1 /******************************************************************************
2 *
3 * Copyright (C) 2005-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18 #include <string.h>
19
20 #include "common/bt_target.h"
21 #if defined(BTA_HH_INCLUDED) && (BTA_HH_INCLUDED == TRUE)
22
23 #include "osi/allocator.h"
24 #include "bta_hh_int.h"
25
26 /* if SSR max latency is not defined by remote device, set the default value
27 as half of the link supervision timeout */
28 #define BTA_HH_GET_DEF_SSR_MAX_LAT(x) ((x)>> 1)
29
30 /*****************************************************************************
31 ** Constants
32 *****************************************************************************/
33 #define BTA_HH_KB_CTRL_MASK 0x11
34 #define BTA_HH_KB_SHIFT_MASK 0x22
35 #define BTA_HH_KB_ALT_MASK 0x44
36 #define BTA_HH_KB_GUI_MASK 0x88
37
38 #define BTA_HH_KB_CAPS_LOCK 0x39 /* caps lock */
39 #define BTA_HH_KB_NUM_LOCK 0x53 /* num lock */
40
41
42 #define BTA_HH_MAX_RPT_CHARS 8
43
44 static const UINT8 bta_hh_mod_key_mask[BTA_HH_MOD_MAX_KEY] = {
45 BTA_HH_KB_CTRL_MASK,
46 BTA_HH_KB_SHIFT_MASK,
47 BTA_HH_KB_ALT_MASK,
48 BTA_HH_KB_GUI_MASK
49 };
50
51
52 /*******************************************************************************
53 **
54 ** Function bta_hh_find_cb
55 **
56 ** Description Find best available control block according to BD address.
57 **
58 **
59 ** Returns void
60 **
61 *******************************************************************************/
bta_hh_find_cb(BD_ADDR bda)62 UINT8 bta_hh_find_cb(BD_ADDR bda)
63 {
64 UINT8 xx;
65
66 /* See how many active devices there are. */
67 for (xx = 0; xx < BTA_HH_MAX_DEVICE; xx++) {
68 /* check if any active/known devices is a match */
69 if ((!bdcmp (bda, bta_hh_cb.kdev[xx].addr) &&
70 bdcmp(bda, bd_addr_null) != 0) ) {
71 #if BTA_HH_DEBUG
72 APPL_TRACE_DEBUG("found kdev_cb[%d] hid_handle = %d ", xx,
73 bta_hh_cb.kdev[xx].hid_handle)
74 #endif
75 return xx;
76 }
77 #if BTA_HH_DEBUG
78 else {
79 APPL_TRACE_DEBUG("in_use ? [%d] kdev[%d].hid_handle = %d state = [%d]",
80 bta_hh_cb.kdev[xx].in_use, xx,
81 bta_hh_cb.kdev[xx].hid_handle,
82 bta_hh_cb.kdev[xx].state);
83 }
84 #endif
85 }
86
87 /* if no active device match, find a spot for it */
88 for (xx = 0; xx < BTA_HH_MAX_DEVICE; xx++) {
89 if (!bta_hh_cb.kdev[xx].in_use) {
90 bdcpy(bta_hh_cb.kdev[xx].addr, bda);
91 bta_hh_cb.kdev[xx].in_use = TRUE;
92 break;
93 }
94 }
95 /* If device list full, report BTA_HH_IDX_INVALID */
96 #if BTA_HH_DEBUG
97 APPL_TRACE_DEBUG("bta_hh_find_cb:: index = %d while max = %d",
98 xx, BTA_HH_MAX_DEVICE);
99 #endif
100
101 if (xx == BTA_HH_MAX_DEVICE) {
102 xx = BTA_HH_IDX_INVALID;
103 }
104
105 return xx;
106 }
107
108 /*******************************************************************************
109 **
110 ** Function bta_hh_clean_up_kdev
111 **
112 ** Description Clean up device control block when device is removed from
113 ** manitainace list, and update control block index map.
114 **
115 ** Returns void
116 **
117 *******************************************************************************/
bta_hh_clean_up_kdev(tBTA_HH_DEV_CB * p_cb)118 void bta_hh_clean_up_kdev(tBTA_HH_DEV_CB *p_cb)
119 {
120 UINT8 index;
121
122 if (p_cb->hid_handle != BTA_HH_INVALID_HANDLE ) {
123 #if BTA_HH_LE_INCLUDED == TRUE
124 if (p_cb->is_le_device) {
125 bta_hh_cb.le_cb_index[BTA_HH_GET_LE_CB_IDX(p_cb->hid_handle)] = BTA_HH_IDX_INVALID;
126 } else
127 #endif
128 {
129 bta_hh_cb.cb_index[p_cb->hid_handle] = BTA_HH_IDX_INVALID;
130 }
131 }
132
133 /* reset device control block */
134 index = p_cb->index; /* Preserve index for this control block */
135
136 /* Free buffer for report descriptor info */
137 utl_freebuf((void **)&p_cb->dscp_info.descriptor.dsc_list);
138
139 memset(p_cb, 0, sizeof (tBTA_HH_DEV_CB)); /* Reset control block */
140
141 p_cb->index = index; /* Restore index for this control block */
142 p_cb->state = BTA_HH_IDLE_ST;
143 p_cb->hid_handle = BTA_HH_INVALID_HANDLE;
144
145 }
146 /*******************************************************************************
147 **
148 ** Function bta_hh_update_di_info
149 **
150 ** Description Maintain a known device list for BTA HH.
151 **
152 ** Returns void
153 **
154 *******************************************************************************/
bta_hh_update_di_info(tBTA_HH_DEV_CB * p_cb,UINT16 vendor_id,UINT16 product_id,UINT16 version,UINT8 flag)155 void bta_hh_update_di_info(tBTA_HH_DEV_CB *p_cb, UINT16 vendor_id, UINT16 product_id,
156 UINT16 version, UINT8 flag)
157 {
158 #if BTA_HH_DEBUG
159 APPL_TRACE_DEBUG("vendor_id = 0x%2x product_id = 0x%2x version = 0x%2x",
160 vendor_id, product_id, version);
161 #endif
162 p_cb->dscp_info.vendor_id = vendor_id;
163 p_cb->dscp_info.product_id = product_id;
164 p_cb->dscp_info.version = version;
165 #if (defined BTA_HH_LE_INCLUDED && BTA_HH_LE_INCLUDED == TRUE)
166 p_cb->dscp_info.flag = flag;
167 #else
168 UNUSED(flag);
169 #endif
170 }
171 /*******************************************************************************
172 **
173 ** Function bta_hh_add_device_to_list
174 **
175 ** Description Maintain a known device list for BTA HH.
176 **
177 ** Returns void
178 **
179 *******************************************************************************/
bta_hh_add_device_to_list(tBTA_HH_DEV_CB * p_cb,UINT8 handle,UINT16 attr_mask,tHID_DEV_DSCP_INFO * p_dscp_info,UINT8 sub_class,UINT16 ssr_max_latency,UINT16 ssr_min_tout,UINT8 app_id)180 void bta_hh_add_device_to_list(tBTA_HH_DEV_CB *p_cb, UINT8 handle,
181 UINT16 attr_mask,
182 tHID_DEV_DSCP_INFO *p_dscp_info,
183 UINT8 sub_class,
184 UINT16 ssr_max_latency,
185 UINT16 ssr_min_tout,
186 UINT8 app_id)
187 {
188 #if BTA_HH_DEBUG
189 APPL_TRACE_DEBUG("subclass = 0x%2x", sub_class);
190 #endif
191
192 p_cb->hid_handle = handle;
193 p_cb->in_use = TRUE;
194 p_cb->attr_mask = attr_mask;
195
196 p_cb->sub_class = sub_class;
197 p_cb->app_id = app_id;
198
199 p_cb->dscp_info.ssr_max_latency = ssr_max_latency;
200 p_cb->dscp_info.ssr_min_tout = ssr_min_tout;
201
202 /* store report descriptor info */
203 if ( p_dscp_info) {
204 utl_freebuf((void **)&p_cb->dscp_info.descriptor.dsc_list);
205
206 if (p_dscp_info->dl_len &&
207 (p_cb->dscp_info.descriptor.dsc_list =
208 (UINT8 *)osi_malloc(p_dscp_info->dl_len)) != NULL) {
209 p_cb->dscp_info.descriptor.dl_len = p_dscp_info->dl_len;
210 memcpy(p_cb->dscp_info.descriptor.dsc_list, p_dscp_info->dsc_list,
211 p_dscp_info->dl_len);
212 }
213 }
214 return;
215 }
216
217 /*******************************************************************************
218 **
219 ** Function bta_hh_tod_spt
220 **
221 ** Description Check to see if this type of device is supported
222 **
223 ** Returns
224 **
225 *******************************************************************************/
bta_hh_tod_spt(tBTA_HH_DEV_CB * p_cb,UINT8 sub_class)226 BOOLEAN bta_hh_tod_spt(tBTA_HH_DEV_CB *p_cb, UINT8 sub_class)
227 {
228 UINT8 xx;
229 UINT8 cod = (sub_class >> 2); /* lower two bits are reserved */
230
231 for (xx = 0 ; xx < p_bta_hh_cfg->max_devt_spt; xx ++) {
232 if (cod == (UINT8) p_bta_hh_cfg->p_devt_list[xx].tod) {
233 p_cb->app_id = p_bta_hh_cfg->p_devt_list[xx].app_id;
234 #if BTA_HH_DEBUG
235 APPL_TRACE_EVENT("bta_hh_tod_spt sub_class:0x%x supported", sub_class);
236 #endif
237 return TRUE;
238 }
239 }
240 #if BTA_HH_DEBUG
241 APPL_TRACE_ERROR("bta_hh_tod_spt sub_class:0x%x NOT supported", sub_class);
242 #endif
243 return FALSE;
244 }
245
246
247 /*******************************************************************************
248 **
249 ** Function bta_hh_parse_keybd_rpt
250 **
251 ** Description This utility function parse a boot mode keyboard report.
252 **
253 ** Returns void
254 **
255 *******************************************************************************/
bta_hh_parse_keybd_rpt(tBTA_HH_BOOT_RPT * p_kb_data,UINT8 * p_report,UINT16 report_len)256 void bta_hh_parse_keybd_rpt(tBTA_HH_BOOT_RPT *p_kb_data, UINT8 *p_report,
257 UINT16 report_len)
258 {
259 tBTA_HH_KB_CB *p_kb = &bta_hh_cb.kb_cb;
260 tBTA_HH_KEYBD_RPT *p_data = &p_kb_data->data_rpt.keybd_rpt;
261
262 UINT8 this_char, ctl_shift;
263 UINT16 xx, yy, key_idx = 0;
264 UINT8 this_report[BTA_HH_MAX_RPT_CHARS];
265
266 #if BTA_HH_DEBUG
267 APPL_TRACE_DEBUG("bta_hh_parse_keybd_rpt: (report=%p, report_len=%d) called",
268 p_report, report_len);
269 #endif
270
271 if (report_len < 2) {
272 return;
273 }
274
275 ctl_shift = *p_report++;
276 report_len--;
277
278 if (report_len > BTA_HH_MAX_RPT_CHARS) {
279 report_len = BTA_HH_MAX_RPT_CHARS;
280 }
281
282 memset (this_report, 0, BTA_HH_MAX_RPT_CHARS);
283 memset (p_data, 0, sizeof(tBTA_HH_KEYBD_RPT));
284 memcpy (this_report, p_report, report_len);
285
286 /* Take care of shift, control, GUI and alt, modifier keys */
287 for (xx = 0; xx < BTA_HH_MOD_MAX_KEY; xx ++ ) {
288 if (ctl_shift & bta_hh_mod_key_mask[xx]) {
289 APPL_TRACE_DEBUG("Mod Key[%02x] pressed", bta_hh_mod_key_mask[xx] );
290 p_kb->mod_key[xx] = TRUE;
291 } else if (p_kb->mod_key[xx]) {
292 p_kb->mod_key[xx] = FALSE;
293 }
294 /* control key flag is set */
295 p_data->mod_key[xx] = p_kb->mod_key[xx];
296 }
297
298 /***************************************************************************/
299 /* First step is to remove all characters we saw in the last report */
300 /***************************************************************************/
301 for (xx = 0; xx < report_len; xx++) {
302 for (yy = 0; yy < BTA_HH_MAX_RPT_CHARS; yy++) {
303 if (this_report[xx] == p_kb->last_report[yy]) {
304 this_report[xx] = 0;
305 }
306 }
307 }
308 /***************************************************************************/
309 /* Now, process all the characters in the report, up to 6 keycodes */
310 /***************************************************************************/
311 for (xx = 0; xx < report_len; xx++) {
312 #if BTA_HH_DEBUG
313 APPL_TRACE_DEBUG("this_char = %02x", this_report[xx]);
314 #endif
315 if ((this_char = this_report[xx]) == 0) {
316 continue;
317 }
318 /* take the key code as the report data */
319 if (this_report[xx] == BTA_HH_KB_CAPS_LOCK) {
320 p_kb->caps_lock = p_kb->caps_lock ? FALSE : TRUE;
321 } else if (this_report[xx] == BTA_HH_KB_NUM_LOCK) {
322 p_kb->num_lock = p_kb->num_lock ? FALSE : TRUE;
323 } else {
324 p_data->this_char[key_idx ++] = this_char;
325 }
326
327 #if BTA_HH_DEBUG
328 APPL_TRACE_DEBUG("found keycode %02x ", this_report[xx]);
329 #endif
330 p_data->caps_lock = p_kb->caps_lock;
331 p_data->num_lock = p_kb->num_lock;
332 }
333
334 memset (p_kb->last_report, 0, BTA_HH_MAX_RPT_CHARS);
335 memcpy (p_kb->last_report, p_report, report_len);
336
337 return;
338 }
339
340 /*******************************************************************************
341 **
342 ** Function bta_hh_parse_mice_rpt
343 **
344 ** Description This utility function parse a boot mode mouse report.
345 **
346 ** Returns void
347 **
348 *******************************************************************************/
bta_hh_parse_mice_rpt(tBTA_HH_BOOT_RPT * p_mice_data,UINT8 * p_report,UINT16 report_len)349 void bta_hh_parse_mice_rpt(tBTA_HH_BOOT_RPT *p_mice_data, UINT8 *p_report,
350 UINT16 report_len)
351 {
352 tBTA_HH_MICE_RPT *p_data = &p_mice_data->data_rpt.mice_rpt;
353 #if BTA_HH_DEBUG
354 UINT8 xx;
355
356 APPL_TRACE_DEBUG("bta_hh_parse_mice_rpt: bta_keybd_rpt_rcvd(report=%p, \
357 report_len=%d) called", p_report, report_len);
358 #endif
359
360 if (report_len < 3) {
361 return;
362 }
363
364 if (report_len > BTA_HH_MAX_RPT_CHARS) {
365 report_len = BTA_HH_MAX_RPT_CHARS;
366 }
367
368 #if BTA_HH_DEBUG
369 for (xx = 0; xx < report_len; xx++) {
370 APPL_TRACE_DEBUG("this_char = %02x", p_report[xx]);
371 }
372 #endif
373
374 /* only first bytes lower 3 bits valid */
375 p_data->mouse_button = (p_report[0] & 0x07);
376
377 /* x displacement */
378 p_data->delta_x = p_report[1];
379
380 /* y displacement */
381 p_data->delta_y = p_report[2];
382
383 #if BTA_HH_DEBUG
384 APPL_TRACE_DEBUG("mice button: 0x%2x", p_data->mouse_button);
385 APPL_TRACE_DEBUG("mice move: x = %d y = %d", p_data->delta_x,
386 p_data->delta_y );
387 #endif
388
389 return;
390
391 }
392
393 /*******************************************************************************
394 **
395 ** Function bta_hh_read_ssr_param
396 **
397 ** Description Read the SSR Parameter for the remote device
398 **
399 ** Returns tBTA_HH_STATUS operation status
400 **
401 *******************************************************************************/
bta_hh_read_ssr_param(BD_ADDR bd_addr,UINT16 * p_max_ssr_lat,UINT16 * p_min_ssr_tout)402 tBTA_HH_STATUS bta_hh_read_ssr_param(BD_ADDR bd_addr, UINT16 *p_max_ssr_lat, UINT16 *p_min_ssr_tout)
403 {
404 tBTA_HH_STATUS status = BTA_HH_ERR;
405 tBTA_HH_CB *p_cb = &bta_hh_cb;
406 UINT8 i;
407 UINT16 ssr_max_latency;
408 for (i = 0; i < BTA_HH_MAX_KNOWN; i ++) {
409 if (memcmp(p_cb->kdev[i].addr, bd_addr, BD_ADDR_LEN) == 0) {
410
411 /* if remote device does not have HIDSSRHostMaxLatency attribute in SDP,
412 set SSR max latency default value here. */
413 if (p_cb->kdev[i].dscp_info.ssr_max_latency == HID_SSR_PARAM_INVALID) {
414 /* The default is calculated as half of link supervision timeout.*/
415
416 BTM_GetLinkSuperTout(p_cb->kdev[i].addr, &ssr_max_latency) ;
417 ssr_max_latency = BTA_HH_GET_DEF_SSR_MAX_LAT(ssr_max_latency);
418
419 /* per 1.1 spec, if the newly calculated max latency is greater than
420 BTA_HH_SSR_MAX_LATENCY_DEF which is 500ms, use BTA_HH_SSR_MAX_LATENCY_DEF */
421 if (ssr_max_latency > BTA_HH_SSR_MAX_LATENCY_DEF) {
422 ssr_max_latency = BTA_HH_SSR_MAX_LATENCY_DEF;
423 }
424
425 * p_max_ssr_lat = ssr_max_latency;
426 } else {
427 * p_max_ssr_lat = p_cb->kdev[i].dscp_info.ssr_max_latency;
428 }
429
430 if (p_cb->kdev[i].dscp_info.ssr_min_tout == HID_SSR_PARAM_INVALID) {
431 * p_min_ssr_tout = BTA_HH_SSR_MIN_TOUT_DEF;
432 } else {
433 * p_min_ssr_tout = p_cb->kdev[i].dscp_info.ssr_min_tout;
434 }
435
436 status = BTA_HH_OK;
437
438 break;
439 }
440 }
441
442 return status;
443 }
444
445 /*******************************************************************************
446 **
447 ** Function bta_hh_cleanup_disable
448 **
449 ** Description when disable finished, cleanup control block and send callback
450 **
451 **
452 ** Returns void
453 **
454 *******************************************************************************/
bta_hh_cleanup_disable(tBTA_HH_STATUS status)455 void bta_hh_cleanup_disable(tBTA_HH_STATUS status)
456 {
457 UINT8 xx;
458 /* free buffer in CB holding report descriptors */
459 for (xx = 0; xx < BTA_HH_MAX_DEVICE; xx ++) {
460 utl_freebuf((void **)&bta_hh_cb.kdev[xx].dscp_info.descriptor.dsc_list);
461 }
462 utl_freebuf((void **)&bta_hh_cb.p_disc_db);
463
464 if (bta_hh_cb.p_cback) {
465 (*bta_hh_cb.p_cback)(BTA_HH_DISABLE_EVT, (tBTA_HH*)&status);
466 /* all connections are down, no waiting for diconnect */
467 memset(&bta_hh_cb, 0, sizeof(tBTA_HH_CB));
468 }
469 }
470
471 /*******************************************************************************
472 **
473 ** Function bta_hh_dev_handle_to_cb_idx
474 **
475 ** Description convert a HID device handle to the device control block index.
476 **
477 **
478 ** Returns UINT8: index of the device control block.
479 **
480 *******************************************************************************/
bta_hh_dev_handle_to_cb_idx(UINT8 dev_handle)481 UINT8 bta_hh_dev_handle_to_cb_idx(UINT8 dev_handle)
482 {
483 UINT8 index = BTA_HH_IDX_INVALID;
484
485 #if BTA_HH_LE_INCLUDED == TRUE
486 if (BTA_HH_IS_LE_DEV_HDL(dev_handle)) {
487 if (BTA_HH_IS_LE_DEV_HDL_VALID(dev_handle)) {
488 index = bta_hh_cb.le_cb_index[BTA_HH_GET_LE_CB_IDX(dev_handle)];
489 }
490 #if BTA_HH_DEBUG == TRUE
491 APPL_TRACE_DEBUG("bta_hh_dev_handle_to_cb_idx dev_handle = %d index = %d", dev_handle, index);
492 #endif
493 } else
494 #endif
495 {
496 /* regular HID device checking */
497 if (dev_handle < BTA_HH_MAX_KNOWN ) {
498 index = bta_hh_cb.cb_index[dev_handle];
499 }
500 }
501 return index;
502
503 }
504 #if BTA_HH_DEBUG
505 /*******************************************************************************
506 **
507 ** Function bta_hh_trace_dev_db
508 **
509 ** Description Check to see if this type of device is supported
510 **
511 ** Returns
512 **
513 *******************************************************************************/
bta_hh_trace_dev_db(void)514 void bta_hh_trace_dev_db(void)
515 {
516 UINT8 xx;
517
518 APPL_TRACE_DEBUG("bta_hh_trace_dev_db:: Device DB list********************");
519
520 for (xx = 0; xx < BTA_HH_MAX_DEVICE; xx++) {
521 APPL_TRACE_DEBUG("kdev[%d] in_use[%d] handle[%d] ", xx,
522 bta_hh_cb.kdev[xx].in_use, bta_hh_cb.kdev[xx].hid_handle);
523
524 APPL_TRACE_DEBUG("\t\t\t attr_mask[%04x] state [%d] sub_class[%02x] index = %d",
525 bta_hh_cb.kdev[xx].attr_mask, bta_hh_cb.kdev[xx].state,
526 bta_hh_cb.kdev[xx].sub_class, bta_hh_cb.kdev[xx].index);
527 }
528 APPL_TRACE_DEBUG("*********************************************************");
529 }
530 #endif
531 #endif /* HL_INCLUDED */
532
