MBEDTLS_AES_ROM_TABLES let Mbed TLS use precomputed AES tables instead
of generating them at runtime and placing in RAM. It clearly helps
reducing the RAM footprint, but at the same time it increases the ROM
one. In order to let the final user decide which kind of optimization
they prefer, we change the "select" statement with "imply".
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
According to MshDFUv1.0, section 6.2.3.5, the Firmware Distribution
Receivers List message is not limited by the size of the receivers list:
```
The number of selected entries shall be limited by the following:
- The number of entries shall not exceed the value of the Entries Limit
field from the Firmware Distribution Receivers Get message.
- The number of entries shall not cause the message payload to exceed
the maximum Access PDU size.
```
Thus, this assertion is incorrect as it doesn't allow to have the
receivers list bigger than number of maximal Access PDU size.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Commit:
- adds dependency of the mbedtls psa usage on secure storage
- removes PSA ITS emulator and enables usage of
the secure storage in ble mesh bsim tests
- enables secure storage in all ble mesh and related samples
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
This change aims to eliminate the dependency on `ctx_shell` in
the Bluetooth `mesh/shell/*`, making the code more maintainable.
Replaced `shell_*` functions that depended on `ctx_shell` with
the appropriate `bt_shell_*` functions.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
By using `SETTINGS_STATIC_HANDLER_DEFINE_WITH_CPRIO` we can ensure that
BT subsystems always get loaded after BT, and BT Mesh after both of
them.
This solves the host having to register a GATT service in a delayed
manner, as we are sure to now register the GATT service after sc_commit
sets `SC_LOAD`.
Signed-off-by: Kyra Lengfeld <kyra.lengfeld@nordicsemi.no>
uuid needs to be keept in pb_gatt_cli server context until the client
is connected to server, otherwise, since we only kept the pointer from
the net_buffer, any incoming unprovisioned beacon before the connection
is established may overwrite uuid.
Signed-off-by: alperen sener <alperen.sener@nordicsemi.no>
The Health Client model supports periodic publication and thus requires
the update callback to be initialized.
This commit implements a callback inside the health client model and
adds a wrapper to it so that the user can fill up the msg buffer.
This way, the Config Server will always accept
Config Model Publication Set message with periodic publication
parameters. If the users callback returns an error or is not
implemented, the periodic publication will be aborted.
Signed-off-by: Stine Åkredalen <stine.akredalen@nordicsemi.no>
Once proxy gatt is enabled, due to the nature of gatt advertisements
being continuous, the controller will reject starting the scanner after
enabling proxy gatt. As such we should start the scanner first.
Currently the order works as we are using k_work to postpone the proxy
gatt service registration, because services can't be registered between
initializing BT and loading the settings.
Once we start using the new settings priority feature, we are sure to
envoke enabling proxy gatt after loading the settings, so the delayed
enabling can and should be removed.
This preventetive fix has been tested by running relevant bsim tests
after rearranging in which order the settings of the subsystems are
loaded via `h_commit`.
Signed-off-by: Kyra Lengfeld <kyra.lengfeld@nordicsemi.no>
To signal to the mesh extended advertiser that a proxy advertisement is
started, `bt_mesh_adv_gatt_send()` is called in combination with
setting the `ADV_FLAG_PROXY` flag in adv_ext.c. This ensures that it
won't try to start the advertiser again, which would result in the
controller rejecting it.
Setting this flag outside adv_ext.c is not viable, and as such calling
`bt_mesh_adv_gatt_send()` should also be limited to the advertising
source code.
As it stand now, once we utilize the new commit priority for `h_commit`
calls such a recall of `bt_mesh_adv_gatt_send()` with following
rejection by the controller will happen.
Within the `bt_mesh_resume()` function we can confidently assume the
extended advertiser has already been started. As such we can call
`bt_mesh_adv_gatt_update()` instead of `bt_mesh_adv_gatt_send()`.
This change has been tested with both running relevant bsim tests after
rearranging in which order the settings of the subsystems are loaded via
`h_commit`, as well as a modified light switch sample, adding
`bt_mesh_resume/suspend` calls on buttons.
Signed-off-by: Kyra Lengfeld <kyra.lengfeld@nordicsemi.no>
Referring to MshDFU_v1.0 Sections 6.1.1, 6.2.1 and 7.1.1 model
descriptions: DFU/DFD server/clients extend BLOB Transfer root models
and DFD server requires Firmware Update Client on the same element. For
this reason we need to make sure that those main models or root models
exist on the same element. And also firmware update client can not be
forced to be in the first element.
For all model extention call return the error code in case of an error.
Signed-off-by: alperen sener <alperen.sener@nordicsemi.no>
Deprecate BT_CTLR, and add a new HAS_BT_CTLR as a virtual option which
specific users (like BT_LL_SW_SPLIT) select. This also means that we can
remove all places that were forcefully enabling the BT_CTLR option, and
instead we now depend on devicetree to get some local LL HCI driver
enabled which in turn also enables the HAS_BT_CTLR option.
Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
Removes legacy configuration options. The same coverage is provided by
existing PSA_WANT_... selects.
Signed-off-by: Håvard Reierstad <haavard.reierstad@nordicsemi.no>
Initializes the `net_idx` field of the ack context properly for KRP
functions in the Config Client.
This fixes a problem where `bt_mesh_cfg_cli_krp_get` and
`bt_mesh_cfg_cli_krp_set` would always fail the ack ctx comparison if
`key_net_idx` was != 0.
Signed-off-by: Ludvig Jordet <ludvig.jordet@nordicsemi.no>
This commits puts in order log messages when unpacking CDP0 and CDP1 so
that it a bit more clear where the error happens.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
This commit checks that config client doesn't pull out data outside of
the buffer.
Fixes#80012
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Coverity complains about uninitialized prohibited fields. Even though it
is not used because it is "prohibited", it is simpler to just
initialized it with the value received from a server.
Fixes#81939
Coverity-CID: 434649
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
This moves GATT releated defines that are used by both Mesh Proxy
Service and Mesh Provisioning Service implementations to a common
header file.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
By default if CONFIG_BT_MESH_PROXY_USE_DEVICE_NAME
or CONFIG_BT_MESH_PB_GATT_USE_DEVICE_NAME is enabled, the mesh stack
will add BT_DATA_NAME_COMPLETE AD Type along with the Mesh Proxy Service
or Mesh Provisioning Service advertisements accordingly.
When BT_LE_ADV_OPT_USE_NAME was present and
CONFIG_BT_DEVICE_NAME_DYNAMIC is enabled, the advertised name was
automatically updated by the host. This turned out to be a side-effect
rather than expected behavior and after #71700 this behavior waa
changed.
But customers use dynamic name feature.
This commit makes the mesh stack use bt_get_name to get the device name,
which returns runtime name if CONFIG_BT_DEVICE_NAME_DYNAMIC is enabled.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Since the TinyCrypt library is being deprecated in Zephyr, this
commit set TinyCrypt usage in BT mesh as deprecated and it sets
Mbed TLS PSA Crypto API as the default option (when TF-M is not
available).
Tests are also updated in this commit.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Aligns subnet bridge related commands according to conventions used for
rest of the shell commands. Also updates documentations to reflect the
change.
Signed-off-by: Omkar Kulkarni <omkar.kulkarni@nordicsemi.no>
As long as MBEDTLS_ENTROPY_C is enabled, Mbed TLS needs to
poll some entropy source to gather data that will then be
processed by CTR/HMAC-DRBG modules. This means that in most
of the cases, once MBEDTLS_ENTROPY_C is enabled then also
MBEDTLS_ENTROPY_POLL_ZEPHYR needs to be enabled. This was
done manually until now, as the long list of samples/tests
demonstrate.
This commit solves this dependency by defaulting
MBEDTLS_ENTROPY_POLL_ZEPHYR to on as soon as
MBEDTLS_ENTROPY_C is set. As a consequence, all manual
enablement of MBEDTLS_ENTROPY_POLL_ZEPHYR in samples/tests
are removed.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Adds support for using relay buffers and advertising set for the subnet
bridge feature, even if the relay feature is disabled.
Signed-off-by: Håvard Reierstad <haavard.reierstad@nordicsemi.no>
When start to sending proxy advertising, will also process in
send_pending_adv, but the bt_mesh_adv_get_by_tag will directly return
buffer from bt_mesh_adv_queue or bt_mesh_relay_queue, which case
mesh messages sent on different sets, can cause peer replay attack.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Instead of checking the `enabled` flag, check if BT_MESH_SUSPENDED is
set in the legacy advertiser thread. BT_MESH_SUSPENDED is set earlier
than advertiser is stopped and will prevent the advertiser send anything
earlier.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
When Proxy advertising or PB-GATT Advertising Enabled and use a same
advertising sets.
As adv\_start will call multi HCI Command will cause syswork_q yield.
At same time, if another thread(BT RX) all schedule\_send will cause
unable send mesh message, because ADV\_FLAG\_ACTIVE was be set, but
ADV\_FLAG\_PROXY not set currentlly.
Add ADV\_FLAG\_SCHEDULE\_PENDING indicate mesh buf has been pendings
but not scheduled, so when proxy advertising enable, let's take again,
as we can't break or terminated adv\_start, so we must waiting proxy
advertising enabled.
But after https://github.com/zephyrproject-rtos/zephyr/pull/68558
The `k_work_is_pending` always true in `send_pending_adv`, which cause
unable to send more mesh message until more mesh message comming
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Fix of the subnet bridging table function to only
compact the table if elements has been removed, and
fixing the compact function to compact the table if
several elemnts has been removed at the same time.
Fixes zephyrproject-rtos#78794
Signed-off-by: Ingar Kulbrandstad <ingar.kulbrandstad@nordicsemi.no>
The host-based adv auto-resume function has both a problematic
implementation and disagreement in the community around how it should
behave. See the issue linked resolved below for details.
This patch makes the deprecation visible to the user. The user will be
better served by a auto-resume tailored their applications use case,
based on more primitive host API like `conn_cb.recycled`, which has
obvious behavior that is unlikely to change.
Resolves: https://github.com/zephyrproject-rtos/zephyr/issues/72567
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
Removes duplicate declaration of the bridging direction, keeping the
one in the public header file.
Signed-off-by: Håvard Reierstad <haavard.reierstad@nordicsemi.no>
Adds the `bt_mesh_brg_cfg` prefix to the public Subnet Bridge API, and
aligns the function and callback naming with the rest of the Bluetooth
Mesh API.
Signed-off-by: Håvard Reierstad <haavard.reierstad@nordicsemi.no>
Moves around the shell files so that they are placed nearer
to the features they expose access to.
A few changes as possible has been made.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Currently, dfu_suspended() sets the phase SUSPENDED
directly in the structure, bypassing the dfd_phase_set() function.
This prevents the phase change callback in the bt_mesh_dfd_srv_cb
structure from receiving the SUSPENDED event.
Signed-off-by: Emilio Aguila Escalante <emilio.aguila@hotmail.com>
Removed deprecated native_posix as test platform.
Added unique sim_ids for tests with the psa as a overlay.
Fixed clang-format issues.
Signed-off-by: Ingar Kulbrandstad <ingar.kulbrandstad@nordicsemi.no>
When a message with invalid parameters is received, we must ignore it.
In this commit we check invalid parameters first.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
If use `IS_ENABLED` macro inside if statements but not as preprocessor
directives, we can always compile the code for settings even if settings
are not used. This allows to reduce amount of firmwares we need to build
in CI to ensure that code compiles.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
We must tcheck if buf has enough tailroom to fit another pair of keys or
pair addresses with direction.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
If relay feature doesn't have own adv set, it should use the main adv
set to send messages.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
When a synchronous API is used, the content of `buf` will not be
valid by the time the thread that called the synchronous API is woken up
again.
Therefore, the simplest way to solve this is when a user allocates the
buffer which will be filled up with the content of the buffer passed to
the model callback.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
When relaying a Network PDU to another subnet, we need to update sub
field of rx structure so that correct credentials are used. We also need
to update NID field of the Network PDU.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
The initial implementation of RPL check for Subnet Bridge wasn't fully
correct. It decides whether to relay or not a PDU based on RPL of only
received messages. However, the spec section 3.9.8 says:
```
In addition, a Subnet Bridge node shall implement replay protection for
all Access and Transport Control messages that are sent to bridged
subnets.
A Subnet Bridge node shall maintain the most recent IVISeq value for
each source address authorized to send messages to bridged subnets.
Messages received by the Subnet Bridge node with the IVISeq value less
than or equal to the last stored value from that source address shall
be discarded immediately upon reception. When a message is retransmitted
to a bridged subnet, the stored IVISeq value shall be updated. In this
way, bridged subnets are protected against replay attacks from other
subnets.
```
This was noticed with MESH/NODE/SBR/NET/BV-02-C test. It passes when
PTS misses the message at step 3 and 4, and fails when PTS manages to
receive the message.
This commit fixes the wrong behavior by removing argument for
`bt_mesh_rpl_check` function making store a new message and bypassing
`local_match` check in case of Subnet Bridge node.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Though nvs backend checks whether the data passed to it is identical to
the stored one, this isn't guaranteed by other the settings api. We can
also avoid going into the settings subsystem since we know what was
actually changed.
This commit adds 2 flags that allow to control whether Subnet Bridge
or Bridging Table states were changed and skips storing if the certain
state was not changed.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
We store only filled up entries, but want to restore the entire table.
`bt_mesh_setting_set` fails if the restored length didn't match the
provided length.
This commit fixes the restoring of the bridging table by allowing to
restore any size as long as the stored size is less than the allocated
one and it is a multiple of the size of a single entry.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Adds subnet bridging functionality to the network layer.
Also fixes brg_cfg_srv for minor issues to get it working.
Signed-off-by: Omkar Kulkarni <omkar.kulkarni@nordicsemi.no>
