From c5afe0ea2d588d78ef32476f03e4728e3b70f1aa Mon Sep 17 00:00:00 2001 From: zwj Date: Thu, 17 Sep 2020 14:32:27 +0800 Subject: [PATCH 01/10] fix vendor hci memory leak --- components/bt/host/bluedroid/bta/dm/bta_dm_api.c | 4 +--- .../bt/host/bluedroid/stack/btm/btm_ble_multi_adv.c | 12 ++++++++---- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/components/bt/host/bluedroid/bta/dm/bta_dm_api.c b/components/bt/host/bluedroid/bta/dm/bta_dm_api.c index aeeadb0983..f47b047a4f 100644 --- a/components/bt/host/bluedroid/bta/dm/bta_dm_api.c +++ b/components/bt/host/bluedroid/bta/dm/bta_dm_api.c @@ -2663,9 +2663,7 @@ void BTA_VendorCleanup (void) } #endif - if (cmn_ble_vsc_cb.adv_inst_max > 0) { - btm_ble_multi_adv_cleanup(); - } + btm_ble_multi_adv_cleanup(); } #endif diff --git a/components/bt/host/bluedroid/stack/btm/btm_ble_multi_adv.c b/components/bt/host/bluedroid/stack/btm/btm_ble_multi_adv.c index b18d68e39a..c7b9f06802 100644 --- a/components/bt/host/bluedroid/stack/btm/btm_ble_multi_adv.c +++ b/components/bt/host/bluedroid/stack/btm/btm_ble_multi_adv.c @@ -840,10 +840,14 @@ void btm_ble_multi_adv_cleanup(void) } #if BTM_DYNAMIC_MEMORY == TRUE - osi_free(btm_multi_adv_cb_ptr); - osi_free(btm_multi_adv_idx_q_ptr); - btm_multi_adv_cb_ptr = NULL; - btm_multi_adv_idx_q_ptr = NULL; + if(btm_multi_adv_cb_ptr) { + osi_free(btm_multi_adv_cb_ptr); + btm_multi_adv_cb_ptr = NULL; + } + if(btm_multi_adv_idx_q_ptr) { + osi_free(btm_multi_adv_idx_q_ptr); + btm_multi_adv_idx_q_ptr = NULL; + } #endif } From 66b1f37c8b8f75b3979ca32ca9a3ca36eb7278de Mon Sep 17 00:00:00 2001 From: zwj Date: Thu, 22 Oct 2020 16:10:02 +0800 Subject: [PATCH 02/10] fix scan rsp length err --- .../bt/host/bluedroid/stack/btm/btm_ble_gap.c | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/components/bt/host/bluedroid/stack/btm/btm_ble_gap.c b/components/bt/host/bluedroid/stack/btm/btm_ble_gap.c index 04f67d7d12..91fa4a7691 100644 --- a/components/bt/host/bluedroid/stack/btm/btm_ble_gap.c +++ b/components/bt/host/bluedroid/stack/btm/btm_ble_gap.c @@ -2987,7 +2987,7 @@ void btm_ble_cache_adv_data(BD_ADDR bda, tBTM_INQ_RESULTS *p_cur, UINT8 data_len { tBTM_BLE_INQ_CB *p_le_inq_cb = &btm_cb.ble_ctr_cb.inq_var; UINT8 *p_cache; - UINT8 length; + //UINT8 length; /* cache adv report/scan response data */ if (evt_type != BTM_BLE_SCAN_RSP_EVT) { @@ -3008,17 +3008,9 @@ void btm_ble_cache_adv_data(BD_ADDR bda, tBTM_INQ_RESULTS *p_cur, UINT8 data_len if (data_len > 0) { p_cache = &p_le_inq_cb->adv_data_cache[p_le_inq_cb->adv_len]; - STREAM_TO_UINT8(length, p); - while ( length && ((p_le_inq_cb->adv_len + length + 1) <= BTM_BLE_CACHE_ADV_DATA_MAX)) { - /* copy from the length byte & data into cache */ - memcpy(p_cache, p - 1, length + 1); - /* advance the cache pointer past data */ - p_cache += length + 1; - /* increment cache length */ - p_le_inq_cb->adv_len += length + 1; - /* skip the length of data */ - p += length; - STREAM_TO_UINT8(length, p); + if((data_len + p_le_inq_cb->adv_len) <= BTM_BLE_CACHE_ADV_DATA_MAX) { + memcpy(p_cache, p, data_len); + p_le_inq_cb->adv_len += data_len; } } From 70589fc49d401dc2b835f68a1dd4d745caa40f81 Mon Sep 17 00:00:00 2001 From: zwj Date: Tue, 4 Aug 2020 20:19:25 +0800 Subject: [PATCH 03/10] fix ble read multi char err when the number of handles is more than 10 --- .../bt/host/bluedroid/bta/gatt/bta_gattc_act.c | 14 +++++++++----- components/bt/host/bluedroid/stack/gatt/gatt_sr.c | 1 + 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/components/bt/host/bluedroid/bta/gatt/bta_gattc_act.c b/components/bt/host/bluedroid/bta/gatt/bta_gattc_act.c index 51125fd801..ba05a6f339 100644 --- a/components/bt/host/bluedroid/bta/gatt/bta_gattc_act.c +++ b/components/bt/host/bluedroid/bta/gatt/bta_gattc_act.c @@ -1154,12 +1154,16 @@ void bta_gattc_read_multi(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data) memset(&read_param, 0, sizeof(tGATT_READ_PARAM)); if (status == BTA_GATT_OK) { - read_param.read_multiple.num_handles = p_data->api_read_multi.num_attr; - read_param.read_multiple.auth_req = p_data->api_read_multi.auth_req; - memcpy(&read_param.read_multiple.handles, p_data->api_read_multi.handles, - sizeof(UINT16) * p_data->api_read_multi.num_attr); + if(p_data->api_read_multi.num_attr < GATT_MAX_READ_MULTI_HANDLES) { + read_param.read_multiple.num_handles = p_data->api_read_multi.num_attr; + read_param.read_multiple.auth_req = p_data->api_read_multi.auth_req; + memcpy(&read_param.read_multiple.handles, p_data->api_read_multi.handles, + sizeof(UINT16) * p_data->api_read_multi.num_attr); - status = GATTC_Read(p_clcb->bta_conn_id, GATT_READ_MULTIPLE, &read_param); + status = GATTC_Read(p_clcb->bta_conn_id, GATT_READ_MULTIPLE, &read_param); + } else { + status = GATT_ILLEGAL_PARAMETER; + } } /* read fail */ diff --git a/components/bt/host/bluedroid/stack/gatt/gatt_sr.c b/components/bt/host/bluedroid/stack/gatt/gatt_sr.c index 1607857810..dcbcc6de27 100644 --- a/components/bt/host/bluedroid/stack/gatt/gatt_sr.c +++ b/components/bt/host/bluedroid/stack/gatt/gatt_sr.c @@ -527,6 +527,7 @@ void gatt_process_read_multi_req (tGATT_TCB *p_tcb, UINT8 op_code, UINT16 len, U if (ll != 0) { GATT_TRACE_ERROR("max attribute handle reached in ReadMultiple Request."); + err = GATT_INVALID_HANDLE; } if (p_tcb->sr_cmd.multi_req.num_handles == 0) { From d5951d3c9eb3f397166dc8ee3370994d0fef5ae3 Mon Sep 17 00:00:00 2001 From: zwj Date: Wed, 28 Oct 2020 14:19:58 +0800 Subject: [PATCH 04/10] - fix congest return value - fix system no rsp when doing disconnect - fix no congest event when ssc do writing performance --- .../bt/host/bluedroid/bta/gatt/bta_gattc_act.c | 15 +++++---------- .../bluedroid/btc/profile/std/gatt/btc_gattc.c | 12 ++++++++++++ components/bt/host/bluedroid/stack/btm/btm_sec.c | 2 ++ .../bt/host/bluedroid/stack/l2cap/l2c_api.c | 2 +- 4 files changed, 20 insertions(+), 11 deletions(-) diff --git a/components/bt/host/bluedroid/bta/gatt/bta_gattc_act.c b/components/bt/host/bluedroid/bta/gatt/bta_gattc_act.c index ba05a6f339..554eade9f3 100644 --- a/components/bt/host/bluedroid/bta/gatt/bta_gattc_act.c +++ b/components/bt/host/bluedroid/bta/gatt/bta_gattc_act.c @@ -68,6 +68,8 @@ static void bta_gattc_cong_cback (UINT16 conn_id, BOOLEAN congested); static void bta_gattc_req_cback (UINT16 conn_id, UINT32 trans_id, tGATTS_REQ_TYPE type, tGATTS_DATA *p_data); static tBTA_GATTC_FIND_SERVICE_CB bta_gattc_register_service_change_notify(UINT16 conn_id, BD_ADDR remote_bda); +extern void btc_gattc_congest_callback(tBTA_GATTC *param); + static const tGATT_CBACK bta_gattc_cl_cback = { bta_gattc_conn_cback, bta_gattc_cmpl_cback, @@ -2168,17 +2170,10 @@ static void bta_gattc_cmpl_sendmsg(UINT16 conn_id, tGATTC_OPTYPE op, ********************************************************************************/ static void bta_gattc_cong_cback (UINT16 conn_id, BOOLEAN congested) { - tBTA_GATTC_CLCB *p_clcb; tBTA_GATTC cb_data; - - if ((p_clcb = bta_gattc_find_clcb_by_conn_id(conn_id)) != NULL) { - if (p_clcb->p_rcb->p_cback) { - cb_data.congest.conn_id = conn_id; - cb_data.congest.congested = congested; - - (*p_clcb->p_rcb->p_cback)(BTA_GATTC_CONGEST_EVT, &cb_data); - } - } + cb_data.congest.conn_id = conn_id; + cb_data.congest.congested = congested; + btc_gattc_congest_callback(&cb_data); } /******************************************************************************* diff --git a/components/bt/host/bluedroid/btc/profile/std/gatt/btc_gattc.c b/components/bt/host/bluedroid/btc/profile/std/gatt/btc_gattc.c index c81b5b2cd4..5f55f2a267 100644 --- a/components/bt/host/bluedroid/btc/profile/std/gatt/btc_gattc.c +++ b/components/bt/host/bluedroid/btc/profile/std/gatt/btc_gattc.c @@ -1011,4 +1011,16 @@ void btc_gattc_cb_handler(btc_msg_t *msg) btc_gattc_free_req_data(msg); } +void btc_gattc_congest_callback(tBTA_GATTC *param) +{ + esp_ble_gattc_cb_param_t esp_param = {0}; + memset(&esp_param, 0, sizeof(esp_ble_gattc_cb_param_t)); + + uint8_t gattc_if = BTC_GATT_GET_GATT_IF(param->congest.conn_id); + esp_param.congest.conn_id = BTC_GATT_GET_CONN_ID(param->congest.conn_id); + esp_param.congest.congested = (param->congest.congested == TRUE) ? true : false; + btc_gattc_cb_to_app(ESP_GATTC_CONGEST_EVT, gattc_if, &esp_param); + +} + #endif ///GATTC_INCLUDED == TRUE diff --git a/components/bt/host/bluedroid/stack/btm/btm_sec.c b/components/bt/host/bluedroid/stack/btm/btm_sec.c index ea431db9f9..628303904d 100644 --- a/components/bt/host/bluedroid/stack/btm/btm_sec.c +++ b/components/bt/host/bluedroid/stack/btm/btm_sec.c @@ -4577,7 +4577,9 @@ void btm_sec_disconnected (UINT16 handle, UINT8 reason) /* If page was delayed for disc complete, can do it now */ btm_cb.discing = FALSE; +#if (CLASSIC_BT_INCLUDED == TRUE) btm_acl_resubmit_page(); +#endif if (!p_dev_rec) { return; diff --git a/components/bt/host/bluedroid/stack/l2cap/l2c_api.c b/components/bt/host/bluedroid/stack/l2cap/l2c_api.c index ab9fa00715..b1cf5752ec 100644 --- a/components/bt/host/bluedroid/stack/l2cap/l2c_api.c +++ b/components/bt/host/bluedroid/stack/l2cap/l2c_api.c @@ -1841,7 +1841,7 @@ UINT16 L2CA_SendFixedChnlData (UINT16 fixed_cid, BD_ADDR rem_bda, BT_HDR *p_buf) fixed_queue_length(p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->xmit_hold_q), p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->buff_quota); osi_free(p_buf); - return (L2CAP_DW_FAILED); + return (L2CAP_DW_CONGESTED); } l2c_enqueue_peer_data (p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL], p_buf); From 5d514fdb359ed4e2c6a8d45cd600a7a27dfdb292 Mon Sep 17 00:00:00 2001 From: zwj Date: Fri, 11 Dec 2020 11:57:27 +0800 Subject: [PATCH 05/10] fix bluedroid repair faild if the two most significant bits of public address is '01' --- components/bt/host/bluedroid/stack/btm/btm_ble.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/bt/host/bluedroid/stack/btm/btm_ble.c b/components/bt/host/bluedroid/stack/btm/btm_ble.c index a0ab1d30dc..4d6b154bc9 100644 --- a/components/bt/host/bluedroid/stack/btm/btm_ble.c +++ b/components/bt/host/bluedroid/stack/btm/btm_ble.c @@ -1962,7 +1962,7 @@ void btm_ble_conn_complete(UINT8 *p, UINT16 evt_len, BOOLEAN enhanced) * slave or master*/ /* if (!match && role == HCI_ROLE_SLAVE && BTM_BLE_IS_RESOLVE_BDA(bda)) { */ - if (!match && BTM_BLE_IS_RESOLVE_BDA(bda)) { + if (!match && bda_type != BLE_ADDR_PUBLIC && BTM_BLE_IS_RESOLVE_BDA(bda)) { // save the enhanced value to used in btm_ble_resolve_random_addr_on_conn_cmpl func. temp_enhanced = enhanced; btm_ble_resolve_random_addr(bda, btm_ble_resolve_random_addr_on_conn_cmpl, p_data); From 2e949ca9acd1de37641e7cb302afd177b68c52a9 Mon Sep 17 00:00:00 2001 From: zhiweijian Date: Thu, 17 Dec 2020 16:43:00 +0800 Subject: [PATCH 06/10] fix add white list failed --- .../host/bluedroid/stack/btm/btm_ble_bgconn.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/components/bt/host/bluedroid/stack/btm/btm_ble_bgconn.c b/components/bt/host/bluedroid/stack/btm/btm_ble_bgconn.c index 9fd3bd26fb..2eba7b55a5 100644 --- a/components/bt/host/bluedroid/stack/btm/btm_ble_bgconn.c +++ b/components/bt/host/bluedroid/stack/btm/btm_ble_bgconn.c @@ -285,6 +285,20 @@ BOOLEAN btm_update_dev_to_white_list(BOOLEAN to_add, BD_ADDR bd_addr, tBLE_ADDR_ } return FALSE; } + + BD_ADDR invalid_rand_addr_a, invalid_rand_addr_b; + memset(invalid_rand_addr_a, 0xff, sizeof(BD_ADDR)); + memset(invalid_rand_addr_b, 0x00, sizeof(BD_ADDR)); + + // look for public address information + tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev(bd_addr); + // p_dev_rec is created at bluetooth initialization, p_dev_rec->ble.static_addr maybe be all 0 before pairing + if(p_dev_rec && memcmp(invalid_rand_addr_b, p_dev_rec->ble.static_addr, BD_ADDR_LEN) != 0) { + memcpy(bd_addr, p_dev_rec->ble.static_addr, BD_ADDR_LEN); + addr_type = p_dev_rec->ble.static_addr_type; + } + + // white list must be public address or static random address if(addr_type == BLE_ADDR_RANDOM) { /* A static address is a 48-bit randomly generated address and shall meet the following requirements: @@ -292,9 +306,6 @@ BOOLEAN btm_update_dev_to_white_list(BOOLEAN to_add, BD_ADDR bd_addr, tBLE_ADDR_ • All bits of the random part of the address shall not be equal to 1 • All bits of the random part of the address shall not be equal to 0 */ - BD_ADDR invalid_rand_addr_a, invalid_rand_addr_b; - memset(invalid_rand_addr_a, 0xff, sizeof(BD_ADDR)); - memset(invalid_rand_addr_b, 0x00, sizeof(BD_ADDR)); invalid_rand_addr_b[0] = invalid_rand_addr_b[0] | BT_STATIC_RAND_ADDR_MASK; if((bd_addr[0] & BT_STATIC_RAND_ADDR_MASK) == BT_STATIC_RAND_ADDR_MASK && memcmp(invalid_rand_addr_a, bd_addr, BD_ADDR_LEN) != 0 @@ -309,7 +320,7 @@ BOOLEAN btm_update_dev_to_white_list(BOOLEAN to_add, BD_ADDR bd_addr, tBLE_ADDR_ } } - + tBTM_BLE_CB *p_cb = &btm_cb.ble_ctr_cb; if (to_add && p_cb->white_list_avail_size == 0) { From c759dade01d568f528220aedd42ac460616b2797 Mon Sep 17 00:00:00 2001 From: zhiweijian Date: Tue, 19 Jan 2021 16:12:34 +0800 Subject: [PATCH 07/10] fix read multi char failed(GATT_27001) --- .../bt/host/bluedroid/bta/gatt/bta_gattc_act.c | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/components/bt/host/bluedroid/bta/gatt/bta_gattc_act.c b/components/bt/host/bluedroid/bta/gatt/bta_gattc_act.c index 554eade9f3..90a6c14a76 100644 --- a/components/bt/host/bluedroid/bta/gatt/bta_gattc_act.c +++ b/components/bt/host/bluedroid/bta/gatt/bta_gattc_act.c @@ -1156,16 +1156,12 @@ void bta_gattc_read_multi(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data) memset(&read_param, 0, sizeof(tGATT_READ_PARAM)); if (status == BTA_GATT_OK) { - if(p_data->api_read_multi.num_attr < GATT_MAX_READ_MULTI_HANDLES) { - read_param.read_multiple.num_handles = p_data->api_read_multi.num_attr; - read_param.read_multiple.auth_req = p_data->api_read_multi.auth_req; - memcpy(&read_param.read_multiple.handles, p_data->api_read_multi.handles, - sizeof(UINT16) * p_data->api_read_multi.num_attr); + read_param.read_multiple.num_handles = p_data->api_read_multi.num_attr; + read_param.read_multiple.auth_req = p_data->api_read_multi.auth_req; + memcpy(&read_param.read_multiple.handles, p_data->api_read_multi.handles, + sizeof(UINT16) * p_data->api_read_multi.num_attr); - status = GATTC_Read(p_clcb->bta_conn_id, GATT_READ_MULTIPLE, &read_param); - } else { - status = GATT_ILLEGAL_PARAMETER; - } + status = GATTC_Read(p_clcb->bta_conn_id, GATT_READ_MULTIPLE, &read_param); } /* read fail */ From 6d8a3f0d945f6a3418e62fec2b30f00eebacd9d7 Mon Sep 17 00:00:00 2001 From: zwj Date: Thu, 21 Jan 2021 14:27:59 +0800 Subject: [PATCH 08/10] disable bluedroid congest error log print --- components/bt/host/bluedroid/stack/gatt/gatt_cl.c | 2 +- components/bt/host/bluedroid/stack/l2cap/l2c_api.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/components/bt/host/bluedroid/stack/gatt/gatt_cl.c b/components/bt/host/bluedroid/stack/gatt/gatt_cl.c index 56a11dd8e5..ec046eadad 100644 --- a/components/bt/host/bluedroid/stack/gatt/gatt_cl.c +++ b/components/bt/host/bluedroid/stack/gatt/gatt_cl.c @@ -263,7 +263,7 @@ void gatt_act_write (tGATT_CLCB *p_clcb, UINT8 sec_act) if ((rt != GATT_SUCCESS && rt != GATT_CMD_STARTED && rt != GATT_CONGESTED) || (rt != GATT_CMD_STARTED && p_clcb->op_subtype == GATT_WRITE_NO_RSP)) { if (rt != GATT_SUCCESS) { - GATT_TRACE_ERROR("gatt_act_write() failed op_code=0x%x rt=%d", op_code, rt); + GATT_TRACE_DEBUG("gatt_act_write() failed op_code=0x%x rt=%d", op_code, rt); } gatt_end_operation(p_clcb, rt, NULL); } diff --git a/components/bt/host/bluedroid/stack/l2cap/l2c_api.c b/components/bt/host/bluedroid/stack/l2cap/l2c_api.c index b1cf5752ec..a40b34fe58 100644 --- a/components/bt/host/bluedroid/stack/l2cap/l2c_api.c +++ b/components/bt/host/bluedroid/stack/l2cap/l2c_api.c @@ -1836,7 +1836,7 @@ UINT16 L2CA_SendFixedChnlData (UINT16 fixed_cid, BD_ADDR rem_bda, BT_HDR *p_buf) // If already congested, do not accept any more packets if (p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->cong_sent) { - L2CAP_TRACE_ERROR ("L2CAP - CID: 0x%04x cannot send, already congested\ + L2CAP_TRACE_DEBUG ("L2CAP - CID: 0x%04x cannot send, already congested\ xmit_hold_q.count: %u buff_quota: %u", fixed_cid, fixed_queue_length(p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->xmit_hold_q), p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->buff_quota); From 171e2c5b1e795da48e88adaa5235645c19af9558 Mon Sep 17 00:00:00 2001 From: zwj Date: Wed, 27 Jan 2021 16:13:17 +0800 Subject: [PATCH 09/10] fix ble connection maximum latency is 499 --- components/bt/host/bluedroid/api/include/api/esp_bt_defs.h | 2 +- components/bt/host/bluedroid/stack/include/stack/btm_ble_api.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/components/bt/host/bluedroid/api/include/api/esp_bt_defs.h b/components/bt/host/bluedroid/api/include/api/esp_bt_defs.h index 906dbd3e78..1287404ce3 100644 --- a/components/bt/host/bluedroid/api/include/api/esp_bt_defs.h +++ b/components/bt/host/bluedroid/api/include/api/esp_bt_defs.h @@ -70,7 +70,7 @@ typedef uint8_t esp_link_key[ESP_BT_OCTET16_LEN]; /* Link Key */ #define ESP_BLE_CONN_INT_MIN 0x0006 /*!< relate to BTM_BLE_CONN_INT_MIN in stack/btm_ble_api.h */ #define ESP_BLE_CONN_INT_MAX 0x0C80 /*!< relate to BTM_BLE_CONN_INT_MAX in stack/btm_ble_api.h */ -#define ESP_BLE_CONN_LATENCY_MAX 500 /*!< relate to ESP_BLE_CONN_LATENCY_MAX in stack/btm_ble_api.h */ +#define ESP_BLE_CONN_LATENCY_MAX 499 /*!< relate to ESP_BLE_CONN_LATENCY_MAX in stack/btm_ble_api.h */ #define ESP_BLE_CONN_SUP_TOUT_MIN 0x000A /*!< relate to BTM_BLE_CONN_SUP_TOUT_MIN in stack/btm_ble_api.h */ #define ESP_BLE_CONN_SUP_TOUT_MAX 0x0C80 /*!< relate to ESP_BLE_CONN_SUP_TOUT_MAX in stack/btm_ble_api.h */ #define ESP_BLE_CONN_PARAM_UNDEF 0xffff /* use this value when a specific value not to be overwritten */ /* relate to ESP_BLE_CONN_PARAM_UNDEF in stack/btm_ble_api.h */ diff --git a/components/bt/host/bluedroid/stack/include/stack/btm_ble_api.h b/components/bt/host/bluedroid/stack/include/stack/btm_ble_api.h index 00d84c140b..b5ccf953fb 100644 --- a/components/bt/host/bluedroid/stack/include/stack/btm_ble_api.h +++ b/components/bt/host/bluedroid/stack/include/stack/btm_ble_api.h @@ -129,7 +129,7 @@ typedef UINT8 tBTM_BLE_SFP; #define BTM_BLE_EXT_SCAN_WIN_MAX 0xFFFF #define BTM_BLE_CONN_INT_MIN 0x0006 #define BTM_BLE_CONN_INT_MAX 0x0C80 -#define BTM_BLE_CONN_LATENCY_MAX 500 +#define BTM_BLE_CONN_LATENCY_MAX 499 #define BTM_BLE_CONN_SUP_TOUT_MIN 0x000A #define BTM_BLE_CONN_SUP_TOUT_MAX 0x0C80 #define BTM_BLE_CONN_PARAM_UNDEF 0xffff /* use this value when a specific value not to be overwritten */ From 1b1c9173219d9d087153acea49af013aac2654cf Mon Sep 17 00:00:00 2001 From: zwj Date: Fri, 29 Jan 2021 15:29:57 +0800 Subject: [PATCH 10/10] add connection parameter check --- .../bt/host/bluedroid/api/esp_gap_ble_api.c | 25 +++++++++++++++---- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/components/bt/host/bluedroid/api/esp_gap_ble_api.c b/components/bt/host/bluedroid/api/esp_gap_ble_api.c index 332a89eb6a..ea6efe023e 100644 --- a/components/bt/host/bluedroid/api/esp_gap_ble_api.c +++ b/components/bt/host/bluedroid/api/esp_gap_ble_api.c @@ -138,13 +138,28 @@ esp_err_t esp_ble_gap_update_conn_params(esp_ble_conn_update_params_t *params) btc_ble_gap_args_t arg; ESP_BLUEDROID_STATUS_CHECK(ESP_BLUEDROID_STATUS_ENABLED); + if(!params) { + LOG_ERROR("%s,params is NULL", __func__); + return ESP_FAIL; + } - msg.sig = BTC_SIG_API_CALL; - msg.pid = BTC_PID_GAP_BLE; - msg.act = BTC_GAP_BLE_ACT_UPDATE_CONN_PARAM; - memcpy(&arg.conn_update_params.conn_params, params, sizeof(esp_ble_conn_update_params_t)); + if (ESP_BLE_IS_VALID_PARAM(params->min_int, ESP_BLE_CONN_INT_MIN, ESP_BLE_CONN_INT_MAX) && + ESP_BLE_IS_VALID_PARAM(params->max_int, ESP_BLE_CONN_INT_MIN, ESP_BLE_CONN_INT_MAX) && + ESP_BLE_IS_VALID_PARAM(params->timeout, ESP_BLE_CONN_SUP_TOUT_MIN, ESP_BLE_CONN_SUP_TOUT_MAX) && + (params->latency <= ESP_BLE_CONN_LATENCY_MAX || params->latency == ESP_BLE_CONN_PARAM_UNDEF) && + ((params->timeout * 10) >= ((1 + params->latency) * ((params->max_int * 5) >> 1))) && params->min_int <= params->max_int) { - return (btc_transfer_context(&msg, &arg, sizeof(btc_ble_gap_args_t), NULL) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL); + msg.sig = BTC_SIG_API_CALL; + msg.pid = BTC_PID_GAP_BLE; + msg.act = BTC_GAP_BLE_ACT_UPDATE_CONN_PARAM; + memcpy(&arg.conn_update_params.conn_params, params, sizeof(esp_ble_conn_update_params_t)); + + return (btc_transfer_context(&msg, &arg, sizeof(btc_ble_gap_args_t), NULL) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL); + } else { + LOG_ERROR("%s,invalid connection params:min_int = %d, max_int = %d, latency = %d, timeout = %d",\ + __func__, params->min_int, params->max_int, params->latency, params->timeout); + return ESP_FAIL; + } } esp_err_t esp_ble_gap_set_pkt_data_len(esp_bd_addr_t remote_device, uint16_t tx_data_length)