1 /******************************************************************************
2 *
3 * Copyright 1999-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains functions for BLE controller based privacy.
22 *
23 ******************************************************************************/
24 #define LOG_TAG "ble_priv"
25
26 #include "stack/include/btm_ble_privacy.h"
27
28 #include <bluetooth/log.h>
29
30 #include "btm_dev.h"
31 #include "btm_sec_cb.h"
32 #include "btm_sec_int_types.h"
33 #include "hci/controller_interface.h"
34 #include "main/shim/acl_api.h"
35 #include "main/shim/entry.h"
36 #include "osi/include/allocator.h"
37 #include "stack/btm/btm_int_types.h"
38 #include "stack/include/bt_octets.h"
39 #include "stack/include/bt_types.h"
40 #include "stack/include/btm_client_interface.h"
41 #include "types/raw_address.h"
42
43 // TODO(b/369381361) Enfore -Wmissing-prototypes
44 #pragma GCC diagnostic ignored "-Wmissing-prototypes"
45
46 using namespace bluetooth;
47
48 extern tBTM_CB btm_cb;
49
50 /* RPA offload VSC specifics */
51 #define HCI_VENDOR_BLE_RPA_VSC (0x0155 | HCI_GRP_VENDOR_SPECIFIC)
52
53 #define BTM_BLE_META_IRK_ENABLE 0x01
54 #define BTM_BLE_META_ADD_IRK_ENTRY 0x02
55 #define BTM_BLE_META_REMOVE_IRK_ENTRY 0x03
56 #define BTM_BLE_META_CLEAR_IRK_LIST 0x04
57 #define BTM_BLE_META_READ_IRK_ENTRY 0x05
58 #define BTM_BLE_META_CS_RESOLVE_ADDR 0x00000001
59 #define BTM_BLE_IRK_ENABLE_LEN 2
60
61 #define BTM_BLE_META_ADD_IRK_LEN 24
62 #define BTM_BLE_META_REMOVE_IRK_LEN 8
63 #define BTM_BLE_META_CLEAR_IRK_LEN 1
64 #define BTM_BLE_META_READ_IRK_LEN 2
65 #define BTM_BLE_META_ADD_WL_ATTR_LEN 9
66
67 /*******************************************************************************
68 * Functions implemented controller based privacy using Resolving List
69 ******************************************************************************/
70 /*******************************************************************************
71 *
72 * Function btm_ble_enq_resolving_list_pending
73 *
74 * Description add target address into resolving pending operation queue
75 *
76 * Parameters target_bda: target device address
77 * add_entry: true for add entry, false for remove entry
78 *
79 * Returns void
80 *
81 ******************************************************************************/
btm_ble_enq_resolving_list_pending(const RawAddress & pseudo_bda,uint8_t op_code)82 static void btm_ble_enq_resolving_list_pending(const RawAddress& pseudo_bda, uint8_t op_code) {
83 tBTM_BLE_RESOLVE_Q* p_q = &btm_cb.ble_ctr_cb.resolving_list_pend_q;
84
85 p_q->resolve_q_random_pseudo[p_q->q_next] = pseudo_bda;
86 p_q->resolve_q_action[p_q->q_next] = op_code;
87 p_q->q_next++;
88 p_q->q_next %= bluetooth::shim::GetController()->GetLeResolvingListSize();
89 }
90
91 /*******************************************************************************
92 *
93 * Function btm_ble_brcm_find_resolving_pending_entry
94 *
95 * Description check to see if the action is in pending list
96 *
97 * Parameters true: action pending;
98 * false: new action
99 *
100 * Returns void
101 *
102 ******************************************************************************/
btm_ble_brcm_find_resolving_pending_entry(const RawAddress & pseudo_addr,uint8_t action)103 static bool btm_ble_brcm_find_resolving_pending_entry(const RawAddress& pseudo_addr,
104 uint8_t action) {
105 tBTM_BLE_RESOLVE_Q* p_q = &btm_cb.ble_ctr_cb.resolving_list_pend_q;
106
107 for (uint8_t i = p_q->q_pending; i != p_q->q_next;) {
108 if (p_q->resolve_q_random_pseudo[i] == pseudo_addr && action == p_q->resolve_q_action[i]) {
109 return true;
110 }
111
112 i++;
113 i %= bluetooth::shim::GetController()->GetLeResolvingListSize();
114 }
115 return false;
116 }
117
118 /*******************************************************************************
119 *
120 * Function btm_ble_deq_resolving_pending
121 *
122 * Description dequeue target address from resolving pending operation
123 * queue
124 *
125 * Parameters pseudo_addr: pseudo_addr device address
126 *
127 * Returns void
128 *
129 ******************************************************************************/
btm_ble_deq_resolving_pending(RawAddress & pseudo_addr)130 static bool btm_ble_deq_resolving_pending(RawAddress& pseudo_addr) {
131 tBTM_BLE_RESOLVE_Q* p_q = &btm_cb.ble_ctr_cb.resolving_list_pend_q;
132
133 if (p_q->q_next != p_q->q_pending) {
134 pseudo_addr = p_q->resolve_q_random_pseudo[p_q->q_pending];
135 p_q->resolve_q_random_pseudo[p_q->q_pending] = RawAddress::kEmpty;
136 p_q->q_pending++;
137 p_q->q_pending %= bluetooth::shim::GetController()->GetLeResolvingListSize();
138 return true;
139 }
140
141 return false;
142 }
143
144 /*******************************************************************************
145 *
146 * Function btm_ble_clear_irk_index
147 *
148 * Description clear IRK list index mask for availability
149 *
150 * Returns none
151 *
152 ******************************************************************************/
btm_ble_clear_irk_index(uint8_t index)153 static void btm_ble_clear_irk_index(uint8_t index) {
154 uint8_t byte;
155 uint8_t bit;
156
157 if (index < bluetooth::shim::GetController()->GetLeResolvingListSize()) {
158 byte = index / 8;
159 bit = index % 8;
160 btm_cb.ble_ctr_cb.irk_list_mask[byte] &= (~(1 << bit));
161 }
162 }
163
164 /*******************************************************************************
165 *
166 * Function btm_ble_find_irk_index
167 *
168 * Description find the first available IRK list index
169 *
170 * Returns index from 0 ~ max (127 default)
171 *
172 ******************************************************************************/
btm_ble_find_irk_index(void)173 static uint8_t btm_ble_find_irk_index(void) {
174 uint8_t i = 0;
175 uint8_t byte;
176 uint8_t bit;
177
178 while (i < bluetooth::shim::GetController()->GetLeResolvingListSize()) {
179 byte = i / 8;
180 bit = i % 8;
181
182 if ((btm_cb.ble_ctr_cb.irk_list_mask[byte] & (1 << bit)) == 0) {
183 btm_cb.ble_ctr_cb.irk_list_mask[byte] |= (1 << bit);
184 return i;
185 }
186 i++;
187 }
188
189 log::error("no index found");
190 return i;
191 }
192
193 /*******************************************************************************
194 *
195 * Function btm_ble_update_resolving_list
196 *
197 * Description update resolving list entry in host maintained record
198 *
199 * Returns void
200 *
201 ******************************************************************************/
btm_ble_update_resolving_list(const RawAddress & pseudo_bda,bool add)202 static void btm_ble_update_resolving_list(const RawAddress& pseudo_bda, bool add) {
203 tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev(pseudo_bda);
204 if (p_dev_rec == NULL) {
205 return;
206 }
207
208 if (add) {
209 p_dev_rec->ble.in_controller_list |= BTM_RESOLVING_LIST_BIT;
210 if (!bluetooth::shim::GetController()->SupportsBlePrivacy()) {
211 p_dev_rec->ble.resolving_list_index = btm_ble_find_irk_index();
212 }
213 } else {
214 p_dev_rec->ble.in_controller_list &= ~BTM_RESOLVING_LIST_BIT;
215 if (!bluetooth::shim::GetController()->SupportsBlePrivacy()) {
216 /* clear IRK list index mask */
217 btm_ble_clear_irk_index(p_dev_rec->ble.resolving_list_index);
218 p_dev_rec->ble.resolving_list_index = 0;
219 }
220 }
221 }
222
clear_resolving_list_bit(void * data,void *)223 static bool clear_resolving_list_bit(void* data, void* /* context */) {
224 tBTM_SEC_DEV_REC* p_dev_rec = static_cast<tBTM_SEC_DEV_REC*>(data);
225 p_dev_rec->ble.in_controller_list &= ~BTM_RESOLVING_LIST_BIT;
226 return true;
227 }
228
229 /*******************************************************************************
230 *
231 * Function btm_ble_clear_resolving_list_complete
232 *
233 * Description This function is called when command complete for
234 * clear resolving list
235 *
236 * Returns void
237 *
238 ******************************************************************************/
btm_ble_clear_resolving_list_complete(uint8_t * p,uint16_t evt_len)239 void btm_ble_clear_resolving_list_complete(uint8_t* p, uint16_t evt_len) {
240 uint8_t status = 0;
241
242 if (evt_len < 1) {
243 log::error("malformatted event packet: containing zero bytes");
244 return;
245 }
246
247 STREAM_TO_UINT8(status, p);
248
249 log::verbose("status={}", status);
250
251 if (status == HCI_SUCCESS) {
252 if (evt_len >= 3) {
253 /* VSC complete has one extra byte for op code and list size, skip it here
254 */
255 p++;
256
257 /* updated the available list size, and current list size */
258 uint8_t irk_list_sz_max = 0;
259 STREAM_TO_UINT8(irk_list_sz_max, p);
260
261 if (bluetooth::shim::GetController()->GetLeResolvingListSize() == 0) {
262 btm_ble_resolving_list_init(irk_list_sz_max);
263 }
264
265 uint8_t irk_mask_size =
266 (irk_list_sz_max % 8) ? (irk_list_sz_max / 8 + 1) : (irk_list_sz_max / 8);
267 memset(btm_cb.ble_ctr_cb.irk_list_mask, 0, irk_mask_size);
268 }
269
270 btm_cb.ble_ctr_cb.resolving_list_avail_size =
271 bluetooth::shim::GetController()->GetLeResolvingListSize();
272
273 log::verbose("resolving_list_avail_size={}", btm_cb.ble_ctr_cb.resolving_list_avail_size);
274
275 list_foreach(btm_sec_cb.sec_dev_rec, clear_resolving_list_bit, NULL);
276 }
277 }
278
279 /*******************************************************************************
280 *
281 * Function btm_ble_add_resolving_list_entry_complete
282 *
283 * Description This function is called when command complete for
284 * add resolving list entry
285 *
286 * Returns void
287 *
288 ******************************************************************************/
btm_ble_add_resolving_list_entry_complete(uint8_t * p,uint16_t evt_len)289 void btm_ble_add_resolving_list_entry_complete(uint8_t* p, uint16_t evt_len) {
290 uint8_t status;
291
292 if (evt_len < 1) {
293 log::error("malformatted event packet: containing zero byte");
294 return;
295 }
296
297 STREAM_TO_UINT8(status, p);
298
299 log::verbose("status={}", status);
300
301 RawAddress pseudo_bda;
302 if (!btm_ble_deq_resolving_pending(pseudo_bda)) {
303 log::verbose("no pending resolving list operation");
304 return;
305 }
306
307 if (status == HCI_SUCCESS) {
308 btm_ble_update_resolving_list(pseudo_bda, true);
309 /* privacy 1.2 command complete does not have these extra byte */
310 if (evt_len > 2) {
311 /* VSC complete has one extra byte for op code, skip it here */
312 p++;
313 STREAM_TO_UINT8(btm_cb.ble_ctr_cb.resolving_list_avail_size, p);
314 } else {
315 btm_cb.ble_ctr_cb.resolving_list_avail_size--;
316 }
317 } else if (status == HCI_ERR_MEMORY_FULL) /* BT_ERROR_CODE_MEMORY_CAPACITY_EXCEEDED */
318 {
319 btm_cb.ble_ctr_cb.resolving_list_avail_size = 0;
320 log::verbose("Resolving list Full");
321 }
322 }
323
324 /*******************************************************************************
325 *
326 * Function btm_ble_remove_resolving_list_entry_complete
327 *
328 * Description This function is called when command complete for
329 * remove resolving list entry
330 *
331 * Returns void
332 *
333 ******************************************************************************/
btm_ble_remove_resolving_list_entry_complete(uint8_t * p,uint16_t evt_len)334 void btm_ble_remove_resolving_list_entry_complete(uint8_t* p, uint16_t evt_len) {
335 RawAddress pseudo_bda;
336 uint8_t status;
337
338 STREAM_TO_UINT8(status, p);
339
340 log::verbose("status={}", status);
341
342 if (!btm_ble_deq_resolving_pending(pseudo_bda)) {
343 log::error("no pending resolving list operation");
344 return;
345 }
346
347 if (status == HCI_SUCCESS) {
348 /* proprietary: spec does not have these extra bytes */
349 if (evt_len > 2) {
350 p++; /* skip opcode */
351 STREAM_TO_UINT8(btm_cb.ble_ctr_cb.resolving_list_avail_size, p);
352 } else {
353 btm_cb.ble_ctr_cb.resolving_list_avail_size++;
354 }
355 }
356 }
357
358 /*******************************************************************************
359 *
360 * Function btm_ble_read_resolving_list_entry_complete
361 *
362 * Description This function is called when command complete for
363 * remove resolving list entry
364 *
365 * Returns void
366 *
367 ******************************************************************************/
btm_ble_read_resolving_list_entry_complete(const uint8_t * p,uint16_t evt_len)368 void btm_ble_read_resolving_list_entry_complete(const uint8_t* p, uint16_t evt_len) {
369 uint8_t status;
370 RawAddress rra, pseudo_bda;
371
372 STREAM_TO_UINT8(status, p);
373
374 log::verbose("status={}", status);
375
376 if (!btm_ble_deq_resolving_pending(pseudo_bda)) {
377 log::error("no pending resolving list operation");
378 return;
379 }
380
381 if (status == HCI_SUCCESS) {
382 /* proprietary spec has extra bytes */
383 if (evt_len > 8) {
384 /* skip subcode, index, IRK value, address type, identity addr type */
385 p += (2 + 16 + 1 + 6);
386 STREAM_TO_BDADDR(rra, p);
387
388 log::info("peer_addr:{}", rra);
389 } else {
390 STREAM_TO_BDADDR(rra, p);
391 }
392 btm_ble_refresh_peer_resolvable_private_addr(pseudo_bda, rra,
393 tBLE_RAND_ADDR_TYPE::BTM_BLE_ADDR_PSEUDO);
394 }
395 }
396 /*******************************************************************************
397 VSC that implement controller based privacy
398 ******************************************************************************/
399 /*******************************************************************************
400 *
401 * Function btm_ble_resolving_list_vsc_op_cmpl
402 *
403 * Description IRK operation VSC complete handler
404 *
405 * Parameters
406 *
407 * Returns void
408 *
409 ******************************************************************************/
btm_ble_resolving_list_vsc_op_cmpl(tBTM_VSC_CMPL * p_params)410 static void btm_ble_resolving_list_vsc_op_cmpl(tBTM_VSC_CMPL* p_params) {
411 uint8_t *p = p_params->p_param_buf, op_subcode;
412 uint16_t evt_len = p_params->param_len;
413
414 op_subcode = *(p + 1);
415
416 log::verbose("op_subcode={}", op_subcode);
417
418 if (op_subcode == BTM_BLE_META_CLEAR_IRK_LIST) {
419 btm_ble_clear_resolving_list_complete(p, evt_len);
420 } else if (op_subcode == BTM_BLE_META_ADD_IRK_ENTRY) {
421 btm_ble_add_resolving_list_entry_complete(p, evt_len);
422 } else if (op_subcode == BTM_BLE_META_REMOVE_IRK_ENTRY) {
423 btm_ble_remove_resolving_list_entry_complete(p, evt_len);
424 } else if (op_subcode == BTM_BLE_META_READ_IRK_ENTRY) {
425 btm_ble_read_resolving_list_entry_complete(p, evt_len);
426 } else if (op_subcode == BTM_BLE_META_IRK_ENABLE) {
427 /* RPA offloading enable/disabled */
428 }
429 }
430
431 /*******************************************************************************
432 *
433 * Function btm_ble_remove_resolving_list_entry
434 *
435 * Description This function to remove an IRK entry from the list
436 *
437 * Parameters ble_addr_type: address type
438 * ble_addr: LE adddress
439 *
440 * Returns status
441 *
442 ******************************************************************************/
btm_ble_remove_resolving_list_entry(tBTM_SEC_DEV_REC * p_dev_rec)443 static tBTM_STATUS btm_ble_remove_resolving_list_entry(tBTM_SEC_DEV_REC* p_dev_rec) {
444 /* if controller does not support RPA offloading or privacy 1.2, skip */
445 if (bluetooth::shim::GetController()->GetLeResolvingListSize() == 0) {
446 return tBTM_STATUS::BTM_WRONG_MODE;
447 }
448
449 if (bluetooth::shim::GetController()->SupportsBlePrivacy()) {
450 bluetooth::shim::ACL_RemoveFromAddressResolution(p_dev_rec->ble.identity_address_with_type);
451 } else {
452 uint8_t param[20] = {0};
453 uint8_t* p = param;
454
455 UINT8_TO_STREAM(p, BTM_BLE_META_REMOVE_IRK_ENTRY);
456 UINT8_TO_STREAM(p, p_dev_rec->ble.identity_address_with_type.type);
457 BDADDR_TO_STREAM(p, p_dev_rec->ble.identity_address_with_type.bda);
458
459 get_btm_client_interface().vendor.BTM_VendorSpecificCommand(HCI_VENDOR_BLE_RPA_VSC,
460 BTM_BLE_META_REMOVE_IRK_LEN, param,
461 btm_ble_resolving_list_vsc_op_cmpl);
462 btm_ble_enq_resolving_list_pending(p_dev_rec->bd_addr, BTM_BLE_META_REMOVE_IRK_ENTRY);
463 }
464 return tBTM_STATUS::BTM_CMD_STARTED;
465 }
466
467 /*******************************************************************************
468 *
469 * Function btm_ble_clear_resolving_list
470 *
471 * Description This function clears the resolving list
472 *
473 * Parameters None.
474 *
475 ******************************************************************************/
btm_ble_clear_resolving_list(void)476 static void btm_ble_clear_resolving_list(void) {
477 if (bluetooth::shim::GetController()->SupportsBlePrivacy()) {
478 bluetooth::shim::ACL_ClearAddressResolution();
479 } else {
480 uint8_t param[20] = {0};
481 uint8_t* p = param;
482
483 UINT8_TO_STREAM(p, BTM_BLE_META_CLEAR_IRK_LIST);
484 get_btm_client_interface().vendor.BTM_VendorSpecificCommand(HCI_VENDOR_BLE_RPA_VSC,
485 BTM_BLE_META_CLEAR_IRK_LEN, param,
486 btm_ble_resolving_list_vsc_op_cmpl);
487 }
488 }
489
490 /*******************************************************************************
491 *
492 * Function btm_ble_read_resolving_list_entry
493 *
494 * Description This function read an IRK entry by index
495 *
496 * Parameters entry index.
497 *
498 * Returns true if command successfully sent, false otherwise
499 *
500 ******************************************************************************/
btm_ble_read_resolving_list_entry(tBTM_SEC_DEV_REC * p_dev_rec)501 bool btm_ble_read_resolving_list_entry(tBTM_SEC_DEV_REC* p_dev_rec) {
502 if (btm_cb.ble_ctr_cb.privacy_mode < BTM_PRIVACY_1_2) {
503 log::debug("Privacy 1.2 is not enabled");
504 return false;
505 }
506 if (!(p_dev_rec->ble.in_controller_list & BTM_RESOLVING_LIST_BIT)) {
507 log::info("Unable to read resolving list entry as resolving bit not set");
508 return false;
509 }
510
511 if (bluetooth::shim::GetController()->SupportsBlePrivacy()) {
512 btsnd_hcic_ble_read_resolvable_addr_peer(p_dev_rec->ble.identity_address_with_type.type,
513 p_dev_rec->ble.identity_address_with_type.bda);
514 } else {
515 uint8_t param[20] = {0};
516 uint8_t* p = param;
517
518 UINT8_TO_STREAM(p, BTM_BLE_META_READ_IRK_ENTRY);
519 UINT8_TO_STREAM(p, p_dev_rec->ble.resolving_list_index);
520
521 get_btm_client_interface().vendor.BTM_VendorSpecificCommand(HCI_VENDOR_BLE_RPA_VSC,
522 BTM_BLE_META_READ_IRK_LEN, param,
523 btm_ble_resolving_list_vsc_op_cmpl);
524
525 btm_ble_enq_resolving_list_pending(p_dev_rec->bd_addr, BTM_BLE_META_READ_IRK_ENTRY);
526 }
527 return true;
528 }
529
btm_ble_ble_unsupported_resolving_list_load_dev(tBTM_SEC_DEV_REC * p_dev_rec)530 static void btm_ble_ble_unsupported_resolving_list_load_dev(tBTM_SEC_DEV_REC* p_dev_rec) {
531 log::info("Controller does not support BLE privacy");
532 uint8_t param[40] = {0};
533 uint8_t* p = param;
534
535 UINT8_TO_STREAM(p, BTM_BLE_META_ADD_IRK_ENTRY);
536 ARRAY_TO_STREAM(p, p_dev_rec->sec_rec.ble_keys.irk, OCTET16_LEN);
537 UINT8_TO_STREAM(p, p_dev_rec->ble.identity_address_with_type.type);
538 BDADDR_TO_STREAM(p, p_dev_rec->ble.identity_address_with_type.bda);
539
540 get_btm_client_interface().vendor.BTM_VendorSpecificCommand(HCI_VENDOR_BLE_RPA_VSC,
541 BTM_BLE_META_ADD_IRK_LEN, param,
542 btm_ble_resolving_list_vsc_op_cmpl);
543
544 btm_ble_enq_resolving_list_pending(p_dev_rec->bd_addr, BTM_BLE_META_ADD_IRK_ENTRY);
545 return;
546 }
547
is_peer_identity_key_valid(const tBTM_SEC_DEV_REC & dev_rec)548 static bool is_peer_identity_key_valid(const tBTM_SEC_DEV_REC& dev_rec) {
549 return dev_rec.sec_rec.ble_keys.key_type & BTM_LE_KEY_PID;
550 }
551
get_local_irk()552 static Octet16 get_local_irk() { return btm_sec_cb.devcb.id_keys.irk; }
553
btm_ble_resolving_list_load_dev(tBTM_SEC_DEV_REC & dev_rec)554 void btm_ble_resolving_list_load_dev(tBTM_SEC_DEV_REC& dev_rec) {
555 if (btm_cb.ble_ctr_cb.privacy_mode < BTM_PRIVACY_1_2) {
556 log::debug("Privacy 1.2 is not enabled");
557 return;
558 }
559 if (bluetooth::shim::GetController()->GetLeResolvingListSize() == 0) {
560 log::info("Controller does not support RPA offloading or privacy 1.2");
561 return;
562 }
563
564 if (!bluetooth::shim::GetController()->SupportsBlePrivacy()) {
565 return btm_ble_ble_unsupported_resolving_list_load_dev(&dev_rec);
566 }
567
568 // No need to check for local identity key validity. It remains unchanged.
569 if (!is_peer_identity_key_valid(dev_rec)) {
570 log::info("Peer is not an RPA enabled device:{}", dev_rec.ble.identity_address_with_type);
571 return;
572 }
573
574 if (dev_rec.ble.in_controller_list & BTM_RESOLVING_LIST_BIT) {
575 log::warn("Already in Address Resolving list device:{}",
576 dev_rec.ble.identity_address_with_type);
577 return;
578 }
579
580 const Octet16& peer_irk = dev_rec.sec_rec.ble_keys.irk;
581 const Octet16& local_irk = get_local_irk();
582
583 if (dev_rec.ble.identity_address_with_type.bda.IsEmpty()) {
584 dev_rec.ble.identity_address_with_type = {
585 .type = dev_rec.ble.AddressType(),
586 .bda = dev_rec.bd_addr,
587 };
588 }
589
590 if (!is_ble_addr_type_known(dev_rec.ble.identity_address_with_type.type)) {
591 log::error("Adding unknown address type({}) to Address Resolving list.",
592 dev_rec.ble.identity_address_with_type.type);
593 return;
594 }
595
596 bluetooth::shim::ACL_AddToAddressResolution(dev_rec.ble.identity_address_with_type, peer_irk,
597 local_irk);
598
599 log::debug("Added to Address Resolving list device:{}", dev_rec.ble.identity_address_with_type);
600
601 dev_rec.ble.in_controller_list |= BTM_RESOLVING_LIST_BIT;
602 }
603
604 /*******************************************************************************
605 *
606 * Function btm_ble_resolving_list_remove_dev
607 *
608 * Description This function removes the device from resolving list
609 *
610 * Parameters
611 *
612 * Returns status
613 *
614 ******************************************************************************/
btm_ble_resolving_list_remove_dev(tBTM_SEC_DEV_REC * p_dev_rec)615 void btm_ble_resolving_list_remove_dev(tBTM_SEC_DEV_REC* p_dev_rec) {
616 if (btm_cb.ble_ctr_cb.privacy_mode < BTM_PRIVACY_1_2) {
617 log::debug("Privacy 1.2 is not enabled");
618 return;
619 }
620
621 if ((p_dev_rec->ble.in_controller_list & BTM_RESOLVING_LIST_BIT) &&
622 !btm_ble_brcm_find_resolving_pending_entry(p_dev_rec->bd_addr,
623 BTM_BLE_META_REMOVE_IRK_ENTRY)) {
624 btm_ble_update_resolving_list(p_dev_rec->bd_addr, false);
625 btm_ble_remove_resolving_list_entry(p_dev_rec);
626 } else {
627 log::verbose("Device not in resolving list");
628 }
629 }
630
631 /*******************************************************************************
632 *
633 * Function btm_ble_resolving_list_init
634 *
635 * Description Initialize resolving list in host stack
636 *
637 * Parameters Max resolving list size
638 *
639 * Returns void
640 *
641 ******************************************************************************/
btm_ble_resolving_list_init(uint8_t max_irk_list_sz)642 void btm_ble_resolving_list_init(uint8_t max_irk_list_sz) {
643 tBTM_BLE_RESOLVE_Q* p_q = &btm_cb.ble_ctr_cb.resolving_list_pend_q;
644 uint8_t irk_mask_size = (max_irk_list_sz % 8) ? (max_irk_list_sz / 8 + 1) : (max_irk_list_sz / 8);
645
646 if (max_irk_list_sz > 0 && p_q->resolve_q_random_pseudo == nullptr) {
647 // NOTE: This memory is never freed
648 p_q->resolve_q_random_pseudo = (RawAddress*)osi_malloc(sizeof(RawAddress) * max_irk_list_sz);
649 // NOTE: This memory is never freed
650 p_q->resolve_q_action = (uint8_t*)osi_malloc(max_irk_list_sz);
651
652 /* RPA offloading feature */
653 if (btm_cb.ble_ctr_cb.irk_list_mask == NULL) {
654 // NOTE: This memory is never freed
655 btm_cb.ble_ctr_cb.irk_list_mask = (uint8_t*)osi_malloc(irk_mask_size);
656 }
657
658 log::verbose("max_irk_list_sz={}", max_irk_list_sz);
659 }
660
661 btm_ble_clear_resolving_list();
662 btm_cb.ble_ctr_cb.resolving_list_avail_size = max_irk_list_sz;
663 }
664