Elevate connections always to security mode 1 level 4 when
Secure Connections Only Mode has been enabled in the Security Manager.
Elevate connections always to security mode 1 level 3 when
Legacy pairing with OOB only has been enabled in the Security Manager.
Fixes: #27338
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Return BT_HCI_ERR_INVALID_CONN_ID if an invalid handle is
given by the HCI; currently sometimes BT_HCI_ERR_CMD_DISALLOWED
is returned
Signed-off-by: Andries Kruithof <Andries.Kruithof@nordicsemi.no>
Removed the check for selected_per_adv_sync as it was unused by the
create/delete functions (which take the index as parameters), and
caused the shell not to print any values.
Signed-off-by: Emil Gydesen <emil_gydesen@bose.com>
The `free_per_adv_sync` pointer in `cmd_per_adv_sync_create`
did not work as intended, as it didn't actually update the
pointer in the array, which caused the
`cmd_per_adv_sync_delete` to not function as intended.
Signed-off-by: Emil Gydesen <emil_gydesen@bose.com>
If CONFIG_BT_EXT_ADV was enabled but
CONFIG_BT_EXT_ADV_LEGACY_SUPPORT was disabled and
CONFIG_NO_OPTIMIZATIONS was enabled, then there was a
maybe-initialized warning. Fixed by adding additional
checks.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Core 5.2, Vol 4, Part E, section 5.3.1 clarifies that advertising set
handle is assigned by host when advertising set is created and this
happens only on LE Set Extended Advertising Parameters.
An advertising set handle is an arbitrary number within allowed range,
i.e. 0x00-0xEF and not 0..max_supported-1.
This patch adds option to enable advertising set handle mapping from
HCI range as defined by Core specification to zero-based handles used
by LL. If enabled, HCI handle will be remapped to LL handle for each
command, otherwise HCI handle will be used as an LL handle. The latter
effectively skips mapping logic and should be used with Zephyr host
which uses zero based indexes.
Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@codecoup.pl>
There's not need to mark advertising set as created by either legacy
or advertising command since this is determined by current so-called
HCI advertising mode which determines whether host uses legacy or
extended advertising commands.
Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@codecoup.pl>
As per Core 5.2, Part B, section 3.1.1 controller should not allow
mixing of legacy and extended advertising commands. Once 1st command
is received from host, we should only allow commands of the same type
and return an error on other commands.
If legacy advertising interface is selected by 1st command received,
we need to make sure that set with handle=0 is created since it's
used by all legacy commands.
When not using external host, we assume that only extended advertising
interface will be used thus all checks can be skipped (optimized and
compiled-out).
Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@codecoup.pl>
A lot of commands return CC event with status parameter only, especially
when error is returned. This patch adds a helper to create such event,
similar to cmd_status.
Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@codecoup.pl>
Proper error code should be returned if advertising set with given
handle does not exist instead of generic "invalid parameters" one.
Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@codecoup.pl>
AdvA in extended advertising PDUs is put at different offset than in
legacy PDUs thus it's better to let caller calculate and pass AdvA and
TxAdd explicitly. This way we won't need to check whether scan request
was on legacy or extended PDU every time.
Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@codecoup.pl>
When a connect indication contains a channel map of all zeros, the
adv->conn is left NULL'ed after return and next connect attempt leads
to a crash.
This was identified via the Sweyntooth test suite executing the script
re. issue 6.14 towards an Oticon target.
Signed-off-by: Erik Brockhoff <erbr@oticon.com>
Move call to reset_pairing to bt_conn_security_changed, since this
should always be done at the same time, and should be done in the same
order for all calls. For auth_complete this was reset after the
callbacks, which is inconsistent with the other events.
Also call it even if not connected anymore, the disconnection complete
event will be delivered after this event. Callback should alway be
called if security was initiated.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Added support for syncing to periodic advetisements.
The API and usage is heavily inspired by the extended advertisement
and connection APIs.
Signed-off-by: Emil Gydesen <emil_gydesen@bose.com>
Added the ext adv report interval to bt_le_scan_recv_info which
denotes whether or not there is periodic advertisement data
associated with the advertisement report.
Signed-off-by: Emil Gydesen <emil_gydesen@bose.com>
Added API to set periodic adv parameters, periodic adv data
and to enable/disable periodic advertisement.
Signed-off-by: Emil Gydesen <emil_gydesen@bose.com>
It does not auto-initiate the DLE procedure if the default data length
parameters are not equal to the initial parameters.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
Some controllers do not follow the recommendation of auto-initiating
a data length update if the host writes default data length parameters.
If the controller follows this recommendation, calling
LE Write Suggested Default Data Length command is sufficient
to ensure that the LL will auto-initiate the DLE procedure. Performing
a second procedure is unecessary.
In Core v5.2, Vol 4, Part E, Section 7.8.35:
The HCI_LE_Write_Suggested_Default_Data_Length command allows the
Host to specify its suggested values for the Controller's maximum
transmission number of payload octets and maximum packet
transmission time for packets containing LL Data PDUs to be used
for new connections. The Controller may use smaller or larger values
for connInitialMaxTxOctets and connInitialMaxTxTime based on local
information.
In short, this command sets connInitialMaxTxOctets
and connInitialMaxTxTime.
In Core v5.2, Vol 6, Part B, Section 4.5.10:
For a new connection: connMaxTxOctets shall be set to
connInitialMaxTxOctets and connMaxRxOctets shall be chosen by the
Controller. If either value is not 27 then the Controller should
initiate the Data Length Update Procedure at the earliest practical
opportunity.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
Fix issue with bt_gatt_service_unregister not clearing CCC information.
If the service is unregistered while an unbonded peer is connected and
subscribed then this CCC would be restored again when registering the
service even if the peer is now disconnected.
If the service is unregistered with bonded peers CCCs stored in settings
then this value would never be cleared. If the service is registered
again then the peer would receive a service changed for this service,
but it's CCC value would still be enabled.
Fixes: #26924
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Extract enqueue of GATT CCC when CONFIG_BT_SETTINGS_CCC_STORE_ON_WRITE
is enabled to a helper function gatt_ccc_conn_enqueue so that it can be
reused.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Move the clear_ccc_cfg function further up to be re-used without a
forward declaration in bt_gatt_service_unregister.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Starts the periodic heartbeat publish period at the end of the
publication, instead of at the ordering time. This ensures that the
heartbeat period doesn't get shortened by other enqueued messages.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
When performing node reset over a proxy connection, the disconnection is
asynchronous, and will finish after the reset callback goes to the
application. If the application restarts provisioning in this callback,
the disconnected-event is triggered after PB GATT is reactivated, and
this error is printed without any faults actually occurring.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Notify L2CAP when pairing procedure fails during SMP pairing
process. L2CAP needs to be notified so that it can cancel
ongoing connection-oriented channel requests.
Rename bt_l2cap_encrypt_change to bt_l2cap_security_changed and
call it from bt_conn_security_changed always, so that L2CAP
is informed when changing security fails.
This also fixes security_changed conn callback not called when
auth_complete returns an error.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Avoid warning in att_handle_rsp, only call this when there is a
pending ATT request. This avoids a warning happens when elevating
security fails but higher security had not been requested by an
ATT request.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
squash! Bluetooth: ATT: Remove warning when no ATT process pending
Elevate the security level before sending the connection request if
the application has set a required security level on the channel.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Elevate the security level of the connection when the l2cap channel
connect request is denied with encryption or authentication error
code.
The l2cap channel required_sec_level was used, but this is not
correct as this is set by the user of the API. This resulted in
the call to bt_conn_set_security seeing that the current security
level was already set, decide there is nothing to be done and return
success.
Fixes: #27220
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Use safe for-each loop in bt_l2cap_encrypt_change since dynamic
channels with pending connection-oriented channel requests will
be canceled and removed from the list if the encryption change
failed.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove dependency on CONFIG_BT_ACL_FLOW_CONTROL and use
CONFIG_BT_L2CAP_RX_MTU always to set L2CAP RX MTU.
The ATT MTU is set from two different KConfig options depending
on if CONFIG_BT_ACL_FLOW_CONTROL is enabled, which makes it
a confusing option and hard to provide a conf file that
supports multiple board configurations.
This changes the behavior when CONFIG_BT_ACL_FLOW_CONTROL and
CONFIG_BT_BUF_RX_LEN was used to set the L2CAP RX MTU, and by
extension the ATT MTU.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix incorrect use of LLL ticker user id in ULL_LOW execution
context.
Regression introduced in commit 23ef75f6d9 ("Bluetooth:
controller: split: Fix Low Latency Prepare Done").
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
EATT channels use bt_l2cap_chan_send which does return the number of
bytes sent on success not 0 as bt_l2cap_send.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fill the referenced event counter of the Periodic
Advertising SYNC_IND PDU into the sync info struct in the
Common Extended Advertising Header Format.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fill the missing Periodic Advertising interval in the
Extended Advertising Report when Auxiliary PDUs contain
Sync Info fields.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Reject the security request immediately when receiving a security
request that does not support LE Secury Connections pairing.
This would have been rejected during the pairing procedure, but
PTS testing expects the security request to be rejected.
Ref: GAP/SEC/SEM/BV-29-C
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
