Bluetooth: Provide BTLE physical channel pdu type from capture context.

Add BTLE physical channel pdu type from capture context. The dissector uses the access address to determine if the packet is either an Advertising physical channel PDU or a Data physical channel PDU. This assupmtion is not valid for Periodic Advertising where the AUX_SYNC_IND advertising packet will be sent with a non-advertising access address. There is also the new Isochronous physical channel PDU which can be both broadcasted or connection-oriented. Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc6345318 Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no> Reviewed-on: https://code.wireshark.org/review/36782 Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
2020-04-01 15:52:08 +02:00 · 2020-04-01 15:52:08 +02:00 · 8b5236d470
parent 8a0673a578
commit 8b5236d470
4 changed files with 26 additions and 3 deletions
--- a/epan/dissectors/packet-btle.c
+++ b/epan/dissectors/packet-btle.c
@ -638,6 +638,7 @@ dissect_btle(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
    guint                  window_offset;
    guint                  data_interval;
    guint                  data_timeout;
+    guint8                 btle_pdu_type = BTLE_PDU_TYPE_UNKNOWN;

    list_data = wmem_list_frame_prev(wmem_list_tail(pinfo->layers));
    if (list_data) {
@ -702,7 +703,16 @@ dissect_btle(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)

    frame_number = pinfo->num;

-    if (access_address == ACCESS_ADDRESS_ADVERTISING) {
+    if (btle_context) {
+        btle_pdu_type = btle_context->pdu_type;
+    }
+
+    if (btle_pdu_type == BTLE_PDU_TYPE_UNKNOWN) {
+        /* No context to provide us with physical channel pdu type, make an assumption from the access address */
+        btle_pdu_type = access_address == ACCESS_ADDRESS_ADVERTISING ? BTLE_PDU_TYPE_ADVERTISING : BTLE_PDU_TYPE_DATA;
+    }
+
+    if (btle_pdu_type == BTLE_PDU_TYPE_ADVERTISING) {
        proto_item  *advertising_header_item;
        proto_tree  *advertising_header_tree;
        proto_item  *link_layer_data_item;
@ -1199,7 +1209,7 @@ dissect_btle(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
                offset += tvb_reported_length_remaining(tvb, offset) - 3;
            }
        }
-    } else { /* data PDU */
+    } else if (btle_pdu_type == BTLE_PDU_TYPE_DATA) {
        proto_item  *data_header_item, *seq_item;
        proto_tree  *data_header_tree;
        guint8       oct;
@ -1737,6 +1747,12 @@ dissect_btle(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
            crc_init = btle_context->connection_info.CRCInit;
            crc_status = CRC_CAN_BE_CALCULATED;
        }
+    } else {
+        /* Unknown physical channel PDU type */
+        if (tvb_reported_length_remaining(tvb, offset) > 3) {
+                proto_tree_add_expert(btle_tree, pinfo, &ei_unknown_data, tvb, offset, tvb_reported_length_remaining(tvb, offset) - 3);
+                offset += tvb_reported_length_remaining(tvb, offset) - 3;
+        }
    }

    /* BT spec Vol 6, Part B, Section 1.2: CRC is big endian and bits in byte are flipped */
--- a/epan/dissectors/packet-btle.h
+++ b/epan/dissectors/packet-btle.h
@ -44,6 +44,10 @@ typedef enum {
 #define BTLE_DIR_MASTER_SLAVE 1
 #define BTLE_DIR_SLAVE_MASTER 2

+#define BTLE_PDU_TYPE_UNKNOWN     0 /* Unknown physical channel PDU */
+#define BTLE_PDU_TYPE_ADVERTISING 1 /* Advertising physical channel PDU */
+#define BTLE_PDU_TYPE_DATA        2 /* Data physical channel PDU */
+
 typedef struct {
    btle_AA_category_t aa_category;
    btle_CONNECT_REQ_t connection_info;
@ -53,6 +57,7 @@ typedef struct {
    guint mic_checked_at_capture: 1;
    guint mic_valid_at_capture: 1;
    guint direction: 2; /* 0 Unknown, 1 Master -> Slave, 2 Slave -> Master */
+    guint8 pdu_type;
    guint8 channel;

    union {
--- a/epan/dissectors/packet-btle_rf.c
+++ b/epan/dissectors/packet-btle_rf.c
@ -149,6 +149,7 @@ dissect_btle_rf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
    context.crc_valid_at_capture   = !!(flags & LE_CRC_VALID);
    context.mic_checked_at_capture = !!(flags & LE_MIC_CHECKED);
    context.mic_valid_at_capture   = !!(flags & LE_MIC_VALID);
+    context.pdu_type               = BTLE_PDU_TYPE_UNKNOWN;

    ti = proto_tree_add_item(tree, proto_btle_rf, tvb, 0, tvb_captured_length(tvb), ENC_NA);
    btle_rf_tree = proto_item_add_subtree(ti, ett_btle_rf);
@ -204,7 +205,6 @@ dissect_btle_rf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
        proto_tree_add_item(btle_rf_tree, hf_btle_rf_word_unused, tvb, 4, 4, ENC_LITTLE_ENDIAN);
    }

-
    proto_tree_add_bitmask_with_flags(btle_rf_tree, tvb, 8, hf_btle_rf_flags, ett_btle_rf_flags,  hfs_btle_rf_flags, ENC_LITTLE_ENDIAN, BMT_NO_APPEND);

    btle_tvb = tvb_new_subset_remaining(tvb, BTLE_RF_OCTETS);
--- a/epan/dissectors/packet-nordic_ble.c
+++ b/epan/dissectors/packet-nordic_ble.c
@ -294,6 +294,8 @@ dissect_flags(tvbuff_t *tvb, gint offset, packet_info *pinfo, proto_tree *tree,
    proto_tree *flags_tree;

    context->crc_checked_at_capture = 1;
+    context->pdu_type = BTLE_PDU_TYPE_UNKNOWN;
+
    flags = tvb_get_guint8(tvb, offset);
    context->crc_valid_at_capture = !!(flags & 1);
    dir = !!(flags & 2);