In the case that the peer responds with fewer dcid values than the
number of scid values in the connection request, we would assert or read
past the end of the buffer.
Signed-off-by: Herman Berget <herman.berget@nordicsemi.no>
It is possible that LE CoC channel is in disconnecting state (eg due
to peer sending too many packets) but application is not yet aware
of this (ie disconnected callback was not called) and thus may call
bt_l2cap_chan_recv_complete() to return credits. In this case it
leads to assert in l2cap_chan_send_credits.
It looks like PTS 8.2.1 is able to trigger this scenario when
executing L2CAP/ECFC/BI-02-C test.
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
In order for the code to be more understandable, invert the logic to
decide when to re-trigger the RX work queue and document the approach.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
There is no need to use a k_fifo object to queue the items that are
passed to bt_recv() now that we are using a work queue instead of a
thread, since there is no need for blocking on the actual queue, instead
relying on the fact that work is triggered to know that an item is ready
for processing.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Change CONFIG_BT_RECV_IS_RX_THREAD into a
choice:CONFIG_BT_RECV_CONTEXT with the following options
(names can be discussed further of course):
CONFIG_BT_RECV_BLOCKING
CONFIG_BT_RECV_WORKQ_BT
CONFIG_BT_RECV_WORKQ_SYS
This way users would be able to choose what to run most of
the BLE stack on, they wouldn't be forced to a single model.
We would default to CONFIG_BT_RECV_BLOCKING so that we wouldn't
need to change the system workqueue stack size by default, instead
asking users to do so if they select the CONFIG_BT_RECV_WORKQ_SYS option
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Core spec version 5.2 introduced EATT, and multiple ATT channels on one
connection is now possible. The requirements for when a client
becomes change-aware were updated to reflect this.
Signed-off-by: Herman Berget <herman.berget@nordicsemi.no>
This adds initial support for Hearing Access Service client. The client
performs GATT discovery to find and read HAS related characteristics and
subscribe for characteristic value notifications/indications.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
The above mentioned fix attempts to detect the situation when
bt_att_req_alloc() is invoked on the same thread that runs
att_handle_rsp. It attempts to do so by noting the thread that
first ran bt_recv, assuming the same thread will house all calls
to bt_att_req_free. This turns out not to be correct. It is
evident from the call stack provided below that bt_att_req_free
can be called from other threads than the one that runs bt_recv.
Fixes: #43448
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Making sure struct bt_l2cap_chan has absolutely no members related
to dynamic channels.
That way we ensure that there is no overhead for a build where only
fixed channels are used.
It's not enough that the dynamic channel-related members are put behind
ifdefs - they should be completely moved out from the struct definition.
Furthermore, the public l2cap.h header file already has a struct
that's meant to be used for dynamic channels: struct bt_l2cap_le_chan!
However, currently dynamic channel support is a mess - it's a mix
between these two structs. The bt_l2cap_le_chan struct should really
be an extension of the bt_l2cap_chan struct, i.e. the former should
contain as a member the latter.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Add a flag that is set when the timestamp is supplied
by the controller when receiving ISO packets.
Previously we used 0 to indicate this, but a timestamp
value of 0 is a valid value, and should not be used
to indicate that it is not present.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Change the receive flags in the struct bt_iso_recv_info
to a bitfield instead of a single value. This will allow
us to extend the flags with more options.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
If the Kconfig BT_EATT_AUTO_CONNECT is enabled (on by default), the
host will try to connect BT_EATT_MAX EATT channels when a connection
to a peer is established.
Signed-off-by: Herman Berget <herman.berget@nordicsemi.no>
bt_eatt_connect may now send multiple credit based connection requests.
Previously it would only send one and thus only allow 5 EATT channels to
be connected.
Signed-off-by: Herman Berget <herman.berget@nordicsemi.no>
Increase the supported maximum simultaneous connection to
250, tested under BabbleSim simulations.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Whenever we disable Bluetooth we need to clear the supported commands
array, because there are several functions that check whether a
controller is ready to receive a particular command by testing a bit on
that bitfield.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
In order to get rid of the duplication of the code that we had until now
in the tree, consolidate the handling of multiple calls to
bt_hci_cmd_send_sync(BT_HCI_OP_LE_RAND, ...) in a single location,
namely in hci_core.
This allows all of the users of this HCI command to use a single
implementation of the iterated sending of the HCI command to fill a
buffer with random bytes.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The `bt_conn_index` simply returns the index
of a `bt_conn` struct. There is no reason why
such a function should not use `const`.
Not using `const` will make other lookup/index
functions that perhaps relies on the bt_conn index
unable to use `const` as well.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Considering that in most scenarios, bt_rand will not be called
frequently, but the current implementation of tinycrypt will
occupy more than 300 bytes of RAM space. Its existence is to
optimize the frequent call of bt_rand.
Therefore, it is considered to put it into a config
(`BT_HOST_CRYPTO_RANDOM`), when this config has been selected,
will use tinycrypt library for random. Otherwise will call bt random
hci command.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Remove the duplicated pairing_complete, pairing_failed
and bond_deleted informational callbacks from bt_auth.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Add a new callback structure for Bluetooth authentication
This struct is meant to replace the information-only
callbacks in bt_conn_auth_cb. The reason for this is that
due to the nature of bt_conn_auth_cb, it can only be registered
once. To allow mulitple users gain information about pairing
and bond deletions, this new struct is needed.
Samples, tests, etc. are updated to use the new struct.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Add `ing` to the `BT_ISO_CONNECT` and `BT_ISO_DISCONNECT`
states, so that the name better matches the actual state.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Add `ing` to the `BT_CONN_CONNECT` and `BT_CONN_DISCONNECT`
states, so that the name better matches the actual state.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Add a state field in struct bt_conn_info that is a simplified
version of the internal state value (bt_conn_state_t).
This should provide an application to better determine the state
of the connection whne calling bt_conn_get_info, in case the
application does not keep track of the state itself.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
This adds support for automatic ATT MTU Exchange that will be done right
after the connection has been established.
Fixes: #43946
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This implements Core 5.3 recommendation to skip MTU Exchange procedure
if already performed by peer.
Core 5.3 | Vol 3, Part F 3.4.2.2:
If MTU is exchanged in one direction, that is sufficient for both
directions.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
The MTU can be exchange once during the connection by the client.
This ensures the ATT MTU Exchange request will not be sent again.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
The ARRAY_SIZE macro uses sizeof and thus the return
type should be an unsigned value. size_t is typically
the type used for sizeof and fits well for the
ARRAY_SIZE macro as well.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Adds a simple boolean check of whether the Bluetooth subsystem has been
enabled. This allows users outside of `subsys/bluetooth` to check
whether they can send HCI commands.
Signed-off-by: Jordan Yates <jordan.yates@data61.csiro.au>
We expect the address type to be set to PUBLIC or RANDOM always, even
if the controller reports that it was able to sync to a resolved
addresss.
Fixes: https://github.com/zephyrproject-rtos/zephyr/issues/44110
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
This reverts commit 6bb75a53d1.
This fixes GATT that was uninitalized when application received
bt_conn_cb->connected callback. As the result, the bt_gatt_is_subscribed
was not working as expected when called from bt_conn_cb->connected.
The _bt_gatt_ccc->cfg_changed callback does not carry information about
the device that subscribed for notifications but rather is says the
app when it should start/stop broadcasting notifications.
This leads to the conclusion that the bt_gatt_ccc->cfg_changed can be
called before bt_conn_cb->connected callback.
Fixes: #42829
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Core Specification 5.3 clarified security requirements for GATT client
when handling incoming notifications and indications.
Vol 3: Part C: 10.3.2.2:
"...Since the configuration is persistent across a disconnection and
reconnection, the client shall check the security requirements against
the configuration upon a reconnection before processing any indications
or notifications from the server. Any notifications received before
the security requirements are met shall be ignored. Any indications
received before the security requirements are met shall be confirmed
and then discarded. ..."
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
Using a const-qualified object in a static initializer is implementation
specific in C, and it does not work in GCC 7.
Before this change, `write_appearance` was a pointer object if
CONFIG_BT_DEVICE_APPEARANCE_GATT_WRITABLE was disabled. This change
removes that object in favor of a macro `GAP_APPEARANCE_WRITE_HANDLER`.
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
The EATT support is optional for BAP. The specification mandates the
minimum MTU supported to be 64 bytes.
As per BAP_v1.0
"The Unicast Server shall support a minimum ATT_MTU of 64 octets for
one Unenhanced ATT bearer, or for at least one Enhanced ATT bearer
if the Unicast Server supports Enhanced ATT bearers."
The same applies for other BAP roles.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This prevents GATT service selection being selectable when compiling
controller only builds.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
This fixes data path configuration that was done for both directions
even if CIS was unidirectional. To ensure the data path shall be
configured, the QoS SDU is checked.
Fixes: #43190
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This patch fixes ISO data path setup that shall be done for enabled
directions only and removes usage of Path ID = 0xFF which is RFU value.
As per Core 5.3 Vol 4, Part E, 7.8.109
"If the Host attempts to set an output data path using a connection handle
that is for an Isochronous Broadcaster, for an input data path on a
Synchronized Receiver, or for a data path for the direction on a
unidirectional CIS where BN is set to 0, the Controller shall return the
error code Command Disallowed (0x0C)."
Fixes: #43190
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
