1 /******************************************************************************
2 *
3 * Copyright (C) 2009-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * this file contains GATT database building and query functions
22 *
23 ******************************************************************************/
24
25 #include "common/bt_target.h"
26
27 #if BLE_INCLUDED == TRUE && GATTS_INCLUDED == TRUE
28
29 #include "common/bt_trace.h"
30 #include "osi/allocator.h"
31
32 //#include <stdio.h>
33 #include <string.h>
34 #include "gatt_int.h"
35 #include "stack/l2c_api.h"
36 #include "btm_int.h"
37
38 extern tGATT_STATUS gap_proc_read(tGATTS_REQ_TYPE type, tGATT_READ_REQ *p_data, tGATTS_RSP *p_rsp);
39 extern tGATT_STATUS gatt_proc_read(UINT16 conn_id, tGATTS_REQ_TYPE type, tGATT_READ_REQ *p_data, tGATTS_RSP *p_rsp);
40
41 /********************************************************************************
42 ** L O C A L F U N C T I O N P R O T O T Y P E S *
43 *********************************************************************************/
44 static BOOLEAN allocate_svc_db_buf(tGATT_SVC_DB *p_db);
45 static void *allocate_attr_in_db(tGATT_SVC_DB *p_db, tBT_UUID *p_uuid, tGATT_PERM perm);
46 static BOOLEAN deallocate_attr_in_db(tGATT_SVC_DB *p_db, void *p_attr);
47 static BOOLEAN copy_extra_byte_in_db(tGATT_SVC_DB *p_db, void **p_dst, UINT16 len);
48
49 static BOOLEAN gatts_db_add_service_declaration(tGATT_SVC_DB *p_db, tBT_UUID *p_service, BOOLEAN is_pri);
50 static tGATT_STATUS gatts_send_app_read_request(tGATT_TCB *p_tcb, UINT8 op_code,
51 UINT16 handle, UINT16 offset, UINT32 trans_id, BOOLEAN need_rsp);
52 static BOOLEAN gatts_add_char_desc_value_check (tGATT_ATTR_VAL *attr_val, tGATTS_ATTR_CONTROL *control);
53
54 /*******************************************************************************
55 **
56 ** Function gatts_init_service_db
57 **
58 ** Description This function initialize a memory space to be a service database.
59 **
60 ** Parameter p_db: database pointer.
61 ** len: size of the memory space.
62 **
63 ** Returns Status of the operation.
64 **
65 *******************************************************************************/
gatts_init_service_db(tGATT_SVC_DB * p_db,tBT_UUID * p_service,BOOLEAN is_pri,UINT16 s_hdl,UINT16 num_handle)66 BOOLEAN gatts_init_service_db (tGATT_SVC_DB *p_db, tBT_UUID *p_service, BOOLEAN is_pri,
67 UINT16 s_hdl, UINT16 num_handle)
68 {
69 if (p_db->svc_buffer == NULL) { //in case already alloc
70 p_db->svc_buffer = fixed_queue_new(QUEUE_SIZE_MAX);
71 }
72
73 if (!allocate_svc_db_buf(p_db)) {
74 GATT_TRACE_ERROR("gatts_init_service_db failed, no resources\n");
75 return FALSE;
76 }
77
78 GATT_TRACE_DEBUG("gatts_init_service_db\n");
79 GATT_TRACE_DEBUG("s_hdl = %d num_handle = %d\n", s_hdl, num_handle );
80
81 /* update service database information */
82 p_db->next_handle = s_hdl;
83 p_db->end_handle = s_hdl + num_handle;
84
85 return gatts_db_add_service_declaration(p_db, p_service, is_pri);
86 }
87
88 /*******************************************************************************
89 **
90 ** Function gatts_init_service_db
91 **
92 ** Description This function initialize a memory space to be a service database.
93 **
94 ** Parameter p_db: database pointer.
95 ** len: size of the memory space.
96 **
97 ** Returns Status of the operation.
98 **
99 *******************************************************************************/
gatts_get_service_uuid(tGATT_SVC_DB * p_db)100 tBT_UUID *gatts_get_service_uuid (tGATT_SVC_DB *p_db)
101 {
102 if (!p_db || !p_db->p_attr_list) {
103 GATT_TRACE_ERROR("service DB empty\n");
104
105 return NULL;
106 } else {
107 return &((tGATT_ATTR16 *)p_db->p_attr_list)->p_value->uuid;
108 }
109 }
110
111 /*******************************************************************************
112 **
113 ** Function gatts_check_attr_readability
114 **
115 ** Description check attribute readability
116 **
117 ** Returns status of operation.
118 **
119 *******************************************************************************/
gatts_check_attr_readability(tGATT_ATTR16 * p_attr,UINT16 offset,BOOLEAN read_long,tGATT_SEC_FLAG sec_flag,UINT8 key_size)120 static tGATT_STATUS gatts_check_attr_readability(tGATT_ATTR16 *p_attr,
121 UINT16 offset,
122 BOOLEAN read_long,
123 tGATT_SEC_FLAG sec_flag,
124 UINT8 key_size)
125 {
126 UINT16 min_key_size;
127 tGATT_PERM perm = p_attr->permission;
128
129 UNUSED(offset);
130 min_key_size = (((perm & GATT_ENCRYPT_KEY_SIZE_MASK) >> 12));
131 if (min_key_size != 0 ) {
132 min_key_size += 6;
133 }
134
135 if (!(perm & GATT_READ_ALLOWED)) {
136 GATT_TRACE_ERROR( "GATT_READ_NOT_PERMIT\n");
137 return GATT_READ_NOT_PERMIT;
138 }
139
140 if ((perm & GATT_READ_AUTH_REQUIRED ) && !(sec_flag & GATT_SEC_FLAG_LKEY_UNAUTHED) &&
141 !(sec_flag & BTM_SEC_FLAG_ENCRYPTED)) {
142 GATT_TRACE_ERROR( "GATT_INSUF_AUTHENTICATION\n");
143 return GATT_INSUF_AUTHENTICATION;
144 }
145
146 if ((perm & GATT_READ_MITM_REQUIRED ) && !(sec_flag & GATT_SEC_FLAG_LKEY_AUTHED)) {
147 GATT_TRACE_ERROR( "GATT_INSUF_AUTHENTICATION: MITM Required\n");
148 return GATT_INSUF_AUTHENTICATION;
149 }
150
151 if ((perm & GATT_READ_ENCRYPTED_REQUIRED ) && !(sec_flag & GATT_SEC_FLAG_ENCRYPTED)) {
152 GATT_TRACE_ERROR( "GATT_INSUF_ENCRYPTION\n");
153 return GATT_INSUF_ENCRYPTION;
154 }
155
156 if ( (perm & GATT_READ_ENCRYPTED_REQUIRED) && (sec_flag & GATT_SEC_FLAG_ENCRYPTED) && (key_size < min_key_size)) {
157 GATT_TRACE_ERROR( "GATT_INSUF_KEY_SIZE\n");
158 return GATT_INSUF_KEY_SIZE;
159 }
160 /* LE Authorization check*/
161 if ((perm & GATT_READ_AUTHORIZATION) && (!(sec_flag & GATT_SEC_FLAG_LKEY_AUTHED) || !(sec_flag & GATT_SEC_FLAG_AUTHORIZATION))) {
162 GATT_TRACE_ERROR( "GATT_INSUF_AUTHORIZATION\n");
163 return GATT_INSUF_AUTHORIZATION;
164 }
165
166 if (read_long) {
167 switch (p_attr->uuid) {
168 case GATT_UUID_PRI_SERVICE:
169 case GATT_UUID_SEC_SERVICE:
170 case GATT_UUID_CHAR_DECLARE:
171 case GATT_UUID_INCLUDE_SERVICE:
172 case GATT_UUID_CHAR_EXT_PROP:
173 case GATT_UUID_CHAR_CLIENT_CONFIG:
174 case GATT_UUID_CHAR_SRVR_CONFIG:
175 case GATT_UUID_CHAR_PRESENT_FORMAT:
176 GATT_TRACE_ERROR("GATT_NOT_LONG\n");
177 return GATT_NOT_LONG;
178
179 default:
180 break;
181 }
182 }
183
184 return GATT_SUCCESS;
185 }
186
187 /*******************************************************************************
188 **
189 ** Function read_attr_value
190 **
191 ** Description Utility function to read an attribute value.
192 **
193 ** Parameter p_attr: pointer to the attribute to read.
194 ** offset: read offset.
195 ** p_value: output parameter to carry out the attribute value.
196 ** p_len: output parameter to carry out the attribute length.
197 ** read_long: this is a read blob request.
198 ** mtu: MTU
199 ** sec_flag: current link security status.
200 ** key_size: encryption key size.
201 **
202 ** Returns status of operation.
203 **
204 *******************************************************************************/
read_attr_value(void * p_attr,UINT16 offset,UINT8 ** p_data,BOOLEAN read_long,UINT16 mtu,UINT16 * p_len,tGATT_SEC_FLAG sec_flag,UINT8 key_size)205 static tGATT_STATUS read_attr_value (void *p_attr,
206 UINT16 offset,
207 UINT8 **p_data,
208 BOOLEAN read_long,
209 UINT16 mtu,
210 UINT16 *p_len,
211 tGATT_SEC_FLAG sec_flag,
212 UINT8 key_size)
213 {
214 UINT16 len = 0, uuid16 = 0;
215 UINT8 *p = *p_data;
216 tGATT_STATUS status;
217 tGATT_ATTR16 *p_attr16 = (tGATT_ATTR16 *)p_attr;
218
219 GATT_TRACE_DEBUG("read_attr_value uuid=0x%04x perm=0x%0x sec_flag=0x%x offset=%d read_long=%d\n",
220 p_attr16->uuid,
221 p_attr16->permission,
222 sec_flag,
223 offset,
224 read_long);
225
226 status = gatts_check_attr_readability((tGATT_ATTR16 *)p_attr, offset, read_long, sec_flag, key_size);
227
228 if (status != GATT_SUCCESS) {
229 return status;
230 }
231
232 if (p_attr16->uuid_type == GATT_ATTR_UUID_TYPE_16) {
233 uuid16 = p_attr16->uuid;
234 }
235
236 status = GATT_NO_RESOURCES;
237
238 if (uuid16 == GATT_UUID_PRI_SERVICE || uuid16 == GATT_UUID_SEC_SERVICE) {
239 len = p_attr16->p_value->uuid.len;
240 if (mtu >= p_attr16->p_value->uuid.len) {
241 gatt_build_uuid_to_stream(&p, p_attr16->p_value->uuid);
242 status = GATT_SUCCESS;
243 }
244 } else if (uuid16 == GATT_UUID_CHAR_DECLARE) {
245 len = (((tGATT_ATTR16 *)(p_attr16->p_next))->uuid_type == GATT_ATTR_UUID_TYPE_16) ? 5 : 19;
246
247 if (mtu >= len) {
248 UINT8_TO_STREAM(p, p_attr16->p_value->char_decl.property);
249 UINT16_TO_STREAM(p, p_attr16->p_value->char_decl.char_val_handle);
250
251 if (((tGATT_ATTR16 *)(p_attr16->p_next))->uuid_type == GATT_ATTR_UUID_TYPE_16) {
252 UINT16_TO_STREAM(p, ((tGATT_ATTR16 *)(p_attr16->p_next))->uuid);
253 }
254 /* convert a 32bits UUID to 128 bits */
255 else if (((tGATT_ATTR32 *)(p_attr16->p_next))->uuid_type == GATT_ATTR_UUID_TYPE_32) {
256 gatt_convert_uuid32_to_uuid128 (p, ((tGATT_ATTR32 *)(p_attr16->p_next))->uuid);
257 p += LEN_UUID_128;
258 } else {
259 ARRAY_TO_STREAM (p, ((tGATT_ATTR128 *)(p_attr16->p_next))->uuid, LEN_UUID_128);
260 }
261 status = GATT_SUCCESS;
262 }
263
264 } else if (uuid16 == GATT_UUID_INCLUDE_SERVICE) {
265 if (p_attr16->p_value->incl_handle.service_type.len == LEN_UUID_16) {
266 len = 6;
267 } else {
268 len = 4;
269 }
270
271 if (mtu >= len) {
272 UINT16_TO_STREAM(p, p_attr16->p_value->incl_handle.s_handle);
273 UINT16_TO_STREAM(p, p_attr16->p_value->incl_handle.e_handle);
274
275 if (p_attr16->p_value->incl_handle.service_type.len == LEN_UUID_16) {
276 UINT16_TO_STREAM(p, p_attr16->p_value->incl_handle.service_type.uu.uuid16);
277 }
278 status = GATT_SUCCESS;
279 }
280 } else { /* characteristic description or characteristic value */
281 if (p_attr16->control.auto_rsp == GATT_RSP_BY_STACK) {
282 if (p_attr16->p_value == NULL || p_attr16->p_value->attr_val.attr_val == NULL) {
283 status = GATT_UNKNOWN_ERROR;
284 }
285 else if (offset > p_attr16->p_value->attr_val.attr_len){
286 /*if offset equal to max_len, should respond with zero byte value
287 //if offset is greater than max_len, should respond with an error*/
288 status = GATT_INVALID_OFFSET;
289 } else {
290 UINT8 *value = (UINT8 *)(p_attr16->p_value->attr_val.attr_val) + offset;
291 UINT16 len_left = p_attr16->p_value->attr_val.attr_len - offset;
292 len = (mtu >= len_left) ? (len_left) : mtu;
293 ARRAY_TO_STREAM(p, value, len);
294 status = GATT_STACK_RSP;
295 }
296
297 } else {
298 status = GATT_PENDING;
299 }
300 }
301
302 *p_len = len;
303 *p_data = p;
304 return status;
305 }
306
307 /*******************************************************************************
308 **
309 ** Function gatts_db_read_attr_value_by_type
310 **
311 ** Description Query attribute value by attribute type.
312 **
313 ** Parameter p_db: pointer to the attribute database.
314 ** p_rsp: Read By type response data.
315 ** s_handle: starting handle of the range we are looking for.
316 ** e_handle: ending handle of the range we are looking for.
317 ** type: Attribute type.
318 ** mtu: MTU.
319 ** sec_flag: current link security status.
320 ** key_size: encryption key size.
321 **
322 ** Returns Status of the operation.
323 **
324 *******************************************************************************/
gatts_db_read_attr_value_by_type(tGATT_TCB * p_tcb,tGATT_SVC_DB * p_db,UINT8 op_code,BT_HDR * p_rsp,UINT16 s_handle,UINT16 e_handle,tBT_UUID type,UINT16 * p_len,tGATT_SEC_FLAG sec_flag,UINT8 key_size,UINT32 trans_id,UINT16 * p_cur_handle)325 tGATT_STATUS gatts_db_read_attr_value_by_type (tGATT_TCB *p_tcb,
326 tGATT_SVC_DB *p_db,
327 UINT8 op_code,
328 BT_HDR *p_rsp,
329 UINT16 s_handle,
330 UINT16 e_handle,
331 tBT_UUID type,
332 UINT16 *p_len,
333 tGATT_SEC_FLAG sec_flag,
334 UINT8 key_size,
335 UINT32 trans_id,
336 UINT16 *p_cur_handle)
337 {
338 tGATT_STATUS status = GATT_NOT_FOUND;
339 tGATT_ATTR16 *p_attr;
340 UINT16 len = 0;
341 UINT8 *p = (UINT8 *)(p_rsp + 1) + p_rsp->len + L2CAP_MIN_OFFSET;
342 tBT_UUID attr_uuid;
343 #if (defined(BLE_DELAY_REQUEST_ENC) && (BLE_DELAY_REQUEST_ENC == TRUE))
344 UINT8 flag;
345 #endif
346 BOOLEAN need_rsp;
347 BOOLEAN have_send_request = false;
348
349 if (p_db && p_db->p_attr_list) {
350 p_attr = (tGATT_ATTR16 *)p_db->p_attr_list;
351
352 while (p_attr && p_attr->handle <= e_handle) {
353 if (p_attr->uuid_type == GATT_ATTR_UUID_TYPE_16) {
354 attr_uuid.len = LEN_UUID_16;
355 attr_uuid.uu.uuid16 = p_attr->uuid;
356 } else if (p_attr->uuid_type == GATT_ATTR_UUID_TYPE_32) {
357 attr_uuid.len = LEN_UUID_32;
358 attr_uuid.uu.uuid32 = ((tGATT_ATTR32 *)p_attr)->uuid;
359 } else {
360 attr_uuid.len = LEN_UUID_128;
361 memcpy(attr_uuid.uu.uuid128, ((tGATT_ATTR128 *)p_attr)->uuid, LEN_UUID_128);
362 }
363
364 if (p_attr->handle >= s_handle && gatt_uuid_compare(type, attr_uuid)) {
365 if (*p_len <= 2) {
366 status = GATT_NO_RESOURCES;
367 break;
368 }
369
370 UINT16_TO_STREAM (p, p_attr->handle);
371
372 status = read_attr_value ((void *)p_attr, 0, &p, FALSE, (UINT16)(*p_len - 2), &len, sec_flag, key_size);
373 if (status == GATT_PENDING) {
374
375
376 need_rsp = TRUE;
377 status = gatts_send_app_read_request(p_tcb, op_code, p_attr->handle, 0, trans_id, need_rsp);
378
379 /* one callback at a time */
380 break;
381 } else if (status == GATT_SUCCESS || status == GATT_STACK_RSP) {
382 if (status == GATT_STACK_RSP){
383 need_rsp = FALSE;
384 status = gatts_send_app_read_request(p_tcb, op_code, p_attr->handle, 0, trans_id, need_rsp);
385 if(status == GATT_BUSY)
386 break;
387
388 if (!have_send_request){
389 have_send_request = true;
390 trans_id = p_tcb->sr_cmd.trans_id;
391 }
392 }
393
394 if (p_rsp->offset == 0) {
395 p_rsp->offset = len + 2;
396 }
397
398 if (p_rsp->offset == len + 2) {
399 p_rsp->len += (len + 2);
400 *p_len -= (len + 2);
401 } else {
402 GATT_TRACE_WARNING("format mismatch");
403 status = GATT_NO_RESOURCES;
404 break;
405 }
406 } else {
407 *p_cur_handle = p_attr->handle;
408 break;
409 }
410 }
411 p_attr = (tGATT_ATTR16 *)p_attr->p_next;
412 }
413 }
414
415 #if (defined(BLE_DELAY_REQUEST_ENC) && (BLE_DELAY_REQUEST_ENC == TRUE))
416 if (BTM_GetSecurityFlags(p_tcb->peer_bda, &flag)) {
417 if ((p_tcb->att_lcid == L2CAP_ATT_CID) && (status == GATT_PENDING) &&
418 (type.uu.uuid16 == GATT_UUID_GAP_DEVICE_NAME)) {
419 if ((flag & (BTM_SEC_LINK_KEY_KNOWN | BTM_SEC_FLAG_ENCRYPTED)) ==
420 BTM_SEC_LINK_KEY_KNOWN) {
421 tACL_CONN *p;
422 p = btm_bda_to_acl(p_tcb->peer_bda, BT_TRANSPORT_LE);
423 if ((p != NULL) && (p->link_role == BTM_ROLE_MASTER)) {
424 tBTM_BLE_SEC_ACT sec_act = BTM_BLE_SEC_ENCRYPT;
425 btm_ble_set_encryption(p_tcb->peer_bda, &sec_act, p->link_role);
426 }
427 }
428 }
429 }
430 #endif
431 return status;
432 }
433
434 /*******************************************************************************
435 **
436 ** Function gatts_add_included_service
437 **
438 ** Description This function adds an included service into a database.
439 **
440 ** Parameter p_db: database pointer.
441 ** inc_srvc_type: included service type.
442 **
443 ** Returns Status of the operation.
444 **
445 *******************************************************************************/
gatts_add_included_service(tGATT_SVC_DB * p_db,UINT16 s_handle,UINT16 e_handle,tBT_UUID service)446 UINT16 gatts_add_included_service (tGATT_SVC_DB *p_db, UINT16 s_handle, UINT16 e_handle,
447 tBT_UUID service)
448 {
449 tGATT_ATTR16 *p_attr;
450 tBT_UUID uuid = {LEN_UUID_16, {GATT_UUID_INCLUDE_SERVICE}};
451
452 GATT_TRACE_DEBUG("gatts_add_included_service: s_hdl = 0x%04x e_hdl = 0x%04x uuid = 0x%04x",
453 s_handle, e_handle, service.uu.uuid16);
454
455 if (service.len == 0 || s_handle == 0 || e_handle == 0) {
456 GATT_TRACE_ERROR("gatts_add_included_service Illegal Params.");
457 return 0;
458 }
459
460 BOOLEAN is_include_service_allowed = TRUE;
461 // service declaration
462 tGATT_ATTR16 *first_attr = (tGATT_ATTR16 *)p_db->p_attr_list;
463 if (p_db->p_attr_list != NULL) {
464 tGATT_ATTR16 *next_attr = (tGATT_ATTR16 *)first_attr->p_next;
465 /* This service already has other attributes */
466 while (next_attr != NULL) {
467 if (!(next_attr->uuid_type == GATT_ATTR_UUID_TYPE_16 && next_attr->uuid == GATT_UUID_INCLUDE_SERVICE)) {
468 is_include_service_allowed = FALSE;
469 break;
470 }
471 next_attr = (tGATT_ATTR16 *)next_attr->p_next;
472 }
473
474 }
475 if (!is_include_service_allowed) {
476 GATT_TRACE_ERROR("%s error, The include service should be added before adding the characteristics", __func__);
477 return 0;
478 }
479
480 if ((p_attr = (tGATT_ATTR16 *) allocate_attr_in_db(p_db, &uuid, GATT_PERM_READ)) != NULL) {
481 if (copy_extra_byte_in_db(p_db, (void **)&p_attr->p_value, sizeof(tGATT_INCL_SRVC))) {
482 p_attr->p_value->incl_handle.s_handle = s_handle;
483 p_attr->p_value->incl_handle.e_handle = e_handle;
484 memcpy(&p_attr->p_value->incl_handle.service_type, &service, sizeof(tBT_UUID));
485
486 return p_attr->handle;
487 } else {
488 deallocate_attr_in_db(p_db, p_attr);
489 }
490 }
491
492 return 0;
493 }
494
495 /*******************************************************************************
496 **
497 ** Function gatts_add_characteristic
498 **
499 ** Description This function add a characteristics and its descriptor into
500 ** a service identified by the service database pointer.
501 **
502 ** Parameter p_db: database pointer.
503 ** perm: permission (authentication and key size requirements)
504 ** property: property of the characteristic.
505 ** p_char: characteristic value information.
506 **
507 ** Returns Status of the operation.
508 **
509 *******************************************************************************/
gatts_add_characteristic(tGATT_SVC_DB * p_db,tGATT_PERM perm,tGATT_CHAR_PROP property,tBT_UUID * p_char_uuid,tGATT_ATTR_VAL * attr_val,tGATTS_ATTR_CONTROL * control)510 UINT16 gatts_add_characteristic (tGATT_SVC_DB *p_db, tGATT_PERM perm,
511 tGATT_CHAR_PROP property,
512 tBT_UUID *p_char_uuid, tGATT_ATTR_VAL *attr_val, tGATTS_ATTR_CONTROL *control)
513 {
514 tGATT_ATTR16 *p_char_decl, *p_char_val;
515 tBT_UUID uuid = {LEN_UUID_16, {GATT_UUID_CHAR_DECLARE}};
516 BOOLEAN status;
517
518 GATT_TRACE_DEBUG("gatts_add_characteristic perm=0x%0x property=0x%0x\n", perm, property);
519 /* parameter validation check */
520 status = gatts_add_char_desc_value_check(attr_val, control);
521 if (status == FALSE){
522 return 0;
523 }
524
525
526 if ((p_char_decl = (tGATT_ATTR16 *)allocate_attr_in_db(p_db, &uuid, GATT_PERM_READ)) != NULL) {
527 if (!copy_extra_byte_in_db(p_db, (void **)&p_char_decl->p_value, sizeof(tGATT_CHAR_DECL))) {
528 deallocate_attr_in_db(p_db, p_char_decl);
529 return 0;
530 }
531
532 p_char_val = (tGATT_ATTR16 *)allocate_attr_in_db(p_db, p_char_uuid, perm);
533
534 if (p_char_val == NULL) {
535 deallocate_attr_in_db(p_db, p_char_decl);
536 return 0;
537 }
538
539 p_char_decl->p_value->char_decl.property = property;
540 p_char_decl->p_value->char_decl.char_val_handle = p_char_val->handle;
541 if (control != NULL) {
542 p_char_val->control.auto_rsp = control->auto_rsp;
543 } else {
544 p_char_val->control.auto_rsp = GATT_RSP_DEFAULT;
545 }
546
547 if (attr_val != NULL) {
548 if (!copy_extra_byte_in_db(p_db, (void **)&p_char_val->p_value, sizeof(tGATT_ATTR_VAL))) {
549 deallocate_attr_in_db(p_db, p_char_val);
550 return 0;
551 }
552 GATT_TRACE_DEBUG("attr_val->attr_len = %x, attr_val->attr_max_len = %x\n", attr_val->attr_len, attr_val->attr_max_len);
553 GATT_TRACE_DEBUG("attribute handle = %x\n", p_char_val->handle);
554 p_char_val->p_value->attr_val.attr_len = attr_val->attr_len;
555 p_char_val->p_value->attr_val.attr_max_len = attr_val->attr_max_len;
556 p_char_val->p_value->attr_val.attr_val = osi_malloc(attr_val->attr_max_len);
557 if (p_char_val->p_value->attr_val.attr_val == NULL) {
558 deallocate_attr_in_db(p_db, p_char_decl);
559 deallocate_attr_in_db(p_db, p_char_val);
560 GATT_TRACE_WARNING("Warning in %s, line=%d, insufficient resource to allocate for attribute value\n", __func__, __LINE__);
561 return 0;
562 }
563 else {
564 //add mask to indicate that p_value->attr_val.attr_val is dynamic allocated
565 p_char_val->mask |= GATT_ATTR_VALUE_ALLOCATED;
566 }
567
568 //initiate characteristic attribute value part
569 memset(p_char_val->p_value->attr_val.attr_val, 0, attr_val->attr_max_len);
570 if (attr_val->attr_val != NULL) {
571 if (attr_val->attr_max_len < attr_val->attr_len){
572 GATT_TRACE_ERROR("Error in %s, Line=%d, attribute actual length (%d) should not larger than max size (%d)\n",
573 __func__, __LINE__, attr_val->attr_len, attr_val->attr_max_len);
574 }
575 UINT16 actual_len = (attr_val->attr_max_len < attr_val->attr_len) ? (attr_val->attr_max_len) : (attr_val->attr_len);
576 memcpy(p_char_val->p_value->attr_val.attr_val, attr_val->attr_val, actual_len);
577 }
578 }
579
580 return p_char_val->handle;
581 }
582
583 return 0;
584 }
585
586 /*******************************************************************************
587 **
588 ** Function gatt_convertchar_descr_type
589 **
590 ** Description This function convert a char descript UUID into descriptor type.
591 **
592 ** Returns descriptor type.
593 **
594 *******************************************************************************/
gatt_convertchar_descr_type(tBT_UUID * p_descr_uuid)595 UINT8 gatt_convertchar_descr_type(tBT_UUID *p_descr_uuid)
596 {
597 tBT_UUID std_descr = {LEN_UUID_16, {GATT_UUID_CHAR_EXT_PROP}};
598
599 if (gatt_uuid_compare(std_descr, * p_descr_uuid)) {
600 return GATT_DESCR_EXT_DSCPTOR;
601 }
602
603 std_descr.uu.uuid16 ++;
604 if (gatt_uuid_compare(std_descr, * p_descr_uuid)) {
605 return GATT_DESCR_USER_DSCPTOR;
606 }
607
608 std_descr.uu.uuid16 ++;
609 if (gatt_uuid_compare(std_descr, * p_descr_uuid)) {
610 return GATT_DESCR_CLT_CONFIG;
611 }
612
613 std_descr.uu.uuid16 ++;
614 if (gatt_uuid_compare(std_descr, * p_descr_uuid)) {
615 return GATT_DESCR_SVR_CONFIG;
616 }
617
618 std_descr.uu.uuid16 ++;
619 if (gatt_uuid_compare(std_descr, * p_descr_uuid)) {
620 return GATT_DESCR_PRES_FORMAT;
621 }
622
623 std_descr.uu.uuid16 ++;
624 if (gatt_uuid_compare(std_descr, * p_descr_uuid)) {
625 return GATT_DESCR_AGGR_FORMAT;
626 }
627
628 std_descr.uu.uuid16 ++;
629 if (gatt_uuid_compare(std_descr, * p_descr_uuid)) {
630 return GATT_DESCR_VALID_RANGE;
631 }
632
633
634 return GATT_DESCR_UNKNOWN;
635 }
636
637 /*******************************************************************************
638 **
639 ** Function gatts_add_char_descr
640 **
641 ** Description This function add a characteristics descriptor.
642 **
643 ** Parameter p_db: database pointer.
644 ** perm: characteristic descriptor permission type.
645 ** char_dscp_tpye: the characteristic descriptor masks.
646 ** p_dscp_params: characteristic descriptors values.
647 **
648 ** Returns Status of the operation.
649 **
650 *******************************************************************************/
gatts_add_char_descr(tGATT_SVC_DB * p_db,tGATT_PERM perm,tBT_UUID * p_descr_uuid,tGATT_ATTR_VAL * attr_val,tGATTS_ATTR_CONTROL * control)651 UINT16 gatts_add_char_descr (tGATT_SVC_DB *p_db, tGATT_PERM perm,
652 tBT_UUID *p_descr_uuid, tGATT_ATTR_VAL *attr_val, tGATTS_ATTR_CONTROL *control)
653 {
654 tGATT_ATTR16 *p_char_dscptr;
655 BOOLEAN status;
656
657 GATT_TRACE_DEBUG("gatts_add_char_descr uuid=0x%04x\n", p_descr_uuid->uu.uuid16);
658
659 /* parameter validation check */
660 status = gatts_add_char_desc_value_check(attr_val, control);
661 if (status == FALSE){
662 return 0;
663 }
664
665 /* Add characteristic descriptors */
666 if ((p_char_dscptr = (tGATT_ATTR16 *)allocate_attr_in_db(p_db, p_descr_uuid, perm)) == NULL) {
667 deallocate_attr_in_db(p_db, p_char_dscptr);
668 GATT_TRACE_DEBUG("gatts_add_char_descr Fail for adding char descriptors.");
669 return 0;
670 } else {
671 p_char_dscptr->control.auto_rsp = (control == NULL) ? GATT_RSP_DEFAULT : (control->auto_rsp);
672 if (attr_val != NULL) {
673 if (!copy_extra_byte_in_db(p_db, (void **)&p_char_dscptr->p_value, sizeof(tGATT_ATTR_VAL))) {
674 deallocate_attr_in_db(p_db, p_char_dscptr);
675 return 0;
676 }
677 p_char_dscptr->p_value->attr_val.attr_len = attr_val->attr_len;
678 p_char_dscptr->p_value->attr_val.attr_max_len = attr_val->attr_max_len;
679 if (attr_val->attr_max_len != 0) {
680 p_char_dscptr->p_value->attr_val.attr_val = osi_malloc(attr_val->attr_max_len);
681 if (p_char_dscptr->p_value->attr_val.attr_val == NULL) {
682 deallocate_attr_in_db(p_db, p_char_dscptr);
683 GATT_TRACE_WARNING("Warning in %s, line=%d, insufficient resource to allocate for descriptor value\n", __func__, __LINE__);
684 return 0;
685 }
686 else {
687 //add mask to indicate that p_value->attr_val.attr_val is dynamic allocated
688 p_char_dscptr->mask |= GATT_ATTR_VALUE_ALLOCATED;
689 }
690
691 //initiate characteristic attribute value part
692 memset(p_char_dscptr->p_value->attr_val.attr_val, 0, attr_val->attr_max_len);
693 if(attr_val->attr_val != NULL) {
694 memcpy(p_char_dscptr->p_value->attr_val.attr_val, attr_val->attr_val, attr_val->attr_len);
695 }
696 }
697 }
698 return p_char_dscptr->handle;
699 }
700 }
701
702
703 /*******************************************************************************
704 **
705 ** Function gatts_set_attribute_value
706 **
707 ** Description This function add the attribute value in the database
708 **
709 ** Parameter p_db: database pointer.
710 ** attr_handle: the attribute handle
711 ** length: the attribute value length
712 ** value: the pointer to the data to be set to the attribute value in the database
713 **
714 ** Returns Status of the operation.
715 **
716 *******************************************************************************/
gatts_set_attribute_value(tGATT_SVC_DB * p_db,UINT16 attr_handle,UINT16 length,UINT8 * value)717 tGATT_STATUS gatts_set_attribute_value(tGATT_SVC_DB *p_db, UINT16 attr_handle,
718 UINT16 length, UINT8 *value)
719 {
720 tGATT_ATTR16 *p_cur;
721
722 if (p_db == NULL) {
723 GATT_TRACE_DEBUG("gatts_set_attribute_value Fail:p_db is NULL.\n");
724 return GATT_INVALID_PDU;
725 }
726 if (p_db->p_attr_list == NULL) {
727 GATT_TRACE_DEBUG("gatts_set_attribute_value Fail:p_db->p_attr_list is NULL.\n");
728 return GATT_INVALID_PDU;
729 }
730 if ((length > 0) && (value == NULL)){
731 GATT_TRACE_ERROR("Error in %s, line=%d, value should not be NULL here\n",__func__, __LINE__);
732 return GATT_INVALID_PDU;
733 }
734
735 p_cur = (tGATT_ATTR16 *) p_db->p_attr_list;
736
737 while (p_cur != NULL) {
738 if (p_cur->handle == attr_handle) {
739 /* for characteristic should not be set, return GATT_NOT_FOUND */
740 if (p_cur->uuid_type == GATT_ATTR_UUID_TYPE_16) {
741 switch (p_cur->uuid) {
742 case GATT_UUID_PRI_SERVICE:
743 case GATT_UUID_SEC_SERVICE:
744 case GATT_UUID_CHAR_DECLARE:
745 return GATT_NOT_FOUND;
746 break;
747 }
748 }
749
750 /* in other cases, value can be set*/
751 if ((p_cur->p_value == NULL) || (p_cur->p_value->attr_val.attr_val == NULL) \
752 || (p_cur->p_value->attr_val.attr_max_len == 0)){
753 GATT_TRACE_ERROR("Error in %s, line=%d, attribute value should not be NULL here\n", __func__, __LINE__);
754 return GATT_NOT_FOUND;
755 } else if (p_cur->p_value->attr_val.attr_max_len < length) {
756 GATT_TRACE_ERROR("gatts_set_attribute_value failed:Invalid value length");
757 return GATT_INVALID_ATTR_LEN;
758 } else{
759 memcpy(p_cur->p_value->attr_val.attr_val, value, length);
760 p_cur->p_value->attr_val.attr_len = length;
761 }
762 break;
763 }
764 p_cur = p_cur->p_next;
765 }
766
767 return GATT_SUCCESS;
768 }
769
770 /*******************************************************************************
771 **
772 ** Function gatts_get_attr_value_internal
773 **
774 ** Description This function get the attribute value in gap service and gatt service
775 **
776 ** Parameter attr_handle: the attribute handle
777 ** length: the attribute value length
778 ** value: the pointer to the data to be get to the attribute value in the database
779 **
780 ** Returns Status of the operation.
781 **
782 *******************************************************************************/
gatts_get_attr_value_internal(UINT16 attr_handle,UINT16 * length,UINT8 ** value)783 tGATT_STATUS gatts_get_attr_value_internal(UINT16 attr_handle, UINT16 *length, UINT8 **value)
784 {
785 UINT8 i;
786 tGATT_READ_REQ read_req;
787 tGATT_STATUS status = GATT_NOT_FOUND;
788 tGATT_SR_REG *p_rcb = gatt_cb.sr_reg;
789 UINT8 service_uuid[LEN_UUID_128] = {0};
790
791 if (length == NULL){
792 GATT_TRACE_ERROR("gatts_get_attr_value_internal Fail:length is NULL.\n");
793 return GATT_INVALID_PDU;
794 }
795
796 if (value == NULL){
797 GATT_TRACE_ERROR("gatts_get_attr_value_internal Fail:value is NULL.\n");
798 *length = 0;
799 return GATT_INVALID_PDU;
800 }
801
802 // find the service by handle
803 for (i = 0; i < GATT_MAX_SR_PROFILES; i++, p_rcb++) {
804 if (p_rcb->in_use && p_rcb->s_hdl <= attr_handle && p_rcb->e_hdl >= attr_handle) {
805 break;
806 }
807 }
808
809 // service cb not found
810 if (i == GATT_MAX_SR_PROFILES) {
811 return status;
812 }
813
814 if (p_rcb->app_uuid.len != LEN_UUID_128) {
815 return status;
816 }
817
818 memset(&read_req, 0, sizeof(tGATT_READ_REQ));
819 read_req.handle = attr_handle;
820
821 // read gatt service attribute value
822 memset(service_uuid, 0x81, LEN_UUID_128);
823 if (!memcmp(p_rcb->app_uuid.uu.uuid128, service_uuid, LEN_UUID_128)) {
824 status = gatt_proc_read(0, GATTS_REQ_TYPE_READ, &read_req, &gatt_cb.rsp);
825 }
826
827 // read gap service attribute value
828 memset(service_uuid, 0x82, LEN_UUID_128);
829 if (!memcmp(p_rcb->app_uuid.uu.uuid128, service_uuid, LEN_UUID_128)) {
830 status = gap_proc_read(GATTS_REQ_TYPE_READ, &read_req, &gatt_cb.rsp);
831 }
832
833 if (status == GATT_SUCCESS) {
834 *length = gatt_cb.rsp.attr_value.len;
835 *value = gatt_cb.rsp.attr_value.value;
836 }
837
838 return status;
839 }
840
841 /*******************************************************************************
842 **
843 ** Function gatts_get_attribute_value
844 **
845 ** Description This function get the attribute value in the database
846 **
847 ** Parameter p_db: database pointer.
848 ** attr_handle: the attribute handle
849 ** length: the attribute value length
850 ** value: the pointer to the data to be get to the attribute value in the database
851 **
852 ** Returns Status of the operation.
853 **
854 *******************************************************************************/
gatts_get_attribute_value(tGATT_SVC_DB * p_db,UINT16 attr_handle,UINT16 * length,UINT8 ** value)855 tGATT_STATUS gatts_get_attribute_value(tGATT_SVC_DB *p_db, UINT16 attr_handle,
856 UINT16 *length, UINT8 **value)
857 {
858 tGATT_ATTR16 *p_cur;
859
860 GATT_TRACE_DEBUG("attr_handle = %x\n", attr_handle);
861
862 if (p_db == NULL) {
863 GATT_TRACE_ERROR("gatts_get_attribute_value Fail:p_db is NULL.\n");
864 *length = 0;
865 return GATT_INVALID_PDU;
866 }
867 if (p_db->p_attr_list == NULL) {
868 GATT_TRACE_ERROR("gatts_get_attribute_value Fail:p_db->p_attr_list is NULL.\n");
869 *length = 0;
870 return GATT_INVALID_PDU;
871 }
872 if (length == NULL){
873 GATT_TRACE_ERROR("gatts_get_attribute_value Fail:length is NULL.\n");
874 return GATT_INVALID_PDU;
875 }
876 if (value == NULL){
877 GATT_TRACE_ERROR("gatts_get_attribute_value Fail:value is NULL.\n");
878 *length = 0;
879 return GATT_INVALID_PDU;
880 }
881
882 p_cur = (tGATT_ATTR16 *) p_db->p_attr_list;
883
884 while (p_cur != NULL) {
885 if (p_cur->handle == attr_handle) {
886
887 if (p_cur->uuid_type == GATT_ATTR_UUID_TYPE_16) {
888 switch (p_cur->uuid) {
889 case GATT_UUID_CHAR_DECLARE:
890 case GATT_UUID_INCLUDE_SERVICE:
891 break;
892 default:
893 if (p_cur->p_value && p_cur->p_value->attr_val.attr_len != 0) {
894 *length = p_cur->p_value->attr_val.attr_len;
895 *value = p_cur->p_value->attr_val.attr_val;
896 return GATT_SUCCESS;
897 } else {
898 *length = 0;
899 return GATT_SUCCESS;
900 }
901 break;
902 }
903 } else {
904 if (p_cur->p_value && p_cur->p_value->attr_val.attr_len != 0) {
905 *length = p_cur->p_value->attr_val.attr_len;
906 *value = p_cur->p_value->attr_val.attr_val;
907 return GATT_SUCCESS;
908 } else {
909 *length = 0;
910 return GATT_SUCCESS;
911 }
912
913 }
914
915 break;
916
917 }
918
919 p_cur = p_cur->p_next;
920 }
921
922 return GATT_NOT_FOUND;
923 }
924
gatts_is_auto_response(UINT16 attr_handle)925 BOOLEAN gatts_is_auto_response(UINT16 attr_handle)
926 {
927 tGATT_HDL_LIST_ELEM *p_decl = NULL;
928 BOOLEAN rsp = FALSE;
929 tGATT_SVC_DB *p_db = NULL;
930 if ((p_decl = gatt_find_hdl_buffer_by_attr_handle(attr_handle)) == NULL) {
931 GATT_TRACE_DEBUG("Service not created\n");
932 return rsp;
933 }
934
935 p_db = &p_decl->svc_db;
936
937 tGATT_ATTR16 *p_cur, *p_next;
938
939 if (p_db == NULL) {
940 GATT_TRACE_DEBUG("gatts_get_attribute_value Fail:p_db is NULL.\n");
941 return rsp;
942 }
943 if (p_db->p_attr_list == NULL) {
944 GATT_TRACE_DEBUG("gatts_get_attribute_value Fail:p_db->p_attr_list is NULL.\n");
945 return rsp;
946 }
947
948 p_cur = (tGATT_ATTR16 *) p_db->p_attr_list;
949 p_next = (tGATT_ATTR16 *) p_cur->p_next;
950
951 for (; p_cur != NULL && p_next != NULL;
952 p_cur = p_next, p_next = (tGATT_ATTR16 *)p_next->p_next) {
953 if (p_cur->handle == attr_handle) {
954 if (p_cur->p_value != NULL && p_cur->control.auto_rsp == GATT_RSP_BY_STACK) {
955 rsp = true;
956 return rsp;
957 }
958
959 }
960
961 }
962
963 return rsp;
964
965 }
966
967 /*******************************************************************************/
968 /* Service Attribute Database Query Utility Functions */
969 /*******************************************************************************/
970 /*******************************************************************************
971 **
972 ** Function gatts_read_attr_value_by_handle
973 **
974 ** Description Query attribute value by attribute handle.
975 **
976 ** Parameter p_db: pointer to the attribute database.
977 ** handle: Attribute handle to read.
978 ** offset: Read offset.
979 ** p_value: output parameter to carry out the attribute value.
980 ** p_len: output parameter as attribute length read.
981 ** read_long: this is a read blob request.
982 ** mtu: MTU.
983 ** sec_flag: current link security status.
984 ** key_size: encryption key size
985 **
986 ** Returns Status of operation.
987 **
988 *******************************************************************************/
gatts_read_attr_value_by_handle(tGATT_TCB * p_tcb,tGATT_SVC_DB * p_db,UINT8 op_code,UINT16 handle,UINT16 offset,UINT8 * p_value,UINT16 * p_len,UINT16 mtu,tGATT_SEC_FLAG sec_flag,UINT8 key_size,UINT32 trans_id)989 tGATT_STATUS gatts_read_attr_value_by_handle(tGATT_TCB *p_tcb,
990 tGATT_SVC_DB *p_db,
991 UINT8 op_code,
992 UINT16 handle, UINT16 offset,
993 UINT8 *p_value, UINT16 *p_len,
994 UINT16 mtu,
995 tGATT_SEC_FLAG sec_flag,
996 UINT8 key_size,
997 UINT32 trans_id)
998 {
999 tGATT_STATUS status = GATT_NOT_FOUND;
1000 tGATT_ATTR16 *p_attr;
1001 UINT8 *pp = p_value;
1002
1003 if (p_db && p_db->p_attr_list) {
1004 p_attr = (tGATT_ATTR16 *)p_db->p_attr_list;
1005
1006 while (p_attr && handle >= p_attr->handle) {
1007 if (p_attr->handle == handle) {
1008 status = read_attr_value (p_attr, offset, &pp,
1009 (BOOLEAN)(op_code == GATT_REQ_READ_BLOB),
1010 mtu, p_len, sec_flag, key_size);
1011
1012 if ((status == GATT_PENDING) || (status == GATT_STACK_RSP)) {
1013 BOOLEAN need_rsp = (status != GATT_STACK_RSP);
1014 status = gatts_send_app_read_request(p_tcb, op_code, p_attr->handle, offset, trans_id, need_rsp);
1015 }
1016 break;
1017 }
1018 p_attr = (tGATT_ATTR16 *)p_attr->p_next;
1019 }
1020 }
1021
1022
1023 return status;
1024 }
1025
gatts_write_attr_value_by_handle(tGATT_SVC_DB * p_db,UINT16 handle,UINT16 offset,UINT8 * p_value,UINT16 len)1026 tGATT_STATUS gatts_write_attr_value_by_handle(tGATT_SVC_DB *p_db,
1027 UINT16 handle, UINT16 offset,
1028 UINT8 *p_value, UINT16 len)
1029 {
1030 tGATT_STATUS status = GATT_NOT_FOUND;
1031 tGATT_ATTR16 *p_attr;
1032
1033 if (p_db && p_db->p_attr_list) {
1034 p_attr = (tGATT_ATTR16 *)p_db->p_attr_list;
1035
1036 while (p_attr && handle >= p_attr->handle) {
1037 if (p_attr->handle == handle ) {
1038 if (p_attr->control.auto_rsp == GATT_RSP_BY_APP) {
1039 return GATT_APP_RSP;
1040 }
1041
1042 if ((p_attr->p_value != NULL) &&
1043 (p_attr->p_value->attr_val.attr_max_len >= offset + len) &&
1044 p_attr->p_value->attr_val.attr_val != NULL) {
1045 memcpy(p_attr->p_value->attr_val.attr_val + offset, p_value, len);
1046 p_attr->p_value->attr_val.attr_len = len + offset;
1047 return GATT_SUCCESS;
1048 } else if (p_attr->p_value && p_attr->p_value->attr_val.attr_max_len < offset + len){
1049 GATT_TRACE_DEBUG("Remote device try to write with a length larger then attribute's max length\n");
1050 return GATT_INVALID_ATTR_LEN;
1051 } else if ((p_attr->p_value == NULL) || (p_attr->p_value->attr_val.attr_val == NULL)){
1052 GATT_TRACE_ERROR("Error in %s, line=%d, %s should not be NULL here\n", __func__, __LINE__, \
1053 (p_attr->p_value == NULL) ? "p_value" : "attr_val.attr_val");
1054 return GATT_UNKNOWN_ERROR;
1055 }
1056 }
1057
1058 p_attr = (tGATT_ATTR16 *)p_attr->p_next;
1059
1060 }
1061 }
1062
1063 return status;
1064 }
1065
1066 /*******************************************************************************
1067 **
1068 ** Function gatts_read_attr_perm_check
1069 **
1070 ** Description Check attribute readability.
1071 **
1072 ** Parameter p_db: pointer to the attribute database.
1073 ** handle: Attribute handle to read.
1074 ** offset: Read offset.
1075 ** p_value: output parameter to carry out the attribute value.
1076 ** p_len: output parameter as attribute length read.
1077 ** read_long: this is a read blob request.
1078 ** mtu: MTU.
1079 ** sec_flag: current link security status.
1080 ** key_size: encryption key size
1081 **
1082 ** Returns Status of operation.
1083 **
1084 *******************************************************************************/
gatts_read_attr_perm_check(tGATT_SVC_DB * p_db,BOOLEAN is_long,UINT16 handle,tGATT_SEC_FLAG sec_flag,UINT8 key_size)1085 tGATT_STATUS gatts_read_attr_perm_check(tGATT_SVC_DB *p_db,
1086 BOOLEAN is_long,
1087 UINT16 handle,
1088 tGATT_SEC_FLAG sec_flag,
1089 UINT8 key_size)
1090 {
1091 tGATT_STATUS status = GATT_NOT_FOUND;
1092 tGATT_ATTR16 *p_attr;
1093
1094 if (p_db && p_db->p_attr_list) {
1095 p_attr = (tGATT_ATTR16 *)p_db->p_attr_list;
1096
1097 while (p_attr && handle >= p_attr->handle) {
1098 if (p_attr->handle == handle) {
1099 status = gatts_check_attr_readability (p_attr, 0,
1100 is_long,
1101 sec_flag, key_size);
1102 break;
1103 }
1104 p_attr = (tGATT_ATTR16 *) p_attr->p_next;
1105 }
1106 }
1107
1108 return status;
1109 }
1110
1111
1112 /*******************************************************************************
1113 **
1114 ** Function gatts_write_attr_perm_check
1115 **
1116 ** Description Write attribute value into database.
1117 **
1118 ** Parameter p_db: pointer to the attribute database.
1119 ** op_code:op code of this write.
1120 ** handle: handle of the attribute to write.
1121 ** offset: Write offset if write op code is write blob.
1122 ** p_data: Attribute value to write.
1123 ** len: attribute data length.
1124 ** sec_flag: current link security status.
1125 ** key_size: encryption key size
1126 **
1127 ** Returns Status of the operation.
1128 **
1129 *******************************************************************************/
gatts_write_attr_perm_check(tGATT_SVC_DB * p_db,UINT8 op_code,UINT16 handle,UINT16 offset,UINT8 * p_data,UINT16 len,tGATT_SEC_FLAG sec_flag,UINT8 key_size)1130 tGATT_STATUS gatts_write_attr_perm_check (tGATT_SVC_DB *p_db, UINT8 op_code,
1131 UINT16 handle, UINT16 offset, UINT8 *p_data,
1132 UINT16 len, tGATT_SEC_FLAG sec_flag, UINT8 key_size)
1133 {
1134 tGATT_STATUS status = GATT_NOT_FOUND;
1135 tGATT_ATTR16 *p_attr;
1136 UINT16 max_size = 0;
1137 tGATT_PERM perm;
1138 UINT16 min_key_size;
1139
1140 GATT_TRACE_DEBUG( "gatts_write_attr_perm_check op_code=0x%0x handle=0x%04x offset=%d len=%d sec_flag=0x%0x key_size=%d",
1141 op_code, handle, offset, len, sec_flag, key_size);
1142
1143 if (p_db != NULL) {
1144 p_attr = (tGATT_ATTR16 *) p_db->p_attr_list;
1145
1146 while (p_attr != NULL) {
1147 if (p_attr->handle == handle) {
1148 perm = p_attr->permission;
1149 min_key_size = (((perm & GATT_ENCRYPT_KEY_SIZE_MASK) >> 12));
1150 if (min_key_size != 0 ) {
1151 min_key_size += 6;
1152 }
1153 GATT_TRACE_DEBUG( "gatts_write_attr_perm_check p_attr->permission =0x%04x min_key_size==0x%04x",
1154 p_attr->permission,
1155 min_key_size);
1156
1157 if ((op_code == GATT_CMD_WRITE || op_code == GATT_REQ_WRITE)
1158 && (perm & GATT_WRITE_SIGNED_PERM)) {
1159 /* use the rules for the mixed security see section 10.2.3*/
1160 /* use security mode 1 level 2 when the following condition follows */
1161 /* LE security mode 2 level 1 and LE security mode 1 level 2 */
1162 if ((perm & GATT_PERM_WRITE_SIGNED) && (perm & GATT_PERM_WRITE_ENCRYPTED)) {
1163 perm = GATT_PERM_WRITE_ENCRYPTED;
1164 }
1165 /* use security mode 1 level 3 when the following condition follows */
1166 /* LE security mode 2 level 2 and security mode 1 and LE */
1167 else if (((perm & GATT_PERM_WRITE_SIGNED_MITM) && (perm & GATT_PERM_WRITE_ENCRYPTED)) ||
1168 /* LE security mode 2 and security mode 1 level 3 */
1169 ((perm & GATT_WRITE_SIGNED_PERM) && (perm & GATT_PERM_WRITE_ENC_MITM))) {
1170 perm = GATT_PERM_WRITE_ENC_MITM;
1171 }
1172 }
1173
1174 if ((op_code == GATT_SIGN_CMD_WRITE) && !(perm & GATT_WRITE_SIGNED_PERM)) {
1175 status = GATT_WRITE_NOT_PERMIT;
1176 GATT_TRACE_DEBUG( "gatts_write_attr_perm_check - sign cmd write not allowed,handle %04x,perm %04x", handle, perm);
1177 }
1178 if ((op_code == GATT_SIGN_CMD_WRITE) && (sec_flag & GATT_SEC_FLAG_ENCRYPTED)) {
1179 status = GATT_INVALID_PDU;
1180 GATT_TRACE_ERROR( "gatts_write_attr_perm_check - Error!! sign cmd write sent on a encrypted link,handle %04x,perm %04x", handle, perm);
1181 } else if (!(perm & GATT_WRITE_ALLOWED)) {
1182 status = GATT_WRITE_NOT_PERMIT;
1183 GATT_TRACE_ERROR("gatts_write_attr_perm_check - GATT_WRITE_NOT_PERMIT,handle %04x, perm %04x", handle, perm);
1184 }
1185 /* require authentication, but not been authenticated */
1186 else if ((perm & GATT_WRITE_AUTH_REQUIRED ) && !(sec_flag & GATT_SEC_FLAG_LKEY_UNAUTHED)) {
1187 status = GATT_INSUF_AUTHENTICATION;
1188 GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INSUF_AUTHENTICATION,handle %04x, perm %04x", handle, perm);
1189 } else if ((perm & GATT_WRITE_MITM_REQUIRED ) && !(sec_flag & GATT_SEC_FLAG_LKEY_AUTHED)) {
1190 status = GATT_INSUF_AUTHENTICATION;
1191 GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INSUF_AUTHENTICATION: MITM required,handle %04x,perm %04x", handle, perm);
1192 } else if ((perm & GATT_WRITE_ENCRYPTED_PERM ) && !(sec_flag & GATT_SEC_FLAG_ENCRYPTED)) {
1193 status = GATT_INSUF_ENCRYPTION;
1194 GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INSUF_ENCRYPTION,handle:0x%04x, perm:0x%04x", handle, perm);
1195 } else if ((perm & GATT_WRITE_ENCRYPTED_PERM ) && (sec_flag & GATT_SEC_FLAG_ENCRYPTED) && (key_size < min_key_size)) {
1196 status = GATT_INSUF_KEY_SIZE;
1197 GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INSUF_KEY_SIZE,handle %04x,perm %04x", handle, perm);
1198 }
1199 /* LE Authorization check*/
1200 else if ((perm & GATT_WRITE_AUTHORIZATION) && (!(sec_flag & GATT_SEC_FLAG_LKEY_AUTHED) || !(sec_flag & GATT_SEC_FLAG_AUTHORIZATION))){
1201 status = GATT_INSUF_AUTHORIZATION;
1202 GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INSUF_AUTHORIZATION,handle %04x,perm %04x", handle, perm);
1203 }
1204 /* LE security mode 2 attribute */
1205 else if (perm & GATT_WRITE_SIGNED_PERM && op_code != GATT_SIGN_CMD_WRITE && !(sec_flag & GATT_SEC_FLAG_ENCRYPTED)
1206 && (perm & GATT_WRITE_ALLOWED) == 0) {
1207 status = GATT_INSUF_AUTHENTICATION;
1208 GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INSUF_AUTHENTICATION: LE security mode 2 required,handle %04x,perm %04x", handle, perm);
1209 } else { /* writable: must be char value declaration or char descriptors */
1210 if (p_attr->uuid_type == GATT_ATTR_UUID_TYPE_16) {
1211 switch (p_attr->uuid) {
1212 case GATT_UUID_CHAR_PRESENT_FORMAT:/* should be readable only */
1213 case GATT_UUID_CHAR_EXT_PROP:/* should be readable only */
1214 case GATT_UUID_CHAR_AGG_FORMAT: /* should be readable only */
1215 case GATT_UUID_CHAR_VALID_RANGE:
1216 status = GATT_WRITE_NOT_PERMIT;
1217 break;
1218 case GATT_UUID_GAP_ICON:/* The Appearance characteristic value shall be 2 octets in length */
1219 case GATT_UUID_CHAR_CLIENT_CONFIG:
1220 /* coverity[MISSING_BREAK] */
1221 /* intnended fall through, ignored */
1222 /* fall through */
1223 case GATT_UUID_CHAR_SRVR_CONFIG:
1224 max_size = 2;
1225 status = GATT_SUCCESS;
1226 break;
1227 case GATT_UUID_CLIENT_SUP_FEAT:
1228 max_size = 1;
1229 status = GATT_SUCCESS;
1230 break;
1231 case GATT_UUID_CHAR_DESCRIPTION:
1232 default: /* any other must be character value declaration */
1233 status = GATT_SUCCESS;
1234 break;
1235 }
1236 } else if (p_attr->uuid_type == GATT_ATTR_UUID_TYPE_128 ||
1237 p_attr->uuid_type == GATT_ATTR_UUID_TYPE_32) {
1238 status = GATT_SUCCESS;
1239 } else {
1240 status = GATT_INVALID_PDU;
1241 }
1242
1243 if (p_data == NULL && len > 0) {
1244 status = GATT_INVALID_PDU;
1245 }
1246 /* these attribute does not allow write blob */
1247 // btla-specific ++
1248 else if ( (p_attr->uuid_type == GATT_ATTR_UUID_TYPE_16) &&
1249 (p_attr->uuid == GATT_UUID_CHAR_CLIENT_CONFIG ||
1250 p_attr->uuid == GATT_UUID_CHAR_SRVR_CONFIG ||
1251 p_attr->uuid == GATT_UUID_CLIENT_SUP_FEAT ||
1252 p_attr->uuid == GATT_UUID_GAP_ICON
1253 ) )
1254 // btla-specific --
1255 {
1256 if (op_code == GATT_REQ_PREPARE_WRITE) { /* does not allow write blob */
1257 status = GATT_REQ_NOT_SUPPORTED;
1258 GATT_TRACE_ERROR("gatts_write_attr_perm_check - GATT_REQ_NOT_SUPPORTED,handle %04x,opcode %4x", handle, op_code);
1259 } else if (len != max_size) { /* data does not match the required format */
1260 status = GATT_INVALID_ATTR_LEN;
1261 GATT_TRACE_ERROR("gatts_write_attr_perm_check - GATT_INVALID_ATTR_LEN,handle %04x,op_code %04x,len %d,max_size %d", handle, op_code, len, max_size);
1262 } else {
1263 status = GATT_SUCCESS;
1264 }
1265 }
1266 }
1267 break;
1268 } else {
1269 p_attr = (tGATT_ATTR16 *)p_attr->p_next;
1270 }
1271 }
1272 }
1273
1274 return status;
1275 }
1276
1277 /*******************************************************************************
1278 **
1279 ** Function allocate_attr_in_db
1280 **
1281 ** Description Allocate a memory space for a new attribute, and link this
1282 ** attribute into the database attribute list.
1283 **
1284 **
1285 ** Parameter p_db : database pointer.
1286 ** p_uuid: pointer to attribute UUID
1287 ** service : type of attribute to be added.
1288 **
1289 ** Returns pointer to the newly allocated attribute.
1290 **
1291 *******************************************************************************/
allocate_attr_in_db(tGATT_SVC_DB * p_db,tBT_UUID * p_uuid,tGATT_PERM perm)1292 static void *allocate_attr_in_db(tGATT_SVC_DB *p_db, tBT_UUID *p_uuid, tGATT_PERM perm)
1293 {
1294 tGATT_ATTR16 *p_attr16 = NULL, *p_last;
1295 tGATT_ATTR32 *p_attr32 = NULL;
1296 tGATT_ATTR128 *p_attr128 = NULL;
1297 UINT16 len = sizeof(tGATT_ATTR128);
1298
1299 if (p_uuid == NULL) {
1300 GATT_TRACE_ERROR("illegal UUID\n");
1301 return NULL;
1302 }
1303
1304 if (p_uuid->len == LEN_UUID_16) {
1305 len = sizeof(tGATT_ATTR16);
1306 } else if (p_uuid->len == LEN_UUID_32) {
1307 len = sizeof(tGATT_ATTR32);
1308 }
1309
1310 GATT_TRACE_DEBUG("allocate attr %d bytes\n", len);
1311
1312 if (p_db->end_handle <= p_db->next_handle) {
1313 GATT_TRACE_DEBUG("handle space full. handle_max = %d next_handle = %d\n",
1314 p_db->end_handle, p_db->next_handle);
1315 return NULL;
1316 }
1317
1318 if (p_db->mem_free < len) {
1319 if (!allocate_svc_db_buf(p_db)) {
1320 GATT_TRACE_ERROR("allocate_attr_in_db failed, no resources\n");
1321 return NULL;
1322 }
1323 }
1324 memset(p_db->p_free_mem, 0, len);
1325 p_attr16 = (tGATT_ATTR16 *) p_db->p_free_mem;
1326
1327 if (p_uuid->len == LEN_UUID_16 && p_uuid->uu.uuid16 != GATT_ILLEGAL_UUID) {
1328 p_attr16->uuid_type = GATT_ATTR_UUID_TYPE_16;
1329 p_attr16->uuid = p_uuid->uu.uuid16;
1330 } else if (p_uuid->len == LEN_UUID_32) {
1331 p_attr32 = (tGATT_ATTR32 *) p_db->p_free_mem;
1332 p_attr32->uuid_type = GATT_ATTR_UUID_TYPE_32;
1333 p_attr32->uuid = p_uuid->uu.uuid32;
1334 } else if (p_uuid->len == LEN_UUID_128) {
1335 p_attr128 = (tGATT_ATTR128 *) p_db->p_free_mem;
1336 p_attr128->uuid_type = GATT_ATTR_UUID_TYPE_128;
1337 memcpy(p_attr128->uuid, p_uuid->uu.uuid128, LEN_UUID_128);
1338 }
1339
1340 p_db->p_free_mem += len;
1341 p_db->mem_free -= len;
1342
1343 p_attr16->handle = p_db->next_handle++;
1344 p_attr16->permission = perm;
1345 p_attr16->p_next = NULL;
1346
1347 /* link the attribute record into the end of DB */
1348 if (p_db->p_attr_list == NULL) {
1349 p_db->p_attr_list = p_attr16;
1350 } else {
1351 p_last = (tGATT_ATTR16 *)p_db->p_attr_list;
1352
1353 while (p_last != NULL && p_last->p_next != NULL) {
1354 p_last = (tGATT_ATTR16 *)p_last->p_next;
1355 }
1356
1357 p_last->p_next = p_attr16;
1358 }
1359
1360 if (p_attr16->uuid_type == GATT_ATTR_UUID_TYPE_16) {
1361 GATT_TRACE_DEBUG("=====> handle = [0x%04x] uuid16 = [0x%04x] perm=0x%02x\n",
1362 p_attr16->handle, p_attr16->uuid, p_attr16->permission);
1363 } else if (p_attr16->uuid_type == GATT_ATTR_UUID_TYPE_32) {
1364 GATT_TRACE_DEBUG("=====> handle = [0x%04x] uuid32 = [0x%08x] perm=0x%02x\n",
1365 p_attr32->handle, p_attr32->uuid, p_attr32->permission);
1366 } else {
1367 GATT_TRACE_DEBUG("=====> handle = [0x%04x] uuid128 = [0x%02x:0x%02x] perm=0x%02x\n",
1368 p_attr128->handle, p_attr128->uuid[0], p_attr128->uuid[1],
1369 p_attr128->permission);
1370 }
1371 return (void *)p_attr16;
1372 }
1373
1374
1375
1376 /*******************************************************************************
1377 **
1378 ** Function deallocate_attr_in_db
1379 **
1380 ** Description Free an attribute within the database.
1381 **
1382 ** Parameter p_db: database pointer.
1383 ** p_attr: pointer to the attribute record to be freed.
1384 **
1385 ** Returns BOOLEAN: success
1386 **
1387 *******************************************************************************/
deallocate_attr_in_db(tGATT_SVC_DB * p_db,void * p_attr)1388 static BOOLEAN deallocate_attr_in_db(tGATT_SVC_DB *p_db, void *p_attr)
1389 {
1390 tGATT_ATTR16 *p_cur, *p_next;
1391 BOOLEAN found = FALSE;
1392
1393 if (p_db->p_attr_list == NULL) {
1394 return found;
1395 }
1396
1397 p_cur = (tGATT_ATTR16 *) p_db->p_attr_list;
1398 p_next = (tGATT_ATTR16 *) p_cur->p_next;
1399
1400 for (; p_cur != NULL && p_next != NULL;
1401 p_cur = p_next, p_next = (tGATT_ATTR16 *)p_next->p_next) {
1402 if (p_next == p_attr) {
1403 p_cur->p_next = p_next->p_next;
1404 found = TRUE;
1405 }
1406 }
1407 if (p_cur == p_attr && p_cur == p_db->p_attr_list) {
1408 p_db->p_attr_list = p_cur->p_next;
1409 found = TRUE;
1410 }
1411 /* else attr not found */
1412 if ( found) {
1413 p_db->next_handle --;
1414 }
1415
1416 return found;
1417 }
1418
1419 /*******************************************************************************
1420 **
1421 ** Function copy_extra_byte_in_db
1422 **
1423 ** Description Utility function to allocate extra bytes memory in DB and copy
1424 ** the value from a source place.
1425 **
1426 **
1427 ** Parameter p_db: database pointer.
1428 ** p_dst: destination data pointer.
1429 ** p_src: source data pointer.
1430 ** len: data length to be copied.
1431 **
1432 ** Returns None.
1433 **
1434 *******************************************************************************/
copy_extra_byte_in_db(tGATT_SVC_DB * p_db,void ** p_dst,UINT16 len)1435 static BOOLEAN copy_extra_byte_in_db(tGATT_SVC_DB *p_db, void **p_dst, UINT16 len)
1436 {
1437 UINT8 *p = (UINT8 *)*p_dst;
1438
1439 if (p_db->mem_free < len) {
1440 if (!allocate_svc_db_buf(p_db)) {
1441 GATT_TRACE_ERROR("copy_extra_byte_in_db failed, no resources\n");
1442 return FALSE;
1443 }
1444 }
1445
1446 p = p_db->p_free_mem;
1447 p_db->p_free_mem += len;
1448 p_db->mem_free -= len;
1449 memset((void *)p, 0, len);
1450 *p_dst = (void *)p;
1451
1452 return TRUE;
1453 }
1454
1455 /*******************************************************************************
1456 **
1457 ** Function allocate_svc_db_buf
1458 **
1459 ** Description Utility function to allocate extra buffer for service database.
1460 **
1461 ** Returns TRUE if allocation succeed, otherwise FALSE.
1462 **
1463 *******************************************************************************/
allocate_svc_db_buf(tGATT_SVC_DB * p_db)1464 static BOOLEAN allocate_svc_db_buf(tGATT_SVC_DB *p_db)
1465 {
1466 BT_HDR *p_buf;
1467
1468 GATT_TRACE_DEBUG("allocate_svc_db_buf allocating extra buffer");
1469
1470 if ((p_buf = (BT_HDR *)osi_calloc(GATT_DB_BUF_SIZE)) == NULL) {
1471 GATT_TRACE_ERROR("allocate_svc_db_buf failed, no resources");
1472 return FALSE;
1473 }
1474
1475 p_db->p_free_mem = (UINT8 *) p_buf;
1476 p_db->mem_free = GATT_DB_BUF_SIZE;
1477
1478 fixed_queue_enqueue(p_db->svc_buffer, p_buf, FIXED_QUEUE_MAX_TIMEOUT);
1479
1480 return TRUE;
1481
1482 }
1483
1484 /*******************************************************************************
1485 **
1486 ** Function gatts_send_app_read_request
1487 **
1488 ** Description Send application read request callback
1489 **
1490 ** Returns status of operation.
1491 **
1492 *******************************************************************************/
gatts_send_app_read_request(tGATT_TCB * p_tcb,UINT8 op_code,UINT16 handle,UINT16 offset,UINT32 trans_id,BOOLEAN need_rsp)1493 static tGATT_STATUS gatts_send_app_read_request(tGATT_TCB *p_tcb, UINT8 op_code,
1494 UINT16 handle, UINT16 offset, UINT32 trans_id, BOOLEAN need_rsp)
1495 {
1496 tGATTS_DATA sr_data;
1497 UINT8 i_rcb;
1498 tGATT_SR_REG *p_sreg;
1499 UINT16 conn_id;
1500
1501 i_rcb = gatt_sr_find_i_rcb_by_handle(handle);
1502 if (i_rcb == GATT_MAX_SR_PROFILES) {
1503 GATT_TRACE_ERROR("Failed to find i_rcb,Error in %s, line=%d, \n", __func__, __LINE__);
1504 return (tGATT_STATUS) GATT_ERROR;
1505 }
1506 p_sreg = &gatt_cb.sr_reg[i_rcb];
1507 conn_id = GATT_CREATE_CONN_ID(p_tcb->tcb_idx, p_sreg->gatt_if);
1508
1509 if (trans_id == 0) {
1510 trans_id = gatt_sr_enqueue_cmd(p_tcb, op_code, handle);
1511 gatt_sr_update_cback_cnt(p_tcb, p_sreg->gatt_if, TRUE, TRUE);
1512 }
1513
1514 if (trans_id != 0 ) {
1515 memset(&sr_data, 0, sizeof(tGATTS_DATA));
1516
1517 sr_data.read_req.handle = handle;
1518 sr_data.read_req.is_long = (BOOLEAN)(op_code == GATT_REQ_READ_BLOB);
1519 sr_data.read_req.offset = offset;
1520 sr_data.read_req.need_rsp = need_rsp;
1521
1522 gatt_sr_send_req_callback(conn_id,
1523 trans_id, GATTS_REQ_TYPE_READ, &sr_data);
1524
1525 if (need_rsp) {
1526 return (tGATT_STATUS) GATT_PENDING;
1527 }
1528 else{
1529 return (tGATT_STATUS) GATT_STACK_RSP;
1530 }
1531 } else {
1532 return (tGATT_STATUS) GATT_BUSY; /* max pending command, application error */
1533 }
1534
1535 }
1536
1537 /*******************************************************************************
1538 **
1539 ** Function gatts_db_add_service_declaration
1540 **
1541 ** Description Update a service database service declaration record.
1542 **
1543 ** Parameter p_db: database pointer.
1544 ** service: UUID of the service.
1545 **
1546 ** Returns void
1547 **
1548 *******************************************************************************/
gatts_db_add_service_declaration(tGATT_SVC_DB * p_db,tBT_UUID * p_service,BOOLEAN is_pri)1549 static BOOLEAN gatts_db_add_service_declaration(tGATT_SVC_DB *p_db, tBT_UUID *p_service, BOOLEAN is_pri)
1550 {
1551 tGATT_ATTR16 *p_attr;
1552 tBT_UUID uuid = {LEN_UUID_16, {0}};
1553 BOOLEAN rt = FALSE;
1554
1555 GATT_TRACE_DEBUG( "add_service_declaration");
1556
1557 if (is_pri) {
1558 uuid.uu.uuid16 = GATT_UUID_PRI_SERVICE;
1559 } else {
1560 uuid.uu.uuid16 = GATT_UUID_SEC_SERVICE;
1561 }
1562
1563 /* add service declaration record */
1564 if ((p_attr = (tGATT_ATTR16 *)(allocate_attr_in_db(p_db, &uuid, GATT_PERM_READ))) != NULL) {
1565 if (copy_extra_byte_in_db (p_db, (void **)&p_attr->p_value, sizeof(tBT_UUID))) {
1566 if (p_service->len == LEN_UUID_16) {
1567 p_attr->p_value->uuid.len = LEN_UUID_16;
1568 p_attr->p_value->uuid.uu.uuid16 = p_service->uu.uuid16;
1569 } else if (p_service->len == LEN_UUID_32) {
1570 p_attr->p_value->uuid.len = LEN_UUID_128;
1571 gatt_convert_uuid32_to_uuid128(p_attr->p_value->uuid.uu.uuid128, p_service->uu.uuid32);
1572 } else {
1573 p_attr->p_value->uuid.len = LEN_UUID_128;
1574 memcpy(p_attr->p_value->uuid.uu.uuid128, p_service->uu.uuid128, LEN_UUID_128);
1575 }
1576 rt = TRUE;
1577 }
1578
1579 }
1580 return rt;
1581 }
1582
1583 /*******************************************************************************
1584 **
1585 ** Function gatts_add_char_desc_value_check
1586 **
1587 ** Description parameters validation check for gatts add char/descriptor functions
1588 **
1589 ** Parameter attr_val: attribute value for char/descriptor.
1590 ** control: control variable for char/descriptor.
1591 **
1592 ** Returns void
1593 **
1594 *******************************************************************************/
gatts_add_char_desc_value_check(tGATT_ATTR_VAL * attr_val,tGATTS_ATTR_CONTROL * control)1595 static BOOLEAN gatts_add_char_desc_value_check (tGATT_ATTR_VAL *attr_val, tGATTS_ATTR_CONTROL *control)
1596 {
1597 if ((control != NULL) && ((control->auto_rsp != GATT_RSP_BY_APP) && (control->auto_rsp != GATT_RSP_BY_STACK))){
1598 GATT_TRACE_ERROR("Error in %s, line=%d, control->auto_rsp should be set to GATT_RSP_BY_APP or GATT_RSP_BY_STACK here\n",\
1599 __func__, __LINE__);
1600 return FALSE;
1601 }
1602
1603 if ((control != NULL) && (control->auto_rsp == GATT_RSP_BY_STACK)){
1604 if (attr_val == NULL){
1605 GATT_TRACE_ERROR("Error in %s, line=%d, for stack respond attribute, attr_val should not be NULL here\n",\
1606 __func__, __LINE__);
1607 return FALSE;
1608 } else if (attr_val->attr_max_len == 0){
1609 GATT_TRACE_ERROR("Error in %s, line=%d, for stack respond attribute, attribute max length should not be 0\n",\
1610 __func__, __LINE__);
1611 return FALSE;
1612 }
1613 }
1614
1615 if (attr_val != NULL){
1616 if (attr_val->attr_len > attr_val->attr_max_len){
1617 GATT_TRACE_ERROR("Error in %s, line=%d,attribute actual length should not be larger than max length\n",\
1618 __func__, __LINE__);
1619 return FALSE;
1620 }
1621 }
1622
1623 return TRUE ;
1624 }
1625
1626 #endif /* BLE_INCLUDED == TRUE && GATTS_INCLUDED == TRUE */
1627
