/****************************************************************************** * * Copyright (C) 2009-2012 Broadcom Corporation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * ******************************************************************************/ /****************************************************************************** * * this file contains GATT database building and query functions * ******************************************************************************/ #include "common/bt_target.h" #if BLE_INCLUDED == TRUE && GATTS_INCLUDED == TRUE #include "common/bt_trace.h" #include "osi/allocator.h" //#include #include #include "gatt_int.h" #include "stack/l2c_api.h" #include "btm_int.h" extern tGATT_STATUS gap_proc_read(tGATTS_REQ_TYPE type, tGATT_READ_REQ *p_data, tGATTS_RSP *p_rsp); extern tGATT_STATUS gatt_proc_read(UINT16 conn_id, tGATTS_REQ_TYPE type, tGATT_READ_REQ *p_data, tGATTS_RSP *p_rsp); /******************************************************************************** ** L O C A L F U N C T I O N P R O T O T Y P E S * *********************************************************************************/ static BOOLEAN allocate_svc_db_buf(tGATT_SVC_DB *p_db); static void *allocate_attr_in_db(tGATT_SVC_DB *p_db, tBT_UUID *p_uuid, tGATT_PERM perm); static BOOLEAN deallocate_attr_in_db(tGATT_SVC_DB *p_db, void *p_attr); static BOOLEAN copy_extra_byte_in_db(tGATT_SVC_DB *p_db, void **p_dst, UINT16 len); static BOOLEAN gatts_db_add_service_declaration(tGATT_SVC_DB *p_db, tBT_UUID *p_service, BOOLEAN is_pri); static tGATT_STATUS gatts_send_app_read_request(tGATT_TCB *p_tcb, UINT8 op_code, UINT16 handle, UINT16 offset, UINT32 trans_id, BOOLEAN need_rsp); static BOOLEAN gatts_add_char_desc_value_check (tGATT_ATTR_VAL *attr_val, tGATTS_ATTR_CONTROL *control); /******************************************************************************* ** ** Function gatts_init_service_db ** ** Description This function initialize a memory space to be a service database. ** ** Parameter p_db: database pointer. ** len: size of the memory space. ** ** Returns Status of te operation. ** *******************************************************************************/ BOOLEAN gatts_init_service_db (tGATT_SVC_DB *p_db, tBT_UUID *p_service, BOOLEAN is_pri, UINT16 s_hdl, UINT16 num_handle) { if (p_db->svc_buffer == NULL) { //in case already alloc p_db->svc_buffer = fixed_queue_new(QUEUE_SIZE_MAX); } if (!allocate_svc_db_buf(p_db)) { GATT_TRACE_ERROR("gatts_init_service_db failed, no resources\n"); return FALSE; } GATT_TRACE_DEBUG("gatts_init_service_db\n"); GATT_TRACE_DEBUG("s_hdl = %d num_handle = %d\n", s_hdl, num_handle ); /* update service database information */ p_db->next_handle = s_hdl; p_db->end_handle = s_hdl + num_handle; return gatts_db_add_service_declaration(p_db, p_service, is_pri); } /******************************************************************************* ** ** Function gatts_init_service_db ** ** Description This function initialize a memory space to be a service database. ** ** Parameter p_db: database pointer. ** len: size of the memory space. ** ** Returns Status of te operation. ** *******************************************************************************/ tBT_UUID *gatts_get_service_uuid (tGATT_SVC_DB *p_db) { if (!p_db || !p_db->p_attr_list) { GATT_TRACE_ERROR("service DB empty\n"); return NULL; } else { return &((tGATT_ATTR16 *)p_db->p_attr_list)->p_value->uuid; } } /******************************************************************************* ** ** Function gatts_check_attr_readability ** ** Description check attribute readability ** ** Returns status of operation. ** *******************************************************************************/ static tGATT_STATUS gatts_check_attr_readability(tGATT_ATTR16 *p_attr, UINT16 offset, BOOLEAN read_long, tGATT_SEC_FLAG sec_flag, UINT8 key_size) { UINT16 min_key_size; tGATT_PERM perm = p_attr->permission; UNUSED(offset); min_key_size = (((perm & GATT_ENCRYPT_KEY_SIZE_MASK) >> 12)); if (min_key_size != 0 ) { min_key_size += 6; } if (!(perm & GATT_READ_ALLOWED)) { GATT_TRACE_ERROR( "GATT_READ_NOT_PERMIT\n"); return GATT_READ_NOT_PERMIT; } if ((perm & GATT_READ_AUTH_REQUIRED ) && !(sec_flag & GATT_SEC_FLAG_LKEY_UNAUTHED) && !(sec_flag & BTM_SEC_FLAG_ENCRYPTED)) { GATT_TRACE_ERROR( "GATT_INSUF_AUTHENTICATION\n"); return GATT_INSUF_AUTHENTICATION; } if ((perm & GATT_READ_MITM_REQUIRED ) && !(sec_flag & GATT_SEC_FLAG_LKEY_AUTHED)) { GATT_TRACE_ERROR( "GATT_INSUF_AUTHENTICATION: MITM Required\n"); return GATT_INSUF_AUTHENTICATION; } if ((perm & GATT_READ_ENCRYPTED_REQUIRED ) && !(sec_flag & GATT_SEC_FLAG_ENCRYPTED)) { GATT_TRACE_ERROR( "GATT_INSUF_ENCRYPTION\n"); return GATT_INSUF_ENCRYPTION; } if ( (perm & GATT_READ_ENCRYPTED_REQUIRED) && (sec_flag & GATT_SEC_FLAG_ENCRYPTED) && (key_size < min_key_size)) { GATT_TRACE_ERROR( "GATT_INSUF_KEY_SIZE\n"); return GATT_INSUF_KEY_SIZE; } /* LE Authorization check*/ if ((perm & GATT_READ_AUTHORIZATION) && (!(sec_flag & GATT_SEC_FLAG_LKEY_AUTHED) || !(sec_flag & GATT_SEC_FLAG_AUTHORIZATION))) { GATT_TRACE_ERROR( "GATT_INSUF_AUTHORIZATION\n"); return GATT_INSUF_AUTHORIZATION; } if (read_long) { switch (p_attr->uuid) { case GATT_UUID_PRI_SERVICE: case GATT_UUID_SEC_SERVICE: case GATT_UUID_CHAR_DECLARE: case GATT_UUID_INCLUDE_SERVICE: case GATT_UUID_CHAR_EXT_PROP: case GATT_UUID_CHAR_CLIENT_CONFIG: case GATT_UUID_CHAR_SRVR_CONFIG: case GATT_UUID_CHAR_PRESENT_FORMAT: GATT_TRACE_ERROR("GATT_NOT_LONG\n"); return GATT_NOT_LONG; default: break; } } return GATT_SUCCESS; } /******************************************************************************* ** ** Function read_attr_value ** ** Description Utility function to read an attribute value. ** ** Parameter p_attr: pointer to the attribute to read. ** offset: read offset. ** p_value: output parameter to carry out the attribute value. ** p_len: output parameter to carry out the attribute length. ** read_long: this is a read blob request. ** mtu: MTU ** sec_flag: current link security status. ** key_size: encryption key size. ** ** Returns status of operation. ** *******************************************************************************/ static tGATT_STATUS read_attr_value (void *p_attr, UINT16 offset, UINT8 **p_data, BOOLEAN read_long, UINT16 mtu, UINT16 *p_len, tGATT_SEC_FLAG sec_flag, UINT8 key_size) { UINT16 len = 0, uuid16 = 0; UINT8 *p = *p_data; tGATT_STATUS status; tGATT_ATTR16 *p_attr16 = (tGATT_ATTR16 *)p_attr; GATT_TRACE_DEBUG("read_attr_value uuid=0x%04x perm=0x%0x sec_flag=0x%x offset=%d read_long=%d\n", p_attr16->uuid, p_attr16->permission, sec_flag, offset, read_long); status = gatts_check_attr_readability((tGATT_ATTR16 *)p_attr, offset, read_long, sec_flag, key_size); if (status != GATT_SUCCESS) { return status; } if (p_attr16->uuid_type == GATT_ATTR_UUID_TYPE_16) { uuid16 = p_attr16->uuid; } status = GATT_NO_RESOURCES; if (uuid16 == GATT_UUID_PRI_SERVICE || uuid16 == GATT_UUID_SEC_SERVICE) { len = p_attr16->p_value->uuid.len; if (mtu >= p_attr16->p_value->uuid.len) { gatt_build_uuid_to_stream(&p, p_attr16->p_value->uuid); status = GATT_SUCCESS; } } else if (uuid16 == GATT_UUID_CHAR_DECLARE) { len = (((tGATT_ATTR16 *)(p_attr16->p_next))->uuid_type == GATT_ATTR_UUID_TYPE_16) ? 5 : 19; if (mtu >= len) { UINT8_TO_STREAM(p, p_attr16->p_value->char_decl.property); UINT16_TO_STREAM(p, p_attr16->p_value->char_decl.char_val_handle); if (((tGATT_ATTR16 *)(p_attr16->p_next))->uuid_type == GATT_ATTR_UUID_TYPE_16) { UINT16_TO_STREAM(p, ((tGATT_ATTR16 *)(p_attr16->p_next))->uuid); } /* convert a 32bits UUID to 128 bits */ else if (((tGATT_ATTR32 *)(p_attr16->p_next))->uuid_type == GATT_ATTR_UUID_TYPE_32) { gatt_convert_uuid32_to_uuid128 (p, ((tGATT_ATTR32 *)(p_attr16->p_next))->uuid); p += LEN_UUID_128; } else { ARRAY_TO_STREAM (p, ((tGATT_ATTR128 *)(p_attr16->p_next))->uuid, LEN_UUID_128); } status = GATT_SUCCESS; } } else if (uuid16 == GATT_UUID_INCLUDE_SERVICE) { if (p_attr16->p_value->incl_handle.service_type.len == LEN_UUID_16) { len = 6; } else { len = 4; } if (mtu >= len) { UINT16_TO_STREAM(p, p_attr16->p_value->incl_handle.s_handle); UINT16_TO_STREAM(p, p_attr16->p_value->incl_handle.e_handle); if (p_attr16->p_value->incl_handle.service_type.len == LEN_UUID_16) { UINT16_TO_STREAM(p, p_attr16->p_value->incl_handle.service_type.uu.uuid16); } status = GATT_SUCCESS; } } else { /* characteristic description or characteristic value */ if (p_attr16->control.auto_rsp == GATT_RSP_BY_STACK) { if (p_attr16->p_value == NULL || p_attr16->p_value->attr_val.attr_val == NULL) { status = GATT_UNKNOWN_ERROR; } else if (offset > p_attr16->p_value->attr_val.attr_len){ /*if offset equal to max_len, should respond with zero byte value //if offset is greater than max_len, should respond with an error*/ status = GATT_INVALID_OFFSET; } else { UINT8 *value = (UINT8 *)(p_attr16->p_value->attr_val.attr_val) + offset; UINT16 len_left = p_attr16->p_value->attr_val.attr_len - offset; len = (mtu >= len_left) ? (len_left) : mtu; ARRAY_TO_STREAM(p, value, len); status = GATT_STACK_RSP; } } else { status = GATT_PENDING; } } *p_len = len; *p_data = p; return status; } /******************************************************************************* ** ** Function gatts_db_read_attr_value_by_type ** ** Description Query attribute value by attribute type. ** ** Parameter p_db: pointer to the attribute database. ** p_rsp: Read By type response data. ** s_handle: starting handle of the range we are looking for. ** e_handle: ending handle of the range we are looking for. ** type: Attribute type. ** mtu: MTU. ** sec_flag: current link security status. ** key_size: encryption key size. ** ** Returns Status of the operation. ** *******************************************************************************/ tGATT_STATUS gatts_db_read_attr_value_by_type (tGATT_TCB *p_tcb, tGATT_SVC_DB *p_db, UINT8 op_code, BT_HDR *p_rsp, UINT16 s_handle, UINT16 e_handle, tBT_UUID type, UINT16 *p_len, tGATT_SEC_FLAG sec_flag, UINT8 key_size, UINT32 trans_id, UINT16 *p_cur_handle) { tGATT_STATUS status = GATT_NOT_FOUND; tGATT_ATTR16 *p_attr; UINT16 len = 0; UINT8 *p = (UINT8 *)(p_rsp + 1) + p_rsp->len + L2CAP_MIN_OFFSET; tBT_UUID attr_uuid; #if (defined(BLE_DELAY_REQUEST_ENC) && (BLE_DELAY_REQUEST_ENC == TRUE)) UINT8 flag; #endif BOOLEAN need_rsp; BOOLEAN have_send_request = false; if (p_db && p_db->p_attr_list) { p_attr = (tGATT_ATTR16 *)p_db->p_attr_list; while (p_attr && p_attr->handle <= e_handle) { if (p_attr->uuid_type == GATT_ATTR_UUID_TYPE_16) { attr_uuid.len = LEN_UUID_16; attr_uuid.uu.uuid16 = p_attr->uuid; } else if (p_attr->uuid_type == GATT_ATTR_UUID_TYPE_32) { attr_uuid.len = LEN_UUID_32; attr_uuid.uu.uuid32 = ((tGATT_ATTR32 *)p_attr)->uuid; } else { attr_uuid.len = LEN_UUID_128; memcpy(attr_uuid.uu.uuid128, ((tGATT_ATTR128 *)p_attr)->uuid, LEN_UUID_128); } if (p_attr->handle >= s_handle && gatt_uuid_compare(type, attr_uuid)) { if (*p_len <= 2) { status = GATT_NO_RESOURCES; break; } UINT16_TO_STREAM (p, p_attr->handle); status = read_attr_value ((void *)p_attr, 0, &p, FALSE, (UINT16)(*p_len - 2), &len, sec_flag, key_size); if (status == GATT_PENDING) { need_rsp = TRUE; status = gatts_send_app_read_request(p_tcb, op_code, p_attr->handle, 0, trans_id, need_rsp); /* one callback at a time */ break; } else if (status == GATT_SUCCESS || status == GATT_STACK_RSP) { if (status == GATT_STACK_RSP){ need_rsp = FALSE; status = gatts_send_app_read_request(p_tcb, op_code, p_attr->handle, 0, trans_id, need_rsp); if(status == GATT_BUSY) break; if (!have_send_request){ have_send_request = true; trans_id = p_tcb->sr_cmd.trans_id; } } if (p_rsp->offset == 0) { p_rsp->offset = len + 2; } if (p_rsp->offset == len + 2) { p_rsp->len += (len + 2); *p_len -= (len + 2); } else { GATT_TRACE_WARNING("format mismatch"); status = GATT_NO_RESOURCES; break; } } else { *p_cur_handle = p_attr->handle; break; } } p_attr = (tGATT_ATTR16 *)p_attr->p_next; } } #if (defined(BLE_DELAY_REQUEST_ENC) && (BLE_DELAY_REQUEST_ENC == TRUE)) if (BTM_GetSecurityFlags(p_tcb->peer_bda, &flag)) { if ((p_tcb->att_lcid == L2CAP_ATT_CID) && (status == GATT_PENDING) && (type.uu.uuid16 == GATT_UUID_GAP_DEVICE_NAME)) { if ((flag & (BTM_SEC_LINK_KEY_KNOWN | BTM_SEC_FLAG_ENCRYPTED)) == BTM_SEC_LINK_KEY_KNOWN) { tACL_CONN *p; p = btm_bda_to_acl(p_tcb->peer_bda, BT_TRANSPORT_LE); if ((p != NULL) && (p->link_role == BTM_ROLE_MASTER)) { tBTM_BLE_SEC_ACT sec_act = BTM_BLE_SEC_ENCRYPT; btm_ble_set_encryption(p_tcb->peer_bda, &sec_act, p->link_role); } } } } #endif return status; } /******************************************************************************* ** ** Function gatts_add_included_service ** ** Description This function adds an included service into a database. ** ** Parameter p_db: database pointer. ** inc_srvc_type: included service type. ** ** Returns Status of the operation. ** *******************************************************************************/ UINT16 gatts_add_included_service (tGATT_SVC_DB *p_db, UINT16 s_handle, UINT16 e_handle, tBT_UUID service) { tGATT_ATTR16 *p_attr; tBT_UUID uuid = {LEN_UUID_16, {GATT_UUID_INCLUDE_SERVICE}}; GATT_TRACE_DEBUG("gatts_add_included_service: s_hdl = 0x%04x e_hdl = 0x%04x uuid = 0x%04x", s_handle, e_handle, service.uu.uuid16); if (service.len == 0 || s_handle == 0 || e_handle == 0) { GATT_TRACE_ERROR("gatts_add_included_service Illegal Params."); return 0; } BOOLEAN is_include_service_allowed = TRUE; // service declaration tGATT_ATTR16 *first_attr = (tGATT_ATTR16 *)p_db->p_attr_list; if (p_db->p_attr_list != NULL) { tGATT_ATTR16 *next_attr = (tGATT_ATTR16 *)first_attr->p_next; /* This service already has other attributes */ while (next_attr != NULL) { if (!(next_attr->uuid_type == GATT_ATTR_UUID_TYPE_16 && next_attr->uuid == GATT_UUID_INCLUDE_SERVICE)) { is_include_service_allowed = FALSE; break; } next_attr = (tGATT_ATTR16 *)next_attr->p_next; } } if (!is_include_service_allowed) { GATT_TRACE_ERROR("%s error, The include service should be added before adding the characteristics", __func__); return 0; } if ((p_attr = (tGATT_ATTR16 *) allocate_attr_in_db(p_db, &uuid, GATT_PERM_READ)) != NULL) { if (copy_extra_byte_in_db(p_db, (void **)&p_attr->p_value, sizeof(tGATT_INCL_SRVC))) { p_attr->p_value->incl_handle.s_handle = s_handle; p_attr->p_value->incl_handle.e_handle = e_handle; memcpy(&p_attr->p_value->incl_handle.service_type, &service, sizeof(tBT_UUID)); return p_attr->handle; } else { deallocate_attr_in_db(p_db, p_attr); } } return 0; } /******************************************************************************* ** ** Function gatts_add_characteristic ** ** Description This function add a characteristics and its descriptor into ** a servce identified by the service database pointer. ** ** Parameter p_db: database pointer. ** perm: permission (authentication and key size requirements) ** property: property of the characteristic. ** p_char: characteristic value information. ** ** Returns Status of te operation. ** *******************************************************************************/ UINT16 gatts_add_characteristic (tGATT_SVC_DB *p_db, tGATT_PERM perm, tGATT_CHAR_PROP property, tBT_UUID *p_char_uuid, tGATT_ATTR_VAL *attr_val, tGATTS_ATTR_CONTROL *control) { tGATT_ATTR16 *p_char_decl, *p_char_val; tBT_UUID uuid = {LEN_UUID_16, {GATT_UUID_CHAR_DECLARE}}; BOOLEAN status; GATT_TRACE_DEBUG("gatts_add_characteristic perm=0x%0x property=0x%0x\n", perm, property); /* parameter validation check */ status = gatts_add_char_desc_value_check(attr_val, control); if (status == FALSE){ return 0; } if ((p_char_decl = (tGATT_ATTR16 *)allocate_attr_in_db(p_db, &uuid, GATT_PERM_READ)) != NULL) { if (!copy_extra_byte_in_db(p_db, (void **)&p_char_decl->p_value, sizeof(tGATT_CHAR_DECL))) { deallocate_attr_in_db(p_db, p_char_decl); return 0; } p_char_val = (tGATT_ATTR16 *)allocate_attr_in_db(p_db, p_char_uuid, perm); if (p_char_val == NULL) { deallocate_attr_in_db(p_db, p_char_decl); return 0; } p_char_decl->p_value->char_decl.property = property; p_char_decl->p_value->char_decl.char_val_handle = p_char_val->handle; if (control != NULL) { p_char_val->control.auto_rsp = control->auto_rsp; } else { p_char_val->control.auto_rsp = GATT_RSP_DEFAULT; } if (attr_val != NULL) { if (!copy_extra_byte_in_db(p_db, (void **)&p_char_val->p_value, sizeof(tGATT_ATTR_VAL))) { deallocate_attr_in_db(p_db, p_char_val); return 0; } GATT_TRACE_DEBUG("attr_val->attr_len = %x, attr_val->attr_max_len = %x\n", attr_val->attr_len, attr_val->attr_max_len); GATT_TRACE_DEBUG("attribute handle = %x\n", p_char_val->handle); p_char_val->p_value->attr_val.attr_len = attr_val->attr_len; p_char_val->p_value->attr_val.attr_max_len = attr_val->attr_max_len; p_char_val->p_value->attr_val.attr_val = osi_malloc(attr_val->attr_max_len); if (p_char_val->p_value->attr_val.attr_val == NULL) { deallocate_attr_in_db(p_db, p_char_decl); deallocate_attr_in_db(p_db, p_char_val); GATT_TRACE_WARNING("Warning in %s, line=%d, insufficient resource to allocate for attribute value\n", __func__, __LINE__); return 0; } else { //add mask to indicate that p_value->attr_val.attr_val is dynamic allocated p_char_val->mask |= GATT_ATTR_VALUE_ALLOCATED; } //initiate characteristic attribute value part memset(p_char_val->p_value->attr_val.attr_val, 0, attr_val->attr_max_len); if (attr_val->attr_val != NULL) { if (attr_val->attr_max_len < attr_val->attr_len){ GATT_TRACE_ERROR("Error in %s, Line=%d, attribute actual length (%d) should not larger than max size (%d)\n", __func__, __LINE__, attr_val->attr_len, attr_val->attr_max_len); } UINT16 actual_len = (attr_val->attr_max_len < attr_val->attr_len) ? (attr_val->attr_max_len) : (attr_val->attr_len); memcpy(p_char_val->p_value->attr_val.attr_val, attr_val->attr_val, actual_len); } } return p_char_val->handle; } return 0; } /******************************************************************************* ** ** Function gatt_convertchar_descr_type ** ** Description This function convert a char descript UUID into descriptor type. ** ** Returns descriptor type. ** *******************************************************************************/ UINT8 gatt_convertchar_descr_type(tBT_UUID *p_descr_uuid) { tBT_UUID std_descr = {LEN_UUID_16, {GATT_UUID_CHAR_EXT_PROP}}; if (gatt_uuid_compare(std_descr, * p_descr_uuid)) { return GATT_DESCR_EXT_DSCPTOR; } std_descr.uu.uuid16 ++; if (gatt_uuid_compare(std_descr, * p_descr_uuid)) { return GATT_DESCR_USER_DSCPTOR; } std_descr.uu.uuid16 ++; if (gatt_uuid_compare(std_descr, * p_descr_uuid)) { return GATT_DESCR_CLT_CONFIG; } std_descr.uu.uuid16 ++; if (gatt_uuid_compare(std_descr, * p_descr_uuid)) { return GATT_DESCR_SVR_CONFIG; } std_descr.uu.uuid16 ++; if (gatt_uuid_compare(std_descr, * p_descr_uuid)) { return GATT_DESCR_PRES_FORMAT; } std_descr.uu.uuid16 ++; if (gatt_uuid_compare(std_descr, * p_descr_uuid)) { return GATT_DESCR_AGGR_FORMAT; } std_descr.uu.uuid16 ++; if (gatt_uuid_compare(std_descr, * p_descr_uuid)) { return GATT_DESCR_VALID_RANGE; } return GATT_DESCR_UNKNOWN; } /******************************************************************************* ** ** Function gatts_add_char_descr ** ** Description This function add a characteristics descriptor. ** ** Parameter p_db: database pointer. ** perm: characteristic descriptor permission type. ** char_dscp_tpye: the characteristic descriptor masks. ** p_dscp_params: characteristic descriptors values. ** ** Returns Status of the operation. ** *******************************************************************************/ UINT16 gatts_add_char_descr (tGATT_SVC_DB *p_db, tGATT_PERM perm, tBT_UUID *p_descr_uuid, tGATT_ATTR_VAL *attr_val, tGATTS_ATTR_CONTROL *control) { tGATT_ATTR16 *p_char_dscptr; BOOLEAN status; GATT_TRACE_DEBUG("gatts_add_char_descr uuid=0x%04x\n", p_descr_uuid->uu.uuid16); /* parameter validation check */ status = gatts_add_char_desc_value_check(attr_val, control); if (status == FALSE){ return 0; } /* Add characteristic descriptors */ if ((p_char_dscptr = (tGATT_ATTR16 *)allocate_attr_in_db(p_db, p_descr_uuid, perm)) == NULL) { deallocate_attr_in_db(p_db, p_char_dscptr); GATT_TRACE_DEBUG("gatts_add_char_descr Fail for adding char descriptors."); return 0; } else { p_char_dscptr->control.auto_rsp = (control == NULL) ? GATT_RSP_DEFAULT : (control->auto_rsp); if (attr_val != NULL) { if (!copy_extra_byte_in_db(p_db, (void **)&p_char_dscptr->p_value, sizeof(tGATT_ATTR_VAL))) { deallocate_attr_in_db(p_db, p_char_dscptr); return 0; } p_char_dscptr->p_value->attr_val.attr_len = attr_val->attr_len; p_char_dscptr->p_value->attr_val.attr_max_len = attr_val->attr_max_len; if (attr_val->attr_max_len != 0) { p_char_dscptr->p_value->attr_val.attr_val = osi_malloc(attr_val->attr_max_len); if (p_char_dscptr->p_value->attr_val.attr_val == NULL) { deallocate_attr_in_db(p_db, p_char_dscptr); GATT_TRACE_WARNING("Warning in %s, line=%d, insufficient resource to allocate for descriptor value\n", __func__, __LINE__); return 0; } else { //add mask to indicate that p_value->attr_val.attr_val is dynamic allocated p_char_dscptr->mask |= GATT_ATTR_VALUE_ALLOCATED; } //initiate characteristic attribute value part memset(p_char_dscptr->p_value->attr_val.attr_val, 0, attr_val->attr_max_len); if(attr_val->attr_val != NULL) { memcpy(p_char_dscptr->p_value->attr_val.attr_val, attr_val->attr_val, attr_val->attr_len); } } } return p_char_dscptr->handle; } } /******************************************************************************* ** ** Function gatts_set_attribute_value ** ** Description This function add the attribute value in the database ** ** Parameter p_db: database pointer. ** attr_handle: the attribute handle ** length: the attribute value length ** value: the pointer to the data to be set to the attribute value in the database ** ** Returns Status of the operation. ** *******************************************************************************/ tGATT_STATUS gatts_set_attribute_value(tGATT_SVC_DB *p_db, UINT16 attr_handle, UINT16 length, UINT8 *value) { tGATT_ATTR16 *p_cur; if (p_db == NULL) { GATT_TRACE_DEBUG("gatts_set_attribute_value Fail:p_db is NULL.\n"); return GATT_INVALID_PDU; } if (p_db->p_attr_list == NULL) { GATT_TRACE_DEBUG("gatts_set_attribute_value Fail:p_db->p_attr_list is NULL.\n"); return GATT_INVALID_PDU; } if ((length > 0) && (value == NULL)){ GATT_TRACE_ERROR("Error in %s, line=%d, value should not be NULL here\n",__func__, __LINE__); return GATT_INVALID_PDU; } p_cur = (tGATT_ATTR16 *) p_db->p_attr_list; while (p_cur != NULL) { if (p_cur->handle == attr_handle) { /* for characteristic should not be set, return GATT_NOT_FOUND */ if (p_cur->uuid_type == GATT_ATTR_UUID_TYPE_16) { switch (p_cur->uuid) { case GATT_UUID_PRI_SERVICE: case GATT_UUID_SEC_SERVICE: case GATT_UUID_CHAR_DECLARE: return GATT_NOT_FOUND; break; } } /* in other cases, value can be set*/ if ((p_cur->p_value == NULL) || (p_cur->p_value->attr_val.attr_val == NULL) \ || (p_cur->p_value->attr_val.attr_max_len == 0)){ GATT_TRACE_ERROR("Error in %s, line=%d, attribute value should not be NULL here\n", __func__, __LINE__); return GATT_NOT_FOUND; } else if (p_cur->p_value->attr_val.attr_max_len < length) { GATT_TRACE_ERROR("gatts_set_attribute_value failed:Invalid value length"); return GATT_INVALID_ATTR_LEN; } else{ memcpy(p_cur->p_value->attr_val.attr_val, value, length); p_cur->p_value->attr_val.attr_len = length; } break; } p_cur = p_cur->p_next; } return GATT_SUCCESS; } /******************************************************************************* ** ** Function gatts_get_attr_value_internal ** ** Description This function get the attribute value in gap service and gatt service ** ** Parameter attr_handle: the attribute handle ** length: the attribute value length ** value: the pointer to the data to be get to the attribute value in the database ** ** Returns Status of the operation. ** *******************************************************************************/ tGATT_STATUS gatts_get_attr_value_internal(UINT16 attr_handle, UINT16 *length, UINT8 **value) { UINT8 i; tGATT_READ_REQ read_req; tGATT_STATUS status = GATT_NOT_FOUND; tGATT_SR_REG *p_rcb = gatt_cb.sr_reg; UINT8 service_uuid[LEN_UUID_128] = {0}; if (length == NULL){ GATT_TRACE_ERROR("gatts_get_attr_value_internal Fail:length is NULL.\n"); return GATT_INVALID_PDU; } if (value == NULL){ GATT_TRACE_ERROR("gatts_get_attr_value_internal Fail:value is NULL.\n"); *length = 0; return GATT_INVALID_PDU; } // find the service by handle for (i = 0; i < GATT_MAX_SR_PROFILES; i++, p_rcb++) { if (p_rcb->in_use && p_rcb->s_hdl <= attr_handle && p_rcb->e_hdl >= attr_handle) { break; } } // service cb not found if (i == GATT_MAX_SR_PROFILES) { return status; } if (p_rcb->app_uuid.len != LEN_UUID_128) { return status; } memset(&read_req, 0, sizeof(tGATT_READ_REQ)); read_req.handle = attr_handle; // read gatt service attribute value memset(service_uuid, 0x81, LEN_UUID_128); if (!memcmp(p_rcb->app_uuid.uu.uuid128, service_uuid, LEN_UUID_128)) { status = gatt_proc_read(0, GATTS_REQ_TYPE_READ, &read_req, &gatt_cb.rsp); } // read gap service attribute value memset(service_uuid, 0x82, LEN_UUID_128); if (!memcmp(p_rcb->app_uuid.uu.uuid128, service_uuid, LEN_UUID_128)) { status = gap_proc_read(GATTS_REQ_TYPE_READ, &read_req, &gatt_cb.rsp); } if (status == GATT_SUCCESS) { *length = gatt_cb.rsp.attr_value.len; *value = gatt_cb.rsp.attr_value.value; } return status; } /******************************************************************************* ** ** Function gatts_get_attribute_value ** ** Description This function get the attribute value in the database ** ** Parameter p_db: database pointer. ** attr_handle: the attribute handle ** length: the attribute value length ** value: the pointer to the data to be get to the attribute value in the database ** ** Returns Status of the operation. ** *******************************************************************************/ tGATT_STATUS gatts_get_attribute_value(tGATT_SVC_DB *p_db, UINT16 attr_handle, UINT16 *length, UINT8 **value) { tGATT_ATTR16 *p_cur; GATT_TRACE_DEBUG("attr_handle = %x\n", attr_handle); if (p_db == NULL) { GATT_TRACE_ERROR("gatts_get_attribute_value Fail:p_db is NULL.\n"); *length = 0; return GATT_INVALID_PDU; } if (p_db->p_attr_list == NULL) { GATT_TRACE_ERROR("gatts_get_attribute_value Fail:p_db->p_attr_list is NULL.\n"); *length = 0; return GATT_INVALID_PDU; } if (length == NULL){ GATT_TRACE_ERROR("gatts_get_attribute_value Fail:length is NULL.\n"); return GATT_INVALID_PDU; } if (value == NULL){ GATT_TRACE_ERROR("gatts_get_attribute_value Fail:value is NULL.\n"); *length = 0; return GATT_INVALID_PDU; } p_cur = (tGATT_ATTR16 *) p_db->p_attr_list; while (p_cur != NULL) { if (p_cur->handle == attr_handle) { if (p_cur->uuid_type == GATT_ATTR_UUID_TYPE_16) { switch (p_cur->uuid) { case GATT_UUID_CHAR_DECLARE: case GATT_UUID_INCLUDE_SERVICE: break; default: if (p_cur->p_value && p_cur->p_value->attr_val.attr_len != 0) { *length = p_cur->p_value->attr_val.attr_len; *value = p_cur->p_value->attr_val.attr_val; return GATT_SUCCESS; } else { *length = 0; return GATT_SUCCESS; } break; } } else { if (p_cur->p_value && p_cur->p_value->attr_val.attr_len != 0) { *length = p_cur->p_value->attr_val.attr_len; *value = p_cur->p_value->attr_val.attr_val; return GATT_SUCCESS; } else { *length = 0; return GATT_SUCCESS; } } break; } p_cur = p_cur->p_next; } return GATT_NOT_FOUND; } BOOLEAN gatts_is_auto_response(UINT16 attr_handle) { tGATT_HDL_LIST_ELEM *p_decl = NULL; BOOLEAN rsp = FALSE; tGATT_SVC_DB *p_db = NULL; if ((p_decl = gatt_find_hdl_buffer_by_attr_handle(attr_handle)) == NULL) { GATT_TRACE_DEBUG("Service not created\n"); return rsp; } p_db = &p_decl->svc_db; tGATT_ATTR16 *p_cur, *p_next; if (p_db == NULL) { GATT_TRACE_DEBUG("gatts_get_attribute_value Fail:p_db is NULL.\n"); return rsp; } if (p_db->p_attr_list == NULL) { GATT_TRACE_DEBUG("gatts_get_attribute_value Fail:p_db->p_attr_list is NULL.\n"); return rsp; } p_cur = (tGATT_ATTR16 *) p_db->p_attr_list; p_next = (tGATT_ATTR16 *) p_cur->p_next; for (; p_cur != NULL && p_next != NULL; p_cur = p_next, p_next = (tGATT_ATTR16 *)p_next->p_next) { if (p_cur->handle == attr_handle) { if (p_cur->p_value != NULL && p_cur->control.auto_rsp == GATT_RSP_BY_STACK) { rsp = true; return rsp; } } } return rsp; } /*******************************************************************************/ /* Service Attribute Database Query Utility Functions */ /*******************************************************************************/ /******************************************************************************* ** ** Function gatts_read_attr_value_by_handle ** ** Description Query attribute value by attribute handle. ** ** Parameter p_db: pointer to the attribute database. ** handle: Attribute handle to read. ** offset: Read offset. ** p_value: output parameter to carry out the attribute value. ** p_len: output parameter as attribute length read. ** read_long: this is a read blob request. ** mtu: MTU. ** sec_flag: current link security status. ** key_size: encryption key size ** ** Returns Status of operation. ** *******************************************************************************/ tGATT_STATUS gatts_read_attr_value_by_handle(tGATT_TCB *p_tcb, tGATT_SVC_DB *p_db, UINT8 op_code, UINT16 handle, UINT16 offset, UINT8 *p_value, UINT16 *p_len, UINT16 mtu, tGATT_SEC_FLAG sec_flag, UINT8 key_size, UINT32 trans_id) { tGATT_STATUS status = GATT_NOT_FOUND; tGATT_ATTR16 *p_attr; UINT8 *pp = p_value; if (p_db && p_db->p_attr_list) { p_attr = (tGATT_ATTR16 *)p_db->p_attr_list; while (p_attr && handle >= p_attr->handle) { if (p_attr->handle == handle) { status = read_attr_value (p_attr, offset, &pp, (BOOLEAN)(op_code == GATT_REQ_READ_BLOB), mtu, p_len, sec_flag, key_size); if ((status == GATT_PENDING) || (status == GATT_STACK_RSP)) { BOOLEAN need_rsp = (status != GATT_STACK_RSP); status = gatts_send_app_read_request(p_tcb, op_code, p_attr->handle, offset, trans_id, need_rsp); } break; } p_attr = (tGATT_ATTR16 *)p_attr->p_next; } } return status; } tGATT_STATUS gatts_write_attr_value_by_handle(tGATT_SVC_DB *p_db, UINT16 handle, UINT16 offset, UINT8 *p_value, UINT16 len) { tGATT_STATUS status = GATT_NOT_FOUND; tGATT_ATTR16 *p_attr; if (p_db && p_db->p_attr_list) { p_attr = (tGATT_ATTR16 *)p_db->p_attr_list; while (p_attr && handle >= p_attr->handle) { if (p_attr->handle == handle ) { if (p_attr->control.auto_rsp == GATT_RSP_BY_APP) { return GATT_APP_RSP; } if ((p_attr->p_value != NULL) && (p_attr->p_value->attr_val.attr_max_len >= offset + len) && p_attr->p_value->attr_val.attr_val != NULL) { memcpy(p_attr->p_value->attr_val.attr_val + offset, p_value, len); p_attr->p_value->attr_val.attr_len = len + offset; return GATT_SUCCESS; } else if (p_attr->p_value && p_attr->p_value->attr_val.attr_max_len < offset + len){ GATT_TRACE_DEBUG("Remote device try to write with a length larger then attribute's max length\n"); return GATT_INVALID_ATTR_LEN; } else if ((p_attr->p_value == NULL) || (p_attr->p_value->attr_val.attr_val == NULL)){ GATT_TRACE_ERROR("Error in %s, line=%d, %s should not be NULL here\n", __func__, __LINE__, \ (p_attr->p_value == NULL) ? "p_value" : "attr_val.attr_val"); return GATT_UNKNOWN_ERROR; } } p_attr = (tGATT_ATTR16 *)p_attr->p_next; } } return status; } /******************************************************************************* ** ** Function gatts_read_attr_perm_check ** ** Description Check attribute readability. ** ** Parameter p_db: pointer to the attribute database. ** handle: Attribute handle to read. ** offset: Read offset. ** p_value: output parameter to carry out the attribute value. ** p_len: output parameter as attribute length read. ** read_long: this is a read blob request. ** mtu: MTU. ** sec_flag: current link security status. ** key_size: encryption key size ** ** Returns Status of operation. ** *******************************************************************************/ tGATT_STATUS gatts_read_attr_perm_check(tGATT_SVC_DB *p_db, BOOLEAN is_long, UINT16 handle, tGATT_SEC_FLAG sec_flag, UINT8 key_size) { tGATT_STATUS status = GATT_NOT_FOUND; tGATT_ATTR16 *p_attr; if (p_db && p_db->p_attr_list) { p_attr = (tGATT_ATTR16 *)p_db->p_attr_list; while (p_attr && handle >= p_attr->handle) { if (p_attr->handle == handle) { status = gatts_check_attr_readability (p_attr, 0, is_long, sec_flag, key_size); break; } p_attr = (tGATT_ATTR16 *) p_attr->p_next; } } return status; } /******************************************************************************* ** ** Function gatts_write_attr_perm_check ** ** Description Write attribute value into database. ** ** Parameter p_db: pointer to the attribute database. ** op_code:op code of this write. ** handle: handle of the attribute to write. ** offset: Write offset if write op code is write blob. ** p_data: Attribute value to write. ** len: attribute data length. ** sec_flag: current link security status. ** key_size: encryption key size ** ** Returns Status of the operation. ** *******************************************************************************/ tGATT_STATUS gatts_write_attr_perm_check (tGATT_SVC_DB *p_db, UINT8 op_code, UINT16 handle, UINT16 offset, UINT8 *p_data, UINT16 len, tGATT_SEC_FLAG sec_flag, UINT8 key_size) { tGATT_STATUS status = GATT_NOT_FOUND; tGATT_ATTR16 *p_attr; UINT16 max_size = 0; tGATT_PERM perm; UINT16 min_key_size; GATT_TRACE_DEBUG( "gatts_write_attr_perm_check op_code=0x%0x handle=0x%04x offset=%d len=%d sec_flag=0x%0x key_size=%d", op_code, handle, offset, len, sec_flag, key_size); if (p_db != NULL) { p_attr = (tGATT_ATTR16 *) p_db->p_attr_list; while (p_attr != NULL) { if (p_attr->handle == handle) { perm = p_attr->permission; min_key_size = (((perm & GATT_ENCRYPT_KEY_SIZE_MASK) >> 12)); if (min_key_size != 0 ) { min_key_size += 6; } GATT_TRACE_DEBUG( "gatts_write_attr_perm_check p_attr->permission =0x%04x min_key_size==0x%04x", p_attr->permission, min_key_size); if ((op_code == GATT_CMD_WRITE || op_code == GATT_REQ_WRITE) && (perm & GATT_WRITE_SIGNED_PERM)) { /* use the rules for the mixed security see section 10.2.3*/ /* use security mode 1 level 2 when the following condition follows */ /* LE security mode 2 level 1 and LE security mode 1 level 2 */ if ((perm & GATT_PERM_WRITE_SIGNED) && (perm & GATT_PERM_WRITE_ENCRYPTED)) { perm = GATT_PERM_WRITE_ENCRYPTED; } /* use security mode 1 level 3 when the following condition follows */ /* LE security mode 2 level 2 and security mode 1 and LE */ else if (((perm & GATT_PERM_WRITE_SIGNED_MITM) && (perm & GATT_PERM_WRITE_ENCRYPTED)) || /* LE security mode 2 and security mode 1 level 3 */ ((perm & GATT_WRITE_SIGNED_PERM) && (perm & GATT_PERM_WRITE_ENC_MITM))) { perm = GATT_PERM_WRITE_ENC_MITM; } } if ((op_code == GATT_SIGN_CMD_WRITE) && !(perm & GATT_WRITE_SIGNED_PERM)) { status = GATT_WRITE_NOT_PERMIT; GATT_TRACE_DEBUG( "gatts_write_attr_perm_check - sign cmd write not allowed"); } if ((op_code == GATT_SIGN_CMD_WRITE) && (sec_flag & GATT_SEC_FLAG_ENCRYPTED)) { status = GATT_INVALID_PDU; GATT_TRACE_ERROR( "gatts_write_attr_perm_check - Error!! sign cmd write sent on a encypted link"); } else if (!(perm & GATT_WRITE_ALLOWED)) { status = GATT_WRITE_NOT_PERMIT; GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_WRITE_NOT_PERMIT"); } /* require authentication, but not been authenticated */ else if ((perm & GATT_WRITE_AUTH_REQUIRED ) && !(sec_flag & GATT_SEC_FLAG_LKEY_UNAUTHED)) { status = GATT_INSUF_AUTHENTICATION; GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INSUF_AUTHENTICATION"); } else if ((perm & GATT_WRITE_MITM_REQUIRED ) && !(sec_flag & GATT_SEC_FLAG_LKEY_AUTHED)) { status = GATT_INSUF_AUTHENTICATION; GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INSUF_AUTHENTICATION: MITM required"); } else if ((perm & GATT_WRITE_ENCRYPTED_PERM ) && !(sec_flag & GATT_SEC_FLAG_ENCRYPTED)) { status = GATT_INSUF_ENCRYPTION; GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INSUF_ENCRYPTION"); } else if ((perm & GATT_WRITE_ENCRYPTED_PERM ) && (sec_flag & GATT_SEC_FLAG_ENCRYPTED) && (key_size < min_key_size)) { status = GATT_INSUF_KEY_SIZE; GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INSUF_KEY_SIZE"); } /* LE Authorization check*/ else if ((perm & GATT_WRITE_AUTHORIZATION) && (!(sec_flag & GATT_SEC_FLAG_LKEY_AUTHED) || !(sec_flag & GATT_SEC_FLAG_AUTHORIZATION))){ status = GATT_INSUF_AUTHORIZATION; GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INSUF_AUTHORIZATION"); } /* LE security mode 2 attribute */ else if (perm & GATT_WRITE_SIGNED_PERM && op_code != GATT_SIGN_CMD_WRITE && !(sec_flag & GATT_SEC_FLAG_ENCRYPTED) && (perm & GATT_WRITE_ALLOWED) == 0) { status = GATT_INSUF_AUTHENTICATION; GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INSUF_AUTHENTICATION: LE security mode 2 required"); } else { /* writable: must be char value declaration or char descritpors */ if (p_attr->uuid_type == GATT_ATTR_UUID_TYPE_16) { switch (p_attr->uuid) { case GATT_UUID_CHAR_PRESENT_FORMAT:/* should be readable only */ case GATT_UUID_CHAR_EXT_PROP:/* should be readable only */ case GATT_UUID_CHAR_AGG_FORMAT: /* should be readable only */ case GATT_UUID_CHAR_VALID_RANGE: status = GATT_WRITE_NOT_PERMIT; break; case GATT_UUID_CHAR_CLIENT_CONFIG: /* coverity[MISSING_BREAK] */ /* intnended fall through, ignored */ /* fall through */ case GATT_UUID_CHAR_SRVR_CONFIG: max_size = 2; case GATT_UUID_CHAR_DESCRIPTION: default: /* any other must be character value declaration */ status = GATT_SUCCESS; break; } } else if (p_attr->uuid_type == GATT_ATTR_UUID_TYPE_128 || p_attr->uuid_type == GATT_ATTR_UUID_TYPE_32) { status = GATT_SUCCESS; } else { status = GATT_INVALID_PDU; } if (p_data == NULL && len > 0) { status = GATT_INVALID_PDU; } /* these attribute does not allow write blob */ // btla-specific ++ else if ( (p_attr->uuid_type == GATT_ATTR_UUID_TYPE_16) && (p_attr->uuid == GATT_UUID_CHAR_CLIENT_CONFIG || p_attr->uuid == GATT_UUID_CHAR_SRVR_CONFIG) ) // btla-specific -- { if (op_code == GATT_REQ_PREPARE_WRITE && offset != 0) { /* does not allow write blob */ status = GATT_NOT_LONG; GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_NOT_LONG"); } else if (len != max_size) { /* data does not match the required format */ status = GATT_INVALID_ATTR_LEN; GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INVALID_PDU"); } else { status = GATT_SUCCESS; } } } break; } else { p_attr = (tGATT_ATTR16 *)p_attr->p_next; } } } return status; } /******************************************************************************* ** ** Function allocate_attr_in_db ** ** Description Allocate a memory space for a new attribute, and link this ** attribute into the database attribute list. ** ** ** Parameter p_db : database pointer. ** p_uuid: pointer to attribute UUID ** service : type of attribute to be added. ** ** Returns pointer to the newly allocated attribute. ** *******************************************************************************/ static void *allocate_attr_in_db(tGATT_SVC_DB *p_db, tBT_UUID *p_uuid, tGATT_PERM perm) { tGATT_ATTR16 *p_attr16 = NULL, *p_last; tGATT_ATTR32 *p_attr32 = NULL; tGATT_ATTR128 *p_attr128 = NULL; UINT16 len = sizeof(tGATT_ATTR128); if (p_uuid == NULL) { GATT_TRACE_ERROR("illegal UUID\n"); return NULL; } if (p_uuid->len == LEN_UUID_16) { len = sizeof(tGATT_ATTR16); } else if (p_uuid->len == LEN_UUID_32) { len = sizeof(tGATT_ATTR32); } GATT_TRACE_DEBUG("allocate attr %d bytes\n", len); if (p_db->end_handle <= p_db->next_handle) { GATT_TRACE_DEBUG("handle space full. handle_max = %d next_handle = %d\n", p_db->end_handle, p_db->next_handle); return NULL; } if (p_db->mem_free < len) { if (!allocate_svc_db_buf(p_db)) { GATT_TRACE_ERROR("allocate_attr_in_db failed, no resources\n"); return NULL; } } memset(p_db->p_free_mem, 0, len); p_attr16 = (tGATT_ATTR16 *) p_db->p_free_mem; if (p_uuid->len == LEN_UUID_16 && p_uuid->uu.uuid16 != GATT_ILLEGAL_UUID) { p_attr16->uuid_type = GATT_ATTR_UUID_TYPE_16; p_attr16->uuid = p_uuid->uu.uuid16; } else if (p_uuid->len == LEN_UUID_32) { p_attr32 = (tGATT_ATTR32 *) p_db->p_free_mem; p_attr32->uuid_type = GATT_ATTR_UUID_TYPE_32; p_attr32->uuid = p_uuid->uu.uuid32; } else if (p_uuid->len == LEN_UUID_128) { p_attr128 = (tGATT_ATTR128 *) p_db->p_free_mem; p_attr128->uuid_type = GATT_ATTR_UUID_TYPE_128; memcpy(p_attr128->uuid, p_uuid->uu.uuid128, LEN_UUID_128); } p_db->p_free_mem += len; p_db->mem_free -= len; p_attr16->handle = p_db->next_handle++; p_attr16->permission = perm; p_attr16->p_next = NULL; /* link the attribute record into the end of DB */ if (p_db->p_attr_list == NULL) { p_db->p_attr_list = p_attr16; } else { p_last = (tGATT_ATTR16 *)p_db->p_attr_list; while (p_last != NULL && p_last->p_next != NULL) { p_last = (tGATT_ATTR16 *)p_last->p_next; } p_last->p_next = p_attr16; } if (p_attr16->uuid_type == GATT_ATTR_UUID_TYPE_16) { GATT_TRACE_DEBUG("=====> handle = [0x%04x] uuid16 = [0x%04x] perm=0x%02x\n", p_attr16->handle, p_attr16->uuid, p_attr16->permission); } else if (p_attr16->uuid_type == GATT_ATTR_UUID_TYPE_32) { GATT_TRACE_DEBUG("=====> handle = [0x%04x] uuid32 = [0x%08x] perm=0x%02x\n", p_attr32->handle, p_attr32->uuid, p_attr32->permission); } else { GATT_TRACE_DEBUG("=====> handle = [0x%04x] uuid128 = [0x%02x:0x%02x] perm=0x%02x\n", p_attr128->handle, p_attr128->uuid[0], p_attr128->uuid[1], p_attr128->permission); } return (void *)p_attr16; } /******************************************************************************* ** ** Function deallocate_attr_in_db ** ** Description Free an attribute within the database. ** ** Parameter p_db: database pointer. ** p_attr: pointer to the attribute record to be freed. ** ** Returns BOOLEAN: success ** *******************************************************************************/ static BOOLEAN deallocate_attr_in_db(tGATT_SVC_DB *p_db, void *p_attr) { tGATT_ATTR16 *p_cur, *p_next; BOOLEAN found = FALSE; if (p_db->p_attr_list == NULL) { return found; } p_cur = (tGATT_ATTR16 *) p_db->p_attr_list; p_next = (tGATT_ATTR16 *) p_cur->p_next; for (; p_cur != NULL && p_next != NULL; p_cur = p_next, p_next = (tGATT_ATTR16 *)p_next->p_next) { if (p_next == p_attr) { p_cur->p_next = p_next->p_next; found = TRUE; } } if (p_cur == p_attr && p_cur == p_db->p_attr_list) { p_db->p_attr_list = p_cur->p_next; found = TRUE; } /* else attr not found */ if ( found) { p_db->next_handle --; } return found; } /******************************************************************************* ** ** Function copy_extra_byte_in_db ** ** Description Utility function to allocate extra bytes memory in DB and copy ** the value from a source place. ** ** ** Parameter p_db: database pointer. ** p_dst: destination data pointer. ** p_src: source data pointer. ** len: data length to be copied. ** ** Returns None. ** *******************************************************************************/ static BOOLEAN copy_extra_byte_in_db(tGATT_SVC_DB *p_db, void **p_dst, UINT16 len) { UINT8 *p = (UINT8 *)*p_dst; if (p_db->mem_free < len) { if (!allocate_svc_db_buf(p_db)) { GATT_TRACE_ERROR("copy_extra_byte_in_db failed, no resources\n"); return FALSE; } } p = p_db->p_free_mem; p_db->p_free_mem += len; p_db->mem_free -= len; memset((void *)p, 0, len); *p_dst = (void *)p; return TRUE; } /******************************************************************************* ** ** Function allocate_svc_db_buf ** ** Description Utility function to allocate extra buffer for service database. ** ** Returns TRUE if allocation succeed, otherwise FALSE. ** *******************************************************************************/ static BOOLEAN allocate_svc_db_buf(tGATT_SVC_DB *p_db) { BT_HDR *p_buf; GATT_TRACE_DEBUG("allocate_svc_db_buf allocating extra buffer"); if ((p_buf = (BT_HDR *)osi_calloc(GATT_DB_BUF_SIZE)) == NULL) { GATT_TRACE_ERROR("allocate_svc_db_buf failed, no resources"); return FALSE; } p_db->p_free_mem = (UINT8 *) p_buf; p_db->mem_free = GATT_DB_BUF_SIZE; fixed_queue_enqueue(p_db->svc_buffer, p_buf, FIXED_QUEUE_MAX_TIMEOUT); return TRUE; } /******************************************************************************* ** ** Function gatts_send_app_read_request ** ** Description Send application read request callback ** ** Returns status of operation. ** *******************************************************************************/ static tGATT_STATUS gatts_send_app_read_request(tGATT_TCB *p_tcb, UINT8 op_code, UINT16 handle, UINT16 offset, UINT32 trans_id, BOOLEAN need_rsp) { tGATTS_DATA sr_data; UINT8 i_rcb; tGATT_SR_REG *p_sreg; UINT16 conn_id; i_rcb = gatt_sr_find_i_rcb_by_handle(handle); if (i_rcb == GATT_MAX_SR_PROFILES) { GATT_TRACE_ERROR("Failed to find i_rcb,Error in %s, line=%d, \n", __func__, __LINE__); return (tGATT_STATUS) GATT_ERROR; } p_sreg = &gatt_cb.sr_reg[i_rcb]; conn_id = GATT_CREATE_CONN_ID(p_tcb->tcb_idx, p_sreg->gatt_if); if (trans_id == 0) { trans_id = gatt_sr_enqueue_cmd(p_tcb, op_code, handle); gatt_sr_update_cback_cnt(p_tcb, p_sreg->gatt_if, TRUE, TRUE); } if (trans_id != 0 ) { memset(&sr_data, 0, sizeof(tGATTS_DATA)); sr_data.read_req.handle = handle; sr_data.read_req.is_long = (BOOLEAN)(op_code == GATT_REQ_READ_BLOB); sr_data.read_req.offset = offset; sr_data.read_req.need_rsp = need_rsp; gatt_sr_send_req_callback(conn_id, trans_id, GATTS_REQ_TYPE_READ, &sr_data); if (need_rsp) { return (tGATT_STATUS) GATT_PENDING; } else{ return (tGATT_STATUS) GATT_STACK_RSP; } } else { return (tGATT_STATUS) GATT_BUSY; /* max pending command, application error */ } } /******************************************************************************* ** ** Function gatts_db_add_service_declaration ** ** Description Update a service database service declaration record. ** ** Parameter p_db: database pointer. ** service: UUID of the service. ** ** Returns void ** *******************************************************************************/ static BOOLEAN gatts_db_add_service_declaration(tGATT_SVC_DB *p_db, tBT_UUID *p_service, BOOLEAN is_pri) { tGATT_ATTR16 *p_attr; tBT_UUID uuid = {LEN_UUID_16, {0}}; BOOLEAN rt = FALSE; GATT_TRACE_DEBUG( "add_service_declaration"); if (is_pri) { uuid.uu.uuid16 = GATT_UUID_PRI_SERVICE; } else { uuid.uu.uuid16 = GATT_UUID_SEC_SERVICE; } /* add service declration record */ if ((p_attr = (tGATT_ATTR16 *)(allocate_attr_in_db(p_db, &uuid, GATT_PERM_READ))) != NULL) { if (copy_extra_byte_in_db (p_db, (void **)&p_attr->p_value, sizeof(tBT_UUID))) { if (p_service->len == LEN_UUID_16) { p_attr->p_value->uuid.len = LEN_UUID_16; p_attr->p_value->uuid.uu.uuid16 = p_service->uu.uuid16; } else if (p_service->len == LEN_UUID_32) { p_attr->p_value->uuid.len = LEN_UUID_128; gatt_convert_uuid32_to_uuid128(p_attr->p_value->uuid.uu.uuid128, p_service->uu.uuid32); } else { p_attr->p_value->uuid.len = LEN_UUID_128; memcpy(p_attr->p_value->uuid.uu.uuid128, p_service->uu.uuid128, LEN_UUID_128); } rt = TRUE; } } return rt; } /******************************************************************************* ** ** Function gatts_add_char_desc_value_check ** ** Description parameters validation check for gatts add char/descriptor functions ** ** Parameter attr_val: attribute value for char/descriptor. ** control: control variable for char/descriptor. ** ** Returns void ** *******************************************************************************/ static BOOLEAN gatts_add_char_desc_value_check (tGATT_ATTR_VAL *attr_val, tGATTS_ATTR_CONTROL *control) { if ((control != NULL) && ((control->auto_rsp != GATT_RSP_BY_APP) && (control->auto_rsp != GATT_RSP_BY_STACK))){ GATT_TRACE_ERROR("Error in %s, line=%d, control->auto_rsp should be set to GATT_RSP_BY_APP or GATT_RSP_BY_STACK here\n",\ __func__, __LINE__); return FALSE; } if ((control != NULL) && (control->auto_rsp == GATT_RSP_BY_STACK)){ if (attr_val == NULL){ GATT_TRACE_ERROR("Error in %s, line=%d, for stack respond attribute, attr_val should not be NULL here\n",\ __func__, __LINE__); return FALSE; } else if (attr_val->attr_max_len == 0){ GATT_TRACE_ERROR("Error in %s, line=%d, for stack respond attribute, attribute max length should not be 0\n",\ __func__, __LINE__); return FALSE; } } if (attr_val != NULL){ if (attr_val->attr_len > attr_val->attr_max_len){ GATT_TRACE_ERROR("Error in %s, line=%d,attribute actual length should not be larger than max length\n",\ __func__, __LINE__); return FALSE; } } return TRUE ; } #endif /* BLE_INCLUDED == TRUE && GATTS_INCLUDED == TRUE */