From c156f352a9cff8b8a665e0a9cb8f1c27e9afdc99 Mon Sep 17 00:00:00 2001
From: Hansong Zhang <hsz@google.com>
Date: Mon, 31 Aug 2020 13:13:31 -0700
Subject: [PATCH] Clear RFCOMM security when done

Bug: 159815595
Tag: #refactor
Test: compile & verify basic functions working
Change-Id: I8aabfbc439dfc30b75d84c247b898d8d910475c1
---
 bta/ag/bta_ag_sdp.cc                |  2 +-
 bta/hf_client/bta_hf_client_sdp.cc  |  2 +-
 stack/btm/btm_sec.cc                | 18 ++++++++----------
 stack/btm/btm_sec.h                 |  3 ++-
 stack/rfcomm/port_api.cc            |  3 +--
 stack/test/common/mock_btm_layer.cc |  2 +-
 6 files changed, 14 insertions(+), 16 deletions(-)

diff --git a/bta/ag/bta_ag_sdp.cc b/bta/ag/bta_ag_sdp.cc
index 5e7b1ad0c..5209c2725 100644
--- a/bta/ag/bta_ag_sdp.cc
+++ b/bta/ag/bta_ag_sdp.cc
@@ -273,7 +273,7 @@ void bta_ag_del_records(tBTA_AG_SCB* p_scb) {
         bta_ag_cb.profile[i].sdp_handle = 0;
       }
       BTM_FreeSCN(bta_ag_cb.profile[i].scn);
-      BTM_SecClrService(bta_ag_sec_id[i]);
+      BTM_ClearRfcommSecurity(bta_ag_cb.profile[i].scn);
       bta_sys_remove_uuid(bta_ag_uuid[i]);
     }
   }
diff --git a/bta/hf_client/bta_hf_client_sdp.cc b/bta/hf_client/bta_hf_client_sdp.cc
index 33fd38f1f..f1b922d13 100755
--- a/bta/hf_client/bta_hf_client_sdp.cc
+++ b/bta/hf_client/bta_hf_client_sdp.cc
@@ -205,7 +205,7 @@ void bta_hf_client_del_record(tBTA_HF_CLIENT_CB_ARR* client_cb) {
     SDP_DeleteRecord(client_cb->sdp_handle);
     client_cb->sdp_handle = 0;
     BTM_FreeSCN(client_cb->scn);
-    BTM_SecClrService(BTM_SEC_SERVICE_HF_HANDSFREE);
+    BTM_ClearRfcommSecurity(client_cb->scn);
     bta_sys_remove_uuid(UUID_SERVCLASS_HF_HANDSFREE);
   }
 }
diff --git a/stack/btm/btm_sec.cc b/stack/btm/btm_sec.cc
index e7085f03a..03592cf9c 100644
--- a/stack/btm/btm_sec.cc
+++ b/stack/btm/btm_sec.cc
@@ -502,17 +502,19 @@ bool BTM_SetSecurityLevel(bool is_originator, const char* p_name,
 }
 
 struct RfcommSecurityRecord {
-  uint32_t service_id;
   bool need_mitm;
   bool need_16_digit_pin;
 };
 static std::unordered_map<uint32_t, RfcommSecurityRecord>
     legacy_stack_rfcomm_security_records;
 
-void BTM_SetRfcommSecurity(uint32_t service_id, uint32_t scn, bool need_mitm,
+void BTM_SetRfcommSecurity(uint32_t scn, bool need_mitm,
                            bool need_16_digit_pin) {
-  legacy_stack_rfcomm_security_records[scn] = {service_id, need_mitm,
-                                               need_16_digit_pin};
+  legacy_stack_rfcomm_security_records[scn] = {need_mitm, need_16_digit_pin};
+}
+
+void BTM_ClearRfcommSecurity(uint32_t scn) {
+  legacy_stack_rfcomm_security_records.erase(scn);
 }
 
 /*******************************************************************************
@@ -534,12 +536,6 @@ void BTM_SetRfcommSecurity(uint32_t service_id, uint32_t scn, bool need_mitm,
  *
  ******************************************************************************/
 uint8_t BTM_SecClrService(uint8_t service_id) {
-  for (auto& entry : legacy_stack_rfcomm_security_records) {
-    if (entry.second.service_id == service_id) {
-      legacy_stack_rfcomm_security_records.erase(entry.first);
-    }
-  }
-
   tBTM_SEC_SERV_REC* p_srec = &btm_cb.sec_serv_rec[0];
   uint8_t num_freed = 0;
   int i;
@@ -2167,6 +2163,8 @@ void btm_sec_dev_reset(void) {
     /* add mx service to use no security */
     BTM_SetSecurityLevel(false, "RFC_MUX", BTM_SEC_SERVICE_RFC_MUX,
                          BTM_SEC_NONE, BT_PSM_RFCOMM, BTM_SEC_PROTO_RFCOMM, 0);
+    BTM_SetSecurityLevel(true, "RFC_MUX", BTM_SEC_SERVICE_RFC_MUX, BTM_SEC_NONE,
+                         BT_PSM_RFCOMM, BTM_SEC_PROTO_RFCOMM, 0);
   } else {
     btm_cb.security_mode = BTM_SEC_MODE_SERVICE;
   }
diff --git a/stack/btm/btm_sec.h b/stack/btm/btm_sec.h
index 94ead7e7c..9122d9f8f 100644
--- a/stack/btm/btm_sec.h
+++ b/stack/btm/btm_sec.h
@@ -138,8 +138,9 @@ bool BTM_SetSecurityLevel(bool is_originator, const char* p_name,
                           uint32_t mx_proto_id, uint32_t mx_chan_id);
 
 // Set the rfcomm security requirement
-void BTM_SetRfcommSecurity(uint32_t service_id, uint32_t scn, bool need_mitm,
+void BTM_SetRfcommSecurity(uint32_t scn, bool need_mitm,
                            bool need_16_digit_pin);
+void BTM_ClearRfcommSecurity(uint32_t scn);
 
 /*******************************************************************************
  *
diff --git a/stack/rfcomm/port_api.cc b/stack/rfcomm/port_api.cc
index 7c9b2b99e..38a4cd1da 100644
--- a/stack/rfcomm/port_api.cc
+++ b/stack/rfcomm/port_api.cc
@@ -79,8 +79,7 @@ int RFCOMM_CreateConnectionWithSecurity(uint16_t uuid, uint8_t scn,
                                         uint16_t* p_handle,
                                         tPORT_CALLBACK* p_mgmt_cb,
                                         uint8_t service_id, uint16_t sec_mask) {
-  BTM_SetRfcommSecurity(service_id, scn,
-                        sec_mask & (BTM_SEC_OUT_MITM | BTM_SEC_IN_MITM),
+  BTM_SetRfcommSecurity(scn, sec_mask & (BTM_SEC_OUT_MITM | BTM_SEC_IN_MITM),
                         sec_mask & BTM_SEC_IN_MIN_16_DIGIT_PIN);
 
   return RFCOMM_CreateConnection(uuid, scn, is_server, mtu, bd_addr, p_handle,
diff --git a/stack/test/common/mock_btm_layer.cc b/stack/test/common/mock_btm_layer.cc
index 311e2fff8..f42607b6e 100644
--- a/stack/test/common/mock_btm_layer.cc
+++ b/stack/test/common/mock_btm_layer.cc
@@ -45,7 +45,7 @@ bool BTM_SetSecurityLevel(bool is_originator, const char* p_name,
   return true;
 }
 
-void BTM_SetRfcommSecurity(uint32_t service_id, uint32_t scn, bool need_mitm,
+void BTM_SetRfcommSecurity(uint32_t scn, bool need_mitm,
                            bool need_16_digit_pin) {}
 
 uint16_t BTM_GetMaxPacketSize(const RawAddress& addr) {
-- 
2.11.0