To prevent the transport layer from accepting duplicate or out of order
segmented messages, add an RPL-like check for the SeqAuth of the
segmented messages when their context is allocated. This prevents
duplicate receives of the same segmented messages in the case where a
single source address sends two segmented messages in parallel (to two
different addresses):
Previously, when receiving two segmented messages, the first message
would go through to the access layer, then the second. Then, if the
transport layer received any repeated segments for the first message, it
would fail to identify the SeqAuth as old, as all its segments were of
new sequence numbers, and the "already complete SDU" check would only
look at the second message. Thus, the segmented message got processed
again and passed to the access layer, even though it was a duplicate.
To solve this, we need a mechanism like RPL, but only for the segmented
messages' SeqAuth. We cannot re-use the actual RPL mechanism, as it
can't support the scenario provoked by the "blocking tx" mechanism in
transport. This mechanism allocates the SeqAuth when the message is
first passed to the transport layer. The ongoing message that caused the
block would keep sending segments with higher sequence numbers than
the blocked message got, which will cause the blocked message to fail
the RPL check.
This patch adds a parallel SeqAuth mechanism to the RPL module, which
only deals with the SeqAuth of the segmented messages. This list gets
checked when the segmented message is first allocated, in the same
manner as the general RPL mechanism. The storage gets hooked into the
RPL mechanism, by adding a separate seg field to each RPL entry.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
When Extended Advertising terminated due to duration or
maximum number of events, the auxiliary PDU scheduling
is now correctly stopped.
Fixes#31254.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Replace the legacy delayed work API with the new delayable work API.
Avoid cancelling work and manually notifying when the subscription is
disabled; instead allow the work item to do this.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
Replace the legacy delayed work API with the new delayable work API.
Use a zero period as a flag value to ensure that the work handler is a
no-op of the publish operation is disabled.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
Switch to new work API, taking advantage of the difference between
schedule and reschedule to force an update if the new deadline is
sooner, and retain any previous deadline (or use the new deadline) if
it isn't. Do not leave a path out that could, due to races, fail to
schedule necessary work.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
Switch to new work API. Avoid a racy cancel by allowing the work
handler to deal with an immediate off when the time remaining changes
to zero.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
Added initial support for BIS (broadcast ISO stream), which
adds support for creating BISes as both broadcaster and receiver,
as well as managing and creating BIGs.
Extends PA sync to handle BIGInfo adveritising reports.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
k_work_pending is now called k_work_is_pending.
These two uses are correct assuming the functions that invoke them are
not involved in race conditions: that the work is not pending is an
allowed condition for modifying state that will be used by the work
handler.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
The error code from gatt_service_register is being ignored to ensure
that repeated actions still complete. Do this explicitly by adding
(void) casts, resolving coverity warnings on accidental error code
ignores.
Fixes#33051.
Fixes#33074.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
If CONFIG_BT_MESH_SEQ_STORE_RATE is 1, the check in store_seq can be
reduced to a simple if (false), and the modulo code does not need to be
included in the build.
Fixes#33036.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Moves the if !(pub) check to happen before it gets used in the
initialization of the message context in bt_mesh_model_publish.
Fixes#5116.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Include virtual label's pending_store function in the LABEL_COUNT > 0
compile guard to avoid including dead iteration code in the compilation.
Fixes#32928.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Check that the assigned subnet hasn't been removed in heartbeat_send to
avoid potential NULL defererence in transport's ctl_send.
Fixes#32907.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Added comments to explain the re-use of allocated same
connection context to both 1M and coded PHY scanning context
when both PHY is enabled for initiating connection.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Initial work in progress implementation of Create Connection
Cancel for Extended connection initiation.
Adds implementation to teardown connection initiated at ULL
layer and gracefully release allocated resources.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Use an "initiated" flag in the lll_conn struct to guard the processing
of PDUs related to connection initiation (CONNECT_IND,
AUX_CONNECT_RSP). This avoids races between ULL and LLL when creating
a connection.
Signed-off-by: Wolfgang Puffitsch <wopu@demant.com>
Currently there is no way to distinguish between a caller
explicitly asking for a semaphore with a limit that
happens to be `UINT_MAX` and a semaphore that just
has a limit "as large as possible".
Add `K_SEM_MAX_LIMIT`, currently defined to `UINT_MAX`, and akin
to `K_FOREVER` versus just passing some very large wait time.
In addition, the `k_sem_*` APIs were type-confused, where
the internal data structure was `uint32_t`, but the APIs took
and returned `unsigned int`. This changes the underlying data
structure to also use `unsigned int`, as changing the APIs
would be a (potentially) breaking change.
These changes are backwards-compatible, but it is strongly suggested
to take a quick scan for `k_sem_init` and `K_SEM_DEFINE` calls with
`UINT_MAX` (or `UINT32_MAX`) and replace them with `K_SEM_MAX_LIMIT`
where appropriate.
Signed-off-by: James Harris <james.harris@intel.com>
Log the security keys that the sniffer needs in order to sucessfully
decrypt the connection.
This option allows the sniffer to work in the cases where enabling
using the SMP debug keys is not wanted, either because it changes the
way the peer behaves or is denied by the peer.
It also enables the sniffer to decrypt a connection where the bond
already exists.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Convert allowed_cmds to an array of atomic_t of size 1.
This makes it future proof in case more commands are added.
Possibly silences coverity false positives on array vs singleton usage.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix some format warning in cfg_cli.c.
Fix use CID_VNAL as param when use vendor models.
This is a resubmission of PR (#30086)
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Fixed some undesired or incorrect macros, which
can cause build error.
This is a resubmission of PR (#30086)
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Correct format errors, such as oob action 2-octers
should use 0x%04x, and action in prov capalilities pdu
big-ending. When every call `bt_mesh_auth_method_set<*>`
should also clear auth value, otherwise will case confirm
failed.
Provisioner role expect peer public key should be sent
immediately, instead of requiring ACK. After all, ACK may
be lost, and the other device’s public key will be sent
over, and provisioning procedure will be failed..
This is a resubmission of PR (#30086)
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Move the ticker job_guard reset to after
ticker_job_compare_update, so that the ticks_current and
ticks_slot_previous are updated before ticker_worker gets
to execute. Without this fix, there is a possibility that
ticker_worker will use incorrect ticks_slot_previous and
ticks_current value under race conditions.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix ticker job to defer itself to avoid recursive
invocation to itself due to ticker interface calls from
inside the ticker operation callbacks.
The recursive use was exposed when using ticker stop
operation callback of stopping an auxiliary PDU to stop
the primary PDU scheduling as part of generation of
Advertising Terminate event.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Remove inclusion of vendor specific internal LLL include
files in ULL source code.
Prefix `lll/` include file path to correctly include vendor
defined types and function implementation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Allow NULL pointer to be passed to bt_id_get function so
that only count can be fetched.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
There's a prompt to set the TX stack size, that's documented as an
advanced setting, but attempts to override it it are rejected unless
you add another setting that allows it to be change. Tell the user
how to make changes work.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
Remove compilation warning caused by currently not used
hci_df_set_conn_cte_tx_param function.
Code is sorrounded by #ifdef CONFIG_BT_CTLR_DF_CONN_CTE_RSP.
The CONFIG_BT_CTLR_DF_CONN_CTE_RSP is changed to be disabled
by default (until complete implementation of the feature is
provided).
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Change dfe-ant-num propert name to dfe-antenna-num.
The change is conde to keep the same naming style
for all properies, like dfe-pdu-antenna property.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Add initialization of GPIOs that are used for antenna switching.
GPIOs provided to DFE extension in Radio peripheral, to drive
antenna switching, should be initialized in GPIO peripheral beforehand.
The initialization is optional and may be disabled by Kconfig.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Antenna switching done by Radio with use of GPIOs provided in
PSEL.DFEGPIO registers. Registers were initialized once during
controller initialization.
At preparation of new radio event, Radio peripheral is powered
down and up to resset its registers. It is related with multi
protocol handling and possible leftovers in Radio registers.
Due to that, PSEL.DFEGPIO registers should be initialized
at the preparation of every event that will transmit
or receive CTE and run antenna switching.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Anternna switching should be disabled when CTE Rx is not supported
or disabled. Added missing dependency on BT_CTLR_DF_CTE_RX.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Add missing declarations of functions that are compiled in when
CONFIG_BT_CTLR_ADV_EXT_PDU_EXTRA_DATA_MEMORY is selected
Add missing include of header file.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Fix duplicate include of lll_test.c file under the
unsupported ISR profiling feature in OpenISA port.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Use `#if defined(...)` instead of `#if IS_ENABLED(..)` when
conditional compilation of definitions in source code.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
We should verify that the buffer has sufficient data before attempting
to parse the SDU length field. If we get a too short packet just
disconnect the channel.
Fixes#32497
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fix array overrun of client features bitset, where CF_BYTE_LAST was
incorrectly defined as 2 using module instead of divide.
Also fix additional bit-logic when number of bits would exceed a byte:
- Inner for loop iterates from 0 to number of bits on a single byte.
- Same bitmask used for all bytes.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Don't auto-update the device name in the advertising data as that
would clear any other scan-response data set by the application.
Document the behavior of the advertise with device name option
and the need to update data by the application to make sure
advertising data does not get cleared.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix endianness issue in reading CPF descriptor not converting from
native endianess to little-endian on the 'unit' and 'description'
fields.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Use the definitions of UUID values instead of magic constants with
explanation in comment.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Check for associated Extended Advertising set to determine
whether Broadcast ISO Group instance has been already
created.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Add association between extended advertising, periodic
advertising and broadcast ISO instance, so that attempts to
create and terminate BIG can detect error conditions.
Error conditions being, trying to create BIG without a valid
periodic advertising train, or terminating BIG without prior
creation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
When ticker job is disabled inside radio events then all
advertising, scanning, and slave latency cancel ticker
operations will be deferred, requiring increased ticker
thread context operation queue count.
Relates to #32430.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Consistently use the internal BT_CTLR_ADV_SET value in the
controller's implementation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Add missing offset_adjust filed to pdu_adv_sync_info.
Add handling of the field when sync_info is added to advertising PDU.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Fix the tertiary PDU and extended header length value after
the refactoring in the commit c8475b9a3e ("Bluetooth:
controller: ULL: enable TX of CTE with per. adv. PDU").
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Rearrange the LL interface functions in the ll.h file to
group functions use by HCI separate from other buffer and
control flow related functions.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Move the controller version define into ll_feat.h file to
keep the version number and featureset bitmaps together.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Move LLL header files for all roles to common folder. Move
vendor-specific content to internal header files, in particular ADV
buffer handling. Define the vendor-specific type lll_adv_pdu in a
separate header file lll_adv_pdu.h to avoid cyclic dependency when
moving ADV buffer handling to internal header file. Make sure all
internal header files are in vendor-specific folders.
The goal is to have a more consistent structure for LLL header files
and allow unconditional inclusion of non-internal LLL header files.
Signed-off-by: Wolfgang Puffitsch <wopu@demant.com>
Remove the depency on host emulation of ECC for the Use debug keys
option.
This allows the application to use debug keys without shifting the
ECC from the controller to the host, which could potentially alter
the behavior of the application and make debugging this way less useful.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Refactor the ECC emulation setting the supported command bits in order
to group the supported commands together with the implementation of
these commands.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
In order to avoid stalling LLCP procedures blocking done event
processing, done events are now put in a separate memory queue,
and processed by own mayfly function.
This ensures prepare/done refcount balancing and prevents assertion
due to lack of done events.
Signed-off-by: Morten Priess <mtpr@oticon.com>
We need to make sure aux is cleared on reset, otherwise we may end up
with legacy advertising with aux.
Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@codecoup.pl>
Set #0 is used for legacy advertising when legacy HCI commands are used
and in such case it's possible to enable advertising without any prior
configuration. This means we should better always have PDUs in set #0
initialized with default empty data.
Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@codecoup.pl>
We should remove all advertising sets when resetting controller. It's
enough to just clear is_created flag for each set.
Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@codecoup.pl>
Removes the 3 byte padding at the end of each proxy connection's rx
buffer.
Fixes#18509.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Add compilation guards for the feature_rsp_send function to avoid
compilation errors for some configurations.
Signed-off-by: Wolfgang Puffitsch <wopu@demant.com>
It was decided that the Bluetooth audio subsystem should
be in subsys/bluetooth/audio instead of subsys/bluetooth/host/audio.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Add support for ISO feature bits. This includes extending fields that
hold features to 64 bits to be able to handle the host-controlled
"Isochronous Channels" feature.
Signed-off-by: Wolfgang Puffitsch <wopu@demant.com>
Added Tx fragmentation implementation assertion to check
invalid offset use due to any memory corruptions.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Use the vendor specific ticker resolution margin in the
central connection initiation offset calculation.
Related to commit 89ab68f242 ("bluetooth: controller:
Vendor specific ticker resolution margin").
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Remove the redundant advanced scheduling event margin used
while finding a free space between existing active central
connections.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Move the initial connection event length calculation to
when initiating connection so that initiator with advanced
scheduling to place central connections in a non-overlapping
timeline has the correct ticks slot value available.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Add checks to detect ACL data lengths greater than the
configured maximum Tx buffer size in the controller.
The Host should conform to the LE_ACL_Data_Packet_Length
returned by the LE Read Buffer Size command.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Optimize LOW_LAT_ULL scheduling by avoiding redundant
rx_demux mayfly enqueue. Only schedule after checking for
node rx or tx ack presence in the memq.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Use the Subsystem defined BT_PER_ADV_SYNC_MAX Kconfig in the
controller implementation of Periodic Advertising Sync Sets.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
A line of code was guarded by CONFIG_BT_L2CAP_TX_FRAG_COUNT instead
of CONFIG_BT_ISO_TX_FRAG_COUNT.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
ISO is a building block for BT_AUDIO but it is not only
useful for AUDIO, and as such should be possible to
enable without enabling BT_AUDIO.
This commit moves iso.c and iso_internal.h to the
host directory (from host/audio) and removes
the CMakeLists.txt.
The /audio directory is left intact for the Kconfig options
it provides, and as a directory for future BLE Audio
content.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
This commit moves the BT_ISO to a common (host and controller)
Kconfig and fixes the ISO buffers in hci_raw.c
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Add release of memory acquired for periodic advetising sync. set
when:
- advertising set is removed
- advertising parameters are changed and past PDU type was
extended advertising PDU
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Remove LL_ASSERT from functions that return latest advertising PDU.
The LL_ASSERT was raised in situation that there is no memory to
store unused PDUs memory in a pdu_free queue or extra_data_free queue
Those functions return NULL in such sitation. The returned value is
verified by callers by LL_ASSERT. That gives better context if lack
of memory issue issue occurs.
Besides that there was removed a LL_ASSERT from lll_adv_pdu_and_extra_-
data_alloc. The reasons is the same as above, to give better context
when the lack of memory issue occurs.
This function is used in ULL context (ll_adv_sync_ad_data_set).
If it returns NULL the caller will return BT_HCI_ERR_MEM_CAPACITY_-
EXCEEDED to Host.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Add set of functions that will make possible to configure
radio Direction Finding Extension to transmit CTE for periodic
advertising.
Some of the new Radio API functions are provided as separate
functions changing the same Radio peripheral registers, e.g.
radio_df_mode_set_aoa, radio_df_mode_set_aod. This is done on
purpose and is related with lack of DFE in nrf52_bsim.
To avoid use of conditionally compiled constants to represent
e.g. CTE mode; separate functions were introduced.
Thanks to that DF unit tests are able to compile successfully
without changes in nrf52_bsim platform. Also if DFE is added
to nrf52_bsim there is no need to change the code until it is
desired.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
The storage for extra data is required for implementation of
CTE transmission with periodic advertising.
Data required to transmit CTE correctly are compound of two parts:
- PDU field CTEInfo
- radio configuration to transmit actual constant tone at the end
of PDU.
Extra data is a storage required for radio configuration data.
Nevertheless it must be in compliance with content of CTEInfo field.
Because of that extra data is stored as part of lll_adv_pdu and
is double buffered like PDU memory.
Bluetooth 5.1 spec. allows to enable or disable CTE TX
and change CTE TX parameters when periodic advertising is
enabled. Besides that CTE TX settings may be set before periodic
advertising parameters are set. In such situation ll_adv_sync_set
may be not yet created.
To overcome these constraints ULL should store CTE TX
settings and forward them to LLL only when CTE TX is enabled.
Because of above reasons ULL stores CTE TX settings in ll_adv_set.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Add Directin Finding related features:
- transmission of connectionless CTE,
- antenna switching during CTE transmission (AoD),
to list of features supported by controller.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Remove support for nRF5340 PDK in the BLE controller.
The controller will now support only the nRF5340 DK.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Fix cancel of Periodic Synchronization on Coded PHY. Reset
the association of periodic sync instance after validation
of command disallowed.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
When address resolution is disabled, an identity address has
been added into the resolving list with peer IRK, and device
privacy has not been selected for the peer device then
connection indication shall not be sent to the peer that is
advertising using its identity address.
Fixes#24731.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fail after pairing request and response have been exchanged if the
selected pairing method would not result in the required security level.
This avoids the case where we would discover this after having encrypted
the connection and disconnect instead.
This was partially attempted but lacked checking for authentication
requirement when L3 was required, as well as skipping the check if L4
was required but remote did not support Secure Connections since the
check was after we had taken the legacy branch.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Set the error in the security changed callback when the encryption has
not reached the required security level.
Terminate the pairing procedure in SMP on failure to avoid the security
changed callback being called twice in this case.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Terminate the pairing procedure when disconnected while this was in
progress. This notifies the application that security has failed and
removes the key entry.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Set the SMP flag encryption pending in the case where a bond exists
with ediv and rand equal to zero, i.e LE Secure Connections bond.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When receiving unexpected SMP PDUs with no pairing procedures in
progress don't treat it as a pairing procedure that has failed.
This causes unexpected SMP PDUs to trigger the pairing failed and
security changed callback at unexpected times.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add status only pairing failed callbacks (complete and failed) so that
these handlers can be added without providing the ability for MITM
pairing procedures.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename auth_err_get to security_err_get which better reflect the
error namespace it converts to. Also update to using the enum definition
instead of uint8_t for local variable holding returned value.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
when BT_PASSKEY_INVALID was set, it never updated the fixed
passkey which made its use ineffective
Signed-off-by: Faisal Saleem <faisal.saleem@setec.com.au>
The ATT request buffers are held until the ATT response has been
received. This means that the ATT request buffers are released by the
RX thread, instead of the from the RX priority context of
num_complete.
This can cause a deadlock in the RX thread when we allocate buffers
and all the available buffers are ATT requests, since the RX thread is
the only thread that can release buffers.
Release the ATT request buffers once they have been sent and instead
handle ATT request resending by reconstructing the buffer from the
GATT parameters.
Also re-order the order of resource allocation by allocating the
request context before the buffer. This ensures that we cannot
allocate more buffers for ATT requests than there are ATT requests.
Fixed a buf reference leak that could occur when the ATT request buffer
has been allocated, but GATT returns an error before handing the
responsebility of the buffer to ATT, for example when bt_att_req_alloc
fails.
This is fixed by moving the functionality of att_req_destroy to
bt_att_req_free.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove the ATT request destroy callback which is never assigned
by any of the ATT requests.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix indicate without func not working properly, when sent as a
non-req by GATT this has two propblems:
- The indicate would not be treated as a transaction, and back
to back indicate would be sent without waiting for the confirm
- The destroy callback would not be called on the indicate parameters
since the indicate_rsp callback would not be called.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
ATT channels do support queueing buffer so it no longer need to block
waiting the tx_sem besides the buffer allocation already serves the
same purpose as the application will not be able to have more requests
than there are buffers available.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Allow to request a higher security level during the key distribution
phase.
This is required by ATT and L2CAP since they only react to the encrypt
change event where they resend the current request.
The current request might require a higher security level still and
might have to request a higher security level before the pairing
procedure has been finished.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When ATT resends an ATT request it is sent as a "response" instead of
as a request. This causes the ATT request buffer to be released and
the ATT request cannot be resent one more time.
This causes a problem when the ATT request requires authentication
but the elevation of security is not enforcing MITM protection.
In this case the ATT will first require security level 2 and then resend
the request once this has been reached.
This will lead to a new ATT error response and ATT will require security
level L3.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix the update keys check allowing to overwrite the keys when using
debug keys. Instead the check disallowed overwriting keys made using
debug keys.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix gatt write command returned "write in progress" when either
hex2bin or bt_gatt_write returned an error.
The write_params.func should not be set if the write command was not
successful.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Sets the sequence number when re-encrypting messages from the friend to
the lpn.
This is a regression from #28511.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Set app_idx and net_idx in the msg_ctx before calling
bt_mesh_keys_resolve when re-encrypting friend messages, as they'll be
referenced inside the function.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Fix missing advertising PDU length initialization which
prevented advertising PDU to be transmitted by Radio. This
issue was reproduced when connectable undirected advertising
was enabled without setting an advertising data.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
After #31176, the network would get stored immediately in
bt_mesh_net_create, causing the address and devicekey to get stored as
their zero-initialized version, as they're only being set in the
bt_mesh_comp_provision call, which fires after.
Fixes#32067.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Reduces some user confusion regarding whether it is related
to "Connection ID", "Channel ID", or "Company ID" for the
uninitiated.
Signed-off-by: Emil Hammarstrom <emil.hammarstrom@assaabloy.com>
Fix OpenISA port to include compiler memory barrier as in
commit 1a14f8b3a6 ("Bluetooth: controller: Use DMB instead
of DSB").
Relates to commit 1af2b91c23 ("Bluetooth: controller: Fix
Tx Buffer Overflow") and to commit ef2ece82c0 ("Bluetooth:
controller: openisa: Fix sanitycheck failures") and to
commit c2fc629dd2 ("Bluetooth: controller: 255 byte AD
payload support").
Fixes#31937.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix for OpenISA rv32m1_vega_ri5cy board not supporting
different IRQ Priority levels for LLL, ULL_HIGH and ULL_LOW
execution contexts.
Fixes#31937.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix BT_CTLR_ULL_HIGH_PRIO default value to equal
BT_CTLR_LLL_PRIO value if BT_CTLR_LOW_LAT is enabled, else
default ULL_HIGH to lower IRQ priority level in comparison
to LLL IRQ priority level. If BT_CTLR_ZLI is enabled,
BT_CTLR_ULL_HIGH_PRIO can default to a priority level value
of 0 and still be lower priority level than the LLL which
is placed at Zero Latency IRQ priority level (highest
priority in the CPU).
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
As network_decode needs a target buffer for decoding, the max PDU length
must be checked to prevent overflow on the target buffer. When receiving
a proxy configuration message with excessive length, there's no previous
check for this.
Also pulls the NET PDU length defines out into net.h, so they can be
used when defining the target buffers.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Fix Tx Buffer Overflow caused by uninitialized node_tx
memory being used by ULL ISR context due to Compiler
Instructions Reordering in the use of MFIFO_ENQUEUE.
The MFIFO last index was committed before the data element
was stored in the MFIFO due to Compiler Instructions
Reordering.
This is fixed now by adding a Data Memory Barrier
instruction alongwith a compiler memory clobber.
Fixes#30378.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Use of Data Memory Barrier instruction with memory clobber
in ARM Cortex M architectures is sufficient in the
controller implementation to keep compiler data access
instructions in order so that an ISR vectoring has memory
accesses in the correct order as intented by design.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Mark the option BT_FIXED_PASSKEY as an insecure option.
During Legacy pairing the passkey is used as encryption key, and
brute-forcing this is easy.
During LE Secure Connections the passkey is checked one bit at a time,
so when it is fixed the passkey can be deduced with series of pairing
attempts.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The Bluetooth SMP protocol depends on the BT_ECC for the LE Secure
Connections pairing. Since this feature cannot be disabled we must
select this dependency.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix fixed passkey for legacy pairing. The pairing procedure fails
because the temporary key (TK) has not been set for this pairing
procedure.
Fix this by always requesting the legacy TK.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix misleading message in the bluetooth shell when the id-create
command returns en error code. In this case both failure and success
messages are printed.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add options to control the behavior of the init command.
Option no-settings-load allows the user to create identities
with the id-create command after bt_enable() but before settings_load().
Option no-ready-cb allows the user to test using synchronous enable,
since this sometimes leads to different behavior of the stack.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Prevent the bt_rand function from being called before bt_enable.
Depending on the implementation of bt_rand this function cannot
be called before bluetooth has been initialized. With host supplied
crypto functions the HCI LE rand command is used for example.
The use case for calling bt_id_create before bt_enable is meant for
when the application has storage for the identity instead of the stack.
So we add the requirement that the application has to have storage
for the identity resolving key (IRK) in addition when the local
device is privacy-enabled.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix the default ULL_HIGH execution priority to be lower than
LLL execution priority to reduce Radio ISR service latency.
Also, default to Zero Latency IRQ for Radio ISR if enabled
in the kernel.
Fixes#29994.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
ad_len parameter is not length of complete advertising data, but number
of bt_data structs passed to bt_le_per_adv_set_data - we pass only one.
Also memset target buffer before converting hex string so data shorter
than specified will be right-padded with zeroes instead of some
leftovers.
Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@codecoup.pl>
