RootCanal: Check for disallowed commands (e967ff8a) · Commits · e / os / android_packages_modules_Bluetooth

system/vendor_libs/test_vendor_lib/model/controller/dual_mode_controller.cc

+6 −19

Original line number	Diff line number	Diff line
		@@ -1807,18 +1807,12 @@ void DualModeController::LeAddDeviceToConnectList(CommandView command) {
		gd_hci::AclCommandView::Create(command)));
		ASSERT(command_view.IsValid());

		if (link_layer_controller_.LeConnectListFull()) {
		auto packet =
		bluetooth::hci::LeAddDeviceToConnectListCompleteBuilder::Create(
		kNumCommandPackets, ErrorCode::MEMORY_CAPACITY_EXCEEDED);
		send_event_(std::move(packet));
		return;
		}
		uint8_t addr_type = static_cast<uint8_t>(command_view.GetAddressType());
		Address address = command_view.GetAddress();
		ErrorCode result =
		link_layer_controller_.LeConnectListAddDevice(address, addr_type);
		auto packet = bluetooth::hci::LeAddDeviceToConnectListCompleteBuilder::Create(
		kNumCommandPackets, ErrorCode::SUCCESS);
		kNumCommandPackets, result);
		send_event_(std::move(packet));
		}

		@@ -1884,13 +1878,6 @@ void DualModeController::LeAddDeviceToResolvingList(CommandView command) {
		gd_hci::LeSecurityCommandView::Create(command));
		ASSERT(command_view.IsValid());

		if (link_layer_controller_.LeResolvingListFull()) {
		auto packet =
		bluetooth::hci::LeAddDeviceToResolvingListCompleteBuilder::Create(
		kNumCommandPackets, ErrorCode::MEMORY_CAPACITY_EXCEEDED);
		send_event_(std::move(packet));
		return;
		}
		uint8_t addr_type =
		static_cast<uint8_t>(command_view.GetPeerIdentityAddressType());
		Address address = command_view.GetPeerIdentityAddress();
		@@ -1899,11 +1886,11 @@ void DualModeController::LeAddDeviceToResolvingList(CommandView command) {
		std::array<uint8_t, LinkLayerController::kIrk_size> localIrk =
		command_view.GetLocalIrk();

		link_layer_controller_.LeResolvingListAddDevice(address, addr_type, peerIrk,
		localIrk);
		auto status = link_layer_controller_.LeResolvingListAddDevice(
		address, addr_type, peerIrk, localIrk);
		auto packet =
		bluetooth::hci::LeAddDeviceToResolvingListCompleteBuilder::Create(
		kNumCommandPackets, ErrorCode::SUCCESS);
		kNumCommandPackets, status);
		send_event_(std::move(packet));
		}

system/vendor_libs/test_vendor_lib/model/controller/link_layer_controller.cc

+64 −15

Original line number	Diff line number	Diff line
		@@ -2454,24 +2454,48 @@ ErrorCode LinkLayerController::LeConnectionUpdate(
		return ErrorCode::SUCCESS;
		}

		void LinkLayerController::LeConnectListClear() { le_connect_list_.clear(); }
		ErrorCode LinkLayerController::LeConnectListClear() {
		if (ConnectListBusy()) {
		return ErrorCode::COMMAND_DISALLOWED;
		}

		le_connect_list_.clear();
		return ErrorCode::SUCCESS;
		}

		void LinkLayerController::LeResolvingListClear() { le_resolving_list_.clear(); }
		ErrorCode LinkLayerController::LeResolvingListClear() {
		if (ResolvingListBusy()) {
		return ErrorCode::COMMAND_DISALLOWED;
		}

		le_resolving_list_.clear();
		return ErrorCode::SUCCESS;
		}

		void LinkLayerController::LeConnectListAddDevice(Address addr,
		ErrorCode LinkLayerController::LeConnectListAddDevice(Address addr,
		uint8_t addr_type) {
		if (ConnectListBusy()) {
		return ErrorCode::COMMAND_DISALLOWED;
		}
		std::tuple<Address, uint8_t> new_tuple = std::make_tuple(addr, addr_type);
		for (auto dev : le_connect_list_) {
		if (dev == new_tuple) {
		return;
		return ErrorCode::SUCCESS;
		}
		}
		if (LeConnectListFull()) {
		return ErrorCode::MEMORY_CAPACITY_EXCEEDED;
		}
		le_connect_list_.emplace_back(new_tuple);
		return ErrorCode::SUCCESS;
		}

		void LinkLayerController::LeResolvingListAddDevice(
		ErrorCode LinkLayerController::LeResolvingListAddDevice(
		Address addr, uint8_t addr_type, std::array<uint8_t, kIrk_size> peerIrk,
		std::array<uint8_t, kIrk_size> localIrk) {
		if (ResolvingListBusy()) {
		return ErrorCode::COMMAND_DISALLOWED;
		}
		std::tuple<Address, uint8_t, std::array<uint8_t, kIrk_size>,
		std::array<uint8_t, kIrk_size>>
		new_tuple = std::make_tuple(addr, addr_type, peerIrk, localIrk);
		@@ -2479,10 +2503,14 @@ void LinkLayerController::LeResolvingListAddDevice(
		auto curr = le_connect_list_[i];
		if (std::get<0>(curr) == addr && std::get<1>(curr) == addr_type) {
		le_resolving_list_[i] = new_tuple;
		return;
		return ErrorCode::SUCCESS;
		}
		}
		if (LeResolvingListFull()) {
		return ErrorCode::MEMORY_CAPACITY_EXCEEDED;
		}
		le_resolving_list_.emplace_back(new_tuple);
		return ErrorCode::SUCCESS;
		}

		void LinkLayerController::LeSetPrivacyMode(uint8_t address_type, Address addr,
		@@ -2761,28 +2789,49 @@ ErrorCode LinkLayerController::SetLeExtendedAdvertisingEnable(
		return ErrorCode::SUCCESS;
		}

		void LinkLayerController::LeConnectListRemoveDevice(Address addr,
		bool LinkLayerController::ConnectListBusy() {
		if (le_connect_) LOG_INFO("le_connect_");
		if (le_scan_enable_ != bluetooth::hci::OpCode::NONE)
		LOG_INFO("le_scan_enable");
		for (auto advertiser : advertisers_)
		if (advertiser.IsEnabled()) {
		LOG_INFO("Advertising");
		return true;
		}
		return le_connect_ \|\| le_scan_enable_ != bluetooth::hci::OpCode::NONE;
		}

		bool LinkLayerController::ResolvingListBusy() {
		return ConnectListBusy(); // TODO: Add
		// HCI_LE_Periodic_Advertising_Create_Sync
		}

		ErrorCode LinkLayerController::LeConnectListRemoveDevice(Address addr,
		uint8_t addr_type) {
		// TODO: Add checks to see if advertising, scanning, or a connection request
		// with the connect list is ongoing.
		if (ConnectListBusy()) {
		return ErrorCode::COMMAND_DISALLOWED;
		}
		std::tuple<Address, uint8_t> erase_tuple = std::make_tuple(addr, addr_type);
		for (size_t i = 0; i < le_connect_list_.size(); i++) {
		if (le_connect_list_[i] == erase_tuple) {
		le_connect_list_.erase(le_connect_list_.begin() + i);
		}
		}
		return ErrorCode::SUCCESS;
		}

		void LinkLayerController::LeResolvingListRemoveDevice(Address addr,
		ErrorCode LinkLayerController::LeResolvingListRemoveDevice(Address addr,
		uint8_t addr_type) {
		// TODO: Add checks to see if advertising, scanning, or a connection request
		// with the connect list is ongoing.
		if (ResolvingListBusy()) {
		return ErrorCode::COMMAND_DISALLOWED;
		}
		for (size_t i = 0; i < le_connect_list_.size(); i++) {
		auto curr = le_connect_list_[i];
		if (std::get<0>(curr) == addr && std::get<1>(curr) == addr_type) {
		le_resolving_list_.erase(le_resolving_list_.begin() + i);
		}
		}
		return ErrorCode::SUCCESS;
		}

		bool LinkLayerController::LeConnectListContainsDevice(Address addr,

system/vendor_libs/test_vendor_lib/model/controller/link_layer_controller.h

+10 −8

Original line number	Diff line number	Diff line
		@@ -160,16 +160,18 @@ class LinkLayerController {
		uint16_t connection_latency,
		uint16_t supervision_timeout);

		void LeConnectListClear();
		void LeConnectListAddDevice(Address addr, uint8_t addr_type);
		void LeConnectListRemoveDevice(Address addr, uint8_t addr_type);
		bool ConnectListBusy();
		ErrorCode LeConnectListClear();
		ErrorCode LeConnectListAddDevice(Address addr, uint8_t addr_type);
		ErrorCode LeConnectListRemoveDevice(Address addr, uint8_t addr_type);
		bool LeConnectListContainsDevice(Address addr, uint8_t addr_type);
		bool LeConnectListFull();
		void LeResolvingListClear();
		void LeResolvingListAddDevice(Address addr, uint8_t addr_type,
		bool ResolvingListBusy();
		ErrorCode LeResolvingListClear();
		ErrorCode LeResolvingListAddDevice(Address addr, uint8_t addr_type,
		std::array<uint8_t, kIrk_size> peerIrk,
		std::array<uint8_t, kIrk_size> localIrk);
		void LeResolvingListRemoveDevice(Address addr, uint8_t addr_type);
		ErrorCode LeResolvingListRemoveDevice(Address addr, uint8_t addr_type);
		bool LeResolvingListContainsDevice(Address addr, uint8_t addr_type);
		bool LeResolvingListFull();
		void LeSetPrivacyMode(uint8_t address_type, Address addr, uint8_t mode);