Merge "DO NOT MERGE - Merge pi-platform-release (PPRL.190605.003) into...

  return !memcmp(zero, data, sizeof(zero));

}

static bool is_bonding_or_sdp() {

  return pairing_cb.state == BT_BOND_STATE_BONDING ||

         (pairing_cb.state == BT_BOND_STATE_BONDED && pairing_cb.sdp_attempts);

}

static void btif_dm_data_copy(uint16_t event, char* dst, char* src) {

  tBTA_DM_SEC* dst_dm_sec = (tBTA_DM_SEC*)dst;

  tBTA_DM_SEC* src_dm_sec = (tBTA_DM_SEC*)src;

                               bt_bond_state_t state) {

  btif_stats_add_bond_event(bd_addr, BTIF_DM_FUNC_BOND_STATE_CHANGED, state);

  // Send bonding state only once - based on outgoing/incoming we may receive

  // duplicates

  if ((pairing_cb.state == state) && (state == BT_BOND_STATE_BONDING)) {

    // Cross key pairing so send callback for static address

    if (!pairing_cb.static_bdaddr.IsEmpty()) {

  auto tmp = bd_addr;

  HAL_CBACK(bt_hal_cbacks, bond_state_changed_cb, status, &tmp, state);

  int dev_type;

  if (!btif_get_device_type(bd_addr, &dev_type)) {

    dev_type = BT_DEVICE_TYPE_BREDR;

  }

  if (state == BT_BOND_STATE_BONDING ||

      (state == BT_BOND_STATE_BONDED && pairing_cb.sdp_attempts > 0)) {

    // Save state for the device is bonding or SDP.

  if (state == BT_BOND_STATE_BONDING) {

    pairing_cb.state = state;

    pairing_cb.bd_addr = bd_addr;

  } else {

    pairing_cb = {};

    if (!pairing_cb.sdp_attempts)

      memset(&pairing_cb, 0, sizeof(pairing_cb));

    else

      BTIF_TRACE_DEBUG("%s: BR-EDR service discovery active", __func__);

  }

}

        /* Trigger SDP on the device */

        pairing_cb.sdp_attempts = 1;

        // Report bonded to Java before start SDP

        bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDED);

        btif_dm_get_remote_services(bd_addr);

      }

    }

      BTIF_TRACE_DEBUG("%s:(result=0x%x, services 0x%x)", __func__,

                       p_data->disc_res.result, p_data->disc_res.services);

      if (p_data->disc_res.result != BTA_SUCCESS &&

          pairing_cb.state == BT_BOND_STATE_BONDED &&

          pairing_cb.sdp_attempts < BTIF_DM_MAX_SDP_ATTEMPTS_AFTER_PAIRING) {

      if ((p_data->disc_res.result != BTA_SUCCESS) &&

          (pairing_cb.state == BT_BOND_STATE_BONDING) &&

          (pairing_cb.sdp_attempts < BTIF_DM_MAX_SDP_ATTEMPTS_AFTER_PAIRING)) {

        if (pairing_cb.sdp_attempts) {

          BTIF_TRACE_WARNING("%s: SDP failed after bonding re-attempting",

                             __func__);

      /* onUuidChanged requires getBondedDevices to be populated.

      ** bond_state_changed needs to be sent prior to remote_device_property

      */

      if (pairing_cb.state == BT_BOND_STATE_BONDED && pairing_cb.sdp_attempts &&

      if ((pairing_cb.state == BT_BOND_STATE_BONDING) &&

          (p_data->disc_res.bd_addr == pairing_cb.bd_addr ||

           p_data->disc_res.bd_addr == pairing_cb.static_bdaddr)) {

        LOG_INFO(LOG_TAG, "%s Remote Service SDP done.", __func__);

           p_data->disc_res.bd_addr == pairing_cb.static_bdaddr) &&

          pairing_cb.sdp_attempts > 0) {

        BTIF_TRACE_DEBUG(

            "%s Remote Service SDP done. Call bond_state_changed_cb BONDED",

            __func__);

        pairing_cb.sdp_attempts = 0;

        // If bond occured due to cross-key pairing, send bond state callback

        // If bonding occured due to cross-key pairing, send bonding callback

        // for static address now

        if (p_data->disc_res.bd_addr == pairing_cb.static_bdaddr) {

        if (p_data->disc_res.bd_addr == pairing_cb.static_bdaddr)

          bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING);

          bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDED);

        }

        if (pairing_cb.state == BT_BOND_STATE_BONDED) {

          if (p_data->disc_res.result == BTA_SUCCESS) {

            // Device is bonded and SDP completed. Clear the pairing control

            // block.

            pairing_cb = {};

          } else {

            // Report empty UUID to Java if SDP report negative result while

            // pairing.

            bt_property_t prop;

            Uuid uuid;

            prop.type = BT_PROPERTY_UUIDS;

            prop.val = &uuid;

            prop.len = Uuid::kNumBytes128;

            /* Send the event to the BTIF */

            HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb,

                      BT_STATUS_SUCCESS, &bd_addr, 1, &prop);

            break;

          }

        }

        bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDED);

      }

      if (p_data->disc_res.num_uuids != 0) {

      break;

    case BTA_DM_BOND_CANCEL_CMPL_EVT:

      if (is_bonding_or_sdp()) {

      if (pairing_cb.state == BT_BOND_STATE_BONDING) {

        bd_addr = pairing_cb.bd_addr;

        btm_set_bond_type_dev(pairing_cb.bd_addr, BOND_TYPE_UNKNOWN);

        bond_state_changed((bt_status_t)p_data->bond_cancel_cmpl.result,

  **  1. Restore scan modes

  **  2. special handling for HID devices

  */

  if (is_bonding_or_sdp()) {

  if (pairing_cb.state == BT_BOND_STATE_BONDING) {

    if (pairing_cb.is_ssp) {

      if (pairing_cb.is_le_only) {

        BTA_DmBleSecurityGrant(*bd_addr, BTA_DM_SEC_PAIR_NOT_SPT);

/*******************************************************************************

 *

 * Function         btif_dm_get_remote_services_by_transport

 * Function         btif_dm_get_remote_services_transport

 *

 * Description      Start SDP to get remote services by transport

 *

void btif_dm_on_disable() {

  /* cancel any pending pairing requests */

  if (is_bonding_or_sdp()) {

  if (pairing_cb.state == BT_BOND_STATE_BONDING) {

    BTIF_TRACE_DEBUG("%s: Cancel pending pairing request", __func__);

    btif_dm_cancel_bond(&pairing_cb.bd_addr);

  }

#include <alloca.h>

#include <base/logging.h>

#include <ctype.h>

#include <log/log.h>

#include <stdlib.h>

#include <string.h>

#include <time.h>

  return ret ? BT_STATUS_SUCCESS : BT_STATUS_FAIL;

}

/* Some devices hardcode sample LTK value from spec, instead of generating one.

 * Treat such devices as insecure, and remove such bonds when bluetooth

 * restarts. Removing them after disconnection is handled separately.

 *

 * We still allow such devices to bond in order to give the user a chance to

 * update firmware.

 */

static void remove_devices_with_sample_ltk() {

  std::vector<RawAddress> bad_ltk;

  for (const section_t& section : btif_config_sections()) {

    const std::string& name = section.name;

    if (!RawAddress::IsValidAddress(name)) {

      continue;

    }

    RawAddress bd_addr;

    RawAddress::FromString(name, bd_addr);

    tBTA_LE_KEY_VALUE key;

    memset(&key, 0, sizeof(key));

    if (btif_storage_get_ble_bonding_key(

            &bd_addr, BTIF_DM_LE_KEY_PENC, (uint8_t*)&key,

            sizeof(tBTM_LE_PENC_KEYS)) == BT_STATUS_SUCCESS) {

      if (is_sample_ltk(key.penc_key.ltk)) {

        bad_ltk.push_back(bd_addr);

      }

    }

  }

  for (RawAddress address : bad_ltk) {

    android_errorWriteLog(0x534e4554, "128437297");

    LOG(ERROR) << __func__

               << ": removing bond to device using test TLK: " << address;

    btif_storage_remove_bonded_device(&address);

  }

}

/*******************************************************************************

 *

 * Function         btif_storage_load_bonded_devices

  Uuid remote_uuids[BT_MAX_NUM_UUIDS];

  bt_status_t status;

  remove_devices_with_sample_ltk();

  btif_in_fetch_bonded_devices(&bonded_devices, 1);

  /* Now send the adapter_properties_cb with all adapter_properties */

        response, &number_of_local_supported_codecs, local_supported_codecs);

  }

  if (!HCI_READ_ENCR_KEY_SIZE_SUPPORTED(supported_commands)) {

    LOG(FATAL) << " Controller must support Read Encryption Key Size command";

  }

  readable = true;

  return future_new_immediate(FUTURE_SUCCESS);

}

    shared_libs: [

        "libcutils",

        "liblog",

        "libstatslog",

    ],

    required: [

        "libldacBT_enc",

#include <frameworks/base/core/proto/android/bluetooth/enums.pb.h>

#include <frameworks/base/core/proto/android/bluetooth/hci/enums.pb.h>

#include <log/log.h>

#include <stdarg.h>

#include <stdio.h>

#include <string.h>

extern void btm_ble_advertiser_notify_terminated_legacy(

    uint8_t status, uint16_t connection_handle);

extern void bta_dm_remove_device(const RawAddress& bd_addr);

/*******************************************************************************

 *             L O C A L    F U N C T I O N     P R O T O T Y P E S            *

      p_dev_rec->sec_flags &= ~(BTM_SEC_LINK_KEY_KNOWN);

  }

  /* Some devices hardcode sample LTK value from spec, instead of generating

   * one. Treat such devices as insecure, and remove such bonds on

   * disconnection.

   */

  if (is_sample_ltk(p_dev_rec->ble.keys.pltk)) {

    android_errorWriteLog(0x534e4554, "128437297");

    LOG(INFO) << __func__ << " removing bond to device that used sample LTK: "

              << p_dev_rec->bd_addr;

    bta_dm_remove_device(p_dev_rec->bd_addr);

  }

  BTM_TRACE_EVENT("%s after update sec_flags=0x%x", __func__,

                  p_dev_rec->sec_flags);