bluez/android
Luiz Augusto von Dentz 5903b4f510 android/AVDTP: Fix invalid free of struct discover
If callback releases the last reference it can cause the following:
Invalid free() / delete / delete[] / realloc()
   at 0x4A07577: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
   by 0x386244EF7E: g_free (in /usr/lib64/libglib-2.0.so.0.3800.2)
   by 0x410356: finalize_discovery (avdtp.c:933)
   by 0x414462: session_cb (avdtp.c:2555)
   by 0x38624492A5: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.3800.2)
   by 0x3862449627: ??? (in /usr/lib64/libglib-2.0.so.0.3800.2)
   by 0x3862449A39: g_main_loop_run (in /usr/lib64/libglib-2.0.so.0.3800.2)
   by 0x403A95: main (main.c:439)
 Address 0x4cf7af0 is 0 bytes inside a block of size 24 free'd
   at 0x4A07577: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
   by 0x386244EF7E: g_free (in /usr/lib64/libglib-2.0.so.0.3800.2)
   by 0x410356: finalize_discovery (avdtp.c:933)
   by 0x4110BC: avdtp_unref (avdtp.c:1026)
   by 0x416491: a2dp_device_free (a2dp.c:122)
   by 0x4165DF: bt_a2dp_notify_state (a2dp.c:166)
   by 0x417170: discover_cb (a2dp.c:333)
   by 0x41034E: finalize_discovery (avdtp.c:931)
   by 0x414462: session_cb (avdtp.c:2555)
   by 0x38624492A5: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.3800.2)
   by 0x3862449627: ??? (in /usr/lib64/libglib-2.0.so.0.3800.2)
   by 0x3862449A39: g_main_loop_run (in /usr/lib64/libglib-2.0.so.0.3800.2)
2014-01-14 11:53:00 +01:00
..
client android/haltest: Add support for loading Audio HAL 2014-01-10 15:37:46 +02:00
cutils android/hal-bluetooth: Add support for enabling HCI snoop dump 2013-12-20 12:57:21 +02:00
hardware android: Load bluetooth.default.so as a module 2014-01-10 15:07:23 +02:00
system android/audio: Add kitkat audio headers 2013-12-16 17:41:56 +02:00
a2dp.c audio/A2DP: Add implemention of SEP abort confirmation 2014-01-14 11:53:00 +01:00
a2dp.h android/a2dp: Use generic IPC message handling for commands 2013-12-02 16:24:02 +02:00
android-tester.c android-tester: Add possibility to debug mgmt 2014-01-13 10:44:45 +02:00
Android.mk android/haltest: Add support for loading Audio HAL 2014-01-10 15:37:46 +02:00
audio-ipc-api.txt android/audio-ipc-api: Fix service id documentation 2014-01-08 11:37:45 +02:00
audio-ipc.c android/ipc: Add audio_ipc_send_rsp and audio_ipc_send_rsp_full 2014-01-07 13:37:53 +02:00
audio-ipc.h android/ipc: Add audio_ipc_send_rsp and audio_ipc_send_rsp_full 2014-01-07 13:37:53 +02:00
audio-msg.h android/audio-msg: Simplify audio_rsp_open_stream 2014-01-11 11:24:31 +02:00
avdtp.c android/AVDTP: Fix invalid free of struct discover 2014-01-14 11:53:00 +01:00
avdtp.h android/AVDTP: Remove get_all parameter for get_capability callback 2013-12-23 16:29:31 +01:00
bluetooth.c android/bluetooth: Fix compare function when finding devices 2014-01-12 20:43:15 +01:00
bluetooth.h android: Don't pass notification socket on services register 2013-11-28 18:02:27 +02:00
bluetoothd-snoop.c android: Add HCI snooping tool 2014-01-01 18:26:47 +02:00
hal-a2dp.c android/a2dp: Unregister ipc handlers if init fails 2013-12-08 17:47:42 +02:00
hal-audio.c android/audio: Add audio_ipc_cleanup function 2014-01-10 17:45:17 +02:00
hal-bluetooth.c android/hal-bluetooth: Add debug print to config_hci_snoop_log 2014-01-01 18:28:50 +02:00
hal-hidhost.c android/hidhost: Move set_report parameter check to daemon 2013-12-31 11:34:32 +02:00
hal-ipc-api.txt android/hidhost: Remove deprecated idle opcode from ipc document 2013-11-13 11:26:38 +02:00
hal-ipc.c android: Fix error check from pthread_create 2014-01-10 17:45:17 +02:00
hal-ipc.h android/hal: Add initial code for IPC message handlers 2013-11-19 16:42:01 +02:00
hal-log.h android/tester: Make HAL logging wrapper print to stderr instead of stdout 2013-12-11 13:10:07 +02:00
hal-msg.h android/socket: Move logic from HAL to daemon in listen 2014-01-06 21:25:59 +02:00
hal-pan.c android/pan: Move logic from HAL to daemon 2013-12-08 17:47:42 +02:00
hal-sock.c android/socket: Move logic from HAL to daemon in connect 2014-01-06 21:26:21 +02:00
hal-utils.c android/hal-utils: Fix possible NULL pointer dereference 2013-11-25 15:34:15 +02:00
hal-utils.h android/debug: Move debug functions to hal-utils.c 2013-11-14 10:27:15 +02:00
hal.h android/hal-a2dp: Use generic IPC message handling for events 2013-11-19 16:42:02 +02:00
hidhost.c android/hidhost: Move set_report parameter check to daemon 2013-12-31 11:34:32 +02:00
hidhost.h android/hidhost: Use generic IPC message handling for commands 2013-12-02 16:24:02 +02:00
ipc.c android/ipc: Use proper handlers in ipc_handle_msg 2014-01-13 08:57:49 +01:00
ipc.h android/ipc: Add audio_ipc_send_rsp and audio_ipc_send_rsp_full 2014-01-07 13:37:53 +02:00
main.c android: Use G_N_ELEMENTS macro for table elements calculation 2013-12-03 13:44:04 +02:00
Makefile.am android/pics: Add PICS and PIXIT for A2DP 2014-01-13 11:04:26 +01:00
pan.c android/pan: Generate file path in compile time 2014-01-13 10:21:18 +01:00
pan.h android/pan: Use generic IPC message handling for commands 2013-12-02 16:24:02 +02:00
pics-a2dp.txt android/pics: Add PICS and PIXIT for A2DP 2014-01-13 11:04:26 +01:00
pics-avrcp.txt android/pics: Add PICS and PIXIT for AVRCP 2014-01-13 11:04:26 +01:00
pics-did.txt android/pics: Update PICS to PTS 5.0 for DID 2014-01-08 14:17:09 +01:00
pics-gap.txt android/pics: Update PICS to PTS 5.0 for GAP 2014-01-08 14:17:09 +01:00
pics-hid.txt android/pics: Update PICS to PTS 5.0 2014-01-08 14:17:09 +01:00
pics-l2cap.txt android/pics: Update PICS to PTS 5.0 2014-01-08 14:17:09 +01:00
pics-map.txt android/pts: Add PTS PICS and PIXIT for MAP 2013-12-17 13:34:40 +02:00
pics-opp.txt android/pics: Update PICS to PTS 5.0 2014-01-08 14:17:09 +01:00
pics-pan.txt android/pics: Update PICS to PTS 5.0 2014-01-08 14:17:09 +01:00
pics-pbap.txt android/pics: Update PICS to PTS 5.0 2014-01-08 14:17:09 +01:00
pixit-a2dp.txt android/pics: Add PICS and PIXIT for A2DP 2014-01-13 11:04:26 +01:00
pixit-avrcp.txt android/pics: Add PICS and PIXIT for AVRCP 2014-01-13 11:04:26 +01:00
pixit-did.txt android/pixit: Add PTS version to respective pixit 2014-01-08 15:50:23 +01:00
pixit-gap.txt android/pixit: Add PTS version to respective pixit 2014-01-08 15:50:23 +01:00
pixit-hid.txt android/pixit: Add PTS version to respective pixit 2014-01-08 15:50:23 +01:00
pixit-l2cap.txt android/pixit: Add PTS version to respective pixit 2014-01-08 15:50:23 +01:00
pixit-map.txt android/pts: Add PTS PICS and PIXIT for MAP 2013-12-17 13:34:40 +02:00
pixit-opp.txt android/pixit: Add PTS version to respective pixit 2014-01-08 15:50:23 +01:00
pixit-pan.txt android/pixit: Add PTS version to respective pixit 2014-01-08 15:50:23 +01:00
pixit-pbap.txt android/pixit: Add PTS version to respective pixit 2014-01-08 15:50:23 +01:00
pts-did.txt android/pts: Add PTS test results for DID 2013-12-12 10:27:50 +02:00
pts-gap.txt android/pts: Add PTS test results for GAP 2013-12-13 11:16:10 +02:00
pts-hid.txt android/pts: Add PTS test results for HID 2013-12-13 11:16:20 +02:00
pts-l2cap.txt android/pts: Add PTS test results for L2CAP 2014-01-10 13:01:10 +01:00
pts-map.txt android/pts: Update PTS results for MAP 2014-01-13 10:40:36 +02:00
pts-opp.txt android/pts: Add PTS test results for OPP 2013-12-13 11:16:32 +02:00
pts-pbap.txt android/pts: Add PTS test results for PBAP 2013-12-13 11:16:39 +02:00
README android/README: Fix consistency issues with whitespace 2013-12-23 12:00:19 +02:00
socket-api.txt android/doc: Add socket-api.txt document 2013-12-08 17:32:05 +02:00
socket.c android/socket: Move logic from HAL to daemon in connect 2014-01-06 21:26:21 +02:00
socket.h android: Don't pass notification socket on services register 2013-11-28 18:02:27 +02:00
system-emulator.c android/system-emulator: Remove useless "static" qualifier 2014-01-06 21:22:39 +02:00
utils.h android: Add helper functions for converting bdaddr transmitted over IPC 2013-10-28 16:10:42 +02:00

BlueZ for Android
*****************

Since Android 4.2 there exists a well standardized HAL interface that the
Bluetooth stack is expected to provide and which enables the easy replacement
of the stack of choice on Android. Android BlueZ is intended as a drop-in
replacement to Android provided Bluetooth stack.

More details about BlueZ for Android architecture and components can be found
in android/hal-apc-api.txt file.

===============================
Building and running on Android
===============================

Build requirements
==================

- GLib - Android 4.2 or later don't provide GLib and one must provide it in
'external/bluetooth/glib' folder of Android tree. Sample Android GLib port
is available at https://code.google.com/p/android-bluez.glib/

- Bionic support - BlueZ requires signalfd and timerfd APIs to be provided
by libc library. Currently only 'master' branch available at
https://android.googlesource.com/platform/bionic provides all required
functionality and running BlueZ on older branch requires backporting missing
features. Sample Bionic for Android on Intel Architecture (Android-IA) with all
required features backported is available at
https://code.google.com/p/android-bluez.bionic/

Runtime requirements
====================

BlueZ HAL library requires 'bluetoothd' service to be available on Android
system. This can be done by defining service in init.rc file of targeted board:

service bluetoothd /system/bin/logwrapper /system/bin/bluetoothd
  class main
  group bluetooth net_admin
  disabled
  oneshot

It is required that bluetooth user could start and stop bluetoothd service by
setting 'ctl.start' or 'ctl.stop' property. This can be achieved by
whitelisting bluetooth user and bluetoothd service in init source code.

Required Android init system modifications can be found at
https://code.google.com/p/android-bluez.system-core/

Downloading and building
========================

Building for Android requires full Android AOSP source tree. Sample Android-IA
tree with all required components present is available at
http://code.google.com/p/android-bluez/

Downloading:
repo init -u https://code.google.com/p/android-bluez.manifest/ -m topics/bluez
repo sync

Build for Intel ultrabook:
'source build/envsetup.sh'
'lunch core_mesa-eng'
'make allimages -j8'

After full build is done it is possible to rebuild only BlueZ:
'cd external/bluetooth/bluez/android/'
'mm' (or 'mm -B' to force rebuilding of all files)
'adb sync' to update target device.

=============================
Building and running on Linux
=============================

It is possible to build and test BlueZ for Android daemon on Linux (eg. PC).
Simply follow instructions available at README file in BlueZ top directory.
Android daemon binary is located at android/bluetoothd. See next section on
how to test Android daemon on Linux.

============
Testing tool
============

BT HAL test tools located in android/haltest is provided for HAL level testing
of both Android daemon and HAL library. Start it with '-n' parameter and type
'bluetooth init' in prompt to initialize HAL library. Running without parameter
will make haltest try to initialize all services after start. On Android
required bluetoothd service will be started automatically. On Linux it is
required to start android/bluetoothd manually before init command timeout or
use provided android/system-emulator, which takes care of launching daemon
automatically on HAL library initialization. To deinitialize HAL library and
stop daemon type 'bluetooth cleanup'. Type 'help' for more information. Tab
completion is also supported.

===========================
Implementation shortcomings
===========================

It is possible that some of HAL functionality is missing implementation due to
reasons like feature feasibility or necessity for latest Android Framework.
This sections provides list of such deficiencies. Note that HAL library is
always expected to fully implement HAL API so missing implementation might
happen only in daemon.

HAL Bluetooth
=============

methods:
dut_mode_send                      never called from Android Framework
le_test_mode                       never called from Android Framework
get_remote_service_record          never called from Android Framework

callbacks:
dut_mode_recv_cb
le_test_mode_cb

properties:
BT_PROPERTY_SERVICE_RECORD         not supported for adapter and device, for
                                   device this property is to be returned as
                                   response to get_remote_service_record,
                                   not sure what to return on get_property
                                   calls (records of all services?)

BT_PROPERTY_REMOTE_VERSION_INFO    information required by this property (LMP
                                   information) are not accessible from mgmt
                                   interface, also marking this property as
                                   settable is probably a typo in HAL header

Socket HAL
==========

Support only for BTSOCK_RFCOMM socket type.