Refactor old state handling in bt_conn_set_state to use switch statement
instead of if statements.
This will give us warning about enum values not covered.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix connection complete event handling when the local RPA is not valid.
This can happen when the controller was not instructed to use an RPA
address, or the local IRK was set to an all zero IRK.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
According to the Zephyr VS HCI specification:
Only Read_Version_Information and Read_Supported_Commands commands are
mandatory.
Check for supported Read Supported Features command before issuing this
command to the controller.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix host resolving the peer identity address in enhanced connection
complete event when the resolving list in the controller is full and
resolution is done in the host.
Move the handling from legacy connection complete into enhanced
connection complete event so that it is done for both connection
complete events.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
If the application has used bt_le_oob_get_local to retrieve the OOB
RPA address and OOB authentication information the central role should
use this RPA address for the next RPA timeout period.
The central role always refreshes the RPA address for the initiator,
this will make the OOB information not usable as the peer cannot
recognize the central role since the RPA address is changed.
Check if the initiator can use the address for the duration of the of
remaining RPA period.
Fix central role using the advertiser identity when setting the private
address. The central role should only use the default identity.
Regressions from:
fbe3285bfa
and
4876a8f39a
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
If the client is change-unware and disconnects the spec requires that
the stack still sends the error out of sync for the next request:
'The ATT_ERROR_RSP PDU is sent only once after the client becomes
change-unaware, unless the client _disconnects_ or the database changes
again before the client becomes change-aware in which case the
ATT_ERROR_RSP PDU shall be sent again'
Fixes#23110
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fix issue where a new connection with the same peer would use the CCC
from from first connection, despite different local identity.
Since there is no CCC for the new connection yet this caused the
application to think that CCC was enabled but the remote device had not
yet subscribed.
Fix this issue by making the id as an input to the peer address check
function. This will force us to make the check every time. This commit
might also fix similar issues not yes discovered as the ID check was
missing in a few other places as well.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename the acl buf context id to index since to avoid confusing it with
the conn object ID parameter. Especially the bt_conn_lookup_id function
was creating confusion.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Avoid the HCI-USB race condition where HCI data and HCI events can be
re-ordered, and pairing information appears to be sent unencrypted.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix issue where an invalid (all zeroes) hash was written to settings
storage on reset. This caused the old value to written to zeroes, before
being written back to it's original value again immediately after.
This causes excessive flash wear.
This happens because the check if (k_delayed_work_remaining) returns the
amount of time until the work will execute. When that time has run out
the time is zero, but the work has not yet been executed.
We then write the invalid hash to flash, and then once the work-item
executes it will write the correct value.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
SC config data is no longer stored within the CCC config itself
therefore it must be cleared separately.
Fixes#22539
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
GATT data shall not be considered conditional to BT_SETTINGS since
the data is stored in RAM it must also be cleared when unpairing.
Fixes#22514
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
smp_pairing_complete does actually clears flags so setting
SMP_FLAG_TIMEOUT must come after that.
Fixes#22786
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fix bt_gatt_indicate using the wrong attribute pointer when a uuid was
provided as input.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename the scan recv callback info struct so that it reflects that it
is part of the scan recv callback. This will make it consistent with
future plans for advertising callbacks.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix the scanner using the advertiser identity instead of the scanners
identity, scanner always use BT_ID_DEFAULT.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Corrected configuration of BT_HCI_RESERVE for the RPMsg HCI driver.
This change fixes the following assert:
[net_buf_simple_headroom(buf) >= len] @ ZEPHYR_BASE/subsys/net/buf.c:881
Signed-off-by: Kamil Piszczek <Kamil.Piszczek@nordicsemi.no>
This can happens if for example the remote peer have the initial credits
set to 0 which would cause bt_l2cap_chan_send to fail instead of just
queue the packets until more credits are given.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
I think people might be reading differences into 'if' and 'depends on'
that aren't there, like maybe 'if' being needed to "hide" a symbol,
while 'depends on' just adds a dependency.
There are no differences between 'if' and 'depends on'. 'if' is just a
shorthand for 'depends on'. They work the same when it comes to creating
implicit menus too.
The way symbols get "hidden" is through their dependencies not being
satisfied ('if'/'depends on' get copied up as a dependency on the
prompt).
Since 'if' and 'depends on' are the same, an 'if' with just a single
symbol in it can be replaced with a 'depends on'. IMO, it's best to
avoid 'if' there as a style choice too, because it confuses people into
thinking there's deep Kconfig magic going on that requires 'if'.
Going for 'depends on' can also remove some nested 'if's, which
generates nicer symbol information and docs, because nested 'if's really
are so simple/dumb that they just add the dependencies from both 'if's
to all symbols within.
Replace a bunch of single-symbol 'if's with 'depends on' to despam the
Kconfig files a bit and make it clearer how things work. Also do some
other minor related dependency refactoring.
The replacement isn't complete. Will fix up the rest later. Splitting it
a bit to make it more manageable.
(Everything above is true for choices, menus, and comments as well.)
Detected by tweaking the Kconfiglib parsing code. It's impossible to
detect after parsing, because 'if' turns into 'depends on'.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
The existing stack_analyze APIs had some problems:
1. Not properly namespaced
2. Accepted the stack object as a parameter, yet the stack object
does not contain the necessary information to get the associated
buffer region, the thread object is needed for this
3. Caused a crash on certain platforms that do not allow inspection
of unused stack space for the currently running thread
4. No user mode access
5. Separately passed in thread name
We deprecate these functions and add a new API
k_thread_stack_space_get() which addresses all of these issues.
A helper API log_stack_usage() also added which resembles
STACK_ANALYZE() in functionality.
Fixes: #17852
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This commit adds a new option CONFIG_BT_SMP_USB_HCI_CTLR_WORKAROUND
to support USB HCI controllers that sometimes send out-of-order HCI
events and ACL Data due to using different USB endpoints.
Enabling this option will make the master role not require the
encryption-change event to be received before accepting
key-distribution data.
It opens up for a potential vulnerability as the master cannot detect
if the keys are distributed over an encrypted link.
Fixes: #22086
Signed-off-by: François Delawarde <fnde@oticon.com>
Directed advertising timeout was dropped in the host due to
not being able to find a pending connection. Host used the
role parameter from the error event parameters which has
been earlier zero-ed out.
Regression introduced in commit a0349689ff ("Bluetooth:
host: Fix conn object assigned to wrong connection")
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
When starting a non-connectable advertiser and an active scanner is also
using NRPA address then this use-case should be supported. A new
advertiser that is non-connectable should have a fresh NRPA address
every time it is started, so we must refresh the NRPA used by the active
scanner.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When advertiser is disabled we should update the random address for both
passive and active scanner back to an NRPA. But this command will fail
because the if the scanner is an active scanner, we must disable and
re-enabled the active scanner after setting the random address.
This behavior should not be there when scanner is configured to scan
with identity address.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Document why a privacy-disabled scanner will not notify about directed
advertising reports. This is the default behaviour of the
privacy-disabled scanner. In order to receive the reports the option
BT_SCAN_WITH_IDENTITY must be enabled.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Prevent the advertiser from overwriting the passive scanners identity
address when the scanner has been configured to scan using the identity.
In this case the LE Set Random Address command would not prevent the
address from being overwritten. So instead we explicitly stop it in the
host.
Also fix original code function not working at all since the first
if statement was should had a bad check. Resulting in it always
returning success.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Drop directed advertiser reports when the passive scanner should have
been using the NRPA address. The advertiser has overwritten the NRPA
with it's identity address instead and a peer is sending directed
advertiser packets to it.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When privacy is disabled by default the scanner still protects it's
identity with the use of NRPA addresses. We should not set the identity
address for the passive scanner unless the Kconfig option to scan with
the identity has been enabled.
This makes passive scanner behave the same way as an active scanner
since none of them will report directed advertising reports towards
the scanners identity.
This also enables the advertiser to switch out the random address which
is needed for the Bluetooth Mesh LPN case.
Fixes#22088.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Similar to pairing_confirm this callback is called each
time a peer requests pairing, but for all types of
pairings, except SSP. The pairing req/rsp information is
passed as a parameter so the application can decide
wheter to accept or reject the pairing.
Fixes: #21036
Signed-off-by: Martin Rieva <mrrv@demant.com>
Fix infinite recursion in host-based bt_rand function. This would call
HCI LE Random Number command, which would in turn call bt_rand, causing
an infinite recursion.
bt_rand -> prng_reseed -> BT_HCI_OP_LE_RAND -> le_rand -> bt_rand
To solve this issue the controller should avoid doing calls into the
host, so all calls to bt_rand in the controller should be replaced with
a call to a controller function.
Fixes#22202
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix LE Create Connection command giving out of range parameters to the
controller, this came back as 0x30 (Out of Range Parameters) status code
on the command from the controller.
This appears to be the min and max CE parameters in the command.
Revert back memset from 137f704064
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix problem where application was notified about a new connection being
established, but no connection has actually been made.
This occurred because the LE Create Connection command failed directly
from the API, in which case the state transition thinks the err is valid
and always notifies the application.
Introduced by:
6c1f52dff7 for bt_conn_create_le
e9eebf0c40 for bt_conn_create_auto_le.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix an issue where a slot in the key pool was considered free when
either the address was cleared or no keys were written in the entry
(enc_size == 0). This caused a problem with simultaneous pairing
attempts that would be assigned the same entry.
This patch makes it so a a slot is considered free even when keys are
not yet present in the entry, and makes sure the address is cleared in
case of pairing failure or timeout so to mark the slot as free.
Signed-off-by: François Delawarde <fnde@oticon.com>
Moves the Mesh AES-CCM module out into a separate module, to make it
accessible from other subsystems. Adds the new CCM API in
include/bluetooth/crypto.h along with the bt_encrypt functions.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Move reset of channel status from after the destroy callback since the
after the destroy callback the memory should be assumed to be released.
Instead clear the channel status when the channel is created in
l2cap_chan_add. This way we don't rely on the memory given being set to
the correct value.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix ATT releasing the att structure back to the memory slab allocator
before the structure is actually ready to be released. The memory slab
allocator will write context data inside the freed slab which is
currently being overwritten by l2cap during channel teardown.
This manifests as an "Unable to allocate ATT context for conn" when
reconnecting with multiple connections.
Since the l2cap channel is embedded inside of the ATT context and l2cap
still has a valid referenc to the l2cap channel we need to release the
ATT context at a later time.
This should be fixed by implementing the channel destroy function and
releasing the channel there.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add the option to provide the destroy callback to the fixed channels.
This can be used to free the memory for the L2CAP channel context which
is provided by the fixed channel in the accept callback.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The callback function may modify the att->req and it has to be
called after the att_process. The att_process does not re-check
if att->req is still NULL.
Signed-off-by: Marek Pieta <Marek.Pieta@nordicsemi.no>
The CONFIG_ prefix was missing.
Found with a work-in-progress scripts/kconfig/lint.py check.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Fix assert in net_buf triggered on att encrypt change event.
ASSERTION FAIL [net_buf_simple_headroom(buf) >= len] @
ZEPHYR_BASE/subsys/net/buf.c:881
This happens because when the att request was allocated, it was not
properly initialized and req->retrying was left as true.
This caused the att encrypt change handling to assume an att request
needed to be resent, starting resending with an invalid request and
request buffer.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Refactor use of #ifdef to IS_ENABLED() pattern for handling cancellation
of outgoing connection attempt. Reduce the amount of indentation by
combining outer if-statements.
Move handling of canceled create connection into a helper function.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix advertiser requested to use the identity address while privacy
feature is enabled will change to using RPA address when advertise is
resumed or when RPA timeout occurred.
RPA timeout does not need to run when advertiser is using identity.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Handle initiator role when RPA timeout expires. For direct connect
establishment procedure we make sure the RPA is refreshed when starting
initiator and limit the timeout to the RPA timeout.
For auto establishment procedure we cancel the initiator and restart it
again in the connection complete event that is generated when canceling
an initiator.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Handle starting of advertiser and scanner or initiator when advertiser
is using a different identity than the default identity to generate the
random resolvable address in the controller.
We need to handle this only for the privacy case because the random
address is set in the RPA timeout handler and not from the API.
When privacy is disabled we can return error code from the LE Set Random
Address HCI command instead.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix RPA timeout handling when the scanner is active. An active scanner
must be restarted at RPA timeout otherwise the Set Random Address
command will fail.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Refactor the handling of sending the LE Create Connection command and
for whitelist and direct initiator to use the same host state flag
and common handling of the privacy address.
Also simplify the way we check if the procedure has already been started
when application tries to start it again.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Handle a possible race condition in the host connection state.
Set the conn state of the connection object before command is sent. This
is in case the calling function is not scheduled again before the
connection complete event arrives. In this case find_pending_conn will
not find the connection object.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Starting a background scanner for auto-connection is an API that is only
available when whitelist API is not enabled.
There is currently no way to set this bit when the whitelist API is
enabled so there is not any issues with the current code, but it is
still not correct.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When receiving a connection complete event but no connection object are
available in the host something strange has happened. In this case
the controller might have a connection that cannot be controlled by the
application. It would then be sensible to disconnect this connection in
the controller.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The path to include/drivers should not be in the compiler include path
list, only include/. In order to make this possible, always explictly
refer to hci_driver.h via the drivers/bluetooth/ path and not only
bluetooth/.
Fixes#21974.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Guard calls to bt_conn functions in bt_le_adv_start_internal with
IS_ENABLED(CONFIG_BT_PERIPHERAL) to avoid undefined symbols in builds
that do not support that role.
Signed-off-by: Wolfgang Puffitsch <wopu@demant.com>
Fix error in calculation of the minimum discardable buffer size. For
the LE Advertising Report the maximum payload is 31 bytes plus
additional data in the event gives an event size of 41 bytes (given that
num_reports is 1). Since this is a meta event we need to include the
sub-event code, plus the event header of 2 bytes. Total of 44 bytes.
This is a regression from afa9c42d75 where we forgot th 1 byte for the
RSSI that is appended after the data. Easy to miss since it is not part
of the struct.
Fix error in calculation of the num complete buffer size. Here we forgot
to include the 2 byte event header.
This is a regression from 89981b07c8.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove re-using connection objects in disconnected state when creating
directed advertiser or establishing a connection as a central using
direct connection procedure.
This makes the API mores consistent it terms of which connection roles
can be started from the disconnected callback.
This also avoids a central connection object being re-used for a
connection as a peripheral instead and vice versa.
When attempting to create a new connection the API would returning
a valid connection object if there is already an existing connection
object.
This existing connection object could be either in the process of
establishing the connection or already connected.
Returning the connection object in this would give the false impression
that the stack has initiated connection procedure, when in fact it just
returned an existing connection object.
The application has the ability to check for existing connection objects
using the bt_conn_lookup_addr_le API.
Add warning plus comment possible scenarios why the a valid connection
object might exists. Most important is to explain why a valid connection
object exists during the disconnected callback.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reserve conn object for undirected connectable advertiser. This means we
won't have a situation where we start a connectable advertise but will
fail to allocate a connection object for it in the connection complete
event.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reserve a connection object when starting the auto-initiator using the
controller whitelist.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix bt_conn_create_aute_le returning the wrong error code when bt_init
has not been called yet. This is inconsistent with the rest of the API
functions.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Refactor stopping directed advertiser to disconnect the state object
when calling advertise stop. This follows the same pattern as
bt_conn_disconnect.
Remove returning conn objects in BT_CONN_CONNECT state, this state could
only be an initiator starting a connection in the central role.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Make sure that the auto-conn state is cleared correctly when we might
fail to allocate a new connection object.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix conn object assigned to the wrong controller connection in the
connection complete handler. This could happen when running a
directed advertiser and establishing a connection at the same time to
the same peer.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add option to set the size of the discardable buffer pool. This saves
memory for the MESH use case where we expect a large number of advertise
reports.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Adds a way to register listeners for incoming scanner packets, in
addition to the callback passed in bt_le_scan_enable.
This allows application modules to add multiple scan packet listeners
without owning the scanner life cycle API, enabling use cases like
beacon scanning alongside Bluetooth Mesh.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Current implementation of application's cfg_write callback only has the
possibility of returning boolean status, which in case of failure only
allows for one error code; BT_ATT_ERR_WRITE_NOT_PERMITTED.
This change makes the application able to add own security check on
characteristic subscription in the cfg_write callback and report a more
relevant error code (e.g. BT_ATT_ERR_AUTHORIZATION).
Signed-off-by: Kim Sekkelund <ksek@oticon.com>
Remove toggling the advertise enable state when the advertiser name has
been updated. Advertise and scan response data should be used by the
controller on subsequent advertising events.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This further reduce the overhead on each subscription at expense of
having a dedicated array to store subscriptions, the code now maintain
a separate list for each peer which should also scale better with large
number of subscriptions to different peers.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This should reduce the footprint on applications that do a lot of
requests i.e have a lot of subscriptions.
Fixes#21103
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Providing 'tmp', which was never updated, resulted in removeal of
subscriptions from the beginning.
Using the updated 'prev' resolves this.
Signed-off-by: Marco Sterbik <madbadmax00@gmail.com>
Start initiator immediately instead of scanning for device first.
If the host resolving list is used we need to go via scanner to resolve
the address.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Instead of having all (=addr NULL or BT_ADDR_LE_ANY to bt_unpair) as a
special case, iterate over all connected peers and unpair them the
regular way. This means bt_gatt_clear is called too. Doing this way
allows us to remove a lot of (now) unused code as well.
Signed-off-by: Jacob Siverskog <jacob@teenage.engineering>
hdr->length is the length of the payload, it should be
buf->len - sizeof(*hdr) - 1 or buf->len - (sizeof(*hdr) + 1)
Signed-off-by: ZhongYao Luo <LuoZhongYao@gmail.com>
Credits are 2 octects long so an s16_t positive portion can only half to
the theorical maximum number of credits, so instead this uses u16_t and
do a bound check instead of checking for negative values.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
With the changes that introduced a queue k_sem is only used with
K_NO_WAIT which means it is no longer possible to wait/block for credits
so the usage of k_sem is no longer needed and can be safely replaced
with atomic_t just to count the available credits at a given instant.
Fixes#19922
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Make remote features and remote version accesible to the application
through the bt_conn_get_remote_info object. The host will auto initiate
the procedures. If the procedures have not finished with the application
calls bt_conn_get_remote_info then EBUSY will be returned.
The procedures should finish during the first 10 connection intervals.
Signed-off-by: Sverre Storvold <Sverre.Storvold@nordicsemi.no>
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Refactor the handling of the host auto initiated LL procedures.
This makes it easier to add new auto initiated procedures as well as
reduced the maintenance by reducing code duplication.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Always check that the length of the returned command complete
event for a vendor specific command matches the expected length
when the support for Zephyr VS HCI commands are uncertain.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix multiple issues related to the way the host handles
Identity Information related to privacy
1. If the controller provided a public address the IRK
for this identity would be randomly generated but not
stored persistenly.
2. Fix the handling of the above issue which was fixed
for the random address but would initiate settings save
ID on every boot.
3. Fix the host not using the Vendor Specific HCI commands
related to retrieving the Identity Root (IR) from the
controller and using the key diversified function d1
to generate an IRK as specified in the BT Core spec.
Make sure that a Host generated ID is only saved when it is first
generated.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The test_and_set_bit() should be checking if the flag was *not*
already set, since that's the scenario where we want to call the
status callback.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The ch pointer is the result of a CONTAINER_OF() operation, so
checking it for NULL is pointless. Additionally, there's no place that
calls this function with chan set to NULL.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Make the channel ops struct const since there really isn't anything
there that needs to change at runtime. The only exception is the L2CAP
shell which was playing with the recv callback, however that can be
fixed by introducing a simple bool variable.
With tests/bluetooth/shell this reduces RAM consumption by 112 bytes
while adding only 16 bytes to flash consumption.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This documents the special cases where -EAGAIN is returned which leads
the buffer to be queued.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Now that bt_l2cap_send_cb can fail the buffer state needs to be save
and restored otherwise the data stored on it would be lost.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This introduces BT_L2CAP_STATUS_SHUTDOWN which is used to indicate when
a channel has been shutdown.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This offloads the processing of tx_queue to a work so the callbacks
calling resume don't start sending packets directly which can cause
stack overflow.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Drop packets received while disconnecting since they would most likely
be flushed once peer respond there is no gain in keeping them on a
queue.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This prevents disconnect request packets to not being sent due to lack
of buffers normally caused by flooding or congestion.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
If NET_L2_BT is enabled we need enough acl_in_pool needs to be big
enough to contain a full IP packet since that is no longer processed by
RX thread buffer would be queued to syswq to reassemble the SDU.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When NET_L2_BT the memory pressure for fragments can be quite high
since that would be transfering IP packets which are considerable big
so this makes our frag_pool to be of the same size as NET_BUF_TX_COUNT.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This enable chaning the function and line number making it easier to
debug where a buffer allocation is blocking.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When a segment could not be allocated it should be possible to resume
sending it later once previous segments complete, the only exception is
when there is no previous activity and we are unable to alocate even the
very first segment which should indicate to the caller that it would
block since that only happens on syswq the caller might need to defer to
another thread or resubmit the work.
Fixes#20640
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
The whitelist API uses the controller directly through HCI commands.
Bluetooth device must have been initialized before sending HCI commands.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Handle invalid ACL flags in HCI transport.
Only Point to Point is supported over HCI in both directions.
Fix flushable start HCI ACL packets not allowed on LE-U connections
from Host to controller.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
In bt_l2cap_br_chan, rx.cid is the local cid and tx.cid is the
remote cid. According to Core-5.0 Vol3.Part A 4.6-4.7,
l2cap_br_remove_tx_cid should be searched using tx.cid
Signed-off-by: ZhongYao Luo <LuoZhongYao@gmail.com>
If the whitelist already exists in the controller then the controller
should not add the device tot the whitelist and should return success.
In that case the counting of entries in the whitelist in the host will
be wrong.
Remove all whitelist counting in the host, and instead rely on the error
reported by the controller for this.
The controller should return error if the whitelist is full.
The controller should return error if use of whitelist was requested but
the whitelist was empty.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Expose the bt_uuid_to_str function as an API to the application.
This aligns this function with the bt_addr_to_str function call. This
allows the application to use this function without having to enable
the BT_DEBUG option.
Move the in-place bt_uuid_str to internal logging, this is mainly done
due to the limitation in the log_strdup that shouldn't be exposed to the
application.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Bool symbols implicitly default to 'n'.
A 'default n' can make sense e.g. in a Kconfig.defconfig file, if you
want to override a 'default y' on the base definition of the symbol. It
isn't used like that on any of these symbols though.
Also replace some
config
prompt "foo"
bool/int
with the more common shorthand
config
bool/int "foo"
See the 'Style recommendations and shorthands' section in
https://docs.zephyrproject.org/latest/guides/kconfig/index.html.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Check that the bluetooth device has in fact been initialized before
continuing with public API calls. This could lead to crashes when using
state that has not yet been initialized.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When set, the BT_GATT_SUBSCRIBE_FLAG_NO_RESUB flag indicates that the
subscription should not be renewed when reconnecting with the server.
This is useful if the application layer knows that the GATT server
persists subscription information.
Signed-off-by: François Delawarde <fnde@oticon.com>
Added configuration for accepting pairing requests only if both devices
has bonding flag set in order to reject other devices at an early stage,
thus leaving more chance for devices expected to bond.
With the CONFIG_BT_BONDING_REQUIRED flag the device only accept pairing
requests if it has CONFIG_BT_BONMDABLE set and the device requesting
pairing has Bonding_Flags field set to Bonding (0x01) in its AuthReq.
Note: When using bt_set_bondable(false) pairing requests will be
rejected when CONFIG_BT_BONDING_REQUIRED is set.
Signed-off-by: Martin Rieva <mrrv@demant.com>
Fix issues that surfaced when trying out GCC 9.2, official release name
gcc-arm-none-eabi-9-2019-q4-major, both related to invalid pointers in
GATT when declaring UUIDs in if-scope.
1. Fix the discovery callback giving an invalid pointer in the discovery
callback in two instances.
2. Fix gatt_find_type sending invalid data during discovery procedure.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Send connection parameter update request only if it contains the valid
range of values for connection intervals, latency and timeout.
Signed-off-by: Kiran Paramaswaran <kipm@oticon.com>
Fix ATT MTU size of length variables resulting in wrong length values
reported to the user. Communicating with an Android device using an MTU
of 517 resulted in write commands reported as length 2 instead.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Since bt_conn_send_cb can fail to send buffer causing it to unref this
may cause buffer leaks as the caller is not aware of the error assuming
the buffer could be sent.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Processing of data received on dynamic channels is still done via syswq
so the buffer shall not be unrefed when they are queued.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Now that the TX callbacks happen from the system workqueue but fixed
channels get processed from the RX thread there's a risk that the
ordering of these gets messed up. This is particularly bad for ATT
when it's trying to enforce flow control.
To fix the issue store the completed TX packet information in a
per-connection list and process this list before processing any new
packets for the same connection. We still also schedule a workqueue
callback, which will simply do nothing for this list if bt_recv()
already took care of it.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This define is not of use anymore since there's a global net_buf user
data Kconfig variable and its definition already guarantees a
sufficient minimum for Bluetooth.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The "sent" tracking doesn't have to be a signed integer. Use a fixed
size so that the consumed size doesn't change between different
architectures. Use a u16_t since bigger sizes are needed and because
this is mapped to an int function return higher up in the stack.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fixed handling of HCI events in the HCI driver over RPMsg. Now,
the driver makes use of discardable buffer pool when allocating
memory for certain HCI event types (e.g. Advertising Report Event).
Applications that are flooded with Advertising Reports will run
much better after this change (e.g. Mesh applications).
Signed-off-by: Kamil Piszczek <Kamil.Piszczek@nordicsemi.no>
Now that the TX path and TX context (bt_conn_tx) has been redesigned
to free the contexts always in the system workqueue, it means the
system workqueue is the only context where their allocation may also
fail. This is particularly problematic with us having all L2CAP
channels (fixed & CoC alike) deferred to the system workqueue. It is
especially bad for fixed channels where being able to send responses
for SM, L2CAP signaling and ATT is critical to avoid timeouts for the
connection.
This patch moves the processing of all fixed L2CAP channels back to
the RX thread, thereby making it possible (and safe) to block while
waiting for a TX context to become available.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Now that we've removed the TX allocation dependency from the TX thread
we no longer have the need to do special-casing for the system
workqueue when allocating buffers. Instead, we do have to special-case
the system workqueue when allocating TX contexts since the system
workqueue is the only place where they get freed up.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This is a moderate redesign of the pending TX packet handling that
aims to eliminate potential deadlocks between the TX thread and the
system workqueue thread. The main changes are:
- TX context (bt_conn_tx) is allocated during buffer allocation, i.e.
not in the TX thread.
- We don't allocate a TX context unless there's an associated
callback. When there's no callback simple integer counters are used
for tracking.
- The TX thread is no longer responsible for TX callbacks or
scheduling of TX callbacks. Instead, the callbacks get directly
scheduled (k_work_submit) from the RX priority thread.
- CONFIG_BT_CONN_TX_MAX defaults to CONFIG_BT_L2CAP_TX_BUF_COUNT,
and in most cases wont need changing. The value now only indicates
how many pending packets with a callback are possible.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The `node` and `work` members are never used simultaneously.
Additionally k_work already has built-in support for being in a linked
list, however a union makes this change a bit cleaner.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
A recent patch increased struct cmd_data from 8 to 12 bytes, which is
more than the default user data for Bluetooth. We generally don't want
the core stack to require more than 8, so instead of increasing the
requirement, move the data out from the buffer into its own array with
the help of the net_buf_id() API.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fix race condition in bt_conn_create_le for the state of the scanner in
the Host. This leads to the host issuing a create connection command
without stopping the scanner first. This leads to command disallowed and
failing to establish connection. As well as inconsistent state in the
host which does not allow to stop the running scanner.
The race condition exists because the processing of le_adv_report
handler is done before the thread that called bt_conn_create_le was
woken up to continue after the command_complete event.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix command status for LE Command Param Update HCI command silently
dropped by the host without notifying the application that this command
has failed. This happens because the host does not wait for the command
status event to check the status code returned.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix deadlock in Bluetooth Host. Deadlock could happen from the SMP
callbacks when calling Bluetooth API functions. This is because the
callbacks was given directly from the HCI TX thread. If the calling
API function resulted in trying to send a new HCI command it would post
this HCI command to the HCI TX thread and then wait for command complete
event. This would result in the HCI TX thread blocked waiting for the
itself to process the command.
Example:
Calling bt_conn_le_conn_param_update from pairing_complete callback.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The HCI transport implemented by an application using the HCI raw
interface may have its own buffer headroom requirements. Currently the
available headroom gets completely determined by the selected HCI
driver. E.g. most of the time this is the native controller driver
which doesn't reserve any headroom at all.
To cover for the needs of HCI raw users, add a new Kconfig variable
for the apps to set to whatever they need. Correspondingly, use the
maximum of the HCI driver and HCI raw headroom requirements for the
buffer pool definitions and the headroom initializations.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fix GCC9 warning "warning: taking address of packed member of
'struct sc_data' may result in an unaligned pointer value"
Issue is that the on-air structure of sc_data was re-used for the gatt
service changed data.
Added build assert because data is stored in settings, so the structure
should be the same size to be compatible.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The BT_HCI_TX_STACK_SIZE is carefully calculated from other
options. When those options change, e.g. from a menuconfig update, it
is important that the stack size is re-calculated, but it is not when
there is a prompt.
Therefore, make the prompt conditional such that the previously set
value is only used when it has been explicitly configured to be so.
Now users can still change the value through menuconfig and prj.conf,
by also enabling <option>_WITH_PROMPT, but when the value is
calculated by the defaults, it will continue to be calculated by
defaults instead of inheriting the intial value.
This is AFAIK a novel approach, but testing has shown that it gives
the users the behaviour they want, at the cost of some boilerplate of
course. This pattern can be applied to other options if it proves to
work as intended.
Alternatively one could remove the prompt, but then it would no longer
be possible to override the value through menuconfig.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
The code was not properly taking into account CONFIG_BT_HCI_RESERVE,
which would cause buffer underruns for any HCI driver where this value
defaults to non-zero. Also, all the allocation functions use the same
pool, so we can map them simply to bt_buf_get_rx() instead of
repeating the same code.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
bt_conn_create_pdu_timeout() may return NULL if no buffer
is available, l2cap_chan_create_seg() does not check the
subsequent return value.
Fix possible null pointer dereference in l2cap_chan_create_seg()
and l2cap_chan_le_send().
Signed-off-by: Johann Fischer <j.fischer@phytec.de>
Move functions in order to avoid function prototype and use IS_ENABLED
instead of #if defined where possible.
Signed-off-by: François Delawarde <fnde@oticon.com>
This commits adds a BT_SETTINGS_CCC_LAZY_LOADING option to allow for
CCC settings to be loaded on demand when a peer device connects in
order to reduce memory usage.
Signed-off-by: François Delawarde <fnde@oticon.com>
Maintain Service Changed entry as long as the peer device is subscribed
to SC indications and bonded. This allows to save indication data for
disconnected peers peers when CCC settings are not available (loaded
on-demand).
Signed-off-by: François Delawarde <fnde@oticon.com>
This commit adds a string representation of the
nRF53 variant in bluetooth host.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Disallows all unauthenticated pairing attempts made by the
peer where an unauthenticated bond already exists.
This would enable cases where an attacker could copy the peer device
address to connect and start an unauthenticated pairing procedure
to replace the existing bond. Now in order to create a new bond the old
bond has to be explicitly deleted with bt_unpair.
Added option to disable this rule in order to maintain backwards
compatibility in case this behavior is accepted.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix missing log_strdup when loading bt/name setting. It should be done
on every string which is not in read only memory.
Signed-off-by: François Delawarde <fnde@oticon.com>
Reduces the severity of warnings that happen from normal behavior, or
can't be prevented by the user:
- "No ID address" in hci_core.c: Reduced to an informational warning, as
this will always output with the expected usage. This isn't useful
information for 99.9% of users, and pollutes the output of all samples
using the module.
- "Composition page %u not available" in cfg_srv.c: According to the
Mesh Profile Specification section 4.4.2.2.2, the client is expected
to send page=0xff. Reduced to a debug message.
- "Connectable advertising deferred" in proxy.c: Gets logged every 10
seconds when in a Mesh Proxy connection. This is not useful
information unless the user is debugging the proxy module. Reduced to
a debug message.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Use this short header style in all Kconfig files:
# <description>
# <copyright>
# <license>
...
Also change all <description>s from
# Kconfig[.extension] - Foo-related options
to just
# Foo-related options
It's clear enough that it's about Kconfig.
The <description> cleanup was done with this command, along with some
manual cleanup (big letter at the start, etc.)
git ls-files '*Kconfig*' | \
xargs sed -i -E '1 s/#\s*Kconfig[\w.-]*\s*-\s*/# /'
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
C++ does not allow chaining of data members when identifying the
designator. Since the generic structure has only one member remove
the designator from its internal initializer.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
Clean up space errors and use a consistent style throughout the Kconfig
files. This makes reading the Kconfig files more distraction-free, helps
with grepping, and encourages the same style getting copied around
everywhere (meaning another pass hopefully won't be needed).
Go for the most common style:
- Indent properties with a single tab, including for choices.
Properties on choices work exactly the same syntactically as
properties on symbols, so not sure how the no-indentation thing
happened.
- Indent help texts with a tab followed by two spaces
- Put a space between 'config' and the symbol name, not a tab. This
also helps when grepping for definitions.
- Do '# A comment' instead of '#A comment'
I tweaked Kconfiglib a bit to find most of the stuff.
Some help texts were reflowed to 79 columns with 'gq' in Vim as well,
though not all, because I was afraid I'd accidentally mess up
formatting.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
This commit adds an macro to allow UUID 128
to be written in more user-friendly form.
UUID in 128 bit form requires an array creation.
To complicate the whole thing - it requires the array to start from LSB,
so using the readable form, we have to write it down backwards.
Old way to declare example UUID 6E400001-B5A3-F393-E0A9-E50E24DCCA9E:
0x9E, 0xCA, 0xDC, 0x24, 0x0E, 0xE5, 0xA9, 0xE0,
0x93, 0xF3, 0xA3, 0xB5, 0x01, 0x00, 0x40, 0x6E
A form provided by this commit:
BT_UUID_128_ENCODE(0x6E400001, 0xB5A3, 0xF393, 0xE0A9, 0xE50E24DCCA9E)
Signed-off-by: Radoslaw Koppel <radoslaw.koppel@nordicsemi.no>
The CONFIG_* prefix was missing, making the #ifdef always false.
Found with a script (CONFIG_BT_SETTINGS_USE_PRINTK was unused).
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Fix GATT buffer leak when bt_att_send returns error the allocated
buffer is never freed. Discovered case where the link was disconnected
during the function call, so when GATT checkd the link was still
connected, but ATT checkd the link was disconnected.
Fixes: #19889
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Key overwrite feature allows to overwrite old pairing key
records when key storage is full and a new pairing request occurs,
or new keys are distributed. If enabled when key storage is full and
a keys storage slot is requested, the oldest keys added will be
removed. So new devices can be paired with no limitations and no need
to determine, which devices should be unpaired to free key storage
space explicitly in application. To enable the feature set
CONFIG_BT_KEYS_OVERWRITE_OLDEST=y.
Oldest keys are determined by minimum value of up-counting aging
counter. If you set CONFIG_BT_KEYS_SAVE_AGING_COUNTER_ON_PAIRING=y
aging counter values will be updated each time the secure connection
is established. This might increase flash wear out if at least two
secure connections are established and shut down periodically. When
the option disabled aging counter is still updated on each new secure
connection, but not stored to flash.
Signed-off-by: Sergiy Nikolayenko <sergiy_nikolayenko@jabil.com>
Remove the
# Omit prompt to signify a "hidden" option
comments that appear on some symbols. They seem to have been copy-pasted
at random, as there are lots of promptless symbols that don't have them
(that's confusing in itself, because it might give the idea that the
ones with comments are special in some way).
I suspect those comments wouldn't have helped me much if I didn't know
Kconfig either. There's a lot more Kconfig documentation now too, e.g.
https://docs.zephyrproject.org/latest/guides/kconfig/index.html.
Keep some comments that give more information than the symbol having no
prompt.
Also do some minor drive-by cleanup.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Add public API function to get the connection handle of the connection.
The connection handle is needed by applications that intend to send
vendor specific commands for a given connection.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix bug in bt_gatt_attr_next when given an attribute that has static
allocation. The handle is then 0 and the function would always return
the attribute with handle 1.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix compilation issue when wanting to use whitelist in bluetooth
applications that does not have CONFIG_BT_CENTRAL defined.
These functions are useful even for broadcaster and observer roles.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add public API function in GATT to check if a specific connection has
subscribed to the given attribute.
Without this function the application has to keep track of which
connections has subscribed using the callbacks from BT_GATT_CCC_MANAGED
since the cfg_changed callback of the CCC doesn't carry connection
context.
The other alternative is for the application to parse the information
in the struct _bt_gatt_ccc object. Although this object has structure
information available to the application the structure is marked as
internal, so the application shouldn't rely on this definition.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add support for persisted Service Changed data, to fix the case of a
paired device not reconnecting before a reboot and thus not receiving
SC indication. It also enables support for GATT database being changed
during a firmware update.
Move Service Changed data outside of the CCC struct and make it
persistent by adding support for a bt/sc/... setting.
Signed-off-by: François Delawarde <fnde@oticon.com>
The Service Changed characteristic support should also work when the
GATT database has been modified after reboot (firmware update scenario)
This commit introduces a BT_GATT_SERVICE_CHANGED config option that is
independent from BT_GATT_CACHING and BT_GATT_DYNAMIC_DB.
Signed-off-by: François Delawarde <fnde@oticon.com>
Fix bug in ATT reset handling, not releasing queued notification
buffers when the connection is terminated.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Handle case where:
- Peripheral sends security request after master has sent pairing
request or started encryption procedure.
This packet can be ignored, as long as the slave has not already
responded with pairing response.
- Central wants to start security after peripheral initiated security
request, return error code busy in this case
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Move initiating security functionality and LTK requesting into the SMP
module so that SMP can track when the connection is in the encryption
process
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Move the bt_smp_keys_check function above all usage of the function
in order to avoid prototype declaration when making the function static.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix calling bt_hex and bt_addr_le_str multiple times in the same logging
call could result in string overwritten since log_strdup is not
guaranteed to duplicate the string buffer in all logging configurations.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Calling indicate or notify on a disconnected connection object would
result in the error code ENOMEM when failing to acquire buffers instead
of the expected return code ENOTCONN.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Some modules use snprintk to format the settings keys. Unfortunately
snprintk is tied with printk which is very large for some embedded
systems.
To be able to have settings enabled without also enabling printk
support, change creation of settings key strings to use bin2hex, strlen
and strcpy instead.
A utility function to make decimal presentation of a byte value is
added as u8_to_dec in lib/os/dec.c
Add new Kconfig setting BT_SETTINGS_USE_PRINTK
Signed-off-by: Kim Sekkelund <ksek@oticon.com>
Enable possibility to configure time a slave will wait until
start of connection parameters update procedure after BT connection
is established.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
This moves check_perm code under GAT and make use of it to check if CCC
write permission can be attended by the connection security level or if
it needs to be increased.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds support to set different permissions to CCCD so security can
be checked when enabling notification which conforms to:
BLUETOOTH CORE SPECIFICATION Version 5.1 | Vol 3, Part G page 2360:
'3.3.3.3 Client Characteristic Configuration
Authentication and authorization may be required by the server to
write the configuration descriptor.'
In addition to that also ensure that notification are not re-enabled
until the proper security level is reached to conform to the following
statement:
'10.3.1.1 Handling of GATT indications and notifications
A client “requests” a server to send indications and notifications
by appropriately configuring the server via a Client Characteristic
Configuration Descriptor. Since the configuration is persistent
across a disconnection and reconnection, security requirements must
be checked against the configuration upon a reconnection before
sending indications or notifications. When a server reconnects to a
client to send an indication or notification for which security is
required, the server shall initiate or request encryption with the
client prior to sending an indication or notification. If the client
does not have an LTK indicating that the client has lost the bond,
enabling encryption will fail.'
Fixes#17983
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
CCC storaged is no longer declared separetly so check if ccc->cfg
matches with sc_ccc_cfg no longer works so instead use the cfg_changed
callback and match against sc_ccc_cfg_changed.
Fixes#19267
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This makes the identity initialization consistent and actually catches
a few branches where it may not have properly happened.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Make it possible to initiate new connections from within the
disconnect callback. This wasn't completely trivial since there was
connection cleanup done through deferred action using the CONN_CLEANUP
flag.
This patch moves the disconnected callbacks to be run after all
cleanup is done. We can't directly do this in the TX thread, since
that's internal, so we instead take advantage of the deferred work
support and do it using the update_work callback. Since the same
cleanup is needed also for BR/EDR connections the work definition is
moved from the LE-specific struct to the generic struct bt_conn.
A valid bt_conn object in disconnected state is a likely indication of
a connection reference leak, so there's a new BT_WARN() for this case
in bt_conn_create_le().
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Host shall ignore the unknown ATT PDU that has Command Flag set.
Fixes regression introduced in 3b271b8455.
Fixes: GATT/SR/UNS/BI-02-C
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Add iterator function to iterate over all connection objects.
Make type a bitmap so that it can be used as a bitmask to select which
conns to receive foreach callback.
Use foreach function internally where possible.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Made BT_HCI_TX_STACK_SIZE configurable and added BT_HCI_ECC_STACK_SIZE.
These changes are necessary to allow vendors to adjust for other
achitectures.
Signed-off-by: Morten Priess <mtpr@oticon.com>
Fix issue when checking if SMP pairing procedure is allowed to use the
SMP debug keys. This check did not consider the case where the keys
pointer was assigned, but did not contain a valid LTK key.
This resulted in being unable to pair with debug keys without an
existing bond.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The return code of set_random_address is not always handled. This could
lead to connection using the wrong Identity address.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add workaround for advertising data issue in the internal bluetooth
controller. The advertising data must be set after advertising
parameters in order to successfully update the advertising data after
an directed advertiser has been active.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Endianness bug fix in bt_uuid_create function.
Replaced bt_uuid_create_le with bt_uuid_create which
handles both UUID from air and internal varaiable.
Fixed bug with endianess in case of big endian targets.
Signed-off-by: Akshatha Harishchandra <akhr@oticon.com>
When an opcode doesn't have a handle that doesn't mean it is unknown
just that it will not be handle as it could have been disabled.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
SMP shall be considered internal TX notify callbacks so they are
allowed to be run from TX thread context like the others.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When CONFIG_BT_GATT_CLIENT is not set att_op_get_type would return
unkown operation instead of properly return the opcode.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Since bt_l2cap_create_pdu can return NULL when used under syswq context
the code should always check its result, this also changes the timeout
to have a specific value (RTX maximum timeout) so signalling PDUs still
wait for a buffer to become available.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
In certain cases there could be no buffer available which may lead to
NULL being returned by bt_l2cap_create_pdu so instead use
bt_l2cap_create_pdu_timeout to wait with a specific timeout.
Note that this should also ensure the SMP will not be waiting for a
buffer when the remote might have timed out already.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds bt_conn_create_pdu_timeout function which can be used
to provide a timeout when allocating a buffer.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Rename AUTHENTICATION, to AUTH, since this is a well established short
form of the word.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename bt_conn_security to bt_conn_set_security, this makes the API
naming more consistent.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename security level enum, using level and number instead of low,
medium, high and fips.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
A security vulnerability in the Bluetooth BR/EDR Bluetooth Core
specification versions 1.0 through 5.1 has been identified as
CVE-2019-9506. The Bluetooth BR/EDR encryption key negotiation
protocol is vulnerable to packet injection that could allow an
unauthenticated user to decrease the size of the entropy of the
encryption key, potentially causing information disclosure and/or
escalation of privileges via adjacent access. There is not currently
any knowledge of this being exploited.
From Core spec erratum 11838:
A device shall enforce an encryption key with at least 128-bit
equivalent strength for all services that require Security Mode 4,
Level 4. For all other services that require encryption, a device
should enforce an encryption key with at least 56-bit equivalent
strength, irrespective of whether the remote device supports Secure
Simple Pairing.
After encryption has been enabled, the Host should check the
encryption key size using either the HCI_Read_Encryption_Key_Size
command (see [Vol 2] Part E, Section 7.5.7) or a vendor-specific
method.
Fixes#18658
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
In case sufficient security level wasn't reached the error propagation
was missing, which could lead to incorrect state transitions when
update_sec_level_br() returns. Return true/false and make sure to
abort any further operations in case the update fails.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The storage for the public key is pub_key in hci_core.c.
When the public key event is generated the public key is copied into
this buffer, but the pointer to the event storage of the key is given
in the public key ready callback (bt_smp_pkey_ready).
SMP expects that it is safe to assign a global pointer to this variable.
In smp_init bt_pub_key_get is used to get the pointer to the public key.
In both cases SMP assigns the le_sc_pub_key to the pointer given.
This creates an issue when bt_smp_pkey_ready callback occurs after
smp_init during pairing procedure, SMP will then have a pointer to an
event buffer that has been released and contains invalid data.
Fixes: #18580
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Give the security changed callback when the peripheral initiated
security request and peer attempted to encrypt the connection but no LTK
match was found.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Make sure that a new pairing procedure with an existing bond does not
result in a security with weaker security properties.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add option to force the host to initiate pairing procedure even if the
host has encryption keys for the peer.
This option can be used to pair with a bonded peer that has deleted its
bonding information without deleting the keys. If new pairing results
in weaker keys the pairing will be aborted.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add security error to security_changed callback. Call this callback when
security has failed and provide current security level and error.
Reason for failure can be.
- Pairing procedure failed, pairing aborted before link encryption.
- Link encrypt procedure failed
- Link key refresh procedure failed.
Fix missing bt_conn_unref on encryption key refresh with error status.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Stop the pairing procedure in the request phase if no storage is
available for the keys. This avoids the pairing procedure from failing
during the key distribution phase.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Proved the Authentication callback for pairing failed and pairing
complete when BR/EDR SSP is complete.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Allow SMP debug keys to behave in the same way as normal keys, in order
to debug with encryption and Bluetooth sniffer the exact way it behaves
when not using debug keys.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This removes the necessity of registering the storage for CCC and make
it part of the declaration itself.
Fixes#18547
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds support to provide an UUID to bt_gatt_indicate so API user
don't need to hardcode the attribute offset by hand.
Fixes#18572
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This fixes the dead code when parsing Find Information response since
the index counter can never be zero, instead it checks there are any
attributes found and if there nothing don't proceed with discovering
which was the original intent of the now dead code.
Fixes#18384
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When the database changes and a client becomes change unware it should
also clear the out of sync flag as the following request should return
an error:
Core Spec 5.1 | Vol 3, Part G, 2.5.2.1 Robust Caching:
'The error response is sent only once after the client becomes
change-unaware, unless the client disconnects or the database changes
again before the client becomes change-aware in which case the error
response shall be sent again.'
Fixes: #18183
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This fixes the following crash:
ASSERTION FAIL [0] @ ZEPHYR_BASE/subsys/logging/log_core.c:180
argument 2 in log message "%s: Stored CCCs for %s (%s)"
missing log_strdup().
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fix issue unable to connect to bonded peer when host resolution is used
either because the controller does not support privacy, or the
controller resolving list was exceeded.
In this case we need to use the RPA from the advertising report
directly, there is a small chance of the peer cycling the RPA here, in
which case the connection might be unsuccessful.
Bug introduced here: 45da629b24Fixes: #18306
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The RPA timer should always be running, even with privacy supported by
the controller. In order to select an IRK to generate the private
the controller is instructed by provided an identity address.
If we want to advertise privately without providing an identity address
the host has to set the private address.
Fixes: #18150
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix missing interval min copy in bt_conn_set_param_le. Application is
unable to override BT_GAP_INIT_CONN_INT_MIN for interval_min.
Fixes: #17789
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This is safer now that bt_conn_create_pdu can return NULL when using
syswq which can prevent things like signalling of L2CAP and ATT layers.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Since TX complete notification are dispatched with syswq blocking on it
can completely deadlock Bluetooth so this attempt to make it safe by
return -ENOMEM if that the current thread happens to be the syswq
thread.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Add whitelist support in the bluetooth host.
Supported features:
- Advertising with whitelist on scan requests, connect request ,or both
- Scanning with whitelist
- Creating connections using a whitelist (Auto connection procedure).
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Allow Security level HIGH and FIPS to be initiated when we have received
OOB data for the remote device. The security property of MITM is allowed
if out of band authentication data is available.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Use the src and dst naming to refer to the identity addresses of the
connection. Keep the device addresses used during connections but rename
them to local and remote instead.
Update documentation to be more descriptive.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
subsys/bluetooth/host/Kconfig.gatt is already sourced within an
'if BT_CONN' in subsys/bluetooth/host/Kconfig.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
If no callback for oob data request is registered, or the user decided
to abort authentication during OOB data request, we should return the
error code for no OOB data available to indicate that the user does not
have the correct OOB, or no OOB interface at all.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix kernel crash if bluetooth authentication handlers has not been
registered. The bt_auth object is then NULL, this dereference caused a
call to an invalid function pointer.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fixed error 'The int symbol BT_DISCARDABLE_BUF_COUNT is being evaluated
in a logical context somewhere'.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
subsys/bluetooth/host/Kconfig.l2cap is already sourced within an
'if BT_CONN' in subsys/bluetooth/host/Kconfig, so BT_DEBUG_L2CAP does
not need a 'depends on BT_CONN'.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Find by type does only accept a UUID with the same length as the UUID
which is stored in the internal list. If a UUID is stored in the short
16 bit format then a request with 128 bit UUID will fail.
Add support for the missing formats.
Signed-off-by: Kim Sekkelund <ksek@oticon.com>
Fix an issue in the SMP identity distribution where the IRK for the
default identity was always distributed.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix bug introduced by: 45da629b24
Mistakenly set the own address type to the destination address type.
Also this uses the RPA_OR_RANDOM in case local IRKs exists in the
controller.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The init addr should contain the on-air address used to establish the
connection. The dst address contains either the current RPA of the
unknown peer, or the identity address after identity information has
been exchanged.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Error codes are listed in header files and in the core spec as hex
values. Always print them in hex in debug for easier error code
checking.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix an issue where the generated identity was not permanently stored.
This resulted in being unable to reconnect after bonding when using
privacy, since a new local IRK was generated on reboot.
When settings is enabled the application is responsible for loading
identities and possible creating its own identities.
When settings_load is called and no identities has been created or found
in persistent storage a new identity will be created.
Since bt init has not been finalized bt_id_create will not make a call
to bt_settings_save_id. So we need to make sure that this identity will
be stored.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Logging module requires strings to be duplicated using log_strdup.
Enabling CONFIG_BT_DEBUG_KEYS caused runtime assertions in the logging
module.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Core 5.1, Vol 3, Part F, 3.3.1
"Multi-octet fields within the GATT profile shall be sent least
significant octet first (little-endian) with the exception of the
Characteristic Value field. The Characteristic Value and any fields
within it shall be little-endian unless otherwise defined in the
specification which defines the characteristic."
Fixes: GATT/SR/GAS/BV-02-C
Fixes: #17857
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
The call to bt_conn_security will send a SMP security request for
peripheral, and for central it will initiate LL encryption.
A call to bt_conn_security with no IO capabilities but authenticated
keys has been distributed, would succeed on central side, but fail on
peripheral side with error code -22.
The keys could have been either:
- Preprogrammed
- IO capabilities may have changed.
- OOB bonding may been used.
Fix so that Peripheral can send a security request if the bond
information is already established.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The original creates a pointer to a compiler-generated temporary that is
destroyed when the scope is exited. The pointer is stored in a structure
defined in an enclosing scope and is invalid by the point it's used.
The fix holds the structure in a variable with the same lifetime as
the pointer.
Signed-off-by: Findlay Feng <i@fengch.me>
This introduces a new flag (BT_GATT_SUBSCRIBE_WRITE_PENDING) which is
set when a write operation requires canceling before the parameters can
be reused.
Fixes#17534
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds a dummy cancel request which is used instead of NULL when
clearing and outstanding request thus prevent new request to take
place before a response is received while allowing the original request
to be reused.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Set advertisers state flags so that previous advertise params does not
affect the current advertiser state.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename the controller Kconfig option BT_LL_SW to
BT_LL_SW_LEGACY in preparation towards switch to new Link
Layer implementation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Bluetooth address parsing has been duplicated across the different
sub-shell files. Also missing parsing of identity/resolved addresses.
Move parsing of string close to parsing to string for a symmetrical API
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Submit GATT database hash as a delayed work to prevent it being run
twice if we register dynamic services.
Signed-off-by: François Delawarde <fnde@oticon.com>
Having this option disabled, MITM flag state can be controlled by
bt_conn_security state. This option is enabled by default to not
change the current implementation behavior.
Related to SM/MAS/SCPK/BV-01-C.
Fixes#17463
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Handle optional argument UUID in bt_gatt_discover with type
DISCOVER_DESCRIPTOR, bt_uuid_cmp doesn't check for NULL pointer.
On system with MMU (nrf52_bsim) this can result in segfault.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
We've already got GATT services in subsys/bluetooth/services so
subsys/bluetooth/mesh is a more natural place. Aditionally this aims
to fix the Kconfig dependencies to be able to use mesh together with
BT_CUSTOM (i.e. a custom, potentially non-HCI, host stack).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Two sections are needed: bt_l2cap_fixed_chan and bt_l2cap_br_fixed_chan.
However the second one cannot be created using #define as the
preprocessor will expand it to the first before compilation happens,
sending bt_l2cap_br_fixed_chan instances in the wrong section.
This fixes commit 4e8ddfd640 ("Bluetooth: L2CAP: Make use of
Z_STRUCT_SECTION_ITERABLE").
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
Fix an issue in the gatt_register routine where removing a service and
adding it again would cause the database to have non-ascending
orderdered handles numbers and lead to an incomplete service discovery.
Fix: Go through the database and look for a place where to insert
the new service.
Signed-off-by: Arthur Crepin-Leblond <arthur.crepin@proglove.de>
Introduce a separate buffer pool for events which the HCI driver
considers discardable. Examples of such events could be e.g.
Advertising Reports. The benefit of having such a pool means that the
if there is a heavy inflow of such events it will not cause the
allocation for other critical events to block and may even eliminate
deadlocks in some cases.
Also update all mesh samples not to specify explicit RX buffer counts
anymore. Instead, create appropriate defaults in Kconfig so that we
only need to override this in the app for cases like the bbc:microbit
with limited memory.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This event is a priority one, so it's not safe to have it use the RX
buffer pool which may be depleted due to non-priority events (e.g.
advertising events). Since the event is consumed synchronously it's
safe to have a single-buffer pool for it. Also introduce a new
bt_buf_get_evt() API for HCI drivers to simplify the driver-side code,
this effectively also deprecates bt_buf_get_cmd_complete() which now
has no in-tree HCI driver users anymore.
Fixes#16864
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
move misc/stack.h to debug/stack.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move misc/util.h to sys/util.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move misc/slist.h to sys/slist.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move misc/printk.h to sys/printk.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move misc/byteorder.h to sys/byteorder.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move misc/__assert.h to sys/__assert.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move uart.h to drivers/uart.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move atomic.h to sys/atomic.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Log all send errors, but don't try to call e.g. prov_send_fail_msg()
since that'll almost certainly fail as well.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Mesh Profile Spec v1.0.1 | Section 5.4.2.3:
"The Provisioner and the device shall check whether the public key
provided by the peer device or obtained OOB is valid (see Section
5.4.3.1).
When the Provisioner receives an invalid public key, then provisioning
fails, and the Provisioner shall act as described in Section 5.4.4.
When the device receives an invalid public key, then provisioning
fails, and the device shall act as described in Section 5.4.4."
This is also in Erratum 10395 which is Mandatory for Mesh v1.0.
The code was already rejecting the key, however that rejection
happened only after we had already sent our public key as response,
which got interpreted as acceptance by the tester (PTS).
Fixes MESH/NODE/PROV/BI-13-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Mesh Profile Spec v1.0.1 Section 5.4.2.3: "If the public key was not
available using an OOB technology, then the public keys are exchanged
between the Provisioner and the unprovisioned device. For each
exchange, a new key pair shall be generated by the Provisioner and the
unprovisioned device."
This allows passing MESH/NODE/PROV/BV-12-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Clear the callback list once generation is complete and we've done
calling all callbacks. This lets us use bt_pub_key_gen() multiple
times, which before this patch could have resulted in a corrupt linked
list.
Also remove redundant callback dispatching from bt_pub_key_gen() since
the function checks for the PUB_KEY_BUSY flag in the beginning, i.e.
there cannot be other pending generation actions at this point in the
code.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Update code to handle other users of the public key generation APIs
by fetching the current public key at the beginning of each SMP
session. This is particularly important if someone creates the (rather
odd) combination of Mesh and SMP where Mesh will regenerate a new
key pair after provisioning.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Mismatch in Public Key type will cause device to send Invalid Format
error, and treat any further PDU's as unexpected.
This affects MESH/NODE/PROV/BI-03-C test case.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Provisioning errors shouldn't cause device to close link. Upon error,
device will send Provisioning Failed PDU, and any further PDU's will
be considered as unexpected as per Mesh Profile section 5.4.4.
Also a timer is started every time device sends or receives a PDU.
This affects MESH/NODE/PROV/BV-10-C test case.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Updated the bluetooth module to use static handlers. Removed the
old bt specific static registration.
The routine bt_settings_init() is still calling settings_init() which
IMO is not needed anymore.
Updates:
changed SETTINGS_REGISTER_STATIC() to SETTINGS_STATIC_HANDLER_DEFINE()
changed settings_handler_stat type to settings_handler_static type
removed NULL declarations
renamed bt_handler to bt_settingshandler, as bt_handler already exists.
renamed all bt_XXX_handler to bt_xxx_settingshandler to avoid any
overlap.
changed SETTINGS_STATIC_HANDLER_DEFINE() to create variable names from
_hname by just prepending them with settings_handler_.
updated all bt_xxx_settings_handler to just bt_xxx.
Signed-off-by: Laczen JMS <laczenjms@gmail.com>
The string returned by bt_uuid_str() is not in ROM so log_strdup()
must be used on it. This also eliminates the following kind of warning
messages: "<err> log: argument 3 in log message "%s: start_handle
0x%04x end_handle 0x%04x type %s" missing log_strdup()."
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Although the Characteristic Value descriptor is required to be
immediately after the characteristic descriptor, the specification
allows for gaps in the corresponding Attribute handles. Use the value
handle from the characteristic descriptor for value reads.
See BLUETOOTH CORE SPECIFICATION Version 5.1 Vol 3, Part G section 2.5.1
(p. 2345), first paragraph.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
Update the Replay Protection List handling for segmented messages to
be more in line with Figure 3.43 in Mesh Profile Specification 1.0.
This means that the RPL check and update need to be split into two
independent steps rather than always doing these together.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fix iterating past the response which causes an invalid memory to be
accessed and passed over to the callback as if there were more
attributes found.
Fixes#16602
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Found a few annoying typos and figured I better run script and
fix anything it can find, here are the results...
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
When advertising with different identities we need to flag any
programmed RPA as invalid if it was generated using a different
identity.
Fixes#16893
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This array was created because more than 4 bytes were needed, however
now the minimum is 8 bytes, so we can use the net_buf user data
directly.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This updates all client modules to const char processing of
setting names.
Update of peripheral_dis sample
Signed-off-by: Laczen JMS <laczenjms@gmail.com>
This makes it safe to allocate buffer from the TX callback by freeing
the context before calling the callback which should wake up the TX
thread had it be pending on add_pending_tx.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This API had several issues:
- The parameter types and order were inconsistent with e.g.
bt_le_adv_start()
- There were no real users of num_params, which just caused increased
code size and memory consumption for no good reason.
- The error handling policy was arbitrary: if one of the
notifications would fail it would be impossible for the caller to
know if some notifications succeeded, i.e. at what point the
failure happened. Some callers might also want to make note of the
failure but continue trying to notify for the remaining parameters.
The first issue is easily fixable, but because of the other two I
think it's best we don't have this code as part of the stack, rather
require whoever needs it to do the for loop themselves. It's just a
few lines of code, so the benefit of having this in the stack was
anyway quite minimal.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
k_sem_give shall only be used if no callback has been set otherwise
k_sem_take was not called which can break the flow control.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
For the request:
DCID shall map to rx.cid:
'This field specifies the endpoint of the channel to be disconnected
on the device receiving this request.'
SCID shall map to tx.cid:
'This field specifies the endpoint of the channel to be disconnected
on the device sending this request.'
For the response when receiving the roles are inverted.
Fixes#16799
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Number of matches was not being properly handled causing the callback to
be called more than specified by the caller.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Since the bt_mesh_msg_ctx struct no longer has a size that is a
multiple of 2, the bitfields might as well be made to normal types
as this will minimize the code generated to access them.
Signed-off-by: Tobias Svehagen <tobias.svehagen@gmail.com>
By moving the rssi value from the bt_mesh_net_rx struct to the
bt_mesh_msg_ctx struct, it will be available to applications via
the mesh op callbacks.
Signed-off-by: Tobias Svehagen <tobias.svehagen@gmail.com>
The attribute handle used to read next attribute has to be incremented
to not loop reading the same attribute.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
When trying to establish friendship the Friend must respond to the
initial Friend Poll with a Friend Update. If this initial Friend Update
response is not received the Friendship establishment process must start
again.
When starting a second Friendship establishment processes the `sent_req`
field of the `lpn` struct was left set to `TRANS_CTL_OP_FRIEND_POLL`.
This prevented the initial Friend Poll being sent out on the second
attempt. Since the Friend Poll was not sent, no timeout is set and
nothing happens ever again. No more Friendship Requests are sent.
This commit clears `sent_req` back to zero when no Friend Update
response has been received after the initial Friend Poll.
Fixes#16678
Signed-off-by: Rich Barlow <rich@bennellick.com>
Although unlikely it is possible that a remote may attempt to send just
1 byte as the write request allows to do that:
BLUETOOTH CORE SPECIFICATION Version 5.1 | Vol 3, Part F
page 2320:
'If the attribute value has a fixed length and the Attribute Value
parameter length is less than or equal to the length of the attribute
value, the octets of the attribute value parameter length shall be
written; all other octets in this attribute value shall be
unchanged.'
Fixes#16734
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This convenience macro wraps Z_DECL_ALIGN() and __in_section() to
simplify static definitions of structure instances gathered in dedicated
sections. Most of the time those go together, and the section name is
already closely related to the struct type, so abstracting things behind
a simpler interface reduces probability of mistakes and makes the code
clearer. A few input section names have been adjusted accordingly.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
The alignment fix on struct device definitions should be done to all
such linker list tricks. Let's abstract the declaration plus alignment
with a macro and apply it to all concerned cases.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
Per guidelines, all statements should have braces around them. We do not
have a CI check for this, so a few went in unnoticed.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
When reading attributes from static services their handles will not be
set and must be resolved at runtime.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fix gatt indicate when conn is NULL and called with characteristic
declaration as the attribute argument. In this case the handle was not
advanced to the characteristic value. This is inconsistent with the rest
of the notify and indicate API
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Mesh Profile 1.0 Section 6.6:
"The timeout for the SAR transfer is 20 seconds. When the timeout
expires, the Proxy Server shall disconnect."
This will let qualification test case MESH/SR/PROX/BV-05-C pass
without requiring an explicit disconnect.
Fixes#16600
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This moves the processing packets of upper layers from RX thread to the
system workqueue so they have the same priority as the TX callbacks
which has the added benefit of making any protocol on top of L2CAP to
be executed using system wq stack.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Disable flow control with POSIX_ARCH since these boards tend to run
faster than normal defering the TX callback to system wq may not be
able to run before another packet is received.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This makes the transmission complete callbacks to run on system wq
context so they are not executed in TX thread which usually has a much
smaller, and non-configurable, stack size.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This reworks bt_gatt_notify_cb to allow passing an UUID, in addition to
that it can now accept multiple notification at once as there could be
multiple instance of the same UUID the user can set multiple set of
parameters.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This make use of bt_gatt_foreach_attr_type to match the CCC UUID which
previously was not possible with bt_gatt_foreach_attr.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds bt_gatt_foreach_attr_type which can match attribute by UUID
and/or attribute user_data, in addition of that the user can also limit
the number of matches.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Implement HCI driver for STM32WB. It allows host to controller.
It is based on ST library allowing communication over RAM shared
bewteen chip's C-M4 and C-M0 cores.
Signed-off-by: Erwan Gouriou <erwan.gouriou@linaro.org>
When removing a service using bt_gatt_service_unregister, its attributes
handles will keep their value which can cause a problem when adding the
service again to the GATT database.
When re-adding, the gatt_register routine is taking the last handle of
the GATT database to compare it with the handles of the service to be
added.
If a service has handles with a lower value than the last handle of
the database an error will occur.
If we add/remove/add the last service, no error will occur as its
handles are always greater than the last one of the database.
Instead of resetting the handles when unregistering a service and
reassign new ones we make sure that the handles of the services are
not in use in the GATT database in order to place the service back
where it used to be.
Signed-off-by: Arthur Crepin-Leblond <arthur.crepin@proglove.de>
This adds a new callback for L2CAP channels which notities whenever
status has changed so the channel user can can for example resume or
suspend sending depending on the status.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
The Bluetooth menu has way too many option so this move the L2CAP
specific option to its own menu.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds a new callback to bt_l2cap_chan_ops which is called whenever a
SDU is completely sent.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This allows setting a custom pointer to be passed back to the complete
callback at expense of increasing the buffers in 4 bytes.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This changes the declaration of fixed channels to be statically defined
with use of BT_L2CAP_CHANNEL_DEFINE since fixed channels are never
unregistered.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Added support for the LE SC pairing with the OOB data. The peripheral
side is only supported for now.
Signed-off-by: Kamil Piszczek <Kamil.Piszczek@nordicsemi.no>
Add an event handler for HCI vendor-specific events with the
event code BT_HCI_EVT_VENDOR.
A vendor defined callback can be registered to be called when
vendor-Specific events are received in the stack. The callback can then
decode and handle the event; if not the stack will decode and handle
the event.
Signed-off-by: Thomas Ebert Hansen <thoh@oticon.com>
When using the procedure Read By Type the response may contain multiple
instances so it needs to be parsed properly. When dealing with long
values only the beggining will be read, for the remaining bytes the
application should issue another bt_gatt_read with offset so Read Blob
procedure is used as recommended by the spec:
BLUETOOTH CORE SPECIFICATION Version 5.1 | Vol 3, Part F page 2312:
The Read Blob Request would be used to read the remaining octets of a
long attribute value.
Fixes#16107
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
If the local node keeps getting bombarded with messages, it's possible
that the storage timer gets rescheduled over and over again and never
expires. Add the necessary code to only reschedule the timer if the
new deadline is earlier than an existing one.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The default values for the timeouts, as well as non-defaults in most
Mesh samples, use a higher value for the RPL than then generic mesh
storage timeout. This hasn't had any effect in practice since the code
only uses the RPL timeout if it is *smaller* than the generic one.
The original intention of the code was to use the RPL timeout,
regardless of what the generic one is, whenever the RPL is the only
thing that needs updating. Add some helper macros to track the various
groups of pending flags, and perform the appropriate checks to apply
the RPL timeout whenever it's smaller than the generic timeout, or if
there are no other items to store besides the RPL.
Fixes#15904
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fix calling bt_gatt_foreach_attr with start handle parameter set
to last static attribute handle.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
settings_read_cb is defined to return ssize_t and not size_t. This
also eliminates several Coverity warnings.
Fixes#15765Fixes#15768Fixes#15771Fixes#15774Fixes#15778
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This reintroduces support for static service in the form of a new API,
BT_GATT_SERVICE_DEFINE, and changes the internal services (GAP/GATT)
to be defined as const as they are never register/unregistered.
Internal service needed to be renamed in order to keep the same order
as before since the section elements are sorted by name.
The result is the following (make ram_report):
before:
gatt.c 572 0.66%
cf_cfg 32 0.04%
db 8 0.01%
db_hash 16 0.02%
db_hash_work 32 0.04%
gap_attrs 180 0.21%
gap_svc 12 0.01%
gatt_attrs 160 0.18%
gatt_sc 80 0.09%
gatt_svc 12 0.01%
sc_ccc_cfg 32 0.04%
subscriptions 8 0.01%
after:
gatt.c 210 0.24%
cf_cfg 32 0.04%
db 8 0.01%
db_hash 16 0.02%
db_hash_work 32 0.04%
gatt_sc 80 0.09%
last_static_handle 2 0.00%
sc_ccc_cfg 32 0.04%
subscriptions 8 0.01%
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Major changes are:
- Expose settings backend API to enable custom backend support.
- Add a new CONFIG_SETTINGS_CUSTOM backend to allow registering a custom
backend.
- Change api of the handlers h_set() routines to allow for
backend-specific read callbacks.
- Provide a customizable settings_backend_init() routine for custom
backends.
- Move runtime settings support to be its own backend.
Signed-off-by: François Delawarde <fnde@oticon.com>
Aligned format specifiers for the Bluetooth Host. Now, the format
specifier matches the variable type.
Signed-off-by: Kamil Piszczek <Kamil.Piszczek@nordicsemi.no>
This patch adds support for Read Using Characteristic UUID which is one
of the procedure to read the characteristic value especially when the
client only knows the characteristic UUID and does not know the handle
of the characteristic.
Signed-off-by: Tedd Ho-Jeong An <tedd.an@intel.com>
General MIC fix for AAD lengths up to 14 bytes.
This case doesn't concern the mesh stack because it uses 16 bytes.
Signed-off-by: Reham Tarek <reham.tarek@si-vision.com>
This stores the database hash and check if it has changed on commit
skipping service changed if hash matches.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Custom handlers without any arguments don't since there is a check for
argc > 1, to fix this behavior removing the check.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
If handle is over the range end return since handles are always placed
in ascending order.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This reduces bt_gatt_foreach_attr complexity (O(n)) so it can skip
ahead when the start handle is not within its service handles.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
It may be very important information for the developer if scanning
fails to start or stop, so add proper logs. There's no need to log
EALREADY errors, since the mesh stack doesn't track the current scan
state and simply relies on the under lying GAP layer to return this
error if the desired state is already set.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
bt_gatt_connected should be only called, when there is no
connection error. Change fixes problem with receiving notifications
before connection.
Signed-off-by: Marek Pieta <Marek.Pieta@nordicsemi.no>
The commit 8d0ef1eb85 attempted to fix
test case MESH/SR/HM/CFS/BV-02-C, however inadvertently ended up
introducing a hidden bug. This bug was unearthed thanks to commit
686f5c79cf. We have to keep always track
of the FastPeriodDivisor state whether we're using it (faults > 0) or
not (faults == 0). Introduce a boolean field to the model publication
that's used to indicate whether the FastPeriodDivisor should be
applied or not, instead of zeroing the divisor when there are no
faults (this would cause wrong behavior when faults appear again).
Additionally, the PTS seems to require that we wait until the end of
the existing period before sending the next Health Current Status,
rather than sending it immediately when the fault count changes.
Fixes#15365
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Implement the Controller counterpart to CONFIG_BT_WAIT_NOP so that it
issues a NOP Command Complete event after booting up, to signal to the
Host that it is ready to receive HCI traffic.
Fixes#15333
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
When a device is considered unpaired any configuration set in Client
Features shall also be removed.
Fixes#15329
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When calling bt_unpair() the keys were removed from flash, however a
pointer was left to the invalidated keys in case there was an existing
connection. This would then lead to a bogus entry being stored in
flash for a zero-address peer device. Fix this issue by clearing the
conn->le.keys pointer in the bt_unpair() function.
Fixes#15325
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The bt_mesh_fault_update() API is meant for updating the publication
message and sending it out to the network, however it was missing the
necessary call to health_pub_update() which is responsible for
updating the publication message.
Fixes#15300
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Persistent storage is done. So are the configuration and health
clients. We're also not actively looking to optimize the provisioning
protocol & mesh networking memory usage anymore.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Update the files which contain no license information with the
'Apache-2.0' SPDX license identifier. Many source files in the tree are
missing licensing information, which makes it harder for compliance
tools to determine the correct license.
By default all files without license information are under the default
license of Zephyr, which is Apache version 2.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Rename reserved function names in the subsys/ subdirectory except
for static _mod_pub_set and _mod_unbind functions in bluetooth mesh
cfg_srv.c which clash with the similarly named global functions.
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
Rename reserved function names in drivers/ subdirectory. Update
function macros concatenatenating function names with '##'. As
there is a conflict between the existing gpio_sch_manage_callback()
and _gpio_sch_manage_callback() names, leave the latter unmodified.
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
The spec allows to set to no specific value with use of 0xffff.
As this still enables entering values in the invalid range, 3200-65535
for min/max interval, this adds the necessary build checks to prevent
values within this range to be used and at same time check if min
interval is not bigger that max interval.
Fixes#15017
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
In order to advertise directed to a privacy enabled central the
initiator field of the directed adv packet needs to set to an RPA.
To instruct the controller to use an RPA in the initiator field own
address type should be set to either 0x02 or 0x03.
Since it is not certain that a remote device supports address resolution
of the initiator address we add an option to turn this on and give the
application the responsibility to check if peer supports this.
Fixes#14743
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
In order to accept string of the same size entered in
CONFIG_BT_DEVICE_NAME_MAX an extra byte must be allocated to guarantee
it will always be NULL terminated.
Fixes#15067
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
There's no need to track this info in prov.c since hci_core.c is
already doing it. Just query hci_core.c always using the
bt_pub_key_get() API.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
If PB-GATT is disabled while there are connected clients, those
clients must be disconnected. Add a 'disconnect` parameter to
bt_mesh_proxy_prov_disable() to handle scenarios when we don't want to
disconnect (e.g. right after successfully finishing provisioning) and
tose where we do want to disconnect (e.g. user requesting to disable
the provisioning bearer).
Also make sure that we always update advertising, so that a stale
advertising set isn't left in the controller.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
If both PB-ADV and PB-GATT are supported, we need to properly
re-initialize variables such as link.rx.prev_id and (particularly
importantly) link.rx.buf. If we don't do this it may lead to the
following fault when trying to reprovision again:
***** USAGE FAULT *****
Illegal use of the EPSR
***** Hardware exception *****
Current thread ID = 0x20001f10
Faulting instruction address = 0x0
Fatal fault in thread 0x20001f10! Aborting.
Fixes#14928
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Remove unnecessary const keywords (the entire struct is const) and use
bool instead of u8_t for the require_link member.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Using settings_delete() makes it much easier to understand what the
code is doing, and actually also reduces the amount of code.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add error checking, remove redundant code, and improve the logging for
settings related functionality.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The read() callback of attributes returns ssize_t and not size_t. Fix
this, which also fixes a Coverity warning.
Fixes Coverity CID 197457
Fixes#14958
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The convention in the code is to use the appropriate address copying
functions instead of direct assignments. Even when a specific copying
function doesn't exist the convention is to use memcpy.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Updating the Resolvable Private Address when advertising and
active scanning in progress fails and clears the RPA_VALID
flag; making the next bt_le_scan_start while continuing to
advertise to fail.
This is fixed by keeping the RPA_VALID flag remain set.
Stopping and starting active scanning to update RPA can be
implemented in a separate commit.
Fixes#9463.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
With BT_HOST_CRYPTO, advertising stack size could be overflowed,
increase size to 1024 when BT_HOST_CRYPTO is enabled.
Signed-off-by: Erwan Gouriou <erwan.gouriou@linaro.org>
Several public APIs were not checking the BT_DEV_READY flag, which
could lead to hard-to-debug behavior, particularly when the stack
lacks an identity address. Add the appropriate checks to these APIs.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The treatment of the BT_DEV_READY flag was broken when used together
with BT_SETTINGS. The flag would get set even though the stack was
still in a partially initialized state. Even worse, for central role
the stack would potentially try to initiate passive scanning without
having an identity address.
Refactor the code that sets the BT_DEV_READY flag (among other
initialization) into a separate bt_finalize_init() helper function and
call it when the settings have been loaded. Also clarify the warning
message given to the user in case settings_load() needs to be called.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The code for clearing model bindings and subscriptions was flawed in
that proper "cleared" entries were never stored in settings. The code
must pass 0 and NULL to settings_save_one() in case the entry is
desired to be cleared.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The code was storing a "cleared" entry in storage for every model,
regardless of them having any subscriptions or not. Update hte
mod_sub_list_clear() function to return a "cleared entries" count so
that the calling code can decide whether any action is needed or not.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Remove redundant "val (null)" logs and add a few missing BT_DBG()
calls to make the tracing of storage handling easier.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The le_conn_param_req() function was missing a return statement in
case of a failed connection lookup. This could lead to replying to the
connection parameter request twice as well as passing NULL to
bt_conn_unref(). The latter issue also triggered a Coverity warning.
Fixes CID 196638
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There's a BT_DBG that will output the value of pub_addr before its ever
set to anything. Remove output of pub_addr from BT_DBG().
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This adds BT_GATT_DISCOVER_ATTRIBUTE which can be used to discover any
type of attribute in a given range.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Those are not considered Descriptors and shall be discovered with
use of BT_GATT_DISCOVER_CHARACTERISTIC.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When discovering descriptor Find Information procedure is used which
does not allow any filtering by the server so it will return all
attributes in the given range including services and characteristics.
Fixes#14265
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
By specifying the controller directly when selecting the default
BT_HCI_TX_STACK_SIZE, an external controller may rely on the final
default value when none of the in-tree controllers are used.
The value is increased to 1024 to accomodate the current worst-case
stack size.
Signed-off-by: Thomas Stenersen <thomas.stenersen@nordicsemi.no>
Update reserved function names starting with one underscore, replacing
them as follows:
'_k_' with 'z_'
'_K_' with 'Z_'
'_handler_' with 'z_handl_'
'_Cstart' with 'z_cstart'
'_Swap' with 'z_swap'
This renaming is done on both global and those static function names
in kernel/include and include/. Other static function names in kernel/
are renamed by removing the leading underscore. Other function names
not starting with any prefix listed above are renamed starting with
a 'z_' or 'Z_' prefix.
Function names starting with two or three leading underscores are not
automatcally renamed since these names will collide with the variants
with two or three leading underscores.
Various generator scripts have also been updated as well as perf,
linker and usb files. These are
drivers/serial/uart_handlers.c
include/linker/kobject-text.ld
kernel/include/syscall_handler.h
scripts/gen_kobject_list.py
scripts/gen_syscall_header.py
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
subsys/bluetooth/common/Kconfig and subsys/bluetooth/host/Kconfig are
'source'd within 'if BT' and 'if BT_HCI', in subsys/bluetooth/Kconfig,
so there's no need to add those dependencies within them.
'if FOO' is just shorthand for adding 'depends on FOO' to each item
within the 'if'. Dependencies on menus work similarly. There are no
"conditional includes" in Kconfig, so 'if FOO' has no special meaning
around a source. Conditional includes wouldn't be possible, because an
if condition could include (directly or indirectly) forward references
to symbols not defined yet.
Tip: When adding a symbol, check its dependencies in the menuconfig
('ninja menuconfig', then / to jump to the symbol). The menuconfig also
shows how the file with the symbol got included, so if you see
duplicated dependencies, it's easy to hunt down where they come from.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
CCC cfg value was not being cleared on disconnection of a non bonded
peer if another peer was connected, had non zero value and occurred
earlier in the ccc cfg array.
Signed-off-by: Nick Ward <nick.ward@setec.com.au>
This makes use of BT_GATT_CCC_MANAGED so instead of having a custom
attribute which is not managed by stack.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This consolidates code for finding a CCC config in a helper function
thus reducing the amount of duplicated code.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds another helper macro called BT_GATT_CCC_MANAGED which can be
used to set 2 new callbacks:
- cfg_write: Which application can set if it wants to manage writes to
CCC configuration.
- cfg_match: Which application can set if it wants to manage matching
CCC configuration when notifying/indicating.
BT_GATT_CCC_MANAGED retains the ability of saving peer configuration
on storage making it useful for clients which are only interrested in
managing the CCC configuration but not the storage itself.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Some more were added since the cleanup pass in June 2018. See e.g.
commit 2d50da70a1 ("drivers: ipm: Kconfig: Remove redundant 'default n'
properties") for a motivation. It also avoids people wondering whether
or not they need to put in 'default n'.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Prevent temporary strings from being printed incorrectly if they go out
of scope before being processed by logger.
Signed-off-by: Filip Kubicz <filip.kubicz@nordicsemi.no>
The bt_settings_encode_key() cannot know if the given path pointer is
on the stack or not, so the only safe way to pass it to the logger is
by using a log_strdup() call. Not doing this will likely cause
corrupted strings to show up in the log output.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
It is planned to deprecate SHELL_CREATE_STATIC_SUBCMD_SET macro
which is replaced by SHELL_STATIC_SUBCMD_SET_CREATE.
Additionally, removed irrelevant comments about alphabetical
ordering which is no longer needed.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Changed the order of Bluetooth callbacks. Now the connected callback is
received before CCC changed callbacks.
Signed-off-by: Kamil Piszczek <Kamil.Piszczek@nordicsemi.no>
In certain configurations, such as with MPU support enabled, the
consumption of the advertising thread has gone slightly up. In some
case it was seen to overflow by some 48 bytes. Let it always be 786,
like it was so far with CONFIG_BT_HOST_CRYPTO.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There are issues using lowercase min and max macros when compiling a C++
application with a third-party toolchain such as GNU ARM Embedded when
using some STL headers i.e. <chrono>.
This is because there are actual C++ functions called min and max
defined in some of the STL headers and these macros interfere with them.
By changing the macros to UPPERCASE, which is consistent with almost all
other pre-processor macros this naming conflict is avoided.
All files that use these macros have been updated.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
This adds BT_GATT_ENFORCE_CHANGE_UNAWARE option which when enable
returns -EAGAIN when notifying or indicating if the client is
change-unware to conform with following statement on the spec:
'BLUETOOTH CORE SPECIFICATION Version 5.1 | Vol 3, Part G page 2350:
Except for the Handle Value indication, the server shall not send
notifications and indications to such a client until it becomes
change-aware.'
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
