Snap for 5622519 from fef57bda2a3cf2dca83848db5b8e789cb32dac1d to pi-platform-release
am: db4e774cab
Change-Id: I84605a24c9bf6e52a2dad57e125bc88b8ae7da53
diff --git a/btif/Android.bp b/btif/Android.bp
index 0bbc241..c375bf0 100644
--- a/btif/Android.bp
+++ b/btif/Android.bp
@@ -127,6 +127,14 @@
"libprotobuf-cpp-lite",
"libcutils",
"libutils",
+ "libcrypto",
+ "android.hardware.keymaster@4.0",
+ "android.hardware.keymaster@3.0",
+ "libkeymaster4support",
+ "libkeystore_aidl",
+ "libkeystore_binder",
+ "libkeystore_parcelables",
+ "libbinder",
"libstatslog",
],
static_libs: [
diff --git a/main/Android.bp b/main/Android.bp
index 04d8ca6..2213c52 100644
--- a/main/Android.bp
+++ b/main/Android.bp
@@ -51,6 +51,13 @@
"libutils",
"libtinyxml2",
"libz",
+ "libcrypto",
+ "android.hardware.keymaster@4.0",
+ "android.hardware.keymaster@3.0",
+ "libkeymaster4support",
+ "libkeystore_aidl",
+ "libkeystore_binder",
+ "libkeystore_parcelables",
"libstatslog",
],
static_libs: [
diff --git a/stack/btm/btm_dev.cc b/stack/btm/btm_dev.cc
index 5368fad..4aa0c04 100644
--- a/stack/btm/btm_dev.cc
+++ b/stack/btm/btm_dev.cc
@@ -149,6 +149,12 @@
return true;
}
+void wipe_secrets_and_remove(tBTM_SEC_DEV_REC* p_dev_rec) {
+ memset(p_dev_rec->link_key, 0, LINK_KEY_LEN);
+ memset(&p_dev_rec->ble.keys, 0, sizeof(tBTM_SEC_BLE_KEYS));
+ list_remove(btm_cb.sec_dev_rec, p_dev_rec);
+}
+
/** Free resources associated with the device associated with |bd_addr| address.
*
* *** WARNING ***
@@ -170,7 +176,10 @@
tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev(bd_addr);
if (p_dev_rec != NULL) {
RawAddress bda = p_dev_rec->bd_addr;
- btm_sec_free_dev(p_dev_rec);
+
+ /* Clear out any saved BLE keys */
+ btm_sec_clear_ble_keys(p_dev_rec);
+ wipe_secrets_and_remove(p_dev_rec);
/* Tell controller to get rid of the link key, if it has one stored */
BTM_DeleteStoredLinkKey(&bda, NULL);
}
@@ -257,19 +266,6 @@
/*******************************************************************************
*
- * Function btm_sec_free_dev
- *
- * Description Mark device record as not used
- *
- ******************************************************************************/
-void btm_sec_free_dev(tBTM_SEC_DEV_REC* p_dev_rec) {
- /* Clear out any saved BLE keys */
- btm_sec_clear_ble_keys(p_dev_rec);
- list_remove(btm_cb.sec_dev_rec, p_dev_rec);
-}
-
-/*******************************************************************************
- *
* Function btm_dev_support_switch
*
* Description This function is called by the L2CAP to check if remote
@@ -413,7 +409,7 @@
p_target_rec->bond_type = temp_rec.bond_type;
/* remove the combined record */
- list_remove(btm_cb.sec_dev_rec, p_dev_rec);
+ wipe_secrets_and_remove(p_dev_rec);
// p_dev_rec gets freed in list_remove, we should not access it further
continue;
}
@@ -425,7 +421,7 @@
p_target_rec->device_type |= p_dev_rec->device_type;
/* remove the combined record */
- list_remove(btm_cb.sec_dev_rec, p_dev_rec);
+ wipe_secrets_and_remove(p_dev_rec);
}
}
}
@@ -514,7 +510,7 @@
if (list_length(btm_cb.sec_dev_rec) > BTM_SEC_MAX_DEVICE_RECORDS) {
p_dev_rec = btm_find_oldest_dev_rec();
- list_remove(btm_cb.sec_dev_rec, p_dev_rec);
+ wipe_secrets_and_remove(p_dev_rec);
}
p_dev_rec =
diff --git a/stack/btm/btm_int.h b/stack/btm/btm_int.h
index 21f7ce3..761061e 100644
--- a/stack/btm/btm_int.h
+++ b/stack/btm/btm_int.h
@@ -208,7 +208,7 @@
extern tBTM_SEC_DEV_REC* btm_sec_allocate_dev_rec(void);
extern tBTM_SEC_DEV_REC* btm_sec_alloc_dev(const RawAddress& bd_addr);
-extern void btm_sec_free_dev(tBTM_SEC_DEV_REC* p_dev_rec);
+extern void wipe_secrets_and_remove(tBTM_SEC_DEV_REC* p_dev_rec);
extern tBTM_SEC_DEV_REC* btm_find_dev(const RawAddress& bd_addr);
extern tBTM_SEC_DEV_REC* btm_find_or_alloc_dev(const RawAddress& bd_addr);
extern tBTM_SEC_DEV_REC* btm_find_dev_by_handle(uint16_t handle);
diff --git a/stack/btm/btm_main.cc b/stack/btm/btm_main.cc
index 011feb7..13d977e 100644
--- a/stack/btm/btm_main.cc
+++ b/stack/btm/btm_main.cc
@@ -83,6 +83,16 @@
fixed_queue_free(btm_cb.sec_pending_q, NULL);
btm_cb.sec_pending_q = NULL;
+ list_node_t* end = list_end(btm_cb.sec_dev_rec);
+ list_node_t* node = list_begin(btm_cb.sec_dev_rec);
+ while (node != end) {
+ tBTM_SEC_DEV_REC* p_dev_rec = static_cast<tBTM_SEC_DEV_REC*>(list_node(node));
+
+ // we do list_remove in, must grab next before removing
+ node = list_next(node);
+ wipe_secrets_and_remove(p_dev_rec);
+ }
+
list_free(btm_cb.sec_dev_rec);
btm_cb.sec_dev_rec = NULL;