Don't auto-update the device name in the advertising data as that
would clear any other scan-response data set by the application.
Document the behavior of the advertise with device name option
and the need to update data by the application to make sure
advertising data does not get cleared.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix endianness issue in reading CPF descriptor not converting from
native endianess to little-endian on the 'unit' and 'description'
fields.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Use the definitions of UUID values instead of magic constants with
explanation in comment.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove the depency on host emulation of ECC for the Use debug keys
option.
This allows the application to use debug keys without shifting the
ECC from the controller to the host, which could potentially alter
the behavior of the application and make debugging this way less useful.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Refactor the ECC emulation setting the supported command bits in order
to group the supported commands together with the implementation of
these commands.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
It was decided that the Bluetooth audio subsystem should
be in subsys/bluetooth/audio instead of subsys/bluetooth/host/audio.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
A line of code was guarded by CONFIG_BT_L2CAP_TX_FRAG_COUNT instead
of CONFIG_BT_ISO_TX_FRAG_COUNT.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
ISO is a building block for BT_AUDIO but it is not only
useful for AUDIO, and as such should be possible to
enable without enabling BT_AUDIO.
This commit moves iso.c and iso_internal.h to the
host directory (from host/audio) and removes
the CMakeLists.txt.
The /audio directory is left intact for the Kconfig options
it provides, and as a directory for future BLE Audio
content.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
This commit moves the BT_ISO to a common (host and controller)
Kconfig and fixes the ISO buffers in hci_raw.c
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Fail after pairing request and response have been exchanged if the
selected pairing method would not result in the required security level.
This avoids the case where we would discover this after having encrypted
the connection and disconnect instead.
This was partially attempted but lacked checking for authentication
requirement when L3 was required, as well as skipping the check if L4
was required but remote did not support Secure Connections since the
check was after we had taken the legacy branch.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Set the error in the security changed callback when the encryption has
not reached the required security level.
Terminate the pairing procedure in SMP on failure to avoid the security
changed callback being called twice in this case.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Terminate the pairing procedure when disconnected while this was in
progress. This notifies the application that security has failed and
removes the key entry.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Set the SMP flag encryption pending in the case where a bond exists
with ediv and rand equal to zero, i.e LE Secure Connections bond.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When receiving unexpected SMP PDUs with no pairing procedures in
progress don't treat it as a pairing procedure that has failed.
This causes unexpected SMP PDUs to trigger the pairing failed and
security changed callback at unexpected times.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename auth_err_get to security_err_get which better reflect the
error namespace it converts to. Also update to using the enum definition
instead of uint8_t for local variable holding returned value.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
when BT_PASSKEY_INVALID was set, it never updated the fixed
passkey which made its use ineffective
Signed-off-by: Faisal Saleem <faisal.saleem@setec.com.au>
The ATT request buffers are held until the ATT response has been
received. This means that the ATT request buffers are released by the
RX thread, instead of the from the RX priority context of
num_complete.
This can cause a deadlock in the RX thread when we allocate buffers
and all the available buffers are ATT requests, since the RX thread is
the only thread that can release buffers.
Release the ATT request buffers once they have been sent and instead
handle ATT request resending by reconstructing the buffer from the
GATT parameters.
Also re-order the order of resource allocation by allocating the
request context before the buffer. This ensures that we cannot
allocate more buffers for ATT requests than there are ATT requests.
Fixed a buf reference leak that could occur when the ATT request buffer
has been allocated, but GATT returns an error before handing the
responsebility of the buffer to ATT, for example when bt_att_req_alloc
fails.
This is fixed by moving the functionality of att_req_destroy to
bt_att_req_free.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove the ATT request destroy callback which is never assigned
by any of the ATT requests.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix indicate without func not working properly, when sent as a
non-req by GATT this has two propblems:
- The indicate would not be treated as a transaction, and back
to back indicate would be sent without waiting for the confirm
- The destroy callback would not be called on the indicate parameters
since the indicate_rsp callback would not be called.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
ATT channels do support queueing buffer so it no longer need to block
waiting the tx_sem besides the buffer allocation already serves the
same purpose as the application will not be able to have more requests
than there are buffers available.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Allow to request a higher security level during the key distribution
phase.
This is required by ATT and L2CAP since they only react to the encrypt
change event where they resend the current request.
The current request might require a higher security level still and
might have to request a higher security level before the pairing
procedure has been finished.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When ATT resends an ATT request it is sent as a "response" instead of
as a request. This causes the ATT request buffer to be released and
the ATT request cannot be resent one more time.
This causes a problem when the ATT request requires authentication
but the elevation of security is not enforcing MITM protection.
In this case the ATT will first require security level 2 and then resend
the request once this has been reached.
This will lead to a new ATT error response and ATT will require security
level L3.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix the update keys check allowing to overwrite the keys when using
debug keys. Instead the check disallowed overwriting keys made using
debug keys.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reduces some user confusion regarding whether it is related
to "Connection ID", "Channel ID", or "Company ID" for the
uninitiated.
Signed-off-by: Emil Hammarstrom <emil.hammarstrom@assaabloy.com>
Mark the option BT_FIXED_PASSKEY as an insecure option.
During Legacy pairing the passkey is used as encryption key, and
brute-forcing this is easy.
During LE Secure Connections the passkey is checked one bit at a time,
so when it is fixed the passkey can be deduced with series of pairing
attempts.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The Bluetooth SMP protocol depends on the BT_ECC for the LE Secure
Connections pairing. Since this feature cannot be disabled we must
select this dependency.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix fixed passkey for legacy pairing. The pairing procedure fails
because the temporary key (TK) has not been set for this pairing
procedure.
Fix this by always requesting the legacy TK.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Prevent the bt_rand function from being called before bt_enable.
Depending on the implementation of bt_rand this function cannot
be called before bluetooth has been initialized. With host supplied
crypto functions the HCI LE rand command is used for example.
The use case for calling bt_id_create before bt_enable is meant for
when the application has storage for the identity instead of the stack.
So we add the requirement that the application has to have storage
for the identity resolving key (IRK) in addition when the local
device is privacy-enabled.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove the deprecated bt_conn_create_slave_le function.
This was deprecated in the 2.3.0 release.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The net_buf was never unref'ed when the host received an
ISO package that was a SINGLE.
Also adds a few additional debug messages.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Remove ATT modifying the L2CAP channel state by unassigning the
the connection pointer on timeout.
Unassigning this pointer does not prevent the ATT channel from receiving
since bt_l2cap_recv does not inspect this pointer before calling the
channel receive function.
This prevented the disconnected callback from being called on the
channel after the channel had timed out, but since the disconnected
callback now handles this case this workaroun is no longer needed.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Handle ATT timeout on disconnected ATT channel.
When the ATT channel is disconnected with a pending request the ATT
timeout is canceled and the response processed with an error code.
However canceling of delayed work is not guaranted to succeed, e.g:
"Work queue thread has removed the work item from the queue but has not
called its handler"
This could lead to timeout handler being invoked after the disconnected
handler.
Fixes: #29098
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix size of L2CAP disconnect request buffer pool which did not include
the size of the L2CAP signal header.
Regression from: 3346aa4d39
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add public function to set Constant Tone Extension transmission
enabled or disabled for periodic advertising.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Enable CTE HCI command requires update of a state of its
execution after receive command completion response from
controller. Host has already implemented such functionality
but it was used only internally by hci_core.
This commit changes it to be accessible from other sourece files
in host.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Fix compilation error caused by missing header files.
Reorganized order of header files include.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
This is a pairing function with bt_le_scan_cb_register()
to used for remove the scanner callback from callback list.
Signed-off-by: chao an <anchao@xiaomi.com>
Fix crash in ATT when the response for a request is received after
the ATT timeout has fired and the ATT channel has been detached.
Add similar handling for all ATT channel operations.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add publicly accessible function to set Constant Tone Extension
parameters for CTE transmission with periodic advertising.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Add implementation of a wrapper for HCI_LE_Set_-
Connectionless_CTE_Transmit_Parameters send command.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Add Direction Finding to host initialization sequence.
It allows to get information about Direction finding
optional CTE settings supported by controller.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
When using BT_GATT_AUTO_DISCOVER_CCC if the ccc_handle is not set
bt_gatt_subscribe would initiate a discovery to locate the CCC handle
but instead of awaiting it to complete the code does proceed to call
gatt_write_ccc even with ccc_handle being 0x0000 which is invalid.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Adds an assert on the "old" ref counter when doing unref, that
checks if there indeed is a reference to unref. This prevents
any underflows of the ref counter.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Align bt_le_per_adv_sync_get_index, bt_conn_index and
bt_le_ext_adv_get_index in use of uintptr_t.
This fixes an issue where the cast to uint8_t happened before the
assert for a valid index, which could lead to invalid pointers passing
this assert.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Improve logging of pairing procedure when it fails with error code
unspecified. Since this is returned in many places debugging this
failure is not easy without adding additional debugging.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix parallel pairing procedures using LE SC requiring the DHKey
calculation at the same time. This would otherwise end all other
pairing procedures with the SMP error code "unspecified" since
the call to bt_gen_dh_key would fail.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Set the allowed command bitmask before sending the SMP packet. This
avoids a race-condition in case the sending of the PDU made the
current thread not ready and would not be scheduled back in time
to set the bit before receiving the next SMP packet.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Improve multiple DHKey handling by allowing the next DHKey calculation
to be started in the dhkey ready callback.
Return error code EALREADY if the provided callback is the current
callback generating the DHKey.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Return the error code from the disconnect command to the application
when an invalid disconnect reason has been provided.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Do not abort pairing when peer sends a SMP command with an opcode
reserved for future use, as per spec.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
Add a dummy SMP command handler for keypress notification, that does
nothing (yet). This allows the next commit to work properly.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
Added a new Bluetooth API that can be used to read the current and
maximum transmit power level of the radio. The reading operation is
performed over HCI.
Signed-off-by: Kamil Piszczek <Kamil.Piszczek@nordicsemi.no>
Previously, if the peer address was not set, the host would
do undirected advertising even if the application applied
options only applicable to directed advertising.
Adding this additional parameter validation reduces the confusion
of application developers when they have configured something wrong.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
Change type of advertising set handle to 8 bit to comply with
Bluetooth Core spec. type.
Fixes wrong usage of adv. set handle variable in function
bt_le_per_adv_set_param.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Remove irq_lock around connection lookup, this is no longer needed
now that the lookup functions always have a valid reference.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Make the connection lookup functions thread-safe by re-using the
bt_conn_ref returning NULL mechanism and keeping a valid reference.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Make bt_conn_ref return NULL if the reference count has reached zero.
This makes it possible to re-use bt_conn_ref internally to re-use the
reference count mechanism to check if the reference is in use.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add defines and structs for reading information about supported codes,
codec capabilities and controller delays. Return parameter structs for
commands that return multiple variable-length fields only model the
fixed-length fields to minimize inconsistencies.
Signed-off-by: Wolfgang Puffitsch <wopu@demant.com>
Fix missing initialization of periodic interval value in
advertising report info structure.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Clarify that the acl_data struct includes the bt_buf type as the
first variable in the user data struct.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Refactor out implementation of functions defined in buf.h to its own
source file buf.c
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add partial implementation for handling Bluetooth 5.1 Direction
Finding HCI command HCI_LE_Read_Antenna_Information to controller
Upper Link layer.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Add Bluetooth 5.1 Direction Finding HCI command:
HCI_LE_Read_Antenna_Information handling to Host.
Add wrapper function to handle send the command
and receive response from Controller.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Periodic Advertising Set Info Transfer depends on Extended
Advertising and connections hence enclose the LE Periodic
Advertising Set Info Sync Transfer implementation inside
CONFIG_BT_PER_ADV and CONFIG_BT_CONN conditional
compilation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Periodic Advertising Sync Transfer depends on connections
hence enclose the LE Periodic Advertising Sync Transfer
Received Event code inside CONFIG_BT_CONN conditional
compilation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix the debug key-set comparison for debug keys comparing the
generated key in big-endian format against the debug private
key in little-endian format.
Fix this by converting the private key to big-endian format for
convenience.
Use the _be suffix for all variables to make the mixing of the
endian formats easier to read.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Adds support for using the periodic advertiser list.
This list allows the application to rely on specific
devices when creating periodic advertising syncs.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Adds support for the periodic advertising sync transfer
(PAST) feature, which allows a synced device, or an
advertiser, to transfer synchronization of a periodic
advertising train to a connected device.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Change the advertising option that controls if the directed advertiser
will use an RPA or the identity address of the peer for the initiator
address.
This option currently has two issues:
- It behaves differently if the privacy feature has been enabled,
which can be confusing for application to use.
- It cannot start a directed advertiser towards a peer that is not
privacy-enabled and has distributed an IRK.
This commit includes the following changes:
- When privacy has been enabled in order to advertise towards a
privacy-enabled peer the BT_LE_ADV_OPT_DIR_ADDR_RPA option must now
be set (same as when privacy has been disabled).
- It is now possible to start a directed advertiser using the identity
address of the peer when privacy-enabled.
- When privacy has been enabled the advertising option combination
of using the local identity address and an RPA as the initiator
address is now disallowed and will return an error code.
This is done because this combination did not actually work and would
have used the identity address of the peer instead.
- If the controller does not support controller-based privacy then
using the option BT_LE_ADV_OPT_DIR_ADDR_RPA will return ENOTSUP
because this behavior cannot be done with host-based privacy.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Adds a `destroy` callback to the `struct bt_gatt_indicate_params` which
is used to signify to the application that the indication operation has
completed and the struct instance can be freed/destroyed.
This is required as the number of indication value callbacks that will
be triggered is not known by the caller when the `conn` parameter is
`NULL`.
Tracking when this callback should be run is mananged by a private
reference counter inside the struct.
Signed-off-by: Jordan Yates <jordan.yates@data61.csiro.au>
Update the signature of the `bt_gatt_indicate_func_t` callback type by
replacing the attr pointer with a pointer to the
`bt_gatt_indicate_params` struct that was used to start the indication.
This allows the callback to free the `bt_gatt_indicate_params` instance
if it was allocated from storage, while still allowing the
`bt_gatt_attr` value to be accessed through `params->attr`.
Allocating the `bt_gatt_indicate_params` instance from storage is
desirable as multiple indications can be queued, however each instance
must be valid until the callback is run.
Implements API update from #29357
Signed-off-by: Jordan Yates <jordan.yates@data61.csiro.au>
Allow application to enable L2CAP dynamic channels without support
for Enhanced Credit Based Flow Control (CBFC).
Since these are separate features in the qualification it should
be possible to qualify L2CAP connection oriented channels without
also having to qualify L2CAP enhanced credit based flow control.
The L2CAP/LE/REJ/BI-02-C conformance test will fail when enhanced CBFC
has not been selected in the ICS.
The lower tester expects that since the Enhanced CBFC is not supported,
the command L2CAP_CREDIT_BASED_CONNECTION_REQ should be met with an
L2CAP_COMMAND_REJECT_RSP and not an L2CAP_CREDIT_BASED_CONNECTION_RSP.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The sync established event caused by a cancel by the host
was not properly handled. When cancelling the sync established
event is created, and the sync object should not be deleted
before that event is received.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
If chan->conn is already NULL do not call bt_conn_unref as that will
likely cause a crash, also this make sure that if channel has been
disconnected using bt_iso_chan_disconnect it removes the channel from
connection list before setting the chan->conn to NULL.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Document and validate advertising parameters for the disallowed
advertising mode high duty cycle directed connectable advertising
using extended advertising PDUs.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix issue where the encrypt change has an error code, but the
encrypt change request was unrelated to the current ATT request.
This lead to the current ATT transaction being interpreted as finished
an the ATT client would proceed with the next ATT request, which would
fail since the ATT client is now violating the ATT single transaction
rule.
Updated similar if statement checking for the opposite to improve
readability.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix application conn param update submitted before the timeout of
CONFIG_BT_CONN_PARAM_UPDATE has expired being ignored when
CONFIG_BT_GAP_AUTO_UPDATE_CONN_PARAMS=n.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename the update_work handler to deferred_work since this handler
is being multiplexed for different kinds of deferred work, not just
updating the connection parameters.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Move auto-initiation of the peripheral connection parameter update,
this handling would only submit the delayed work with the timeout once
all other auto initiated procedures had completed. This behavior means
that the delay would not be set on when the connection was established
but instead relative to the previous procedures.
Based on the connection interval used, the instant(s) used, and the
number of auto procedures this delay becomes indeterminate.
Submit the work once connected, the constraint that existed in the
zephyr link layer earlier about requesting only one control procedure
at a time has been removed.
This also brings all the handling of the timeout work to the connection
state handling, which makes it easier to track this behavior in code.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Document the behavior of the bt_conn_le_conn_update API when the
local device is the peripheral role.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Introduce a support kconfig for controller ECDH command support.
Default to host ECDH emulation in combined host controller build
where the controller does not support these commands.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This prevents any work to be submitted until the stack is initialized
thus avoiding pointless hash generation, etc, while initializing the
system.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Adds support for enabling/disabling PA sync receive,
which allows applications to control when to receive data
while a sync is established.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
If an ACL connection is disconnected while there is an ISO connection
associated with it the ACL connection will not be cleanup properly as
the code attempt to cleanup the ISO connection and breaks without
proceeding to cleanup the ACL as well.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
The callbacks has been moved from being local to each
bt_le_per_adv_sync object, to being global. The
removal of the pointer in bt_le_per_adv_sync was
missing from that update.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
This commit makes sure the string generated by bt_uuid_to_str is correct
if the architecture is big-endian.
Signed-off-by: François Delawarde <fnde@demant.com>
Remove the range on the setting the bluetooth BT_RX_STACK_SIZE.
This range prevents setting the RX stack size lower than 1024,
which depending on the application is too high.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
