Adds HCI support for:
- LE CS Read Remote Supported Capabilities
- LE CS Read Remote FAE Table
Callbacks have been added to the conn object to allow upper layers to
make use of the cache commands, with which it will be possible to store
this information and provide it again in the case of a disconnect
and reconnect to the same device.
Signed-off-by: Olivier Lesage <olivier.lesage@nordicsemi.no>
`conn_auto_initiate()` starts a bunch of controller procedures (read: HCI
commands) that are fired off right after connection establishment.
Right now, it's called from the RX context, which is the same context where
resources (cmd & acl buffers) are freed. This not ideal.
But the procedures are all async, so it should be fine to schedule this
function on the system workqueue, where we have less risk of deadlocks.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
To make the scanner module more understandable and more streamlined, I
reworked the update mechanism of the scanner. The scanner tracks now the
parameters that were used to enable it and the reason why it is running.
This facilitates state logic and allows other modules to "start the
scanner", altough it is already running.
This is mostly a refactoring and not a functional change.
Added a test to verify the behavior.
Signed-off-by: Jan Müller <jan.mueller@nordicsemi.no>
add to task
The Softdevice Controller now sends the disconnect event only after
receiving all Host Num Completes for the packets it sent to the host.
This is done for security reasons.
In our current reassembly logic, it does not really matter when we
withhold the num complete.
Before this patch, it's the first fragment that is withheld, and after
the patch it will be the last fragment that is withheld until the host
is done processing.
The flow control properties are maintained, just in a different way.
Co-authored-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
This is a bug-fix:
When upper layers want to send something, they add a `conn` object to a
list. They do so by adding a node on `struct conn` rather than the object
itself.
We forgot to increase the reference count of the connection object when
doing so. This means that there can be a scenario where the conn object is
destroyed and re-used while still being on the TX list/queue.
This is bad for obvious reasons.
This patch fixes that by:
- increasing the refcount when putting on the TX list
- decreasing the refcount *only* when popping off the TX list
- passing a new reference from `get_conn_ready` into `bt_conn_tx_processor`
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
We don't need the TX thread anymore.
Generalizing the pull-based architecture (ie. `tx_processor`) to HCI
commands makes it possible to run the whole TX path from the the system
workqueue, or any workqueue really.
There is an edge-case, where we call `bt_hci_cmd_send_sync()` from the
syswq, stalling the system. The proposed mitigation is to attempt to drain
the command queue from within `bt_hci_cmd_send_sync()`.
My spidey sense tingles however, and it would be better to just remove the
capability of calling this fn from the syswq. But doing this requires
refactoring a bunch of synchronous procedures in the stack (e.g. stack
init, connection establishment, address setting etc), dragging in more
work. I will do it, but in a later patch.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
The current TX pattern in the host is to try to push a buffer through all
the layers up until it is ingested by the controller.
Since sending can fail at any layer, we need error-handling and separate
retry logic on pretty much all layers. That logic obscures the "happy path"
for people trying ot understand the code.
This commit inverts the control, in a way that doesn't require changing the
host or HCI driver API (yet):
Layers don't send buffers synchronously, they instead put their buffer in a
private queue of their own and raise a TX flag on the lower layer. Think of
it as a `READY` interrupt line that has to be serviced by the lower layer.
Sending is now non-blocking, rate depends on the size of buffer pools.
There is a single TX processing function. This can be thought as the
Interrupt Service Routine that will handle the `READY` interrupt from the
layers above.
That `tx_processor()` will then attempt to allocate enough resources in
order to send the buffer through to the controller. This allocation logic
does not block.
After acquiring all the resources, the TX processor will attempt to pull
data from the upper layer. The upper layer has to figure out which buffer
to pass to the controller. This is a good spot to put scheduling or QoS
logic in the upper layer.
Notes:
- user-facing API for tuning QoS will be implemented in a future patch
- this scheme could (and probably will) be extended to upper layers (e.g.
ATT, L2CAP CoC segmentation).
- this patch removes the `pending_no_cb()` memory optimization for
clarity/correctness. It might get re-implemented after a stabilization
period. Hopefully with more documentation.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
Co-authored-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
`bt_conn_send_cb` used to allocate a TX context (K_FOREVER).
Instead, we now put the context in the userdata of the buffer.
This means that now this fn will never block and always succeed since the
tx_queue is a FIFO (infinite size). It just puts the buf on the queue.
The metadata is stored safely in there until we have acquired all the
necessary resources to send it to the controller without failing: TX
context and controller buffer.
I.e. when `bt_conn_process_tx` is called, that's when a TX context is
try-allocated and the contents of `buf->userdata` is moved into it.
The buffer is now ready to be sent to the lower layer.
`bt_conn_process_tx` will return -EWOULDBLOCK if it's not able to acquire a
TX context, this PR modifies `bt_conn_prepare_events` to respond to this by
also waiting on the TX context pool.
Unfortunately, this increases the required userdata size for any buffers
handed to `bt_conn_send_cb`. This will be fixed in a later commit.
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
Add support for HCI drivers which use the newly defined HCI driver API.
Since Zephyr (currently) only supports a single HCI driver instance,
boards are expected to indicate the instance using a new devicetree
chosen property `zephyr,bt_hci`.
In order to maintain compatibility with not-yet-converted drivers the
code has been placed behind `#if DT_HAS_CHOSEN(zephyr_bt_hci)`
conditionals.
Signed-off-by: Johan Hedberg <johan.hedberg@gmail.com>
The naming of these two options was problematic, since it's both of them
are about vendor extensions, even though one has _EXT in the name and
the other doesn't. Just merge one option into the other. This has a
slight overhead on the controller side of enabling some more vendor
features if BT_HCI_VS is enabled, but that should hopefully be
acceptable.
Signed-off-by: Johan Hedberg <johan.hedberg@gmail.com>
Send a `READ_MAX_ADV_DATA_LEN` command to the controller at the
initialization of the host to fetch the maximum advertising data length
the host can accept.
This is done because even if the Zephyr controller provide the
`CONFIG_BT_CTLR_ADV_DATA_LEN_MAX` Kconfig symbol, other controllers may
not have such Kconfig symbol. So this is a way for the host to be more
controller-agnostic and provide useful feedback to the users.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
This function is used in many places, but just by reading its
name it is not obvious why it is needed.
By adding some documentation it will hopefully become a bit more
clear that this function is mainly used for auto connection
establishment.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
When initially reading some of the host code it was unclear
to me why they were needed an how they are used.
By adding some documentation, this can hopefully make it
easier for others to understand these.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
This config selects a variant of the HCI driver interface that spills
out host internals unto the drivers and even the Zephyr controller. It
will now be removed in favor of driver interfaces that hide the
internals of the host.
The new default is `CONFIG_BT_RECV_WORKQ_BT`.
Any references to the removed kconfig are refactored out.
Any out-of-tree driver using the removed interface can be easily adapted
by copying the following implementations into the driver as private
functions:
- `hci_driver.h:BT_HCI_EVT_FLAG_RECV_PRIO`
- `hci_driver.h:BT_HCI_EVT_FLAG_RECV`
- `hci_driver.h:bt_hci_evt_get_flags`
- `hci_raw.c:bt_recv_prio`
In combination these symbols function as a interface adapter. These
symbols will be removed in this PR in subsequent commits.
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
during local testling, UBSAN reported the following warnings:
- bluetooth/host/adv.c:2067:19: runtime error: shift exponent
255 is too large for 32-bit type 'long unsigned int'
- bluetooth/host/scan.c:828:18: runtime error: shift exponent
255 is too large for 32-bit type 'long unsigned int'
It turned out that we can't use BIT() macro directly on
bt_hci_evt_le_per_advertising_report::cte_type field.
According to Core Spec, `cte_type = 0xFF` corresponds
to `No contstant tone extension`.
Added separate function to convert CTE bit field from
HCI format to bt_df_cte_type
Signed-off-by: Ivan Iushkov <ivan.iushkov@nordicsemi.no>
Added a Kconfig option that makes the RPA sharing feature optional. By
default, the Zephyr Bluetooth stack now uses the RPA rotation policy
that was active before the introduction of the RPA sharing functionality
in the following PR:
https://github.com/zephyrproject-rtos/zephyr/pull/55449
The new Kconfig option configures the advertising sets linked with the
same Bluetooth identity to use the same Resolvable Private Address in
a given rotation period. After the RPA timeout, the new RPA is
generated and shared between the advertising sets in the subsequent
rotation period.
When this option is disabled, the generated RPAs of the advertising
sets differ from each other in a given rotation period.
Signed-off-by: Kamil Piszczek <Kamil.Piszczek@nordicsemi.no>
There is no need to store the RPA in bt_addr_le_t structure, as the
bt_addr_le_t.type is unused anyway. Both bt_rpa_create and
bt_id_set_adv_random_addr take bt_addr_t as parameter.
Saves 1 byte of address type.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Add check to see if RPA is already generated for adv sets
with same id. If generated use the same address for all adv sets
with same id else create new RPA.
Signed-off-by: Nithin Ramesh Myliattil <niym@demant.com>
This is known as the Periodic Advertising Connection Procedure.
The PAwR advertiser can initiate a connection to a synced device and
become the central.
Signed-off-by: Herman Berget <herman.berget@nordicsemi.no>
Adds API for Periodic Advertising with Responses - Scanner:
- Synchronize to a PAwR train
- Choose which subevents to synchronize to
- Receive advertising reports from subevents
- Send responses
The support is enabled by CONFIG_BT_PER_ADV_SYNC_RSP, and requires
a controller that selects CONFIG_BT_CTLR_SYNC_PERIODIC_RSP_SUPPORT.
Signed-off-by: Herman Berget <herman.berget@nordicsemi.no>
Adds API for Periodic Advertising with Responses - Advertiser:
- Configure parameters
- Receive subevent data requests
- Set subevent data
- Receive response reports
The support is enabled by CONFIG_BT_PER_ADV_RSP, and requires
a controller that selects CONFIG_BT_CTLR_ADV_PERIODIC_RSP_SUPPORT.
Signed-off-by: Herman Berget <herman.berget@nordicsemi.no>
Fix RPA timeout expiration when BT_EXT_ADV has been enabled.
Always invalidate the device RPA on RPA timeout.
This RPA is used by the scan roles, and the advertiser that was started
using the bt_le_adv_start API.
Call the RPA expire callback only on advertising sets that are enabled
and not being limited by a timeout and not using the identity address.
On RPA timeout always invalidate the RPA of advertising sets that are
disabled.
Fixes: #51208Fixes: #51228Fixes: #51247
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
If adv stop was called form connected callback,
it would continue and unref the wrong conn object
if there where 2 connectable advertisers running,
but with only one 1 id configured.
Fixes#52196
Signed-off-by: Martin Tverdal <martin.tverdal@nordicsemi.no>
This change prevents two local identities from having bonds to the same
device.
The Core specification is not well suited for Zephyr's multiple-local-
identities feature. The HCI specification seems written with intent that
a controller is used for only one GAP device. A GAP device has at most
one public address, and at most one random static address.
The Zephyr Bluetooth API, on the other hand, has a concept of local
identities. This feature allows the Zephyr Bluetooth stack to
simulatainously assume multiple local addresses. This does not mesh well
with the above intent in the specification.
In particular, the HCI specification for the resolve list does not allow
more than one entry for a remote address. The controller will deny any
attempts at doing this.
The current implementation of the Zephyr host will try the above and be
denied. But there is no handling for this situation and the host ends up
in a confused state. Some parts of the system are ok with the two bonds,
but other parts assume this situation never occurs behave badly.
The result is that the host confuses the multiple bonds to the same
device. Symtoms include:
- Directed advertisements have a different source address than what the
host intended, in which case the two sides are confused about the
address of the Zephyr advertiser, and as a result LTKs will not match.
- Errors in the log.
This commit simply asserts. This is not a solution, just a placeholder
for a fix. The next commit will implement a strategy for handling this
situation instead of failing this assert.
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
The "limit" field of struct k_sem was in use in two places in the BTLE
host code, in one it was being used as a duplicate placeholder for the
"iso_max_num" field received in read_buffer_size_v2_complete[1]. In
another, it was just being tested for zero[2].
Those are pretty clear abuses of internal data, provide minimal value
beyond a few bytes of memory in struct bt_dev_le, and in any case
won't work with zync, where that field doesn't have the same name and
may not even exist depending on app configuration.
Copy the limit value into the struct where it belongs, and use it from
there.
[1] I strongly suspect there is a bug lurking there if the semaphore
maximum is being used to implement the kind of "packet buffer" this
code looks like. Calling k_sem_give() on a "full" semaphore WILL NOT
BLOCK. It will just drop the increment on the floor and return
synchronously. Semaphores aren't msgqs or ringbuffers! But disabling
the max value feature in zync does not result in test failures, so
maybe this usage is safe.
[2] Again, this seems suspicious; a valid k_sem should never have a
zero in that field. Presumably this is really a test for "is
initialized", and so implies there's a mixed up initialization path
somewhere?
Signed-off-by: Andy Ross <andyross@google.com>
Bluetooth Controller has a vendor specific extensions that allows it
to send IQ report events with IQ samples that are 8 bits or 16 bits
signed integer. To use that functionality, there is added common
handler of vendor specific events.
Vendor specific events handling is prioritized to be done by user
provided event handler. If that is not available, then Host generic
implementation enters.
Added vendor specific events that are handled by common Host code
are BT_HCI_EVT_VS_LE_CONNECTIONLESS_IQ_REPORT and BT_HCI_EVT_VS_LE-
_CONNECTION_IQ_REPORT.
The only difference between regular IQ report events is size of
IQ samples, hence implementation of IQ report events is changed to
use the same user callback. To avoid differentiation of user callbacks
new member sample_type was added to bt_df_per_adv_sync_iq_samples-
_report. Also sample member is changed to be a union, to allow easy
access to IQ samples without type casting.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Add support in Bluetooth Host to enable Periodic Advertising
ADI support feature when supported in the Controller to
include ADI in Periodic Advertising AUX_SYNC_IND PDU.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
There is no need to use a k_fifo object to queue the items that are
passed to bt_recv() now that we are using a work queue instead of a
thread, since there is no need for blocking on the actual queue, instead
relying on the fact that work is triggered to know that an item is ready
for processing.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Change CONFIG_BT_RECV_IS_RX_THREAD into a
choice:CONFIG_BT_RECV_CONTEXT with the following options
(names can be discussed further of course):
CONFIG_BT_RECV_BLOCKING
CONFIG_BT_RECV_WORKQ_BT
CONFIG_BT_RECV_WORKQ_SYS
This way users would be able to choose what to run most of
the BLE stack on, they wouldn't be forced to a single model.
We would default to CONFIG_BT_RECV_BLOCKING so that we wouldn't
need to change the system workqueue stack size by default, instead
asking users to do so if they select the CONFIG_BT_RECV_WORKQ_SYS option
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
The above mentioned fix attempts to detect the situation when
bt_att_req_alloc() is invoked on the same thread that runs
att_handle_rsp. It attempts to do so by noting the thread that
first ran bt_recv, assuming the same thread will house all calls
to bt_att_req_free. This turns out not to be correct. It is
evident from the call stack provided below that bt_att_req_free
can be called from other threads than the one that runs bt_recv.
Fixes: #43448
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Add a new callback structure for Bluetooth authentication
This struct is meant to replace the information-only
callbacks in bt_conn_auth_cb. The reason for this is that
due to the nature of bt_conn_auth_cb, it can only be registered
once. To allow mulitple users gain information about pairing
and bond deletions, this new struct is needed.
Samples, tests, etc. are updated to use the new struct.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Introduces new kconfig option CONFIG_BT_DEVICE_APPEARANCE_DYNAMIC.
New API `bt_set_apperance` allows dynamic setting of apperance. The
dynamic setting is saved in the settings subsys. `bt_set_apperance` is
analogous to `bt_set_name`.
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
`gatt_req_alloc` will wait until a `req` is free (or until timeout).
`req`s are freed on the BT RX thread in calls into bt_att_recv.
When `gatt_req_alloc` called on the BT RX thread itself when there are
no free `req`s, it will block the BT RX thread and deadlock. The
deadlock lasts until timeout.
This change detects this condition and returns the failure early.
Fixes https://github.com/zephyrproject-rtos/zephyr/issues/39624 where
if `bt_gatt_write` is called from BT RX thread (as can happen if it is
called from a bluetooth callback), the BT RX thread can be blocked and
prevented from processing the request responses and unblocking itself.
This was the cause of a soft 30s deadlock until gatt_req_alloc timeouts.
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
There were no handling of HCI_LE_CTE_Request_Failed event.
The commit adds missing implementation. An application will
be notified about failed request by cte_report_cb. It is the
same callback that is used for reporting collected CTE IQ
samples. The same callback was used to avoid creation new callback.
To give an application possibility to distinguish between regular
IQ samples report and request failed additional member err was added
to bf_df_conn_iq_samples_report structure.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
The CTE type is used in two ways by HCI layer:
1) single value representing particular CTE type: AoA, AoD 1 us,
AoD 2 us
2) bit-filed where bits 0-2 represent particular CTE types AoA
AoD 1 us, AoD 2 us
The bit-field is used to inform Controller about allowed types
of CTE, hence single value carries more than one value.
To avoid confusion between these use cases in code that refers
to case 1) all named cte_type (singular form). For case 2)
cte_types (plural form) is used.
There is an enumeration that is used for both cases:
bt_df_cte_type. For cte_type only single value from the
enumeration may be assigned to variable except
BT_DF_CTE_TYPE_NONE and BT_DF_CTE_TYPE_ALL.
For cte_types all enum members may be used. Ocasionally
BT_DF_CTE_TYPE_NONE may be excluded. If that is true,
it is described in code documentation.
Thanks to that applications are released from requirement
to include hci.h header file.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Adds a buffer to the host to reassemble potentially fragmented
periodic advertising reports.
The buffer size is configurable through BT_PER_ADV_SYNC_BUF_SIZE.
Reports that cannot be reassembled because there is no buffer or because
the buffer is full will be dropped.
Signed-off-by: Bernhard Wimmer <bernhard.wimmer@nordicsemi.no>
Add reception of IQ sample report from controller.
Add applications notification about received reports.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Check the return value of bt_rand when creating identities.
Failure to generate a random IRK would result in the privacy feature
being compromised.
Fixes: #38120
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Align with the new inclusive naming terms in the v5.3 spec in the
Bluetooth Host implementation.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Fix Periodic Advertising Sync Establishment to accept
synchronization establishment to device listed in the
Periodic Advertisers List when filter policy was used.
Fixes#38520.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Advertising might stop when:
- it was stopped by application
- device connected to a peer
- extended advertising reached stop condition
defined in BT_LE_EXT_ADV_START_PARAM - this is handled in ll
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
Fix non-connectable advertiser configured as ADV_SCAN_IND when
configured by application to have the device name appear in the
advertising data instead of the scan response data.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
In limited advertising advertising should end after certain timeout.
Previously, limited advertising was just general advertising with
BT_LE_AD_LIMITED flag set. Now, if this flag is set the work is
scheduled, that will disable advertising after timeout.
This affects tests GAP/DISC/LIMM/BV-03-C and GAP/DISC/LIMM/BV-04-C
Signed-off-by: Krzysztof Kopyściński <krzysztof.kopyscinski@codecoup.pl>
Change the guard such that the iso_mtu and iso_pkts are
not guarded by BT_CONN as they should be available for
iso broadcast-only builds.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Fix CONFIG_BT_EXT_ADV_LEGACY_SUPPORT option which optimizes the host
to skip checking the feature bit of the controller to check for
extended advertising commands.
This was broken because of how this was implented using an undef of the
feature bit, which was not replicated in scan.c, adv.c and id.c once
this was split out from hci_core.
Instead of doing this wierd way of redefining the feature check macro
do it in a proper way by defining a new macro.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix multiple advertisers with different ID support, this was added
in 98321c61fb but the guard was never
removed.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
