Merge remote-tracking branch 'origin/sm7225_r_fp4' into fp4-r-rebase
Change-Id: I67e5a835124b5b242554079ac05b72c5f5532f60
diff --git a/binder/Android.bp b/binder/Android.bp
index adc27c4..35c3e86 100644
--- a/binder/Android.bp
+++ b/binder/Android.bp
@@ -85,6 +85,7 @@
name: "libbluetooth-binder-aidl",
srcs: [
"android/bluetooth/IBluetooth.aidl",
+ "android/bluetooth/TctExtIBluetooth.aidl",
"android/bluetooth/IBluetoothA2dp.aidl",
"android/bluetooth/IBluetoothA2dpSink.aidl",
"android/bluetooth/IBluetoothAvrcpController.aidl",
diff --git a/binder/android/bluetooth/IBluetooth.aidl b/binder/android/bluetooth/IBluetooth.aidl
index 3591589..fb4f2f5 100644
--- a/binder/android/bluetooth/IBluetooth.aidl
+++ b/binder/android/bluetooth/IBluetooth.aidl
@@ -61,7 +61,7 @@
import android.os.ParcelUuid;
import android.os.ParcelFileDescriptor;
import android.os.ResultReceiver;
-
+import android.bluetooth.TctExtIBluetooth;
/**
* System private API for talking with the Bluetooth service.
*
@@ -192,5 +192,6 @@
int getDeviceType(in BluetoothDevice device);
boolean isBroadcastActive();
+ TctExtIBluetooth getTctExtIBluetoothInterface();
}
diff --git a/binder/android/bluetooth/TctExtIBluetooth.aidl b/binder/android/bluetooth/TctExtIBluetooth.aidl
new file mode 100644
index 0000000..023869e
--- /dev/null
+++ b/binder/android/bluetooth/TctExtIBluetooth.aidl
@@ -0,0 +1,20 @@
+package android.bluetooth;
+
+import android.bluetooth.IBluetoothCallback;
+import android.bluetooth.IBluetoothStateChangeCallback;
+import android.bluetooth.BluetoothActivityEnergyInfo;
+import android.bluetooth.BluetoothDevice;
+import android.os.ParcelUuid;
+import android.os.ParcelFileDescriptor;
+
+/**
+ * System private API for talking with the Bluetooth service.
+ *
+ * {@hide}
+ */
+interface TctExtIBluetooth
+{
+ int tct_setBtTestMode(int mode);
+ //int tct_setBtChannel(int position);
+ int tct_sendDutMode(int power);
+}
diff --git a/bta/dm/bta_dm_act.cc b/bta/dm/bta_dm_act.cc
index d1b260c..3900594 100644
--- a/bta/dm/bta_dm_act.cc
+++ b/bta/dm/bta_dm_act.cc
@@ -39,6 +39,7 @@
#include "bta_dm_int.h"
#include "bta_sys.h"
#include "btif_storage.h"
+#include "btif_config.h"
#include "btm_api.h"
#include "btm_int.h"
#include "btu.h"
@@ -48,6 +49,7 @@
#include "osi/include/log.h"
#include "osi/include/osi.h"
#include "sdp_api.h"
+#include "stack/btm/btm_ble_int.h"
#include "stack/gatt/connection_manager.h"
#include "stack/include/gatt_api.h"
#include "utl.h"
@@ -705,6 +707,12 @@
if (!other_address_connected && !other_address.IsEmpty()) {
bta_dm_process_remove_device(other_address);
}
+
+ /* Check the length of the paired devices, and if 0 then reset IRK */
+ if (btif_storage_get_num_bonded_devices() < 1) {
+ LOG(INFO) << "Last paired device removed, resetting IRK";
+ btm_ble_reset_id();
+ }
}
/*******************************************************************************
diff --git a/stack/avrc/avrc_pars_ct.cc b/stack/avrc/avrc_pars_ct.cc
index 08ab66e..8a4cf30 100644
--- a/stack/avrc/avrc_pars_ct.cc
+++ b/stack/avrc/avrc_pars_ct.cc
@@ -581,6 +581,10 @@
p_result->get_caps.capability_id,
p_result->get_caps.count);
if (p_result->get_caps.capability_id == AVRC_CAP_COMPANY_ID) {
+ if (p_result->get_caps.count > AVRC_CAP_MAX_NUM_COMP_ID) {
+ android_errorWriteLog(0x534e4554, "205837191");
+ return AVRC_STS_INTERNAL_ERR;
+ }
min_len += MIN(p_result->get_caps.count, AVRC_CAP_MAX_NUM_COMP_ID) * 3;
if (len < min_len) goto length_error;
for (int xx = 0; ((xx < p_result->get_caps.count) &&
@@ -590,6 +594,10 @@
}
} else if (p_result->get_caps.capability_id ==
AVRC_CAP_EVENTS_SUPPORTED) {
+ if (p_result->get_caps.count > AVRC_CAP_MAX_NUM_EVT_ID) {
+ android_errorWriteLog(0x534e4554, "205837191");
+ return AVRC_STS_INTERNAL_ERR;
+ }
min_len += MIN(p_result->get_caps.count, AVRC_CAP_MAX_NUM_EVT_ID);
if (len < min_len) goto length_error;
for (int xx = 0; ((xx < p_result->get_caps.count) &&
diff --git a/stack/btm/btm_sec.cc b/stack/btm/btm_sec.cc
index bdda174..eecbed5 100644
--- a/stack/btm/btm_sec.cc
+++ b/stack/btm/btm_sec.cc
@@ -3913,7 +3913,6 @@
******************************************************************************/
void btm_sec_connected(const RawAddress& bda, uint16_t handle, uint8_t status,
uint8_t enc_mode) {
- tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev(bda);
uint8_t res;
bool is_pairing_device = false;
bool addr_matched;
@@ -3922,6 +3921,7 @@
btm_acl_resubmit_page();
+ tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev(bda);
if (p_dev_rec) {
VLOG(2) << __func__ << ": Security Manager: in state: "
<< btm_pair_state_descr(btm_cb.pairing_state)
@@ -4258,7 +4258,6 @@
*
******************************************************************************/
void btm_sec_disconnected(uint16_t handle, uint8_t reason) {
- tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev_by_handle(handle);
uint8_t old_pairing_flags = btm_cb.pairing_flags;
int result = HCI_ERR_AUTH_FAILURE;
tBTM_SEC_CALLBACK* p_callback = NULL;
@@ -4269,6 +4268,7 @@
btm_acl_resubmit_page();
+ tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev_by_handle(handle);
if (!p_dev_rec) return;
transport =