REQ auth_req)2921 void btif_dm_proc_io_rsp(const RawAddress& /* bd_addr */, tBTM_IO_CAP io_cap,
2922 tBTM_OOB_DATA /* oob_data */, tBTM_AUTH_REQ auth_req) {
2923 if (auth_req & BTA_AUTH_BONDS) {
2924 log::debug("auth_req:{}", auth_req);
2925 pairing_cb.auth_req = auth_req;
2926 pairing_cb.io_cap = io_cap;
2927 }
2928 }
2929
btif_dm_set_oob_for_io_req(tBTM_OOB_DATA * p_has_oob_data)2930 void btif_dm_set_oob_for_io_req(tBTM_OOB_DATA* p_has_oob_data) {
2931 if (is_empty_128bit(oob_cb.p192_data.c)) {
2932 *p_has_oob_data = false;
2933 } else {
2934 *p_has_oob_data = true;
2935 }
2936 log::verbose("*p_has_oob_data={}", *p_has_oob_data);
2937 }
2938
btif_dm_set_oob_for_le_io_req(const RawAddress & bd_addr,tBTM_OOB_DATA * p_has_oob_data,tBTM_LE_AUTH_REQ * p_auth_req)2939 void btif_dm_set_oob_for_le_io_req(const RawAddress& bd_addr, tBTM_OOB_DATA* p_has_oob_data,
2940 tBTM_LE_AUTH_REQ* p_auth_req) {
2941 switch (oob_cb.data_present) {
2942 case BTM_OOB_PRESENT_192_AND_256:
2943 log::info("Have both P192 and P256");
2944 [[fallthrough]];
2945 // Always prefer 256 for LE
2946 case BTM_OOB_PRESENT_256:
2947 log::info("Using P256");
2948 if (!is_empty_128bit(oob_cb.p256_data.c) && !is_empty_128bit(oob_cb.p256_data.r)) {
2949 /* make sure OOB data is for this particular device */
2950 if (bd_addr == oob_cb.bdaddr) {
2951 *p_auth_req = ((*p_auth_req) | BTM_LE_AUTH_REQ_SC_ONLY);
2952 *p_has_oob_data = true;
2953 } else {
2954 *p_has_oob_data = false;
2955 log::warn("P256-1: Remote address didn't match OOB data address");
2956 }
2957 } else if (!is_empty_128bit(oob_cb.p256_data.sm_tk)) {
2958 /* We have security manager TK */
2959
2960 /* make sure OOB data is for this particular device */
2961 if (bd_addr == oob_cb.bdaddr) {
2962 // When using OOB with TK, SC Secure Connections bit must be disabled.
2963 tBTM_LE_AUTH_REQ mask = ~BTM_LE_AUTH_REQ_SC_ONLY;
2964 *p_auth_req = ((*p_auth_req) & mask);
2965 *p_has_oob_data = true;
2966 } else {
2967 *p_has_oob_data = false;
2968 log::warn("P256-2: Remote address didn't match OOB data address");
2969 }
2970 } else {
2971 *p_has_oob_data = false;
2972 }
2973 break;
2974 case BTM_OOB_PRESENT_192:
2975 log::info("Using P192");
2976 if (!is_empty_128bit(oob_cb.p192_data.c) && !is_empty_128bit(oob_cb.p192_data.r)) {
2977 /* make sure OOB data is for this particular device */
2978 if (bd_addr == oob_cb.bdaddr) {
2979 *p_auth_req = ((*p_auth_req) | BTM_LE_AUTH_REQ_SC_ONLY);
2980 *p_has_oob_data = true;
2981 } else {
2982 *p_has_oob_data = false;
2983 log::warn("P192-1: Remote address didn't match OOB data address");
2984 }
2985 } else if (!is_empty_128bit(oob_cb.p192_data.sm_tk)) {
2986 /* We have security manager TK */
2987
2988 /* make sure OOB data is for this particular device */
2989 if (bd_addr == oob_cb.bdaddr) {
2990 // When using OOB with TK, SC Secure Connections bit must be disabled.
2991 tBTM_LE_AUTH_REQ mask = ~BTM_LE_AUTH_REQ_SC_ONLY;
2992 *p_auth_req = ((*p_auth_req) & mask);
2993 *p_has_oob_data = true;
2994 } else {
2995 *p_has_oob_data = false;
2996 log::warn("P192-2: Remote address didn't match OOB data address");
2997 }
2998 } else {
2999 *p_has_oob_data = false;
3000 }
3001 break;
3002 }
3003 log::verbose("*p_has_oob_data={}", *p_has_oob_data);
3004 }
3005
btif_dm_load_local_oob(void)3006 void btif_dm_load_local_oob(void) {
3007 char prop_oob[PROPERTY_VALUE_MAX];
3008 osi_property_get("service.brcm.bt.oob", prop_oob, "3");
3009 log::verbose("prop_oob = {}", prop_oob);
3010 if (prop_oob[0] != '3') {
3011 if (is_empty_128bit(oob_cb.p192_data.c)) {
3012 log::verbose("read OOB, call BTA_DmLocalOob()");
3013 BTA_DmLocalOob();
3014 }
3015 }
3016 }
3017
3018 static bool waiting_on_oob_advertiser_start = false;
3019 static std::optional<uint8_t> oob_advertiser_id_;
stop_oob_advertiser()3020 static void stop_oob_advertiser() {
3021 // For chasing an advertising bug b/237023051
3022 log::debug("oob_advertiser_id: {}", oob_advertiser_id_.value());
3023 auto advertiser = bluetooth::shim::get_ble_advertiser_instance();
3024 advertiser->Unregister(oob_advertiser_id_.value());
3025 oob_advertiser_id_ = {};
3026 }
3027
3028 /*******************************************************************************
3029 *
3030 * Function btif_dm_generate_local_oob_data
3031 *
3032 * Description Initiate oob data fetch from controller
3033 *
3034 * Parameters transport; Classic or LE
3035 *
3036 ******************************************************************************/
btif_dm_generate_local_oob_data(tBT_TRANSPORT transport)3037 void btif_dm_generate_local_oob_data(tBT_TRANSPORT transport) {
3038 log::debug("Transport {}", bt_transport_text(transport));
3039 if (transport == BT_TRANSPORT_BR_EDR) {
3040 BTM_ReadLocalOobData();
3041 } else if (transport == BT_TRANSPORT_LE) {
3042 // Call create data first, so we don't have to hold on to the address for
3043 // the state machine lifecycle. Rather, lets create the data, then start
3044 // advertising then request the address.
3045 if (!waiting_on_oob_advertiser_start) {
3046 // For chasing an advertising bug b/237023051
3047 log::debug("oob_advertiser_id: {}", oob_advertiser_id_.value_or(255));
3048 if (oob_advertiser_id_.has_value()) {
3049 stop_oob_advertiser();
3050 }
3051 waiting_on_oob_advertiser_start = true;
3052 if (!SMP_CrLocScOobData()) {
3053 waiting_on_oob_advertiser_start = false;
3054 GetInterfaceToProfiles()->events->invoke_oob_data_request_cb(transport, false, Octet16{},
3055 Octet16{}, RawAddress{}, 0x00);
3056 }
3057 } else {
3058 GetInterfaceToProfiles()->events->invoke_oob_data_request_cb(transport, false, Octet16{},
3059 Octet16{}, RawAddress{}, 0x00);
3060 }
3061 }
3062 }
3063
3064 // Step Four: CallBack from Step Three
get_address_callback(tBT_TRANSPORT transport,bool is_valid,const Octet16 & c,const Octet16 & r,uint8_t address_type,RawAddress address)3065 static void get_address_callback(tBT_TRANSPORT transport, bool is_valid, const Octet16& c,
3066 const Octet16& r, uint8_t address_type, RawAddress address) {
3067 GetInterfaceToProfiles()->events->invoke_oob_data_request_cb(transport, is_valid, c, r, address,
3068 address_type);
3069 waiting_on_oob_advertiser_start = false;
3070 }
3071
3072 // Step Three: CallBack from Step Two, advertise and get address
start_advertising_callback(uint8_t id,tBT_TRANSPORT transport,bool is_valid,const Octet16 & c,const Octet16 & r,uint8_t advertising_status)3073 static void start_advertising_callback(uint8_t id, tBT_TRANSPORT transport, bool is_valid,
3074 const Octet16& c, const Octet16& r,
3075 uint8_t advertising_status) {
3076 if (advertising_status != 0) {
3077 log::info("OOB get advertiser ID failed with status {}", advertising_status);
3078 GetInterfaceToProfiles()->events->invoke_oob_data_request_cb(transport, false, c, r,
3079 RawAddress{}, 0x00);
3080 SMP_ClearLocScOobData();
3081 waiting_on_oob_advertiser_start = false;
3082 oob_advertiser_id_ = {};
3083 return;
3084 }
3085 log::debug("OOB advertiser with id {}", id);
3086 auto advertiser = bluetooth::shim::get_ble_advertiser_instance();
3087 advertiser->GetOwnAddress(id, base::Bind(&get_address_callback, transport, is_valid, c, r));
3088 }
3089
timeout_cb(uint8_t id,uint8_t advertising_status)3090 static void timeout_cb(uint8_t id, uint8_t advertising_status) {
3091 log::info("OOB advertiser with id {} timed out with status {}", id, advertising_status);
3092 auto advertiser = bluetooth::shim::get_ble_advertiser_instance();
3093 advertiser->Unregister(id);
3094 SMP_ClearLocScOobData();
3095 waiting_on_oob_advertiser_start = false;
3096 oob_advertiser_id_ = {};
3097 }
3098
3099 // Step Two: CallBack from Step One, advertise and get address
id_status_callback(tBT_TRANSPORT transport,bool is_valid,const Octet16 & c,const Octet16 & r,uint8_t id,uint8_t advertising_status)3100 static void id_status_callback(tBT_TRANSPORT transport, bool is_valid, const Octet16& c,
3101 const Octet16& r, uint8_t id, uint8_t advertising_status) {
3102 if (advertising_status != 0) {
3103 log::info("OOB get advertiser ID failed with status {}", advertising_status);
3104 GetInterfaceToProfiles()->events->invoke_oob_data_request_cb(transport, false, c, r,
3105 RawAddress{}, 0x00);
3106 SMP_ClearLocScOobData();
3107 waiting_on_oob_advertiser_start = false;
3108 oob_advertiser_id_ = {};
3109 return;
3110 }
3111
3112 oob_advertiser_id_ = id;
3113 log::info("oob_advertiser_id: {}", id);
3114
3115 auto advertiser = bluetooth::shim::get_ble_advertiser_instance();
3116 ::AdvertiseParameters parameters{};
3117 parameters.advertising_event_properties = 0x0041 /* connectable, tx power */;
3118 parameters.min_interval = 0xa0; // 100 ms
3119 parameters.max_interval = 0x500; // 800 ms
3120 parameters.channel_map = 0x7; // Use all the channels
3121 parameters.tx_power = 0; // 0 dBm
3122 parameters.primary_advertising_phy = 1;
3123 parameters.secondary_advertising_phy = 2;
3124 parameters.scan_request_notification_enable = 0;
3125 parameters.own_address_type = BLE_ADDR_RANDOM;
3126 parameters.discoverable = true;
3127
3128 std::vector<uint8_t> advertisement{0x02, 0x01 /* Flags */, 0x02 /* Connectable */};
3129 std::vector<uint8_t> scan_data{};
3130
3131 advertiser->StartAdvertising(
3132 id, base::Bind(&start_advertising_callback, id, transport, is_valid, c, r), parameters,
3133 advertisement, scan_data, 120 /* timeout_s */, base::Bind(&timeout_cb, id));
3134 }
3135
3136 // Step One: Start the advertiser
start_oob_advertiser(tBT_TRANSPORT transport,bool is_valid,const Octet16 & c,const Octet16 & r)3137 static void start_oob_advertiser(tBT_TRANSPORT transport, bool is_valid, const Octet16& c,
3138 const Octet16& r) {
3139 auto advertiser = bluetooth::shim::get_ble_advertiser_instance();
3140 advertiser->RegisterAdvertiser(base::Bind(&id_status_callback, transport, is_valid, c, r));
3141 }
3142
btif_dm_proc_loc_oob(tBT_TRANSPORT transport,bool is_valid,const Octet16 & c,const Octet16 & r)3143 void btif_dm_proc_loc_oob(tBT_TRANSPORT transport, bool is_valid, const Octet16& c,
3144 const Octet16& r) {
3145 // is_valid is important for deciding which OobDataCallback function to use
3146 if (!is_valid) {
3147 GetInterfaceToProfiles()->events->invoke_oob_data_request_cb(transport, false, c, r,
3148 RawAddress{}, 0x00);
3149 waiting_on_oob_advertiser_start = false;
3150 return;
3151 }
3152 if (transport == BT_TRANSPORT_LE) {
3153 // Now that we have the data, lets start advertising and get the address.
3154 start_oob_advertiser(transport, is_valid, c, r);
3155 } else {
3156 GetInterfaceToProfiles()->events->invoke_oob_data_request_cb(
3157 transport, is_valid, c, r,
3158 bluetooth::ToRawAddress(bluetooth::shim::GetController()->GetMacAddress()), 0x00);
3159 }
3160 }
3161
3162 /*******************************************************************************
3163 *
3164 * Function btif_dm_get_smp_config
3165 *
3166 * Description Retrieve the SMP pairing options from the bt_stack.conf
3167 * file. To provide specific pairing options for the host
3168 * add a node with label "SmpOptions" to the config file
3169 * and assign it a comma separated list of 5 values in the
3170 * format: auth, io, ikey, rkey, ksize, oob
3171 * eg: PTS_SmpOptions=0xD,0x4,0xf,0xf,0x10
3172 *
3173 * Parameters: tBTE_APPL_CFG*: pointer to struct defining pairing options
3174 *
3175 * Returns true if the options were successfully read, else false
3176 *
3177 ******************************************************************************/
btif_dm_get_smp_config(tBTE_APPL_CFG * p_cfg)3178 bool btif_dm_get_smp_config(tBTE_APPL_CFG* p_cfg) {
3179 const std::string* recv = stack_config_get_interface()->get_pts_smp_options();
3180 if (!recv) {
3181 log::warn("SMP pairing options not found in stack configuration");
3182 return false;
3183 }
3184
3185 char conf[64];
3186 char* pch;
3187 char* endptr;
3188 char* saveptr;
3189
3190 strncpy(conf, recv->c_str(), 64);
3191 conf[63] = 0; // null terminate
3192
3193 pch = strtok_r(conf, ",", &saveptr);
3194 if (pch != NULL) {
3195 p_cfg->ble_auth_req = (uint8_t)strtoul(pch, &endptr, 16);
3196 } else {
3197 return false;
3198 }
3199
3200 pch = strtok_r(NULL, ",", &saveptr);
3201 if (pch != NULL) {
3202 p_cfg->ble_io_cap = (uint8_t)strtoul(pch, &endptr, 16);
3203 } else {
3204 return false;
3205 }
3206
3207 pch = strtok_r(NULL, ",", &saveptr);
3208 if (pch != NULL) {
3209 p_cfg->ble_init_key = (uint8_t)strtoul(pch, &endptr, 16);
3210 } else {
3211 return false;
3212 }
3213
3214 pch = strtok_r(NULL, ",", &saveptr);
3215 if (pch != NULL) {
3216 p_cfg->ble_resp_key = (uint8_t)strtoul(pch, &endptr, 16);
3217 } else {
3218 return false;
3219 }
3220
3221 pch = strtok_r(NULL, ",", &saveptr);
3222 if (pch != NULL) {
3223 p_cfg->ble_max_key_size = (uint8_t)strtoul(pch, &endptr, 16);
3224 } else {
3225 return false;
3226 }
3227
3228 return true;
3229 }
3230
btif_dm_proc_rmt_oob(const RawAddress & bd_addr,Octet16 * p_c,Octet16 * p_r)3231 bool btif_dm_proc_rmt_oob(const RawAddress& bd_addr, Octet16* p_c, Octet16* p_r) {
3232 const char* path_a = "/data/misc/bluedroid/LOCAL/a.key";
3233 const char* path_b = "/data/misc/bluedroid/LOCAL/b.key";
3234 const char* path = NULL;
3235 char prop_oob[PROPERTY_VALUE_MAX];
3236 osi_property_get("service.brcm.bt.oob", prop_oob, "3");
3237 log::debug("prop_oob = {}", prop_oob);
3238 if (prop_oob[0] == '1') {
3239 path = path_b;
3240 } else if (prop_oob[0] == '2') {
3241 path = path_a;
3242 }
3243 if (!path) {
3244 log::debug("can't open path!");
3245 return false;
3246 }
3247
3248 FILE* fp = fopen(path, "rb");
3249 if (fp == NULL) {
3250 log::debug("failed to read OOB keys from {}", path);
3251 return false;
3252 }
3253
3254 log::verbose("read OOB data from {}", path);
3255 (void)fread(p_c->data(), 1, OCTET16_LEN, fp);
3256 (void)fread(p_r->data(), 1, OCTET16_LEN, fp);
3257 fclose(fp);
3258
3259 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);
3260 return true;
3261 }
3262
btif_dm_ble_passkey_notif_evt(tBTA_DM_SP_KEY_NOTIF * p_ssp_key_notif)3263 static void btif_dm_ble_passkey_notif_evt(tBTA_DM_SP_KEY_NOTIF* p_ssp_key_notif) {
3264 RawAddress bd_addr;
3265 int dev_type;
3266
3267 log::verbose("addr:{}", p_ssp_key_notif->bd_addr);
3268
3269 /* Remote name update */
3270 if (!btif_get_device_type(p_ssp_key_notif->bd_addr, &dev_type)) {
3271 dev_type = BT_DEVICE_TYPE_BLE;
3272 }
3273 btif_update_remote_properties(p_ssp_key_notif->bd_addr, p_ssp_key_notif->bd_name,
3274 p_ssp_key_notif->dev_class, (tBT_DEVICE_TYPE)dev_type);
3275 bd_addr = p_ssp_key_notif->bd_addr;
3276
3277 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);
3278 pairing_cb.is_ssp = false;
3279
3280 BTM_LogHistory(kBtmLogTagCallback, bd_addr, "Ssp request",
3281 base::StringPrintf("passkey:%u", p_ssp_key_notif->passkey));
3282
3283 GetInterfaceToProfiles()->events->invoke_ssp_request_cb(
3284 bd_addr, BT_SSP_VARIANT_PASSKEY_NOTIFICATION, p_ssp_key_notif->passkey);
3285 }
3286
btif_dm_ble_is_temp_pairing(RawAddress & bd_addr,bool ctkd)3287 static bool btif_dm_ble_is_temp_pairing(RawAddress& bd_addr, bool ctkd) {
3288 if (btm_get_bond_type_dev(bd_addr) == BOND_TYPE_TEMPORARY) {
3289 return ctkd;
3290 }
3291
3292 return false;
3293 }
3294
btif_model_name_known(const RawAddress & bd_addr)3295 static bool btif_model_name_known(const RawAddress& bd_addr) {
3296 bt_property_t prop;
3297 bt_bdname_t model_name;
3298 BTIF_STORAGE_FILL_PROPERTY(&prop, BT_PROPERTY_REMOTE_MODEL_NUM, sizeof(model_name), &model_name);
3299
3300 if (btif_storage_get_remote_device_property(&bd_addr, &prop) != BT_STATUS_SUCCESS ||
3301 prop.len == 0) {
3302 log::info("Device {} no cached model name", bd_addr);
3303 return false;
3304 }
3305
3306 return true;
3307 }
3308
read_dis_cback(const RawAddress & bd_addr,tDIS_VALUE * p_dis_value)3309 static void read_dis_cback(const RawAddress& bd_addr, tDIS_VALUE* p_dis_value) {
3310 if (p_dis_value == nullptr) {
3311 log::warn("received unexpected/error DIS callback");
3312 return;
3313 }
3314
3315 if (!(p_dis_value->attr_mask & DIS_ATTR_MODEL_NUM_BIT)) {
3316 log::warn("unknown bit, mask: {}", (int)p_dis_value->attr_mask);
3317 return;
3318 }
3319
3320 for (int i = 0; i < DIS_MAX_STRING_DATA; i++) {
3321 if (p_dis_value->data_string[i] == nullptr) {
3322 continue;
3323 }
3324
3325 bt_property_t prop;
3326 prop.type = BT_PROPERTY_REMOTE_MODEL_NUM;
3327 prop.val = p_dis_value->data_string[i];
3328 prop.len = strlen((char*)prop.val);
3329
3330 log::info("Device {}, model name: {}", bd_addr, (char*)prop.val);
3331
3332 btif_storage_set_remote_device_property(&bd_addr, &prop);
3333 GetInterfaceToProfiles()->events->invoke_remote_device_properties_cb(BT_STATUS_SUCCESS, bd_addr,
3334 1, &prop);
3335 }
3336 }
3337
3338 /*******************************************************************************
3339 *
3340 * Function btif_dm_ble_auth_cmpl_evt
3341 *
3342 * Description Executes authentication complete event in btif context
3343 *
3344 * Returns void
3345 *
3346 ******************************************************************************/
btif_dm_ble_auth_cmpl_evt(tBTA_DM_AUTH_CMPL * p_auth_cmpl)3347 static void btif_dm_ble_auth_cmpl_evt(tBTA_DM_AUTH_CMPL* p_auth_cmpl) {
3348 /* Save link key, if not temporary */
3349 bt_status_t status = BT_STATUS_FAIL;
3350 bt_bond_state_t state = BT_BOND_STATE_NONE;
3351
3352 RawAddress bd_addr = p_auth_cmpl->bd_addr;
3353
3354 /* Clear OOB data */
3355 memset(&oob_cb, 0, sizeof(oob_cb));
3356
3357 if ((p_auth_cmpl->success) && (p_auth_cmpl->key_present)) {
3358 /* store keys */
3359 }
3360 if (p_auth_cmpl->success) {
3361 status = BT_STATUS_SUCCESS;
3362 state = BT_BOND_STATE_BONDED;
3363 tBLE_ADDR_TYPE addr_type;
3364
3365 if (btif_storage_get_remote_addr_type(&bd_addr, &addr_type) != BT_STATUS_SUCCESS) {
3366 btif_storage_set_remote_addr_type(&bd_addr, p_auth_cmpl->addr_type);
3367 }
3368
3369 /* Test for temporary bonding */
3370 if (btif_dm_ble_is_temp_pairing(bd_addr, p_auth_cmpl->is_ctkd)) {
3371 log::debug("sending BT_BOND_STATE_NONE for Temp pairing");
3372 btif_storage_remove_bonded_device(&bd_addr);
3373 state = BT_BOND_STATE_NONE;
3374 } else {
3375 btif_dm_save_ble_bonding_keys(bd_addr);
3376
3377 if (is_le_audio_capable_during_service_discovery(bd_addr) &&
3378 !btif_model_name_known(bd_addr) &&
3379 get_btm_client_interface().peer.BTM_IsAclConnectionUp(bd_addr, BT_TRANSPORT_LE)) {
3380 log::info("Read model name for le audio capable device");
3381 if (!DIS_ReadDISInfo(bd_addr, read_dis_cback, DIS_ATTR_MODEL_NUM_BIT)) {
3382 log::warn("Read DIS failed");
3383 }
3384 }
3385
3386 if (pairing_cb.gatt_over_le == btif_dm_pairing_cb_t::ServiceDiscoveryState::NOT_STARTED) {
3387 log::info("scheduling GATT discovery over LE for {}", bd_addr);
3388 pairing_cb.gatt_over_le = btif_dm_pairing_cb_t::ServiceDiscoveryState::SCHEDULED;
3389 btif_dm_get_remote_services(bd_addr, BT_TRANSPORT_LE);
3390 } else {
3391 log::info(
3392 "skipping GATT discovery over LE - was already scheduled or "
3393 "finished for {}, state: {}",
3394 bd_addr, pairing_cb.gatt_over_le);
3395 }
3396 }
3397 } else {
3398 /* Map the HCI fail reason to bt status */
3399 // TODO This is not a proper use of the type
3400 uint8_t fail_reason = static_cast<uint8_t>(p_auth_cmpl->fail_reason);
3401 log::error("LE authentication for {} failed with reason {}", bd_addr, p_auth_cmpl->fail_reason);
3402 switch (fail_reason) {
3403 case BTA_DM_AUTH_SMP_PAIR_AUTH_FAIL:
3404 case BTA_DM_AUTH_SMP_CONFIRM_VALUE_FAIL:
3405 case BTA_DM_AUTH_SMP_UNKNOWN_ERR:
3406 btif_dm_remove_ble_bonding_keys();
3407 status = BT_STATUS_AUTH_FAILURE;
3408 break;
3409
3410 case BTA_DM_AUTH_SMP_CONN_TOUT: {
3411 if (!p_auth_cmpl->is_ctkd && btm_sec_is_a_bonded_dev(bd_addr)) {
3412 log::warn("Bonded device addr={}, timed out - will not remove the keys", bd_addr);
3413 // Don't send state change to upper layers - otherwise Java think we
3414 // unbonded, and will disconnect HID profile.
3415 return;
3416 }
3417 log::info("Removing ble bonding keys on SMP_CONN_TOUT during crosskey: {}",
3418 p_auth_cmpl->is_ctkd);
3419 btif_dm_remove_ble_bonding_keys();
3420 status = BT_STATUS_AUTH_FAILURE;
3421 break;
3422 }
3423 case BTA_DM_AUTH_SMP_PAIR_NOT_SUPPORT:
3424 status = BT_STATUS_AUTH_REJECTED;
3425 break;
3426 default:
3427 btif_dm_remove_ble_bonding_keys();
3428 status = BT_STATUS_UNHANDLED;
3429 break;
3430 }
3431 }
3432 if (state == BT_BOND_STATE_BONDED && !pairing_cb.static_bdaddr.IsEmpty() &&
3433 bd_addr != pairing_cb.static_bdaddr) {
3434 // Report RPA bonding state to Java in crosskey paring
3435 bond_state_changed(status, bd_addr, BT_BOND_STATE_BONDING);
3436 }
3437 bond_state_changed(status, bd_addr, state);
3438 // TODO(240451061): Calling `stop_oob_advertiser();` gets command
3439 // disallowed...
3440 }
3441
btif_dm_load_ble_local_keys(void)3442 void btif_dm_load_ble_local_keys(void) {
3443 memset(&ble_local_key_cb, 0, sizeof(btif_dm_local_key_cb_t));
3444
3445 if (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_ER, &ble_local_key_cb.er) ==
3446 BT_STATUS_SUCCESS) {
3447 ble_local_key_cb.is_er_rcvd = true;
3448 log::verbose("BLE ER key loaded");
3449 }
3450
3451 if ((btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_IR, &ble_local_key_cb.id_keys.ir) ==
3452 BT_STATUS_SUCCESS) &&
3453 (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_IRK, &ble_local_key_cb.id_keys.irk) ==
3454 BT_STATUS_SUCCESS) &&
3455 (btif_storage_get_ble_local_key(BTIF_DM_LE_LOCAL_KEY_DHK, &ble_local_key_cb.id_keys.dhk) ==
3456 BT_STATUS_SUCCESS)) {
3457 ble_local_key_cb.is_id_keys_rcvd = true;
3458 log::verbose("BLE ID keys loaded");
3459 }
3460 }
btif_dm_get_ble_local_keys(tBTA_DM_BLE_LOCAL_KEY_MASK * p_key_mask,Octet16 * p_er,tBTA_BLE_LOCAL_ID_KEYS * p_id_keys)3461 void btif_dm_get_ble_local_keys(tBTA_DM_BLE_LOCAL_KEY_MASK* p_key_mask, Octet16* p_er,
3462 tBTA_BLE_LOCAL_ID_KEYS* p_id_keys) {
3463 log::assert_that(p_key_mask != nullptr, "assert failed: p_key_mask != nullptr");
3464 if (ble_local_key_cb.is_er_rcvd) {
3465 log::assert_that(p_er != nullptr, "assert failed: p_er != nullptr");
3466 *p_er = ble_local_key_cb.er;
3467 *p_key_mask |= BTA_BLE_LOCAL_KEY_TYPE_ER;
3468 }
3469
3470 if (ble_local_key_cb.is_id_keys_rcvd) {
3471 log::assert_that(p_id_keys != nullptr, "assert failed: p_id_keys != nullptr");
3472 p_id_keys->ir = ble_local_key_cb.id_keys.ir;
3473 p_id_keys->irk = ble_local_key_cb.id_keys.irk;
3474 p_id_keys->dhk = ble_local_key_cb.id_keys.dhk;
3475 *p_key_mask |= BTA_BLE_LOCAL_KEY_TYPE_ID;
3476 }
3477 log::verbose("*p_key_mask=0x{:02x}", *p_key_mask);
3478 }
3479
btif_dm_save_ble_bonding_keys(RawAddress & bd_addr)3480 static void btif_dm_save_ble_bonding_keys(RawAddress& bd_addr) {
3481 log::verbose("{}", bd_addr);
3482
3483 if (bd_addr.IsEmpty()) {
3484 log::warn("bd_addr is empty");
3485 return;
3486 }
3487
3488 if (pairing_cb.ble.is_penc_key_rcvd) {
3489 btif_storage_add_ble_bonding_key(&bd_addr, (uint8_t*)&pairing_cb.ble.penc_key, BTM_LE_KEY_PENC,
3490 sizeof(tBTM_LE_PENC_KEYS));
3491 }
3492
3493 if (pairing_cb.ble.is_pid_key_rcvd) {
3494 btif_storage_add_ble_bonding_key(&bd_addr, (uint8_t*)&pairing_cb.ble.pid_key, BTM_LE_KEY_PID,
3495 sizeof(tBTM_LE_PID_KEYS));
3496 }
3497
3498 if (pairing_cb.ble.is_pcsrk_key_rcvd) {
3499 btif_storage_add_ble_bonding_key(&bd_addr, (uint8_t*)&pairing_cb.ble.pcsrk_key,
3500 BTM_LE_KEY_PCSRK, sizeof(tBTM_LE_PCSRK_KEYS));
3501 }
3502
3503 if (pairing_cb.ble.is_lenc_key_rcvd) {
3504 btif_storage_add_ble_bonding_key(&bd_addr, (uint8_t*)&pairing_cb.ble.lenc_key, BTM_LE_KEY_LENC,
3505 sizeof(tBTM_LE_LENC_KEYS));
3506 }
3507
3508 if (pairing_cb.ble.is_lcsrk_key_rcvd) {
3509 btif_storage_add_ble_bonding_key(&bd_addr, (uint8_t*)&pairing_cb.ble.lcsrk_key,
3510 BTM_LE_KEY_LCSRK, sizeof(tBTM_LE_LCSRK_KEYS));
3511 }
3512
3513 if (pairing_cb.ble.is_lidk_key_rcvd) {
3514 uint8_t empty[] = {};
3515 btif_storage_add_ble_bonding_key(&bd_addr, empty, BTM_LE_KEY_LID, 0);
3516 }
3517 }
3518
btif_dm_remove_ble_bonding_keys(void)3519 static void btif_dm_remove_ble_bonding_keys(void) {
3520 log::verbose("removing ble bonding keys");
3521
3522 RawAddress bd_addr = pairing_cb.bd_addr;
3523 btif_storage_remove_ble_bonding_keys(&bd_addr);
3524 }
3525
3526 /*******************************************************************************
3527 *
3528 * Function btif_dm_ble_sec_req_evt
3529 *
3530 * Description Eprocess security request event in btif context
3531 *
3532 * Returns void
3533 *
3534 ******************************************************************************/
btif_dm_ble_sec_req_evt(tBTA_DM_BLE_SEC_REQ * p_ble_req,bool is_consent)3535 static void btif_dm_ble_sec_req_evt(tBTA_DM_BLE_SEC_REQ* p_ble_req, bool is_consent) {
3536 int dev_type;
3537
3538 log::verbose("addr:{}", p_ble_req->bd_addr);
3539
3540 if (!is_consent && pairing_cb.state == BT_BOND_STATE_BONDING) {
3541 log::warn("Discard security request");
3542 return;
3543 }
3544
3545 /* Remote name update */
3546 if (!btif_get_device_type(p_ble_req->bd_addr, &dev_type)) {
3547 dev_type = BT_DEVICE_TYPE_BLE;
3548 }
3549 btif_update_remote_properties(p_ble_req->bd_addr, p_ble_req->bd_name, p_ble_req->dev_class,
3550 (tBT_DEVICE_TYPE)dev_type);
3551
3552 RawAddress bd_addr = p_ble_req->bd_addr;
3553
3554 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);
3555
3556 pairing_cb.bond_type = BOND_TYPE_PERSISTENT;
3557 pairing_cb.is_le_only = true;
3558 pairing_cb.is_le_nc = false;
3559 pairing_cb.is_ssp = true;
3560 btm_set_bond_type_dev(p_ble_req->bd_addr, pairing_cb.bond_type);
3561
3562 BTM_LogHistory(kBtmLogTagCallback, bd_addr, "SSP ble request", "BT_SSP_VARIANT_CONSENT");
3563
3564 GetInterfaceToProfiles()->events->invoke_ssp_request_cb(bd_addr, BT_SSP_VARIANT_CONSENT, 0);
3565 }
3566
3567 /*******************************************************************************
3568 *
3569 * Function btif_dm_ble_passkey_req_evt
3570 *
3571 * Description Executes pin request event in btif context
3572 *
3573 * Returns void
3574 *
3575 ******************************************************************************/
btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ * p_pin_req)3576 static void btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ* p_pin_req) {
3577 bt_bdname_t bd_name;
3578 uint32_t cod;
3579 int dev_type;
3580
3581 /* Remote name update */
3582 if (!btif_get_device_type(p_pin_req->bd_addr, &dev_type)) {
3583 dev_type = BT_DEVICE_TYPE_BLE;
3584 }
3585 btif_update_remote_properties(p_pin_req->bd_addr, p_pin_req->bd_name, p_pin_req->dev_class,
3586 (tBT_DEVICE_TYPE)dev_type);
3587
3588 RawAddress bd_addr = p_pin_req->bd_addr;
3589 bd_name_copy(bd_name.name, p_pin_req->bd_name);
3590
3591 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);
3592 pairing_cb.is_le_only = true;
3593
3594 cod = COD_UNCLASSIFIED;
3595
3596 BTM_LogHistory(kBtmLogTagCallback, bd_addr, "PIN request",
3597 base::StringPrintf("name:'%s'",
3598 PRIVATE_NAME(reinterpret_cast<char const*>(bd_name.name))));
3599
3600 GetInterfaceToProfiles()->events->invoke_pin_request_cb(bd_addr, bd_name, cod, false);
3601 }
btif_dm_ble_key_nc_req_evt(tBTA_DM_SP_KEY_NOTIF * p_notif_req)3602 static void btif_dm_ble_key_nc_req_evt(tBTA_DM_SP_KEY_NOTIF* p_notif_req) {
3603 /* TODO implement key notification for numeric comparison */
3604
3605 RawAddress bd_addr = p_notif_req->bd_addr;
3606 log::verbose("addr:{}", bd_addr);
3607
3608 /* Remote name update */
3609 btif_update_remote_properties(p_notif_req->bd_addr, p_notif_req->bd_name, p_notif_req->dev_class,
3610 BT_DEVICE_TYPE_BLE);
3611
3612 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);
3613 pairing_cb.is_ssp = false;
3614 pairing_cb.is_le_only = true;
3615 pairing_cb.is_le_nc = true;
3616
3617 BTM_LogHistory(kBtmLogTagCallback, bd_addr, "Ssp request",
3618 base::StringPrintf("passkey:%u", p_notif_req->passkey));
3619
3620 GetInterfaceToProfiles()->events->invoke_ssp_request_cb(
3621 bd_addr, BT_SSP_VARIANT_PASSKEY_CONFIRMATION, p_notif_req->passkey);
3622 }
3623
btif_dm_ble_oob_req_evt(tBTA_DM_SP_RMT_OOB * req_oob_type)3624 static void btif_dm_ble_oob_req_evt(tBTA_DM_SP_RMT_OOB* req_oob_type) {
3625 log::verbose("addr:{}", req_oob_type->bd_addr);
3626
3627 RawAddress bd_addr = req_oob_type->bd_addr;
3628 /* We already checked if OOB data is present in
3629 * btif_dm_set_oob_for_le_io_req, but check here again. If it's not present
3630 * do nothing, pairing will timeout.
3631 */
3632 if (is_empty_128bit(oob_cb.p192_data.sm_tk)) {
3633 return;
3634 }
3635
3636 /* make sure OOB data is for this particular device */
3637 if (req_oob_type->bd_addr != oob_cb.bdaddr) {
3638 log::warn("remote address didn't match OOB data address");
3639 return;
3640 }
3641
3642 /* Remote name update */
3643 btif_update_remote_properties(req_oob_type->bd_addr, req_oob_type->bd_name,
3644 req_oob_type->dev_class, BT_DEVICE_TYPE_BLE);
3645
3646 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);
3647 pairing_cb.is_ssp = false;
3648 pairing_cb.is_le_only = true;
3649 pairing_cb.is_le_nc = false;
3650
3651 BTM_BleOobDataReply(req_oob_type->bd_addr, tBTM_STATUS::BTM_SUCCESS, 16, oob_cb.p192_data.sm_tk);
3652 }
3653
btif_dm_ble_sc_oob_req_evt(tBTA_DM_SP_RMT_OOB * req_oob_type)3654 static void btif_dm_ble_sc_oob_req_evt(tBTA_DM_SP_RMT_OOB* req_oob_type) {
3655 RawAddress bd_addr = req_oob_type->bd_addr;
3656 log::verbose("bd_addr: {}", bd_addr);
3657 log::verbose("oob_cb.bdaddr: {}", oob_cb.bdaddr);
3658
3659 /* make sure OOB data is for this particular device */
3660 if (req_oob_type->bd_addr != oob_cb.bdaddr) {
3661 log::error("remote address didn't match OOB data address");
3662 return;
3663 }
3664
3665 /* We already checked if OOB data is present in
3666 * btif_dm_set_oob_for_le_io_req, but check here again. If it's not present
3667 * do nothing, pairing will timeout.
3668 */
3669 bt_oob_data_t oob_data_to_use = {};
3670 switch (oob_cb.data_present) {
3671 case BTM_OOB_PRESENT_192_AND_256:
3672 log::info("Have both P192 and P256");
3673 [[fallthrough]];
3674 // Always prefer 256 for LE
3675 case BTM_OOB_PRESENT_256:
3676 log::info("Using P256");
3677 if (is_empty_128bit(oob_cb.p256_data.c) && is_empty_128bit(oob_cb.p256_data.r)) {
3678 log::warn("P256 LE SC OOB data is empty");
3679 return;
3680 }
3681 oob_data_to_use = oob_cb.p256_data;
3682 break;
3683 case BTM_OOB_PRESENT_192:
3684 log::info("Using P192");
3685 if (is_empty_128bit(oob_cb.p192_data.c) && is_empty_128bit(oob_cb.p192_data.r)) {
3686 log::warn("P192 LE SC OOB data is empty");
3687 return;
3688 }
3689 oob_data_to_use = oob_cb.p192_data;
3690 break;
3691 }
3692
3693 /* Remote name update */
3694 btif_update_remote_properties(req_oob_type->bd_addr, oob_data_to_use.device_name,
3695 req_oob_type->dev_class, BT_DEVICE_TYPE_BLE);
3696
3697 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);
3698 pairing_cb.is_ssp = false;
3699 // TODO: we can derive classic pairing from this one
3700 pairing_cb.is_le_only = true;
3701 pairing_cb.is_le_nc = false;
3702 BTM_BleSecureConnectionOobDataReply(req_oob_type->bd_addr, oob_data_to_use.c, oob_data_to_use.r);
3703 }
3704
btif_dm_ble_tx_test_cback(void * p)3705 static void btif_dm_ble_tx_test_cback(void* p) {
3706 char* p_param = (char*)p;
3707 uint8_t status;
3708 STREAM_TO_UINT8(status, p_param);
3709 GetInterfaceToProfiles()->events->invoke_le_test_mode_cb(
3710 (status == 0) ? BT_STATUS_SUCCESS : BT_STATUS_FAIL, 0);
3711 }
3712
btif_dm_ble_rx_test_cback(void * p)3713 static void btif_dm_ble_rx_test_cback(void* p) {
3714 char* p_param = (char*)p;
3715 uint8_t status;
3716 STREAM_TO_UINT8(status, p_param);
3717 GetInterfaceToProfiles()->events->invoke_le_test_mode_cb(
3718 (status == 0) ? BT_STATUS_SUCCESS : BT_STATUS_FAIL, 0);
3719 }
3720
btif_dm_ble_test_end_cback(void * p)3721 static void btif_dm_ble_test_end_cback(void* p) {
3722 char* p_param = (char*)p;
3723 uint8_t status;
3724 uint16_t count = 0;
3725 STREAM_TO_UINT8(status, p_param);
3726 if (status == 0) {
3727 STREAM_TO_UINT16(count, p_param);
3728 }
3729 GetInterfaceToProfiles()->events->invoke_le_test_mode_cb(
3730 (status == 0) ? BT_STATUS_SUCCESS : BT_STATUS_FAIL, count);
3731 }
3732
btif_ble_transmitter_test(uint8_t tx_freq,uint8_t test_data_len,uint8_t packet_payload)3733 void btif_ble_transmitter_test(uint8_t tx_freq, uint8_t test_data_len, uint8_t packet_payload) {
3734 BTM_BleTransmitterTest(tx_freq, test_data_len, packet_payload, btif_dm_ble_tx_test_cback);
3735 }
3736
btif_ble_receiver_test(uint8_t rx_freq)3737 void btif_ble_receiver_test(uint8_t rx_freq) {
3738 BTM_BleReceiverTest(rx_freq, btif_dm_ble_rx_test_cback);
3739 }
3740
btif_ble_test_end()3741 void btif_ble_test_end() { BTM_BleTestEnd(btif_dm_ble_test_end_cback); }
3742
btif_dm_on_disable()3743 void btif_dm_on_disable() {
3744 /* cancel any pending pairing requests */
3745 if (is_bonding_or_sdp()) {
3746 log::verbose("Cancel pending pairing request");
3747 btif_dm_cancel_bond(pairing_cb.bd_addr);
3748 }
3749 }
3750
3751 /*******************************************************************************
3752 *
3753 * Function btif_dm_read_energy_info
3754 *
3755 * Description Reads the energy info from controller
3756 *
3757 * Returns void
3758 *
3759 ******************************************************************************/
btif_dm_read_energy_info()3760 void btif_dm_read_energy_info() { BTA_DmBleGetEnergyInfo(bta_energy_info_cb); }
3761
btif_get_default_local_name()3762 static const char* btif_get_default_local_name() {
3763 if (btif_default_local_name[0] == '\0') {
3764 int max_len = sizeof(btif_default_local_name) - 1;
3765
3766 char prop_name[PROPERTY_VALUE_MAX];
3767 osi_property_get(PROPERTY_DEFAULT_DEVICE_NAME, prop_name, "");
3768 strncpy(btif_default_local_name, prop_name, max_len);
3769
3770 // If no value was placed in the btif_default_local_name then use model name
3771 if (btif_default_local_name[0] == '\0') {
3772 char prop_model[PROPERTY_VALUE_MAX];
3773 osi_property_get(PROPERTY_PRODUCT_MODEL, prop_model, "");
3774 strncpy(btif_default_local_name, prop_model, max_len);
3775 }
3776 btif_default_local_name[max_len] = '\0';
3777 }
3778 return btif_default_local_name;
3779 }
3780
btif_stats_add_bond_event(const RawAddress & bd_addr,bt_bond_function_t function,bt_bond_state_t state)3781 static void btif_stats_add_bond_event(const RawAddress& bd_addr, bt_bond_function_t function,
3782 bt_bond_state_t state) {
3783 std::unique_lock<std::mutex> lock(bond_event_lock);
3784
3785 btif_bond_event_t* event = &btif_dm_bond_events[btif_events_end_index];
3786 event->bd_addr = bd_addr;
3787 event->function = function;
3788 event->state = state;
3789 clock_gettime(CLOCK_REALTIME, &event->timestamp);
3790
3791 btif_num_bond_events++;
3792 btif_events_end_index = (btif_events_end_index + 1) % (MAX_BTIF_BOND_EVENT_ENTRIES + 1);
3793 if (btif_events_end_index == btif_events_start_index) {
3794 btif_events_start_index = (btif_events_start_index + 1) % (MAX_BTIF_BOND_EVENT_ENTRIES + 1);
3795 }
3796
3797 int type;
3798 btif_get_device_type(bd_addr, &type);
3799
3800 bluetooth::common::device_type_t device_type;
3801 switch (type) {
3802 case BT_DEVICE_TYPE_BREDR:
3803 device_type = bluetooth::common::DEVICE_TYPE_BREDR;
3804 break;
3805 case BT_DEVICE_TYPE_BLE:
3806 device_type = bluetooth::common::DEVICE_TYPE_LE;
3807 break;
3808 case BT_DEVICE_TYPE_DUMO:
3809 device_type = bluetooth::common::DEVICE_TYPE_DUMO;
3810 break;
3811 default:
3812 device_type = bluetooth::common::DEVICE_TYPE_UNKNOWN;
3813 break;
3814 }
3815
3816 uint32_t cod = get_cod(&bd_addr);
3817 uint64_t ts = event->timestamp.tv_sec * 1000 + event->timestamp.tv_nsec / 1000000;
3818 bluetooth::common::BluetoothMetricsLogger::GetInstance()->LogPairEvent(0, ts, cod, device_type);
3819 }
3820
btif_debug_bond_event_dump(int fd)3821 void btif_debug_bond_event_dump(int fd) {
3822 std::unique_lock<std::mutex> lock(bond_event_lock);
3823 dprintf(fd, "\nBond Events: \n");
3824 dprintf(fd, " Total Number of events: %zu\n", btif_num_bond_events);
3825 if (btif_num_bond_events > 0) {
3826 dprintf(fd, " Time address Function State\n");
3827 }
3828
3829 for (size_t i = btif_events_start_index; i != btif_events_end_index;
3830 i = (i + 1) % (MAX_BTIF_BOND_EVENT_ENTRIES + 1)) {
3831 btif_bond_event_t* event = &btif_dm_bond_events[i];
3832
3833 char eventtime[20];
3834 char temptime[20];
3835 struct tm buf;
3836 struct tm* tstamp = localtime_r(&event->timestamp.tv_sec, &buf);
3837 strftime(temptime, sizeof(temptime), "%H:%M:%S", tstamp);
3838 snprintf(eventtime, sizeof(eventtime), "%s.%03ld", temptime,
3839 event->timestamp.tv_nsec / 1000000);
3840
3841 const char* func_name;
3842 switch (event->function) {
3843 case BTIF_DM_FUNC_CREATE_BOND:
3844 func_name = "btif_dm_create_bond";
3845 break;
3846 case BTIF_DM_FUNC_REMOVE_BOND:
3847 func_name = "btif_dm_remove_bond";
3848 break;
3849 case BTIF_DM_FUNC_BOND_STATE_CHANGED:
3850 func_name = "bond_state_changed ";
3851 break;
3852 case BTIF_DM_FUNC_CANCEL_BOND:
3853 func_name = "btif_dm_cancel_bond";
3854 break;
3855 default:
3856 func_name = "Invalid value ";
3857 break;
3858 }
3859
3860 const char* bond_state;
3861 switch (event->state) {
3862 case BT_BOND_STATE_NONE:
3863 bond_state = "BOND_STATE_NONE";
3864 break;
3865 case BT_BOND_STATE_BONDING:
3866 bond_state = "BOND_STATE_BONDING";
3867 break;
3868 case BT_BOND_STATE_BONDED:
3869 bond_state = "BOND_STATE_BONDED";
3870 break;
3871 default:
3872 bond_state = "Invalid bond state";
3873 break;
3874 }
3875
3876 dprintf(fd, " %s %s %s %s\n", eventtime, ADDRESS_TO_LOGGABLE_CSTR(event->bd_addr),
3877 func_name, bond_state);
3878 }
3879 }
3880
btif_get_device_type(const RawAddress & bda,int * p_device_type)3881 bool btif_get_device_type(const RawAddress& bda, int* p_device_type) {
3882 if (p_device_type == NULL) {
3883 return false;
3884 }
3885
3886 std::string addrstr = bda.ToString();
3887 const char* bd_addr_str = addrstr.c_str();
3888
3889 if (!btif_config_get_int(bd_addr_str, BTIF_STORAGE_KEY_DEV_TYPE, p_device_type)) {
3890 return false;
3891 }
3892 tBT_DEVICE_TYPE device_type = static_cast<tBT_DEVICE_TYPE>(*p_device_type);
3893 log::debug("bd_addr:{} device_type:{}", bda, DeviceTypeText(device_type));
3894
3895 return true;
3896 }
3897
btif_get_address_type(const RawAddress & bda,tBLE_ADDR_TYPE * p_addr_type)3898 bool btif_get_address_type(const RawAddress& bda, tBLE_ADDR_TYPE* p_addr_type) {
3899 if (p_addr_type == NULL) {
3900 return false;
3901 }
3902
3903 std::string addrstr = bda.ToString();
3904 const char* bd_addr_str = addrstr.c_str();
3905
3906 int val = 0;
3907 if (!btif_config_get_int(bd_addr_str, BTIF_STORAGE_KEY_ADDR_TYPE, &val)) {
3908 return false;
3909 }
3910 *p_addr_type = static_cast<tBLE_ADDR_TYPE>(val);
3911 log::debug("bd_addr:{}[{}]", bda, AddressTypeText(*p_addr_type));
3912 return true;
3913 }
3914
btif_check_device_in_inquiry_db(const RawAddress & address)3915 void btif_check_device_in_inquiry_db(const RawAddress& address) {
3916 tBLE_ADDR_TYPE addr_type = BLE_ADDR_PUBLIC;
3917 int device_type = 0;
3918
3919 if (btif_get_address_type(address, &addr_type) && btif_get_device_type(address, &device_type) &&
3920 device_type != BT_DEVICE_TYPE_BREDR) {
3921 BTA_DmAddBleDevice(address, addr_type, device_type);
3922 }
3923 }
3924
btif_dm_clear_event_filter()3925 void btif_dm_clear_event_filter() { BTA_DmClearEventFilter(); }
3926
btif_dm_clear_event_mask()3927 void btif_dm_clear_event_mask() { BTA_DmClearEventMask(); }
3928
btif_dm_clear_filter_accept_list()3929 void btif_dm_clear_filter_accept_list() { BTA_DmClearFilterAcceptList(); }
3930
btif_dm_disconnect_all_acls()3931 void btif_dm_disconnect_all_acls() { BTA_DmDisconnectAllAcls(); }
3932
btif_dm_le_rand(bluetooth::hci::LeRandCallback callback)3933 void btif_dm_le_rand(bluetooth::hci::LeRandCallback callback) { BTA_DmLeRand(std::move(callback)); }
3934
btif_dm_set_event_filter_connection_setup_all_devices()3935 void btif_dm_set_event_filter_connection_setup_all_devices() {
3936 // Autoplumbed
3937 BTA_DmSetEventFilterConnectionSetupAllDevices();
3938 }
3939
btif_dm_allow_wake_by_hid(std::vector<RawAddress> classic_addrs,std::vector<std::pair<RawAddress,uint8_t>> le_addrs)3940 void btif_dm_allow_wake_by_hid(std::vector<RawAddress> classic_addrs,
3941 std::vector<std::pair<RawAddress, uint8_t>> le_addrs) {
3942 BTA_DmAllowWakeByHid(std::move(classic_addrs), std::move(le_addrs));
3943 }
3944
btif_dm_restore_filter_accept_list(std::vector<std::pair<RawAddress,uint8_t>> le_devices)3945 void btif_dm_restore_filter_accept_list(std::vector<std::pair<RawAddress, uint8_t>> le_devices) {
3946 // Autoplumbed
3947 BTA_DmRestoreFilterAcceptList(std::move(le_devices));
3948 }
3949
btif_dm_set_default_event_mask_except(uint64_t mask,uint64_t le_mask)3950 void btif_dm_set_default_event_mask_except(uint64_t mask, uint64_t le_mask) {
3951 // Autoplumbed
3952 BTA_DmSetDefaultEventMaskExcept(mask, le_mask);
3953 }
3954
btif_dm_set_event_filter_inquiry_result_all_devices()3955 void btif_dm_set_event_filter_inquiry_result_all_devices() {
3956 // Autoplumbed
3957 BTA_DmSetEventFilterInquiryResultAllDevices();
3958 }
3959
btif_dm_metadata_changed(const RawAddress & remote_bd_addr,int key,std::vector<uint8_t> value)3960 void btif_dm_metadata_changed(const RawAddress& remote_bd_addr, int key,
3961 std::vector<uint8_t> value) {
3962 static const int METADATA_LE_AUDIO = 26;
3963 /* If METADATA_LE_AUDIO is present, device is LE Audio capable */
3964 if (key == METADATA_LE_AUDIO) {
3965 log::info("Device is LE Audio Capable {}", remote_bd_addr);
3966 metadata_cb.le_audio_cache.insert_or_assign(remote_bd_addr, value);
3967
3968 // TODO(b/334067583): Remove this DIS read when b/334067583 is fixed
3969 if (!btif_model_name_known(remote_bd_addr) &&
3970 get_btm_client_interface().peer.BTM_IsAclConnectionUp(remote_bd_addr, BT_TRANSPORT_LE)) {
3971 log::info("Read model name for le audio capable device");
3972 if (!DIS_ReadDISInfo(remote_bd_addr, read_dis_cback, DIS_ATTR_MODEL_NUM_BIT)) {
3973 log::warn("Read DIS failed");
3974 }
3975 }
3976 }
3977 }
3978
3979 namespace bluetooth {
3980 namespace legacy {
3981 namespace testing {
3982
bta_energy_info_cb(tBTM_BLE_TX_TIME_MS tx_time,tBTM_BLE_RX_TIME_MS rx_time,tBTM_BLE_IDLE_TIME_MS idle_time,tBTM_BLE_ENERGY_USED energy_used,tBTM_CONTRL_STATE ctrl_state,tBTA_STATUS status)3983 void bta_energy_info_cb(tBTM_BLE_TX_TIME_MS tx_time, tBTM_BLE_RX_TIME_MS rx_time,
3984 tBTM_BLE_IDLE_TIME_MS idle_time, tBTM_BLE_ENERGY_USED energy_used,
3985 tBTM_CONTRL_STATE ctrl_state, tBTA_STATUS status) {
3986 ::bta_energy_info_cb(tx_time, rx_time, idle_time, energy_used, ctrl_state, status);
3987 }
3988
btif_on_name_read(RawAddress bd_addr,tHCI_ERROR_CODE hci_status,const BD_NAME bd_name,bool during_device_search)3989 void btif_on_name_read(RawAddress bd_addr, tHCI_ERROR_CODE hci_status, const BD_NAME bd_name,
3990 bool during_device_search) {
3991 ::btif_on_name_read(bd_addr, hci_status, bd_name, during_device_search);
3992 }
3993
3994 } // namespace testing
3995 } // namespace legacy
3996 } // namespace bluetooth
3997