esp-idf/components/bt/host/bluedroid/stack/gatt/att_protocol.c

/******************************************************************************
 *
 *  Copyright (C) 2008-2014 Broadcom Corporation
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at:
 *
 *  http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 *
 ******************************************************************************/

/******************************************************************************
 *
 *  this file contains ATT protocol functions
 *
 ******************************************************************************/

#include "common/bt_target.h"
#include "osi/allocator.h"

#if BLE_INCLUDED == TRUE

#include "gatt_int.h"
#include "stack/l2c_api.h"

#define GATT_HDR_FIND_TYPE_VALUE_LEN    21
#define GATT_OP_CODE_SIZE   1
/**********************************************************************
**   ATT protocl message building utility                              *
***********************************************************************/
/*******************************************************************************
**
** Function         attp_build_mtu_exec_cmd
**
** Description      Build a exchange MTU request
**
** Returns          None.
**
*******************************************************************************/
BT_HDR *attp_build_mtu_cmd(UINT8 op_code, UINT16 rx_mtu)
{
    BT_HDR      *p_buf = NULL;
    UINT8       *p;

    if ((p_buf = (BT_HDR *)osi_malloc(sizeof(BT_HDR) + GATT_HDR_SIZE + L2CAP_MIN_OFFSET)) != NULL) {
        p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;

        UINT8_TO_STREAM (p, op_code);
        UINT16_TO_STREAM (p, rx_mtu);

        p_buf->offset = L2CAP_MIN_OFFSET;
        p_buf->len = GATT_HDR_SIZE; /* opcode + 2 bytes mtu */
    }
    return p_buf;
}
/*******************************************************************************
**
** Function         attp_build_exec_write_cmd
**
** Description      Build a execute write request or response.
**
** Returns          None.
**
*******************************************************************************/
BT_HDR *attp_build_exec_write_cmd (UINT8 op_code, UINT8 flag)
{
    BT_HDR      *p_buf = NULL;
    UINT8       *p;

    if ((p_buf = (BT_HDR *)osi_malloc(GATT_DATA_BUF_SIZE)) != NULL) {
        p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;

        p_buf->offset = L2CAP_MIN_OFFSET;
        p_buf->len = GATT_OP_CODE_SIZE;

        UINT8_TO_STREAM (p, op_code);

        if (op_code == GATT_REQ_EXEC_WRITE) {
            flag &= GATT_PREP_WRITE_EXEC;
            UINT8_TO_STREAM (p, flag);
            p_buf->len += 1;
        }

    }

    return p_buf;
}

/*******************************************************************************
**
** Function         attp_build_err_cmd
**
** Description      Build a exchange MTU request
**
** Returns          None.
**
*******************************************************************************/
BT_HDR *attp_build_err_cmd(UINT8 cmd_code, UINT16 err_handle, UINT8 reason)
{
    BT_HDR      *p_buf = NULL;
    UINT8       *p;

    if ((p_buf = (BT_HDR *)osi_malloc(sizeof(BT_HDR) + L2CAP_MIN_OFFSET + 5)) != NULL) {
        p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;

        UINT8_TO_STREAM (p, GATT_RSP_ERROR);
        UINT8_TO_STREAM (p, cmd_code);
        UINT16_TO_STREAM(p, err_handle);
        UINT8_TO_STREAM (p, reason);

        p_buf->offset = L2CAP_MIN_OFFSET;
        /* GATT_HDR_SIZE (1B ERR_RSP op code+ 2B handle) + 1B cmd_op_code  + 1B status */
        p_buf->len = GATT_HDR_SIZE + 1 + 1;
    }
    return p_buf;
}
/*******************************************************************************
**
** Function         attp_build_browse_cmd
**
** Description      Build a read information request or read by type request
**
** Returns          None.
**
*******************************************************************************/
BT_HDR *attp_build_browse_cmd(UINT8 op_code, UINT16 s_hdl, UINT16 e_hdl, tBT_UUID uuid)
{
    BT_HDR      *p_buf = NULL;
    UINT8       *p;

    if ((p_buf = (BT_HDR *)osi_malloc(sizeof(BT_HDR) + 8 + L2CAP_MIN_OFFSET)) != NULL) {
        p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;
        /* Describe the built message location and size */
        p_buf->offset = L2CAP_MIN_OFFSET;
        p_buf->len = GATT_OP_CODE_SIZE + 4;

        UINT8_TO_STREAM (p, op_code);
        UINT16_TO_STREAM (p, s_hdl);
        UINT16_TO_STREAM (p, e_hdl);
        p_buf->len += gatt_build_uuid_to_stream(&p, uuid);
    }

    return p_buf;
}
/*******************************************************************************
**
** Function         attp_build_read_handles_cmd
**
** Description      Build a read by type and value request.
**
** Returns          pointer to the command buffer.
**
*******************************************************************************/
BT_HDR *attp_build_read_by_type_value_cmd (UINT16 payload_size, tGATT_FIND_TYPE_VALUE *p_value_type)
{
    BT_HDR      *p_buf = NULL;
    UINT8       *p;
    UINT16      len = p_value_type->value_len;

    if ((p_buf = (BT_HDR *)osi_malloc((UINT16)(sizeof(BT_HDR) + payload_size + L2CAP_MIN_OFFSET))) != NULL) {
        p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;

        p_buf->offset = L2CAP_MIN_OFFSET;
        p_buf->len = 5; /* opcode + s_handle + e_handle */

        UINT8_TO_STREAM  (p, GATT_REQ_FIND_TYPE_VALUE);
        UINT16_TO_STREAM (p, p_value_type->s_handle);
        UINT16_TO_STREAM (p, p_value_type->e_handle);

        p_buf->len += gatt_build_uuid_to_stream(&p, p_value_type->uuid);

        if (p_value_type->value_len +  p_buf->len > payload_size ) {
            len = payload_size - p_buf->len;
        }

        memcpy (p, p_value_type->value, len);
        p_buf->len += len;
    }

    return p_buf;
}
/*******************************************************************************
**
** Function         attp_build_read_multi_cmd
**
** Description      Build a read multiple request
**
** Returns          None.
**
*******************************************************************************/
BT_HDR *attp_build_read_multi_cmd(UINT16 payload_size, UINT16 num_handle, UINT16 *p_handle)
{
    BT_HDR      *p_buf = NULL;
    UINT8       *p, i = 0;

    if ((p_buf = (BT_HDR *)osi_malloc((UINT16)(sizeof(BT_HDR) + num_handle * 2 + 1 + L2CAP_MIN_OFFSET))) != NULL) {
        p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;

        p_buf->offset = L2CAP_MIN_OFFSET;
        p_buf->len = 1;

        UINT8_TO_STREAM (p, GATT_REQ_READ_MULTI);

        for (i = 0; i < num_handle && p_buf->len + 2 <= payload_size; i ++) {
            UINT16_TO_STREAM (p, *(p_handle + i));
            p_buf->len += 2;
        }
    }

    return p_buf;
}
/*******************************************************************************
**
** Function         attp_build_handle_cmd
**
** Description      Build a read /read blob request
**
** Returns          None.
**
*******************************************************************************/
BT_HDR *attp_build_handle_cmd(UINT8 op_code, UINT16 handle, UINT16 offset)
{
    BT_HDR      *p_buf = NULL;
    UINT8       *p;

    if ((p_buf = (BT_HDR *)osi_malloc(sizeof(BT_HDR) + 5 + L2CAP_MIN_OFFSET)) != NULL) {
        p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;

        p_buf->offset = L2CAP_MIN_OFFSET;

        UINT8_TO_STREAM (p, op_code);
        p_buf->len  = 1;

        UINT16_TO_STREAM (p, handle);
        p_buf->len += 2;

        if (op_code == GATT_REQ_READ_BLOB) {
            UINT16_TO_STREAM (p, offset);
            p_buf->len += 2;
        }

    }

    return p_buf;
}
/*******************************************************************************
**
** Function         attp_build_opcode_cmd
**
** Description      Build a  request/response with opcode only.
**
** Returns          None.
**
*******************************************************************************/
BT_HDR *attp_build_opcode_cmd(UINT8 op_code)
{
    BT_HDR      *p_buf = NULL;
    UINT8       *p;

    if ((p_buf = (BT_HDR *)osi_malloc(sizeof(BT_HDR) + 1 + L2CAP_MIN_OFFSET)) != NULL) {
        p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;
        p_buf->offset = L2CAP_MIN_OFFSET;

        UINT8_TO_STREAM (p, op_code);
        p_buf->len  = 1;
    }

    return p_buf;
}
/*******************************************************************************
**
** Function         attp_build_value_cmd
**
** Description      Build a attribute value request
**
** Returns          None.
**
*******************************************************************************/
BT_HDR *attp_build_value_cmd (UINT16 payload_size, UINT8 op_code, UINT16 handle,
                              UINT16 offset, UINT16 len, UINT8 *p_data)
{
    BT_HDR      *p_buf = NULL;
    UINT8       *p, *pp, pair_len, *p_pair_len;

    if ((p_buf = (BT_HDR *)osi_malloc((UINT16)(sizeof(BT_HDR) + payload_size + L2CAP_MIN_OFFSET))) != NULL) {
        p = pp = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;

        UINT8_TO_STREAM (p, op_code);
        p_buf->offset = L2CAP_MIN_OFFSET;
        p_buf->len = 1;

        if (op_code == GATT_RSP_READ_BY_TYPE) {
            p_pair_len = p;
            pair_len = len + 2;
            UINT8_TO_STREAM (p, pair_len);
            p_buf->len += 1;
        }
        if (op_code != GATT_RSP_READ_BLOB && op_code != GATT_RSP_READ) {
            UINT16_TO_STREAM (p, handle);
            p_buf->len += 2;
        }

        if (op_code == GATT_REQ_PREPARE_WRITE || op_code == GATT_RSP_PREPARE_WRITE ) {
            UINT16_TO_STREAM (p, offset);
            p_buf->len += 2;
        }

        if(payload_size < GATT_DEF_BLE_MTU_SIZE || payload_size > GATT_MAX_MTU_SIZE) {
            GATT_TRACE_ERROR("invalid payload_size %d", payload_size);
            osi_free(p_buf);
            return NULL;
        }

        if (len > 0 && p_data != NULL) {
            /* ensure data not exceed MTU size */
            if (payload_size - p_buf->len < len) {
                len = payload_size - p_buf->len;
                /* update handle value pair length */
                if (op_code == GATT_RSP_READ_BY_TYPE) {
                    *p_pair_len = (len + 2);
                }

                GATT_TRACE_WARNING("attribute value too long, to be truncated to %d", len);
            }

            ARRAY_TO_STREAM (p, p_data, len);
            p_buf->len += len;
        }
    }
    return p_buf;
}

/*******************************************************************************
**
** Function         attp_send_msg_to_l2cap
**
** Description      Send message to L2CAP.
**
*******************************************************************************/
tGATT_STATUS attp_send_msg_to_l2cap(tGATT_TCB *p_tcb, BT_HDR *p_toL2CAP)
{
    UINT16      l2cap_ret;


    if (p_tcb->att_lcid == L2CAP_ATT_CID) {
        l2cap_ret = L2CA_SendFixedChnlData (L2CAP_ATT_CID, p_tcb->peer_bda, p_toL2CAP);
    } else {
#if (CLASSIC_BT_INCLUDED == TRUE)
        l2cap_ret = (UINT16) L2CA_DataWrite (p_tcb->att_lcid, p_toL2CAP);
#else
        l2cap_ret = L2CAP_DW_FAILED;
#endif  ///CLASSIC_BT_INCLUDED == TRUE
    }

    if (l2cap_ret == L2CAP_DW_FAILED) {
        GATT_TRACE_DEBUG("ATT   failed to pass msg:0x%0x to L2CAP",
                         *((UINT8 *)(p_toL2CAP + 1) + p_toL2CAP->offset));
        return GATT_INTERNAL_ERROR;
    } else if (l2cap_ret == L2CAP_DW_CONGESTED) {
        GATT_TRACE_DEBUG("ATT congested, message accepted");
        return GATT_CONGESTED;
    }
    return GATT_SUCCESS;
}

/*******************************************************************************
**
** Function         attp_build_sr_msg
**
** Description      Build ATT Server PDUs.
**
*******************************************************************************/
BT_HDR *attp_build_sr_msg(tGATT_TCB *p_tcb, UINT8 op_code, tGATT_SR_MSG *p_msg)
{
    BT_HDR          *p_cmd = NULL;
    UINT16          offset = 0;

    switch (op_code) {
    case GATT_RSP_READ_BLOB:
    case GATT_RSP_PREPARE_WRITE:
    case GATT_RSP_READ_BY_TYPE:
    case GATT_RSP_READ:
    case GATT_HANDLE_VALUE_NOTIF:
    case GATT_HANDLE_VALUE_IND:
    case GATT_RSP_ERROR:
    case GATT_RSP_MTU:
    /* Need to check the validation of parameter p_msg*/
        if (p_msg == NULL) {
            GATT_TRACE_ERROR("Invalid parameters in %s, op_code=0x%x, the p_msg should not be NULL.", __func__, op_code);
            return NULL;
        }
        break;

    default:
        break;
    }

    switch (op_code) {
    case GATT_RSP_READ_BLOB:
    case GATT_RSP_PREPARE_WRITE:
        GATT_TRACE_EVENT ("ATT_RSP_READ_BLOB/GATT_RSP_PREPARE_WRITE: len = %d offset = %d",
                          p_msg->attr_value.len, p_msg->attr_value.offset);
        offset = p_msg->attr_value.offset;
    /* Coverity: [FALSE-POSITIVE error] intended fall through */
    /* Missing break statement between cases in switch statement */
    /* fall through */
    case GATT_RSP_READ_BY_TYPE:
    case GATT_RSP_READ:
    case GATT_HANDLE_VALUE_NOTIF:
    case GATT_HANDLE_VALUE_IND:
        p_cmd = attp_build_value_cmd(p_tcb->payload_size,
                                     op_code,
                                     p_msg->attr_value.handle,
                                     offset,
                                     p_msg->attr_value.len,
                                     p_msg->attr_value.value);
        break;

    case GATT_RSP_WRITE:
        p_cmd = attp_build_opcode_cmd(op_code);
        break;

    case GATT_RSP_ERROR:
        p_cmd = attp_build_err_cmd(p_msg->error.cmd_code, p_msg->error.handle, p_msg->error.reason);
        break;

    case GATT_RSP_EXEC_WRITE:
        p_cmd = attp_build_exec_write_cmd(op_code, 0);
        break;

    case GATT_RSP_MTU:
        p_cmd = attp_build_mtu_cmd(op_code, p_msg->mtu);
        break;

    default:
        GATT_TRACE_DEBUG("attp_build_sr_msg: unknown op code = %d", op_code);
        break;
    }

    if (!p_cmd) {
        GATT_TRACE_ERROR("No resources");
    }

    return p_cmd;
}

/*******************************************************************************
**
** Function         attp_send_sr_msg
**
** Description      This function sends the server response or indication message
**                  to client.
**
** Parameter        p_tcb: pointer to the connecton control block.
**                  p_msg: pointer to message parameters structure.
**
** Returns          GATT_SUCCESS if successfully sent; otherwise error code.
**
**
*******************************************************************************/
tGATT_STATUS attp_send_sr_msg (tGATT_TCB *p_tcb, BT_HDR *p_msg)
{
    tGATT_STATUS     cmd_sent = GATT_NO_RESOURCES;

    if (p_tcb != NULL) {
        if (p_msg != NULL) {
            p_msg->offset = L2CAP_MIN_OFFSET;
            cmd_sent = attp_send_msg_to_l2cap (p_tcb, p_msg);
        }
    }
    return cmd_sent;
}

/*******************************************************************************
**
** Function         attp_cl_send_cmd
**
** Description      Send a ATT command or enqueue it.
**
** Returns          GATT_SUCCESS if command sent
**                  GATT_CONGESTED if command sent but channel congested
**                  GATT_CMD_STARTED if command queue up in GATT
**                  GATT_ERROR if command sending failure
**
*******************************************************************************/
tGATT_STATUS attp_cl_send_cmd(tGATT_TCB *p_tcb, UINT16 clcb_idx, UINT8 cmd_code, BT_HDR *p_cmd)
{
    tGATT_STATUS att_ret = GATT_SUCCESS;

    if (p_tcb != NULL) {
        cmd_code &= ~GATT_AUTH_SIGN_MASK;

        /* no pending request or value confirmation */
        if (p_tcb->pending_cl_req == p_tcb->next_slot_inq ||
                cmd_code == GATT_HANDLE_VALUE_CONF) {
            att_ret = attp_send_msg_to_l2cap(p_tcb, p_cmd);
            if (att_ret == GATT_CONGESTED || att_ret == GATT_SUCCESS) {
                /* do not enq cmd if handle value confirmation or set request */
                if (cmd_code != GATT_HANDLE_VALUE_CONF && cmd_code != GATT_CMD_WRITE) {
                    gatt_start_rsp_timer (clcb_idx);
                    gatt_cmd_enq(p_tcb, clcb_idx, FALSE, cmd_code, NULL);
                }
            } else {
                att_ret = GATT_INTERNAL_ERROR;
            }
        } else {
            att_ret = GATT_CMD_STARTED;
            gatt_cmd_enq(p_tcb, clcb_idx, TRUE, cmd_code, p_cmd);
        }
    } else {
        att_ret = GATT_ERROR;
    }

    return att_ret;
}
/*******************************************************************************
**
** Function         attp_send_cl_msg
**
** Description      This function sends the client request or confirmation message
**                  to server.
**
** Parameter        p_tcb: pointer to the connection control block.
**                  clcb_idx: clcb index
**                  op_code: message op code.
**                  p_msg: pointer to message parameters structure.
**
** Returns          GATT_SUCCESS if successfully sent; otherwise error code.
**
**
*******************************************************************************/
tGATT_STATUS attp_send_cl_msg (tGATT_TCB *p_tcb, UINT16 clcb_idx, UINT8 op_code, tGATT_CL_MSG *p_msg)
{
    tGATT_STATUS     status = GATT_NO_RESOURCES;
    BT_HDR          *p_cmd = NULL;
    UINT16          offset = 0, handle;

    if (p_tcb != NULL) {
        switch (op_code) {
        case GATT_REQ_MTU:
            if (p_msg->mtu <= GATT_MAX_MTU_SIZE) {
                p_tcb->payload_size = p_msg->mtu;
                p_cmd = attp_build_mtu_cmd(GATT_REQ_MTU, p_msg->mtu);
            } else {
                status = GATT_ILLEGAL_PARAMETER;
            }
            break;

        case GATT_REQ_FIND_INFO:
        case GATT_REQ_READ_BY_TYPE:
        case GATT_REQ_READ_BY_GRP_TYPE:
            if (GATT_HANDLE_IS_VALID (p_msg->browse.s_handle) &&
                    GATT_HANDLE_IS_VALID (p_msg->browse.e_handle)  &&
                    p_msg->browse.s_handle <= p_msg->browse.e_handle) {
                p_cmd = attp_build_browse_cmd(op_code,
                                              p_msg->browse.s_handle,
                                              p_msg->browse.e_handle,
                                              p_msg->browse.uuid);
            } else {
                status = GATT_ILLEGAL_PARAMETER;
            }
            break;

        case GATT_REQ_READ_BLOB:
            offset = p_msg->read_blob.offset;
        /* fall through */
        case GATT_REQ_READ:
            handle = (op_code == GATT_REQ_READ) ? p_msg->handle : p_msg->read_blob.handle;
            /*  handle checking */
            if (GATT_HANDLE_IS_VALID (handle)) {
                p_cmd = attp_build_handle_cmd(op_code, handle, offset);
            } else {
                status = GATT_ILLEGAL_PARAMETER;
            }
            break;

        case GATT_HANDLE_VALUE_CONF:
            p_cmd = attp_build_opcode_cmd(op_code);
            break;

        case GATT_REQ_PREPARE_WRITE:
            offset = p_msg->attr_value.offset;
        /* fall through */
        case GATT_REQ_WRITE:
        case GATT_CMD_WRITE:
        case GATT_SIGN_CMD_WRITE:
            if (GATT_HANDLE_IS_VALID (p_msg->attr_value.handle)) {
                p_cmd = attp_build_value_cmd (p_tcb->payload_size,
                                              op_code, p_msg->attr_value.handle,
                                              offset,
                                              p_msg->attr_value.len,
                                              p_msg->attr_value.value);
            } else {
                status = GATT_ILLEGAL_PARAMETER;
            }
            break;

        case GATT_REQ_EXEC_WRITE:
            p_cmd = attp_build_exec_write_cmd(op_code, p_msg->exec_write);
            break;

        case GATT_REQ_FIND_TYPE_VALUE:
            p_cmd = attp_build_read_by_type_value_cmd(p_tcb->payload_size, &p_msg->find_type_value);
            break;

        case GATT_REQ_READ_MULTI:
            p_cmd = attp_build_read_multi_cmd(p_tcb->payload_size,
                                              p_msg->read_multi.num_handles,
                                              p_msg->read_multi.handles);
            break;

        default:
            break;
        }

        if (p_cmd != NULL) {
            status = attp_cl_send_cmd(p_tcb, clcb_idx, op_code, p_cmd);
        }

    } else {
        GATT_TRACE_ERROR("Peer device not connected");
    }

    return status;
}
#endif