Missing copy net_idx to ctx, this cause tx subnet not found
or different with rx subnet, when rx subnet net_idx not zero.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Nothing in the API description the delayed work structure sanctions
direct reference to internal fields. Do not assume that a delayed
work item can be submitted without delay by invoking k_work_submit()
with a reference to the contained work item. Instead submit with the
delayed API and no wait.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
Wrong use of function `find_msb_set(~link.rx.seg)`,
uint8_t type is implicitly converted to uint32_t.
As a result, it always returns 32 instead of the
expected value, resulting in abnormal processing
of prov segment.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
The structure pointer was wrongly cleared before,
`bearer` and `role` in `bt_mesh_prov_link` structure
resulting in illegal pointer access.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
When kr phase to `BT_MESH_KEY_REVOKED`, should also call beacon
authentication, since beacon flag has change(0x01-->0x00).
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Fix use of deprecated scan parameter filter_dup.
Should have been changed to options as part of:
be57dfbe2a
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Adds check for TTL max in the transport send functions, and moves
setting of default TTL to transport.
Fixes#29855.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Moves mesh feature configuration to a separate module, deprecating the
bt_mesh_cfg_srv structure. The initial values for the features should
now be enabled through KConfig, where new config entries have been added
for each feature.
This removes the upward dependency on the config server from the core
stack, and makes the config server a pure frontend for the configuration
states, as all spec mandated behavior around the feature states is now
encapsulated.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Encapsulates the Heartbeat state and functionality in a separate
heartbeat module, removing all manipulation of the heartbeat state from
the transport and config server modules.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
The decision to set aszmic = 1 in the net_tx structure was made after
the variable was passed to the crypto context, creating a discrepancy
between the two when aszmic is 1.
Extracts transport encryption to a separate function.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Only set friend_cred to true when friendship established and
use friend cred security material decryption successfully.
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Fixes bug where applications that disable model extensions end up in an
infinite loop, and adds support for walking model subtrees, as opposed
to forcing root to be unextended.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
`bt_mesh_model_tree_walk()` was too simplistic and did not track visited
nodes which caused it to fall into infinite loop. Moreover the double
next jump could skip a level causing depth value to be invalid.
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
../zephyrNew/subsys/bluetooth/mesh/prov.c: In function
'bt_mesh_prov_reset_state': ../zephyrNew/subsys/bluetooth/mesh
/prov.c:61:2⚠️ '__builtin_memset' offset [52, 292] from
the object at 'bt_mesh_prov_link' is out of the bounds of referenced
subobject 'dhkey' with type 'uint8_t[32]' {aka 'unsigned char[32]'}
at offset 19 [-Warray-bounds] 61 | memset(&bt_mesh_prov_link.dhkey, 0,
Fixes: #29634
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Moves the virtual address labels to the transport layer, disconnecting
them from the configuration server.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
If low power node publish with unicast address other
than friend address, the friend node should relayed
this message to all network interface.
When Proxy feature enabled, message from gatt bearer should
relay to adv bearer even relay feature disabled.
Fixes: #29544
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Currently all provisioning procedure into common source
files call `prov.c`, that will not compile separately.
Add `BT_MESH_NODE` to control whether nodes are supported
and device provisioning is supported, this will be used in
provisioner role.
Add more provisioner OOB authentication method.
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Add Queue Size and Receive Window information to lpn
callback function to notify upper layer to determine
currently friend node information, which may be used
in future.
Add Callback structure to notification application which friendship
has been changed.
Add function `bt_mesh_friend_terminate` let's app layer determine
terminate friendship manually.
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
This is a major refactoring of the handling of the cryptographic
material of both the network and transport layers. The aim is to
encapsulate the key object manipulation, and improve overall modularity.
Pulls Applications and Subnets out of the bt_mesh and into separate
modules, with static storage types on the data. This has several
side-effects:
- The Config Server no longer operates directly on the bt_mesh.subs and
bt_mesh.apps lists, but goes through a public configuration interface,
following the pattern set in #27908.
- All iteration through the keys is done through iteration APIs
- Key resolution on RX and TX is centralized.
- Changes to the keys triggers events the other modules can register
handlers for.
- Friendship credentials are stored in the lpn and friend structures.
Part of #27842.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
According Mesh Spec 1.0.1 Section 7.2.2.2.1 Advertising
A node that does not support the Proxy feature or has the Proxy
feature disabled shall not advertise with Network ID.
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Adds check for provisioning random values that are identical to our own,
and terminates the provisioning procedure.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
According Mesh Profile Spec 5.4.2.4 Authentication, if device
use Input OOB Authentication method, should send input complete
pub after local public key has been acked.
`bt_mesh_input_string` or `bt_mesh_input_number` directly send
`input_complete`, however does not check whether the pub key has
been sent.
Mesh Provisioning timeout set to `60` seconds, so even this
probability is extremely low, it does not mean that there is no
such probability.
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Replaces the current zero length array for provisioner data with
ifdefs, to silence new gcc 10 warnings about array element access.
Fixes#28371.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Fixes a memory leak when a virtual address subscription is added for a
model that either has this VA already, or the model has no more space
for subscription addresses.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Those APIs are used for deleting appkey, unbinding an application
from SIG model, unbinding an application from vendor model on the
target node, with matching shell command.
Signed-off-by: YanBiao Hao <haoyanbiao@126.com>
Many #ifdefs can be removed, but the UNPROV_BEACON_INT Kconfig
variable needs to be also made available also. This is done by making
its prompt (user selectability) optional rather than the option
itself. This approach is fine for "parameter style" options, but
should probably not be used for feature enabling options.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Adds a Config Client API for deleting netkeys on the target node, with
matching shell command.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Changes the local network interface to exclusively handle packets for
the local interface, duplicating the buffers in the process.
The loopback mechanism now operates its own packet pool for the local
interface queue. The loopback is moved ahead of encryption, allowing the
local interface packets to go back up the stack without network crypto,
saving a full round of encrypt/decrypt for self-send.
Packets for group addresses the local node subscribes to are now
duplicated, with one unencrypted variant going into the network
queue, and the network bound packets following the regular path to the
advertiser.
Introduces one new configuration for setting the number of loopback
buffers.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
-Wimplicit-fallthrough=2 requires a fallthrough comment or a compiler
to tells gcc that this happens intentionally.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Starts the periodic heartbeat publish period at the end of the
publication, instead of at the ordering time. This ensures that the
heartbeat period doesn't get shortened by other enqueued messages.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
When performing node reset over a proxy connection, the disconnection is
asynchronous, and will finish after the reset callback goes to the
application. If the application restarts provisioning in this callback,
the disconnected-event is triggered after PB GATT is reactivated, and
this error is printed without any faults actually occurring.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Adds a high-level documentation page for the Bluetooth Mesh Shell
subsystem, documenting all available commands and their parameters.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Resolves a corner case where the segmented sending would be rescheduled
before the segments were done sending. This would happen if the
processing of each segment took longer than the retry delay. The
consequence of this was that some segments were resent multiple times at
the cost of other segments, occasionally causing a loss of transfers.
Rearranges, realigns and documents seg_tx structure bitfields in
transport.c. Removes bitwidth of counter fields, and collecting all flag
fields into one byte.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Adds idle wait callback to proxy by counting the number of pending
notifications.
Ensures that all connected nodes have received messages before resetting
the mesh stack.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Reverse the order of these checks because invalid PDU type will
never be expected. If PDU type is invalid we should respond with
error 0x0002 - Invalid format.
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
Friend Request is also transmitted over local queue and
if both Friend and LPN features are enabled then we would
try to establish friendship with ourselves.
Fixes MESH/NODE/FRND/LPN testcases.
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
The hardcoded value was arbitrary and interfered with message cache
mechanism causing invalid behavior and PTS test to fail.
Fixes MESH/NODE/RLY/BV-02-C.
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
According to Mesh Profile Test Specification we should still
relay messages with DST address that is RFU.
Fixes MESH/NODE/RLY/BV-01-C.
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
Key refresh procedure was ignored on non-primary subnet.
Mesh Profile Specification v1.0.1:
3.10.4 Key Refresh procedure
"This procedure is used when the security of one or more network
keys and/or one or more of the application keys has been compromised
or could be compromised."
"It is possible to update each NetKey independently of all other
NetKeys. A Key Refresh procedure for one NetKey can be in a different
phase to another Key Refresh procedure for other NetKeys."
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
Reset provisioning bearers when bt_mesh_reset() is called. Accept
another provisioning attempt after link close.
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
This value was used quite often in the file so adding a
descriptive name should improve readability.
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
The comparison of a current tx link transaction id caused
us to not send ack and in effect fail provisioning.
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
Removes the memset of the prov_bearer_cb in PB-GATT during resets. This
allows the provisioning link to disconnect and reconnect again without
having to call pb_gatt_open.
Fixes#26343.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
The frnd->last buffer can potentially be NULL if friend_clear is called
after the adv.c buf->busy check, but before the adv_start callback.
The current design is based on the adv.c thread being cooperative, and
therefore not yielding between the busy check and the adv_start
callback, but as the bt_le_adv_start call has to acquire a semaphore,
there's a possibility for friend_clear being called inbetween.
Fixes#26177.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Previous mode store function only can store single data,
change this to store as KV model, let's app-layer to manager
model data, other than by stack when node reset.
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Adds propagation of error returns from the model init callbacks in
Access, and removing any other checks for successful init in the
foundation models.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
CC: mesh/access.c
mesh/access.c: In function 'model_has_dst':
mesh/access.c:483:10:
warning: returning 'u16_t *' {aka 'short unsigned int *'} from
a function with return type '_Bool8' {aka 'unsigned char'} makes
integer from pointer without a cast [-Wint-conversion]
483 | return bt_mesh_model_find_group(&mod, dst);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: chao an <anchao@xiaomi.com>
The transport segmented TX nack and seg_pending fields must be at least
6 bits to avoid overflow for 32 segment messages. This change rearranges
the seg_tx fields to gather all state flag fields in one byte, while
making the counter fields whole bytes.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Increases the transport segmentented tx seg_o counter to 6 bits to avoid
overflow when sending 32 segments. The check in the send loop would
previously never be false, which causes segments to repeat
unnecessarily.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Fixes bug where the transport segmented tx would decrement the attempt
counter every time it ran out of buffers. If transport ran out of
buffers 4 times before the sending could complete, the transfer would
end prematurely.
Moves the attempt decrement to only execute when all segments have been
sent.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Ensures that friend messages are enqueued, even if the packet is
received with an appkey is unknown to the friend. Previously, sdu_recv
would return EINVAL if the appkey was unknown, which would prevent the
lower transport layer from adding the packet to the friend queue. This
is irrelevant for the logic in lower transport, and should not be
returned as an error.
Fixes#24014.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Convert bluetooth mesh to using k_timeout struct. Many of the mesh
modules uses timeout calculations, so it is most practical to keep
the s32_t type and only initialize a k_timeout_t struct when
calling the kernel.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove logging of individual threads spread out throughout the
bluetooth subsystem. The stacks can be analysed by enabling the
following options.
CONFIG_THREAD_ANALYZER=y
CONFIG_THREAD_ANALYZER_AUTO=y
CONFIG_THREAD_ANALYZER_RUN_UNLOCKED=y
Optional:
CONFIG_THREAD_NAME=y
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
According Mesh Profile 1.0.1. A application key shall
binding single network key. And Device key shall bind all
network key, and dev key only known by cfg_cli and node self,
only used by cfg_cli & cfg_srv.
Fixes: #21088
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Fixes bug where the config client's net_key_status handler would attempt
to pull two key indexes from a message which only holds one.
Fixes#24601.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
After #22013, bt_le_adv_param got additional fields which were passed to
the bluetooth API uninitialized in the BT Mesh module. This
zero-initializes the entire structure in all usages to avoid passing
uninitialized data now and in the future.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Add option for low power node automatically subscribe
all-nodes-address to friend sub list.
Fixes: #24009
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Makes a common link_closed function for PB-GATT, getting rid of a bug
where cb_data is reset before the link closed callback. Also ensures
that the link close and reset order is the same in both scenarios.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
When PB-GATT Procedure timeout, func `bt_mesh_pb_gatt_close`
will also dumplicated with `link_closed()`
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Fix seg_tx occupy when no segment not send
and allocate rx_seg when receive such message.
Fixes: #24101
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Fixed overflow risk when `poll_timeout` is 1s,
although it is not recommended to use it like this,
when it is used like this, `POLL_TIMEOUT_MAX`
will overflow.
When the poll timeout set like above, the default `6`
req_attemps for first pull request lost,
may cause this procedure bigger than poll_timeout,
Well, stop scanning when lpn terminated friendship,
this will save lots of energy, when lpn mode enable,
the scanning will be start after `FRIEND_REQ_RETRY_TIMEOUT`
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Run the int_literal_to_timeout Coccinelle script to fix places where
it is clear that an integer duration is being passed where a timeout
value is required.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
The publication context is checked for NULL in bt_mesh_model_publish()
however it was dereferenced before that. Move the assignment to
ctx.send_rel to the same place where other ctx members are set.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Deprecate BT_LE_ADV defines in hci.h that are expected to be used by the
application in the scan received callback to identify the advertising
PDU type. These defines are mixing HCI input parameters and advertising
PDU types. Internally it is acceptable to mix these, but at the API we
should to mix in them.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename filter_dup parameters used for scanning filter options to the
more generic name options, and make scan filter options follow same
naming patters as advertising and initiator scan options.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Splits PB-ADV and PB-GATT into separate modules with a common interface
to modularize prov.c.
Additional trivial fixes from testing:
- Reduces warnings for normal occurances like repeated packets.
- Makes link ack a non-reliable packet to prevent it from being repeated
until prov invite.
- Provisioner does not send link fail, but closes the link (as per spec
section 5.4.4). This prevents lingering zombie links on both sides.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Allocates segmented message buffers as slabs in a common pool for RX and
TX. This reduces memory requirements for both TX and RX, as TX messages
can be stored without the network and advertising buffer overhead, and
RX can use only the slabs it needs, instead of allocating a full size
segmented message. This approach also removes the need for decrypting
the segments for each retransmission, reducing overall processing load.
Slab based segmentation for tx also introduces queuing of segmented
messages, which allows the application layer to send multiple messages
to the same destination without violating Bluetooth Mesh specification
v1.0.1, section 3.6.4.1. This mechanism is provided through a flag that
blocks segmented messages to a destination which a message is already
being sent to until the previous message finishes.
This changes the SDU size configuration to a symmetrical
RX_SEG_MAX/TX_SEG_MAX pair of configurations, plus a new segment pool
side configuration. It also removes the binding between the TX_SEG_MAX
config and the advertising buffers, reducing the minimum advertising
buffer count from 6 to 3.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
The Friend queue uses the message SeqAuth to determine whether the
message is already in the queue. To facilitate this, the SeqAuth is
passed around as a pointer throughout the transport modules. In the
bt_mesh_ctl_send functions, this parameter is also exposed in the API,
but the internal usage is inconsistent and buggy. Also, no one actually
uses this parameter.
- Removes seq_auth param from bt_mesh_ctl_send, instead passing NULL
directly to the friend module, to enforce its addition to the queue.
- Makes the seq_auth pointer const throughout the friend module.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
The commit e85dd8af5d changed the way the BT_ECC Kconfig option
is enabled, however it got the dependency wrong. The dependency should
only look at BT_SMP_OOB_LEGACY_PAIR_ONLY if BT_SMP was also enable.
This broke e.g. the build of the mesh_demo app for the BBC
micro:bit since the memory consumption jumped up by roughly 2k.
This patch fixes the issue, and in the same go makes the Mesh handling
consistent by also using a conditional default rather than select.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Changes the behavior of the message cache to optimize for cache
capacity. Previously, the message cache's primary function was to avoid
decrypting messages multiple times, although the cache's main function
in the spec is to avoid message rebroadcasting. Optimizing for minimal
decryption causes us to fill the network cache faster, which in turn
causes more cache misses, potentially outweighing the advantage.
Now stores src + seq in message cache instead of field hash value. This
cuts cache size in two, while including more of the sequence number than
before.
Adds messages to the cache only after the packet is successfully
decrypted. This reduces noise in the cache, and ensures that no
invalid deobfuscations are added.
Additionally, this fixes a bug where multiple calls to net_decrypt with
the same packet failed, as the message cache found its own entry from
the previous call.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Implements several changes to the transport layer segmented tx to
improve group message performance:
- Moves retransmit counter to tx context instead of per packet. As every
unacked packet is sent every retransmit, the retransmit counters would
be the same in each segment. This makes it easier to control progress.
- Delays the scheduling of the retransmit until the completion of the
last segment by adding a seg_pending counter. This is essentially the
same as the old behavior, except that the old behavior might retrigger
the sending before all segments are finished if the advertising is
slow.
- Allows the group transmits to stop as soon as all retransmits have
been exhausted, instead of timing out waiting for acks that won't
come. This allows group tx to finish without error.
- Fixes a bug where a failed TX would block IV update.
- Cancels any pending transmissions of acked segments.
- Reduces log level for several common group tx scenarios that aren't
erronous.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
When available, the shell will use the CDB when configuring. This
replaces the default key for configuration and self-provisioning,
ensuring that there aren't multiple key values for the same indexes.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
