void acl_clear_all_ignore_auto_connect_after_disconnect() {
btm_cb.acl_cb_.ClearAllIgnoreAutoConnectAfterDisconnect();
}
+
+/**
+ * Confusingly, immutable device features are stored in the
+ * ephemeral connection data structure while connection security
+ * is stored in the device record.
+ *
+ * This HACK allows legacy security protocols to work as intended under
+ * those conditions.
+ */
+void HACK_acl_check_sm4(tBTM_SEC_DEV_REC& record) {
+ // Return if we already know this info
+ if ((record.sm4 & BTM_SM4_TRUE) != BTM_SM4_UNKNOWN) return;
+
+ tACL_CONN* p_acl =
+ internal_.btm_bda_to_acl(record.RemoteAddress(), BT_TRANSPORT_BR_EDR);
+ if (p_acl == nullptr) {
+ LOG_WARN("Unable to find active acl for authentication device:%s",
+ PRIVATE_ADDRESS(record.RemoteAddress()));
+ }
+
+ // If we have not received the SSP feature record
+ // we have to wait
+ if (!p_acl->peer_lmp_feature_valid[1]) {
+ LOG_WARN(
+ "Authentication started without extended feature page 1 request "
+ "response");
+ return;
+ }
+ record.sm4 = (HCI_SSP_HOST_SUPPORTED(p_acl->peer_lmp_feature_pages[1]))
+ ? BTM_SM4_TRUE
+ : BTM_SM4_KNOWN;
+}
#include "osi/include/log.h"
#include "osi/include/osi.h"
#include "stack/btm/btm_dev.h"
+#include "stack/btm/security_device_record.h"
#include "stack/include/acl_api.h"
#include "stack/include/acl_hci_link_interface.h"
#include "stack/include/btm_status.h"
extern void bta_dm_remove_device(const RawAddress& bd_addr);
extern void bta_dm_process_remove_device(const RawAddress& bd_addr);
extern void btm_inq_clear_ssp(void);
+extern void HACK_acl_check_sm4(tBTM_SEC_DEV_REC& p_dev_rec);
/*******************************************************************************
* L O C A L F U N C T I O N P R O T O T Y P E S *
*
******************************************************************************/
tBTM_STATUS btm_sec_execute_procedure(tBTM_SEC_DEV_REC* p_dev_rec) {
- BTM_TRACE_EVENT(
- "btm_sec_execute_procedure: Required:0x%x Flags:0x%x State:%d",
- p_dev_rec->security_required, p_dev_rec->sec_flags, p_dev_rec->sec_state);
+ CHECK(p_dev_rec != nullptr);
+ LOG_DEBUG(
+ "security_required:0x%x security_flags:0x%x security_state:%s[%hhu]",
+ p_dev_rec->security_required, p_dev_rec->sec_flags,
+ security_state_text(static_cast<tSECURITY_STATE>(p_dev_rec->sec_state))
+ .c_str(),
+ p_dev_rec->sec_state);
- /* There is a chance that we are getting name. Wait until done. */
- if (p_dev_rec->sec_state != 0) return (BTM_CMD_STARTED);
+ if (p_dev_rec->sec_state != BTM_SEC_STATE_IDLE) {
+ LOG_DEBUG(
+ "Security state is idle indicating remote name request is outstanding");
+ return (BTM_CMD_STARTED);
+ }
+
+ if (!bluetooth::shim::is_gd_acl_enabled()) {
+ // Load the SM4 values //
+ HACK_acl_check_sm4(*p_dev_rec);
+ }
/* If any security is required, get the name first */
if (!(p_dev_rec->sec_flags & BTM_SEC_NAME_KNOWN) &&
(p_dev_rec->hci_handle != HCI_INVALID_HANDLE)) {
- BTM_TRACE_EVENT("Security Manager: Start get name");
+ LOG_DEBUG("Security Manager: Start get name");
if (!btm_sec_start_get_name(p_dev_rec)) {
+ LOG_WARN("Unable to start remote name request");
return (BTM_NO_RESOURCES);
}
return (BTM_CMD_STARTED);
* authenticated connections, hence we cannot distinguish here.
*/
- BTM_TRACE_EVENT("Security Manager: Start authentication");
+ LOG_DEBUG("Security Manager: Start authentication");
/*
* If we do have a link-key, but we end up here because we need an
btm_sec_start_authentication(p_dev_rec);
return (BTM_CMD_STARTED);
+ } else {
+ LOG_DEBUG("Authentication not required");
}
/* If connection is not encrypted and encryption is required */
btsnd_hcic_set_conn_encrypt(p_dev_rec->hci_handle, true);
p_dev_rec->sec_state = BTM_SEC_STATE_ENCRYPTING;
return (BTM_CMD_STARTED);
+ } else {
+ LOG_DEBUG("Encryption not required");
}
if ((p_dev_rec->security_required & BTM_SEC_MODE4_LEVEL4) &&