1 /******************************************************************************
2  *
3  *  Copyright 2014 Google, Inc.
4  *
5  *  Licensed under the Apache License, Version 2.0 (the "License");
6  *  you may not use this file except in compliance with the License.
7  *  You may obtain a copy of the License at:
8  *
9  *  http://www.apache.org/licenses/LICENSE-2.0
10  *
11  *  Unless required by applicable law or agreed to in writing, software
12  *  distributed under the License is distributed on an "AS IS" BASIS,
13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  *  See the License for the specific language governing permissions and
15  *  limitations under the License.
16  *
17  ******************************************************************************/
18 
19 #define LOG_TAG "bt_hci"
20 
21 #include "hci_packet_parser.h"
22 
23 #include <base/logging.h>
24 
25 #include "buffer_allocator.h"
26 #include "hci_layer.h"
27 #include "hcimsgs.h"
28 #include "osi/include/log.h"
29 
30 static const command_opcode_t NO_OPCODE_CHECKING = 0;
31 
32 static const allocator_t* buffer_allocator;
33 
34 static uint8_t* read_command_complete_header(BT_HDR* response,
35                                              command_opcode_t expected_opcode,
36                                              size_t minimum_bytes_after);
37 
parse_generic_command_complete(BT_HDR * response)38 static void parse_generic_command_complete(BT_HDR* response) {
39   read_command_complete_header(response, NO_OPCODE_CHECKING,
40                                0 /* bytes after */);
41 
42   buffer_allocator->free(response);
43 }
44 
parse_read_buffer_size_response(BT_HDR * response,uint16_t * data_size_ptr,uint16_t * acl_buffer_count_ptr)45 static void parse_read_buffer_size_response(BT_HDR* response,
46                                             uint16_t* data_size_ptr,
47                                             uint16_t* acl_buffer_count_ptr) {
48   uint8_t* stream = read_command_complete_header(response, HCI_READ_BUFFER_SIZE,
49                                                  5 /* bytes after */);
50   CHECK(stream != NULL);
51   STREAM_TO_UINT16(*data_size_ptr, stream);
52   STREAM_SKIP_UINT8(stream);  // skip the sco packet length
53   STREAM_TO_UINT16(*acl_buffer_count_ptr, stream);
54 
55   buffer_allocator->free(response);
56 }
57 
parse_read_local_version_info_response(BT_HDR * response,bt_version_t * bt_version)58 static void parse_read_local_version_info_response(BT_HDR* response,
59                                                    bt_version_t* bt_version) {
60   uint8_t* stream = read_command_complete_header(
61       response, HCI_READ_LOCAL_VERSION_INFO, 8 /* bytes after */);
62   CHECK(stream != NULL);
63   STREAM_TO_UINT8(bt_version->hci_version, stream);
64   STREAM_TO_UINT16(bt_version->hci_revision, stream);
65   STREAM_TO_UINT8(bt_version->lmp_version, stream);
66   STREAM_TO_UINT16(bt_version->manufacturer, stream);
67   STREAM_TO_UINT16(bt_version->lmp_subversion, stream);
68 
69   buffer_allocator->free(response);
70 }
71 
parse_read_local_supported_codecs_response(BT_HDR * response,uint8_t * number_of_local_supported_codecs,uint8_t * local_supported_codecs)72 static void parse_read_local_supported_codecs_response(
73     BT_HDR* response, uint8_t* number_of_local_supported_codecs,
74     uint8_t* local_supported_codecs) {
75   uint8_t* stream = read_command_complete_header(
76       response, HCI_READ_LOCAL_SUPPORTED_CODECS, 0 /* bytes after */);
77   if (stream) {
78     STREAM_TO_UINT8(*number_of_local_supported_codecs, stream);
79     for (uint8_t i = 0; i < *number_of_local_supported_codecs; i++) {
80       STREAM_TO_UINT8(*local_supported_codecs, stream);
81       local_supported_codecs++;
82     }
83   }
84 
85   buffer_allocator->free(response);
86 }
87 
parse_read_bd_addr_response(BT_HDR * response,RawAddress * address_ptr)88 static void parse_read_bd_addr_response(BT_HDR* response,
89                                         RawAddress* address_ptr) {
90   uint8_t* stream = read_command_complete_header(
91       response, HCI_READ_BD_ADDR, RawAddress::kLength /* bytes after */);
92   CHECK(stream != NULL);
93   STREAM_TO_BDADDR(*address_ptr, stream);
94 
95   buffer_allocator->free(response);
96 }
97 
parse_read_local_supported_commands_response(BT_HDR * response,uint8_t * supported_commands_ptr,size_t supported_commands_length)98 static void parse_read_local_supported_commands_response(
99     BT_HDR* response, uint8_t* supported_commands_ptr,
100     size_t supported_commands_length) {
101   uint8_t* stream =
102       read_command_complete_header(response, HCI_READ_LOCAL_SUPPORTED_CMDS,
103                                    supported_commands_length /* bytes after */);
104   CHECK(stream != NULL);
105   STREAM_TO_ARRAY(supported_commands_ptr, stream,
106                   (int)supported_commands_length);
107 
108   buffer_allocator->free(response);
109 }
110 
parse_read_local_extended_features_response(BT_HDR * response,uint8_t * page_number_ptr,uint8_t * max_page_number_ptr,bt_device_features_t * feature_pages,size_t feature_pages_count)111 static void parse_read_local_extended_features_response(
112     BT_HDR* response, uint8_t* page_number_ptr, uint8_t* max_page_number_ptr,
113     bt_device_features_t* feature_pages, size_t feature_pages_count) {
114   uint8_t* stream = read_command_complete_header(
115       response, HCI_READ_LOCAL_EXT_FEATURES,
116       2 + sizeof(bt_device_features_t) /* bytes after */);
117   CHECK(stream != NULL);
118 
119   STREAM_TO_UINT8(*page_number_ptr, stream);
120   STREAM_TO_UINT8(*max_page_number_ptr, stream);
121 
122   CHECK(*page_number_ptr < feature_pages_count);
123   STREAM_TO_ARRAY(feature_pages[*page_number_ptr].as_array, stream,
124                   (int)sizeof(bt_device_features_t));
125 
126   buffer_allocator->free(response);
127 }
128 
parse_ble_read_acceptlist_size_response(BT_HDR * response,uint8_t * acceptlist_size_ptr)129 static void parse_ble_read_acceptlist_size_response(
130     BT_HDR* response, uint8_t* acceptlist_size_ptr) {
131   uint8_t* stream = read_command_complete_header(
132       response, HCI_BLE_READ_ACCEPTLIST_SIZE, 1 /* byte after */);
133   CHECK(stream != NULL);
134   STREAM_TO_UINT8(*acceptlist_size_ptr, stream);
135 
136   buffer_allocator->free(response);
137 }
138 
parse_ble_read_buffer_size_response(BT_HDR * response,uint16_t * data_size_ptr,uint8_t * acl_buffer_count_ptr)139 static void parse_ble_read_buffer_size_response(BT_HDR* response,
140                                                 uint16_t* data_size_ptr,
141                                                 uint8_t* acl_buffer_count_ptr) {
142   uint8_t* stream = read_command_complete_header(
143       response, HCI_BLE_READ_BUFFER_SIZE, 3 /* bytes after */);
144   CHECK(stream != NULL);
145   STREAM_TO_UINT16(*data_size_ptr, stream);
146   STREAM_TO_UINT8(*acl_buffer_count_ptr, stream);
147 
148   buffer_allocator->free(response);
149 }
150 
parse_ble_read_buffer_size_v2_response(BT_HDR * response,uint16_t * acl_data_size_ptr,uint8_t * acl_buffer_count_ptr,uint16_t * iso_data_size_ptr,uint8_t * iso_buffer_count_ptr)151 static void parse_ble_read_buffer_size_v2_response(
152     BT_HDR* response, uint16_t* acl_data_size_ptr,
153     uint8_t* acl_buffer_count_ptr, uint16_t* iso_data_size_ptr,
154     uint8_t* iso_buffer_count_ptr) {
155   uint8_t* stream = read_command_complete_header(
156       response, HCI_BLE_READ_BUFFER_SIZE_V2, 6 /* bytes after */);
157   CHECK(stream != NULL);
158   STREAM_TO_UINT16(*acl_data_size_ptr, stream);
159   STREAM_TO_UINT8(*acl_buffer_count_ptr, stream);
160   STREAM_TO_UINT16(*iso_data_size_ptr, stream);
161   STREAM_TO_UINT8(*iso_buffer_count_ptr, stream);
162 
163   buffer_allocator->free(response);
164 }
165 
parse_ble_read_supported_states_response(BT_HDR * response,uint8_t * supported_states,size_t supported_states_size)166 static void parse_ble_read_supported_states_response(
167     BT_HDR* response, uint8_t* supported_states, size_t supported_states_size) {
168   uint8_t* stream =
169       read_command_complete_header(response, HCI_BLE_READ_SUPPORTED_STATES,
170                                    supported_states_size /* bytes after */);
171   CHECK(stream != NULL);
172   STREAM_TO_ARRAY(supported_states, stream, (int)supported_states_size);
173 
174   buffer_allocator->free(response);
175 }
176 
parse_ble_read_local_supported_features_response(BT_HDR * response,bt_device_features_t * supported_features)177 static void parse_ble_read_local_supported_features_response(
178     BT_HDR* response, bt_device_features_t* supported_features) {
179   uint8_t* stream = read_command_complete_header(
180       response, HCI_BLE_READ_LOCAL_SPT_FEAT,
181       sizeof(bt_device_features_t) /* bytes after */);
182   CHECK(stream != NULL);
183   STREAM_TO_ARRAY(supported_features->as_array, stream,
184                   (int)sizeof(bt_device_features_t));
185 
186   buffer_allocator->free(response);
187 }
188 
parse_ble_read_resolving_list_size_response(BT_HDR * response,uint8_t * resolving_list_size_ptr)189 static void parse_ble_read_resolving_list_size_response(
190     BT_HDR* response, uint8_t* resolving_list_size_ptr) {
191   uint8_t* stream = read_command_complete_header(
192       response, HCI_BLE_READ_RESOLVING_LIST_SIZE, 1 /* bytes after */);
193   if (stream) {
194     STREAM_TO_UINT8(*resolving_list_size_ptr, stream);
195   }
196   buffer_allocator->free(response);
197 }
198 
parse_ble_read_suggested_default_data_length_response(BT_HDR * response,uint16_t * ble_default_packet_length_ptr)199 static void parse_ble_read_suggested_default_data_length_response(
200     BT_HDR* response, uint16_t* ble_default_packet_length_ptr) {
201   uint8_t* stream = read_command_complete_header(
202       response, HCI_BLE_READ_DEFAULT_DATA_LENGTH, 2 /* bytes after */);
203   if (stream) {
204     STREAM_TO_UINT16(*ble_default_packet_length_ptr, stream);
205   }
206   buffer_allocator->free(response);
207 }
208 
parse_ble_read_maximum_data_length_response(BT_HDR * response,uint16_t * ble_supported_max_tx_octets,uint16_t * ble_supported_max_tx_time,uint16_t * ble_supported_max_rx_octets,uint16_t * ble_supported_max_rx_time)209 static void parse_ble_read_maximum_data_length_response(
210     BT_HDR* response, uint16_t* ble_supported_max_tx_octets,
211     uint16_t* ble_supported_max_tx_time, uint16_t* ble_supported_max_rx_octets,
212     uint16_t* ble_supported_max_rx_time) {
213   uint8_t* stream = read_command_complete_header(
214       response, HCI_BLE_READ_MAXIMUM_DATA_LENGTH, 8 /* bytes after */);
215   if (stream) {
216     STREAM_TO_UINT16(*ble_supported_max_tx_octets, stream);
217     STREAM_TO_UINT16(*ble_supported_max_tx_time, stream);
218     STREAM_TO_UINT16(*ble_supported_max_rx_octets, stream);
219     STREAM_TO_UINT16(*ble_supported_max_rx_time, stream);
220   }
221   buffer_allocator->free(response);
222 }
223 
parse_ble_read_maximum_advertising_data_length(BT_HDR * response,uint16_t * ble_maximum_advertising_data_length_ptr)224 static void parse_ble_read_maximum_advertising_data_length(
225     BT_HDR* response, uint16_t* ble_maximum_advertising_data_length_ptr) {
226   uint8_t* stream = read_command_complete_header(
227       response, HCI_LE_READ_MAXIMUM_ADVERTISING_DATA_LENGTH,
228       2 /* bytes after */);
229   if (stream) {
230     STREAM_TO_UINT16(*ble_maximum_advertising_data_length_ptr, stream);
231   }
232   buffer_allocator->free(response);
233 }
234 
parse_ble_read_number_of_supported_advertising_sets(BT_HDR * response,uint8_t * ble_number_of_supported_advertising_sets_ptr)235 static void parse_ble_read_number_of_supported_advertising_sets(
236     BT_HDR* response, uint8_t* ble_number_of_supported_advertising_sets_ptr) {
237   uint8_t* stream = read_command_complete_header(
238       response, HCI_LE_READ_NUMBER_OF_SUPPORTED_ADVERTISING_SETS,
239       1 /* bytes after */);
240   if (stream) {
241     STREAM_TO_UINT8(*ble_number_of_supported_advertising_sets_ptr, stream);
242   }
243   buffer_allocator->free(response);
244 }
245 
parse_ble_read_size_of_advertiser_list(BT_HDR * response,uint8_t * ble_size_of_advertiser_list_ptr)246 static void parse_ble_read_size_of_advertiser_list(
247     BT_HDR* response, uint8_t* ble_size_of_advertiser_list_ptr) {
248   uint8_t* stream = read_command_complete_header(
249       response, HCI_BLE_READ_PERIODIC_ADVERTISER_LIST_SIZE,
250       1 /* bytes after */);
251   if (stream) {
252     STREAM_TO_UINT8(*ble_size_of_advertiser_list_ptr, stream);
253   }
254   buffer_allocator->free(response);
255 }
256 
257 // Internal functions
258 
read_command_complete_header(BT_HDR * response,command_opcode_t expected_opcode,size_t minimum_bytes_after)259 static uint8_t* read_command_complete_header(BT_HDR* response,
260                                              command_opcode_t expected_opcode,
261                                              size_t minimum_bytes_after) {
262   uint8_t* stream = response->data + response->offset;
263 
264   // Read the event header
265   uint8_t event_code;
266   uint8_t parameter_length;
267   STREAM_TO_UINT8(event_code, stream);
268   STREAM_TO_UINT8(parameter_length, stream);
269 
270   const size_t parameter_bytes_we_read_here = 4;
271 
272   // Check the event header values against what we expect
273   CHECK(event_code == HCI_COMMAND_COMPLETE_EVT);
274   CHECK(parameter_length >=
275         (parameter_bytes_we_read_here + minimum_bytes_after));
276 
277   // Read the command complete header
278   command_opcode_t opcode;
279   uint8_t status;
280   STREAM_SKIP_UINT8(stream);  // skip the number of hci command packets field
281   STREAM_TO_UINT16(opcode, stream);
282 
283   // Check the command complete header values against what we expect
284   if (expected_opcode != NO_OPCODE_CHECKING) {
285     CHECK(opcode == expected_opcode);
286   }
287 
288   // Assume the next field is the status field
289   STREAM_TO_UINT8(status, stream);
290 
291   if (status != HCI_SUCCESS) {
292     LOG_ERROR("%s: return status - 0x%x", __func__, status);
293     return NULL;
294   }
295 
296   return stream;
297 }
298 
299 static const hci_packet_parser_t interface = {
300     parse_generic_command_complete,
301     parse_read_buffer_size_response,
302     parse_read_local_version_info_response,
303     parse_read_bd_addr_response,
304     parse_read_local_supported_commands_response,
305     parse_read_local_extended_features_response,
306     parse_ble_read_acceptlist_size_response,
307     parse_ble_read_buffer_size_response,
308     parse_ble_read_buffer_size_v2_response,
309     parse_ble_read_supported_states_response,
310     parse_ble_read_local_supported_features_response,
311     parse_ble_read_resolving_list_size_response,
312     parse_ble_read_suggested_default_data_length_response,
313     parse_ble_read_maximum_data_length_response,
314     parse_ble_read_maximum_advertising_data_length,
315     parse_ble_read_number_of_supported_advertising_sets,
316     parse_ble_read_size_of_advertiser_list,
317     parse_read_local_supported_codecs_response};
318 
hci_packet_parser_get_interface()319 const hci_packet_parser_t* hci_packet_parser_get_interface() {
320   buffer_allocator = buffer_allocator_get_interface();
321   return &interface;
322 }
323 
hci_packet_parser_get_test_interface(allocator_t * buffer_allocator_interface)324 const hci_packet_parser_t* hci_packet_parser_get_test_interface(
325     allocator_t* buffer_allocator_interface) {
326   buffer_allocator = buffer_allocator_interface;
327   return &interface;
328 }
329