* in arc secureshield interrupts can be configured
as secure or normal
* in sw design, high interrupt priorites are allocated to
secure world, low priorities are allocated to normal world.
* secure interrupt > secure thread > normal interrupt > normal
thead
So, here secure world/firmware only checks secure interrupt
priorities
Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
it's not allowed to switch to thread preempted by exception as
its context is not saved.
So if a thread switch is required in exception handling, e.g.
kill a thread, the old thread cannot be switched back
Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
For arc processor equiped with secureshield, SEC_STAT.IRM
bit should be recorded, it determins which mode irq should
return
Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
modernizr.min.js is causing unnecessary reloads of a page causing
flashing of the browser window during page load (most noticiable with
firefox). This empty script effectively wipes out the modernizr.min.js
unnecessarily loaded by the Sphinx rtd theme (see
https://github.com/readthedocs/sphinx_rtd_theme/issues/724)
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
This commit extends existing logging sample in order to present
logger usage from user mode thread.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Signed-off-by: Piotr Zięcik <piotr.ziecik@nordicsemi.no>
This commit adds basic userspace support to the logging subsystem.
With this change, the following API could be called from user mode:
- LOG_*()
- LOG_INST_*(),
- LOG_HEXDUMP_*(),
- LOG_HEXDUMP_INST_*(),
- LOG_PANIC(), LOG_PROCESS(),
- log_printk(), log_generic(), log_buffrered_cnt(),
- log_filter_set(NULL, ...)
With userspace disabled, the logger behavior and performance
is not affected. With userspace enabled, the calls from kernel
space have an additional overhead introduced by _is_user_context().
The logger behavior changes when it is called from the user context.
All strings logged using LOG_*() and LOG_INST_*() API from userspace
are rendered in place for security reasons and then placed in
log_strdup() memory pool, which should be large enough to hold bursts
of log messages.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Signed-off-by: Piotr Zięcik <piotr.ziecik@nordicsemi.no>
This commit exports the _is_user_context() function regardless
of the CONFIG_USERSPACE setting. If userspace is enabled, the
value returned depends on the execution context. If userspace
is disabled, the _is_user_context() always returns false.
Signed-off-by: Piotr Zięcik <piotr.ziecik@nordicsemi.no>
if base64_decode function returns error, function can't continue
otherwise a fatal error will cause the thread to spin, putting the
system into an unrecoverable state
Signed-off-by: Faisal Saleem <faisal.saleem@setec.com.au>
Instead of having a mix of west and CMake/ninja instructions for
building and flashing, document it using only west. This will help
clarify that west is the default build tool in Zephyr and should also
reduce confusion over what tool to use.
Note that the biggest change is changing the default in
doc/extensions/zephyr/application.py for :tool:, from all to west.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
We do not need the return values from various calls to pthread_*()
functions.
Coverity-CID: 203462
Coverity-CID: 203535
Fixes#18376Fixes#18377
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Remove bunch of TC_PRINT's with too verbose logging of test operations.
The only logging required is in case of failures, and improve that in
a couple of cases by using zassert_*(), and log errno.
In particular, this allows to reuse existing testcase functions to
create more complex testcases.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
To make sure that entry in fs.c:desc_array[] is freed. Note that
freeing an entry in fdtable is handled by generic implementation
of close().
Fixes: #17231
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Do not try to memcpy() the same buffer to itself.
This one also reverts commit 112ecb7290
("net: gptp: Fix for coverity CIDs 203471 and 203464") as that
did not fully fix the issue.
Coverity-CID: 203464
Coverity-CID: 203471
Fixes#18394
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Set harness to led as a placeholder to avoid running samples on
platforms that do not have the needed hardware.
Fixes#17439
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Match the logging changes made in samples/.../usb/cdc_acm to the
cdc_acm_composite sample. This allows any device testing checks to work
properly.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Fix unhandled return values as most other places handled in this
file, fix coverity issue 203507.
Fixes: #18445.
Signed-off-by: Wentong Wu <wentong.wu@intel.com>
Fix unhandled return values as most other places handled in this
file, fix coverity issue 203454.
Fixes: #18443.
Signed-off-by: Wentong Wu <wentong.wu@intel.com>
Fix the controller implementation to handle data packet
enqueue being pause on Encryption Request be done early in
the ULL when enqueueing packets towards LLL.
Fixes#18645.
Signed-off-by: Vinayak Kariappa Chettimada <vinayak.chettimada@gmail.com>
Rename AUTHENTICATION, to AUTH, since this is a well established short
form of the word.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename bt_conn_security to bt_conn_set_security, this makes the API
naming more consistent.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename security level enum, using level and number instead of low,
medium, high and fips.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
poll() and related things are expected to be declared in this header
by POSIX applications.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Make sure that the extension, like HBHO, sub-option length is
not too large.
Fixes#16323
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
A security vulnerability in the Bluetooth BR/EDR Bluetooth Core
specification versions 1.0 through 5.1 has been identified as
CVE-2019-9506. The Bluetooth BR/EDR encryption key negotiation
protocol is vulnerable to packet injection that could allow an
unauthenticated user to decrease the size of the entropy of the
encryption key, potentially causing information disclosure and/or
escalation of privileges via adjacent access. There is not currently
any knowledge of this being exploited.
From Core spec erratum 11838:
A device shall enforce an encryption key with at least 128-bit
equivalent strength for all services that require Security Mode 4,
Level 4. For all other services that require encryption, a device
should enforce an encryption key with at least 56-bit equivalent
strength, irrespective of whether the remote device supports Secure
Simple Pairing.
After encryption has been enabled, the Host should check the
encryption key size using either the HCI_Read_Encryption_Key_Size
command (see [Vol 2] Part E, Section 7.5.7) or a vendor-specific
method.
Fixes#18658
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
In case sufficient security level wasn't reached the error propagation
was missing, which could lead to incorrect state transitions when
update_sec_level_br() returns. Return true/false and make sure to
abort any further operations in case the update fails.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The storage for the public key is pub_key in hci_core.c.
When the public key event is generated the public key is copied into
this buffer, but the pointer to the event storage of the key is given
in the public key ready callback (bt_smp_pkey_ready).
SMP expects that it is safe to assign a global pointer to this variable.
In smp_init bt_pub_key_get is used to get the pointer to the public key.
In both cases SMP assigns the le_sc_pub_key to the pointer given.
This creates an issue when bt_smp_pkey_ready callback occurs after
smp_init during pairing procedure, SMP will then have a pointer to an
event buffer that has been released and contains invalid data.
Fixes: #18580
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Increase temporary buffer size to 8 bytes in fcb_append to prevent
stack overflow in case flash alignment is bigger then 2 bytes.
Signed-off-by: Jan Van Winkel <jan.van_winkel@dxplore.eu>
We need to increase the stack size of the main thread, to
avoid stack overflow, when executing the tests on various
platforms.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Add console testing harness for expected output. This allows us
to validate that the test is running properly on hardware.
We expect output of the form (the Reboot_counter will increment
overtime).
Id: 1, Address: 192.168.1.1
Id: 2, Key: ff fe fd fc fb fa f9 f8
Id: 3, Reboot_counter: 5
Id: 4, Data: DATA
Id: 5, Longarray: 0 1 2 3 4 5 6 7 8 9 ... 7f
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Add simple console testing harness for expected output. This allows us
to validate that the test is running properly on hardware.
We expect the sample to report back somthing like:
Counter received: 1
Counter received: 2
Counter received: 3
Counter received: 4
...
etc.
So have a simple regex check for it.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Some smaller stm32l0x MCUs, such as stm32l011x, do not have GPIOH
port. Fix build for those by checking LL_SYSCFG_EXTI_PORTH macro.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Ensure that two routines won't interfere with eachother.
In current situation there is possibility that ENDRX will be called
during rx_timeout routine or vice-versa which will result in wrong
offset and length passed to user.
Signed-off-by: Mieszko Mierunski <mieszko.mierunski@nordicsemi.no>
Due to longer than expected user callback handling, rx byte counting
got out of sync with real values. It leads to incorrect values
reported to user. This fix adds sync point at the end of buffer.
When using hardware rx counting this issue should not occur.
Signed-off-by: Mieszko Mierunski <mieszko.mierunski@nordicsemi.no>
The size of the request buffer (USB_REQUEST_BUFFER_SIZE)
is configurable and depends on the needs of an application.
Check if the request buffer is not too small.
Signed-off-by: Johann Fischer <j.fischer@phytec.de>
Give the security changed callback when the peripheral initiated
security request and peer attempted to encrypt the connection but no LTK
match was found.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Make sure that a new pairing procedure with an existing bond does not
result in a security with weaker security properties.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add option to force the host to initiate pairing procedure even if the
host has encryption keys for the peer.
This option can be used to pair with a bonded peer that has deleted its
bonding information without deleting the keys. If new pairing results
in weaker keys the pairing will be aborted.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add security error to security_changed callback. Call this callback when
security has failed and provide current security level and error.
Reason for failure can be.
- Pairing procedure failed, pairing aborted before link encryption.
- Link encrypt procedure failed
- Link key refresh procedure failed.
Fix missing bt_conn_unref on encryption key refresh with error status.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
