Log the security keys that the sniffer needs in order to sucessfully
decrypt the connection.
This option allows the sniffer to work in the cases where enabling
using the SMP debug keys is not wanted, either because it changes the
way the peer behaves or is denied by the peer.
It also enables the sniffer to decrypt a connection where the bond
already exists.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove the depency on host emulation of ECC for the Use debug keys
option.
This allows the application to use debug keys without shifting the
ECC from the controller to the host, which could potentially alter
the behavior of the application and make debugging this way less useful.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Refactor the ECC emulation setting the supported command bits in order
to group the supported commands together with the implementation of
these commands.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix the debug key-set comparison for debug keys comparing the
generated key in big-endian format against the debug private
key in little-endian format.
Fix this by converting the private key to big-endian format for
convenience.
Use the _be suffix for all variables to make the mixing of the
endian formats easier to read.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Follow Bluetooth specification recommendation of setting the output
of the DH_Key field in the LE Generate DHKey Complete event when the
public key is invalid.
If the Remote_P-256_Public_Key parameter of the HCI_LE_Generate_DHKey
command (see Section 7.8.37) was invalid (see [Vol 3] Part H, Section
2.3.5.6.1), then all octets of the DH_Key event parameter should be
set to 0xFF.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix host RX thread being deadlocked. The deadlock occurs because the
RX thread is stuck waiting in conn_tx_alloc with K_FOREVER but if the
connection is disconnected only the RX thread can unblock it in the
handling of the disconnect event.
This commit fixes this deadlock by splitting the processing of the
disconnected event into two parts.
The part needed to unblock the RX is to release resources held by
unack'ed TX packets and mark the connection state as not connected
anymore.
The RX thread waiting for free_tx fifo and the TX thread waiting for
the bt_dev.le.pkts semaphore will both check the connected state after
having acquired them and will abort if disconnected.
The rest of the processing will be handled at normal RX thread
priority like normal.
Move the bt_recv_prio handling to the Bluetooth host when the host
has defined its own RX thread (CONFIG_BT_RECV_IS_RX_THREAD=n).
If the HCI driver has the RX thread (CONFIG_BT_RECV_IS_RX_THREAD=y),
then the responsibility to call bt_recv and bt_recv_prio correctly
falls to the HCI driver.
The helper function bt_hci_evt_is_prio() is replaced with
bt_hci_evt_get_flags() so that the HCI driver can do this correctly.
This decision to replace was made so that existing HCI drivers
maintained out-of-tree will fail at compile time with the new system.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Bluetooth: host: Move bt_recv_prio to host when RX thread is defined
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove logging of individual threads spread out throughout the
bluetooth subsystem. The stacks can be analysed by enabling the
following options.
CONFIG_THREAD_ANALYZER=y
CONFIG_THREAD_ANALYZER_AUTO=y
CONFIG_THREAD_ANALYZER_RUN_UNLOCKED=y
Optional:
CONFIG_THREAD_NAME=y
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The existing stack_analyze APIs had some problems:
1. Not properly namespaced
2. Accepted the stack object as a parameter, yet the stack object
does not contain the necessary information to get the associated
buffer region, the thread object is needed for this
3. Caused a crash on certain platforms that do not allow inspection
of unused stack space for the currently running thread
4. No user mode access
5. Separately passed in thread name
We deprecate these functions and add a new API
k_thread_stack_space_get() which addresses all of these issues.
A helper API log_stack_usage() also added which resembles
STACK_ANALYZE() in functionality.
Fixes: #17852
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The path to include/drivers should not be in the compiler include path
list, only include/. In order to make this possible, always explictly
refer to hci_driver.h via the drivers/bluetooth/ path and not only
bluetooth/.
Fixes#21974.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Made BT_HCI_TX_STACK_SIZE configurable and added BT_HCI_ECC_STACK_SIZE.
These changes are necessary to allow vendors to adjust for other
achitectures.
Signed-off-by: Morten Priess <mtpr@oticon.com>
Introduce a separate buffer pool for events which the HCI driver
considers discardable. Examples of such events could be e.g.
Advertising Reports. The benefit of having such a pool means that the
if there is a heavy inflow of such events it will not cause the
allocation for other critical events to block and may even eliminate
deadlocks in some cases.
Also update all mesh samples not to specify explicit RX buffer counts
anymore. Instead, create appropriate defaults in Kconfig so that we
only need to override this in the app for cases like the bbc:microbit
with limited memory.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This event is a priority one, so it's not safe to have it use the RX
buffer pool which may be depleted due to non-priority events (e.g.
advertising events). Since the event is consumed synchronously it's
safe to have a single-buffer pool for it. Also introduce a new
bt_buf_get_evt() API for HCI drivers to simplify the driver-side code,
this effectively also deprecates bt_buf_get_cmd_complete() which now
has no in-tree HCI driver users anymore.
Fixes#16864
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
move misc/stack.h to debug/stack.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move misc/byteorder.h to sys/byteorder.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move atomic.h to sys/atomic.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Logging subsystem could take few extra bytes when enabled.
ECC thread stack has been unconditionally increased to
support it.
During my test, I noticed a usage of 1052 bytes when logging
subsystem is enabled.
Signed-off-by: Olivier Martin <olivier.martin@proglove.de>
Now that log processing happens in a separate thread, the
BT_STACK_EXTRA macro is not needed (since there's no significant
overhead), and therefore the BT_STACK macros become unnecessary as
well.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Under GNU C, sizeof(void) = 1. This commit merely makes it explicit u8.
Pointer arithmetics over void types is:
* A GNU C extension
* Not supported by Clang
* Illegal across all ISO C standards
See also: https://gcc.gnu.org/onlinedocs/gcc/Pointer-Arith.html
Signed-off-by: Mark Ruvald Pedersen <mped@oticon.com>
The return of memset is never checked. This patch explicitly ignore
the return to avoid MISRA-C violations.
The only directory excluded directory was ext/* since it contains
only imported code.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
The API name space for Bluetooth is bt_* and BT_* so it makes sense to
align the Kconfig name space with this. The additional benefit is that
this also makes the names shorter. It is also in line with what Linux
uses for Bluetooth Kconfig entries.
Some Bluetooth-related Networking Kconfig defines are renamed as well
in order to be consistent, such as NET_L2_BLUETOOTH.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The current 960 is at least too small under qemu_x86:
ecc stack (real size 1024): unused 36 usage 988 / 1024 (96 %)
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This doesn't make much practical difference, however it should resolve
Coverity CIDs 170740 and 170748.
Jira: ZEP-2343
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Since more and more code is going to be reused by both the Host and the
Controller, this commit introduces a common/ folder that will contain
everything that is not tied to one of the two components but shared by
them.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Convert code to use u{8,16,32,64}_t and s{8,16,32,64}_t instead of C99
integer types.
Jira: ZEP-2051
Change-Id: I8f57a17f78e674aca5400f005db8975c9f9e150e
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
For consistency, "chan" and "param" are used wherever "channel" and
"parameters" are the words in the specification.
Change-Id: I778a8501ae6af991618c14cc6e395d765a9ae102
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The main issue is that after the latest update to TinyCrypt the
ecc_make_key() API expects a twice as big random number. Fix this, but
also move the variables to the static context since we're limiting one
HCI command at a time. Also place the variables in a union based on
their temporal dependencies. Thanks to this, we can now further reduce
the ECC stack size by 40 bytes (on ARM this then reports 12 bytes of
unused stack after key-pair generation and DHKey calculation).
Change-Id: I1036e0ca15f7c08063cba9e568d7df99e65c9156
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
HCI drivers are obliged to send HCI Command Status/Complete events
from a separate context than all other data, however the ECC wrapper
was violating this rule (sending everything from the same ECC thread).
This could lead to a deadlock if e.g. the ECC API user decides to
generate a DHKey from the same callback that it got notified of local
key-pair generation.
The obvious solution is to emit the Command Status directly from the
send function, before passing the command to be processed by the ECC
therad (through a k_fifo). However, this is not quite so simple since
bt_buf_get_cmd_complete() reuses the original command buffer, meaning
we'd loose the original parameters after sending a Command Status.
To work around this limitation with bt_buf_get_cmd_complete() we stop
passing the command buffer to the thread and instead store the
parameters in static variables and do the thread communication using
flags and a semaphore. One side effect is that only one command can be
pending at a time, however that works out fine for all of the users of
ECC.
A nice side effect of moving some things to static variables is that
we end up reducing call stack usage in the ECC thread, allowing it to
be shrunk by 180 bytes (verified to be sufficient for both ARM and
x86 boards).
Change-Id: Ic41f0316d3fe4d14b64fd3d0a549b221d168411a
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Declaring these as const lets the linker generate more optimal code.
Some extra care is needed with hci_ecc.c since it was overwriting the
send callback. Now the choice of send() call is done directly in the
bt_send() function
Change-Id: Iac74f5ee9bee097bbb34c11bd13d1d886700f5cc
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Reduce the pressure on the common RX buffer pool by reusing HCI
command buffers also for the Command Status or Command Complete
response to them. This also implies removing the existing Kconfig
variable for the command buffer sizes since the size is also dependent
on maximum Command Complete event sizes. Instead, reuse the RX buffer
size also for HCI Command buffers.
Change-Id: I006b287d64a0c9ca40de741aa9a424a49a927385
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Replace the existing Apache 2.0 boilerplate header with an SPDX tag
throughout the zephyr code tree. This patch was generated via a
script run over the master branch.
Also updated doc/porting/application.rst that had a dependency on
line numbers in a literal include.
Manually updated subsys/logging/sys_log.c that had a malformed
header in the original file. Also cleanup several cases that already
had a SPDX tag and we either got a duplicate or missed updating.
Jira: ZEP-1457
Change-Id: I6131a1d4ee0e58f5b938300c2d2fc77d2e69572c
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
The new IS_ENABLED macro allows exposing conditionally enabled code
always to the compiler, even though it may not ultimately end up being
built. This is in particular useful for letting the compiler catch any
logging format string errors. Introduce a new BT_DBG_ENABLED macro
that c-files need to define before including <bluetooth/log.h> in
order to choose whether BT_DBG() logs are enabled or not.
When no Bluetooth logs are enabled the patch also modifies the log
macros to have the format strings checked with the help of the
__printf_like annotation and empty static inline functions.
Change-Id: Ie6bc8e10727b5b306f3ed0f94089a07a22583d9b
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This reduces stack pressure a little bit, and also paves the way for
introducing an application callback for accepting an incoming
connection parameter update request.
Change-Id: Ib02c14e27cbe34f85d663f36abd0597683ae1dc1
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Since callers of bt_recv() have so far anyway been required to know in
which context to call it (based on e.g. bt_hci_evt_is_prio) it's
cleaner to have two separate APIs: bt_recv and bt_recv_prio.
Change-Id: Icd0d9aed9c51ffd2def31432c4ffcc16a9f13ccd
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Allocate the event buffers after the ECDH operations rather than
before them. This way we don't hold on to the buffer for potentially
multiple seconds while the buffer could be used for other things.
Change-Id: I0fcc34ec4bea2265b7df3c1de3587c2a850c974e
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There's no need to use the type-specific helpers since those anyway
map to the same pool.
Change-Id: I74750f545c989bb921abca58166fe591ed325856
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The private_key parameter to generate_keys is supposed to be 32 bytes
in size, i.e. an array of 8 uint32_t variables.
Change-Id: Ia891fd68bfd8662983b898084e5a8524b7a9b8e2
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Not all users are in an ISR context where we can't block, so give the
callers the freedom to choose if they want to block or not.
Jira: ZEP-1481
Change-Id: I19bd7e2df94c4eeb60886a17a78f872bd7bea887
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There are static initializer macros available for most kernel objects
which we should use whenever possible.
Change-Id: I496f4d05d26801eddd21fae53bdd4fcdc3246fe3
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
subsys/bluetooth/host/hci_ecc.c: At top level:
subsys/bluetooth/host/hci_ecc.c:277:6: warning: no previous prototype
for 'bt_hci_ecc_init' [-Wmissing-prototypes]
void bt_hci_ecc_init(void)
^
CC subsys/bluetooth/host/conn.o
Change-Id: I920d8b6b66c82be932c579461310505c6d402c08
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
