1 /******************************************************************************
2 *
3 * Copyright (C) 1999-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains functions for the Bluetooth Device Manager
22 *
23 ******************************************************************************/
24
25 #include <stdlib.h>
26 #include <string.h>
27 //#include <stdio.h>
28 #include <stddef.h>
29
30 #include "stack/bt_types.h"
31 #include "device/controller.h"
32 #include "stack/hcimsgs.h"
33 #include "stack/btu.h"
34 #include "stack/btm_api.h"
35 #include "btm_int.h"
36 #include "stack/hcidefs.h"
37 #include "stack/l2c_api.h"
38
39 static tBTM_SEC_DEV_REC *btm_find_oldest_dev (void);
40
41 /*******************************************************************************
42 **
43 ** Function BTM_SecAddDevice
44 **
45 ** Description Add/modify device. This function will be normally called
46 ** during host startup to restore all required information
47 ** stored in the NVRAM.
48 **
49 ** Parameters: bd_addr - BD address of the peer
50 ** dev_class - Device Class
51 ** bd_name - Name of the peer device. NULL if unknown.
52 ** features - Remote device's features (up to 3 pages). NULL if not known
53 ** trusted_mask - Bitwise OR of services that do not
54 ** require authorization. (array of UINT32)
55 ** link_key - Connection link key. NULL if unknown.
56 **
57 ** Returns TRUE if added OK, else FALSE
58 **
59 *******************************************************************************/
BTM_SecAddDevice(BD_ADDR bd_addr,DEV_CLASS dev_class,BD_NAME bd_name,UINT8 * features,UINT32 trusted_mask[],LINK_KEY link_key,UINT8 key_type,tBTM_IO_CAP io_cap,UINT8 pin_length,UINT8 sc_support)60 BOOLEAN BTM_SecAddDevice (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name,
61 UINT8 *features, UINT32 trusted_mask[],
62 LINK_KEY link_key, UINT8 key_type, tBTM_IO_CAP io_cap,
63 UINT8 pin_length, UINT8 sc_support)
64 {
65 #if (SMP_INCLUDED == TRUE)
66 tBTM_SEC_DEV_REC *p_dev_rec;
67 int i, j;
68 BOOLEAN found = FALSE;
69
70 BTM_TRACE_API("%s, link key type:%x\n", __FUNCTION__, key_type);
71 p_dev_rec = btm_find_dev (bd_addr);
72 if (!p_dev_rec) {
73 /* There is no device record, allocate one.
74 * If we can not find an empty spot for this one, let it fail. */
75 if (list_length(btm_cb.p_sec_dev_rec_list) < BTM_SEC_MAX_DEVICE_RECORDS) {
76 p_dev_rec = (tBTM_SEC_DEV_REC *)osi_malloc(sizeof(tBTM_SEC_DEV_REC));
77 if(p_dev_rec) {
78 list_append(btm_cb.p_sec_dev_rec_list, p_dev_rec);
79 /* Mark this record as in use and initialize */
80 memset (p_dev_rec, 0, sizeof (tBTM_SEC_DEV_REC));
81 p_dev_rec->sec_flags = BTM_SEC_IN_USE;
82 memcpy (p_dev_rec->bd_addr, bd_addr, BD_ADDR_LEN);
83 p_dev_rec->hci_handle = BTM_GetHCIConnHandle (bd_addr, BT_TRANSPORT_BR_EDR);
84 p_dev_rec->ble_hci_handle = BTM_GetHCIConnHandle (bd_addr, BT_TRANSPORT_LE);
85
86 #if BLE_INCLUDED == TRUE
87 /* use default value for background connection params */
88 /* update conn params, use default value for background connection params */
89 memset(&p_dev_rec->conn_params, 0xff, sizeof(tBTM_LE_CONN_PRAMS));
90 #endif
91 }
92 }
93
94 if (!p_dev_rec) {
95 return (FALSE);
96 }
97 }
98 p_dev_rec->bond_type = BOND_TYPE_UNKNOWN; /* Default value */
99 p_dev_rec->timestamp = btm_cb.dev_rec_count++;
100 p_dev_rec->remote_secure_connection_previous_state = sc_support;
101
102 if (dev_class) {
103 memcpy (p_dev_rec->dev_class, dev_class, DEV_CLASS_LEN);
104 }
105
106 memset(p_dev_rec->sec_bd_name, 0, sizeof(tBTM_BD_NAME));
107
108 if (bd_name && bd_name[0]) {
109 p_dev_rec->sec_flags |= BTM_SEC_NAME_KNOWN;
110 BCM_STRNCPY_S ((char *)p_dev_rec->sec_bd_name, (char *)bd_name, BTM_MAX_REM_BD_NAME_LEN);
111 }
112
113 p_dev_rec->num_read_pages = 0;
114 if (features) {
115 memcpy (p_dev_rec->features, features, sizeof (p_dev_rec->features));
116 for (i = HCI_EXT_FEATURES_PAGE_MAX; i >= 0; i--) {
117 for (j = 0; j < HCI_FEATURE_BYTES_PER_PAGE; j++) {
118 if (p_dev_rec->features[i][j] != 0) {
119 found = TRUE;
120 break;
121 }
122 }
123 if (found) {
124 p_dev_rec->num_read_pages = i + 1;
125 break;
126 }
127 }
128 } else {
129 memset (p_dev_rec->features, 0, sizeof (p_dev_rec->features));
130 }
131
132 BTM_SEC_COPY_TRUSTED_DEVICE(trusted_mask, p_dev_rec->trusted_mask);
133
134 if (link_key) {
135 BTM_TRACE_EVENT ("BTM_SecAddDevice() BDA: %02x:%02x:%02x:%02x:%02x:%02x\n",
136 bd_addr[0], bd_addr[1], bd_addr[2],
137 bd_addr[3], bd_addr[4], bd_addr[5]);
138 p_dev_rec->sec_flags |= BTM_SEC_LINK_KEY_KNOWN;
139 memcpy (p_dev_rec->link_key, link_key, LINK_KEY_LEN);
140 p_dev_rec->link_key_type = key_type;
141 p_dev_rec->pin_code_length = pin_length;
142
143 if (pin_length >= 16 ||
144 key_type == BTM_LKEY_TYPE_AUTH_COMB ||
145 key_type == BTM_LKEY_TYPE_AUTH_COMB_P_256) {
146 // Set the fiag if the link key was made by using either a 16 digit
147 // pin or MITM.
148 p_dev_rec->sec_flags |= BTM_SEC_16_DIGIT_PIN_AUTHED;
149 }
150 }
151
152 #if defined(BTIF_MIXED_MODE_INCLUDED) && (BTIF_MIXED_MODE_INCLUDED == TRUE)
153 if (key_type < BTM_MAX_PRE_SM4_LKEY_TYPE) {
154 p_dev_rec->sm4 = BTM_SM4_KNOWN;
155 } else {
156 p_dev_rec->sm4 = BTM_SM4_TRUE;
157 }
158 #endif
159
160 p_dev_rec->rmt_io_caps = io_cap;
161 p_dev_rec->device_type |= BT_DEVICE_TYPE_BREDR;
162 #endif ///SMP_INCLUDED == TRUE
163 return (TRUE);
164 }
165
166
167 /*******************************************************************************
168 **
169 ** Function BTM_SecDeleteDevice
170 **
171 ** Description Free resources associated with the device.
172 **
173 ** Parameters: bd_addr - BD address of the peer
174 ** transport - BT_TRANSPORT_BR_EDR or BT_TRANSPORT_LE
175 **
176 ** Returns TRUE if removed OK, FALSE if not found or ACL link is active
177 **
178 *******************************************************************************/
BTM_SecDeleteDevice(BD_ADDR bd_addr,tBT_TRANSPORT transport)179 BOOLEAN BTM_SecDeleteDevice (BD_ADDR bd_addr, tBT_TRANSPORT transport)
180 {
181
182 tBTM_SEC_DEV_REC *p_dev_rec;
183
184 if (BTM_IsAclConnectionUp(bd_addr, transport)) {
185 BTM_TRACE_WARNING("%s FAILED: Cannot Delete when connection is active\n", __func__);
186 return FALSE;
187 }
188 if ((p_dev_rec = btm_find_dev(bd_addr)) != NULL) {
189 /* Tell controller to get rid of the link key, if it has one stored */
190 BTM_DeleteStoredLinkKey (p_dev_rec->bd_addr, NULL);
191
192 btm_sec_free_dev(p_dev_rec, transport);
193 }
194
195 return TRUE;
196 }
197
198 /*******************************************************************************
199 **
200 ** Function BTM_SecClearSecurityFlags
201 **
202 ** Description Reset the security flags (mark as not-paired) for a given
203 ** remove device.
204 **
205 *******************************************************************************/
BTM_SecClearSecurityFlags(BD_ADDR bd_addr)206 extern void BTM_SecClearSecurityFlags (BD_ADDR bd_addr)
207 {
208 tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev(bd_addr);
209 if (p_dev_rec == NULL) {
210 return;
211 }
212
213 p_dev_rec->sec_flags = 0;
214 p_dev_rec->sec_state = BTM_SEC_STATE_IDLE;
215 p_dev_rec->sm4 = BTM_SM4_UNKNOWN;
216 }
217
218
219 /*******************************************************************************
220 **
221 ** Function BTM_SecReadDevName
222 **
223 ** Description Looks for the device name in the security database for the
224 ** specified BD address.
225 **
226 ** Returns Pointer to the name or NULL
227 **
228 *******************************************************************************/
BTM_SecReadDevName(BD_ADDR bd_addr)229 char *BTM_SecReadDevName (BD_ADDR bd_addr)
230 {
231 char *p_name = NULL;
232 tBTM_SEC_DEV_REC *p_srec;
233
234 if ((p_srec = btm_find_dev(bd_addr)) != NULL) {
235 p_name = (char *)p_srec->sec_bd_name;
236 }
237
238 return (p_name);
239 }
240
241
242 /*******************************************************************************
243 **
244 ** Function btm_find_sec_dev_in_list
245 **
246 ** Description Look for the record in the device database for the record
247 ** with specified address
248 **
249 ** Returns Pointer to the record or NULL
250 **
251 *******************************************************************************/
btm_find_sec_dev_in_list(void * p_node_data,void * context)252 BOOLEAN btm_find_sec_dev_in_list (void *p_node_data, void *context)
253 {
254 tBTM_SEC_DEV_REC *p_sec_dev = (tBTM_SEC_DEV_REC *)p_node_data;
255 BOOLEAN ret = TRUE;
256 BOOLEAN dev_free = !(p_sec_dev->sec_flags & BTM_SEC_IN_USE);
257 tSecDevContext *p_context = (tSecDevContext *)context;
258
259 if (dev_free == p_context->free_check) {
260 switch (p_context->type) {
261 case SEC_DEV_BDA:
262 if (!memcmp(p_context->context.p_bd_addr, p_sec_dev->bd_addr, BD_ADDR_LEN)) {
263 ret = FALSE;
264 }
265 break;
266 case SEC_DEV_HDL:
267 if (p_context->context.handle == p_sec_dev->hci_handle
268 #if BLE_INCLUDED == TRUE
269 || (p_context->context.handle == p_sec_dev->ble_hci_handle)
270 #endif
271 ) {
272 ret = FALSE;
273 }
274 break;
275 #if BLE_PRIVACY_SPT == TRUE
276 case SEC_DEV_ID_ADDR:
277 if (!memcmp(p_context->context.p_bd_addr, p_sec_dev->ble.static_addr, BD_ADDR_LEN)) {
278 ret = FALSE;
279 }
280 break;
281 #endif //BLE_PRIVACY_SPT == TRUE
282 case SEC_DEV_BTDM_BDA:
283 if (!memcmp(p_context->context.p_bd_addr, p_sec_dev->bd_addr, BD_ADDR_LEN)) {
284 ret = FALSE;
285 }
286 #if BLE_INCLUDED == TRUE
287 // If a LE random address is looking for device record
288 if (!memcmp(p_sec_dev->ble.pseudo_addr, p_context->context.p_bd_addr, BD_ADDR_LEN)) {
289 ret = FALSE;
290 }
291
292 if (btm_ble_addr_resolvable(p_context->context.p_bd_addr, p_sec_dev)) {
293 ret = FALSE;
294 }
295 #endif
296 break;
297 default:
298 break;
299 }
300 }
301 return ret;
302 }
303
304 /*******************************************************************************
305 **
306 ** Function btm_sec_alloc_dev
307 **
308 ** Description Look for the record in the device database for the record
309 ** with specified address
310 **
311 ** Returns Pointer to the record or NULL
312 **
313 *******************************************************************************/
btm_sec_alloc_dev(BD_ADDR bd_addr)314 tBTM_SEC_DEV_REC *btm_sec_alloc_dev (BD_ADDR bd_addr)
315 {
316 tBTM_SEC_DEV_REC *p_dev_rec = NULL;
317 tBTM_INQ_INFO *p_inq_info;
318 BTM_TRACE_EVENT ("btm_sec_alloc_dev\n");
319
320 /* Old devices which are not in use are deleted already */
321 /* Allocate new device or reuse the oldest device */
322 if (list_length(btm_cb.p_sec_dev_rec_list) < BTM_SEC_MAX_DEVICE_RECORDS) {
323 //Max number of devices is not exceeded, allocate new device
324 p_dev_rec = (tBTM_SEC_DEV_REC *)osi_malloc(sizeof(tBTM_SEC_DEV_REC));
325 if (p_dev_rec) {
326 list_append(btm_cb.p_sec_dev_rec_list, p_dev_rec);
327 } else {
328 return NULL;
329 }
330 }
331 else {
332 //Find and reuse the oldest device
333 p_dev_rec = btm_find_oldest_dev();
334 }
335
336 memset (p_dev_rec, 0, sizeof (tBTM_SEC_DEV_REC));
337
338 p_dev_rec->bond_type = BOND_TYPE_UNKNOWN; /* Default value */
339 p_dev_rec->sec_flags = BTM_SEC_IN_USE;
340
341 /* Check with the BT manager if details about remote device are known */
342 /* outgoing connection */
343 if ((p_inq_info = BTM_InqDbRead(bd_addr)) != NULL) {
344 memcpy (p_dev_rec->dev_class, p_inq_info->results.dev_class, DEV_CLASS_LEN);
345
346 #if BLE_INCLUDED == TRUE
347 p_dev_rec->device_type = p_inq_info->results.device_type;
348 p_dev_rec->ble.ble_addr_type = p_inq_info->results.ble_addr_type;
349
350 /* update conn params, use default value for background connection params */
351 memset(&p_dev_rec->conn_params, 0xff, sizeof(tBTM_LE_CONN_PRAMS));
352 #endif
353 } else {
354 #if BLE_INCLUDED == TRUE
355 /* update conn params, use default value for background connection params */
356 memset(&p_dev_rec->conn_params, 0xff, sizeof(tBTM_LE_CONN_PRAMS));
357 #endif
358
359 if (!memcmp (bd_addr, btm_cb.connecting_bda, BD_ADDR_LEN)) {
360 memcpy (p_dev_rec->dev_class, btm_cb.connecting_dc, DEV_CLASS_LEN);
361 }
362 }
363
364 memcpy (p_dev_rec->bd_addr, bd_addr, BD_ADDR_LEN);
365
366 #if BLE_INCLUDED == TRUE
367 p_dev_rec->ble_hci_handle = BTM_GetHCIConnHandle (bd_addr, BT_TRANSPORT_LE);
368 #endif
369 p_dev_rec->hci_handle = BTM_GetHCIConnHandle (bd_addr, BT_TRANSPORT_BR_EDR);
370 p_dev_rec->timestamp = btm_cb.dev_rec_count++;
371
372 return (p_dev_rec);
373 }
374
375
376 /*******************************************************************************
377 **
378 ** Function btm_sec_free_dev
379 **
380 ** Description Mark device record as not used
381 **
382 *******************************************************************************/
btm_sec_free_dev(tBTM_SEC_DEV_REC * p_dev_rec,tBT_TRANSPORT transport)383 void btm_sec_free_dev (tBTM_SEC_DEV_REC *p_dev_rec, tBT_TRANSPORT transport)
384 {
385 if (transport == BT_TRANSPORT_BR_EDR) {
386 memset(p_dev_rec->link_key, 0, LINK_KEY_LEN);
387 p_dev_rec->sec_flags &= ~(BTM_SEC_AUTHORIZED | BTM_SEC_AUTHENTICATED
388 | BTM_SEC_ENCRYPTED | BTM_SEC_NAME_KNOWN
389 | BTM_SEC_LINK_KEY_KNOWN | BTM_SEC_LINK_KEY_AUTHED
390 | BTM_SEC_ROLE_SWITCHED | BTM_SEC_16_DIGIT_PIN_AUTHED);
391 } else if (transport == BT_TRANSPORT_LE) {
392 p_dev_rec->bond_type = BOND_TYPE_UNKNOWN;
393 p_dev_rec->sec_flags &= ~(BTM_SEC_LE_AUTHENTICATED | BTM_SEC_LE_ENCRYPTED
394 | BTM_SEC_LE_NAME_KNOWN | BTM_SEC_LE_LINK_KEY_KNOWN
395 | BTM_SEC_LE_LINK_KEY_AUTHED | BTM_SEC_ROLE_SWITCHED);
396 #if BLE_INCLUDED == TRUE
397 /* Clear out any saved BLE keys */
398 btm_sec_clear_ble_keys (p_dev_rec);
399 #endif
400 } else {
401 p_dev_rec->bond_type = BOND_TYPE_UNKNOWN;
402 memset(p_dev_rec->link_key, 0, LINK_KEY_LEN);
403 p_dev_rec->sec_flags = 0;
404
405 #if BLE_INCLUDED == TRUE
406 /* Clear out any saved BLE keys */
407 btm_sec_clear_ble_keys (p_dev_rec);
408 #endif
409 }
410 /* No BLE keys and BT keys, clear the sec_flags */
411 if(p_dev_rec->sec_flags == BTM_SEC_IN_USE) {
412 p_dev_rec->sec_flags = 0;
413 }
414 list_remove(btm_cb.p_sec_dev_rec_list, p_dev_rec);
415 }
416
417 /*******************************************************************************
418 **
419 ** Function btm_dev_support_switch
420 **
421 ** Description This function is called by the L2CAP to check if remote
422 ** device supports role switch
423 **
424 ** Parameters: bd_addr - Address of the peer device
425 **
426 ** Returns TRUE if device is known and role switch is supported
427 **
428 *******************************************************************************/
btm_dev_support_switch(BD_ADDR bd_addr)429 BOOLEAN btm_dev_support_switch (BD_ADDR bd_addr)
430 {
431 tBTM_SEC_DEV_REC *p_dev_rec;
432 UINT8 xx;
433 BOOLEAN feature_empty = TRUE;
434
435 #if BTM_SCO_INCLUDED == TRUE
436 /* Role switch is not allowed if a SCO is up */
437 if (btm_is_sco_active_by_bdaddr(bd_addr)) {
438 return (FALSE);
439 }
440 #endif
441 p_dev_rec = btm_find_dev (bd_addr);
442 if (p_dev_rec && controller_get_interface()->supports_master_slave_role_switch()) {
443 if (HCI_SWITCH_SUPPORTED(p_dev_rec->features[HCI_EXT_FEATURES_PAGE_0])) {
444 BTM_TRACE_DEBUG("btm_dev_support_switch return TRUE (feature found)\n");
445 return (TRUE);
446 }
447
448 /* If the feature field is all zero, we never received them */
449 for (xx = 0 ; xx < BD_FEATURES_LEN ; xx++) {
450 if (p_dev_rec->features[HCI_EXT_FEATURES_PAGE_0][xx] != 0x00) {
451 feature_empty = FALSE; /* at least one is != 0 */
452 break;
453 }
454 }
455
456 /* If we don't know peer's capabilities, assume it supports Role-switch */
457 if (feature_empty) {
458 BTM_TRACE_DEBUG("btm_dev_support_switch return TRUE (feature empty)\n");
459 return (TRUE);
460 }
461 }
462
463 BTM_TRACE_DEBUG("btm_dev_support_switch return FALSE\n");
464 return (FALSE);
465 }
466
467 /*******************************************************************************
468 **
469 ** Function btm_find_dev_by_handle
470 **
471 ** Description Look for the record in the device database for the record
472 ** with specified handle
473 **
474 ** Returns Pointer to the record or NULL
475 **
476 *******************************************************************************/
btm_find_dev_by_handle(UINT16 handle)477 tBTM_SEC_DEV_REC *btm_find_dev_by_handle (UINT16 handle)
478 {
479 tBTM_SEC_DEV_REC *p_dev_rec = NULL;
480 list_node_t *p_node = NULL;
481 tSecDevContext context;
482 context.type = SEC_DEV_HDL;
483 context.context.handle = handle;
484 context.free_check = FALSE;
485
486 p_node = list_foreach(btm_cb.p_sec_dev_rec_list, btm_find_sec_dev_in_list, &context);
487 if (p_node) {
488 p_dev_rec = list_node(p_node);
489 }
490 return (p_dev_rec);
491 }
492 /*******************************************************************************
493 **
494 ** Function btm_find_dev
495 **
496 ** Description Look for the record in the device database for the record
497 ** with specified BD address
498 **
499 ** Returns Pointer to the record or NULL
500 **
501 *******************************************************************************/
btm_find_dev(BD_ADDR bd_addr)502 tBTM_SEC_DEV_REC *btm_find_dev(BD_ADDR bd_addr)
503 {
504 if(bd_addr) {
505 list_node_t *p_node = NULL;
506 tSecDevContext context;
507 context.type = SEC_DEV_BTDM_BDA;
508 context.context.p_bd_addr = bd_addr;
509 context.free_check = FALSE;
510 p_node = list_foreach(btm_cb.p_sec_dev_rec_list, btm_find_sec_dev_in_list, &context);
511 if (p_node) {
512 return(list_node(p_node));
513 }
514 }
515 return (NULL);
516 }
517 /*******************************************************************************
518 **
519 ** Function btm_consolidate_dev
520 **
521 ** Description combine security records if identified as same peer
522 **
523 ** Returns none
524 **
525 *******************************************************************************/
btm_consolidate_dev(tBTM_SEC_DEV_REC * p_target_rec)526 void btm_consolidate_dev(tBTM_SEC_DEV_REC *p_target_rec)
527 {
528 #if BLE_INCLUDED == TRUE && SMP_INCLUDED == TRUE
529 tBTM_SEC_DEV_REC *p_dev_rec = NULL;
530 tBTM_SEC_DEV_REC temp_rec = *p_target_rec;
531 list_node_t *p_node = NULL;
532 BTM_TRACE_DEBUG("%s\n", __func__);
533
534 for (p_node = list_begin(btm_cb.p_sec_dev_rec_list); p_node; p_node = list_next(p_node)) {
535 p_dev_rec = list_node(p_node);
536 if (p_target_rec != p_dev_rec && p_dev_rec->sec_flags & BTM_SEC_IN_USE) {
537 if (!memcmp (p_dev_rec->bd_addr, p_target_rec->bd_addr, BD_ADDR_LEN)) {
538 memcpy(p_target_rec, p_dev_rec, sizeof(tBTM_SEC_DEV_REC));
539 p_target_rec->ble = temp_rec.ble;
540 p_target_rec->ble_hci_handle = temp_rec.ble_hci_handle;
541 p_target_rec->enc_key_size = temp_rec.enc_key_size;
542 p_target_rec->conn_params = temp_rec.conn_params;
543 p_target_rec->device_type |= temp_rec.device_type;
544 p_target_rec->sec_flags |= temp_rec.sec_flags;
545
546 p_target_rec->new_encryption_key_is_p256 = temp_rec.new_encryption_key_is_p256;
547 p_target_rec->no_smp_on_br = temp_rec.no_smp_on_br;
548 p_target_rec->bond_type = temp_rec.bond_type;
549 /* Remove the unused device from the list */
550 list_remove(btm_cb.p_sec_dev_rec_list, p_dev_rec);
551 break;
552 }
553
554 /* an RPA device entry is a duplicate of the target record */
555 if (btm_ble_addr_resolvable(p_dev_rec->bd_addr, p_target_rec)) {
556 if (memcmp(p_target_rec->ble.pseudo_addr, p_dev_rec->bd_addr, BD_ADDR_LEN) == 0) {
557 p_target_rec->ble.ble_addr_type = p_dev_rec->ble.ble_addr_type;
558 p_target_rec->device_type |= p_dev_rec->device_type;
559 /* Remove the unused device from the list */
560 list_remove(btm_cb.p_sec_dev_rec_list, p_dev_rec);
561 }
562 break;
563 }
564 }
565 }
566 #endif
567 }
568
569 /*******************************************************************************
570 **
571 ** Function btm_find_or_alloc_dev
572 **
573 ** Description Look for the record in the device database for the record
574 ** with specified BD address
575 **
576 ** Returns Pointer to the record or NULL
577 **
578 *******************************************************************************/
btm_find_or_alloc_dev(BD_ADDR bd_addr)579 tBTM_SEC_DEV_REC *btm_find_or_alloc_dev (BD_ADDR bd_addr)
580 {
581 tBTM_SEC_DEV_REC *p_dev_rec;
582 BTM_TRACE_EVENT ("btm_find_or_alloc_dev\n");
583 if ((p_dev_rec = btm_find_dev (bd_addr)) == NULL) {
584
585 /* Allocate a new device record or reuse the oldest one */
586 p_dev_rec = btm_sec_alloc_dev (bd_addr);
587 }
588 return (p_dev_rec);
589 }
590
591 /*******************************************************************************
592 **
593 ** Function btm_find_oldest_dev
594 **
595 ** Description Locates the oldest device in use. It first looks for
596 ** the oldest non-paired device. If all devices are paired it
597 ** deletes the oldest paired device.
598 **
599 ** Returns Pointer to the record or NULL
600 **
601 *******************************************************************************/
btm_find_oldest_dev(void)602 tBTM_SEC_DEV_REC *btm_find_oldest_dev (void)
603 {
604 tBTM_SEC_DEV_REC *p_dev_rec = NULL;
605 tBTM_SEC_DEV_REC *p_oldest = NULL;
606 list_node_t *p_node = NULL;
607 UINT32 ot = 0xFFFFFFFF;
608
609 /* First look for the non-paired devices for the oldest entry */
610 for (p_node = list_begin(btm_cb.p_sec_dev_rec_list); p_node; p_node = list_next(p_node)) {
611 p_dev_rec = list_node(p_node);
612 if (((p_dev_rec->sec_flags & BTM_SEC_IN_USE) == 0)
613 || ((p_dev_rec->sec_flags & (BTM_SEC_LINK_KEY_KNOWN | BTM_SEC_LE_LINK_KEY_KNOWN)) != 0)) {
614 continue; /* Device is paired so skip it */
615 }
616
617 if (p_dev_rec->timestamp < ot) {
618 p_oldest = p_dev_rec;
619 ot = p_dev_rec->timestamp;
620 }
621 }
622
623 if (ot != 0xFFFFFFFF) {
624 return (p_oldest);
625 }
626
627 /* All devices are paired; find the oldest */
628 for (p_node = list_begin(btm_cb.p_sec_dev_rec_list); p_node; p_node = list_next(p_node)) {
629 if ((p_dev_rec->sec_flags & BTM_SEC_IN_USE) == 0) {
630 continue;
631 }
632
633 if (p_dev_rec->timestamp < ot) {
634 p_oldest = p_dev_rec;
635 ot = p_dev_rec->timestamp;
636 }
637 }
638 return (p_oldest);
639 }
640 /*******************************************************************************
641 **
642 ** Function btm_get_bond_type_dev
643 **
644 ** Description Get the bond type for a device in the device database
645 ** with specified BD address
646 **
647 ** Returns The device bond type if known, otherwise BOND_TYPE_UNKNOWN
648 **
649 *******************************************************************************/
btm_get_bond_type_dev(BD_ADDR bd_addr)650 tBTM_BOND_TYPE btm_get_bond_type_dev(BD_ADDR bd_addr)
651 {
652 tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev(bd_addr);
653
654 if (p_dev_rec == NULL) {
655 return BOND_TYPE_UNKNOWN;
656 }
657
658 return p_dev_rec->bond_type;
659 }
660
661 /*******************************************************************************
662 **
663 ** Function btm_set_bond_type_dev
664 **
665 ** Description Set the bond type for a device in the device database
666 ** with specified BD address
667 **
668 ** Returns TRUE on success, otherwise FALSE
669 **
670 *******************************************************************************/
btm_set_bond_type_dev(BD_ADDR bd_addr,tBTM_BOND_TYPE bond_type)671 BOOLEAN btm_set_bond_type_dev(BD_ADDR bd_addr, tBTM_BOND_TYPE bond_type)
672 {
673 tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev(bd_addr);
674
675 if (p_dev_rec == NULL) {
676 return FALSE;
677 }
678
679 p_dev_rec->bond_type = bond_type;
680 return TRUE;
681 }
682
683 /*******************************************************************************
684 **
685 ** Function btm_sec_dev_init
686 **
687 ** Description Create new linked list for dynamic allocation on sec_dev_rec
688 **
689 *******************************************************************************/
btm_sec_dev_init(void)690 void btm_sec_dev_init(void)
691 {
692 btm_cb.p_sec_dev_rec_list = list_new(osi_free_func);
693 }
694
695 /*******************************************************************************
696 **
697 ** Function btm_sec_dev_free
698 **
699 ** Description Delete sec_dev_rec list when btm_cb is being released
700 **
701 *******************************************************************************/
btm_sec_dev_free(void)702 void btm_sec_dev_free(void)
703 {
704 list_free(btm_cb.p_sec_dev_rec_list);
705 }
706