This adds CONFIG_BT_CONN_DISABLE_SECURITY which can be used to disable
security checks for incoming requests enabling to test accessing GATT
attributes and L2CAP channels that would otherwise require
encryption/authentication in order to be accessed.
It depends on BT_TESTING to indicate to the users that this is a
testing feature which shall not be used in production.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
It should be possible to identify whether advertising set uses legacy
or extended advertising to avoid performing operations that are not
supported on either of them.
For example, scannable advertising can have advertising data set only
if legacy PDUs are used.
Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@codecoup.pl>
Fix a crash in the persistent advertising handling.
This occurs because the callstack of the RX thread overflowed
due to an infinite recursion between bt_conn_unref and
bt_le_adv_resume.
This happens when starting a new advertiser is denied by the
controller, then the conn object reserved will be released again
and the host will attempt to resume advertising in the bt_conn_unerf
at the end of bt_le_adv_resume.
This situation can happen if the host supports more connections
than the controller.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Follow Bluetooth specification recommendation of setting the output
of the DH_Key field in the LE Generate DHKey Complete event when the
public key is invalid.
If the Remote_P-256_Public_Key parameter of the HCI_LE_Generate_DHKey
command (see Section 7.8.37) was invalid (see [Vol 3] Part H, Section
2.3.5.6.1), then all octets of the DH_Key event parameter should be
set to 0xFF.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Added a feature that allows an application to request
automatic discovery of the CCCD handle when subscriping
to a characteristic. In order to preserver RAM, the application
is expected to provide the discovery parameters, and it's up
to the application whether or not it wants to reuse the
discovery parameters or use one for each characteristic.
Signed-off-by: Emil Gydesen <emil_gydesen@bose.com>
Change fixes storing subscriptions in settings. CCC write can interrupt
the ccc_delayed_store. Without the change, new CCC was not stored in
non-volatile memory and the work that stored CCC was not resubmitted.
That resulted in lost subscription after reboot.
Fixes: #26862
Signed-off-by: Marek Pieta <Marek.Pieta@nordicsemi.no>
Add bond_deleted callback so that the application can keep track
of when bond information is deleted in the stack.
Bond information can be deleted by the application through bt_unpair
or automatically by the stack in some cases, e.g when
CONFIG_BT_KEYS_OVERWRITE_OLDEST is enabled and the oldest bond
is overwritten.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Allow calling bt_le_adv_start with no connection object available
when not the option BT_LE_ADV_OPT_ONE_TIME has been set. In this
case the advertiser will be restarted once there is a connectable
advertiser object available.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When CONFIG_BT_GATT_NOTIFY_MULTIPLE is selected and the remote has
enabled support for using its procedure data can sometimes not fit
into the buffer since the multiple variant has a bigger header, so
instead of failing immediatelly this attempts to send the data using
the legacy PDU instead so those using bt_gatt_get_mtu - 3 can still be
sent.
Fixes#26106
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Turn the GATT notify multiple feature off as default value.
This feature changes the behavior of the bt_gatt_notify API in a way
that might not be backwards-compatible.
This is because the notify multiple header is larger, and therefore
limits the amount of bytes that could otherwise have been sent in a
normal notify PDU for a given ATT MTU.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix use of conn_handle in LE Advertising Set Terminated event not
converting from serial Little Endian to native CPU endianness.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Use an unspecified reason when disconnecting a connection that did not
have a pending connection in the host.
We don't allocate connection objects in the connection complete anymore
so using memory-capacity-exceeded is misleading.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This patch fixes an issue with the advertiser not resuming connectable
advertiser if the last bt_conn_unref happens from something other
than the disconnected callback.
In this case this last bt_conn_unref was from gatt.c notify_cb called
from application main thread.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix host RX thread being deadlocked. The deadlock occurs because the
RX thread is stuck waiting in conn_tx_alloc with K_FOREVER but if the
connection is disconnected only the RX thread can unblock it in the
handling of the disconnect event.
This commit fixes this deadlock by splitting the processing of the
disconnected event into two parts.
The part needed to unblock the RX is to release resources held by
unack'ed TX packets and mark the connection state as not connected
anymore.
The RX thread waiting for free_tx fifo and the TX thread waiting for
the bt_dev.le.pkts semaphore will both check the connected state after
having acquired them and will abort if disconnected.
The rest of the processing will be handled at normal RX thread
priority like normal.
Move the bt_recv_prio handling to the Bluetooth host when the host
has defined its own RX thread (CONFIG_BT_RECV_IS_RX_THREAD=n).
If the HCI driver has the RX thread (CONFIG_BT_RECV_IS_RX_THREAD=y),
then the responsibility to call bt_recv and bt_recv_prio correctly
falls to the HCI driver.
The helper function bt_hci_evt_is_prio() is replaced with
bt_hci_evt_get_flags() so that the HCI driver can do this correctly.
This decision to replace was made so that existing HCI drivers
maintained out-of-tree will fail at compile time with the new system.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Bluetooth: host: Move bt_recv_prio to host when RX thread is defined
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Save link key to settings_subsys, no need to re-pair after restart.
Overwrite old pairing records with aging counts.
Signed-off-by: ZhongYao Luo <LuoZhongYao@gmail.com>
Fix the advertise object not release when a high-duty cycle directed
advertiser timeout happens. If the extended advertising feature has been
enabled in the host, but not supported by the controller then the
advertising object must be released in the connection complete event
since there will not be a advertising set terminated event.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add options for phy update procedure. User can now set no preference
option for a particular PHY as well as preference for LE Coded PHY
coding scheme.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
These functions don't work with buffers that do have fragments, instead
this replaces their usage with net_buf_{put,get}.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
ATT_PENDING_SENT does severely impact the throughput since multiple
packets no longer can be scheduled at same time, so instead of always
setting it regardless of the bearer/channel it is now only used for
EATT since that cannot set its own callbacks.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
bt_l2cap_send_cb may fail if there are no context available which means
that the request would not be sent, also due to the use of custom
callback it cannot be queued either so the only option is to return the
error and let the application handle it.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Since the TX semaphore is used for all types of PDUs a request may have
to be put on the request list while there is no pending request pending
which means no response will be generated to trigger att_process,
previously this condition was handled by setting the request as
currently pending and append its buffer to tx_queue but this is no
longer efficient since there could be more than one channel active the
code should try all of them before queueing back to request list.
To fix this the request list will now be processed each time a PDU has
been sent.
Fixes#26070
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
ATT channel sent callback shall not be overwritting until the
operation completes as it can result in breaking flow control when
CONFIG_BT_ATT_ENFORCE_FLOW is enabled.
Fixes#25964Fixes#26071
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Add warning about enabling the options below so that users are
aware that this is a security risk.
- CONFIG_BT_DEBUG_SMP
- CONFIG_BT_DEBUG_KEYS
- CONFIG_BT_OOB_DATA_FIXED
- CONFIG_BT_USE_DEBUG_KEYS
- CONFIG_BT_STORE_DEBUG_KEYS
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The bt_l2cap_le_conn_rsp struct in l2cap_internal.h has not been
declared __packed. This can cause alignment problems on some
platforms if the struct is placed on an unaligned address.
A __packed declaration solves this issue by forcing the compiler to
use store instructions that do not required alignment.
Signed-off-by: Jim Luther <jilu@oticon.com>
Some Kconfig defined devices may be defined using dt_chosen_label
function. Since there is no way to ensure a device enabled in dts
is also defined in Kconfig, it may happen that instance is not
actually defined.
In this case device_get_binding might return 0, leading to undefined
behavior in the function that calls it.
When not already done, systematically check return of function
device_get_binding on devices defined through dt_chosen_label macro.
Trigger ASSERT when required and return error when possible.
Fixes#20068
Signed-off-by: Erwan Gouriou <erwan.gouriou@linaro.org>
This commits fixes the loading of bt/cf settings into memory. Only data
was loaded and not the address.
Signed-off-by: François Delawarde <fnde@demant.com>
build breakage if SMP is disabled
In function `bt_unpair':
bluetooth/host/hci_core.c:2640: undefined reference to `bt_foreach_bond'
Signed-off-by: chao an <anchao@xiaomi.com>
If LE Read PHY fails the code was still trying to parse the buffer as a
valid response.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fix extended advertiser not using correct set random address command
to set private (NRPA) address when privacy feature has been disabled.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix Service Changed configuration stored in flash not deleted in flash
when calling bt_gatt_clear from bt_unpair.
When clearing the check for "is bonded" should not be made. If the
bond information is already removed this check will fail.
When clearing the check for "modified" should not be made, clearing
is in itself a modification, and should always be made.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix CCC cfg not cleared when overwriting oldest bond. Calling
bt_unpair with a pointer to the key will result in the key addr being
memset to zero and bt_gatt_clear is called with an zero-set address.
This happens because unpair (hci_core.c) calls bt_keys_clear before
calling bt_gatt_clear.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
get_phy is referenced by BT_EXT_ADV only when BT_OBSERVER is also
selected. Avoid defined-but-not-used warnings in that situation.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
When using extended advertising the connection can be established on
different PHY. In order to have an updated value of the current PHY
we need to read the PHY of the connection in the connection complete
event.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add application control of initiating phy change procedure and it's
parameters.
The reasons for allowing the application control over the PHY:
- Allow changing to Coded PHY.
- Application may change PHY to react to changes in environment
to balance throughput and range.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add application control of initiating data length procedure and it's
parameters.
The reasons for allowing the application control over the data length:
- Bandwidth control adjusted based on number of active connections.
- Changing data length before switching to coded phy.
- Applying workarounds for interoperability problems.
- Controlling order of ATT MTU and data length procedures.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add Kconfig option so that the application can disable automatic
initiation of the data length procedure. This is symmetric with the
PHY auto initiation kconfig option.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Refactor setting the maximum data length parameters supported on in
auto data length procedure. This makes setting the data length of the
connection a re-usable function.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The numbers should have been the sum of HCI commands count and ACL TX
buffers but instead the buffer size was used which makes the pool holds
substatially more buffer than necessary.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Implement the BT_LE_ADV_OPT_USE_NAME when using bt_le_ext_adv_* APIs
to start the advertiser.
When starting an extended connectable advertiser the name must be
included in the advertising data, since scan response data is
not allowed in this configuration.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove setting state flags in bt_le_adv_start_ext since they are set
by le_ext_adv_param_set, except for BT_ADV_PERSIST flag.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Only persist advertising when the bt_le_adv_start API is used to start
the advertiser. For multiple advertising set a connectable advertiser
can only be started if there is a connection object available for the
advertiser. Leave the decision on which advertising set should be
advertising up to the application instead of suspending advertising
when no connection object is available.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove the BT_LE_CONN_OPT_2M option and update documentation.
This was a misunderstand about the init PHY HCI parameter.
The init PHY in the extended connection create command does not
determine which PHYs are accepted as the initial PHY of the
connection. This is instead determined by the secondary PHY of the
extended advertiser.
The init PHY parameter only specifies which conn parameters are
provided, and since we only provide one conn parameter this option
has no effect.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The last parameter to hci_cmd_done() is expected to be a valid net_buf
since the function immediately tries to dereference it. Fix this by
passing the appropriate buffer reference to the function.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This adds a new flag to track if the L2CAP channel is pending waiting
for encryption to be changed to resume connecting.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>