HID: Simplify security check code (d08a98aa) · Commits · e / os / android_packages_modules_Bluetooth

system/stack/hid/hidd_conn.cc

+6 −79

Original line number	Diff line number	Diff line
		@@ -84,71 +84,6 @@ static void hidd_check_config_done() {
		}
		}

		/*******************************************************************************
		*
		* Function hidh_sec_check_complete_term
		*
		* Description HID security check complete callback function.
		*
		* Returns Send L2CA_ConnectRsp OK if secutiry check succeed; otherwise
		* send security block L2C connection response.
		*
		******************************************************************************/
		static void hidd_sec_check_complete(UNUSED_ATTR const RawAddress* bd_addr,
		UNUSED_ATTR tBT_TRANSPORT transport,
		void* p_ref_data, uint8_t res) {
		tHID_DEV_DEV_CTB* p_dev = (tHID_DEV_DEV_CTB*)p_ref_data;

		if (res == BTM_SUCCESS && p_dev->conn.conn_state == HID_CONN_STATE_SECURITY) {
		p_dev->conn.disc_reason = HID_SUCCESS;
		p_dev->conn.conn_state = HID_CONN_STATE_CONNECTING_INTR;

		L2CA_ConnectRsp(p_dev->addr, p_dev->conn.ctrl_id, p_dev->conn.ctrl_cid,
		L2CAP_CONN_OK, L2CAP_CONN_OK);
		} else if (res != BTM_SUCCESS) {
		HIDD_TRACE_WARNING("%s: connection rejected by security", __func__);

		p_dev->conn.disc_reason = HID_ERR_AUTH_FAILED;
		p_dev->conn.conn_state = HID_CONN_STATE_UNUSED;
		L2CA_ConnectRsp(p_dev->addr, p_dev->conn.ctrl_id, p_dev->conn.ctrl_cid,
		L2CAP_CONN_SECURITY_BLOCK, L2CAP_CONN_OK);
		return;
		}
		}

		/*******************************************************************************
		*
		* Function hidd_sec_check_complete_orig
		*
		* Description HID security check complete callback function (device
		*originated)
		*
		* Returns void
		*
		******************************************************************************/
		void hidd_sec_check_complete_orig(UNUSED_ATTR const RawAddress* bd_addr,
		UNUSED_ATTR tBT_TRANSPORT transport,
		void* p_ref_data, uint8_t res) {
		tHID_DEV_DEV_CTB* p_dev = (tHID_DEV_DEV_CTB*)p_ref_data;

		if (p_dev->conn.conn_state != HID_CONN_STATE_SECURITY) {
		HIDD_TRACE_WARNING("%s: invalid state (%02x)", __func__,
		p_dev->conn.conn_state);
		return;
		}

		if (res == BTM_SUCCESS) {
		HIDD_TRACE_EVENT("%s: security ok", __func__);
		p_dev->conn.disc_reason = HID_SUCCESS;

		p_dev->conn.conn_state = HID_CONN_STATE_CONFIG;
		} else {
		HIDD_TRACE_WARNING("%s: security check failed (%02x)", __func__, res);
		p_dev->conn.disc_reason = HID_ERR_AUTH_FAILED;
		hidd_conn_disconnect();
		}
		}

		/*******************************************************************************
		*
		* Function hidd_l2cif_connect_ind
		@@ -224,12 +159,11 @@ static void hidd_l2cif_connect_ind(const RawAddress& bd_addr, uint16_t cid,
		p_hcon->conn_flags = 0;
		p_hcon->ctrl_cid = cid;
		p_hcon->ctrl_id = id;
		p_hcon->disc_reason = HID_L2CAP_CONN_FAIL;

		p_hcon->conn_state = HID_CONN_STATE_SECURITY;
		p_hcon->disc_reason = HID_SUCCESS;
		p_hcon->conn_state = HID_CONN_STATE_CONNECTING_INTR;

		// Assume security check ok
		hidd_sec_check_complete(nullptr, BT_TRANSPORT_BR_EDR, p_dev, BTM_SUCCESS);
		L2CA_ConnectRsp(p_dev->addr, p_dev->conn.ctrl_id, p_dev->conn.ctrl_cid,
		L2CAP_CONN_OK, L2CAP_CONN_OK);
		return;
		}

		@@ -250,7 +184,6 @@ static void hidd_l2cif_connect_ind(const RawAddress& bd_addr, uint16_t cid,
		*
		******************************************************************************/
		static void hidd_l2cif_connect_cfm(uint16_t cid, uint16_t result) {
		tHID_DEV_DEV_CTB* p_dev = &hd_cb.device;
		tHID_CONN* p_hcon = &hd_cb.device.conn;

		HIDD_TRACE_EVENT("%s: cid=%04x result=%d", __func__, cid, result);
		@@ -286,14 +219,8 @@ static void hidd_l2cif_connect_cfm(uint16_t cid, uint16_t result) {

		/* CTRL connect conf */
		if (cid == p_hcon->ctrl_cid) {
		p_hcon->conn_state = HID_CONN_STATE_SECURITY;
		p_hcon->disc_reason =
		HID_L2CAP_CONN_FAIL; /* in case disconnected before sec completed */

		// Assume security check ok
		hidd_sec_check_complete_orig(nullptr, BT_TRANSPORT_BR_EDR, p_dev,
		BTM_SUCCESS);

		p_hcon->disc_reason = HID_SUCCESS;
		p_hcon->conn_state = HID_CONN_STATE_CONFIG;
		} else {
		p_hcon->conn_state = HID_CONN_STATE_CONFIG;
		}

system/stack/hid/hidh_conn.cc

+14 −100

Original line number	Diff line number	Diff line
		@@ -133,43 +133,6 @@ tHID_STATUS hidh_conn_disconnect(uint8_t dhandle) {
		return (HID_SUCCESS);
		}

		/*******************************************************************************
		*
		* Function hidh_sec_check_complete_term
		*
		* Description HID security check complete callback function.
		*
		* Returns Send L2CA_ConnectRsp OK if secutiry check succeed; otherwise
		* send security block L2C connection response.
		*
		******************************************************************************/
		void hidh_sec_check_complete_term(UNUSED_ATTR const RawAddress* bd_addr,
		UNUSED_ATTR tBT_TRANSPORT transport,
		void* p_ref_data, uint8_t res) {
		tHID_HOST_DEV_CTB* p_dev = (tHID_HOST_DEV_CTB*)p_ref_data;

		if (res == BTM_SUCCESS && p_dev->conn.conn_state == HID_CONN_STATE_SECURITY) {
		p_dev->conn.disc_reason = HID_SUCCESS; /* Authentication passed. Reset
		disc_reason (from
		HID_ERR_AUTH_FAILED) */

		p_dev->conn.conn_state = HID_CONN_STATE_CONNECTING_INTR;

		/* Send response to the L2CAP layer. */
		L2CA_ConnectRsp(p_dev->addr, p_dev->conn.ctrl_id, p_dev->conn.ctrl_cid,
		L2CAP_CONN_OK, L2CAP_CONN_OK);

		}
		/* security check fail */
		else if (res != BTM_SUCCESS) {
		p_dev->conn.disc_reason =
		HID_ERR_AUTH_FAILED; /* Save reason for disconnecting */
		p_dev->conn.conn_state = HID_CONN_STATE_UNUSED;
		L2CA_ConnectRsp(p_dev->addr, p_dev->conn.ctrl_id, p_dev->conn.ctrl_cid,
		L2CAP_CONN_SECURITY_BLOCK, L2CAP_CONN_OK);
		}
		}

		/*******************************************************************************
		*
		* Function hidh_l2cif_connect_ind
		@@ -236,15 +199,14 @@ static void hidh_l2cif_connect_ind(const RawAddress& bd_addr,
		p_hcon->conn_flags = 0;
		p_hcon->ctrl_cid = l2cap_cid;
		p_hcon->ctrl_id = l2cap_id;
		p_hcon->disc_reason = HID_L2CAP_CONN_FAIL; /* In case disconnection occurs
		before security is completed,
		then set CLOSE_EVT reason code
		to 'connection failure' */

		p_hcon->conn_state = HID_CONN_STATE_SECURITY;
		// Assume security check ok
		hidh_sec_check_complete_term(nullptr, BT_TRANSPORT_BR_EDR, p_dev,
		BTM_SUCCESS);
		p_hcon->disc_reason = HID_SUCCESS; /* Authentication passed. Reset
		disc_reason (from
		HID_ERR_AUTH_FAILED) */
		p_hcon->conn_state = HID_CONN_STATE_CONNECTING_INTR;

		/* Send response to the L2CAP layer. */
		L2CA_ConnectRsp(p_dev->addr, p_dev->conn.ctrl_id, p_dev->conn.ctrl_cid,
		L2CAP_CONN_OK, L2CAP_CONN_OK);
		return;
		}

		@@ -286,51 +248,6 @@ void hidh_try_repage(uint8_t dhandle) {
		device->conn_tries, NULL);
		}

		/*******************************************************************************
		*
		* Function hidh_sec_check_complete_orig
		*
		* Description This function checks to see if security procedures are being
		* carried out or not..
		*
		* Returns void
		*
		******************************************************************************/
		void hidh_sec_check_complete_orig(UNUSED_ATTR const RawAddress* bd_addr,
		UNUSED_ATTR tBT_TRANSPORT transport,
		void* p_ref_data, uint8_t res) {
		tHID_HOST_DEV_CTB* p_dev = (tHID_HOST_DEV_CTB*)p_ref_data;
		uint8_t dhandle;

		// TODO(armansito): This kind of math to determine a device handle is way
		// too dirty and unnecessary. Why can't \|p_dev\| store it's handle?
		dhandle = (PTR_TO_UINT(p_dev) - PTR_TO_UINT(&(hh_cb.devices[0]))) /
		sizeof(tHID_HOST_DEV_CTB);
		if (res == BTM_SUCCESS && p_dev->conn.conn_state == HID_CONN_STATE_SECURITY) {
		HIDH_TRACE_EVENT("HID-Host Originator security pass.");
		p_dev->conn.disc_reason = HID_SUCCESS; /* Authentication passed. Reset
		disc_reason (from
		HID_ERR_AUTH_FAILED) */

		/* Transition to the next appropriate state, configuration */
		p_dev->conn.conn_state = HID_CONN_STATE_CONFIG;
		}

		if (res != BTM_SUCCESS && p_dev->conn.conn_state == HID_CONN_STATE_SECURITY) {
		#if (HID_HOST_MAX_CONN_RETRY > 0)
		if (res == BTM_DEVICE_TIMEOUT) {
		if (p_dev->conn_tries <= HID_HOST_MAX_CONN_RETRY) {
		hidh_conn_retry(dhandle);
		return;
		}
		}
		#endif
		p_dev->conn.disc_reason =
		HID_ERR_AUTH_FAILED; /* Save reason for disconnecting */
		hidh_conn_disconnect(dhandle);
		}
		}

		/*******************************************************************************
		*
		* Function hidh_l2cif_connect_cfm
		@@ -392,15 +309,12 @@ static void hidh_l2cif_connect_cfm(uint16_t l2cap_cid, uint16_t result) {
		/* receive Control Channel connect confirmation */
		if (l2cap_cid == p_hcon->ctrl_cid) {
		/* check security requirement */
		p_hcon->conn_state = HID_CONN_STATE_SECURITY;
		p_hcon->disc_reason = HID_L2CAP_CONN_FAIL; /* In case disconnection occurs
		before security is completed,
		then set CLOSE_EVT reason code
		to "connection failure" */

		// Assume security check ok
		hidh_sec_check_complete_orig(nullptr, BT_TRANSPORT_BR_EDR, p_dev,
		BTM_SUCCESS);
		p_hcon->disc_reason = HID_SUCCESS; /* Authentication passed. Reset
		disc_reason (from
		HID_ERR_AUTH_FAILED) */

		/* Transition to the next appropriate state, configuration */
		p_hcon->conn_state = HID_CONN_STATE_CONFIG;
		} else {
		p_hcon->conn_state = HID_CONN_STATE_CONFIG;
		}