Fix option USE_IDENTITY for bt_le_ext_adv_* API.
The random static identity address that was set in bt_le_ext_adv_create
was overwritten in bt_le_ext_adv_start in the call to
le_adv_set_private_addr.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
enable CONFIG_BT_SMP_OOB_LEGACY_PAIR_ONLY:
In function `bt_le_oob_get_local':
subsys/bluetooth/host/hci_core.c:8878:
undefined reference to `bt_smp_le_oob_generate_sc_data'
Signed-off-by: chao an <anchao@xiaomi.com>
The PA sync is now "deleted" (i.e. flags reset) before
the terminated callback is called, so that is
possible to create PA sync in the callback. One flag
was already cleared before for this reason, but one
other flag is also required, so we just clear
everything now.
Signed-off-by: Emil Gydesen <emil_gydesen@bose.com>
Removed the check for explicit scanning, such that
an application may create a PA sync while explicitely
scanning.
Signed-off-by: Emil Gydesen <emil_gydesen@bose.com>
If `CONFIG_BT_CENTRAL` was enabled and the device was not scanning
or connected, then `bt_le_per_adv_sync_create` would not start
scanning for periodic advertisers.
Signed-off-by: Emil Gydesen <emil_gydesen@bose.com>
Mark the ram version of the ccc_cfg as free after ccc has been
stored when a bonded device disconnects.
If the device use lazy loading of settings then ccc_cfg was not
cleaned up properly when a bonded device disconnects. This
resulted in the ccc system ran out of ccc_cfg resources after
having disconnected CONFIG_BT_MAX_CONN times.
Signed-off-by: Kim Sekkelund <ksek@oticon.com>
Step1: Move bt_gatt_disconnected() to avoid forward declarations which
otherwise would be needed by a fix to lazy loading cleanup on
disconnect in step 2.
Signed-off-by: Kim Sekkelund <ksek@oticon.com>
Since bt_l2cap_send_cb can fail returning its error is not enough as
the buffer has been modified to add the headers, so this save the state
before calling bt_conn_send_cb and takes a reference so it can be
restored its original state in case of error.
Fixes#27434
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
-Wimplicit-fallthrough=2 requires a fallthrough comment or a compiler
to tells gcc that this happens intentionally.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Elevate connections always to security mode 1 level 4 when
Secure Connections Only Mode has been enabled in the Security Manager.
Elevate connections always to security mode 1 level 3 when
Legacy pairing with OOB only has been enabled in the Security Manager.
Fixes: #27338
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
If CONFIG_BT_EXT_ADV was enabled but
CONFIG_BT_EXT_ADV_LEGACY_SUPPORT was disabled and
CONFIG_NO_OPTIMIZATIONS was enabled, then there was a
maybe-initialized warning. Fixed by adding additional
checks.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Move call to reset_pairing to bt_conn_security_changed, since this
should always be done at the same time, and should be done in the same
order for all calls. For auth_complete this was reset after the
callbacks, which is inconsistent with the other events.
Also call it even if not connected anymore, the disconnection complete
event will be delivered after this event. Callback should alway be
called if security was initiated.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Added support for syncing to periodic advetisements.
The API and usage is heavily inspired by the extended advertisement
and connection APIs.
Signed-off-by: Emil Gydesen <emil_gydesen@bose.com>
Added the ext adv report interval to bt_le_scan_recv_info which
denotes whether or not there is periodic advertisement data
associated with the advertisement report.
Signed-off-by: Emil Gydesen <emil_gydesen@bose.com>
Added API to set periodic adv parameters, periodic adv data
and to enable/disable periodic advertisement.
Signed-off-by: Emil Gydesen <emil_gydesen@bose.com>
It does not auto-initiate the DLE procedure if the default data length
parameters are not equal to the initial parameters.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
Some controllers do not follow the recommendation of auto-initiating
a data length update if the host writes default data length parameters.
If the controller follows this recommendation, calling
LE Write Suggested Default Data Length command is sufficient
to ensure that the LL will auto-initiate the DLE procedure. Performing
a second procedure is unecessary.
In Core v5.2, Vol 4, Part E, Section 7.8.35:
The HCI_LE_Write_Suggested_Default_Data_Length command allows the
Host to specify its suggested values for the Controller's maximum
transmission number of payload octets and maximum packet
transmission time for packets containing LL Data PDUs to be used
for new connections. The Controller may use smaller or larger values
for connInitialMaxTxOctets and connInitialMaxTxTime based on local
information.
In short, this command sets connInitialMaxTxOctets
and connInitialMaxTxTime.
In Core v5.2, Vol 6, Part B, Section 4.5.10:
For a new connection: connMaxTxOctets shall be set to
connInitialMaxTxOctets and connMaxRxOctets shall be chosen by the
Controller. If either value is not 27 then the Controller should
initiate the Data Length Update Procedure at the earliest practical
opportunity.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
Fix issue with bt_gatt_service_unregister not clearing CCC information.
If the service is unregistered while an unbonded peer is connected and
subscribed then this CCC would be restored again when registering the
service even if the peer is now disconnected.
If the service is unregistered with bonded peers CCCs stored in settings
then this value would never be cleared. If the service is registered
again then the peer would receive a service changed for this service,
but it's CCC value would still be enabled.
Fixes: #26924
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Extract enqueue of GATT CCC when CONFIG_BT_SETTINGS_CCC_STORE_ON_WRITE
is enabled to a helper function gatt_ccc_conn_enqueue so that it can be
reused.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Move the clear_ccc_cfg function further up to be re-used without a
forward declaration in bt_gatt_service_unregister.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Notify L2CAP when pairing procedure fails during SMP pairing
process. L2CAP needs to be notified so that it can cancel
ongoing connection-oriented channel requests.
Rename bt_l2cap_encrypt_change to bt_l2cap_security_changed and
call it from bt_conn_security_changed always, so that L2CAP
is informed when changing security fails.
This also fixes security_changed conn callback not called when
auth_complete returns an error.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Avoid warning in att_handle_rsp, only call this when there is a
pending ATT request. This avoids a warning happens when elevating
security fails but higher security had not been requested by an
ATT request.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
squash! Bluetooth: ATT: Remove warning when no ATT process pending
Elevate the security level before sending the connection request if
the application has set a required security level on the channel.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Elevate the security level of the connection when the l2cap channel
connect request is denied with encryption or authentication error
code.
The l2cap channel required_sec_level was used, but this is not
correct as this is set by the user of the API. This resulted in
the call to bt_conn_set_security seeing that the current security
level was already set, decide there is nothing to be done and return
success.
Fixes: #27220
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Use safe for-each loop in bt_l2cap_encrypt_change since dynamic
channels with pending connection-oriented channel requests will
be canceled and removed from the list if the encryption change
failed.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove dependency on CONFIG_BT_ACL_FLOW_CONTROL and use
CONFIG_BT_L2CAP_RX_MTU always to set L2CAP RX MTU.
The ATT MTU is set from two different KConfig options depending
on if CONFIG_BT_ACL_FLOW_CONTROL is enabled, which makes it
a confusing option and hard to provide a conf file that
supports multiple board configurations.
This changes the behavior when CONFIG_BT_ACL_FLOW_CONTROL and
CONFIG_BT_BUF_RX_LEN was used to set the L2CAP RX MTU, and by
extension the ATT MTU.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
EATT channels use bt_l2cap_chan_send which does return the number of
bytes sent on success not 0 as bt_l2cap_send.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Reject the security request immediately when receiving a security
request that does not support LE Secury Connections pairing.
This would have been rejected during the pairing procedure, but
PTS testing expects the security request to be rejected.
Ref: GAP/SEC/SEM/BV-29-C
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When using CONFIG_BT_CONN_DISABLE_SECURITY bt_gatt_check_perm would
ignore not only the security sensitive permissions but also access
related ones causing crashes since the callback would be NULL.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Move implementation of hci_driver.h exposed functions to a common file.
The functions exposed by hci_driver.h header file is implemented in
either hci_core.c, or hci_raw.c. But since these functions would be
identical for both implementations have them in a new file that is
included for both.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This adds CONFIG_BT_CONN_DISABLE_SECURITY which can be used to disable
security checks for incoming requests enabling to test accessing GATT
attributes and L2CAP channels that would otherwise require
encryption/authentication in order to be accessed.
It depends on BT_TESTING to indicate to the users that this is a
testing feature which shall not be used in production.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
It should be possible to identify whether advertising set uses legacy
or extended advertising to avoid performing operations that are not
supported on either of them.
For example, scannable advertising can have advertising data set only
if legacy PDUs are used.
Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@codecoup.pl>
Fix a crash in the persistent advertising handling.
This occurs because the callstack of the RX thread overflowed
due to an infinite recursion between bt_conn_unref and
bt_le_adv_resume.
This happens when starting a new advertiser is denied by the
controller, then the conn object reserved will be released again
and the host will attempt to resume advertising in the bt_conn_unerf
at the end of bt_le_adv_resume.
This situation can happen if the host supports more connections
than the controller.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Follow Bluetooth specification recommendation of setting the output
of the DH_Key field in the LE Generate DHKey Complete event when the
public key is invalid.
If the Remote_P-256_Public_Key parameter of the HCI_LE_Generate_DHKey
command (see Section 7.8.37) was invalid (see [Vol 3] Part H, Section
2.3.5.6.1), then all octets of the DH_Key event parameter should be
set to 0xFF.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Added a feature that allows an application to request
automatic discovery of the CCCD handle when subscriping
to a characteristic. In order to preserver RAM, the application
is expected to provide the discovery parameters, and it's up
to the application whether or not it wants to reuse the
discovery parameters or use one for each characteristic.
Signed-off-by: Emil Gydesen <emil_gydesen@bose.com>
Change fixes storing subscriptions in settings. CCC write can interrupt
the ccc_delayed_store. Without the change, new CCC was not stored in
non-volatile memory and the work that stored CCC was not resubmitted.
That resulted in lost subscription after reboot.
Fixes: #26862
Signed-off-by: Marek Pieta <Marek.Pieta@nordicsemi.no>
Add bond_deleted callback so that the application can keep track
of when bond information is deleted in the stack.
Bond information can be deleted by the application through bt_unpair
or automatically by the stack in some cases, e.g when
CONFIG_BT_KEYS_OVERWRITE_OLDEST is enabled and the oldest bond
is overwritten.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Allow calling bt_le_adv_start with no connection object available
when not the option BT_LE_ADV_OPT_ONE_TIME has been set. In this
case the advertiser will be restarted once there is a connectable
advertiser object available.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When CONFIG_BT_GATT_NOTIFY_MULTIPLE is selected and the remote has
enabled support for using its procedure data can sometimes not fit
into the buffer since the multiple variant has a bigger header, so
instead of failing immediatelly this attempts to send the data using
the legacy PDU instead so those using bt_gatt_get_mtu - 3 can still be
sent.
Fixes#26106
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Turn the GATT notify multiple feature off as default value.
This feature changes the behavior of the bt_gatt_notify API in a way
that might not be backwards-compatible.
This is because the notify multiple header is larger, and therefore
limits the amount of bytes that could otherwise have been sent in a
normal notify PDU for a given ATT MTU.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix use of conn_handle in LE Advertising Set Terminated event not
converting from serial Little Endian to native CPU endianness.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Use an unspecified reason when disconnecting a connection that did not
have a pending connection in the host.
We don't allocate connection objects in the connection complete anymore
so using memory-capacity-exceeded is misleading.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This patch fixes an issue with the advertiser not resuming connectable
advertiser if the last bt_conn_unref happens from something other
than the disconnected callback.
In this case this last bt_conn_unref was from gatt.c notify_cb called
from application main thread.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix host RX thread being deadlocked. The deadlock occurs because the
RX thread is stuck waiting in conn_tx_alloc with K_FOREVER but if the
connection is disconnected only the RX thread can unblock it in the
handling of the disconnect event.
This commit fixes this deadlock by splitting the processing of the
disconnected event into two parts.
The part needed to unblock the RX is to release resources held by
unack'ed TX packets and mark the connection state as not connected
anymore.
The RX thread waiting for free_tx fifo and the TX thread waiting for
the bt_dev.le.pkts semaphore will both check the connected state after
having acquired them and will abort if disconnected.
The rest of the processing will be handled at normal RX thread
priority like normal.
Move the bt_recv_prio handling to the Bluetooth host when the host
has defined its own RX thread (CONFIG_BT_RECV_IS_RX_THREAD=n).
If the HCI driver has the RX thread (CONFIG_BT_RECV_IS_RX_THREAD=y),
then the responsibility to call bt_recv and bt_recv_prio correctly
falls to the HCI driver.
The helper function bt_hci_evt_is_prio() is replaced with
bt_hci_evt_get_flags() so that the HCI driver can do this correctly.
This decision to replace was made so that existing HCI drivers
maintained out-of-tree will fail at compile time with the new system.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Bluetooth: host: Move bt_recv_prio to host when RX thread is defined
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Save link key to settings_subsys, no need to re-pair after restart.
Overwrite old pairing records with aging counts.
Signed-off-by: ZhongYao Luo <LuoZhongYao@gmail.com>
Fix the advertise object not release when a high-duty cycle directed
advertiser timeout happens. If the extended advertising feature has been
enabled in the host, but not supported by the controller then the
advertising object must be released in the connection complete event
since there will not be a advertising set terminated event.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add options for phy update procedure. User can now set no preference
option for a particular PHY as well as preference for LE Coded PHY
coding scheme.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
These functions don't work with buffers that do have fragments, instead
this replaces their usage with net_buf_{put,get}.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
ATT_PENDING_SENT does severely impact the throughput since multiple
packets no longer can be scheduled at same time, so instead of always
setting it regardless of the bearer/channel it is now only used for
EATT since that cannot set its own callbacks.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
bt_l2cap_send_cb may fail if there are no context available which means
that the request would not be sent, also due to the use of custom
callback it cannot be queued either so the only option is to return the
error and let the application handle it.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Since the TX semaphore is used for all types of PDUs a request may have
to be put on the request list while there is no pending request pending
which means no response will be generated to trigger att_process,
previously this condition was handled by setting the request as
currently pending and append its buffer to tx_queue but this is no
longer efficient since there could be more than one channel active the
code should try all of them before queueing back to request list.
To fix this the request list will now be processed each time a PDU has
been sent.
Fixes#26070
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
ATT channel sent callback shall not be overwritting until the
operation completes as it can result in breaking flow control when
CONFIG_BT_ATT_ENFORCE_FLOW is enabled.
Fixes#25964Fixes#26071
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Add warning about enabling the options below so that users are
aware that this is a security risk.
- CONFIG_BT_DEBUG_SMP
- CONFIG_BT_DEBUG_KEYS
- CONFIG_BT_OOB_DATA_FIXED
- CONFIG_BT_USE_DEBUG_KEYS
- CONFIG_BT_STORE_DEBUG_KEYS
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The bt_l2cap_le_conn_rsp struct in l2cap_internal.h has not been
declared __packed. This can cause alignment problems on some
platforms if the struct is placed on an unaligned address.
A __packed declaration solves this issue by forcing the compiler to
use store instructions that do not required alignment.
Signed-off-by: Jim Luther <jilu@oticon.com>
Some Kconfig defined devices may be defined using dt_chosen_label
function. Since there is no way to ensure a device enabled in dts
is also defined in Kconfig, it may happen that instance is not
actually defined.
In this case device_get_binding might return 0, leading to undefined
behavior in the function that calls it.
When not already done, systematically check return of function
device_get_binding on devices defined through dt_chosen_label macro.
Trigger ASSERT when required and return error when possible.
Fixes#20068
Signed-off-by: Erwan Gouriou <erwan.gouriou@linaro.org>
This commits fixes the loading of bt/cf settings into memory. Only data
was loaded and not the address.
Signed-off-by: François Delawarde <fnde@demant.com>
build breakage if SMP is disabled
In function `bt_unpair':
bluetooth/host/hci_core.c:2640: undefined reference to `bt_foreach_bond'
Signed-off-by: chao an <anchao@xiaomi.com>
If LE Read PHY fails the code was still trying to parse the buffer as a
valid response.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fix extended advertiser not using correct set random address command
to set private (NRPA) address when privacy feature has been disabled.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix Service Changed configuration stored in flash not deleted in flash
when calling bt_gatt_clear from bt_unpair.
When clearing the check for "is bonded" should not be made. If the
bond information is already removed this check will fail.
When clearing the check for "modified" should not be made, clearing
is in itself a modification, and should always be made.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix CCC cfg not cleared when overwriting oldest bond. Calling
bt_unpair with a pointer to the key will result in the key addr being
memset to zero and bt_gatt_clear is called with an zero-set address.
This happens because unpair (hci_core.c) calls bt_keys_clear before
calling bt_gatt_clear.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
get_phy is referenced by BT_EXT_ADV only when BT_OBSERVER is also
selected. Avoid defined-but-not-used warnings in that situation.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
When using extended advertising the connection can be established on
different PHY. In order to have an updated value of the current PHY
we need to read the PHY of the connection in the connection complete
event.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add application control of initiating phy change procedure and it's
parameters.
The reasons for allowing the application control over the PHY:
- Allow changing to Coded PHY.
- Application may change PHY to react to changes in environment
to balance throughput and range.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add application control of initiating data length procedure and it's
parameters.
The reasons for allowing the application control over the data length:
- Bandwidth control adjusted based on number of active connections.
- Changing data length before switching to coded phy.
- Applying workarounds for interoperability problems.
- Controlling order of ATT MTU and data length procedures.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add Kconfig option so that the application can disable automatic
initiation of the data length procedure. This is symmetric with the
PHY auto initiation kconfig option.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Refactor setting the maximum data length parameters supported on in
auto data length procedure. This makes setting the data length of the
connection a re-usable function.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The numbers should have been the sum of HCI commands count and ACL TX
buffers but instead the buffer size was used which makes the pool holds
substatially more buffer than necessary.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Implement the BT_LE_ADV_OPT_USE_NAME when using bt_le_ext_adv_* APIs
to start the advertiser.
When starting an extended connectable advertiser the name must be
included in the advertising data, since scan response data is
not allowed in this configuration.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove setting state flags in bt_le_adv_start_ext since they are set
by le_ext_adv_param_set, except for BT_ADV_PERSIST flag.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Only persist advertising when the bt_le_adv_start API is used to start
the advertiser. For multiple advertising set a connectable advertiser
can only be started if there is a connection object available for the
advertiser. Leave the decision on which advertising set should be
advertising up to the application instead of suspending advertising
when no connection object is available.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove the BT_LE_CONN_OPT_2M option and update documentation.
This was a misunderstand about the init PHY HCI parameter.
The init PHY in the extended connection create command does not
determine which PHYs are accepted as the initial PHY of the
connection. This is instead determined by the secondary PHY of the
extended advertiser.
The init PHY parameter only specifies which conn parameters are
provided, and since we only provide one conn parameter this option
has no effect.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The last parameter to hci_cmd_done() is expected to be a valid net_buf
since the function immediately tries to dereference it. Fix this by
passing the appropriate buffer reference to the function.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This adds a new flag to track if the L2CAP channel is pending waiting
for encryption to be changed to resume connecting.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds support for ATT_MULTIPLE_HANDLE_VALUE_NTF,
ATT_READ_MULTIPLE_VARIABLE_REQ and ATT_READ_MULTIPLE_VARIABLE_RSP.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds support for EATT bearer which was introduced in 5.2, they work
as extra channels to have GATT traffic, at the moment it is completely
transparent to application when they are in use since the allocation
happens automatically.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds the definitions for Enhanced ATT along with new PDUs and UUIDs
introduced in 5.2.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds a callback to indicate when the stack has released all
references to a given channel so the owner free up any resources
associated with that.
This is requires since EATT channels cannot rely on the destroy callback
as it does not use a fixed channel like ATT.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This leaves only channels on the dynamic range to be offloaded to the
system queue so ATT and EATT handling are handling in the same context.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds the initial implementation of ECRED mode which can connect up
to 5 channels simultaneously and is required by EATT.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This introduces new Enhanced Credit Based Flow Control PDUs and related
definitions which were introduced in 5.2.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Convert bluetooth host to using k_timeout_struct for the timeout values.
This is mostly replacing s32_t with k_timeout_t.
In l2cap the handling of no timeout in send channel request was removed
since the timeout is both documented as minimum of 1 second and never
given any no timeout value.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove logging of individual threads spread out throughout the
bluetooth subsystem. The stacks can be analysed by enabling the
following options.
CONFIG_THREAD_ANALYZER=y
CONFIG_THREAD_ANALYZER_AUTO=y
CONFIG_THREAD_ANALYZER_RUN_UNLOCKED=y
Optional:
CONFIG_THREAD_NAME=y
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Include the RPA addresses in the enhanced connection complete debug
log. This makes it easier to debug privacy failures.
Use a new debug statement so that the debug print will work correctly
when log_strdup does not copy the string.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix compilation issue for extended advertising beacon. Adv pool was
mistakenly put under BT_OBSERVER define.
Both observer and broadcaster use the bt_lookup_id_addr. SMP cannot
be enabled without connections, so for broadcaster and observer there
will not be a lookup.
Fix compilation warning for extended scanner-only build.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
According to the BT Core spec. The local RPA field in the enhanced
connection complete event should be set if the own-address type was
set to 0x02/0x03 and the controller generated an RPA using a non-zero
IRK, otherwise the controller should return all zeroes.
In the case where we generate the RPA in the host instead we need to
handle set the on-air RPA address based on the random address set by
the host.
If this is not handled then pairing will fail because the on-air
addresses are used as input to the pairing procedure.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove handling of extended advertising from connection complete
event. If extended advertising has been enabled and is supported by
the controller then enhanced connection complete must be supported.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
User of bt_buf_get_rx may attempt to push their own headers, e.g. ACL
headers, so move the H4 header logic to bt_recv after logging into the
monitor since otherwise the buffer would contain H4 headers which is
not expected by the monitor.
Fixes#24646
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Add support for multiple advertising set. Move the advertising state
flags to be per advertising set and loop over advertising sets instead
of looking up legacy advertiser set or handle 0.
Since it is not certain that the advertising set terminated event can
arrive directly after the connection complete event there is currently
a limitation that there can only be one local identity used by
connectable advertisers at a time. This guarantees that we know
the local identity being used in the connection complete event.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Only attempt to restart the background scanner in connection complete
event when the new connection is a master role connection or the
initiator was successfully canceled.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Enable enhanced connection complete when extended advertising has been
enabled. This event is mandatory if extended advertising is supported.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This makes hci_raw to manage RX and TX buffers so its logic don't have
to be replicated on each an every driver/application, it also makes it
simpler to deal with extra headers for H:4 mode since that then can be
done at earlier at buffer allocation.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds support for registering a command extention table which is
used to match incoming commands and then pass the buffer to its
function handler.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds 2 config options which enables hci_raw to work in
H:4 mode and enable it by default automatically.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When legacy advertising enable command is issues,
the BT_ADV_ADVERTISING has to be set, because this
flag is checked in many scenarios to see if the
advertising is ongoing or not.
Signed-off-by: Ahmed Shokry <ahmed.shokry@synopsys.com>
When disconnecting att_reset is called and all requests are notified
but instead of passing req->user_data like it should it pass the req
itself which nowdays comes from a k_mem_slab, rather than being a
contiguous memory that would contain the request and its user data,
which would likely cause invalid access.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This patch introduces two major changes to the directed advertising
feature of the bluetooth host.
Deprecating the bt_conn_create_slave_le, and removing
bt_conn_le_create_slave which has never been released. This behaviour
has now been moved by to providing the peer direct address into the
advertising parameters.
Introducing directed advertising support for nonconnectable
directed extended advertising, both scannable and non-scannable.
A bug was also fixed in the the directed-adv command in the shell
when the argument "low" was given. The advertiseng parameter pointer
declared with BT_LE_ADV_CONN_DIR_LOW_DUTY was declared in a scope that
was no longer valid when it was used to start the advertiser.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Check the return value of LE Set Extended Advertising Parameters
command when starting an advertiser from bt_le_adv_start with
CONFIG_BT_EXT_ADV enabled.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The LE Set Extended Advertising Set Random Address command may be
issued at any time after an advertising set identified by
the Advertising Handle parameter has been created using the
LE Set Extended Advertising Parameters command.
This commit fixes the advertising set issueing the set random address
command before the advertising set is created in the controller.
Since the le_adv_set_random_addr function has is used to get the the
own address parameter for the it could not simply be moved, and
moving the own address parameter handling out of this function
would create a potentioal maintaince problem.
Also this function is used for both with and without advertising
extension feature so changing it is not trivial without breaking all
the previous random address handling already put in place.
The simplest solution was therefore to postpone the command until the
parameters has been set using 2 flags.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Use bluetooth assert on HCI command send error since this assertion is
always enabled and we should not continue after this has failed.
Log command status failure with information in order to make it more
visible as the HCI status code is more interesting than the -EIO error
code returned by the function.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix the pending slave set connection latency and timeout values not used
in the connection update procedure when
CONFIG_BT_GAP_PERIPHERAL_PREF_PARAMS has not been enabled.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Extends the bt_conn_le_create_param struct to provide the option
to set a custom timeout for the initiation of the connection.
The logic for the default values of window_coded and interval_coded
were moved to conn.c in order to resolve all defaults for the
create_param struct at a single location.
Timeout is not added as a parameter to the BT_CONN_LE_CREATE_PARAM
macro due to the expectation that CONFIG_BT_CREATE_CONN_TIMEOUT
will be the typical value that users will expect.
Fixes#23468
Signed-off-by: Jordan Yates <jordan.yates@data61.csiro.au>
Fix an an issue where established bonding information in the peripheral
are deleted when the central does not have the bond information.
This could be because the central has removed the bond information, or
this is in fact not the central but someone spoofing it's identity, or
an accidental RPA match.
This is a regression from: a3e89e84a8
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add additional build configurations to the shell to catch build errors
when enabling extended advertising.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix compilation issue when extended advertising is enabled but privacy
is disabled. In this case the rpa_update work is compiled out.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Most places used an int so that should have handled most cases but
keys_set was using an unsigned int, which meant that checking len > 0
is an expression that is always false, and the error handling is not
working.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix high-duty cycle directed advertising when extended advertising
feature has been enabled. The duration parameter when starting extended
high duty cycle directed advertising has to be set to a non-zero value
less than or equal to 1.28 seconds.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Avoid removing identity keys from the controller during the pairing
procedure. During the pairing procedure the keys will be cleared before
they are updated. This causes an unnecessary warning from HCI core where
it tries to remove an IRK key-set from the controller that has has not
been added yet.
While this is not an issue, the warning from HCI core is misleading and
might lead to unnecessary questions and investigations.
Warning appeared after: 6c6bd8c49e
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Move the pending ID keys add and delete flag out of keys storage area.
These flags are runtime flags and should not be stored in persistent
storage.
Due to struct alignment storage start has to be aligned so that
variables added before storage start does not affect the storage bytes
by introducing padding in the storage area
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Skip feature testing of controller features when legacy advertising
commands are not supported. For combined builds or builds where the
capability of the controller is known it is not required to have runtime
check of controller extended advertising support.
This gives the following size reduction for hci_core.c:
Without legacy support
hci_core.c 19980 7.75%
total 257679
With legacy support
hci_core.c 21816 8.41%
total 259519
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Handle updating the identity keys in the controller while a scanner
limited by timeout or advertiser limited by number of events or timeout
is active in the controller. For this case we mark they keys as pending
and handle the update of the resolving list ones the roles are stopped.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add RPA handling for scan limited by timeout. The scan limited by
timeout has no information about elapsed time when stopped. So pausing
the scan at RPA timeout has no new scan timeout value to set.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add error code to API for starting directed advertiser. Also rename the
API in order to follow the established naming pattern.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add support for creating and advertising with an advertising set.
This has support to advertise with extended data and with long range
feature on Coded PHY.
Limited to only supported one advertising set.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add support to use the extended conn create options to establish
connections on LE Coded PHY or 2M. This uses the connection options
set by bt_conn_set_scan_params.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add API to set the scan parameters used in the LE Create Connection
HCI command used by bt_conn_create_le and bt_conn_create_aute_le.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add support for the new scan options and use the LE Extended Scan
HCI commands if they are available in the controller.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Refactor scan and initiator random address handling to a helper function
so that it can be re-used.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add reference count old to new value transition in the debug print, this
makes it easier to interpret the printed line when debuggin reference
count bugs.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Extract setting advertising filter policy parameter from the adv params
options field to a helper function.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Update buffer sizes needed when advertising extensions is enabled. Since
BT_RX_BUF_LEN is used for the HCI command as well we need to fit the
full 255 bytes of the Set Extended Advertising Data or Scan Response
Data plus the 3 byte header of an HCI command.
For the discardable buffer size we need to fit the LE Extended
Advertising Report event, which can be a maximum of 255 bytes plus the
2 byte header of an HCI event.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Deprecate BT_LE_ADV defines in hci.h that are expected to be used by the
application in the scan received callback to identify the advertising
PDU type. These defines are mixing HCI input parameters and advertising
PDU types. Internally it is acceptable to mix these, but at the API we
should to mix in them.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename filter_dup parameters used for scanning filter options to the
more generic name options, and make scan filter options follow same
naming patters as advertising and initiator scan options.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Deprecate bt_create_conn_le and rename it to in order to add return
code, new arguments and to follow the established naming convention.
Add API for the application to control the scan parameters of the
initiator role. This allows the application more scheduling control
of the initiator in multi-role scenarios. Also provides options to
configure the initiator for LE Coded PHY for long range support.
We deprecate the old way of creating connection to make the name more
consistent with the rest of the API.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix directed advertising from privacy disabled peer. In this case we
need to have the local IRK in the controllers resolving list in order to
have the controller resolve the initiator address of the directed
advertising pdu (ADV_DIR_IND).
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix directed advertiser using the wrong local IRK when doing directed
advertising when the identity of the advertiser is not the default
identity.
This is only an issue for the directed advertiser because it is only
for the directed advertiser that we use the controllers local IRK
to generate the Advertisers RPA.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add header definition for bt_read_static_addr function. Declaring it
without a header definition will not give any compilation error when
function definition changes.
Refactor nRF SoC specific code into nRF specific source files and
provide weak definitions when these are not implemented. This will make
it easier to add handlers per vendor.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When using BT_LE_ADV_NCONN_NAME then the advertising name will not be
included in the advertising data. This is because the host always puts
the device name in the scan response. But since the scan data was
otherwise empty the advertising type was set to ADV_NONCONN_IND.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fixes#23485
When we create a GATT table dynamically, we also create a hash
identifying this table. This hash can be stored in persistent memory and
we can thus determine after recreating the GATT table whether the
services have changed or not from before the reboot.
When these hashes are identical, it implies that the table has not
changed, wherefore a service changed indication should not be sent to
any bonded clients. The method for achieving this was to remove the
gatt_sc.work entry from the work queue. This work queue entry was to
send an indication to the clients when the table had been allocated.
If the final entry then caused the hashes to match, the indication
would be cancelled.
On unit testing this behaviour in simulation and in practice, we found
that the indication was sent nonetheless, and the issue was located to
be tied to the SERVICE_RANGE_CHANGED flag which is set when the services
are changed and is cleared when the indications are being sent out.
It was the job of the work queue entry to clear this flag, and as the
entry was never serviced, the flag was never cleared, and when
sc_commit() is called at the end of the process, it believes that there
is a new service change pending and therefore starts the job over, thus
creating a redundant indication to the clients.
This commit fixes the issue by clearing the flag when the work entry
is removed due to a hash match. This has been unittested in a live
environment, in a simulation environment, and sanitycheck has been run
on it.
Signed-off-by: Dan Erichsen <daee@demant.com>
The commit e85dd8af5d changed the way the BT_ECC Kconfig option
is enabled, however it got the dependency wrong. The dependency should
only look at BT_SMP_OOB_LEGACY_PAIR_ONLY if BT_SMP was also enable.
This broke e.g. the build of the mesh_demo app for the BBC
micro:bit since the memory consumption jumped up by roughly 2k.
This patch fixes the issue, and in the same go makes the Mesh handling
consistent by also using a conditional default rather than select.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Allow to get local OOB data while advertiser, scanner or whitelist
initiator is active. If direct initiator is active or the advertiser
is using the random address as a random static identity address then
the function will return error.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When OOB callbacks are present it is possible to achieve authenticated
pairing without having the remote OOB data present. Using OOB with
LE Secure Connection only one side of the pairing procedure is required
to have the OOB data present. If we have given the remote our OOB data
then pairing can proceed.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Added CONFIG_BT_SMP_OOB_LEGACY_PAIR_ONLY option that completely disables
all legacy and SC pairing modes(except for Out of Band) and frees the
memory previously used by these.
Added CONFIG_BT_SMP_DISABLE_LEGACY_JW_PASSKEY option that force rejects
pair requests that lead to legacy Just Works or Passkey pairing.
Signed-off-by: Iván Morales <ivan98ams@gmail.com>
Refactor old state handling in bt_conn_set_state to use switch statement
instead of if statements.
This will give us warning about enum values not covered.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix connection complete event handling when the local RPA is not valid.
This can happen when the controller was not instructed to use an RPA
address, or the local IRK was set to an all zero IRK.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
According to the Zephyr VS HCI specification:
Only Read_Version_Information and Read_Supported_Commands commands are
mandatory.
Check for supported Read Supported Features command before issuing this
command to the controller.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix host resolving the peer identity address in enhanced connection
complete event when the resolving list in the controller is full and
resolution is done in the host.
Move the handling from legacy connection complete into enhanced
connection complete event so that it is done for both connection
complete events.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
If the application has used bt_le_oob_get_local to retrieve the OOB
RPA address and OOB authentication information the central role should
use this RPA address for the next RPA timeout period.
The central role always refreshes the RPA address for the initiator,
this will make the OOB information not usable as the peer cannot
recognize the central role since the RPA address is changed.
Check if the initiator can use the address for the duration of the of
remaining RPA period.
Fix central role using the advertiser identity when setting the private
address. The central role should only use the default identity.
Regressions from:
fbe3285bfa
and
4876a8f39a
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
If the client is change-unware and disconnects the spec requires that
the stack still sends the error out of sync for the next request:
'The ATT_ERROR_RSP PDU is sent only once after the client becomes
change-unaware, unless the client _disconnects_ or the database changes
again before the client becomes change-aware in which case the
ATT_ERROR_RSP PDU shall be sent again'
Fixes#23110
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fix issue where a new connection with the same peer would use the CCC
from from first connection, despite different local identity.
Since there is no CCC for the new connection yet this caused the
application to think that CCC was enabled but the remote device had not
yet subscribed.
Fix this issue by making the id as an input to the peer address check
function. This will force us to make the check every time. This commit
might also fix similar issues not yes discovered as the ID check was
missing in a few other places as well.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename the acl buf context id to index since to avoid confusing it with
the conn object ID parameter. Especially the bt_conn_lookup_id function
was creating confusion.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Avoid the HCI-USB race condition where HCI data and HCI events can be
re-ordered, and pairing information appears to be sent unencrypted.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix issue where an invalid (all zeroes) hash was written to settings
storage on reset. This caused the old value to written to zeroes, before
being written back to it's original value again immediately after.
This causes excessive flash wear.
This happens because the check if (k_delayed_work_remaining) returns the
amount of time until the work will execute. When that time has run out
the time is zero, but the work has not yet been executed.
We then write the invalid hash to flash, and then once the work-item
executes it will write the correct value.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
SC config data is no longer stored within the CCC config itself
therefore it must be cleared separately.
Fixes#22539
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
GATT data shall not be considered conditional to BT_SETTINGS since
the data is stored in RAM it must also be cleared when unpairing.
Fixes#22514
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
smp_pairing_complete does actually clears flags so setting
SMP_FLAG_TIMEOUT must come after that.
Fixes#22786
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fix bt_gatt_indicate using the wrong attribute pointer when a uuid was
provided as input.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename the scan recv callback info struct so that it reflects that it
is part of the scan recv callback. This will make it consistent with
future plans for advertising callbacks.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix the scanner using the advertiser identity instead of the scanners
identity, scanner always use BT_ID_DEFAULT.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Corrected configuration of BT_HCI_RESERVE for the RPMsg HCI driver.
This change fixes the following assert:
[net_buf_simple_headroom(buf) >= len] @ ZEPHYR_BASE/subsys/net/buf.c:881
Signed-off-by: Kamil Piszczek <Kamil.Piszczek@nordicsemi.no>
This can happens if for example the remote peer have the initial credits
set to 0 which would cause bt_l2cap_chan_send to fail instead of just
queue the packets until more credits are given.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
I think people might be reading differences into 'if' and 'depends on'
that aren't there, like maybe 'if' being needed to "hide" a symbol,
while 'depends on' just adds a dependency.
There are no differences between 'if' and 'depends on'. 'if' is just a
shorthand for 'depends on'. They work the same when it comes to creating
implicit menus too.
The way symbols get "hidden" is through their dependencies not being
satisfied ('if'/'depends on' get copied up as a dependency on the
prompt).
Since 'if' and 'depends on' are the same, an 'if' with just a single
symbol in it can be replaced with a 'depends on'. IMO, it's best to
avoid 'if' there as a style choice too, because it confuses people into
thinking there's deep Kconfig magic going on that requires 'if'.
Going for 'depends on' can also remove some nested 'if's, which
generates nicer symbol information and docs, because nested 'if's really
are so simple/dumb that they just add the dependencies from both 'if's
to all symbols within.
Replace a bunch of single-symbol 'if's with 'depends on' to despam the
Kconfig files a bit and make it clearer how things work. Also do some
other minor related dependency refactoring.
The replacement isn't complete. Will fix up the rest later. Splitting it
a bit to make it more manageable.
(Everything above is true for choices, menus, and comments as well.)
Detected by tweaking the Kconfiglib parsing code. It's impossible to
detect after parsing, because 'if' turns into 'depends on'.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
The existing stack_analyze APIs had some problems:
1. Not properly namespaced
2. Accepted the stack object as a parameter, yet the stack object
does not contain the necessary information to get the associated
buffer region, the thread object is needed for this
3. Caused a crash on certain platforms that do not allow inspection
of unused stack space for the currently running thread
4. No user mode access
5. Separately passed in thread name
We deprecate these functions and add a new API
k_thread_stack_space_get() which addresses all of these issues.
A helper API log_stack_usage() also added which resembles
STACK_ANALYZE() in functionality.
Fixes: #17852
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This commit adds a new option CONFIG_BT_SMP_USB_HCI_CTLR_WORKAROUND
to support USB HCI controllers that sometimes send out-of-order HCI
events and ACL Data due to using different USB endpoints.
Enabling this option will make the master role not require the
encryption-change event to be received before accepting
key-distribution data.
It opens up for a potential vulnerability as the master cannot detect
if the keys are distributed over an encrypted link.
Fixes: #22086
Signed-off-by: François Delawarde <fnde@oticon.com>
Directed advertising timeout was dropped in the host due to
not being able to find a pending connection. Host used the
role parameter from the error event parameters which has
been earlier zero-ed out.
Regression introduced in commit a0349689ff ("Bluetooth:
host: Fix conn object assigned to wrong connection")
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
When starting a non-connectable advertiser and an active scanner is also
using NRPA address then this use-case should be supported. A new
advertiser that is non-connectable should have a fresh NRPA address
every time it is started, so we must refresh the NRPA used by the active
scanner.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When advertiser is disabled we should update the random address for both
passive and active scanner back to an NRPA. But this command will fail
because the if the scanner is an active scanner, we must disable and
re-enabled the active scanner after setting the random address.
This behavior should not be there when scanner is configured to scan
with identity address.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Document why a privacy-disabled scanner will not notify about directed
advertising reports. This is the default behaviour of the
privacy-disabled scanner. In order to receive the reports the option
BT_SCAN_WITH_IDENTITY must be enabled.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Prevent the advertiser from overwriting the passive scanners identity
address when the scanner has been configured to scan using the identity.
In this case the LE Set Random Address command would not prevent the
address from being overwritten. So instead we explicitly stop it in the
host.
Also fix original code function not working at all since the first
if statement was should had a bad check. Resulting in it always
returning success.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Drop directed advertiser reports when the passive scanner should have
been using the NRPA address. The advertiser has overwritten the NRPA
with it's identity address instead and a peer is sending directed
advertiser packets to it.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When privacy is disabled by default the scanner still protects it's
identity with the use of NRPA addresses. We should not set the identity
address for the passive scanner unless the Kconfig option to scan with
the identity has been enabled.
This makes passive scanner behave the same way as an active scanner
since none of them will report directed advertising reports towards
the scanners identity.
This also enables the advertiser to switch out the random address which
is needed for the Bluetooth Mesh LPN case.
Fixes#22088.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Similar to pairing_confirm this callback is called each
time a peer requests pairing, but for all types of
pairings, except SSP. The pairing req/rsp information is
passed as a parameter so the application can decide
wheter to accept or reject the pairing.
Fixes: #21036
Signed-off-by: Martin Rieva <mrrv@demant.com>
Fix infinite recursion in host-based bt_rand function. This would call
HCI LE Random Number command, which would in turn call bt_rand, causing
an infinite recursion.
bt_rand -> prng_reseed -> BT_HCI_OP_LE_RAND -> le_rand -> bt_rand
To solve this issue the controller should avoid doing calls into the
host, so all calls to bt_rand in the controller should be replaced with
a call to a controller function.
Fixes#22202
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix LE Create Connection command giving out of range parameters to the
controller, this came back as 0x30 (Out of Range Parameters) status code
on the command from the controller.
This appears to be the min and max CE parameters in the command.
Revert back memset from 137f704064
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix problem where application was notified about a new connection being
established, but no connection has actually been made.
This occurred because the LE Create Connection command failed directly
from the API, in which case the state transition thinks the err is valid
and always notifies the application.
Introduced by:
6c1f52dff7 for bt_conn_create_le
e9eebf0c40 for bt_conn_create_auto_le.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix an issue where a slot in the key pool was considered free when
either the address was cleared or no keys were written in the entry
(enc_size == 0). This caused a problem with simultaneous pairing
attempts that would be assigned the same entry.
This patch makes it so a a slot is considered free even when keys are
not yet present in the entry, and makes sure the address is cleared in
case of pairing failure or timeout so to mark the slot as free.
Signed-off-by: François Delawarde <fnde@oticon.com>
Moves the Mesh AES-CCM module out into a separate module, to make it
accessible from other subsystems. Adds the new CCM API in
include/bluetooth/crypto.h along with the bt_encrypt functions.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Move reset of channel status from after the destroy callback since the
after the destroy callback the memory should be assumed to be released.
Instead clear the channel status when the channel is created in
l2cap_chan_add. This way we don't rely on the memory given being set to
the correct value.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix ATT releasing the att structure back to the memory slab allocator
before the structure is actually ready to be released. The memory slab
allocator will write context data inside the freed slab which is
currently being overwritten by l2cap during channel teardown.
This manifests as an "Unable to allocate ATT context for conn" when
reconnecting with multiple connections.
Since the l2cap channel is embedded inside of the ATT context and l2cap
still has a valid referenc to the l2cap channel we need to release the
ATT context at a later time.
This should be fixed by implementing the channel destroy function and
releasing the channel there.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add the option to provide the destroy callback to the fixed channels.
This can be used to free the memory for the L2CAP channel context which
is provided by the fixed channel in the accept callback.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The callback function may modify the att->req and it has to be
called after the att_process. The att_process does not re-check
if att->req is still NULL.
Signed-off-by: Marek Pieta <Marek.Pieta@nordicsemi.no>
The CONFIG_ prefix was missing.
Found with a work-in-progress scripts/kconfig/lint.py check.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Fix assert in net_buf triggered on att encrypt change event.
ASSERTION FAIL [net_buf_simple_headroom(buf) >= len] @
ZEPHYR_BASE/subsys/net/buf.c:881
This happens because when the att request was allocated, it was not
properly initialized and req->retrying was left as true.
This caused the att encrypt change handling to assume an att request
needed to be resent, starting resending with an invalid request and
request buffer.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Refactor use of #ifdef to IS_ENABLED() pattern for handling cancellation
of outgoing connection attempt. Reduce the amount of indentation by
combining outer if-statements.
Move handling of canceled create connection into a helper function.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix advertiser requested to use the identity address while privacy
feature is enabled will change to using RPA address when advertise is
resumed or when RPA timeout occurred.
RPA timeout does not need to run when advertiser is using identity.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Handle initiator role when RPA timeout expires. For direct connect
establishment procedure we make sure the RPA is refreshed when starting
initiator and limit the timeout to the RPA timeout.
For auto establishment procedure we cancel the initiator and restart it
again in the connection complete event that is generated when canceling
an initiator.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Handle starting of advertiser and scanner or initiator when advertiser
is using a different identity than the default identity to generate the
random resolvable address in the controller.
We need to handle this only for the privacy case because the random
address is set in the RPA timeout handler and not from the API.
When privacy is disabled we can return error code from the LE Set Random
Address HCI command instead.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix RPA timeout handling when the scanner is active. An active scanner
must be restarted at RPA timeout otherwise the Set Random Address
command will fail.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Refactor the handling of sending the LE Create Connection command and
for whitelist and direct initiator to use the same host state flag
and common handling of the privacy address.
Also simplify the way we check if the procedure has already been started
when application tries to start it again.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Handle a possible race condition in the host connection state.
Set the conn state of the connection object before command is sent. This
is in case the calling function is not scheduled again before the
connection complete event arrives. In this case find_pending_conn will
not find the connection object.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Starting a background scanner for auto-connection is an API that is only
available when whitelist API is not enabled.
There is currently no way to set this bit when the whitelist API is
enabled so there is not any issues with the current code, but it is
still not correct.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When receiving a connection complete event but no connection object are
available in the host something strange has happened. In this case
the controller might have a connection that cannot be controlled by the
application. It would then be sensible to disconnect this connection in
the controller.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The path to include/drivers should not be in the compiler include path
list, only include/. In order to make this possible, always explictly
refer to hci_driver.h via the drivers/bluetooth/ path and not only
bluetooth/.
Fixes#21974.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Guard calls to bt_conn functions in bt_le_adv_start_internal with
IS_ENABLED(CONFIG_BT_PERIPHERAL) to avoid undefined symbols in builds
that do not support that role.
Signed-off-by: Wolfgang Puffitsch <wopu@demant.com>
Fix error in calculation of the minimum discardable buffer size. For
the LE Advertising Report the maximum payload is 31 bytes plus
additional data in the event gives an event size of 41 bytes (given that
num_reports is 1). Since this is a meta event we need to include the
sub-event code, plus the event header of 2 bytes. Total of 44 bytes.
This is a regression from afa9c42d75 where we forgot th 1 byte for the
RSSI that is appended after the data. Easy to miss since it is not part
of the struct.
Fix error in calculation of the num complete buffer size. Here we forgot
to include the 2 byte event header.
This is a regression from 89981b07c8.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove re-using connection objects in disconnected state when creating
directed advertiser or establishing a connection as a central using
direct connection procedure.
This makes the API mores consistent it terms of which connection roles
can be started from the disconnected callback.
This also avoids a central connection object being re-used for a
connection as a peripheral instead and vice versa.
When attempting to create a new connection the API would returning
a valid connection object if there is already an existing connection
object.
This existing connection object could be either in the process of
establishing the connection or already connected.
Returning the connection object in this would give the false impression
that the stack has initiated connection procedure, when in fact it just
returned an existing connection object.
The application has the ability to check for existing connection objects
using the bt_conn_lookup_addr_le API.
Add warning plus comment possible scenarios why the a valid connection
object might exists. Most important is to explain why a valid connection
object exists during the disconnected callback.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reserve conn object for undirected connectable advertiser. This means we
won't have a situation where we start a connectable advertise but will
fail to allocate a connection object for it in the connection complete
event.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reserve a connection object when starting the auto-initiator using the
controller whitelist.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix bt_conn_create_aute_le returning the wrong error code when bt_init
has not been called yet. This is inconsistent with the rest of the API
functions.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Refactor stopping directed advertiser to disconnect the state object
when calling advertise stop. This follows the same pattern as
bt_conn_disconnect.
Remove returning conn objects in BT_CONN_CONNECT state, this state could
only be an initiator starting a connection in the central role.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Make sure that the auto-conn state is cleared correctly when we might
fail to allocate a new connection object.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix conn object assigned to the wrong controller connection in the
connection complete handler. This could happen when running a
directed advertiser and establishing a connection at the same time to
the same peer.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add option to set the size of the discardable buffer pool. This saves
memory for the MESH use case where we expect a large number of advertise
reports.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Adds a way to register listeners for incoming scanner packets, in
addition to the callback passed in bt_le_scan_enable.
This allows application modules to add multiple scan packet listeners
without owning the scanner life cycle API, enabling use cases like
beacon scanning alongside Bluetooth Mesh.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Current implementation of application's cfg_write callback only has the
possibility of returning boolean status, which in case of failure only
allows for one error code; BT_ATT_ERR_WRITE_NOT_PERMITTED.
This change makes the application able to add own security check on
characteristic subscription in the cfg_write callback and report a more
relevant error code (e.g. BT_ATT_ERR_AUTHORIZATION).
Signed-off-by: Kim Sekkelund <ksek@oticon.com>
Remove toggling the advertise enable state when the advertiser name has
been updated. Advertise and scan response data should be used by the
controller on subsequent advertising events.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This further reduce the overhead on each subscription at expense of
having a dedicated array to store subscriptions, the code now maintain
a separate list for each peer which should also scale better with large
number of subscriptions to different peers.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This should reduce the footprint on applications that do a lot of
requests i.e have a lot of subscriptions.
Fixes#21103
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Providing 'tmp', which was never updated, resulted in removeal of
subscriptions from the beginning.
Using the updated 'prev' resolves this.
Signed-off-by: Marco Sterbik <madbadmax00@gmail.com>
Start initiator immediately instead of scanning for device first.
If the host resolving list is used we need to go via scanner to resolve
the address.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Instead of having all (=addr NULL or BT_ADDR_LE_ANY to bt_unpair) as a
special case, iterate over all connected peers and unpair them the
regular way. This means bt_gatt_clear is called too. Doing this way
allows us to remove a lot of (now) unused code as well.
Signed-off-by: Jacob Siverskog <jacob@teenage.engineering>
hdr->length is the length of the payload, it should be
buf->len - sizeof(*hdr) - 1 or buf->len - (sizeof(*hdr) + 1)
Signed-off-by: ZhongYao Luo <LuoZhongYao@gmail.com>
Credits are 2 octects long so an s16_t positive portion can only half to
the theorical maximum number of credits, so instead this uses u16_t and
do a bound check instead of checking for negative values.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
With the changes that introduced a queue k_sem is only used with
K_NO_WAIT which means it is no longer possible to wait/block for credits
so the usage of k_sem is no longer needed and can be safely replaced
with atomic_t just to count the available credits at a given instant.
Fixes#19922
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Make remote features and remote version accesible to the application
through the bt_conn_get_remote_info object. The host will auto initiate
the procedures. If the procedures have not finished with the application
calls bt_conn_get_remote_info then EBUSY will be returned.
The procedures should finish during the first 10 connection intervals.
Signed-off-by: Sverre Storvold <Sverre.Storvold@nordicsemi.no>
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Refactor the handling of the host auto initiated LL procedures.
This makes it easier to add new auto initiated procedures as well as
reduced the maintenance by reducing code duplication.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Always check that the length of the returned command complete
event for a vendor specific command matches the expected length
when the support for Zephyr VS HCI commands are uncertain.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix multiple issues related to the way the host handles
Identity Information related to privacy
1. If the controller provided a public address the IRK
for this identity would be randomly generated but not
stored persistenly.
2. Fix the handling of the above issue which was fixed
for the random address but would initiate settings save
ID on every boot.
3. Fix the host not using the Vendor Specific HCI commands
related to retrieving the Identity Root (IR) from the
controller and using the key diversified function d1
to generate an IRK as specified in the BT Core spec.
Make sure that a Host generated ID is only saved when it is first
generated.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The test_and_set_bit() should be checking if the flag was *not*
already set, since that's the scenario where we want to call the
status callback.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The ch pointer is the result of a CONTAINER_OF() operation, so
checking it for NULL is pointless. Additionally, there's no place that
calls this function with chan set to NULL.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Make the channel ops struct const since there really isn't anything
there that needs to change at runtime. The only exception is the L2CAP
shell which was playing with the recv callback, however that can be
fixed by introducing a simple bool variable.
With tests/bluetooth/shell this reduces RAM consumption by 112 bytes
while adding only 16 bytes to flash consumption.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This documents the special cases where -EAGAIN is returned which leads
the buffer to be queued.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Now that bt_l2cap_send_cb can fail the buffer state needs to be save
and restored otherwise the data stored on it would be lost.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This introduces BT_L2CAP_STATUS_SHUTDOWN which is used to indicate when
a channel has been shutdown.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This offloads the processing of tx_queue to a work so the callbacks
calling resume don't start sending packets directly which can cause
stack overflow.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Drop packets received while disconnecting since they would most likely
be flushed once peer respond there is no gain in keeping them on a
queue.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This prevents disconnect request packets to not being sent due to lack
of buffers normally caused by flooding or congestion.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
If NET_L2_BT is enabled we need enough acl_in_pool needs to be big
enough to contain a full IP packet since that is no longer processed by
RX thread buffer would be queued to syswq to reassemble the SDU.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When NET_L2_BT the memory pressure for fragments can be quite high
since that would be transfering IP packets which are considerable big
so this makes our frag_pool to be of the same size as NET_BUF_TX_COUNT.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This enable chaning the function and line number making it easier to
debug where a buffer allocation is blocking.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When a segment could not be allocated it should be possible to resume
sending it later once previous segments complete, the only exception is
when there is no previous activity and we are unable to alocate even the
very first segment which should indicate to the caller that it would
block since that only happens on syswq the caller might need to defer to
another thread or resubmit the work.
Fixes#20640
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
The whitelist API uses the controller directly through HCI commands.
Bluetooth device must have been initialized before sending HCI commands.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Handle invalid ACL flags in HCI transport.
Only Point to Point is supported over HCI in both directions.
Fix flushable start HCI ACL packets not allowed on LE-U connections
from Host to controller.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
