Add missing braces to comply with MISRA C:2012 Rule 15.6 and
also following Zephyr's style guideline.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
Move the network buffer header file from zephyr/net/buf.h to
zephyr/net_buf.h as the implementation now lives outside of the networking
subsystem.
Add (deprecated) zephyr/net/buf.h header to maintain compatibility with old
file path.
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
When developing Bluetooth applications, you typically run into
some errors. If you are an experienced Bluetooth developer,
you would typically have an HCI error lookup table in your memory.
Others might not.
This commit utilizes defines CONFIG_BT_DEBUG_HCI_ERR_TO_STR
and utilizes bt_hci_err_to_str() to print out HCI error strings
when enabled to improve the user experience.
Several alternatives where considered. This approach was chosen
as it had the best balance between readability, code size, and
implementation complexity.
The alternatives are listed below as a reference.
1. Macro defined format specifier:
```c
#define HCI_ERR_FMT "%s"
#define BT_HCI_ERR_TO_STR(err) (err)
#define HCI_ERR_FMT "%d"
#define BT_HCI_ERR_TO_STR(err) bt_hci_err_to_str((err))
LOG_INF("The event contained " HCI_ERR_FMT " as status",
BT_HCI_ERR_TO_STR(err));
```
Advantage: Space efficient: Code size does not increase
Disadvantage: Code becomes hard to read
2. Format specifier to always include both integer and string:
```c
static inline const char bt_hci_err_to_str(err)
{
return "";
}
LOG_INF("The event contained %s(0x%02x) as status",
bt_hci_err_to_str(err), err);
```
Advantage: Simple to use, implement, and read,
Disadvantage: Increases code size when CONFIG_BT_DEBUG_HCI_ERR_TO_STR
is disabled. The compiler seems unable to optimize away the unused
format specifier. Note: The size increase is only present when
logging is enabled.
3. Always print as string, allocate a stack variable when printing:
```c
const char *bt_hci_err_to_str(char *dst, size_t dst_size, uint8_t err)
{
snprintf(dst, dst_size, 0x%02x, err);
return dst;
}
LOG_INF("The event contained %s as status", BT_HCI_ERR_TO_STR(err));
```
Advantage: Very easy to read.
Disadvantage: Printing error codes becomes slow as it involves calling
snprint.
4. Implement a custom printf specifier, for example E.
This requires a global CONFIG_ERR_AS_STR as I assume we cannot have
one specifier for each type of error code.
Also, I assume we cannot start adding specifiers for each subsystem.
```c
#define BT_HCI_ERR_TO_STR(err) (err)
#define BT_HCI_ERR_TO_STR(err) bt_hci_err_to_str((err))
LOG_INF("The event contained %E as status", BT_HCI_ERR_TO_STR(err));
```
Advantage: Both efficient code and readable code.
Disadvantage: This requires a global CONFIG_ERR_AS_STR as I assume
we cannot have one specifier for each type of error code.
Also, I assume we cannot start adding specifiers for each subsystem.
That is, this approach is hard to implement correctly in a scalable
way.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
The BR SMP fixed channel BR/EDR Security Manager
(CID 0x0007) cannot be set in L2CAP Information
Response. It is caused by the invalid fix channel
definition used.
Move macro `BT_L2CAP_BR_CHANNEL_DEFINE` to
`l2cap_br_interface.h`, that the macro can be
accessed in smp.c. And remove duplicated
header file include `#include "classic/l2cap_
br_interface.h"` from smp.c.
Define fixed channel, BR/EDR Security Manager
(CID 0x0007), by using `BT_L2CAP_BR_CHANNEL_DEFINE`.
Fix the smp L2CAP channel of BR cannot be found
issue. Use `bt_l2cap_br_lookup_tx_cid` to get
the BR SMP L2CAP channel instead of using
`bt_l2cap_le_lookup_tx_cid`.
Fix the invalid SMP L2CAP channel used when
the BR smp failed.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
It was pointed out in a future PR that they should have
a corresponding experimental Kconfig entry.
See PR #73795.
This updates the APIs added in PR #73826 and PR #74295.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
Utilize a code spell-checking tool to scan for and correct spelling errors
in all files within the `include/zephyr/bluetooth` and `subsys/bluetooth`
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
Utilize a code spell-checking tool to scan for and correct spelling errors
in all files within the subsys/bluetooth/host directory.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
This commit fixes compilation warnings that are present when compiling
with CONFIG_BT_SMP_OOB_LEGACY_PAIR_ONLY as can be seen in this
compiler log:
"""
In file included from /zephyr-sdk-0.16.1/arm-zephyr-eabi/picolibc/
include/string.h:215,
from /zephyr/subsys/bluetooth/host/smp.c:15:
In function '__memcpy_ichk',
inlined from 'sc_send_public_key' at /zephyr/subsys/bluetooth/host/
smp.c:3006:2:
/zephyr-sdk-0.16.1/arm-zephyr-eabi/picolibc/include/ssp/string.h:83:1:
warning: argument 2 null where non-null expected [-Wnonnull]
83 | __ssp_bos_icheck3_restrict(memcpy, void *, const void *)
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
/zephyr-sdk-0.16.1/arm-zephyr-eabi/picolibc/include/ssp/string.h:83:1:
note: in a call to built-in function '__builtin_memcpy'
/zephyr/subsys/bluetooth/host/smp.c: In function 'smp_public_key':
/zephyr/subsys/bluetooth/host/smp.c:4214:21: warning: argument 2
null where non-null expected [-Wnonnull]
4214 | memcmp(smp->pkey, sc_public_key, BT_PUB_KEY_COORD_LEN) == 0) {
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/zephyr-sdk-0.16.1/arm-zephyr-eabi/picolibc/include/string.h:62:10: note:
in a call to function 'memcmp' declared 'nonnull'
62 | int memcmp (const void *, const void *, size_t);
| ^~~~~~
"""
The warning is caused by the potential use of NULL "sc_public_key"
global pointer that is not assigned a value in "smp_init()" if
CONFIG_BT_SMP_OOB_LEGACY_PAIR_ONLY is enabled. This commit
conditionally changes the behavior of function "smp_public_key()"
if CONFIG_BT_SMP_OOB_LEGACY_PAIR_ONLY is activated to simply return
and not use the "sc_public_key" variable. Other functions that are not
called anymore by "smp_public_key()" are also conditionally
deactivated when CONFIG_BT_SMP_OOB_LEGACY_PAIR_ONLY is enabled
Signed-off-by: Sebastian Panceac <sebastian.panceac@ext.grandcentrix.net>
This can be useful if application developers
want to print them in the applications.
Later we can also use them in
the host to improve debuggability.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
This API converts a SMP error code to a string.
This can be useful if application developers want
to print them in the applications.
BT_SMP_ERR_SUCCESS was added for completeness.
Later we can also use them in the host to improve debuggability.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
This API replaces `bt_l2cap_send()` and `bt_l2cap_send_cb()`.
The difference is that it takes the `struct bt_l2cap_le_chan` object
directly instead of a connection + CID.
We need the channel object in order to put the PDU on the TX queue. It
is inefficient to do a search for every PDU when the caller knows the
channel object's address and can just pass it down.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
Add functions to do XOR on arrays of memory, with one that
takes arbitrary sizes and one for 32 bits and 128 bits as
those are common sizes for this functionality.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Added run-time BT_CENTRAL role check for the path that was
central specific and did not have such check.
When multi-role BT device tried to pair without bonding (peripheral role)
while already previously bonded with the same device on another
Bluetooth identity, pairing failed.
It executed central-specific code, which should not be executed in case
when the device acts as peripheral (as it is even opt-out from code when
CONFIG_BT_CENTRAL is not enabled).
Signed-off-by: Mateusz Kapala <mateusz.kapala@nordicsemi.no>
If the bonding information has been cleared before pairing had a chance
to complete (probably by the application), indicate this by setting an
appropriate log message.
Also check that keys exist before calling `bt_keys_store`.
Fixes#59788 and #61465
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
Fix an issue in the CCC configuration when the Peripheral device
maintains two or more distinct connections on different identities
with the same peer. The issue occurs when the local device performs
the pairing and the bonding procedure on a connection associated
with one of the Bluetooth identities. During the identity resolution,
the peer address field in the CCC descriptor is converted from the
RPA-type address to the Identity Address. However, the destination
address on the remaining connection objects associated with other
Bluetooth identities is not converted. Due to this, their CCC
configuration is reset and GATT indications and notification fail
to be sent even if the Central device subscribed to them.
Added necessary code to iterate over all connection objects during
the identity resolution phase and aligned their destination address
from the RPA-type to the Identity Address.
Signed-off-by: Kamil Piszczek <Kamil.Piszczek@nordicsemi.no>
Fix a bunch of mismatched CONTAINER_OF, few missing
k_work_delayable_from_work conversions but also many
bt_l2cap_le_chan/bt_l2cap_chan and few others.
Signed-off-by: Fabio Baltieri <fabiobaltieri@google.com>
Fix few instances of delayable work handlers using the k_work pointer
directly in a CONTAINER_OF pointing to a k_work_delayable.
This is harmless since the k_work is the first element in
k_work_delayable, but using k_work_delayable_from_work is the right way
of handling it.
Change a couple of explicit CONTAINER_OF doing the same work as the
macro in the process.
Signed-off-by: Fabio Baltieri <fabiobaltieri@google.com>
Fixes a coverity-reported issue by explicitly ignoring the return value
of the cas-operation. The return value is the old value, but we are not
interested in it in the situation when we just want to initialize a
value if it is in the uninitialized state.
Fixes: https://github.com/zephyrproject-rtos/zephyr/issues/60474
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
The current API for changing the bondable mode uses the global flag.
With Zephyr support for multiple Bluetooth identities, the API for
changing the bondable mode should be more fine-grained.
The bondable requirements of one identity should not have an impact on
another identity which can have a different set of requirements.
This change introduces function to overlay bondable flag per
connection.
Signed-off-by: Mateusz Kapala <mateusz.kapala@nordicsemi.no>
If disconnection has been triggered in between the security update and
the call to `smp_pairing_complete` we need to abort the pairing.
The disconnection may have been triggered by `bt_unpair`, in that case
the keys will have been erased and it will lead to an assertion to
continue as if nothing happened.
To resolve this issue, at the beginning of `smp_pairing_complete` the
`status` is set to `BT_SMP_ERR_UNSPECIFIED` if there is no connection.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
Cast `dhkey` to `void*` to avoid a warning from the logging subsystem:
```
<wrn> cbprintf_package: (unsigned) char * used for %p argument.
It's recommended to cast it to void * because it may cause misbehavior
in certain configurations
```
Signed-off-by: Herman Berget <herman.berget@nordicsemi.no>
When central is sending SMP Pairing Request is it unknown if
pairing will be legacy or LE SC so set OOB flag if any OOB
data is present and assume to peer device provides OOB data
that will match pairing type.
This was affecting following qualification test cases:
SM/CEN/OOB/BI-01-C
SM/CEN/OOB/BV-01-C
SM/CEN/OOB/BV-03-C
SM/CEN/OOB/BV-09-C
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
Some systems can support only legacy OOB pairing while others only
LE SC OOB pairing.
The existent API function "bt_set_oob_data_flag" was removed.
Two new API functions were added:
* "bt_le_oob_set_legacy_flag" to signal that legacy OOB pairing is used
* "bt_le_oob_set_sc_flag" to signal that LE SC OOB pairing is used
The code will now advertise the presence of OOB flag depending
on the type of pairing method(SC vs legacy)
Signed-off-by: Sebastian Panceac <sebastian.panceac@ext.grandcentrix.net>
In the case of a constrained system that uses dynamic channels (ie, not
much initial credits), the user's log would be flooded with those three
messages.
This is not really an error per se as the stack will handle it properly and
reschedule the sending of the buffers as soon as more credits arrive.
Thus downgrading the severity of
- the l2cap messages, as they are only compiled when dynamic channels are
enabled
- the conn message. Reporting the error belongs in the upper layers.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
9.4.2 section, Part C, Vol 3 of the Bluetooth Core specification v5.3
states the following in the case that the device is in non-bondable
mode:
If Security Manager pairing is supported, the Host shall set the
Bonding_Flags to ‘No Bonding’ as defined in [Vol 3] Part H, Section
3.5.1 and bonding information shall not be exchanged or stored.
Fixes#54104
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add logging of the fields in the sent and received pairing
requests and responses. This makes it easier to debug
why a pairing would be e.g. rejected, or simply to get
more insight in the resulting pairing.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Added a new Kconfig option for the Bluetooth Host to allow
unauthenticated pairing attempts made by the peer where an
unauthenticated bond already exists on other local identity.
Signed-off-by: Kamil Piszczek <Kamil.Piszczek@nordicsemi.no>
The `bluetooth/common/log.h` and `bluetooth/common/log.c` files have been
removed. Files that were using them have been updated to use
`zephyr/logging/log.h` instead.
Those replacement have been done consequently:
- `/BT_DBG/LOG_DBG/`
- `/BT_ERR/LOG_ERR/`
- `/BT_WARN/LOG_WRN/`
- `/BT_INFO/LOG_INF/`
- `/BT_HEXDUMP_DBG/LOG_HEXDUMP_DBG/`
- `/BT_DBG_OBJ_ID/LOG_DBG_OBJ_ID/`
Also, some files were relying on the `common/log.h` include to include
`zephyr/bluetooth/hci.h`, in those cases the include of `hci.h` has
been added.
For files that were including `common/log.h` but not using any logs,
the include has been removed and not replaced.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
After merging #51809, a few things were spotted that needed tweaking.
Among them:
- Rename the folder from bt_crypto to crypto, since the prefix is
unnecesary
- Remove the include folder
- Remove the path from the global include paths
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Add to the cryptographic toolbox the h8 function, defined in the Bluetooth
Core Vol. 6, part E 1.1.1.
Also add test and SMP self test for this function. The data used for those
are from the Bluetooth Core.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
Move functions defined in the Cryptographic toolbox of the Bluetooth
specification inside their own files in the following folder:
`zephyr/subsys/bluetooth/bt_crypto`. The functions were previously
implemented in `zephyr/subsys/bluetooth/host/smp.c`.
The cryptographic toolbox functions can now be accessed from outside of the
host.
In addition to that, tests for each cryptographic toolbox functions have
been added.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
Functions related to string manipulation that were defined in
`common/log.h` has been moved to the `common/bt_str.h` file and their
implementation in `common/bt_str.c`.
Files that were using those functions has been updated consequently.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
This commit prevents the assertion error added in the previous commit,
by introducing the following behavior.
When the Host detects that a pairing procedue would result in more than
one local identity having a bond with the same remote address, it will
try to abort the pairing. If the pairing procedure cannot be properly
aborted, it will remove the pairing locally and disconnect.
This commit also introduces a new kconfig `BT_ID_UNPAIR_MATCHING_BONDS`.
This config changes the above-described behavior to instead un-pair the
old bond and continue with the pairing (if the new bond has the same or
better security.)
The new kconfig is not enabled by default. See the help text of the new
kconfig option for more details.
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
This makes it more user-friendly, in case no failed cb has been
registered so this error is printed out of context.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
Log the LE Secure Connection (SC) LTK in a pairing procedure without
bonding when CONFIG_BT_LOG_SNIFFER_INFO is enabled.
Fixes: #50691
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
As of today <zephyr/zephyr.h> is 100% equivalent to <zephyr/kernel.h>.
This patch proposes to then include <zephyr/kernel.h> instead of
<zephyr/zephyr.h> since it is more clear that you are including the
Kernel APIs and (probably) nothing else. <zephyr/zephyr.h> sounds like a
catch-all header that may be confusing. Most applications need to
include a bunch of other things to compile, e.g. driver headers or
subsystem headers like BT, logging, etc.
The idea of a catch-all header in Zephyr is probably not feasible
anyway. Reason is that Zephyr is not a library, like it could be for
example `libpython`. Zephyr provides many utilities nowadays: a kernel,
drivers, subsystems, etc and things will likely grow. A catch-all header
would be massive, difficult to keep up-to-date. It is also likely that
an application will only build a small subset. Note that subsystem-level
headers may use a catch-all approach to make things easier, though.
NOTE: This patch is **NOT** removing the header, just removing its usage
in-tree. I'd advocate for its deprecation (add a #warning on it), but I
understand many people will have concerns.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Adds flag indicating the pairing that was completed using OOB method.
The flag is needed for checking 128bit entropy pairing required by LE
Audio services.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Change introduces authentication callbacks used only for specified
BLE connection. The feature can be used by devices that require
reporting specific bonding capabilities only when pairing using
vendor-specific procedures.
If per-connection authentication callbacks are defined for given
connection, they are used instead of global authentication
callbacks. SMP latches authentication callbacks during the first
access to prevent updating the callbacks while pairing.
Fixes: #38336
Signed-off-by: Marek Pieta <Marek.Pieta@nordicsemi.no>
Fix SMP check of existing local keys when attempting to start security
with required security mode 1 level 4. The logic for checking the
conditions was wrong, leading to a situation where encryption would be
attempted to be started by the central instead of initiating a new
pairing procedure. This would fail when the connection was encrypted and
the connection would be disconnected.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This reverts commit e11ff7df48.
This patch causes some PTS failure.
Another patch to address duplicate device will follow.
Signed-off-by: Azizah Ibrahim <azizah.ibrahim@nordicsemi.no>
Core v5.3, Vol 4, Part E, 7.8.38
Controller has the option to accept or reject when the same device
is added to RL.
If a remote device has been added to RL before, then local device
change it's advertsing address, and the remote device tries to pair
with the new address, we could end up trying to add the same data to RL.
If a remote device's public/static address is known, this patch deletes
the old entry from RL before adding it.
Signed-off-by: Azizah Ibrahim <azizah.ibrahim@nordicsemi.no>
