Check the return value of bt_rand when creating identities.
Failure to generate a random IRK would result in the privacy feature
being compromised.
Fixes: #38120
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix unexpected control flow in host keys module. A continue in a do
while false act the same as a break. This entire construct can be
replaced with a simple if else control flow.
Fixes: #38014
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Check len is not zero before accessing data pointer, the len variable
is not checked before this point so cannot be trusted to not be zero.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fixes an issue whereby the application is configured for extended
advertising mode but advertises in legacy mode with a large device name
which should be limited to 31 bytes
Signed-off-by: Jamie McCrae <jamie.mccrae@lairdconnect.com>
Ignore the return value of the bt_gatt_change_aware function when the
client is reading the database hash characteristic value. This is the
point where the client becomes change-aware, so nothing else should be
done if the client is change-unaware.
Fixes: #38012
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This is a regression introduced in b8770acc28 when
aligning with BT Core Spec 5.3 naming convention.
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
When falling back to L2CAP for connection parameter updates, the
interval min and maxes should also be saved.
Fixes#38613.
Signed-off-by: Eric Johnson <eric@liveathos.com>
Align with the new inclusive naming terms in the v5.3 spec in the
Bluetooth Host implementation.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Add an array similar to the bt_conn (ACL/L2CAP)
tx sent callback, and initialize it.
This increases the number of bt_conn_tx available
such that ISO does not take any of "L2CAP's" buffers,
but also ensures that the sent callback is called
for a broadcast iso only build.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The new inclusive naming terminology changes in v5.3 of the Bluetooth
specification affect the HCI layer, so apply all relevant changes to
align with it.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Fix Periodic Advertising Sync Establishment to accept
synchronization establishment to device listed in the
Periodic Advertisers List when filter policy was used.
Fixes#38520.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The Bluetooth Core Specification, version 5.3, has introduced multiple
changes to several widely-used terms in order to make them inclusive.
Update the public API to reflect this, excluding hci.h, which will be
done in a subsequent commit.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
When the application sets more than 251 bytes of advertising data,
the data is sent over multiple HCI commands.
This is only allowed if the advertiser is not running
as defined by the HCI specification.
The data is sent to the controller one AD-field at the time.
If an AD-field is larger than BT_HCI_LE_EXT_ADV_FRAG_MAX_LEN,
the data is split over two commands.
This introduces some additional complexity.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
To test fallback to remaining bearers PTS might request IUT to
disconnect one of the connected EATT channels, while the others remain
intact. Test function must be added, because we cannot create L2CAP
server on EATT PSM and manage this server as normal and have EATT
enabled at same time.
This is affecting GATT/SR/GAW/BV-14-C
Signed-off-by: Krzysztof Kopyściński <krzysztof.kopyscinski@codecoup.pl>
A check for valid_chan_io_qos in big_init_bis was missing
a negation when checking for invalid parameters.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Two checks reported wrong value if the value was invalid.
CIS parameter check would always fail on correct values
due to missing negation of valid_chan_qos.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Fix MPU fault due to incorrect EV_COUNT, `conn_change`
signal was not accounted for in the array used by k_poll.
Relates to commit 7854088116 ("Bluetooth: ISO: Fixes
missing handling of broadcast ISO TX").
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Instead of disconnecting ISO channels on ACL,
we put them in a non-connected state, and wait for
the ISO disconnect events.
This ensure that the controller has free'd the
ISO channels when the iso disconnect callbacks
are received. It will thus be possible to e.g.
terminate the CIG on the ISO disconnect callback.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
When an ISO channel is disconnect on the central, it is
not deallocated, but merely disconnected. This is because,
as per the HCI spec, the CIS handle lives on in the CIG.
Instead of unref'ing the bt_conn to 0, we simply put the
channel and connection in the disconnected state.
This also fixes a few missing returns for
terminating a CIG.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Add a sent callback to bt_iso_chan_ops so that the application
can be notified when an SDU has been sent. This can help the
application decide whether to queue up multiple, or only
have a single ISO PDU enqueue for reduced latency.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
On native_posix_64 we get the following compile error in CI:
error: format %u expects argument of type unsigned int
Fix by using %zu instead of %u as type is of size_t.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
The HCI spec defines the BIS index range as starting from
index 0x01. We had previously implemented it such that it
starts from 0x00, and then simply adding 1 to the index
when sending over HCI. However, this may cause issue with
other HCI, or other SIG defined specification, commands
and events, and thus it is probably simpler if we just
use the HCI defined range.
This commit disallows BIT(0) (representing the BIS
index 0x00) to be set, and removes the addition
of 1 when sending over HCI.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Instead of checking `if (iso == NULL)` it simply checked
`if (iso)` which is the opposite of what it should have done.
This completely blocks iso from connecting channels.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Timeout cancel should only be done for connections established in
peripheral role.
Enhanced connection complete event could still be delivered without
extended advertising support (i.e no advertising set terminated event)
so this handling should be moved to the common conn complete function.
Fixes#37467
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
When call bt_gatt_indicate with param->attr set to null.
and attr->uuid set to given uuid, the internal notify will
search uuid, but not assigned to param->attr, which cauce
null point reference when:
notify --> gatt_indicate --> bt_gatt_check_perm
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
When call `bt_gatt_notify_cb` with param->attr set to null.
and attr->uuid set to given uuid, the internal notify will
search uuid, but not assigned to param->attr, which cauce
null point reference when:
notify --> gatt_notify --> bt_gatt_check_perm
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Advertising might stop when:
- it was stopped by application
- device connected to a peer
- extended advertising reached stop condition
defined in BT_LE_EXT_ADV_START_PARAM - this is handled in ll
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
Call bt_le_adv_stop() if adv == bt_dev.adv (Meaning it is the legacy
advertiser and was started with bt_le_adv_start()), otherwise use
bt_le_ext_adv_stop(), because it was started with bt_le_ext_adv_start().
Failing to stop advertising shouldn't result in assert.
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
Update the name of the bt_conn pointers to make it clear
whether the connection pointers are ACL or ISO connections.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Make the name of the internal bt_conn pointers explicit as to
whether they point to an ACL or ISO bt_conn.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The channels list were originally meant to be used
for multiple bt_iso_chan per iso connect (bt_conn), but
that is not the case for the current API, and won't be
going forward, so the use of the list has been removed.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
In case that creating a BIG fails due to missing
ISO channel, cleanup_big would try to access a
NULL pointer.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
After 31045c7 was merged, it was possible to use broadcast
iso without CONFIG_BT_CONN, but it did not properly handle
TX as there were missing support to read the buffer
size from the controller, as well as missing support
for handling the number of completed packets event.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Change so that num_completed_packets event handling is also
enabled for broadcast ISO only builds. This is because sending
data on a broadcast ISO still generates this event.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Move the function out of the ACL group as it may be used
for broadcast ISO only builds.
er 31045c7 was merged, it was possible to use broadcast
iso without CONFIG_BT_CONN, but it did not properly handle
TX and RX as there were missing support to read the buffer
size from the controller, as well as missing support
for handling the number of completed packets event.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Follow up on commit bfd45e5b8c
("drivers: remove Kconfig option CONFIG_UART_CONSOLE_ON_DEV_NAME")
Remove Kconfig options
CONFIG_BT_UART_ON_DEV_NAME and CONFIG_BT_MONITOR_ON_DEV_NAME
since all UART drivers are converted to devicetree and we can just use
DEVICE_DT_GET(DT_CHOSEN(zephyr_bt_uart)) and
DEVICE_DT_GET(DT_CHOSEN(zephyr_bt_mon_uart)).
Signed-off-by: Johann Fischer <johann.fischer@nordicsemi.no>
Update the connected ISO API to be more
similar to the broadcast ISO API as well
as the HCI spec.
This updated API allows for more flexibility
and will better support scenarios such as true
wireless setup, as ISO channels and connections
are more independent now.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The bt_sdp_get_add_proto_param is used to get the protocol
parameter from Additional Protocol Descriptor List.
In order to implement it, one parameter
(proto_profile_index) is added to sdp_get_uuid_data_index
to get the indexed item.
Fix one bug in sdp_get_uuid_data because there may be more
than 2 consequent "seq len item".
Signed-off-by: Mark Wang <yichang.wang@nxp.com>
Add a build assert if the device name has been misconfigured. The device
name has a max length of 248. When configured as dynamic make sure that
the initial device length can fit in the dynamic max length.
This prevents us from having to handle length overflow when setting
device name in advertising data which has an 8-bit length field.
Log a warning if failing to set the device name in bt_enable.
Remove unused defines in the shell.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
In the case where keys are distributed on an unencrypted link,
we got the following call trace:
- bt_smp_recv()
- smp_error()
- smp_pairing_complete()
- bt_conn_security_changed()
- smp_pairing_complete()
- bt_auth->pairing_failed()
- smp_reset()
- bt_auth->pairing_failed()
- smp_reset()
To avoid the second call to bt_auth->pairing_failed()
we validate the that smp flags before calling the callback.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
(Re)setting the connection handle in hci_disconn_complete
should not be done as the handle are used for
logging/debugging purposes after this, and makes it
impossible to lookup the handle of disconnected
connections.
The connection handle is set to 0 during bt_conn_new
in any case.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
No initialisation will lead to undefined behaviour in check for
BT_L2CAP_RECONF_INVALID_MPS.
This is affecting L2CAP/ECFC/BV-23-C
Signed-off-by: Krzysztof Kopyściński <krzysztof.kopyscinski@codecoup.pl>
