Sets the sequence number when re-encrypting messages from the friend to
the lpn.
This is a regression from #28511.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Set app_idx and net_idx in the msg_ctx before calling
bt_mesh_keys_resolve when re-encrypting friend messages, as they'll be
referenced inside the function.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
After #31176, the network would get stored immediately in
bt_mesh_net_create, causing the address and devicekey to get stored as
their zero-initialized version, as they're only being set in the
bt_mesh_comp_provision call, which fires after.
Fixes#32067.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
As network_decode needs a target buffer for decoding, the max PDU length
must be checked to prevent overflow on the target buffer. When receiving
a proxy configuration message with excessive length, there's no previous
check for this.
Also pulls the NET PDU length defines out into net.h, so they can be
used when defining the target buffers.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
For Bluetooth Mesh, counter shall be increasing by one when
every try to establishing friendship.
Counter to be used when create friendship security material.
So this value shall be consist between friend and lpn.
Due to zephyr bluetooth mesh send previous counter, after that
it will automatically increase one, which will result in the
incorrect generation of friend key when key rephase.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
The mesh settings.c module is a giant piece of code responsible for
storing the mesh stack configuration. Such approach makes it difficult
to control the data to be stored, breaks the stack modules'
encapsulation by forcing them to reveal the internal kitchen, which
leads to unpleasant issues such as #19799.
This commit moves the responsibility of storing the configuration
to corresponding modules while keeping control of the moment of storing
the configuration and of starting the stack after the settingss loading
is completed.
This doesn't introduce any abstraction between the mesh settings.c and
other modules as it will add more complexity and overhead than necessary
for the actual task.
Fixes#19850
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
MESH/NODE/CFG/HBS/BV-01-C expects the MinHops to be 0x7f after
disabling subscription, but 0x00 for subsequent Get requests.
MESH/NODE/CFG/HBS/BV-02-C expects us to return previous
count value and then reset it to 0.
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
If the SRC field of the received message is a unicast
address of an element of the Low Power node, then the
message shall not be stored in the Friend Queue.
Otherwise, lpn will discard this message, eventually
it breaks friendship.
Fixes: #30657
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Sets the LPN state to WAIT_UPDATE when waiting for the initial poll
response when disabling LPN_ESTABLISHMENT. Previously, the LPN node
would stay in the wait offer state even after the offer was processed,
which led to it aborting the friend establishment completely if it
failed to receive the first poll.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
While the friend node considers the friendship established as soon as it
sends the friendship offer, the LPN only considers the friendship
established once it receives the first update after its poll. This
update is encrypted with the friendship credentials, which aren't
available, as they're protected by an if (lpn_established()) check.
Changes the check to lpn_waiting_update(), which makes the LPN check its
friendship credentials only when it's expecting a response to a poll
message. This is the only time the friend will send messages encrypted
with the friendship credentials.
This is a regression from #28511.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Explicitly sets the LPN credentials when sending a friend request.
This fixes a regression from #28511.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Bluetooth Mesh require minimum limit time to enter iv update
state or return to iv nornal state.
For Zephyr bluetooth mesh implementation, use`ivu_duration`
type `uint8_t` to represent current time, but if the time is
more than 255 hours, there will be problems due to the
overflow of 8-bit unassigned variables.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
The K_MSEC macro evaluates its argument twice, which causes double
evaluation of some function calls in the mesh stack.
This removes all instances of function calls inside K_MSEC macros in the
mesh stack.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
`POLL_TIMEOUT_MAX` should use `CONFIG_BT_MESH_LPN_POLL_TIMEOUT`
instead of `CONFIG_BT_MESH_LPN_INIT_POLL_TIMEOUT`. The described
algorithm to grow the poll timeout implemented in function
poll_timeout does not work with this implementation.
It's a regression in 3b4d58a
Bluetooth: Mesh: optimize performance for lpn node
Fixes: #30338
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
`app_key_del` first param should be key_app_idx,
not key_net_idx.
The effect is that app_key_del is broken.
It's a regression in eca014115
Bluetooth: Mesh: Isolate cryptographic material
Fixes: 30468
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Adds support for extended advertiser commands in the mesh. This doubles
throughput for common packet sending, and significantly improves timing
accuracy for the Friend and Low Power features.
The proxy module's advertisement control has been moved inside the adv
module to abstract away the different advertiser modes.
The extended advertiser mode does not need an advertising thread to
operate, and ends up with a net reduction in RAM usage.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Since first poll request send by lpn use friend security
credentials, so, friend nodes should be able to decrypt with
friend security, even if they have not yet established a friendship.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
When friend node key refresh phase to stage_1, there
are need to add friend update message to friend queue,
but, when friend KR phase to stage_2, must add friend
update to queue.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Friend node cache segment message for lpn, message with
sequence number can't change, since could cause lpn replay
attack.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Adds a cli_reset to mod_sub if no status response was requested. This
adds a non-blocking mode to the mod_sub calls, matching the behavior of
other cfg_cli functions.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Missing copy net_idx to ctx, this cause tx subnet not found
or different with rx subnet, when rx subnet net_idx not zero.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Nothing in the API description the delayed work structure sanctions
direct reference to internal fields. Do not assume that a delayed
work item can be submitted without delay by invoking k_work_submit()
with a reference to the contained work item. Instead submit with the
delayed API and no wait.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
Wrong use of function `find_msb_set(~link.rx.seg)`,
uint8_t type is implicitly converted to uint32_t.
As a result, it always returns 32 instead of the
expected value, resulting in abnormal processing
of prov segment.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
The structure pointer was wrongly cleared before,
`bearer` and `role` in `bt_mesh_prov_link` structure
resulting in illegal pointer access.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
When kr phase to `BT_MESH_KEY_REVOKED`, should also call beacon
authentication, since beacon flag has change(0x01-->0x00).
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Fix use of deprecated scan parameter filter_dup.
Should have been changed to options as part of:
be57dfbe2a
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Adds check for TTL max in the transport send functions, and moves
setting of default TTL to transport.
Fixes#29855.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Moves mesh feature configuration to a separate module, deprecating the
bt_mesh_cfg_srv structure. The initial values for the features should
now be enabled through KConfig, where new config entries have been added
for each feature.
This removes the upward dependency on the config server from the core
stack, and makes the config server a pure frontend for the configuration
states, as all spec mandated behavior around the feature states is now
encapsulated.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Encapsulates the Heartbeat state and functionality in a separate
heartbeat module, removing all manipulation of the heartbeat state from
the transport and config server modules.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
The decision to set aszmic = 1 in the net_tx structure was made after
the variable was passed to the crypto context, creating a discrepancy
between the two when aszmic is 1.
Extracts transport encryption to a separate function.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Only set friend_cred to true when friendship established and
use friend cred security material decryption successfully.
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Fixes bug where applications that disable model extensions end up in an
infinite loop, and adds support for walking model subtrees, as opposed
to forcing root to be unextended.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
`bt_mesh_model_tree_walk()` was too simplistic and did not track visited
nodes which caused it to fall into infinite loop. Moreover the double
next jump could skip a level causing depth value to be invalid.
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
../zephyrNew/subsys/bluetooth/mesh/prov.c: In function
'bt_mesh_prov_reset_state': ../zephyrNew/subsys/bluetooth/mesh
/prov.c:61:2⚠️ '__builtin_memset' offset [52, 292] from
the object at 'bt_mesh_prov_link' is out of the bounds of referenced
subobject 'dhkey' with type 'uint8_t[32]' {aka 'unsigned char[32]'}
at offset 19 [-Warray-bounds] 61 | memset(&bt_mesh_prov_link.dhkey, 0,
Fixes: #29634
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Moves the virtual address labels to the transport layer, disconnecting
them from the configuration server.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
If low power node publish with unicast address other
than friend address, the friend node should relayed
this message to all network interface.
When Proxy feature enabled, message from gatt bearer should
relay to adv bearer even relay feature disabled.
Fixes: #29544
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Currently all provisioning procedure into common source
files call `prov.c`, that will not compile separately.
Add `BT_MESH_NODE` to control whether nodes are supported
and device provisioning is supported, this will be used in
provisioner role.
Add more provisioner OOB authentication method.
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Add Queue Size and Receive Window information to lpn
callback function to notify upper layer to determine
currently friend node information, which may be used
in future.
Add Callback structure to notification application which friendship
has been changed.
Add function `bt_mesh_friend_terminate` let's app layer determine
terminate friendship manually.
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
This is a major refactoring of the handling of the cryptographic
material of both the network and transport layers. The aim is to
encapsulate the key object manipulation, and improve overall modularity.
Pulls Applications and Subnets out of the bt_mesh and into separate
modules, with static storage types on the data. This has several
side-effects:
- The Config Server no longer operates directly on the bt_mesh.subs and
bt_mesh.apps lists, but goes through a public configuration interface,
following the pattern set in #27908.
- All iteration through the keys is done through iteration APIs
- Key resolution on RX and TX is centralized.
- Changes to the keys triggers events the other modules can register
handlers for.
- Friendship credentials are stored in the lpn and friend structures.
Part of #27842.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
