DO NOT MERGE - Merge qt-qpr1-dev-plus-aosp-without-vendor (6129114) into stage-aosp-master (d15cb1f7) · Commits · e / os / android_packages_modules_Bluetooth

system/stack/btm/btm_acl.cc

+22 −1

Original line number	Diff line number	Diff line
		@@ -1085,7 +1085,7 @@ void btm_read_remote_features_complete(uint8_t* p) {
		* Returns void
		*
		******************************************************************************/
		void btm_read_remote_ext_features_complete(uint8_t* p) {
		void btm_read_remote_ext_features_complete(uint8_t* p, uint8_t evt_len) {
		tACL_CONN* p_acl_cb;
		uint8_t page_num, max_page;
		uint16_t handle;
		@@ -1093,6 +1093,14 @@ void btm_read_remote_ext_features_complete(uint8_t* p) {

		BTM_TRACE_DEBUG("btm_read_remote_ext_features_complete");

		if (evt_len < HCI_EXT_FEATURES_SUCCESS_EVT_LEN) {
		android_errorWriteLog(0x534e4554, "141552859");
		BTM_TRACE_ERROR(
		"btm_read_remote_ext_features_complete evt length too short. length=%d",
		evt_len);
		return;
		}

		++p;
		STREAM_TO_UINT16(handle, p);
		STREAM_TO_UINT8(page_num, p);
		@@ -1112,6 +1120,19 @@ void btm_read_remote_ext_features_complete(uint8_t* p) {
		return;
		}

		if (page_num > HCI_EXT_FEATURES_PAGE_MAX) {
		android_errorWriteLog(0x534e4554, "141552859");
		BTM_TRACE_ERROR("btm_read_remote_ext_features_complete num_page=%d invalid",
		page_num);
		return;
		}

		if (page_num > max_page) {
		BTM_TRACE_WARNING(
		"btm_read_remote_ext_features_complete num_page=%d, max_page=%d "
		"invalid", page_num, max_page);
		}

		p_acl_cb = &btm_cb.acl_db[acl_idx];

		/* Copy the received features page */

system/stack/btm/btm_ble_batchscan.cc

+2 −0

Original line number	Diff line number	Diff line
		@@ -63,6 +63,7 @@ void btm_ble_batchscan_filter_track_adv_vse_cback(uint8_t len, uint8_t* p) {

		uint8_t sub_event = 0;
		tBTM_BLE_VSC_CB cmn_ble_vsc_cb;
		if (len == 0) return;
		STREAM_TO_UINT8(sub_event, p);

		BTM_TRACE_EVENT(
		@@ -90,6 +91,7 @@ void btm_ble_batchscan_filter_track_adv_vse_cback(uint8_t len, uint8_t* p) {

		/* Extract the adv info details */
		if (ADV_INFO_PRESENT == adv_data.advertiser_info_present) {
		if (len < 15) return;
		STREAM_TO_UINT8(adv_data.tx_power, p);
		STREAM_TO_UINT8(adv_data.rssi_value, p);
		STREAM_TO_UINT16(adv_data.time_stamp, p);

system/stack/btm/btm_inq.cc

+26 −5

Original line number	Diff line number	Diff line
		@@ -25,6 +25,7 @@
		*
		******************************************************************************/

		#include <log/log.h>
		#include <stddef.h>
		#include <stdio.h>
		#include <stdlib.h>
		@@ -1516,7 +1517,8 @@ static void btm_initiate_inquiry(tBTM_INQUIRY_VAR_ST* p_inq) {
		* Returns void
		*
		******************************************************************************/
		void btm_process_inq_results(uint8_t* p, uint8_t inq_res_mode) {
		void btm_process_inq_results(uint8_t* p, uint8_t hci_evt_len,
		uint8_t inq_res_mode) {
		uint8_t num_resp, xx;
		RawAddress bda;
		tINQ_DB_ENT* p_i;
		@@ -1545,12 +1547,31 @@ void btm_process_inq_results(uint8_t* p, uint8_t inq_res_mode) {

		STREAM_TO_UINT8(num_resp, p);

		if (inq_res_mode == BTM_INQ_RESULT_EXTENDED && (num_resp > 1)) {
		if (inq_res_mode == BTM_INQ_RESULT_EXTENDED) {
		if (num_resp > 1) {
		BTM_TRACE_ERROR("btm_process_inq_results() extended results (%d) > 1",
		num_resp);
		return;
		}

		constexpr uint16_t extended_inquiry_result_size = 254;
		if (hci_evt_len - 1 != extended_inquiry_result_size) {
		android_errorWriteLog(0x534e4554, "141620271");
		BTM_TRACE_ERROR("%s: can't fit %d results in %d bytes", __func__,
		num_resp, hci_evt_len);
		return;
		}
		} else if (inq_res_mode == BTM_INQ_RESULT_STANDARD \|\|
		inq_res_mode == BTM_INQ_RESULT_WITH_RSSI) {
		constexpr uint16_t inquiry_result_size = 14;
		if (hci_evt_len < num_resp * inquiry_result_size) {
		android_errorWriteLog(0x534e4554, "141620271");
		BTM_TRACE_ERROR("%s: can't fit %d results in %d bytes", __func__,
		num_resp, hci_evt_len);
		return;
		}
		}

		for (xx = 0; xx < num_resp; xx++) {
		update = false;
		/* Extract inquiry results */

system/stack/btm/btm_int.h

+3 −2

Original line number	Diff line number	Diff line
		@@ -65,7 +65,8 @@ extern void btm_inq_remote_name_timer_timeout(void* data);
		/* Inquiry related functions */
		extern void btm_clr_inq_db(const RawAddress* p_bda);
		extern void btm_inq_db_init(void);
		extern void btm_process_inq_results(uint8_t* p, uint8_t inq_res_mode);
		extern void btm_process_inq_results(uint8_t* p, uint8_t hci_evt_len,
		uint8_t inq_res_mode);
		extern void btm_process_inq_complete(uint8_t status, uint8_t mode);
		extern void btm_process_cancel_complete(uint8_t status, uint8_t mode);
		extern void btm_event_filter_complete(uint8_t* p);
		@@ -119,7 +120,7 @@ extern uint16_t btm_get_acl_disc_reason_code(void);
		extern tBTM_STATUS btm_remove_acl(const RawAddress& bd_addr,
		tBT_TRANSPORT transport);
		extern void btm_read_remote_features_complete(uint8_t* p);
		extern void btm_read_remote_ext_features_complete(uint8_t* p);
		extern void btm_read_remote_ext_features_complete(uint8_t* p, uint8_t evt_len);
		extern void btm_read_remote_ext_features_failed(uint8_t status,
		uint16_t handle);
		extern void btm_read_remote_version_complete(uint8_t* p);

system/stack/btu/btu_hcif.cc

+33 −23

Original line number	Diff line number	Diff line
		@@ -65,18 +65,20 @@ extern void smp_cancel_start_encryption_attempt();
		/* L O C A L F U N C T I O N P R O T O T Y P E S */
		/******************************************************************************/
		static void btu_hcif_inquiry_comp_evt(uint8_t* p);
		static void btu_hcif_inquiry_result_evt(uint8_t* p);
		static void btu_hcif_inquiry_rssi_result_evt(uint8_t* p);
		static void btu_hcif_extended_inquiry_result_evt(uint8_t* p);
		static void btu_hcif_inquiry_result_evt(uint8_t* p, uint8_t hci_evt_len);
		static void btu_hcif_inquiry_rssi_result_evt(uint8_t* p, uint8_t hci_evt_len);
		static void btu_hcif_extended_inquiry_result_evt(uint8_t* p,
		uint8_t hci_evt_len);

		static void btu_hcif_connection_comp_evt(uint8_t* p);
		static void btu_hcif_connection_comp_evt(uint8_t* p, uint8_t evt_len);
		static void btu_hcif_connection_request_evt(uint8_t* p);
		static void btu_hcif_disconnection_comp_evt(uint8_t* p);
		static void btu_hcif_authentication_comp_evt(uint8_t* p);
		static void btu_hcif_rmt_name_request_comp_evt(uint8_t* p, uint16_t evt_len);
		static void btu_hcif_encryption_change_evt(uint8_t* p);
		static void btu_hcif_read_rmt_features_comp_evt(uint8_t* p);
		static void btu_hcif_read_rmt_ext_features_comp_evt(uint8_t* p);
		static void btu_hcif_read_rmt_ext_features_comp_evt(uint8_t* p,
		uint8_t evt_len);
		static void btu_hcif_read_rmt_version_comp_evt(uint8_t* p);
		static void btu_hcif_qos_setup_comp_evt(uint8_t* p);
		static void btu_hcif_command_complete_evt(BT_HDR* response, void* context);
		@@ -85,7 +87,7 @@ static void btu_hcif_command_status_evt(uint8_t status, BT_HDR* command,
		static void btu_hcif_hardware_error_evt(uint8_t* p);
		static void btu_hcif_flush_occured_evt(void);
		static void btu_hcif_role_change_evt(uint8_t* p);
		static void btu_hcif_num_compl_data_pkts_evt(uint8_t* p);
		static void btu_hcif_num_compl_data_pkts_evt(uint8_t* p, uint8_t evt_len);
		static void btu_hcif_mode_change_evt(uint8_t* p);
		static void btu_hcif_pin_code_request_evt(uint8_t* p);
		static void btu_hcif_link_key_request_evt(uint8_t* p);
		@@ -263,16 +265,16 @@ void btu_hcif_process_event(UNUSED_ATTR uint8_t controller_id, BT_HDR* p_msg) {
		btu_hcif_inquiry_comp_evt(p);
		break;
		case HCI_INQUIRY_RESULT_EVT:
		btu_hcif_inquiry_result_evt(p);
		btu_hcif_inquiry_result_evt(p, hci_evt_len);
		break;
		case HCI_INQUIRY_RSSI_RESULT_EVT:
		btu_hcif_inquiry_rssi_result_evt(p);
		btu_hcif_inquiry_rssi_result_evt(p, hci_evt_len);
		break;
		case HCI_EXTENDED_INQUIRY_RESULT_EVT:
		btu_hcif_extended_inquiry_result_evt(p);
		btu_hcif_extended_inquiry_result_evt(p, hci_evt_len);
		break;
		case HCI_CONNECTION_COMP_EVT:
		btu_hcif_connection_comp_evt(p);
		btu_hcif_connection_comp_evt(p, hci_evt_len);
		break;
		case HCI_CONNECTION_REQUEST_EVT:
		btu_hcif_connection_request_evt(p);
		@@ -296,7 +298,7 @@ void btu_hcif_process_event(UNUSED_ATTR uint8_t controller_id, BT_HDR* p_msg) {
		btu_hcif_read_rmt_features_comp_evt(p);
		break;
		case HCI_READ_RMT_EXT_FEATURES_COMP_EVT:
		btu_hcif_read_rmt_ext_features_comp_evt(p);
		btu_hcif_read_rmt_ext_features_comp_evt(p, hci_evt_len);
		break;
		case HCI_READ_RMT_VERSION_COMP_EVT:
		btu_hcif_read_rmt_version_comp_evt(p);
		@@ -326,7 +328,7 @@ void btu_hcif_process_event(UNUSED_ATTR uint8_t controller_id, BT_HDR* p_msg) {
		btu_hcif_role_change_evt(p);
		break;
		case HCI_NUM_COMPL_DATA_PKTS_EVT:
		btu_hcif_num_compl_data_pkts_evt(p);
		btu_hcif_num_compl_data_pkts_evt(p, hci_evt_len);
		break;
		case HCI_MODE_CHANGE_EVT:
		btu_hcif_mode_change_evt(p);
		@@ -948,9 +950,9 @@ static void btu_hcif_inquiry_comp_evt(uint8_t* p) {
		* Returns void
		*
		******************************************************************************/
		static void btu_hcif_inquiry_result_evt(uint8_t* p) {
		static void btu_hcif_inquiry_result_evt(uint8_t* p, uint8_t hci_evt_len) {
		/* Store results in the cache */
		btm_process_inq_results(p, BTM_INQ_RESULT_STANDARD);
		btm_process_inq_results(p, hci_evt_len, BTM_INQ_RESULT_STANDARD);
		}

		/*******************************************************************************
		@@ -962,9 +964,9 @@ static void btu_hcif_inquiry_result_evt(uint8_t* p) {
		* Returns void
		*
		******************************************************************************/
		static void btu_hcif_inquiry_rssi_result_evt(uint8_t* p) {
		static void btu_hcif_inquiry_rssi_result_evt(uint8_t* p, uint8_t hci_evt_len) {
		/* Store results in the cache */
		btm_process_inq_results(p, BTM_INQ_RESULT_WITH_RSSI);
		btm_process_inq_results(p, hci_evt_len, BTM_INQ_RESULT_WITH_RSSI);
		}

		/*******************************************************************************
		@@ -976,9 +978,10 @@ static void btu_hcif_inquiry_rssi_result_evt(uint8_t* p) {
		* Returns void
		*
		******************************************************************************/
		static void btu_hcif_extended_inquiry_result_evt(uint8_t* p) {
		static void btu_hcif_extended_inquiry_result_evt(uint8_t* p,
		uint8_t hci_evt_len) {
		/* Store results in the cache */
		btm_process_inq_results(p, BTM_INQ_RESULT_EXTENDED);
		btm_process_inq_results(p, hci_evt_len, BTM_INQ_RESULT_EXTENDED);
		}

		/*******************************************************************************
		@@ -990,7 +993,7 @@ static void btu_hcif_extended_inquiry_result_evt(uint8_t* p) {
		* Returns void
		*
		******************************************************************************/
		static void btu_hcif_connection_comp_evt(uint8_t* p) {
		static void btu_hcif_connection_comp_evt(uint8_t* p, uint8_t evt_len) {
		uint8_t status;
		uint16_t handle;
		RawAddress bda;
		@@ -998,6 +1001,12 @@ static void btu_hcif_connection_comp_evt(uint8_t* p) {
		uint8_t enc_mode;
		tBTM_ESCO_DATA esco_data;

		if (evt_len < 11) {
		android_errorWriteLog(0x534e4554, "141619686");
		HCI_TRACE_WARNING("%s: malformed event of size %hhd", __func__, evt_len);
		return;
		}

		STREAM_TO_UINT8(status, p);
		STREAM_TO_UINT16(handle, p);
		STREAM_TO_BDADDR(bda, p);
		@@ -1212,7 +1221,8 @@ static void btu_hcif_read_rmt_features_comp_evt(uint8_t* p) {
		* Returns void
		*
		******************************************************************************/
		static void btu_hcif_read_rmt_ext_features_comp_evt(uint8_t* p) {
		static void btu_hcif_read_rmt_ext_features_comp_evt(uint8_t* p,
		uint8_t evt_len) {
		uint8_t* p_cur = p;
		uint8_t status;
		uint16_t handle;
		@@ -1220,7 +1230,7 @@ static void btu_hcif_read_rmt_ext_features_comp_evt(uint8_t* p) {
		STREAM_TO_UINT8(status, p_cur);

		if (status == HCI_SUCCESS)
		btm_read_remote_ext_features_complete(p);
		btm_read_remote_ext_features_complete(p, evt_len);
		else {
		STREAM_TO_UINT16(handle, p_cur);
		btm_read_remote_ext_features_failed(status, handle);
		@@ -1698,9 +1708,9 @@ static void btu_hcif_role_change_evt(uint8_t* p) {
		* Returns void
		*
		******************************************************************************/
		static void btu_hcif_num_compl_data_pkts_evt(uint8_t* p) {
		static void btu_hcif_num_compl_data_pkts_evt(uint8_t* p, uint8_t evt_len) {
		/* Process for L2CAP and SCO */
		l2c_link_process_num_completed_pkts(p);
		l2c_link_process_num_completed_pkts(p, evt_len);

		/* Send on to SCO */
		/?? No SCO for now /