Allows the application to force the use of an NRPA.
This is applied regardless of any other roles running (ie scanner) or
advertising type.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
Co-authored-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
This fixes missing `static` function specifier.
The bt_att_chan_create_pdu is not called outside of att.c.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Some controllers support additional connection parameter ranges
beyond what is described in the specification. Enabling this new option
allows the application to set any value to all connection parameters.
Tbe Host will perform no limits nor consistency checks on any of the
connection parameters (conn interval min and max, latency and timeou).
However, the Host will still use numerical comparisons between the
min and max connection intervals in order to verify whether the
desired parameters have been established in the connection.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Adds a comment stating the state of the peripheral SDU size
and why it is being assigned the PDU size on CIS established.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The current API for changing the bondable mode uses the global flag.
With Zephyr support for multiple Bluetooth identities, the API for
changing the bondable mode should be more fine-grained.
The bondable requirements of one identity should not have an impact on
another identity which can have a different set of requirements.
This change introduces function to overlay bondable flag per
connection.
Signed-off-by: Mateusz Kapala <mateusz.kapala@nordicsemi.no>
The enum used for connection types gets named bt_conn_type to guard
against accidental usage of generic integers with relation to it.
The added default case in several switch statements avoids warnings
against unhandled enum values.
Signed-off-by: Arkadiusz Kozdra <akozdra@antmicro.com>
Fail gracefully if an HCI event of one type arrives for a handle of a
different connection type. The requested types are currently based on
what fields are used, not on the usage context, in order to keep every
correct use so far still working.
A warning is logged if the connection identified by the handle does not
match the requested connection type.
Signed-off-by: Arkadiusz Kozdra <akozdra@antmicro.com>
Since the acl mtu for mesh is reduced to 37 in PR #59004, there is no
need in BT_L2CAP_TX_MTU to be longer than 33 bytes for mesh.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
If disconnection has been triggered in between the security update and
the call to `smp_pairing_complete` we need to abort the pairing.
The disconnection may have been triggered by `bt_unpair`, in that case
the keys will have been erased and it will lead to an assertion to
continue as if nothing happened.
To resolve this issue, at the beginning of `smp_pairing_complete` the
`status` is set to `BT_SMP_ERR_UNSPECIFIED` if there is no connection.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
If the remote responds with and security related error the stack tries
to increase the security level to satisfy the remote permissions.
This fixes missing ATT timer reset on security related ATT Error
Response as the ATT operation is considered as complete.
< ACL Data TX: Handle 0 flags 0x00 dlen 7
ATT: Read Request (0x0a) len 2
Handle: 0x0084
TMAS: Role
> ACL Data RX: Handle 0 flags 0x02 dlen 9
ATT: Error Response (0x01) len 4
Read Request (0x0a)
Handle: 0x0084
Error: Insufficient Authentication (0x05)
TMAS: Role
Error code: 0x05
< ACL Data TX: Handle 0 flags 0x00 dlen 6
SMP: Security Request (0x0b) len 1
Authentication requirement: Bonding, No MITM, SC, No Keypresses
= bt: bt_att: ATT Timeout
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
If connection reference is acquired from `bt_conn_lookup_addr_le` but
`bt_gatt_ccc_cfg_is_matching_conn` return false the connection was not
unreferenced properly. This commit fix the issue by unreferencing the
connection if the condition is false.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
unpair may be called from bt_unpair where addr is NULL.
One such case is the `bt clear all` shell command which
calls bt_unpair with addr = NULL, and the addr is just forwarded
to unpair which does not check for NULL.
bt_unpair allows for the addr to be NULL to clear all, but only
if SMP is enabled.
Modified the checks in bt_unpair to increase readability
and ensure that unpair is not called with NULL.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
In `gatt.c`, the function `bt_gatt_ccc_cfg_conn_lookup()` was not
checking that `conn` was not NULL. That leaded to a NULL pointer
dereferences later in `bt_conn_is_peer_addr_le`.
Fix by checking that `conn` is not NULL.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
This commit wrap the `settings_set_one` and `settings_delete` functions
in `bt_settings_store_one` and `bt_settings_delete`. By doing that the
Bluetooth settings can be managed in a single place.
This commit also introduce a new API to manage Bluetooth storage with
`bt_settings_store_*` and `bt_settings_delete_*` functions. Each
Bluetooth settings key have their own store and delete functions. Doing
that so custom behavior for key can be done if necessary.
This change is motivated by a need of keeping track of different
persistently stored settings inside the Bluetooth subsystem. This will
allow a better management of the settings that the Bluetooth subsystem
is responsible of.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
This fixes the failure to use a resolvable private address in this
scenario.
1. call `bt_le_oob_get_local`, will generate and mark RPA as valid
2. start connectable adv w/ IDENTITY bit
3. start connectable adv w/o IDENTITY
4. RPA is not set (in `bt_id_set_private_addr`) because RPA
is still marked as valid
When EXT_ADV is enabled and the controller supports it, a different code
path is taken that doesn't have this issue.
Unconditionally invalidating the RPA when starting advertising works around
this issue.
Fixes#56326
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
Currently, when an incoming dynamic LE L2CAP connection is requested by
a peer, the connected() callback provided by the user is raised
*before* a L2CAP_LE_CREDIT_BASED_CONNECTION_RSP is sent back to the
peer.
In some cases the user will start sending data in the connected()
callback which would be received too early by the peer.
This commit fixes this behavior by making sure the connected() callback
is raised only after the connection response has been sent to the peer.
Signed-off-by: Donatien Garnier <donatien.garnier@blecon.net>
Fix an issue causing a wrong Bluetooth identity value to be stored. It
was happening because the `bt_dev.id_count` was incremented after the
settings being stored.
To fix this, `bt_dev.id_count` is now incremented right before the ID
creation and is decremented if the ID creation failed.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
Log status values in events as hex instead of decimal
to make it easier to compare to the spec and hci_err.h
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Set the secondary advertising PHY to a valid value when using
legacy advertising through the LE Set Extended Advertising Parameters
command.
Fixes#57885.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
GATT server was not doing enough check before udpating the CCC.
For example, a non-bonded client could update the CCC of a bonded client
by spoofing his address.
This fix the issue by dissociating the CCC configuration of a bonded and
a non-bonded peer. To do that, a new field is added to the CCC config:
`link_encrypted`.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
When CCC or CF store on write is disabled and the other one is enabled,
leading to the delayed store being enabled. This cause the value of the
corresponding `n` selected option to not be stored at all.
To fix this, the checks to know if we need to store the CCC or the CF,
happening at the disconnection, are now ensuring that the CCC or the CF
are stored even if the one of them does not enable store on write.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
The previous implementation would read from `addr->val[0]` before it was
initialized if the input string started with a colon ':'.
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
When `CONFIG_BT_SETTINGS_DELAYED_STORE` is enabled (by default it is),
the local GATT server will delay the write to flash of the CCC and CF
values. The delay is defined by `CONFIG_BT_SETTINGS_DELAYED_STORE_MS`.
If a disconnection happen before that delay, the `bt_gatt_disconnected`
will reschedule the delayed store operation. But that operation will not
happen before `bt_gatt_disconnected` is complete, at this moment, the
CCC and CF values will have already been cleared.
To fix this issue, the delayed store operation is now done during the
`bt_gatt_disconnected` function.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
Some Bluetooth controllers (Nordic Softdevice) now use
`BT_HCI_ERR_INSUFFICIENT_RESOURCES` to signify when advertising sets
cannot be created, instead of the old `BT_HCI_ERR_CONN_LIMIT_EXCEEDED`.
Signed-off-by: Jordan Yates <jordan.yates@data61.csiro.au>
On CIS disconnect, the central will clear all data paths.
However hci_le_remove_iso_data_path will fail if attempting to remove a
data path that has not been setup, so if only the CTLR_TO_HOST
direction was set, and the HOST_TO_CTLR bit was set, the
function returned an error and never attempted to clear the other
direction.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The path_dir variable of BT_HCI_OP_LE_REMOVE_ISO_PATH must be bitflags,
with the following meaning:
- BIT(0) : DIR_HOST_TO_CTLR
- BIT(1) : DIR_CTLR_TO_HOST
Signed-off-by: Morten Priess <mtpr@oticon.com>
Add support for long writes for the unicast client and server.
This reuses the ATT buffer for long reads.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
A recent change in MCS significantly reduced the requirement
of L2CAP_TX_BUF_COUNT and should now work with any value.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
This is an alternative API for the L2CAP receive functionality. It
allows an application the receive L2CAP segments directly and manage
credits explictly. The API is guarded by an experimental kconfig option.
Fixes: https://github.com/zephyrproject-rtos/zephyr/issues/57485
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
This makes it explicit that enabling `BT_PRIVACY` will make the device
_use_ private addresses.
The device can still resolve RPAs when `BT_PRIVACY=n`.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
Until now iterable sections APIs have been part of the toolchain
(common) headers. They are not strictly related to a toolchain, they
just rely on linker providing support for sections. Most files relied on
indirect includes to access the API, now, it is included as needed.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
There is a check in bt_conn_auth_cb_overlay function which validates
if content of the callback structure is correct, but there is no
NULL-check on the structure pointer itself, which could result in
NULL pointer dereference.
It should be possible to set the callback structure pointer to `NULL`
using bt_conn_auth_cb_overlay function if the application requires
ex. Just Works pairing for one Bluetooth identity and global
callbacks are configured for advanced pairing scheme (like Passkey
Display) for other Bluetooth identity.
Signed-off-by: Mateusz Kapala <mateusz.kapala@nordicsemi.no>
The phy was converted both when reading from the event
and when reading from the sync, leading to incorrect
value in the synced callback.
Signed-off-by: Herman Berget <herman.berget@nordicsemi.no>
There is no need to store the RPA in bt_addr_le_t structure, as the
bt_addr_le_t.type is unused anyway. Both bt_rpa_create and
bt_id_set_adv_random_addr take bt_addr_t as parameter.
Saves 1 byte of address type.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This fixes uninitialized RPA value for BT_ID_DEFAULT.
The regression has been introduced in
8d6b206064.
As the result, the private address was not created and the advertising
was started with 00:00:00:00:00:00 address.
In case of the other advertising ID's, those are initialized
from id_create context.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
The bt_gatt_indicate() expects its parameters to remain valid while the
indicate procedure is active. But the `sc_range` variable was local to
the function. It is assigned to the `data` field and passed on to
bt_gatt_indicate(). The memory associated with `sc_range` goes out of
scope as soon as the function returns thereby breaking the contract of
the API. This dangling reference will lead to undefined behavior.
This is now fixed by making the `sc_range` array static and further
making it an array of arrays, as the sc_range may have different values
for each connection.
Found as violation of MISRA C:2012 and CERT DCL30-C by sonarcloud.
Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Add check to see if RPA is already generated for adv sets
with same id. If generated use the same address for all adv sets
with same id else create new RPA.
Signed-off-by: Nithin Ramesh Myliattil <niym@demant.com>
Cast `dhkey` to `void*` to avoid a warning from the logging subsystem:
```
<wrn> cbprintf_package: (unsigned) char * used for %p argument.
It's recommended to cast it to void * because it may cause misbehavior
in certain configurations
```
Signed-off-by: Herman Berget <herman.berget@nordicsemi.no>
Use BT_CONN_TX_USER_DATA_SIZE when defining pools of buffers that will go
through `bt_conn_send_cb()`.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
MTU doesn't count against the ISO and ISO data headers.
Then a config with CONFIG_BT_ISO_TX_MTU ==
CONFIG_BT_CTLR_ISO_TX_BUFFER_SIZE should not fragment SDUs over HCI.
Also set the TS_Flag bit if a timestamp is present.
Fixes#56749
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
The LOG_ERR was printing the wrong variable. `type` always has the value
`BT_BUF_H4` here, so there is no point in printing it.
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
