This commit activates the built-in stack guard on the main_thread
before jumping to it upon system initialization. Stack guard is
activated if BUILTIN_STACK_GUARD is enabled by the user. The
commit also activates built-in thread stack guards at every
context switch, if BUILTIN_STACK_GUARD enabled by the user.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Ignore stack pointer limit checking during a HardFault or NMI
exception, to allow for the Fault handling function to execute
properly.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit implements the build-in interrupt stack protection
via the native MSPLIM register in ARMv8-M MCUs that support the
Main Extension. Main stack pointer overflows will cause Stack
Overflow UsageFaults. In addition, the commit introduces a new
config option, BUILTIN_STACK_GUARD, allowing the user to enable
and use the built-in stack protection in ARMv8-M firmware.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Enable settings and increase the system workqueue size to deal with
the stack usage. This also makes it possible to test unpairing support
with the shell's 'clear' command.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There's a bit of unnecessary space in the bt_keys struct. Re-design
some fields for a more compact format, which is particularly helpful
now that the struct gets stored as-is to flash through the settings
API.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Integrate the bt_keys submodule with bt_settings. Add a new
bt_keys_store() API to write keys to flash, and extend the existing
bt_keys_clear() to remove the keys from flash.
Along with this, add some helpers for genrating settings key values
containing a bluetooth address, as well as for decoding them to get
the binary bt_addr_le_t.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add a new linker section for a list of submodule settings handlers,
and iterate the list from the various settings callbacks.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The same functionality is now supported by the settings-based
solution, so remove bt_storage out of the way. There were stubs in
bt_storage to handle per-peer information (e.g. pairing keys) but this
was never actually implemented in full. The next step is to add this
support to the settings-based solution.
Leave the code for generating temporary IRK and identity address in
case BT_SETTINGS is not enabled. Also leave the code for using vendor
HCI to read the identity address, in which case the settings
implementation will not touch it.
Introduce a new bt_unpair() API to replace the removed
bt_storage_clear(), since the latter was actually doing more than just
storage management: it was also handling runtime storage of pairing
information. Later, the bt_unpair() implementation will be extended to
clear settings-based pairing storage.
There is one feature that the bt shell module looses: the ability to
give a specific identity address to the "init" command as a parameter.
We might look later in the future if this is really needed, and add a
separate API for this.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Introduce a basic skeleton for peristent storage based on the settings
subsystem. Also enable support for this to the peripheral sample
application, so the new code gets exersized by CI. For now, the
implementation provides the same level support as the bt_storage API
ever did, i.e. for the identity address and the IRK.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This is bug-fix for issue #7311
FCB: CRC write size in append_finish doesn't honor
flash min write size
This patch changes write size to the minimum supported
write size.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Kconfig.py is not following the de-facto (real?) coding standards of
Zephyr. This commit refactors kconfig.py with two changes:
Use __main__ and def main().
Use argparse instead of sys.argv.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
This patch adds DT description of generic storage flash
partition. This fixes issue #7227.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Add system call handler support to LED subsystem. No buffers are
involved in any of the API's and hence the syscall support is
straightforward.
Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
FS_FLASH_MAP_STORAGE keyword enables the storage partition,
but it was depend on flash_map module which is unused by
NFFS. This patch makes it independent thanks
to it is possible to enable the storage partition
without flash_map module.
FS_FLASH_MAP_STORAGE was renamed to
CONFIG_FS_FLASH_STORAGE_PARTITION
as it is independent for flash_map.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
The IEEE 802.1Q chapter I.3 contains a proper network packet
priority to traffic class mapping. The original mapping was
clearly incorrect.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
In the future, when bootstrap support is added, this config won't
be used. Let's remove it.
Signed-off-by: Michael Scott <michael@opensourcefoundries.com>
Now that the LWM2M_OP_* bits have been renumbered, we no longer need
a custom BIT() macro for the LwM2M code. Let's remove it and use
BIT() instead.
Signed-off-by: Michael Scott <michael@opensourcefoundries.com>
Remove unused OP flag LWM2M_OP_NONE and renumber the existing flags
so that the operations used in object permissions land in the lowest
bits, and extended operations come later.
We may eventually add more permission / data flags, so let's try and
keep them inside a 1 byte boundary (flags with bits 0 to 7).
NOTE: LWM2M_OP_DELETE is currently not checked as a permission but
it may be in the future so it is in the lower bits.
Signed-off-by: Michael Scott <michael@opensourcefoundries.com>
When a data pointer or data length is not set, the read and write
handlers should return ENOENT to generate the correct LwM2M error
code (COAP_RESPONSE_CODE_NOT_FOUND).
Signed-off-by: Michael Scott <michael@opensourcefoundries.com>
Before ever call of string_to_path(), the lwm2m_obj_path object
was being cleared via memset. Let's move the memset into
string_to_path() to remove the duplicate code.
Signed-off-by: Michael Scott <michael@opensourcefoundries.com>
Eliminate several similar code-blocks by replacing
engine_get_resource() with a more useful function called:
path_to_objs()
By supplying an lwm2m_obj_path object, it will find and set
the related values for:
struct lwm2m_engine_obj_inst
struct lwm2m_engine_obj_field
struct lwm2m_engine_res_inst
NOTE: NULLs can be supplied where the returned value is not
important.
Signed-off-by: Michael Scott <michael@opensourcefoundries.com>
The fp_sharing test has an option to control the number of iterations in
the pi calculation, which is used to adjust the duration of the test on
different platforms that may have significantly different execution
frequencies (e.g., qemu_x86 vs. frdm_k64f). The conversion to CMake did
not handle this option correctly and forced the same value for all
platforms.
The test now completes in about 5 minutes on frdm_k64f.
Signed-off-by: Maureen Helm <maureen.helm@nxp.com>
Get the 1.12 release notes started with material derived from the 1.12
roadmap (closed issues) and headings from the 1.11 release notes.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Add test for Altera Nios-II MSGDMA soft IP core. This IP on
Altera MAX10 support Memory to Memory DMA transfers.
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
Add dma driver for Nios-II Modular Scatter-Gather DMA soft IP.
This driver relies upon the Altera HAL msgdma driver for all
the dma core register programming and interrupt handling.
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
Add _nios2_dcache_flush_no_writeback() routine to invalidate
cache contents of address provided.
This routine is ported from Altera Nios-II SDK v17.
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
Add wrapper function for alt_printf() Altera HAL runtime API
to enable Altera HAL drivers on Zephyr.
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
Add Altera Nios-II modular Scatter-Gather DMA (mSGDMA) HAL
driver to Zephyr.
The sources are taken from the Altera SDK v17.
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
Add new test for testing IPv4 source address selection functions.
Refactor the tests:
- split tests to smaller pieces
- use proper zassert() statements
- print debugging information only when needed
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Add functions that will return correct source IPv4 address
according to given destination address. This is done similar
way as for IPv6.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The code was updating net_rx->seq to make sure sdu_recv() gets the
right sequence number (seq_auth for segmented messages), however later
net_rx->seq was also used for enqueuing to the Friend Queue, causing
the queued messages to have the wrong value.
To fix this, don't update net_rx->seq, rather pass an explicit
sequence number value to sdu_recv(), which is just net_rx->seq for
unsegmented messages, and seq_auth for segmented messages.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The 'valid' member of struct bt_gatt_ccc_cfg was redundant, since
setting 'peer' to BT_ADDR_LE_ANY does the same job. What's worse, the
handling of 'valid' was also buggy in that some places looking for
valid CCC structs only matched the address, meaning it might yield a
positive match for invalid entries.
Fix these issues by removing the 'valid' struct member, and solely
using the 'peer' member to identify valid entries. Also simplify the
code by acknowledging that no CCC entry is essentially the same as the
value '0' written to CCC.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The main stack size was too small for this sample application
when TLS was enabled. Increasing it to 1504 bytes.
Fixes#7269
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Update Kconfiglib to upstream revision da40c014398f3 (+ local Zephyr
modifications) to get commit da40c014398f3 ("Force encoding to UTF-8 by
default on Python 3") in. It sets a (configurable) UTF-8 default for
Python 3, overriding the encoding specified in the current locale.
I've decided that this is a good idea after some problem reports
unrelated to Zephyr. Running with the C locale breaks things horribly
otherwise, and the fix isn't obvious.
Plain strings aren't decoded on Python 2, so no changes are needed
there.
Related PEP: https://www.python.org/dev/peps/pep-0538/
Signed-off-by: Ulf Magnusson <ulfalizer@gmail.com>
Adds a shim layer around the imx gpio driver to adapt it to the Zephyr
gpio interface.
For now only the port 4 was tested.
Signed-off-by: Stanislav Poboril <stanislav.poboril@nxp.com>
This was wrong in two ways, one subtle and one awful.
The subtle problem was that the IRQ lock isn't actually globally
recursive, it gets reset when you context switch (i.e. a _Swap()
implicitly releases and reacquires it). So the recursive count I was
keeping needs to be per-thread or else we risk deadlock any time we
swap away from a thread holding the lock.
And because part of my brain apparently knew this, there was an
"optimization" in the code that tested the current count vs. zero
outside the lock, on the argument that if it was non-zero we must
already hold the lock. Which would be true of a per-thread counter,
but NOT a global one: the other CPU may be holding that lock, and this
test will tell you *you* do. The upshot is that a recursive
irq_lock() would almost always SUCCEED INCORRECTLY when there was lock
contention. That this didn't break more things is amazing to me.
The rework is actually simpler than the original, thankfully. Though
there are some further subtleties:
* The lock state implied by irq_lock() allows the lock to be
implicitly released on context switch (i.e. you can _Swap() with the
lock held at a recursion level higher than 1, which needs to allow
other processes to run). So return paths into threads from _Swap()
and interrupt/exception exit need to check and restore the global
lock state, spinning as needed.
* The idle loop design specifies a k_cpu_idle() function that is on
common architectures expected to enable interrupts (for obvious
reasons), but there is no place to put non-arch code to wire it into
the global lock accounting. So on SMP, even CPU0 needs to use the
"dumb" spinning idle loop.
Finally this patch contains a simple bugfix too, found by inspection:
the interrupt return code used when CONFIG_SWITCH is enabled wasn't
correctly setting the active flag on the threads, opening up the
potential for a race that might result in a thread being scheduled on
two CPUs simultaneously.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
The smp_init() call was too early. Device and subsystem
initialization doesn't happen until after the main thread starts
running. Starting extra CPUs and allowing them to schedule threads
before their drivers are alive is a bad idea, even if it works in a
unit test.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
With fragmentation disabled echo server responds to packet fragment with
ICMPv6 message Type: "Parameter Problem (4)", Code: "unrecognized Next
Header type encountered (1)". If a fragment with payload length 15 is
received in response sent by echo server IPv6 payload length and ICMPv6
checksum are wrong. This patch solves the issue by correcting payload
length.
Signed-off-by: Ruslan Mstoi <ruslan.mstoi@intel.com>
This patch fixes the dependency chain for priviliged stack
generation. This fixes a problem when compiling after making
significant changes that would shift the privileged stack area.
Signed-off-by: Andy Gross <andy.gross@linaro.org>
The mcux dspi driver was incorrectly using the macro SPI_MODE_GET() to
parse the operation for SPI_TRANSFER_LSB. The effect of this bug was
that the driver would quietly always operate in SPI_TRANSFER_MSB mode.
Coverity-CID: 185401
Signed-off-by: Maureen Helm <maureen.helm@nxp.com>
The bt_mesh_provision() call results in the provisioning link state
being cleared, so link.conn will become NULL. Add code to store the
information of whether PB-GATT was used and use this information after
the call instead of relying on link.conn anymore at this point.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The #ifdef protections are not needed, and in fact prevent helpers
such as IS_ENABLED() from being used when calling APIs which are
optional.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
