1 /******************************************************************************
2 *
3 * Copyright (C) 2005-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18 #include <string.h>
19
20 #include "bt_target.h"
21 #if (BTA_HH_INCLUDED == TRUE)
22
23 #include "bta_hh_int.h"
24 #include "osi/include/osi.h"
25
26 /* if SSR max latency is not defined by remote device, set the default value
27 as half of the link supervision timeout */
28 #define BTA_HH_GET_DEF_SSR_MAX_LAT(x) ((x) >> 1)
29
30 /*****************************************************************************
31 * Constants
32 ****************************************************************************/
33 #define BTA_HH_KB_CTRL_MASK 0x11
34 #define BTA_HH_KB_SHIFT_MASK 0x22
35 #define BTA_HH_KB_ALT_MASK 0x44
36 #define BTA_HH_KB_GUI_MASK 0x88
37
38 #define BTA_HH_KB_CAPS_LOCK 0x39 /* caps lock */
39 #define BTA_HH_KB_NUM_LOCK 0x53 /* num lock */
40
41 #define BTA_HH_MAX_RPT_CHARS 8
42
43 static const uint8_t bta_hh_mod_key_mask[BTA_HH_MOD_MAX_KEY] = {
44 BTA_HH_KB_CTRL_MASK, BTA_HH_KB_SHIFT_MASK, BTA_HH_KB_ALT_MASK,
45 BTA_HH_KB_GUI_MASK};
46
47 /*******************************************************************************
48 *
49 * Function bta_hh_find_cb
50 *
51 * Description Find best available control block according to BD address.
52 *
53 *
54 * Returns void
55 *
56 ******************************************************************************/
bta_hh_find_cb(BD_ADDR bda)57 uint8_t bta_hh_find_cb(BD_ADDR bda) {
58 uint8_t xx;
59
60 /* See how many active devices there are. */
61 for (xx = 0; xx < BTA_HH_MAX_DEVICE; xx++) {
62 /* check if any active/known devices is a match */
63 if ((!bdcmp(bda, bta_hh_cb.kdev[xx].addr) &&
64 bdcmp(bda, bd_addr_null) != 0)) {
65 #if (BTA_HH_DEBUG == TRUE)
66 APPL_TRACE_DEBUG("found kdev_cb[%d] hid_handle = %d ", xx,
67 bta_hh_cb.kdev[xx].hid_handle)
68 #endif
69 return xx;
70 }
71 #if (BTA_HH_DEBUG == TRUE)
72 else
73 APPL_TRACE_DEBUG("in_use ? [%d] kdev[%d].hid_handle = %d state = [%d]",
74 bta_hh_cb.kdev[xx].in_use, xx,
75 bta_hh_cb.kdev[xx].hid_handle, bta_hh_cb.kdev[xx].state);
76 #endif
77 }
78
79 /* if no active device match, find a spot for it */
80 for (xx = 0; xx < BTA_HH_MAX_DEVICE; xx++) {
81 if (!bta_hh_cb.kdev[xx].in_use) {
82 bdcpy(bta_hh_cb.kdev[xx].addr, bda);
83 break;
84 }
85 }
86 /* If device list full, report BTA_HH_IDX_INVALID */
87 #if (BTA_HH_DEBUG == TRUE)
88 APPL_TRACE_DEBUG("bta_hh_find_cb:: index = %d while max = %d", xx,
89 BTA_HH_MAX_DEVICE);
90 #endif
91
92 if (xx == BTA_HH_MAX_DEVICE) xx = BTA_HH_IDX_INVALID;
93
94 return xx;
95 }
96
97 /*******************************************************************************
98 *
99 * Function bta_hh_clean_up_kdev
100 *
101 * Description Clean up device control block when device is removed from
102 * manitainace list, and update control block index map.
103 *
104 * Returns void
105 *
106 ******************************************************************************/
bta_hh_clean_up_kdev(tBTA_HH_DEV_CB * p_cb)107 void bta_hh_clean_up_kdev(tBTA_HH_DEV_CB* p_cb) {
108 uint8_t index;
109
110 if (p_cb->hid_handle != BTA_HH_INVALID_HANDLE) {
111 #if (BTA_HH_LE_INCLUDED == TRUE)
112 if (p_cb->is_le_device)
113 bta_hh_cb.le_cb_index[BTA_HH_GET_LE_CB_IDX(p_cb->hid_handle)] =
114 BTA_HH_IDX_INVALID;
115 else
116 #endif
117 bta_hh_cb.cb_index[p_cb->hid_handle] = BTA_HH_IDX_INVALID;
118 }
119
120 /* reset device control block */
121 index = p_cb->index; /* Preserve index for this control block */
122
123 /* Free buffer for report descriptor info */
124 osi_free_and_reset((void**)&p_cb->dscp_info.descriptor.dsc_list);
125
126 memset(p_cb, 0, sizeof(tBTA_HH_DEV_CB)); /* Reset control block */
127
128 p_cb->index = index; /* Restore index for this control block */
129 p_cb->state = BTA_HH_IDLE_ST;
130 p_cb->hid_handle = BTA_HH_INVALID_HANDLE;
131 }
132 /*******************************************************************************
133 *
134 * Function bta_hh_update_di_info
135 *
136 * Description Maintain a known device list for BTA HH.
137 *
138 * Returns void
139 *
140 ******************************************************************************/
bta_hh_update_di_info(tBTA_HH_DEV_CB * p_cb,uint16_t vendor_id,uint16_t product_id,uint16_t version,uint8_t flag)141 void bta_hh_update_di_info(tBTA_HH_DEV_CB* p_cb, uint16_t vendor_id,
142 uint16_t product_id, uint16_t version,
143 #if (BTA_HH_LE_INCLUDED == TRUE)
144 uint8_t flag)
145 #else
146 UNUSED_ATTR uint8_t flag)
147 #endif
148 {
149 #if (BTA_HH_DEBUG == TRUE)
150 APPL_TRACE_DEBUG("vendor_id = 0x%2x product_id = 0x%2x version = 0x%2x",
151 vendor_id, product_id, version);
152 #endif
153 p_cb->dscp_info.vendor_id = vendor_id;
154 p_cb->dscp_info.product_id = product_id;
155 p_cb->dscp_info.version = version;
156 #if (BTA_HH_LE_INCLUDED == TRUE)
157 p_cb->dscp_info.flag = flag;
158 #endif
159 }
160 /*******************************************************************************
161 *
162 * Function bta_hh_add_device_to_list
163 *
164 * Description Maintain a known device list for BTA HH.
165 *
166 * Returns void
167 *
168 ******************************************************************************/
bta_hh_add_device_to_list(tBTA_HH_DEV_CB * p_cb,uint8_t handle,uint16_t attr_mask,tHID_DEV_DSCP_INFO * p_dscp_info,uint8_t sub_class,uint16_t ssr_max_latency,uint16_t ssr_min_tout,uint8_t app_id)169 void bta_hh_add_device_to_list(tBTA_HH_DEV_CB* p_cb, uint8_t handle,
170 uint16_t attr_mask,
171 tHID_DEV_DSCP_INFO* p_dscp_info,
172 uint8_t sub_class, uint16_t ssr_max_latency,
173 uint16_t ssr_min_tout, uint8_t app_id) {
174 #if (BTA_HH_DEBUG == TRUE)
175 APPL_TRACE_DEBUG("subclass = 0x%2x", sub_class);
176 #endif
177
178 p_cb->hid_handle = handle;
179 p_cb->in_use = true;
180 p_cb->attr_mask = attr_mask;
181
182 p_cb->sub_class = sub_class;
183 p_cb->app_id = app_id;
184
185 p_cb->dscp_info.ssr_max_latency = ssr_max_latency;
186 p_cb->dscp_info.ssr_min_tout = ssr_min_tout;
187
188 /* store report descriptor info */
189 if (p_dscp_info) {
190 osi_free_and_reset((void**)&p_cb->dscp_info.descriptor.dsc_list);
191
192 if (p_dscp_info->dl_len) {
193 p_cb->dscp_info.descriptor.dsc_list =
194 (uint8_t*)osi_malloc(p_dscp_info->dl_len);
195 p_cb->dscp_info.descriptor.dl_len = p_dscp_info->dl_len;
196 memcpy(p_cb->dscp_info.descriptor.dsc_list, p_dscp_info->dsc_list,
197 p_dscp_info->dl_len);
198 }
199 }
200 }
201
202 /*******************************************************************************
203 *
204 * Function bta_hh_tod_spt
205 *
206 * Description Check to see if this type of device is supported
207 *
208 * Returns
209 *
210 ******************************************************************************/
bta_hh_tod_spt(tBTA_HH_DEV_CB * p_cb,uint8_t sub_class)211 bool bta_hh_tod_spt(tBTA_HH_DEV_CB* p_cb, uint8_t sub_class) {
212 uint8_t xx;
213 uint8_t cod = (sub_class >> 2); /* lower two bits are reserved */
214
215 for (xx = 0; xx < p_bta_hh_cfg->max_devt_spt; xx++) {
216 if (cod == (uint8_t)p_bta_hh_cfg->p_devt_list[xx].tod) {
217 p_cb->app_id = p_bta_hh_cfg->p_devt_list[xx].app_id;
218 #if (BTA_HH_DEBUG == TRUE)
219 APPL_TRACE_EVENT("bta_hh_tod_spt sub_class:0x%x supported", sub_class);
220 #endif
221 return true;
222 }
223 }
224 #if (BTA_HH_DEBUG == TRUE)
225 APPL_TRACE_EVENT("bta_hh_tod_spt sub_class:0x%x NOT supported", sub_class);
226 #endif
227 return false;
228 }
229
230 /*******************************************************************************
231 *
232 * Function bta_hh_parse_keybd_rpt
233 *
234 * Description This utility function parse a boot mode keyboard report.
235 *
236 * Returns void
237 *
238 ******************************************************************************/
bta_hh_parse_keybd_rpt(tBTA_HH_BOOT_RPT * p_kb_data,uint8_t * p_report,uint16_t report_len)239 void bta_hh_parse_keybd_rpt(tBTA_HH_BOOT_RPT* p_kb_data, uint8_t* p_report,
240 uint16_t report_len) {
241 tBTA_HH_KB_CB* p_kb = &bta_hh_cb.kb_cb;
242 tBTA_HH_KEYBD_RPT* p_data = &p_kb_data->data_rpt.keybd_rpt;
243
244 uint8_t this_char, ctl_shift;
245 uint16_t xx, yy, key_idx = 0;
246 uint8_t this_report[BTA_HH_MAX_RPT_CHARS];
247
248 #if (BTA_HH_DEBUG == TRUE)
249 APPL_TRACE_DEBUG("bta_hh_parse_keybd_rpt: (report=%p, report_len=%d) called",
250 p_report, report_len);
251 #endif
252
253 if (report_len < 2) return;
254
255 ctl_shift = *p_report++;
256 report_len--;
257
258 if (report_len > BTA_HH_MAX_RPT_CHARS) report_len = BTA_HH_MAX_RPT_CHARS;
259
260 memset(this_report, 0, BTA_HH_MAX_RPT_CHARS);
261 memset(p_data, 0, sizeof(tBTA_HH_KEYBD_RPT));
262 memcpy(this_report, p_report, report_len);
263
264 /* Take care of shift, control, GUI and alt, modifier keys */
265 for (xx = 0; xx < BTA_HH_MOD_MAX_KEY; xx++) {
266 if (ctl_shift & bta_hh_mod_key_mask[xx]) {
267 APPL_TRACE_DEBUG("Mod Key[%02x] pressed", bta_hh_mod_key_mask[xx]);
268 p_kb->mod_key[xx] = true;
269 } else if (p_kb->mod_key[xx]) {
270 p_kb->mod_key[xx] = false;
271 }
272 /* control key flag is set */
273 p_data->mod_key[xx] = p_kb->mod_key[xx];
274 }
275
276 /***************************************************************************/
277 /* First step is to remove all characters we saw in the last report */
278 /***************************************************************************/
279 for (xx = 0; xx < report_len; xx++) {
280 for (yy = 0; yy < BTA_HH_MAX_RPT_CHARS; yy++) {
281 if (this_report[xx] == p_kb->last_report[yy]) {
282 this_report[xx] = 0;
283 }
284 }
285 }
286 /***************************************************************************/
287 /* Now, process all the characters in the report, up to 6 keycodes */
288 /***************************************************************************/
289 for (xx = 0; xx < report_len; xx++) {
290 #if (BTA_HH_DEBUG == TRUE)
291 APPL_TRACE_DEBUG("this_char = %02x", this_report[xx]);
292 #endif
293 this_char = this_report[xx];
294 if (this_char == 0) continue;
295 /* take the key code as the report data */
296 if (this_report[xx] == BTA_HH_KB_CAPS_LOCK)
297 p_kb->caps_lock = p_kb->caps_lock ? false : true;
298 else if (this_report[xx] == BTA_HH_KB_NUM_LOCK)
299 p_kb->num_lock = p_kb->num_lock ? false : true;
300 else
301 p_data->this_char[key_idx++] = this_char;
302
303 #if (BTA_HH_DEBUG == TRUE)
304 APPL_TRACE_DEBUG("found keycode %02x ", this_report[xx]);
305 #endif
306 p_data->caps_lock = p_kb->caps_lock;
307 p_data->num_lock = p_kb->num_lock;
308 }
309
310 memset(p_kb->last_report, 0, BTA_HH_MAX_RPT_CHARS);
311 memcpy(p_kb->last_report, p_report, report_len);
312
313 return;
314 }
315
316 /*******************************************************************************
317 *
318 * Function bta_hh_parse_mice_rpt
319 *
320 * Description This utility function parse a boot mode mouse report.
321 *
322 * Returns void
323 *
324 ******************************************************************************/
bta_hh_parse_mice_rpt(tBTA_HH_BOOT_RPT * p_mice_data,uint8_t * p_report,uint16_t report_len)325 void bta_hh_parse_mice_rpt(tBTA_HH_BOOT_RPT* p_mice_data, uint8_t* p_report,
326 uint16_t report_len) {
327 tBTA_HH_MICE_RPT* p_data = &p_mice_data->data_rpt.mice_rpt;
328 #if (BTA_HH_DEBUG == TRUE)
329 uint8_t xx;
330
331 APPL_TRACE_DEBUG(
332 "bta_hh_parse_mice_rpt: bta_keybd_rpt_rcvd(report=%p, \
333 report_len=%d) called",
334 p_report, report_len);
335 #endif
336
337 if (report_len < 3) return;
338
339 if (report_len > BTA_HH_MAX_RPT_CHARS) report_len = BTA_HH_MAX_RPT_CHARS;
340
341 #if (BTA_HH_DEBUG == TRUE)
342 for (xx = 0; xx < report_len; xx++) {
343 APPL_TRACE_DEBUG("this_char = %02x", p_report[xx]);
344 }
345 #endif
346
347 /* only first bytes lower 3 bits valid */
348 p_data->mouse_button = (p_report[0] & 0x07);
349
350 /* x displacement */
351 p_data->delta_x = p_report[1];
352
353 /* y displacement */
354 p_data->delta_y = p_report[2];
355
356 #if (BTA_HH_DEBUG == TRUE)
357 APPL_TRACE_DEBUG("mice button: 0x%2x", p_data->mouse_button);
358 APPL_TRACE_DEBUG("mice move: x = %d y = %d", p_data->delta_x,
359 p_data->delta_y);
360 #endif
361
362 return;
363 }
364
365 /*******************************************************************************
366 *
367 * Function bta_hh_read_ssr_param
368 *
369 * Description Read the SSR Parameter for the remote device
370 *
371 * Returns tBTA_HH_STATUS operation status
372 *
373 ******************************************************************************/
bta_hh_read_ssr_param(BD_ADDR bd_addr,uint16_t * p_max_ssr_lat,uint16_t * p_min_ssr_tout)374 tBTA_HH_STATUS bta_hh_read_ssr_param(BD_ADDR bd_addr, uint16_t* p_max_ssr_lat,
375 uint16_t* p_min_ssr_tout) {
376 tBTA_HH_STATUS status = BTA_HH_ERR;
377 tBTA_HH_CB* p_cb = &bta_hh_cb;
378 uint8_t i;
379 uint16_t ssr_max_latency;
380 for (i = 0; i < BTA_HH_MAX_KNOWN; i++) {
381 if (memcmp(p_cb->kdev[i].addr, bd_addr, BD_ADDR_LEN) == 0) {
382 /* if remote device does not have HIDSSRHostMaxLatency attribute in SDP,
383 set SSR max latency default value here. */
384 if (p_cb->kdev[i].dscp_info.ssr_max_latency == HID_SSR_PARAM_INVALID) {
385 /* The default is calculated as half of link supervision timeout.*/
386
387 BTM_GetLinkSuperTout(p_cb->kdev[i].addr, &ssr_max_latency);
388 ssr_max_latency = BTA_HH_GET_DEF_SSR_MAX_LAT(ssr_max_latency);
389
390 /* per 1.1 spec, if the newly calculated max latency is greater than
391 BTA_HH_SSR_MAX_LATENCY_DEF which is 500ms, use
392 BTA_HH_SSR_MAX_LATENCY_DEF */
393 if (ssr_max_latency > BTA_HH_SSR_MAX_LATENCY_DEF)
394 ssr_max_latency = BTA_HH_SSR_MAX_LATENCY_DEF;
395
396 *p_max_ssr_lat = ssr_max_latency;
397 } else
398 *p_max_ssr_lat = p_cb->kdev[i].dscp_info.ssr_max_latency;
399
400 if (p_cb->kdev[i].dscp_info.ssr_min_tout == HID_SSR_PARAM_INVALID)
401 *p_min_ssr_tout = BTA_HH_SSR_MIN_TOUT_DEF;
402 else
403 *p_min_ssr_tout = p_cb->kdev[i].dscp_info.ssr_min_tout;
404
405 status = BTA_HH_OK;
406
407 break;
408 }
409 }
410
411 return status;
412 }
413
414 /*******************************************************************************
415 *
416 * Function bta_hh_cleanup_disable
417 *
418 * Description when disable finished, cleanup control block and send
419 * callback
420 *
421 *
422 * Returns void
423 *
424 ******************************************************************************/
bta_hh_cleanup_disable(tBTA_HH_STATUS status)425 void bta_hh_cleanup_disable(tBTA_HH_STATUS status) {
426 uint8_t xx;
427 /* free buffer in CB holding report descriptors */
428 for (xx = 0; xx < BTA_HH_MAX_DEVICE; xx++) {
429 osi_free_and_reset(
430 (void**)&bta_hh_cb.kdev[xx].dscp_info.descriptor.dsc_list);
431 }
432
433 if (bta_hh_cb.p_disc_db) {
434 /* Cancel SDP if it had been started. */
435 (void)SDP_CancelServiceSearch (bta_hh_cb.p_disc_db);
436 osi_free_and_reset((void**)&bta_hh_cb.p_disc_db);
437 }
438
439 if (bta_hh_cb.p_cback) {
440 (*bta_hh_cb.p_cback)(BTA_HH_DISABLE_EVT, (tBTA_HH*)&status);
441 /* all connections are down, no waiting for diconnect */
442 memset(&bta_hh_cb, 0, sizeof(tBTA_HH_CB));
443 }
444 }
445
446 /*******************************************************************************
447 *
448 * Function bta_hh_dev_handle_to_cb_idx
449 *
450 * Description convert a HID device handle to the device control block
451 * index.
452 *
453 *
454 * Returns uint8_t: index of the device control block.
455 *
456 ******************************************************************************/
bta_hh_dev_handle_to_cb_idx(uint8_t dev_handle)457 uint8_t bta_hh_dev_handle_to_cb_idx(uint8_t dev_handle) {
458 uint8_t index = BTA_HH_IDX_INVALID;
459
460 #if (BTA_HH_LE_INCLUDED == TRUE)
461 if (BTA_HH_IS_LE_DEV_HDL(dev_handle)) {
462 if (BTA_HH_IS_LE_DEV_HDL_VALID(dev_handle))
463 index = bta_hh_cb.le_cb_index[BTA_HH_GET_LE_CB_IDX(dev_handle)];
464 #if (BTA_HH_DEBUG == TRUE)
465 APPL_TRACE_DEBUG("bta_hh_dev_handle_to_cb_idx dev_handle = %d index = %d",
466 dev_handle, index);
467 #endif
468 } else
469 #endif
470 /* regular HID device checking */
471 if (dev_handle < BTA_HH_MAX_KNOWN)
472 index = bta_hh_cb.cb_index[dev_handle];
473
474 return index;
475 }
476 #if (BTA_HH_DEBUG == TRUE)
477 /*******************************************************************************
478 *
479 * Function bta_hh_trace_dev_db
480 *
481 * Description Check to see if this type of device is supported
482 *
483 * Returns
484 *
485 ******************************************************************************/
bta_hh_trace_dev_db(void)486 void bta_hh_trace_dev_db(void) {
487 uint8_t xx;
488
489 APPL_TRACE_DEBUG("bta_hh_trace_dev_db:: Device DB list********************");
490
491 for (xx = 0; xx < BTA_HH_MAX_DEVICE; xx++) {
492 APPL_TRACE_DEBUG("kdev[%d] in_use[%d] handle[%d] ", xx,
493 bta_hh_cb.kdev[xx].in_use, bta_hh_cb.kdev[xx].hid_handle);
494
495 APPL_TRACE_DEBUG(
496 "\t\t\t attr_mask[%04x] state [%d] sub_class[%02x] index = %d",
497 bta_hh_cb.kdev[xx].attr_mask, bta_hh_cb.kdev[xx].state,
498 bta_hh_cb.kdev[xx].sub_class, bta_hh_cb.kdev[xx].index);
499 }
500 APPL_TRACE_DEBUG("*********************************************************");
501 }
502 #endif
503 #endif /* HL_INCLUDED */
504