| /* gatt.c - Generic Attribute Profile handling */ |
| |
| /* |
| * Copyright (c) 2015-2016 Intel Corporation |
| * |
| * SPDX-License-Identifier: Apache-2.0 |
| */ |
| |
| #include <zephyr/zephyr.h> |
| #include <string.h> |
| #include <errno.h> |
| #include <stdbool.h> |
| #include <stdlib.h> |
| #include <zephyr/sys/atomic.h> |
| #include <zephyr/sys/byteorder.h> |
| #include <zephyr/sys/util.h> |
| #include <zephyr/sys/check.h> |
| |
| #include <zephyr/settings/settings.h> |
| |
| #if defined(CONFIG_BT_GATT_CACHING) |
| #include <tinycrypt/constants.h> |
| #include <tinycrypt/utils.h> |
| #include <tinycrypt/aes.h> |
| #include <tinycrypt/cmac_mode.h> |
| #include <tinycrypt/ccm_mode.h> |
| #endif /* CONFIG_BT_GATT_CACHING */ |
| |
| #include <zephyr/bluetooth/hci.h> |
| #include <zephyr/bluetooth/bluetooth.h> |
| #include <zephyr/bluetooth/conn.h> |
| #include <zephyr/bluetooth/uuid.h> |
| #include <zephyr/bluetooth/gatt.h> |
| #include <zephyr/drivers/bluetooth/hci_driver.h> |
| |
| #define BT_DBG_ENABLED IS_ENABLED(CONFIG_BT_DEBUG_GATT) |
| #define LOG_MODULE_NAME bt_gatt |
| #include "common/log.h" |
| |
| #include "hci_core.h" |
| #include "conn_internal.h" |
| #include "keys.h" |
| #include "l2cap_internal.h" |
| #include "att_internal.h" |
| #include "smp.h" |
| #include "settings.h" |
| #include "gatt_internal.h" |
| #include "long_wq.h" |
| |
| #define SC_TIMEOUT K_MSEC(10) |
| #define CCC_STORE_DELAY K_SECONDS(1) |
| |
| #define DB_HASH_TIMEOUT K_MSEC(10) |
| |
| static uint16_t last_static_handle; |
| |
| /* Persistent storage format for GATT CCC */ |
| struct ccc_store { |
| uint16_t handle; |
| uint16_t value; |
| }; |
| |
| struct gatt_sub { |
| uint8_t id; |
| bt_addr_le_t peer; |
| sys_slist_t list; |
| }; |
| |
| #if defined(CONFIG_BT_GATT_CLIENT) |
| #define SUB_MAX (CONFIG_BT_MAX_PAIRED + CONFIG_BT_MAX_CONN) |
| #else |
| #define SUB_MAX 0 |
| #endif /* CONFIG_BT_GATT_CLIENT */ |
| |
| /** |
| * Entry x is free for reuse whenever (subscriptions[x].peer == BT_ADDR_LE_ANY). |
| * Invariant: (sys_slist_is_empty(subscriptions[x].list)) |
| * <=> (subscriptions[x].peer == BT_ADDR_LE_ANY). |
| */ |
| static struct gatt_sub subscriptions[SUB_MAX]; |
| static sys_slist_t callback_list; |
| |
| #if defined(CONFIG_BT_GATT_DYNAMIC_DB) |
| static sys_slist_t db; |
| #endif /* CONFIG_BT_GATT_DYNAMIC_DB */ |
| |
| static atomic_t init; |
| static atomic_t service_init; |
| |
| static ssize_t read_name(struct bt_conn *conn, const struct bt_gatt_attr *attr, |
| void *buf, uint16_t len, uint16_t offset) |
| { |
| const char *name = bt_get_name(); |
| |
| return bt_gatt_attr_read(conn, attr, buf, len, offset, name, |
| strlen(name)); |
| } |
| |
| #if defined(CONFIG_BT_DEVICE_NAME_GATT_WRITABLE) |
| |
| static ssize_t write_name(struct bt_conn *conn, const struct bt_gatt_attr *attr, |
| const void *buf, uint16_t len, uint16_t offset, |
| uint8_t flags) |
| { |
| char value[CONFIG_BT_DEVICE_NAME_MAX] = {}; |
| |
| if (offset >= sizeof(value)) { |
| return BT_GATT_ERR(BT_ATT_ERR_INVALID_OFFSET); |
| } |
| |
| if (offset + len >= sizeof(value)) { |
| return BT_GATT_ERR(BT_ATT_ERR_INVALID_ATTRIBUTE_LEN); |
| } |
| |
| memcpy(value, buf, len); |
| |
| bt_set_name(value); |
| |
| return len; |
| } |
| |
| #endif /* CONFIG_BT_DEVICE_NAME_GATT_WRITABLE */ |
| |
| static ssize_t read_appearance(struct bt_conn *conn, |
| const struct bt_gatt_attr *attr, void *buf, |
| uint16_t len, uint16_t offset) |
| { |
| uint16_t appearance = sys_cpu_to_le16(bt_get_appearance()); |
| |
| return bt_gatt_attr_read(conn, attr, buf, len, offset, &appearance, |
| sizeof(appearance)); |
| } |
| |
| #if defined(CONFIG_BT_DEVICE_APPEARANCE_GATT_WRITABLE) |
| static ssize_t write_appearance(struct bt_conn *conn, const struct bt_gatt_attr *attr, |
| const void *buf, uint16_t len, uint16_t offset, |
| uint8_t flags) |
| { |
| uint16_t appearance_le = sys_cpu_to_le16(bt_get_appearance()); |
| char * const appearance_le_bytes = (char *)&appearance_le; |
| uint16_t appearance; |
| int err; |
| |
| if (offset >= sizeof(appearance_le)) { |
| return BT_GATT_ERR(BT_ATT_ERR_INVALID_OFFSET); |
| } |
| |
| if ((offset + len) > sizeof(appearance_le)) { |
| return BT_GATT_ERR(BT_ATT_ERR_INVALID_ATTRIBUTE_LEN); |
| } |
| |
| memcpy(&appearance_le_bytes[offset], buf, len); |
| appearance = sys_le16_to_cpu(appearance_le); |
| |
| err = bt_set_appearance(appearance); |
| |
| if (err) { |
| return BT_GATT_ERR(BT_ATT_ERR_UNLIKELY); |
| } |
| |
| return len; |
| } |
| #endif /* CONFIG_BT_DEVICE_APPEARANCE_GATT_WRITABLE */ |
| |
| #if CONFIG_BT_DEVICE_APPEARANCE_GATT_WRITABLE |
| #define GAP_APPEARANCE_PROPS (BT_GATT_CHRC_READ | BT_GATT_CHRC_WRITE) |
| #define GAP_APPEARANCE_PERMS (BT_GATT_PERM_READ | BT_GATT_PERM_WRITE_AUTHEN) |
| #define GAP_APPEARANCE_WRITE_HANDLER write_appearance |
| #else |
| #define GAP_APPEARANCE_PROPS BT_GATT_CHRC_READ |
| #define GAP_APPEARANCE_PERMS BT_GATT_PERM_READ |
| #define GAP_APPEARANCE_WRITE_HANDLER NULL |
| #endif |
| |
| #if defined (CONFIG_BT_GAP_PERIPHERAL_PREF_PARAMS) |
| /* This checks if the range entered is valid */ |
| BUILD_ASSERT(!(CONFIG_BT_PERIPHERAL_PREF_MIN_INT > 3200 && |
| CONFIG_BT_PERIPHERAL_PREF_MIN_INT < 0xffff)); |
| BUILD_ASSERT(!(CONFIG_BT_PERIPHERAL_PREF_MAX_INT > 3200 && |
| CONFIG_BT_PERIPHERAL_PREF_MAX_INT < 0xffff)); |
| BUILD_ASSERT(!(CONFIG_BT_PERIPHERAL_PREF_TIMEOUT > 3200 && |
| CONFIG_BT_PERIPHERAL_PREF_TIMEOUT < 0xffff)); |
| BUILD_ASSERT((CONFIG_BT_PERIPHERAL_PREF_MIN_INT == 0xffff) || |
| (CONFIG_BT_PERIPHERAL_PREF_MIN_INT <= |
| CONFIG_BT_PERIPHERAL_PREF_MAX_INT)); |
| BUILD_ASSERT((CONFIG_BT_PERIPHERAL_PREF_TIMEOUT * 4U) > |
| ((1U + CONFIG_BT_PERIPHERAL_PREF_LATENCY) * |
| CONFIG_BT_PERIPHERAL_PREF_MAX_INT)); |
| |
| static ssize_t read_ppcp(struct bt_conn *conn, const struct bt_gatt_attr *attr, |
| void *buf, uint16_t len, uint16_t offset) |
| { |
| struct __packed { |
| uint16_t min_int; |
| uint16_t max_int; |
| uint16_t latency; |
| uint16_t timeout; |
| } ppcp; |
| |
| ppcp.min_int = sys_cpu_to_le16(CONFIG_BT_PERIPHERAL_PREF_MIN_INT); |
| ppcp.max_int = sys_cpu_to_le16(CONFIG_BT_PERIPHERAL_PREF_MAX_INT); |
| ppcp.latency = sys_cpu_to_le16(CONFIG_BT_PERIPHERAL_PREF_LATENCY); |
| ppcp.timeout = sys_cpu_to_le16(CONFIG_BT_PERIPHERAL_PREF_TIMEOUT); |
| |
| return bt_gatt_attr_read(conn, attr, buf, len, offset, &ppcp, |
| sizeof(ppcp)); |
| } |
| #endif |
| |
| #if defined(CONFIG_BT_CENTRAL) && defined(CONFIG_BT_PRIVACY) |
| static ssize_t read_central_addr_res(struct bt_conn *conn, |
| const struct bt_gatt_attr *attr, void *buf, |
| uint16_t len, uint16_t offset) |
| { |
| uint8_t central_addr_res = BT_GATT_CENTRAL_ADDR_RES_SUPP; |
| |
| return bt_gatt_attr_read(conn, attr, buf, len, offset, |
| ¢ral_addr_res, sizeof(central_addr_res)); |
| } |
| #endif /* CONFIG_BT_CENTRAL && CONFIG_BT_PRIVACY */ |
| |
| BT_GATT_SERVICE_DEFINE(_2_gap_svc, |
| BT_GATT_PRIMARY_SERVICE(BT_UUID_GAP), |
| #if defined(CONFIG_BT_DEVICE_NAME_GATT_WRITABLE) |
| /* Require pairing for writes to device name */ |
| BT_GATT_CHARACTERISTIC(BT_UUID_GAP_DEVICE_NAME, |
| BT_GATT_CHRC_READ | BT_GATT_CHRC_WRITE, |
| BT_GATT_PERM_READ | |
| #if defined(CONFIG_DEVICE_NAME_GATT_WRITABLE_AUTHEN) |
| BT_GATT_PERM_WRITE_AUTHEN, |
| #elif defined(CONFIG_DEVICE_NAME_GATT_WRITABLE_ENCRYPT) |
| BT_GATT_PERM_WRITE_ENCRYPT, |
| #else |
| BT_GATT_PERM_WRITE, |
| #endif |
| read_name, write_name, bt_dev.name), |
| #else |
| BT_GATT_CHARACTERISTIC(BT_UUID_GAP_DEVICE_NAME, BT_GATT_CHRC_READ, |
| BT_GATT_PERM_READ, read_name, NULL, NULL), |
| #endif /* CONFIG_BT_DEVICE_NAME_GATT_WRITABLE */ |
| BT_GATT_CHARACTERISTIC(BT_UUID_GAP_APPEARANCE, GAP_APPEARANCE_PROPS, |
| GAP_APPEARANCE_PERMS, read_appearance, |
| GAP_APPEARANCE_WRITE_HANDLER, NULL), |
| #if defined(CONFIG_BT_CENTRAL) && defined(CONFIG_BT_PRIVACY) |
| BT_GATT_CHARACTERISTIC(BT_UUID_CENTRAL_ADDR_RES, |
| BT_GATT_CHRC_READ, BT_GATT_PERM_READ, |
| read_central_addr_res, NULL, NULL), |
| #endif /* CONFIG_BT_CENTRAL && CONFIG_BT_PRIVACY */ |
| #if defined(CONFIG_BT_GAP_PERIPHERAL_PREF_PARAMS) |
| BT_GATT_CHARACTERISTIC(BT_UUID_GAP_PPCP, BT_GATT_CHRC_READ, |
| BT_GATT_PERM_READ, read_ppcp, NULL, NULL), |
| #endif |
| ); |
| |
| struct sc_data { |
| uint16_t start; |
| uint16_t end; |
| } __packed; |
| |
| struct gatt_sc_cfg { |
| uint8_t id; |
| bt_addr_le_t peer; |
| struct { |
| uint16_t start; |
| uint16_t end; |
| } data; |
| }; |
| |
| #if defined(CONFIG_BT_GATT_SERVICE_CHANGED) |
| #define SC_CFG_MAX (CONFIG_BT_MAX_PAIRED + CONFIG_BT_MAX_CONN) |
| #else |
| #define SC_CFG_MAX 0 |
| #endif |
| static struct gatt_sc_cfg sc_cfg[SC_CFG_MAX]; |
| BUILD_ASSERT(sizeof(struct sc_data) == sizeof(sc_cfg[0].data)); |
| |
| enum { |
| SC_RANGE_CHANGED, /* SC range changed */ |
| SC_INDICATE_PENDING, /* SC indicate pending */ |
| |
| #if defined(CONFIG_BT_GATT_CACHING) |
| DB_HASH_VALID, /* Database hash needs to be calculated */ |
| DB_HASH_LOAD, /* Database hash loaded from settings. */ |
| #endif |
| /* Total number of flags - must be at the end of the enum */ |
| SC_NUM_FLAGS, |
| }; |
| |
| #if defined(CONFIG_BT_GATT_SERVICE_CHANGED) |
| static struct gatt_sc { |
| struct bt_gatt_indicate_params params; |
| uint16_t start; |
| uint16_t end; |
| struct k_work_delayable work; |
| |
| ATOMIC_DEFINE(flags, SC_NUM_FLAGS); |
| } gatt_sc; |
| #endif /* defined(CONFIG_BT_GATT_SERVICE_CHANGED) */ |
| |
| #if defined(CONFIG_BT_GATT_CACHING) |
| static struct db_hash { |
| uint8_t hash[16]; |
| #if defined(CONFIG_BT_SETTINGS) |
| uint8_t stored_hash[16]; |
| #endif |
| struct k_work_delayable work; |
| struct k_work_sync sync; |
| } db_hash; |
| #endif |
| |
| static struct gatt_sc_cfg *find_sc_cfg(uint8_t id, bt_addr_le_t *addr) |
| { |
| BT_DBG("id: %u, addr: %s", id, bt_addr_le_str(addr)); |
| |
| for (size_t i = 0; i < ARRAY_SIZE(sc_cfg); i++) { |
| if (id == sc_cfg[i].id && |
| !bt_addr_le_cmp(&sc_cfg[i].peer, addr)) { |
| return &sc_cfg[i]; |
| } |
| } |
| |
| return NULL; |
| } |
| |
| static void sc_store(struct gatt_sc_cfg *cfg) |
| { |
| char key[BT_SETTINGS_KEY_MAX]; |
| int err; |
| |
| if (cfg->id) { |
| char id_str[4]; |
| |
| u8_to_dec(id_str, sizeof(id_str), cfg->id); |
| bt_settings_encode_key(key, sizeof(key), "sc", |
| &cfg->peer, id_str); |
| } else { |
| bt_settings_encode_key(key, sizeof(key), "sc", |
| &cfg->peer, NULL); |
| } |
| |
| err = settings_save_one(key, (char *)&cfg->data, sizeof(cfg->data)); |
| if (err) { |
| BT_ERR("failed to store SC (err %d)", err); |
| return; |
| } |
| |
| BT_DBG("stored SC for %s (%s, 0x%04x-0x%04x)", |
| bt_addr_le_str(&cfg->peer), key, cfg->data.start, |
| cfg->data.end); |
| } |
| |
| static void clear_sc_cfg(struct gatt_sc_cfg *cfg) |
| { |
| memset(cfg, 0, sizeof(*cfg)); |
| } |
| |
| static int bt_gatt_clear_sc(uint8_t id, const bt_addr_le_t *addr) |
| { |
| |
| struct gatt_sc_cfg *cfg; |
| |
| cfg = find_sc_cfg(id, (bt_addr_le_t *)addr); |
| if (!cfg) { |
| return 0; |
| } |
| |
| if (IS_ENABLED(CONFIG_BT_SETTINGS)) { |
| char key[BT_SETTINGS_KEY_MAX]; |
| int err; |
| |
| if (cfg->id) { |
| char id_str[4]; |
| |
| u8_to_dec(id_str, sizeof(id_str), cfg->id); |
| bt_settings_encode_key(key, sizeof(key), "sc", |
| &cfg->peer, id_str); |
| } else { |
| bt_settings_encode_key(key, sizeof(key), "sc", |
| &cfg->peer, NULL); |
| } |
| |
| err = settings_delete(key); |
| if (err) { |
| BT_ERR("failed to delete SC (err %d)", err); |
| } else { |
| BT_DBG("deleted SC for %s (%s)", |
| bt_addr_le_str(&cfg->peer), |
| key); |
| } |
| } |
| |
| clear_sc_cfg(cfg); |
| |
| return 0; |
| } |
| |
| static void sc_clear(struct bt_conn *conn) |
| { |
| if (bt_addr_le_is_bonded(conn->id, &conn->le.dst)) { |
| int err; |
| |
| err = bt_gatt_clear_sc(conn->id, &conn->le.dst); |
| if (err) { |
| BT_ERR("Failed to clear SC %d", err); |
| } |
| } else { |
| struct gatt_sc_cfg *cfg; |
| |
| cfg = find_sc_cfg(conn->id, &conn->le.dst); |
| if (cfg) { |
| clear_sc_cfg(cfg); |
| } |
| } |
| } |
| |
| static void sc_reset(struct gatt_sc_cfg *cfg) |
| { |
| BT_DBG("peer %s", bt_addr_le_str(&cfg->peer)); |
| |
| memset(&cfg->data, 0, sizeof(cfg->data)); |
| |
| if (IS_ENABLED(CONFIG_BT_SETTINGS)) { |
| sc_store(cfg); |
| } |
| } |
| |
| static bool update_range(uint16_t *start, uint16_t *end, uint16_t new_start, |
| uint16_t new_end) |
| { |
| BT_DBG("start 0x%04x end 0x%04x new_start 0x%04x new_end 0x%04x", |
| *start, *end, new_start, new_end); |
| |
| /* Check if inside existing range */ |
| if (new_start >= *start && new_end <= *end) { |
| return false; |
| } |
| |
| /* Update range */ |
| if (*start > new_start) { |
| *start = new_start; |
| } |
| |
| if (*end < new_end) { |
| *end = new_end; |
| } |
| |
| return true; |
| } |
| |
| static void sc_save(uint8_t id, bt_addr_le_t *peer, uint16_t start, uint16_t end) |
| { |
| struct gatt_sc_cfg *cfg; |
| bool modified = false; |
| |
| BT_DBG("peer %s start 0x%04x end 0x%04x", bt_addr_le_str(peer), start, |
| end); |
| |
| cfg = find_sc_cfg(id, peer); |
| if (!cfg) { |
| /* Find and initialize a free sc_cfg entry */ |
| cfg = find_sc_cfg(BT_ID_DEFAULT, BT_ADDR_LE_ANY); |
| if (!cfg) { |
| BT_ERR("unable to save SC: no cfg left"); |
| return; |
| } |
| |
| cfg->id = id; |
| bt_addr_le_copy(&cfg->peer, peer); |
| } |
| |
| /* Check if there is any change stored */ |
| if (!(cfg->data.start || cfg->data.end)) { |
| cfg->data.start = start; |
| cfg->data.end = end; |
| modified = true; |
| goto done; |
| } |
| |
| modified = update_range(&cfg->data.start, &cfg->data.end, start, end); |
| |
| done: |
| if (IS_ENABLED(CONFIG_BT_SETTINGS) && |
| modified && bt_addr_le_is_bonded(cfg->id, &cfg->peer)) { |
| sc_store(cfg); |
| } |
| } |
| |
| static ssize_t sc_ccc_cfg_write(struct bt_conn *conn, |
| const struct bt_gatt_attr *attr, uint16_t value) |
| { |
| BT_DBG("value 0x%04x", value); |
| |
| if (value == BT_GATT_CCC_INDICATE) { |
| /* Create a new SC configuration entry if subscribed */ |
| sc_save(conn->id, &conn->le.dst, 0, 0); |
| } else { |
| sc_clear(conn); |
| } |
| |
| return sizeof(value); |
| } |
| |
| static struct _bt_gatt_ccc sc_ccc = BT_GATT_CCC_INITIALIZER(NULL, |
| sc_ccc_cfg_write, |
| NULL); |
| |
| enum { |
| CF_CHANGE_AWARE, /* Client is changed aware */ |
| CF_DB_HASH_READ, /* The client has read the database hash */ |
| |
| /* Total number of flags - must be at the end of the enum */ |
| CF_NUM_FLAGS, |
| }; |
| |
| #define CF_BIT_ROBUST_CACHING 0 |
| #define CF_BIT_EATT 1 |
| #define CF_BIT_NOTIFY_MULTI 2 |
| #define CF_BIT_LAST CF_BIT_NOTIFY_MULTI |
| |
| #define CF_NUM_BITS (CF_BIT_LAST + 1) |
| #define CF_NUM_BYTES ((CF_BIT_LAST / 8) + 1) |
| |
| #define CF_ROBUST_CACHING(_cfg) (_cfg->data[0] & BIT(CF_BIT_ROBUST_CACHING)) |
| #define CF_EATT(_cfg) (_cfg->data[0] & BIT(CF_BIT_EATT)) |
| #define CF_NOTIFY_MULTI(_cfg) (_cfg->data[0] & BIT(CF_BIT_NOTIFY_MULTI)) |
| |
| struct gatt_cf_cfg { |
| uint8_t id; |
| bt_addr_le_t peer; |
| uint8_t data[CF_NUM_BYTES]; |
| ATOMIC_DEFINE(flags, CF_NUM_FLAGS); |
| }; |
| |
| #if defined(CONFIG_BT_GATT_CACHING) |
| #define CF_CFG_MAX (CONFIG_BT_MAX_PAIRED + CONFIG_BT_MAX_CONN) |
| #else |
| #define CF_CFG_MAX 0 |
| #endif /* CONFIG_BT_GATT_CACHING */ |
| |
| static struct gatt_cf_cfg cf_cfg[CF_CFG_MAX] = {}; |
| |
| static void clear_cf_cfg(struct gatt_cf_cfg *cfg) |
| { |
| bt_addr_le_copy(&cfg->peer, BT_ADDR_LE_ANY); |
| memset(cfg->data, 0, sizeof(cfg->data)); |
| atomic_set(cfg->flags, 0); |
| } |
| |
| #if defined(CONFIG_BT_GATT_CACHING) |
| static struct gatt_cf_cfg *find_cf_cfg(struct bt_conn *conn) |
| { |
| int i; |
| |
| for (i = 0; i < ARRAY_SIZE(cf_cfg); i++) { |
| struct gatt_cf_cfg *cfg = &cf_cfg[i]; |
| |
| if (!conn) { |
| if (!bt_addr_le_cmp(&cfg->peer, BT_ADDR_LE_ANY)) { |
| return cfg; |
| } |
| } else if (bt_conn_is_peer_addr_le(conn, cfg->id, &cfg->peer)) { |
| return cfg; |
| } |
| } |
| |
| return NULL; |
| } |
| |
| static ssize_t cf_read(struct bt_conn *conn, const struct bt_gatt_attr *attr, |
| void *buf, uint16_t len, uint16_t offset) |
| { |
| struct gatt_cf_cfg *cfg; |
| uint8_t data[1] = {}; |
| |
| cfg = find_cf_cfg(conn); |
| if (cfg) { |
| memcpy(data, cfg->data, sizeof(data)); |
| } |
| |
| return bt_gatt_attr_read(conn, attr, buf, len, offset, data, |
| sizeof(data)); |
| } |
| |
| static bool cf_set_value(struct gatt_cf_cfg *cfg, const uint8_t *value, uint16_t len) |
| { |
| uint16_t i; |
| |
| /* Validate the bits */ |
| for (i = 0U; i <= CF_BIT_LAST && (i / 8) < len; i++) { |
| if ((cfg->data[i / 8] & BIT(i % 8)) && |
| !(value[i / 8] & BIT(i % 8))) { |
| /* A client shall never clear a bit it has set */ |
| return false; |
| } |
| } |
| |
| /* Set the bits for each octect */ |
| for (i = 0U; i < len && i < CF_NUM_BYTES; i++) { |
| if (i == (CF_NUM_BYTES - 1)) { |
| cfg->data[i] |= value[i] & BIT_MASK(CF_NUM_BITS % 8); |
| } else { |
| cfg->data[i] |= value[i]; |
| } |
| |
| BT_DBG("byte %u: data 0x%02x value 0x%02x", i, cfg->data[i], |
| value[i]); |
| } |
| |
| return true; |
| } |
| |
| static ssize_t cf_write(struct bt_conn *conn, const struct bt_gatt_attr *attr, |
| const void *buf, uint16_t len, uint16_t offset, uint8_t flags) |
| { |
| struct gatt_cf_cfg *cfg; |
| const uint8_t *value = buf; |
| |
| if (offset > sizeof(cfg->data)) { |
| return BT_GATT_ERR(BT_ATT_ERR_INVALID_OFFSET); |
| } |
| |
| if (offset + len > sizeof(cfg->data)) { |
| return BT_GATT_ERR(BT_ATT_ERR_INVALID_ATTRIBUTE_LEN); |
| } |
| |
| cfg = find_cf_cfg(conn); |
| if (!cfg) { |
| cfg = find_cf_cfg(NULL); |
| } |
| |
| if (!cfg) { |
| BT_WARN("No space to store Client Supported Features"); |
| return BT_GATT_ERR(BT_ATT_ERR_INSUFFICIENT_RESOURCES); |
| } |
| |
| BT_DBG("handle 0x%04x len %u", attr->handle, len); |
| |
| if (!cf_set_value(cfg, value, len)) { |
| return BT_GATT_ERR(BT_ATT_ERR_VALUE_NOT_ALLOWED); |
| } |
| |
| bt_addr_le_copy(&cfg->peer, &conn->le.dst); |
| cfg->id = conn->id; |
| atomic_set_bit(cfg->flags, CF_CHANGE_AWARE); |
| |
| return len; |
| } |
| |
| struct gen_hash_state { |
| struct tc_cmac_struct state; |
| int err; |
| }; |
| |
| union hash_attr_value { |
| /* Bluetooth Core Specification Version 5.3 | Vol 3, Part G |
| * Table 3.1: Service declaration |
| */ |
| union { |
| uint16_t uuid16; |
| uint8_t uuid128[BT_UUID_SIZE_128]; |
| } __packed service; |
| /* Bluetooth Core Specification Version 5.3 | Vol 3, Part G |
| * Table 3.2: Include declaration |
| */ |
| struct { |
| uint16_t attribute_handle; |
| uint16_t end_group_handle; |
| uint16_t uuid16; |
| } __packed inc; |
| /* Bluetooth Core Specification Version 5.3 | Vol 3, Part G |
| * Table 3.3: Characteristic declaration |
| */ |
| struct { |
| uint8_t properties; |
| uint16_t value_handle; |
| union { |
| uint16_t uuid16; |
| uint8_t uuid128[BT_UUID_SIZE_128]; |
| } __packed; |
| } __packed chrc; |
| /* Bluetooth Core Specification Version 5.3 | Vol 3, Part G |
| * Table 3.5: Characteristic Properties bit field |
| */ |
| struct { |
| uint16_t properties; |
| } __packed cep; |
| } __packed; |
| |
| static uint8_t gen_hash_m(const struct bt_gatt_attr *attr, uint16_t handle, |
| void *user_data) |
| { |
| struct gen_hash_state *state = user_data; |
| struct bt_uuid_16 *u16; |
| uint8_t data[sizeof(union hash_attr_value)]; |
| ssize_t len; |
| uint16_t value; |
| |
| if (attr->uuid->type != BT_UUID_TYPE_16) |
| return BT_GATT_ITER_CONTINUE; |
| |
| u16 = (struct bt_uuid_16 *)attr->uuid; |
| |
| switch (u16->val) { |
| /* Attributes to hash: handle + UUID + value */ |
| case BT_UUID_GATT_PRIMARY_VAL: |
| case BT_UUID_GATT_SECONDARY_VAL: |
| case BT_UUID_GATT_INCLUDE_VAL: |
| case BT_UUID_GATT_CHRC_VAL: |
| case BT_UUID_GATT_CEP_VAL: |
| value = sys_cpu_to_le16(handle); |
| if (tc_cmac_update(&state->state, (uint8_t *)&value, |
| sizeof(handle)) == TC_CRYPTO_FAIL) { |
| state->err = -EINVAL; |
| return BT_GATT_ITER_STOP; |
| } |
| |
| value = sys_cpu_to_le16(u16->val); |
| if (tc_cmac_update(&state->state, (uint8_t *)&value, |
| sizeof(u16->val)) == TC_CRYPTO_FAIL) { |
| state->err = -EINVAL; |
| return BT_GATT_ITER_STOP; |
| } |
| |
| len = attr->read(NULL, attr, data, sizeof(data), 0); |
| if (len < 0) { |
| state->err = len; |
| return BT_GATT_ITER_STOP; |
| } |
| |
| if (tc_cmac_update(&state->state, data, len) == |
| TC_CRYPTO_FAIL) { |
| state->err = -EINVAL; |
| return BT_GATT_ITER_STOP; |
| } |
| |
| break; |
| /* Attributes to hash: handle + UUID */ |
| case BT_UUID_GATT_CUD_VAL: |
| case BT_UUID_GATT_CCC_VAL: |
| case BT_UUID_GATT_SCC_VAL: |
| case BT_UUID_GATT_CPF_VAL: |
| case BT_UUID_GATT_CAF_VAL: |
| value = sys_cpu_to_le16(handle); |
| if (tc_cmac_update(&state->state, (uint8_t *)&value, |
| sizeof(handle)) == TC_CRYPTO_FAIL) { |
| state->err = -EINVAL; |
| return BT_GATT_ITER_STOP; |
| } |
| |
| value = sys_cpu_to_le16(u16->val); |
| if (tc_cmac_update(&state->state, (uint8_t *)&value, |
| sizeof(u16->val)) == TC_CRYPTO_FAIL) { |
| state->err = -EINVAL; |
| return BT_GATT_ITER_STOP; |
| } |
| break; |
| default: |
| return BT_GATT_ITER_CONTINUE; |
| } |
| |
| return BT_GATT_ITER_CONTINUE; |
| } |
| |
| static void db_hash_store(void) |
| { |
| int err; |
| |
| err = settings_save_one("bt/hash", &db_hash.hash, sizeof(db_hash.hash)); |
| if (err) { |
| BT_ERR("Failed to save Database Hash (err %d)", err); |
| } |
| |
| BT_DBG("Database Hash stored"); |
| } |
| |
| static void db_hash_gen(bool store) |
| { |
| uint8_t key[16] = {}; |
| struct tc_aes_key_sched_struct sched; |
| struct gen_hash_state state; |
| |
| if (tc_cmac_setup(&state.state, key, &sched) == TC_CRYPTO_FAIL) { |
| BT_ERR("Unable to setup AES CMAC"); |
| return; |
| } |
| |
| bt_gatt_foreach_attr(0x0001, 0xffff, gen_hash_m, &state); |
| |
| if (tc_cmac_final(db_hash.hash, &state.state) == TC_CRYPTO_FAIL) { |
| BT_ERR("Unable to calculate hash"); |
| return; |
| } |
| |
| /** |
| * Core 5.1 does not state the endianess of the hash. |
| * However Vol 3, Part F, 3.3.1 says that multi-octet Characteristic |
| * Values shall be LE unless otherwise defined. PTS expects hash to be |
| * in little endianess as well. bt_smp_aes_cmac calculates the hash in |
| * big endianess so we have to swap. |
| */ |
| sys_mem_swap(db_hash.hash, sizeof(db_hash.hash)); |
| |
| BT_HEXDUMP_DBG(db_hash.hash, sizeof(db_hash.hash), "Hash: "); |
| |
| if (IS_ENABLED(CONFIG_BT_SETTINGS) && store) { |
| db_hash_store(); |
| } |
| |
| atomic_set_bit(gatt_sc.flags, DB_HASH_VALID); |
| } |
| |
| #if defined(CONFIG_BT_SETTINGS) |
| static void sc_indicate(uint16_t start, uint16_t end); |
| #endif |
| |
| static void db_hash_process(struct k_work *work) |
| { |
| #if defined(CONFIG_BT_SETTINGS) |
| if (atomic_test_and_clear_bit(gatt_sc.flags, DB_HASH_LOAD)) { |
| if (!atomic_test_bit(gatt_sc.flags, DB_HASH_VALID)) { |
| db_hash_gen(false); |
| } |
| |
| /* Check if hash matches then skip SC update */ |
| if (!memcmp(db_hash.stored_hash, db_hash.hash, |
| sizeof(db_hash.stored_hash))) { |
| BT_DBG("Database Hash matches"); |
| k_work_cancel_delayable(&gatt_sc.work); |
| atomic_clear_bit(gatt_sc.flags, SC_RANGE_CHANGED); |
| return; |
| } |
| |
| BT_HEXDUMP_DBG(db_hash.hash, sizeof(db_hash.hash), |
| "New Hash: "); |
| |
| /* GATT database has been modified since last boot, likely due |
| * to a firmware update or a dynamic service that was not |
| * re-registered on boot. |
| * Indicate Service Changed to all bonded devices for the full |
| * database range to invalidate client-side cache and force |
| * discovery on reconnect. |
| */ |
| sc_indicate(0x0001, 0xffff); |
| |
| /* Hash did not match, overwrite with current hash */ |
| db_hash_store(); |
| return; |
| } |
| #endif /* defined(CONFIG_BT_SETTINGS) */ |
| db_hash_gen(true); |
| } |
| |
| static ssize_t db_hash_read(struct bt_conn *conn, |
| const struct bt_gatt_attr *attr, |
| void *buf, uint16_t len, uint16_t offset) |
| { |
| struct gatt_cf_cfg *cfg; |
| |
| /* Check if db_hash is already pending in which case it shall be |
| * generated immediately instead of waiting for the work to complete. |
| */ |
| (void)k_work_cancel_delayable_sync(&db_hash.work, &db_hash.sync); |
| if (!atomic_test_bit(gatt_sc.flags, DB_HASH_VALID)) { |
| db_hash_gen(true); |
| } |
| |
| /* BLUETOOTH CORE SPECIFICATION Version 5.1 | Vol 3, Part G page 2347: |
| * 2.5.2.1 Robust Caching |
| * A connected client becomes change-aware when... |
| * The client reads the Database Hash characteristic and then the server |
| * receives another ATT request from the client. |
| */ |
| cfg = find_cf_cfg(conn); |
| if (cfg && |
| CF_ROBUST_CACHING(cfg) && |
| !atomic_test_bit(cfg->flags, CF_CHANGE_AWARE)) { |
| atomic_set_bit(cfg->flags, CF_DB_HASH_READ); |
| } |
| |
| return bt_gatt_attr_read(conn, attr, buf, len, offset, db_hash.hash, |
| sizeof(db_hash.hash)); |
| } |
| |
| static void remove_cf_cfg(struct bt_conn *conn) |
| { |
| struct gatt_cf_cfg *cfg; |
| |
| cfg = find_cf_cfg(conn); |
| if (!cfg) { |
| return; |
| } |
| |
| /* BLUETOOTH CORE SPECIFICATION Version 5.1 | Vol 3, Part G page 2405: |
| * For clients with a trusted relationship, the characteristic value |
| * shall be persistent across connections. For clients without a |
| * trusted relationship the characteristic value shall be set to the |
| * default value at each connection. |
| */ |
| if (!bt_addr_le_is_bonded(conn->id, &conn->le.dst)) { |
| clear_cf_cfg(cfg); |
| } else { |
| /* Update address in case it has changed */ |
| bt_addr_le_copy(&cfg->peer, &conn->le.dst); |
| } |
| } |
| |
| #if defined(CONFIG_BT_EATT) |
| #define SF_BIT_EATT 0 |
| #define SF_BIT_LAST SF_BIT_EATT |
| |
| static ssize_t sf_read(struct bt_conn *conn, const struct bt_gatt_attr *attr, |
| void *buf, uint16_t len, uint16_t offset) |
| { |
| uint8_t value = BIT(SF_BIT_EATT); |
| |
| return bt_gatt_attr_read(conn, attr, buf, len, offset, &value, |
| sizeof(value)); |
| } |
| #endif /* CONFIG_BT_EATT */ |
| #endif /* CONFIG_BT_GATT_CACHING */ |
| |
| static int bt_gatt_store_cf(struct bt_conn *conn) |
| { |
| #if defined(CONFIG_BT_GATT_CACHING) |
| struct gatt_cf_cfg *cfg; |
| char key[BT_SETTINGS_KEY_MAX]; |
| char *str; |
| size_t len; |
| int err; |
| |
| cfg = find_cf_cfg(conn); |
| if (!cfg) { |
| /* No cfg found, just clear it */ |
| BT_DBG("No config for CF"); |
| str = NULL; |
| len = 0; |
| } else { |
| str = (char *)cfg->data; |
| len = sizeof(cfg->data); |
| |
| if (conn->id) { |
| char id_str[4]; |
| |
| u8_to_dec(id_str, sizeof(id_str), conn->id); |
| bt_settings_encode_key(key, sizeof(key), "cf", |
| &conn->le.dst, id_str); |
| } |
| } |
| |
| if (!cfg || !conn->id) { |
| bt_settings_encode_key(key, sizeof(key), "cf", |
| &conn->le.dst, NULL); |
| } |
| |
| err = settings_save_one(key, str, len); |
| if (err) { |
| BT_ERR("Failed to store Client Features (err %d)", err); |
| return err; |
| } |
| |
| BT_DBG("Stored CF for %s (%s)", bt_addr_le_str(&conn->le.dst), key); |
| #endif /* CONFIG_BT_GATT_CACHING */ |
| return 0; |
| |
| } |
| |
| #if defined(CONFIG_BT_SETTINGS) && defined(CONFIG_BT_SMP) && defined(CONFIG_BT_GATT_CLIENT) |
| /** Struct used to store both the id and the random address of a device when replacing |
| * random addresses in the ccc attribute's cfg array with the device's id address after |
| * pairing complete. |
| */ |
| struct addr_match { |
| const bt_addr_le_t *private_addr; |
| const bt_addr_le_t *id_addr; |
| }; |
| |
| static uint8_t convert_to_id_on_match(const struct bt_gatt_attr *attr, |
| uint16_t handle, void *user_data) |
| { |
| struct _bt_gatt_ccc *ccc; |
| struct addr_match *match = user_data; |
| |
| /* Check if attribute is a CCC */ |
| if (attr->write != bt_gatt_attr_write_ccc) { |
| return BT_GATT_ITER_CONTINUE; |
| } |
| |
| ccc = attr->user_data; |
| |
| /* Copy the device's id address to the config's address if the config's address is the |
| * same as the device's private address |
| */ |
| for (size_t i = 0; i < ARRAY_SIZE(ccc->cfg); i++) { |
| if (bt_addr_le_cmp(&ccc->cfg[i].peer, match->private_addr) == 0) { |
| bt_addr_le_copy(&ccc->cfg[i].peer, match->id_addr); |
| } |
| } |
| |
| return BT_GATT_ITER_CONTINUE; |
| } |
| |
| static void bt_gatt_identity_resolved(struct bt_conn *conn, const bt_addr_le_t *private_addr, |
| const bt_addr_le_t *id_addr) |
| { |
| /* Update the ccc cfg addresses */ |
| struct addr_match user_data = { |
| .private_addr = private_addr, |
| .id_addr = id_addr |
| }; |
| |
| bt_gatt_foreach_attr(0x0001, 0xffff, convert_to_id_on_match, &user_data); |
| |
| /* Store the ccc and cf data */ |
| bt_gatt_store_ccc(conn->id, &(conn->le.dst)); |
| bt_gatt_store_cf(conn); |
| } |
| #endif /* CONFIG_BT_SETTINGS && CONFIG_BT_SMP && CONFIG_BT_GATT_CLIENT */ |
| |
| BT_GATT_SERVICE_DEFINE(_1_gatt_svc, |
| BT_GATT_PRIMARY_SERVICE(BT_UUID_GATT), |
| #if defined(CONFIG_BT_GATT_SERVICE_CHANGED) |
| /* Bluetooth 5.0, Vol3 Part G: |
| * The Service Changed characteristic Attribute Handle on the server |
| * shall not change if the server has a trusted relationship with any |
| * client. |
| */ |
| BT_GATT_CHARACTERISTIC(BT_UUID_GATT_SC, BT_GATT_CHRC_INDICATE, |
| BT_GATT_PERM_NONE, NULL, NULL, NULL), |
| BT_GATT_CCC_MANAGED(&sc_ccc, BT_GATT_PERM_READ | BT_GATT_PERM_WRITE), |
| #if defined(CONFIG_BT_GATT_CACHING) |
| BT_GATT_CHARACTERISTIC(BT_UUID_GATT_CLIENT_FEATURES, |
| BT_GATT_CHRC_READ | BT_GATT_CHRC_WRITE, |
| BT_GATT_PERM_READ | BT_GATT_PERM_WRITE, |
| cf_read, cf_write, NULL), |
| BT_GATT_CHARACTERISTIC(BT_UUID_GATT_DB_HASH, |
| BT_GATT_CHRC_READ, BT_GATT_PERM_READ, |
| db_hash_read, NULL, NULL), |
| #if defined(CONFIG_BT_EATT) |
| BT_GATT_CHARACTERISTIC(BT_UUID_GATT_SERVER_FEATURES, |
| BT_GATT_CHRC_READ, BT_GATT_PERM_READ, |
| sf_read, NULL, NULL), |
| #endif /* CONFIG_BT_EATT */ |
| #endif /* CONFIG_BT_GATT_CACHING */ |
| #endif /* CONFIG_BT_GATT_SERVICE_CHANGED */ |
| ); |
| |
| #if defined(CONFIG_BT_GATT_DYNAMIC_DB) |
| static uint8_t found_attr(const struct bt_gatt_attr *attr, uint16_t handle, |
| void *user_data) |
| { |
| const struct bt_gatt_attr **found = user_data; |
| |
| *found = attr; |
| |
| return BT_GATT_ITER_STOP; |
| } |
| |
| static const struct bt_gatt_attr *find_attr(uint16_t handle) |
| { |
| const struct bt_gatt_attr *attr = NULL; |
| |
| bt_gatt_foreach_attr(handle, handle, found_attr, &attr); |
| |
| return attr; |
| } |
| |
| static void gatt_insert(struct bt_gatt_service *svc, uint16_t last_handle) |
| { |
| struct bt_gatt_service *tmp, *prev = NULL; |
| |
| if (last_handle == 0 || svc->attrs[0].handle > last_handle) { |
| sys_slist_append(&db, &svc->node); |
| return; |
| } |
| |
| /* DB shall always have its service in ascending order */ |
| SYS_SLIST_FOR_EACH_CONTAINER(&db, tmp, node) { |
| if (tmp->attrs[0].handle > svc->attrs[0].handle) { |
| if (prev) { |
| sys_slist_insert(&db, &prev->node, &svc->node); |
| } else { |
| sys_slist_prepend(&db, &svc->node); |
| } |
| return; |
| } |
| |
| prev = tmp; |
| } |
| } |
| |
| static int gatt_register(struct bt_gatt_service *svc) |
| { |
| struct bt_gatt_service *last; |
| uint16_t handle, last_handle; |
| struct bt_gatt_attr *attrs = svc->attrs; |
| uint16_t count = svc->attr_count; |
| |
| if (sys_slist_is_empty(&db)) { |
| handle = last_static_handle; |
| last_handle = 0; |
| goto populate; |
| } |
| |
| last = SYS_SLIST_PEEK_TAIL_CONTAINER(&db, last, node); |
| handle = last->attrs[last->attr_count - 1].handle; |
| last_handle = handle; |
| |
| populate: |
| /* Populate the handles and append them to the list */ |
| for (; attrs && count; attrs++, count--) { |
| if (!attrs->handle) { |
| /* Allocate handle if not set already */ |
| attrs->handle = ++handle; |
| } else if (attrs->handle > handle) { |
| /* Use existing handle if valid */ |
| handle = attrs->handle; |
| } else if (find_attr(attrs->handle)) { |
| /* Service has conflicting handles */ |
| BT_ERR("Unable to register handle 0x%04x", |
| attrs->handle); |
| return -EINVAL; |
| } |
| |
| BT_DBG("attr %p handle 0x%04x uuid %s perm 0x%02x", |
| attrs, attrs->handle, bt_uuid_str(attrs->uuid), |
| attrs->perm); |
| } |
| |
| gatt_insert(svc, last_handle); |
| |
| return 0; |
| } |
| #endif /* CONFIG_BT_GATT_DYNAMIC_DB */ |
| |
| static inline void sc_work_submit(k_timeout_t timeout) |
| { |
| #if defined(CONFIG_BT_GATT_SERVICE_CHANGED) |
| k_work_reschedule(&gatt_sc.work, timeout); |
| #endif |
| } |
| |
| #if defined(CONFIG_BT_GATT_SERVICE_CHANGED) |
| static void sc_indicate_rsp(struct bt_conn *conn, |
| struct bt_gatt_indicate_params *params, uint8_t err) |
| { |
| #if defined(CONFIG_BT_GATT_CACHING) |
| struct gatt_cf_cfg *cfg; |
| #endif |
| |
| BT_DBG("err 0x%02x", err); |
| |
| atomic_clear_bit(gatt_sc.flags, SC_INDICATE_PENDING); |
| |
| /* Check if there is new change in the meantime */ |
| if (atomic_test_bit(gatt_sc.flags, SC_RANGE_CHANGED)) { |
| /* Reschedule without any delay since it is waiting already */ |
| sc_work_submit(K_NO_WAIT); |
| } |
| |
| #if defined(CONFIG_BT_GATT_CACHING) |
| /* BLUETOOTH CORE SPECIFICATION Version 5.3 | Vol 3, Part G page 1476: |
| * 2.5.2.1 Robust Caching |
| * ... a change-unaware connected client using exactly one ATT bearer |
| * becomes change-aware when ... |
| * The client receives and confirms a Handle Value Indication |
| * for the Service Changed characteristic |
| */ |
| if (bt_att_fixed_chan_only(conn)) { |
| cfg = find_cf_cfg(conn); |
| if (cfg && CF_ROBUST_CACHING(cfg)) { |
| atomic_set_bit(cfg->flags, CF_CHANGE_AWARE); |
| BT_DBG("%s change-aware", bt_addr_le_str(&cfg->peer)); |
| } |
| } |
| #endif /* CONFIG_BT_GATT_CACHING */ |
| } |
| |
| static void sc_process(struct k_work *work) |
| { |
| struct k_work_delayable *dwork = k_work_delayable_from_work(work); |
| struct gatt_sc *sc = CONTAINER_OF(dwork, struct gatt_sc, work); |
| uint16_t sc_range[2]; |
| |
| __ASSERT(!atomic_test_bit(sc->flags, SC_INDICATE_PENDING), |
| "Indicate already pending"); |
| |
| BT_DBG("start 0x%04x end 0x%04x", sc->start, sc->end); |
| |
| sc_range[0] = sys_cpu_to_le16(sc->start); |
| sc_range[1] = sys_cpu_to_le16(sc->end); |
| |
| atomic_clear_bit(sc->flags, SC_RANGE_CHANGED); |
| sc->start = 0U; |
| sc->end = 0U; |
| |
| sc->params.attr = &_1_gatt_svc.attrs[2]; |
| sc->params.func = sc_indicate_rsp; |
| sc->params.data = &sc_range[0]; |
| sc->params.len = sizeof(sc_range); |
| |
| if (bt_gatt_indicate(NULL, &sc->params)) { |
| /* No connections to indicate */ |
| return; |
| } |
| |
| atomic_set_bit(sc->flags, SC_INDICATE_PENDING); |
| } |
| #endif /* defined(CONFIG_BT_GATT_SERVICE_CHANGED) */ |
| |
| static void clear_ccc_cfg(struct bt_gatt_ccc_cfg *cfg) |
| { |
| bt_addr_le_copy(&cfg->peer, BT_ADDR_LE_ANY); |
| cfg->id = 0U; |
| cfg->value = 0U; |
| } |
| |
| #if defined(CONFIG_BT_SETTINGS_CCC_STORE_ON_WRITE) |
| static struct gatt_ccc_store { |
| struct bt_conn *conn_list[CONFIG_BT_MAX_CONN]; |
| struct k_work_delayable work; |
| } gatt_ccc_store; |
| |
| static bool gatt_ccc_conn_is_queued(struct bt_conn *conn) |
| { |
| return (conn == gatt_ccc_store.conn_list[bt_conn_index(conn)]); |
| } |
| |
| static void gatt_ccc_conn_unqueue(struct bt_conn *conn) |
| { |
| uint8_t index = bt_conn_index(conn); |
| |
| if (gatt_ccc_store.conn_list[index] != NULL) { |
| bt_conn_unref(gatt_ccc_store.conn_list[index]); |
| gatt_ccc_store.conn_list[index] = NULL; |
| } |
| } |
| |
| static void gatt_ccc_conn_enqueue(struct bt_conn *conn) |
| { |
| if ((!gatt_ccc_conn_is_queued(conn)) && |
| bt_addr_le_is_bonded(conn->id, &conn->le.dst)) { |
| /* Store the connection with the same index it has in |
| * the conns array |
| */ |
| gatt_ccc_store.conn_list[bt_conn_index(conn)] = |
| bt_conn_ref(conn); |
| |
| k_work_reschedule(&gatt_ccc_store.work, CCC_STORE_DELAY); |
| } |
| } |
| |
| static bool gatt_ccc_conn_queue_is_empty(void) |
| { |
| for (size_t i = 0; i < CONFIG_BT_MAX_CONN; i++) { |
| if (gatt_ccc_store.conn_list[i]) { |
| return false; |
| } |
| } |
| |
| return true; |
| } |
| |
| static void ccc_delayed_store(struct k_work *work) |
| { |
| struct k_work_delayable *dwork = k_work_delayable_from_work(work); |
| struct gatt_ccc_store *ccc_store = |
| CONTAINER_OF(dwork, struct gatt_ccc_store, work); |
| |
| for (size_t i = 0; i < CONFIG_BT_MAX_CONN; i++) { |
| struct bt_conn *conn = ccc_store->conn_list[i]; |
| |
| if (!conn) { |
| continue; |
| } |
| |
| if (bt_addr_le_is_bonded(conn->id, &conn->le.dst)) { |
| ccc_store->conn_list[i] = NULL; |
| bt_gatt_store_ccc(conn->id, &conn->le.dst); |
| bt_conn_unref(conn); |
| } |
| } |
| } |
| #endif |
| |
| static void bt_gatt_service_init(void) |
| { |
| if (!atomic_cas(&service_init, 0, 1)) { |
| return; |
| } |
| |
| STRUCT_SECTION_FOREACH(bt_gatt_service_static, svc) { |
| last_static_handle += svc->attr_count; |
| } |
| } |
| |
| void bt_gatt_init(void) |
| { |
| if (!atomic_cas(&init, 0, 1)) { |
| return; |
| } |
| |
| bt_gatt_service_init(); |
| |
| sys_slist_init(&callback_list); |
| |
| #if defined(CONFIG_BT_GATT_CACHING) |
| k_work_init_delayable(&db_hash.work, db_hash_process); |
| |
| /* Submit work to Generate initial hash as there could be static |
| * services already in the database. |
| */ |
| if (IS_ENABLED(CONFIG_BT_LONG_WQ)) { |
| bt_long_wq_schedule(&db_hash.work, DB_HASH_TIMEOUT); |
| } else { |
| k_work_schedule(&db_hash.work, DB_HASH_TIMEOUT); |
| } |
| #endif /* CONFIG_BT_GATT_CACHING */ |
| |
| #if defined(CONFIG_BT_GATT_SERVICE_CHANGED) |
| k_work_init_delayable(&gatt_sc.work, sc_process); |
| if (IS_ENABLED(CONFIG_BT_SETTINGS)) { |
| /* Make sure to not send SC indications until SC |
| * settings are loaded |
| */ |
| atomic_set_bit(gatt_sc.flags, SC_INDICATE_PENDING); |
| } |
| #endif /* defined(CONFIG_BT_GATT_SERVICE_CHANGED) */ |
| |
| #if defined(CONFIG_BT_SETTINGS_CCC_STORE_ON_WRITE) |
| k_work_init_delayable(&gatt_ccc_store.work, ccc_delayed_store); |
| #endif |
| |
| #if defined(CONFIG_BT_GATT_CLIENT) && defined(CONFIG_BT_SETTINGS) && defined(CONFIG_BT_SMP) |
| static struct bt_conn_cb gatt_conn_cb = { |
| .identity_resolved = bt_gatt_identity_resolved, |
| }; |
| |
| /* Register the gatt module for connection callbacks so it can be |
| * notified when pairing has completed. This is used to enable CCC and |
| * CF storage on pairing complete. |
| */ |
| bt_conn_cb_register(&gatt_conn_cb); |
| #endif /* CONFIG_BT_GATT_CLIENT && CONFIG_BT_SETTINGS && CONFIG_BT_SMP */ |
| } |
| |
| #if defined(CONFIG_BT_GATT_DYNAMIC_DB) || \ |
| (defined(CONFIG_BT_GATT_CACHING) && defined(CONFIG_BT_SETTINGS)) |
| static void sc_indicate(uint16_t start, uint16_t end) |
| { |
| BT_DBG("start 0x%04x end 0x%04x", start, end); |
| |
| if (!atomic_test_and_set_bit(gatt_sc.flags, SC_RANGE_CHANGED)) { |
| gatt_sc.start = start; |
| gatt_sc.end = end; |
| goto submit; |
| } |
| |
| if (!update_range(&gatt_sc.start, &gatt_sc.end, start, end)) { |
| return; |
| } |
| |
| submit: |
| if (atomic_test_bit(gatt_sc.flags, SC_INDICATE_PENDING)) { |
| BT_DBG("indicate pending, waiting until complete..."); |
| return; |
| } |
| |
| /* Reschedule since the range has changed */ |
| sc_work_submit(SC_TIMEOUT); |
| } |
| #endif /* BT_GATT_DYNAMIC_DB || (BT_GATT_CACHING && BT_SETTINGS) */ |
| |
| void bt_gatt_cb_register(struct bt_gatt_cb *cb) |
| { |
| sys_slist_append(&callback_list, &cb->node); |
| } |
| |
| #if defined(CONFIG_BT_GATT_DYNAMIC_DB) |
| static void db_changed(void) |
| { |
| #if defined(CONFIG_BT_GATT_CACHING) |
| struct bt_conn *conn; |
| int i; |
| |
| atomic_clear_bit(gatt_sc.flags, DB_HASH_VALID); |
| |
| if (IS_ENABLED(CONFIG_BT_LONG_WQ)) { |
| bt_long_wq_reschedule(&db_hash.work, DB_HASH_TIMEOUT); |
| } else { |
| k_work_reschedule(&db_hash.work, DB_HASH_TIMEOUT); |
| } |
| |
| for (i = 0; i < ARRAY_SIZE(cf_cfg); i++) { |
| struct gatt_cf_cfg *cfg = &cf_cfg[i]; |
| |
| if (!bt_addr_le_cmp(&cfg->peer, BT_ADDR_LE_ANY)) { |
| continue; |
| } |
| |
| if (CF_ROBUST_CACHING(cfg)) { |
| /* Core Spec 5.1 | Vol 3, Part G, 2.5.2.1 Robust Caching |
| *... the database changes again before the client |
| * becomes change-aware in which case the error response |
| * shall be sent again. |
| */ |
| conn = bt_conn_lookup_addr_le(BT_ID_DEFAULT, &cfg->peer); |
| if (conn) { |
| bt_att_clear_out_of_sync_sent(conn); |
| bt_conn_unref(conn); |
| } |
| |
| atomic_clear_bit(cfg->flags, CF_DB_HASH_READ); |
| if (atomic_test_and_clear_bit(cfg->flags, |
| CF_CHANGE_AWARE)) { |
| BT_DBG("%s change-unaware", |
| bt_addr_le_str(&cfg->peer)); |
| } |
| } |
| } |
| #endif |
| } |
| |
| static void gatt_unregister_ccc(struct _bt_gatt_ccc *ccc) |
| { |
| ccc->value = 0; |
| |
| for (size_t i = 0; i < ARRAY_SIZE(ccc->cfg); i++) { |
| struct bt_gatt_ccc_cfg *cfg = &ccc->cfg[i]; |
| |
| if (bt_addr_le_cmp(&cfg->peer, BT_ADDR_LE_ANY)) { |
| struct bt_conn *conn; |
| bool store = true; |
| |
| conn = bt_conn_lookup_addr_le(cfg->id, &cfg->peer); |
| if (conn) { |
| if (conn->state == BT_CONN_CONNECTED) { |
| #if defined(CONFIG_BT_SETTINGS_CCC_STORE_ON_WRITE) |
| gatt_ccc_conn_enqueue(conn); |
| #endif |
| store = false; |
| } |
| |
| bt_conn_unref(conn); |
| } |
| |
| if (IS_ENABLED(CONFIG_BT_SETTINGS) && store && |
| bt_addr_le_is_bonded(cfg->id, &cfg->peer)) { |
| bt_gatt_store_ccc(cfg->id, &cfg->peer); |
| } |
| |
| clear_ccc_cfg(cfg); |
| } |
| } |
| } |
| |
| static int gatt_unregister(struct bt_gatt_service *svc) |
| { |
| if (!sys_slist_find_and_remove(&db, &svc->node)) { |
| return -ENOENT; |
| } |
| |
| for (uint16_t i = 0; i < svc->attr_count; i++) { |
| struct bt_gatt_attr *attr = &svc->attrs[i]; |
| |
| if (attr->write == bt_gatt_attr_write_ccc) { |
| gatt_unregister_ccc(attr->user_data); |
| } |
| } |
| |
| return 0; |
| } |
| |
| int bt_gatt_service_register(struct bt_gatt_service *svc) |
| { |
| int err; |
| |
| __ASSERT(svc, "invalid parameters\n"); |
| __ASSERT(svc->attrs, "invalid parameters\n"); |
| __ASSERT(svc->attr_count, "invalid parameters\n"); |
| |
| /* Init GATT core services */ |
| bt_gatt_service_init(); |
| |
| /* Do no allow to register mandatory services twice */ |
| if (!bt_uuid_cmp(svc->attrs[0].uuid, BT_UUID_GAP) || |
| !bt_uuid_cmp(svc->attrs[0].uuid, BT_UUID_GATT)) { |
| return -EALREADY; |
| } |
| |
| k_sched_lock(); |
| |
| err = gatt_register(svc); |
| if (err < 0) { |
| k_sched_unlock(); |
| return err; |
| } |
| |
| /* Don't submit any work until the stack is initialized */ |
| if (!atomic_get(&init)) { |
| k_sched_unlock(); |
| return 0; |
| } |
| |
| sc_indicate(svc->attrs[0].handle, |
| svc->attrs[svc->attr_count - 1].handle); |
| |
| db_changed(); |
| |
| k_sched_unlock(); |
| |
| return 0; |
| } |
| |
| int bt_gatt_service_unregister(struct bt_gatt_service *svc) |
| { |
| int err; |
| |
| __ASSERT(svc, "invalid parameters\n"); |
| |
| k_sched_lock(); |
| |
| err = gatt_unregister(svc); |
| if (err) { |
| k_sched_unlock(); |
| return err; |
| } |
| |
| /* Don't submit any work until the stack is initialized */ |
| if (!atomic_get(&init)) { |
| k_sched_unlock(); |
| return 0; |
| } |
| |
| sc_indicate(svc->attrs[0].handle, |
| svc->attrs[svc->attr_count - 1].handle); |
| |
| db_changed(); |
| |
| k_sched_unlock(); |
| |
| return 0; |
| } |
| |
| bool bt_gatt_service_is_registered(const struct bt_gatt_service *svc) |
| { |
| bool registered = false; |
| sys_snode_t *node; |
| |
| k_sched_lock(); |
| SYS_SLIST_FOR_EACH_NODE(&db, node) { |
| if (&svc->node == node) { |
| registered = true; |
| break; |
| } |
| } |
| |
| k_sched_unlock(); |
| |
| return registered; |
| } |
| #endif /* CONFIG_BT_GATT_DYNAMIC_DB */ |
| |
| ssize_t bt_gatt_attr_read(struct bt_conn *conn, const struct bt_gatt_attr *attr, |
| void *buf, uint16_t buf_len, uint16_t offset, |
| const void *value, uint16_t value_len) |
| { |
| uint16_t len; |
| |
| if (offset > value_len) { |
| return BT_GATT_ERR(BT_ATT_ERR_INVALID_OFFSET); |
| } |
| |
| len = MIN(buf_len, value_len - offset); |
| |
| BT_DBG("handle 0x%04x offset %u length %u", attr->handle, offset, |
| len); |
| |
| memcpy(buf, (uint8_t *)value + offset, len); |
| |
| return len; |
| } |
| |
| ssize_t bt_gatt_attr_read_service(struct bt_conn *conn, |
| const struct bt_gatt_attr *attr, |
| void *buf, uint16_t len, uint16_t offset) |
| { |
| struct bt_uuid *uuid = attr->user_data; |
| |
| if (uuid->type == BT_UUID_TYPE_16) { |
| uint16_t uuid16 = sys_cpu_to_le16(BT_UUID_16(uuid)->val); |
| |
| return bt_gatt_attr_read(conn, attr, buf, len, offset, |
| &uuid16, 2); |
| } |
| |
| return bt_gatt_attr_read(conn, attr, buf, len, offset, |
| BT_UUID_128(uuid)->val, 16); |
| } |
| |
| struct gatt_incl { |
| uint16_t start_handle; |
| uint16_t end_handle; |
| uint16_t uuid16; |
| } __packed; |
| |
| static uint8_t get_service_handles(const struct bt_gatt_attr *attr, |
| uint16_t handle, void *user_data) |
| { |
| struct gatt_incl *include = user_data; |
| |
| /* Stop if attribute is a service */ |
| if (!bt_uuid_cmp(attr->uuid, BT_UUID_GATT_PRIMARY) || |
| !bt_uuid_cmp(attr->uuid, BT_UUID_GATT_SECONDARY)) { |
| return BT_GATT_ITER_STOP; |
| } |
| |
| include->end_handle = handle; |
| |
| return BT_GATT_ITER_CONTINUE; |
| } |
| |
| uint16_t bt_gatt_attr_get_handle(const struct bt_gatt_attr *attr) |
| { |
| uint16_t handle = 1; |
| |
| if (!attr) { |
| return 0; |
| } |
| |
| if (attr->handle) { |
| return attr->handle; |
| } |
| |
| STRUCT_SECTION_FOREACH(bt_gatt_service_static, static_svc) { |
| /* Skip ahead if start is not within service attributes array */ |
| if ((attr < &static_svc->attrs[0]) || |
| (attr > &static_svc->attrs[static_svc->attr_count - 1])) { |
| handle += static_svc->attr_count; |
| continue; |
| } |
| |
| for (size_t i = 0; i < static_svc->attr_count; i++, handle++) { |
| if (attr == &static_svc->attrs[i]) { |
| return handle; |
| } |
| } |
| } |
| |
| return 0; |
| } |
| |
| ssize_t bt_gatt_attr_read_included(struct bt_conn *conn, |
| const struct bt_gatt_attr *attr, |
| void *buf, uint16_t len, uint16_t offset) |
| { |
| struct bt_gatt_attr *incl = attr->user_data; |
| uint16_t handle = bt_gatt_attr_get_handle(incl); |
| struct bt_uuid *uuid = incl->user_data; |
| struct gatt_incl pdu; |
| uint8_t value_len; |
| |
| /* first attr points to the start handle */ |
| pdu.start_handle = sys_cpu_to_le16(handle); |
| value_len = sizeof(pdu.start_handle) + sizeof(pdu.end_handle); |
| |
| /* |
| * Core 4.2, Vol 3, Part G, 3.2, |
| * The Service UUID shall only be present when the UUID is a |
| * 16-bit Bluetooth UUID. |
| */ |
| if (uuid->type == BT_UUID_TYPE_16) { |
| pdu.uuid16 = sys_cpu_to_le16(BT_UUID_16(uuid)->val); |
| value_len += sizeof(pdu.uuid16); |
| } |
| |
| /* Lookup for service end handle */ |
| bt_gatt_foreach_attr(handle + 1, 0xffff, get_service_handles, &pdu); |
| |
| return bt_gatt_attr_read(conn, attr, buf, len, offset, &pdu, value_len); |
| } |
| |
| struct gatt_chrc { |
| uint8_t properties; |
| uint16_t value_handle; |
| union { |
| uint16_t uuid16; |
| uint8_t uuid[16]; |
| }; |
| } __packed; |
| |
| uint16_t bt_gatt_attr_value_handle(const struct bt_gatt_attr *attr) |
| { |
| uint16_t handle = 0; |
| |
| if (attr != NULL && bt_uuid_cmp(attr->uuid, BT_UUID_GATT_CHRC) == 0) { |
| struct bt_gatt_chrc *chrc = attr->user_data; |
| |
| handle = chrc->value_handle; |
| if (handle == 0) { |
| /* Fall back to Zephyr value handle policy */ |
| handle = bt_gatt_attr_get_handle(attr) + 1U; |
| } |
| } |
| |
| return handle; |
| } |
| |
| ssize_t bt_gatt_attr_read_chrc(struct bt_conn *conn, |
| const struct bt_gatt_attr *attr, void *buf, |
| uint16_t len, uint16_t offset) |
| { |
| struct bt_gatt_chrc *chrc = attr->user_data; |
| struct gatt_chrc pdu; |
| uint8_t value_len; |
| |
| pdu.properties = chrc->properties; |
| /* BLUETOOTH SPECIFICATION Version 4.2 [Vol 3, Part G] page 534: |
| * 3.3.2 Characteristic Value Declaration |
| * The Characteristic Value declaration contains the value of the |
| * characteristic. It is the first Attribute after the characteristic |
| * declaration. All characteristic definitions shall have a |
| * Characteristic Value declaration. |
| */ |
| pdu.value_handle = sys_cpu_to_le16(bt_gatt_attr_value_handle(attr)); |
| |
| value_len = sizeof(pdu.properties) + sizeof(pdu.value_handle); |
| |
| if (chrc->uuid->type == BT_UUID_TYPE_16) { |
| pdu.uuid16 = sys_cpu_to_le16(BT_UUID_16(chrc->uuid)->val); |
| value_len += 2U; |
| } else { |
| memcpy(pdu.uuid, BT_UUID_128(chrc->uuid)->val, 16); |
| value_len += 16U; |
| } |
| |
| return bt_gatt_attr_read(conn, attr, buf, len, offset, &pdu, value_len); |
| } |
| |
| static uint8_t gatt_foreach_iter(const struct bt_gatt_attr *attr, |
| uint16_t handle, uint16_t start_handle, |
| uint16_t end_handle, |
| const struct bt_uuid *uuid, |
| const void *attr_data, uint16_t *num_matches, |
| bt_gatt_attr_func_t func, void *user_data) |
| { |
| uint8_t result; |
| |
| /* Stop if over the requested range */ |
| if (handle > end_handle) { |
| return BT_GATT_ITER_STOP; |
| } |
| |
| /* Check if attribute handle is within range */ |
| if (handle < start_handle) { |
| return BT_GATT_ITER_CONTINUE; |
| } |
| |
| /* Match attribute UUID if set */ |
| if (uuid && bt_uuid_cmp(uuid, attr->uuid)) { |
| return BT_GATT_ITER_CONTINUE; |
| } |
| |
| /* Match attribute user_data if set */ |
| if (attr_data && attr_data != attr->user_data) { |
| return BT_GATT_ITER_CONTINUE; |
| } |
| |
| *num_matches -= 1; |
| |
| result = func(attr, handle, user_data); |
| |
| if (!*num_matches) { |
| return BT_GATT_ITER_STOP; |
| } |
| |
| return result; |
| } |
| |
| static void foreach_attr_type_dyndb(uint16_t start_handle, uint16_t end_handle, |
| const struct bt_uuid *uuid, |
| const void *attr_data, uint16_t num_matches, |
| bt_gatt_attr_func_t func, void *user_data) |
| { |
| #if defined(CONFIG_BT_GATT_DYNAMIC_DB) |
| size_t i; |
| struct bt_gatt_service *svc; |
| |
| SYS_SLIST_FOR_EACH_CONTAINER(&db, svc, node) { |
| struct bt_gatt_service *next; |
| |
| next = SYS_SLIST_PEEK_NEXT_CONTAINER(svc, node); |
| if (next) { |
| /* Skip ahead if start is not within service handles */ |
| if (next->attrs[0].handle <= start_handle) { |
| continue; |
| } |
| } |
| |
| for (i = 0; i < svc->attr_count; i++) { |
| struct bt_gatt_attr *attr = &svc->attrs[i]; |
| |
| if (gatt_foreach_iter(attr, attr->handle, |
| start_handle, |
| end_handle, |
| uuid, attr_data, |
| &num_matches, |
| func, user_data) == |
| BT_GATT_ITER_STOP) { |
| return; |
| } |
| } |
| } |
| #endif /* CONFIG_BT_GATT_DYNAMIC_DB */ |
| } |
| |
| void bt_gatt_foreach_attr_type(uint16_t start_handle, uint16_t end_handle, |
| const struct bt_uuid *uuid, |
| const void *attr_data, uint16_t num_matches, |
| bt_gatt_attr_func_t func, void *user_data) |
| { |
| size_t i; |
| |
| if (!num_matches) { |
| num_matches = UINT16_MAX; |
| } |
| |
| if (start_handle <= last_static_handle) { |
| uint16_t handle = 1; |
| |
| STRUCT_SECTION_FOREACH(bt_gatt_service_static, static_svc) { |
| /* Skip ahead if start is not within service handles */ |
| if (handle + static_svc->attr_count < start_handle) { |
| handle += static_svc->attr_count; |
| continue; |
| } |
| |
| for (i = 0; i < static_svc->attr_count; i++, handle++) { |
| if (gatt_foreach_iter(&static_svc->attrs[i], |
| handle, start_handle, |
| end_handle, uuid, |
| attr_data, &num_matches, |
| func, user_data) == |
| BT_GATT_ITER_STOP) { |
| return; |
| } |
| } |
| } |
| } |
| |
| /* Iterate over dynamic db */ |
| foreach_attr_type_dyndb(start_handle, end_handle, uuid, attr_data, |
| num_matches, func, user_data); |
| } |
| |
| static uint8_t find_next(const struct bt_gatt_attr *attr, uint16_t handle, |
| void *user_data) |
| { |
| struct bt_gatt_attr **next = user_data; |
| |
| *next = (struct bt_gatt_attr *)attr; |
| |
| return BT_GATT_ITER_STOP; |
| } |
| |
| struct bt_gatt_attr *bt_gatt_attr_next(const struct bt_gatt_attr *attr) |
| { |
| struct bt_gatt_attr *next = NULL; |
| uint16_t handle = bt_gatt_attr_get_handle(attr); |
| |
| bt_gatt_foreach_attr(handle + 1, handle + 1, find_next, &next); |
| |
| return next; |
| } |
| |
| static struct bt_gatt_ccc_cfg *find_ccc_cfg(const struct bt_conn *conn, |
| struct _bt_gatt_ccc *ccc) |
| { |
| for (size_t i = 0; i < ARRAY_SIZE(ccc->cfg); i++) { |
| struct bt_gatt_ccc_cfg *cfg = &ccc->cfg[i]; |
| |
| if (conn) { |
| if (bt_conn_is_peer_addr_le(conn, cfg->id, |
| &cfg->peer)) { |
| return cfg; |
| } |
| } else if (!bt_addr_le_cmp(&cfg->peer, BT_ADDR_LE_ANY)) { |
| return cfg; |
| } |
| } |
| |
| return NULL; |
| } |
| |
| ssize_t bt_gatt_attr_read_ccc(struct bt_conn *conn, |
| const struct bt_gatt_attr *attr, void *buf, |
| uint16_t len, uint16_t offset) |
| { |
| struct _bt_gatt_ccc *ccc = attr->user_data; |
| const struct bt_gatt_ccc_cfg *cfg; |
| uint16_t value; |
| |
| cfg = find_ccc_cfg(conn, ccc); |
| if (cfg) { |
| value = sys_cpu_to_le16(cfg->value); |
| } else { |
| /* Default to disable if there is no cfg for the peer */ |
| value = 0x0000; |
| } |
| |
| return bt_gatt_attr_read(conn, attr, buf, len, offset, &value, |
| sizeof(value)); |
| } |
| |
| static void gatt_ccc_changed(const struct bt_gatt_attr *attr, |
| struct _bt_gatt_ccc *ccc) |
| { |
| int i; |
| uint16_t value = 0x0000; |
| |
| for (i = 0; i < ARRAY_SIZE(ccc->cfg); i++) { |
| if (ccc->cfg[i].value > value) { |
| value = ccc->cfg[i].value; |
| } |
| } |
| |
| BT_DBG("ccc %p value 0x%04x", ccc, value); |
| |
| if (value != ccc->value) { |
| ccc->value = value; |
| if (ccc->cfg_changed) { |
| ccc->cfg_changed(attr, value); |
| } |
| } |
| } |
| |
| ssize_t bt_gatt_attr_write_ccc(struct bt_conn *conn, |
| const struct bt_gatt_attr *attr, const void *buf, |
| uint16_t len, uint16_t offset, uint8_t flags) |
| { |
| struct _bt_gatt_ccc *ccc = attr->user_data; |
| struct bt_gatt_ccc_cfg *cfg; |
| bool value_changed; |
| uint16_t value; |
| |
| if (offset) { |
| return BT_GATT_ERR(BT_ATT_ERR_INVALID_OFFSET); |
| } |
| |
| if (!len || len > sizeof(uint16_t)) { |
| return BT_GATT_ERR(BT_ATT_ERR_INVALID_ATTRIBUTE_LEN); |
| } |
| |
| if (len < sizeof(uint16_t)) { |
| value = *(uint8_t *)buf; |
| } else { |
| value = sys_get_le16(buf); |
| } |
| |
| cfg = find_ccc_cfg(conn, ccc); |
| if (!cfg) { |
| /* If there's no existing entry, but the new value is zero, |
| * we don't need to do anything, since a disabled CCC is |
| * behaviorally the same as no written CCC. |
| */ |
| if (!value) { |
| return len; |
| } |
| |
| cfg = find_ccc_cfg(NULL, ccc); |
| if (!cfg) { |
| BT_WARN("No space to store CCC cfg"); |
| return BT_GATT_ERR(BT_ATT_ERR_INSUFFICIENT_RESOURCES); |
| } |
| |
| bt_addr_le_copy(&cfg->peer, &conn->le.dst); |
| cfg->id = conn->id; |
| } |
| |
| /* Confirm write if cfg is managed by application */ |
| if (ccc->cfg_write) { |
| ssize_t write = ccc->cfg_write(conn, attr, value); |
| |
| if (write < 0) { |
| return write; |
| } |
| |
| /* Accept size=1 for backwards compatibility */ |
| if (write != sizeof(value) && write != 1) { |
| return BT_GATT_ERR(BT_ATT_ERR_UNLIKELY); |
| } |
| } |
| |
| value_changed = cfg->value != value; |
| cfg->value = value; |
| |
| BT_DBG("handle 0x%04x value %u", attr->handle, cfg->value); |
| |
| /* Update cfg if don't match */ |
| if (cfg->value != ccc->value) { |
| gatt_ccc_changed(attr, ccc); |
| } |
| |
| if (value_changed) { |
| #if defined(CONFIG_BT_SETTINGS_CCC_STORE_ON_WRITE) |
| /* Enqueue CCC store if value has changed for the connection */ |
| gatt_ccc_conn_enqueue(conn); |
| #endif |
| } |
| |
| /* Disabled CCC is the same as no configured CCC, so clear the entry */ |
| if (!value) { |
| clear_ccc_cfg(cfg); |
| } |
| |
| return len; |
| } |
| |
| ssize_t bt_gatt_attr_read_cep(struct bt_conn *conn, |
| const struct bt_gatt_attr *attr, void *buf, |
| uint16_t len, uint16_t offset) |
| { |
| const struct bt_gatt_cep *value = attr->user_data; |
| uint16_t props = sys_cpu_to_le16(value->properties); |
| |
| return bt_gatt_attr_read(conn, attr, buf, len, offset, &props, |
| sizeof(props)); |
| } |
| |
| ssize_t bt_gatt_attr_read_cud(struct bt_conn *conn, |
| const struct bt_gatt_attr *attr, void *buf, |
| uint16_t len, uint16_t offset) |
| { |
| const char *value = attr->user_data; |
| |
| return bt_gatt_attr_read(conn, attr, buf, len, offset, value, |
| strlen(value)); |
| } |
| |
| struct gatt_cpf { |
| uint8_t format; |
| int8_t exponent; |
| uint16_t unit; |
| uint8_t name_space; |
| uint16_t description; |
| } __packed; |
| |
| ssize_t bt_gatt_attr_read_cpf(struct bt_conn *conn, |
| const struct bt_gatt_attr *attr, void *buf, |
| uint16_t len, uint16_t offset) |
| { |
| const struct bt_gatt_cpf *cpf = attr->user_data; |
| struct gatt_cpf value; |
| |
| value.format = cpf->format; |
| value.exponent = cpf->exponent; |
| value.unit = sys_cpu_to_le16(cpf->unit); |
| value.name_space = cpf->name_space; |
| value.description = sys_cpu_to_le16(cpf->description); |
| |
| return bt_gatt_attr_read(conn, attr, buf, len, offset, &value, |
| sizeof(value)); |
| } |
| |
| struct notify_data { |
| const struct bt_gatt_attr *attr; |
| uint16_t handle; |
| int err; |
| uint16_t type; |
| union { |
| struct bt_gatt_notify_params *nfy_params; |
| struct bt_gatt_indicate_params *ind_params; |
| }; |
| }; |
| |
| #if defined(CONFIG_BT_GATT_NOTIFY_MULTIPLE) |
| |
| static struct net_buf *nfy_mult[CONFIG_BT_MAX_CONN]; |
| |
| static int gatt_notify_mult_send(struct bt_conn *conn, struct net_buf *buf) |
| { |
| int ret; |
| uint8_t *pdu = buf->data; |
| /* PDU structure is [Opcode (1)] [Handle (2)] [Length (2)] [Value (Length)] */ |
| uint16_t first_attr_len = sys_get_le16(&pdu[3]); |
| |
| /* Convert to ATT_HANDLE_VALUE_NTF if containing a single handle. */ |
| if (buf->len == |
| (1 + sizeof(struct bt_att_notify_mult) + first_attr_len)) { |
| /* Store attr handle */ |
| uint16_t handle = sys_get_le16(&pdu[1]); |
| |
| /* Remove the ATT_MULTIPLE_HANDLE_VALUE_NTF opcode, |
| * attribute handle and length |
| */ |
| (void)net_buf_pull(buf, 1 + sizeof(struct bt_att_notify_mult)); |
| |
| /* Add back an ATT_HANDLE_VALUE_NTF opcode and attr handle */ |
| /* PDU structure is now [Opcode (1)] [Handle (1)] [Value] */ |
| net_buf_push_le16(buf, handle); |
| net_buf_push_u8(buf, BT_ATT_OP_NOTIFY); |
| BT_DBG("Converted BT_ATT_OP_NOTIFY_MULT with single attr to BT_ATT_OP_NOTIFY"); |
| } |
| |
| ret = bt_att_send(conn, buf); |
| if (ret < 0) { |
| net_buf_unref(buf); |
| } |
| |
| return ret; |
| } |
| |
| static void notify_mult_process(struct k_work *work) |
| { |
| int i; |
| |
| /* Send to any connection with an allocated buffer */ |
| for (i = 0; i < ARRAY_SIZE(nfy_mult); i++) { |
| struct net_buf **buf = &nfy_mult[i]; |
| |
| if (*buf) { |
| struct bt_conn *conn = bt_conn_lookup_index(i); |
| |
| gatt_notify_mult_send(conn, *buf); |
| *buf = NULL; |
| bt_conn_unref(conn); |
| } |
| } |
| } |
| |
| K_WORK_DELAYABLE_DEFINE(nfy_mult_work, notify_mult_process); |
| |
| static bool gatt_cf_notify_multi(struct bt_conn *conn) |
| { |
| struct gatt_cf_cfg *cfg; |
| |
| cfg = find_cf_cfg(conn); |
| if (!cfg) { |
| return false; |
| } |
| |
| return CF_NOTIFY_MULTI(cfg); |
| } |
| |
| static int gatt_notify_flush(struct bt_conn *conn) |
| { |
| int err = 0; |
| struct net_buf **buf = &nfy_mult[bt_conn_index(conn)]; |
| |
| if (*buf) { |
| err = gatt_notify_mult_send(conn, *buf); |
| *buf = NULL; |
| } |
| |
| return err; |
| } |
| |
| static void gatt_add_nfy_to_buf(struct net_buf *buf, |
| uint16_t handle, |
| struct bt_gatt_notify_params *params) |
| { |
| struct bt_att_notify_mult *nfy; |
| |
| nfy = net_buf_add(buf, sizeof(*nfy)); |
| nfy->handle = sys_cpu_to_le16(handle); |
| nfy->len = sys_cpu_to_le16(params->len); |
| |
| net_buf_add(buf, params->len); |
| (void)memcpy(nfy->value, params->data, params->len); |
| } |
| |
| #if (CONFIG_BT_GATT_NOTIFY_MULTIPLE_FLUSH_MS != 0) |
| static int gatt_notify_mult(struct bt_conn *conn, uint16_t handle, |
| struct bt_gatt_notify_params *params) |
| { |
| struct net_buf **buf = &nfy_mult[bt_conn_index(conn)]; |
| |
| /* Check if we can fit more data into it, in case it doesn't fit send |
| * the existing buffer and proceed to create a new one |
| */ |
| if (*buf && ((net_buf_tailroom(*buf) < sizeof(struct bt_att_notify_mult) + params->len) || |
| !bt_att_tx_meta_data_match(*buf, params->func, params->user_data))) { |
| int ret; |
| |
| ret = gatt_notify_mult_send(conn, *buf); |
| *buf = NULL; |
| if (ret < 0) { |
| return ret; |
| } |
| } |
| |
| if (!*buf) { |
| *buf = bt_att_create_pdu(conn, BT_ATT_OP_NOTIFY_MULT, |
| sizeof(struct bt_att_notify_mult) + params->len); |
| if (!*buf) { |
| return -ENOMEM; |
| } |
| |
| bt_att_set_tx_meta_data(*buf, params->func, params->user_data); |
| } else { |
| /* Increment the number of handles, ensuring the notify callback |
| * gets called once for every attribute. |
| */ |
| bt_att_increment_tx_meta_data_attr_count(*buf, 1); |
| } |
| |
| BT_DBG("handle 0x%04x len %u", handle, params->len); |
| gatt_add_nfy_to_buf(*buf, handle, params); |
| |
| /* Use `k_work_schedule` to keep the original deadline, instead of |
| * re-setting the timeout whenever a new notification is appended. |
| */ |
| k_work_schedule(&nfy_mult_work, |
| K_MSEC(CONFIG_BT_GATT_NOTIFY_MULTIPLE_FLUSH_MS)); |
| |
| return 0; |
| } |
| #endif /* CONFIG_BT_GATT_NOTIFY_MULTIPLE_FLUSH_MS != 0 */ |
| #endif /* CONFIG_BT_GATT_NOTIFY_MULTIPLE */ |
| |
| static int gatt_notify(struct bt_conn *conn, uint16_t handle, |
| struct bt_gatt_notify_params *params) |
| { |
| struct net_buf *buf; |
| struct bt_att_notify *nfy; |
| |
| #if defined(CONFIG_BT_GATT_ENFORCE_CHANGE_UNAWARE) |
| /* BLUETOOTH CORE SPECIFICATION Version 5.3 |
| * Vol 3, Part G 2.5.3 (page 1479): |
| * |
| * Except for a Handle Value indication for the Service Changed |
| * characteristic, the server shall not send notifications and |
| * indications to such a client until it becomes change-aware. |
| */ |
| if (!bt_gatt_change_aware(conn, false)) { |
| return -EAGAIN; |
| } |
| #endif |
| |
| /* Confirm that the connection has the correct level of security */ |
| if (bt_gatt_check_perm(conn, params->attr, BT_GATT_PERM_READ_ENCRYPT_MASK)) { |
| BT_WARN("Link is not encrypted"); |
| return -EPERM; |
| } |
| |
| /* Check if client has subscribed before sending notifications. |
| * This is not really required in the Bluetooth specification, but |
| * follows its spirit. |
| */ |
| if (!bt_gatt_is_subscribed(conn, params->attr, BT_GATT_CCC_NOTIFY)) { |
| BT_WARN("Device is not subscribed to characteristic"); |
| return -EINVAL; |
| } |
| |
| #if defined(CONFIG_BT_GATT_NOTIFY_MULTIPLE) && (CONFIG_BT_GATT_NOTIFY_MULTIPLE_FLUSH_MS != 0) |
| if (gatt_cf_notify_multi(conn)) { |
| return gatt_notify_mult(conn, handle, params); |
| } |
| #endif /* CONFIG_BT_GATT_NOTIFY_MULTIPLE */ |
| |
| buf = bt_att_create_pdu(conn, BT_ATT_OP_NOTIFY, |
| sizeof(*nfy) + params->len); |
| if (!buf) { |
| BT_WARN("No buffer available to send notification"); |
| return -ENOMEM; |
| } |
| |
| BT_DBG("conn %p handle 0x%04x", conn, handle); |
| |
| nfy = net_buf_add(buf, sizeof(*nfy)); |
| nfy->handle = sys_cpu_to_le16(handle); |
| |
| net_buf_add(buf, params->len); |
| memcpy(nfy->value, params->data, params->len); |
| |
| bt_att_set_tx_meta_data(buf, params->func, params->user_data); |
| return bt_att_send(conn, buf); |
| } |
| |
| static void gatt_indicate_rsp(struct bt_conn *conn, uint8_t err, |
| const void *pdu, uint16_t length, void *user_data) |
| { |
| struct bt_gatt_indicate_params *params = user_data; |
| |
| if (params->func) { |
| params->func(conn, params, err); |
| } |
| |
| params->_ref--; |
| if (params->destroy && (params->_ref == 0)) { |
| params->destroy(params); |
| } |
| } |
| |
| static struct bt_att_req *gatt_req_alloc(bt_att_func_t func, void *params, |
| bt_att_encode_t encode, |
| uint8_t op, |
| size_t len) |
| { |
| struct bt_att_req *req; |
| |
| /* Allocate new request */ |
| req = bt_att_req_alloc(BT_ATT_TIMEOUT); |
| if (!req) { |
| return NULL; |
| } |
| |
| #if defined(CONFIG_BT_SMP) |
| req->att_op = op; |
| req->len = len; |
| req->encode = encode; |
| #endif |
| req->func = func; |
| req->user_data = params; |
| |
| return req; |
| } |
| |
| #ifdef CONFIG_BT_GATT_CLIENT |
| static int gatt_req_send(struct bt_conn *conn, bt_att_func_t func, void *params, |
| bt_att_encode_t encode, uint8_t op, size_t len) |
| |
| { |
| struct bt_att_req *req; |
| struct net_buf *buf; |
| int err; |
| |
| req = gatt_req_alloc(func, params, encode, op, len); |
| if (!req) { |
| return -ENOMEM; |
| } |
| |
| buf = bt_att_create_pdu(conn, op, len); |
| if (!buf) { |
| bt_att_req_free(req); |
| return -ENOMEM; |
| } |
| |
| req->buf = buf; |
| |
| err = encode(buf, len, params); |
| if (err) { |
| bt_att_req_free(req); |
| return err; |
| } |
| |
| err = bt_att_req_send(conn, req); |
| if (err) { |
| bt_att_req_free(req); |
| } |
| |
| return err; |
| } |
| #endif |
| |
| static int gatt_indicate(struct bt_conn *conn, uint16_t handle, |
| struct bt_gatt_indicate_params *params) |
| { |
| struct net_buf *buf; |
| struct bt_att_indicate *ind; |
| struct bt_att_req *req; |
| size_t len; |
| int err; |
| |
| #if defined(CONFIG_BT_GATT_ENFORCE_CHANGE_UNAWARE) |
| /* BLUETOOTH CORE SPECIFICATION Version 5.1 | Vol 3, Part G page 2350: |
| * Except for the Handle Value indication, the server shall not send |
| * notifications and indications to such a client until it becomes |
| * change-aware. |
| */ |
| if (!(params->func && (params->func == sc_indicate_rsp || |
| params->func == sc_restore_rsp)) && |
| !bt_gatt_change_aware(conn, false)) { |
| return -EAGAIN; |
| } |
| #endif |
| |
| /* Confirm that the connection has the correct level of security */ |
| if (bt_gatt_check_perm(conn, params->attr, BT_GATT_PERM_READ_ENCRYPT_MASK)) { |
| BT_WARN("Link is not encrypted"); |
| return -EPERM; |
| } |
| |
| /* Check if client has subscribed before sending notifications. |
| * This is not really required in the Bluetooth specification, but |
| * follows its spirit. |
| */ |
| if (!bt_gatt_is_subscribed(conn, params->attr, BT_GATT_CCC_INDICATE)) { |
| BT_WARN("Device is not subscribed to characteristic"); |
| return -EINVAL; |
| } |
| |
| len = sizeof(*ind) + params->len; |
| |
| req = gatt_req_alloc(gatt_indicate_rsp, params, NULL, |
| BT_ATT_OP_INDICATE, len); |
| if (!req) { |
| return -ENOMEM; |
| } |
| |
| buf = bt_att_create_pdu(conn, BT_ATT_OP_INDICATE, len); |
| if (!buf) { |
| BT_WARN("No buffer available to send indication"); |
| bt_att_req_free(req); |
| return -ENOMEM; |
| } |
| |
| ind = net_buf_add(buf, sizeof(*ind)); |
| ind->handle = sys_cpu_to_le16(handle); |
| |
| net_buf_add(buf, params->len); |
| memcpy(ind->value, params->data, params->len); |
| |
| BT_DBG("conn %p handle 0x%04x", conn, handle); |
| |
| req->buf = buf; |
| |
| err = bt_att_req_send(conn, req); |
| if (err) { |
| bt_att_req_free(req); |
| } |
| |
| return err; |
| } |
| |
| static uint8_t notify_cb(const struct bt_gatt_attr *attr, uint16_t handle, |
| void *user_data) |
| { |
| struct notify_data *data = user_data; |
| struct _bt_gatt_ccc *ccc; |
| size_t i; |
| |
| /* Check attribute user_data must be of type struct _bt_gatt_ccc */ |
| if (attr->write != bt_gatt_attr_write_ccc) { |
| return BT_GATT_ITER_CONTINUE; |
| } |
| |
| ccc = attr->user_data; |
| |
| /* Save Service Changed data if peer is not connected */ |
| if (IS_ENABLED(CONFIG_BT_GATT_SERVICE_CHANGED) && ccc == &sc_ccc) { |
| for (i = 0; i < ARRAY_SIZE(sc_cfg); i++) { |
| struct gatt_sc_cfg *cfg = &sc_cfg[i]; |
| struct bt_conn *conn; |
| |
| if (!bt_addr_le_cmp(&cfg->peer, BT_ADDR_LE_ANY)) { |
| continue; |
| } |
| |
| conn = bt_conn_lookup_state_le(cfg->id, &cfg->peer, |
| BT_CONN_CONNECTED); |
| if (!conn) { |
| struct sc_data *sc; |
| |
| sc = (struct sc_data *)data->ind_params->data; |
| sc_save(cfg->id, &cfg->peer, |
| sys_le16_to_cpu(sc->start), |
| sys_le16_to_cpu(sc->end)); |
| continue; |
| } |
| |
| bt_conn_unref(conn); |
| } |
| } |
| |
| /* Notify all peers configured */ |
| for (i = 0; i < ARRAY_SIZE(ccc->cfg); i++) { |
| struct bt_gatt_ccc_cfg *cfg = &ccc->cfg[i]; |
| struct bt_conn *conn; |
| int err; |
| |
| /* Check if config value matches data type since consolidated |
| * value may be for a different peer. |
| */ |
| if (cfg->value != data->type) { |
| continue; |
| } |
| |
| conn = bt_conn_lookup_addr_le(cfg->id, &cfg->peer); |
| if (!conn) { |
| continue; |
| } |
| |
| if (conn->state != BT_CONN_CONNECTED) { |
| bt_conn_unref(conn); |
| continue; |
| } |
| |
| /* Confirm match if cfg is managed by application */ |
| if (ccc->cfg_match && !ccc->cfg_match(conn, attr)) { |
| bt_conn_unref(conn); |
| continue; |
| } |
| |
| /* Confirm that the connection has the correct level of security */ |
| if (bt_gatt_check_perm(conn, attr, BT_GATT_PERM_READ_ENCRYPT_MASK)) { |
| BT_WARN("Link is not encrypted"); |
| bt_conn_unref(conn); |
| continue; |
| } |
| |
| /* Use the Characteristic Value handle discovered since the |
| * Client Characteristic Configuration descriptor may occur |
| * in any position within the characteristic definition after |
| * the Characteristic Value. |
| * Only notify or indicate devices which are subscribed. |
| */ |
| if ((data->type == BT_GATT_CCC_INDICATE) && |
| (cfg->value & BT_GATT_CCC_INDICATE)) { |
| err = gatt_indicate(conn, data->handle, data->ind_params); |
| if (err == 0) { |
| data->ind_params->_ref++; |
| } |
| } else if ((data->type == BT_GATT_CCC_NOTIFY) && |
| (cfg->value & BT_GATT_CCC_NOTIFY)) { |
| err = gatt_notify(conn, data->handle, data->nfy_params); |
| } else { |
| err = 0; |
| } |
| |
| bt_conn_unref(conn); |
| |
| if (err < 0) { |
| return BT_GATT_ITER_STOP; |
| } |
| |
| data->err = 0; |
| } |
| |
| return BT_GATT_ITER_CONTINUE; |
| } |
| |
| static uint8_t match_uuid(const struct bt_gatt_attr *attr, uint16_t handle, |
| void *user_data) |
| { |
| struct notify_data *data = user_data; |
| |
| data->attr = attr; |
| data->handle = handle; |
| |
| return BT_GATT_ITER_STOP; |
| } |
| |
| static bool gatt_find_by_uuid(struct notify_data *found, |
| const struct bt_uuid *uuid) |
| { |
| found->attr = NULL; |
| |
| bt_gatt_foreach_attr_type(found->handle, 0xffff, uuid, NULL, 1, |
| match_uuid, found); |
| |
| return found->attr ? true : false; |
| } |
| |
| struct bt_gatt_attr *bt_gatt_find_by_uuid(const struct bt_gatt_attr *attr, |
| uint16_t attr_count, |
| const struct bt_uuid *uuid) |
| { |
| struct bt_gatt_attr *found = NULL; |
| uint16_t start_handle = bt_gatt_attr_value_handle(attr); |
| uint16_t end_handle = start_handle && attr_count ? |
| start_handle + attr_count : 0xffff; |
| |
| bt_gatt_foreach_attr_type(start_handle, end_handle, uuid, NULL, 1, |
| find_next, &found); |
| |
| return found; |
| } |
| |
| int bt_gatt_notify_cb(struct bt_conn *conn, |
| struct bt_gatt_notify_params *params) |
| { |
| struct notify_data data; |
| |
| __ASSERT(params, "invalid parameters\n"); |
| __ASSERT(params->attr || params->uuid, "invalid parameters\n"); |
| |
| if (!atomic_test_bit(bt_dev.flags, BT_DEV_READY)) { |
| return -EAGAIN; |
| } |
| |
| if (conn && conn->state != BT_CONN_CONNECTED) { |
| return -ENOTCONN; |
| } |
| |
| data.attr = params->attr; |
| data.handle = bt_gatt_attr_get_handle(data.attr); |
| |
| /* Lookup UUID if it was given */ |
| if (params->uuid) { |
| if (!gatt_find_by_uuid(&data, params->uuid)) { |
| return -ENOENT; |
| } |
| |
| params->attr = data.attr; |
| } else { |
| if (!data.handle) { |
| return -ENOENT; |
| } |
| } |
| |
| /* Check if attribute is a characteristic then adjust the handle */ |
| if (!bt_uuid_cmp(data.attr->uuid, BT_UUID_GATT_CHRC)) { |
| struct bt_gatt_chrc *chrc = data.attr->user_data; |
| |
| if (!(chrc->properties & BT_GATT_CHRC_NOTIFY)) { |
| return -EINVAL; |
| } |
| |
| data.handle = bt_gatt_attr_value_handle(data.attr); |
| } |
| |
| if (conn) { |
| return gatt_notify(conn, data.handle, params); |
| } |
| |
| data.err = -ENOTCONN; |
| data.type = BT_GATT_CCC_NOTIFY; |
| data.nfy_params = params; |
| |
| bt_gatt_foreach_attr_type(data.handle, 0xffff, BT_UUID_GATT_CCC, NULL, |
| 1, notify_cb, &data); |
| |
| return data.err; |
| } |
| |
| #if defined(CONFIG_BT_GATT_NOTIFY_MULTIPLE) |
| static int gatt_notify_multiple_verify_args(struct bt_conn *conn, |
| struct bt_gatt_notify_params params[], |
| uint16_t num_params) |
| { |
| __ASSERT(params, "invalid parameters\n"); |
| __ASSERT(params->attr, "invalid parameters\n"); |
| |
| CHECKIF(num_params < 2) { |
| /* Use the standard notification API when sending only one |
| * notification. |
| */ |
| return -EINVAL; |
| } |
| |
| CHECKIF(conn == NULL) { |
| /* Use the standard notification API to send to all connected |
| * peers. |
| */ |
| return -EINVAL; |
| } |
| |
| if (!atomic_test_bit(bt_dev.flags, BT_DEV_READY)) { |
| return -EAGAIN; |
| } |
| |
| if (conn->state != BT_CONN_CONNECTED) { |
| return -ENOTCONN; |
| } |
| |
| #if defined(CONFIG_BT_GATT_ENFORCE_CHANGE_UNAWARE) |
| /* BLUETOOTH CORE SPECIFICATION Version 5.3 |
| * Vol 3, Part G 2.5.3 (page 1479): |
| * |
| * Except for a Handle Value indication for the Service Changed |
| * characteristic, the server shall not send notifications and |
| * indications to such a client until it becomes change-aware. |
| */ |
| if (!bt_gatt_change_aware(conn, false)) { |
| return -EAGAIN; |
| } |
| #endif |
| |
| /* This API guarantees an ATT_MULTIPLE_HANDLE_VALUE_NTF over the air. */ |
| if (!gatt_cf_notify_multi(conn)) { |
| return -EOPNOTSUPP; |
| } |
| |
| return 0; |
| } |
| |
| static int gatt_notify_multiple_verify_params(struct bt_conn *conn, |
| struct bt_gatt_notify_params params[], |
| uint16_t num_params, size_t *total_len) |
| { |
| for (uint16_t i = 0; i < num_params; i++) { |
| /* Compute the total data length. */ |
| *total_len += params[i].len; |
| |
| /* Confirm that the connection has the correct level of security. */ |
| if (bt_gatt_check_perm(conn, params[i].attr, |
| BT_GATT_PERM_READ_ENCRYPT | |
| BT_GATT_PERM_READ_AUTHEN)) { |
| BT_WARN("Link is not encrypted"); |
| return -EPERM; |
| } |
| |
| /* The current implementation requires the same callbacks and |
| * user_data. |
| */ |
| if ((params[0].func != params[i].func) || |
| (params[0].user_data != params[i].user_data)) { |
| return -EINVAL; |
| } |
| |
| /* This API doesn't support passing UUIDs. */ |
| if (params[i].uuid) { |
| return -EINVAL; |
| } |
| |
| /* Check if the supplied handle is invalid. */ |
| if (!bt_gatt_attr_get_handle(params[i].attr)) { |
| return -EINVAL; |
| } |
| } |
| |
| /* PDU length is specified with a 16-bit value. */ |
| if (*total_len > UINT16_MAX) { |
| return -ERANGE; |
| } |
| |
| /* Check there is a bearer with a high enough MTU. */ |
| if (bt_att_get_mtu(conn) < |
| (sizeof(struct bt_att_notify_mult) + *total_len)) { |
| return -ERANGE; |
| } |
| |
| return 0; |
| } |
| |
| int bt_gatt_notify_multiple(struct bt_conn *conn, |
| uint16_t num_params, |
| struct bt_gatt_notify_params params[]) |
| { |
| int err; |
| size_t total_len = 0; |
| struct net_buf *buf; |
| |
| /* Validate arguments, connection state and feature support. */ |
| err = gatt_notify_multiple_verify_args(conn, params, num_params); |
| if (err) { |
| return err; |
| } |
| |
| /* Validate all the attributes that we want to notify. |
| * Also gets us the total length of the PDU as a side-effect. |
| */ |
| err = gatt_notify_multiple_verify_params(conn, params, num_params, &total_len); |
| if (err) { |
| return err; |
| } |
| |
| /* Send any outstanding notifications. |
| * Frees up buffer space for our PDU. |
| */ |
| gatt_notify_flush(conn); |
| |
| /* Build the PDU */ |
| buf = bt_att_create_pdu(conn, BT_ATT_OP_NOTIFY_MULT, |
| sizeof(struct bt_att_notify_mult) + total_len); |
| if (!buf) { |
| return -ENOMEM; |
| } |
| |
| /* Register the callback. It will be called num_params times. */ |
| bt_att_set_tx_meta_data(buf, params->func, params->user_data); |
| bt_att_increment_tx_meta_data_attr_count(buf, num_params - 1); |
| |
| for (uint16_t i = 0; i < num_params; i++) { |
| struct notify_data data; |
| const struct bt_gatt_chrc *chrc; |
| |
| data.attr = params[i].attr; |
| data.handle = bt_gatt_attr_get_handle(data.attr); |
| chrc = data.attr->user_data; |
| |
| /* Check if attribute is a characteristic then adjust the |
| * handle |
| */ |
| if (!bt_uuid_cmp(data.attr->uuid, BT_UUID_GATT_CHRC)) { |
| data.handle = bt_gatt_attr_value_handle(data.attr); |
| } |
| |
| /* Check if notifications are supported for that chrc. */ |
| if (!(chrc->properties & BT_GATT_CHRC_NOTIFY)) { |
| bt_att_free_tx_meta_data(buf); |
| net_buf_unref(buf); |
| |
| return -EINVAL; |
| } |
| |
| /* Add handle and data to the command buffer. */ |
| gatt_add_nfy_to_buf(buf, data.handle, ¶ms[i]); |
| } |
| |
| /* Send the buffer. */ |
| return gatt_notify_mult_send(conn, buf); |
| } |
| #endif /* CONFIG_BT_GATT_NOTIFY_MULTIPLE */ |
| |
| int bt_gatt_indicate(struct bt_conn *conn, |
| struct bt_gatt_indicate_params *params) |
| { |
| struct notify_data data; |
| |
| __ASSERT(params, "invalid parameters\n"); |
| __ASSERT(params->attr || params->uuid, "invalid parameters\n"); |
| |
| if (!atomic_test_bit(bt_dev.flags, BT_DEV_READY)) { |
| return -EAGAIN; |
| } |
| |
| if (conn && conn->state != BT_CONN_CONNECTED) { |
| return -ENOTCONN; |
| } |
| |
| data.attr = params->attr; |
| data.handle = bt_gatt_attr_get_handle(data.attr); |
| |
| /* Lookup UUID if it was given */ |
| if (params->uuid) { |
| if (!gatt_find_by_uuid(&data, params->uuid)) { |
| return -ENOENT; |
| } |
| |
| params->attr = data.attr; |
| } else { |
| if (!data.handle) { |
| return -ENOENT; |
| } |
| } |
| |
| /* Check if attribute is a characteristic then adjust the handle */ |
| if (!bt_uuid_cmp(data.attr->uuid, BT_UUID_GATT_CHRC)) { |
| struct bt_gatt_chrc *chrc = data.attr->user_data; |
| |
| if (!(chrc->properties & BT_GATT_CHRC_INDICATE)) { |
| return -EINVAL; |
| } |
| |
| data.handle = bt_gatt_attr_value_handle(data.attr); |
| } |
| |
| if (conn) { |
| params->_ref = 1; |
| return gatt_indicate(conn, data.handle, params); |
| } |
| |
| data.err = -ENOTCONN; |
| data.type = BT_GATT_CCC_INDICATE; |
| data.ind_params = params; |
| |
| params->_ref = 0; |
| bt_gatt_foreach_attr_type(data.handle, 0xffff, BT_UUID_GATT_CCC, NULL, |
| 1, notify_cb, &data); |
| |
| return data.err; |
| } |
| |
| uint16_t bt_gatt_get_mtu(struct bt_conn *conn) |
| { |
| return bt_att_get_mtu(conn); |
| } |
| |
| uint8_t bt_gatt_check_perm(struct bt_conn *conn, const struct bt_gatt_attr *attr, |
| uint16_t mask) |
| { |
| if ((mask & BT_GATT_PERM_READ) && |
| (!(attr->perm & BT_GATT_PERM_READ_MASK) || !attr->read)) { |
| return BT_ATT_ERR_READ_NOT_PERMITTED; |
| } |
| |
| if ((mask & BT_GATT_PERM_WRITE) && |
| (!(attr->perm & BT_GATT_PERM_WRITE_MASK) || !attr->write)) { |
| return BT_ATT_ERR_WRITE_NOT_PERMITTED; |
| } |
| |
| if (IS_ENABLED(CONFIG_BT_CONN_DISABLE_SECURITY)) { |
| return 0; |
| } |
| |
| mask &= attr->perm; |
| |
| if (mask & BT_GATT_PERM_LESC_MASK) { |
| if (!IS_ENABLED(CONFIG_BT_SMP) || !conn->le.keys || |
| (conn->le.keys->flags & BT_KEYS_SC) == 0) { |
| return BT_ATT_ERR_AUTHENTICATION; |
| } |
| } |
| |
| if (mask & BT_GATT_PERM_AUTHEN_MASK) { |
| if (bt_conn_get_security(conn) < BT_SECURITY_L3) { |
| return BT_ATT_ERR_AUTHENTICATION; |
| } |
| } |
| |
| if ((mask & BT_GATT_PERM_ENCRYPT_MASK)) { |
| #if defined(CONFIG_BT_SMP) |
| if (!conn->encrypt) { |
| return BT_ATT_ERR_INSUFFICIENT_ENCRYPTION; |
| } |
| #else |
| return BT_ATT_ERR_INSUFFICIENT_ENCRYPTION; |
| #endif /* CONFIG_BT_SMP */ |
| } |
| |
| return 0; |
| } |
| |
| static void sc_restore_rsp(struct bt_conn *conn, |
| struct bt_gatt_indicate_params *params, uint8_t err) |
| { |
| #if defined(CONFIG_BT_GATT_CACHING) |
| struct gatt_cf_cfg *cfg; |
| #endif |
| |
| BT_DBG("err 0x%02x", err); |
| |
| #if defined(CONFIG_BT_GATT_CACHING) |
| /* BLUETOOTH CORE SPECIFICATION Version 5.3 | Vol 3, Part G page 1476: |
| * 2.5.2.1 Robust Caching |
| * ... a change-unaware connected client using exactly one ATT bearer |
| * becomes change-aware when ... |
| * The client receives and confirms a Handle Value Indication |
| * for the Service Changed characteristic |
| */ |
| |
| if (bt_att_fixed_chan_only(conn)) { |
| cfg = find_cf_cfg(conn); |
| if (cfg && CF_ROBUST_CACHING(cfg)) { |
| atomic_set_bit(cfg->flags, CF_CHANGE_AWARE); |
| BT_DBG("%s change-aware", bt_addr_le_str(&cfg->peer)); |
| } |
| } |
| #endif /* CONFIG_BT_GATT_CACHING */ |
| |
| if (!err && IS_ENABLED(CONFIG_BT_GATT_SERVICE_CHANGED)) { |
| struct gatt_sc_cfg *sc_cfg = find_sc_cfg(conn->id, &conn->le.dst); |
| |
| if (sc_cfg) { |
| sc_reset(sc_cfg); |
| } |
| } |
| } |
| |
| static struct bt_gatt_indicate_params sc_restore_params[CONFIG_BT_MAX_CONN]; |
| |
| static void sc_restore(struct bt_conn *conn) |
| { |
| struct gatt_sc_cfg *cfg; |
| uint16_t sc_range[2]; |
| uint8_t index; |
| |
| cfg = find_sc_cfg(conn->id, &conn->le.dst); |
| if (!cfg) { |
| BT_DBG("no SC data found"); |
| return; |
| } |
| |
| if (!(cfg->data.start || cfg->data.end)) { |
| return; |
| } |
| |
| BT_DBG("peer %s start 0x%04x end 0x%04x", bt_addr_le_str(&cfg->peer), |
| cfg->data.start, cfg->data.end); |
| |
| sc_range[0] = sys_cpu_to_le16(cfg->data.start); |
| sc_range[1] = sys_cpu_to_le16(cfg->data.end); |
| |
| index = bt_conn_index(conn); |
| sc_restore_params[index].attr = &_1_gatt_svc.attrs[2]; |
| sc_restore_params[index].func = sc_restore_rsp; |
| sc_restore_params[index].data = &sc_range[0]; |
| sc_restore_params[index].len = sizeof(sc_range); |
| |
| if (bt_gatt_indicate(conn, &sc_restore_params[index])) { |
| BT_ERR("SC restore indication failed"); |
| } |
| } |
| |
| struct conn_data { |
| struct bt_conn *conn; |
| bt_security_t sec; |
| }; |
| |
| static uint8_t update_ccc(const struct bt_gatt_attr *attr, uint16_t handle, |
| void *user_data) |
| { |
| struct conn_data *data = user_data; |
| struct bt_conn *conn = data->conn; |
| struct _bt_gatt_ccc *ccc; |
| size_t i; |
| uint8_t err; |
| |
| /* Check attribute user_data must be of type struct _bt_gatt_ccc */ |
| if (attr->write != bt_gatt_attr_write_ccc) { |
| return BT_GATT_ITER_CONTINUE; |
| } |
| |
| ccc = attr->user_data; |
| |
| for (i = 0; i < ARRAY_SIZE(ccc->cfg); i++) { |
| struct bt_gatt_ccc_cfg *cfg = &ccc->cfg[i]; |
| |
| /* Ignore configuration for different peer or not active */ |
| if (!cfg->value || |
| !bt_conn_is_peer_addr_le(conn, cfg->id, &cfg->peer)) { |
| continue; |
| } |
| |
| /* Check if attribute requires encryption/authentication */ |
| err = bt_gatt_check_perm(conn, attr, BT_GATT_PERM_WRITE_MASK); |
| if (err) { |
| bt_security_t sec; |
| |
| if (err == BT_ATT_ERR_WRITE_NOT_PERMITTED) { |
| BT_WARN("CCC %p not writable", attr); |
| continue; |
| } |
| |
| sec = BT_SECURITY_L2; |
| |
| if (err == BT_ATT_ERR_AUTHENTICATION) { |
| sec = BT_SECURITY_L3; |
| } |
| |
| /* Check if current security is enough */ |
| if (IS_ENABLED(CONFIG_BT_SMP) && |
| bt_conn_get_security(conn) < sec) { |
| if (data->sec < sec) { |
| data->sec = sec; |
| } |
| continue; |
| } |
| } |
| |
| gatt_ccc_changed(attr, ccc); |
| |
| if (IS_ENABLED(CONFIG_BT_GATT_SERVICE_CHANGED) && |
| ccc == &sc_ccc) { |
| sc_restore(conn); |
| } |
| |
| return BT_GATT_ITER_CONTINUE; |
| } |
| |
| return BT_GATT_ITER_CONTINUE; |
| } |
| |
| static uint8_t disconnected_cb(const struct bt_gatt_attr *attr, uint16_t handle, |
| void *user_data) |
| { |
| struct bt_conn *conn = user_data; |
| struct _bt_gatt_ccc *ccc; |
| bool value_used; |
| size_t i; |
| |
| /* Check attribute user_data must be of type struct _bt_gatt_ccc */ |
| if (attr->write != bt_gatt_attr_write_ccc) { |
| return BT_GATT_ITER_CONTINUE; |
| } |
| |
| ccc = attr->user_data; |
| |
| /* If already disabled skip */ |
| if (!ccc->value) { |
| return BT_GATT_ITER_CONTINUE; |
| } |
| |
| /* Checking if all values are disabled */ |
| value_used = false; |
| |
| for (i = 0; i < ARRAY_SIZE(ccc->cfg); i++) { |
| struct bt_gatt_ccc_cfg *cfg = &ccc->cfg[i]; |
| |
| /* Ignore configurations with disabled value */ |
| if (!cfg->value) { |
| continue; |
| } |
| |
| if (!bt_conn_is_peer_addr_le(conn, cfg->id, &cfg->peer)) { |
| struct bt_conn *tmp; |
| |
| /* Skip if there is another peer connected */ |
| tmp = bt_conn_lookup_addr_le(cfg->id, &cfg->peer); |
| if (tmp) { |
| if (tmp->state == BT_CONN_CONNECTED) { |
| value_used = true; |
| } |
| |
| bt_conn_unref(tmp); |
| } |
| } else { |
| /* Clear value if not paired */ |
| if (!bt_addr_le_is_bonded(conn->id, &conn->le.dst)) { |
| if (ccc == &sc_ccc) { |
| sc_clear(conn); |
| } |
| |
| clear_ccc_cfg(cfg); |
| } else { |
| /* Update address in case it has changed */ |
| bt_addr_le_copy(&cfg->peer, &conn->le.dst); |
| } |
| } |
| } |
| |
| /* If all values are now disabled, reset value while disconnected */ |
| if (!value_used) { |
| ccc->value = 0U; |
| if (ccc->cfg_changed) { |
| ccc->cfg_changed(attr, ccc->value); |
| } |
| |
| BT_DBG("ccc %p reseted", ccc); |
| } |
| |
| return BT_GATT_ITER_CONTINUE; |
| } |
| |
| bool bt_gatt_is_subscribed(struct bt_conn *conn, |
| const struct bt_gatt_attr *attr, uint16_t ccc_type) |
| { |
| const struct _bt_gatt_ccc *ccc; |
| |
| __ASSERT(conn, "invalid parameter\n"); |
| __ASSERT(attr, "invalid parameter\n"); |
| |
| if (conn->state != BT_CONN_CONNECTED) { |
| return false; |
| } |
| |
| /* Check if attribute is a characteristic declaration */ |
| if (!bt_uuid_cmp(attr->uuid, BT_UUID_GATT_CHRC)) { |
| struct bt_gatt_chrc *chrc = attr->user_data; |
| |
| if (!(chrc->properties & |
| (BT_GATT
|