Commit graph

9523 commits

Author SHA1 Message Date
Vinayak Kariappa Chettimada
920117922b Bluetooth: Controller: nRF53x: Fix NRF_CCM MAXPACKETSIZE value
Fix NRF_CCM MAXPACKETSIZE value to mitigate Bus Faults.

Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
2025-05-19 21:55:04 +02:00
Vinayak Kariappa Chettimada
20576597df Bluetooth: Controller: nRF54Lx: Fix MDATA length to avoid MIC failures
Fix MDATA length with extra bytes to mitigate MIC failures.

Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
2025-05-19 21:55:04 +02:00
Vinayak Kariappa Chettimada
d720032a43 Bluetooth: Controller: Fix assertion establishing Peripheral ISO
Fix assertion observed establishing subsequent Peripheral
ISO connection due to a race between the new CIS context
being acquired into a CIG and LLL getting a CIS sorted by
CIS offset in that CIG. Get only active CISes from the CIG
in the LLL prepare.

Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
2025-05-19 21:55:04 +02:00
Vinayak Kariappa Chettimada
0ef1d98ec8 Bluetooth: Controller: Fix max tx octets value used
Fix max tx octets value used as given to the Host by the
LE Read Buffer Size command response.

Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
2025-05-19 21:55:04 +02:00
Vinayak Kariappa Chettimada
33a8a33d79 Bluetooth: Controller: Fix redundant ISO Rx size in ACL Rx
Fix missing removal of redundant ISO Rx size in ACL Rx PDU
allocation size.

Related to commit 7c89f1fe9f ("Bluetooth: controller:
Support for separate ISO RX data path").

Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
2025-05-19 21:55:04 +02:00
Ping Wang
355a5525bc Bluetooth: Audio: fix BIS_Sync_State for BASS server
BASS server need to notify that both BIS and PA are no longer synced by
setting all required fields to 0 after client stops BIS by sending a
BIG control PDU with a BIG TERMINATED indication.

meanwhile BIG_Encryption in the notification should also be reset to be
BT_BAP_BIG_ENC_STATE_NO_ENC when BIS is not synced anymore.

Signed-off-by: Ping Wang <pinw@demant.com>
2025-05-16 17:32:28 +02:00
Lars Segerlund
ffe52da2f0 bluetooth: Controller: Set sdu_max fixing ISO test mode sdu_max
For ISO test mode sdu_max to work it actually has to be set somewhere
and this does that.

Signed-off-by: Lars Segerlund <lrsu@demant.com>
2025-05-16 16:11:41 +02:00
Vinayak Kariappa Chettimada
2fc54ae3bb Bluetooth: Controller: Fix nRF CCM disable on connection event abort
Fix missing nRF CCM disable on connection event abort.

There can be a problem on nRF SoC for example when a S8
"encrypted" reception is aborted, and a 2M "cleartext"
reception starts; slow CCM (that is not stopped as part of
radio disable) will corrupt a fast received "cleartext" when
the same current free rx buffer is reused in the Controller.
This is not a problem when the connection being abort-ee is
on a faster PHY than the abort-er.

Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
2025-05-16 12:36:43 +02:00
Alex Apostolu
6e34acc4e2 Bluetooth: Host: Use macro for nanoseconds per second
Use the macro NSEC_PER_SEC defined in sys_clock.h for nanoseconds per
second when updating write stats.

Signed-off-by: Alex Apostolu <apostolu240@gmail.com>
2025-05-16 09:38:47 +02:00
Vinayak Kariappa Chettimada
bebf59f9a0 Bluetooth: Controller: Fix MIC failure when 2 CISes in Peripheral
Fix MIC failure when 2 or more CISes in Peripheral is active
and any CIS before the last CIS does not have reception that
lead to the event count and payload count being incorrect.
Add the missing flush implementation when switching between
CISes in the CIG event.

Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
2025-05-15 16:16:59 +02:00
Lyle Zhu
0b0cfd5ec7 Bluetooth: Classic: SSP: Correct pairing method
In current implementation, if the MITM flag of both sides is disabled,
the pairing method is incorrect.

Such as, the IOCAP of both sides is `display_yesorno`, the pairing
method is `PASSKEY_CONFIRM`. But actually, it should be `JUST_WORKS`
in this case.

Fix the issue by setting the pairing method to `JUST_WORKS` if the
MITM flag of both sides is false.

Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
2025-05-14 19:36:17 +02:00
Emil Gydesen
6887b58d4e Bluetooth: ISO: Remove BT_ISO_TX_FRAG_COUNT
The Kconfig option has not been in use for anything for
a long time, and can safely be removed.

Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
2025-05-14 16:28:42 +02:00
Aleksander Wasaznik
0e138cb777 Bluetooth: Host: K_NO_WAIT in bt_att_req_alloc() in SYS WQ
This commit prevents ATT request APIs from blocking waiting on the
req_slab pool on the system work queue. The API will instead return
-ENOMEM.

This aligns with commit 05b16b971b, which
establishes that the GATT request APIs are non-blocking on the system
work queue. That commit makes GATT request APIs fail with -ENOMEM when
they fail to allocate a buffer for the ATT PDU on the system work queue.

There is no reason to make this distinction between the two resources,
and this makes the API more consistent.

Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
2025-05-14 14:15:58 +02:00
Nithin Ramesh Myliattil
70a97a8222 Bluetooth: BAP: Add control point cbs to BASS
For the control point operations, add/modify/
remove source, callbacks are added so that Application
can decide whether to accept/reject the control point
operations.

Signed-off-by: Nithin Ramesh Myliattil <niym@demant.com>
2025-05-14 14:15:51 +02:00
Pavel Vasilyev
971c2c9426 Revert "Bluetooth: host: extract sending of host num complete"
This reverts commit 32212bfb63.

Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
2025-05-14 11:03:02 +01:00
Pavel Vasilyev
da9acbcf11 Revert "Bluetooth: host: Send host num completes as early as possible"
This reverts commit 147ee3daaf.

Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
2025-05-14 11:03:02 +01:00
Timothy Keys
cc9279e3ce Bluetooth: Controller: Only select BT_TICKER_LAZY_GET for ZLL
BT_TICKER_LAZY_GET is a ZLL only kconfig and should not be selected for
other controllers.

Signed-off-by: Timothy Keys <timothy.keys@nordicsemi.no>
2025-05-13 16:22:43 +02:00
Pavel Vasilyev
14b4e30cdf bluetooth: host: Deprecated BT_CONN_TX_MAX
After https://github.com/zephyrproject-rtos/zephyr/pull/72090,
`conn_tx_alloc` no longer blocks, and each buffer always has a
corresponding `bt_conn_tx` object. This eliminates the need to configure
the number of `bt_conn_tx` objects via `CONFIG_BT_CONN_TX_MAX`, since
every buffer now carries its own context even when no callback is used.

This commit deprecates `CONFIG_BT_CONN_TX_MAX` as it is no longer
necessary. Instead, `CONFIG_BT_BUF_ACL_TX_COUNT` is used to allocate
`bt_conn_tx` objects for outgoing ACL data. ZLL already uses
`CONFIG_BT_BUF_ACL_TX_COUNT` to configure the number of outgoing ACL
packets. With this change, modifying the packet count will automatically
adjust the number of corresponding contexts, preventing both context
starvatoin and underutilization.

This approach also aligns with ISO, where the number of `bt_conn_tx`
objects for outgoing ISOdata matches `CONFIG_BT_ISO_TX_BUF_COUNT`.

Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
2025-05-12 14:54:26 +02:00
Pavel Vasilyev
ddeeecd0b4 bluetooth: host: Add a check for num of bt_conn_tx and ACL/ISO bufs
After https://github.com/zephyrproject-rtos/zephyr/pull/72090, each
packet to be sent (wether ACL or ISO data) has a corresponding
`bt_conn_tx` object, regardless of whether a callback is used.

This means that number of packets Host can send to Controller is limited
by the smaller of two values: ACL/ISO packets Controller can receive,
and the number of `bt_conn_tx` objects allocated by Host.

A mismatch between these numbers may lead to inefficient resource usage
on either Host or Controller side. If Host allocates fewer `bt_conn_tx`
objects than the number of buffers available on Controller for a given
data type, some Controller buffers may go unused. Conversely, if Host
allocates more `bt_conn_tx` objects than Controller can consume, the
excess objects remain unused.

This commit adds a check and issues a warning if the number of
`bt_conn_tx` objects is not aligned with the number of ACL/ISO buffers
reported by Controller via the LE Read Buffer Size v1 or v2 command.

Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
2025-05-12 14:54:26 +02:00
Vinayak Kariappa Chettimada
3c661a1765 Bluetooth: Controller: Fix LOW_LAT_ULL implementation for ISO support
Fix BT_CTLR_LOW_LAT_ULL implementation for enqueing ISO Rx.

Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
2025-05-09 10:42:28 +02:00
Johan Hedberg
af77efb77e Bluetooth: Host: Remove unnecessary ifdef from cs.c
The building of cs.c based on the respective Kconfig option is already
taken care of CMakeLists.txt, so it's redundant to try to protect the code
through ifdefs in the c-file as well.

Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
2025-05-08 15:56:35 +02:00
Johan Hedberg
9ecca87281 Bluetooth: Host make the long workqueue stack size configurable
Add a prompt to the long workqueue stack size, so that it can be easily
fine-tuned by the application. The exact usage will depend on many factors,
such as the chosen crypto backend and target architecture, so it's not
possible to have "one size fits all" solutions based on the default values.

Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
2025-05-08 14:01:00 +02:00
Emil Gydesen
425f3f4b0a Bluetooth: Audio: Rename ctx type prohibited to none
The context type PROHIBITED has been removed from
the Bluetooth assigned numbers document. It is, however,
still used in some profiles to indicate either "No context
type supported" or "None available", and thus a rename
to "NONE" makes sense.

It is still treating similar to prohibited in some cases,
as it is not a valid context type in all cases.

Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
2025-05-08 01:58:01 +02:00
Vinayak Kariappa Chettimada
fc14570585 Bluetooth: Controller: Fix Central CIS offset for dissimilar intervals
Fix Central CIS offset calculation for dissimilar ACL and
ISO intervals in use.

Mayfly execution of `mfy_cig_offset_get()` could be after
"LLL Prepare" or before depending on whether a previous radio
event is being preempted or not, respectively; the
`conn->lll.event_counter` may not be pre-incremented.
This race condition is fixed by the fact that we use a
constant instant delta value now.

Dissimilar ACL and ISO intervals may lead to ACL overlapping
or be too close to ISO event, causing preemption; under this
case ACLs "LLL Prepare" would run after `mfy_cig_offset_get`
causing incorrect calculation of CIS offset without the fix.

Remove redundant `instant` member in `ll_conn_iso_stream`
structure as a constant CIS Create instant delta is now
used.

Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
2025-05-07 15:10:17 +02:00
Valerio Setti
52dcb2593a Bluetooth: Host: remove useless select in BT_HOST_CRYPTO_PRNG
PSA Crypto API always allow psa_generate_random() to be called (i.e. there
is no PSA_WANT_xxx symbol that can be used to disable it). How random
numbers are generated internally is a library internal detail, but the
end user (Bluetooth) does not need to worry about this.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2025-05-07 10:30:45 +02:00
Olivier Lesage
86a6b29733 bluetooth: host: Increase default cmd buffer size to 255 if using CS
sizeof(struct bt_le_cs_write_cached_remote_fae_table) = 74,
so the default value (65) was already too small in some cases.

Signed-off-by: Olivier Lesage <olivier.lesage@nordicsemi.no>
2025-05-07 10:29:59 +02:00
Johan Hedberg
4a31b8036d Bluetooth: Host: Remove conditional stack size for BT_SETTINGS
With BT_SETTINGS enabled, there doesn't seem to (anymore?) be any
substantial overhead in stack consumption:

 0x200020b8 BT RX WQ
        options: 0x0, priority: -8 timeout: -9223372036854775808
        state: pending, entry: 0x5ba69
        stack size 2240, unused 1072, usage 1168 / 2240 (52 %)

Let's just remove the conditional default and fall back to the
non-conditional one which is 1200.

Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
2025-05-06 13:01:28 +02:00
Troels Nilsson
facdbdbd29 Bluetooth: Controller: Fix handling of odd SDU intervals in CIS central
Make sure iso_interval_us is in a multiple of 1.25 ms instead of directly
assigning it the value of SDU interval

Fixes EBQ failures in LL/CIS/CEN/BV-36-C and LL/CIS/CEN/BV-37-C

Signed-off-by: Troels Nilsson <trnn@demant.com>
2025-05-06 12:00:15 +02:00
Troels Nilsson
368beb9623 Bluetooth: Controller: Fix truncation by abs() call when using PAST
The abs() function only takes an int as input - use llabs() instead

Fixes EBQ failure in LL/CON/PER/BV-105-C

Signed-off-by: Troels Nilsson <trnn@demant.com>
2025-05-05 14:25:22 +02:00
Johan Hedberg
ed9bed110d Bluetooth: Controller: Be more explicit with thread names
The "BT RX pri" and "BT RX" are too easily confused with host-side threads,
e.g. the host RX thread is called "BT RX WQ". Add "CTLR" to the Controller
side thread names to make it clear that they're managed by the controller.

Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
2025-05-02 15:21:52 +02:00
Vinayak Kariappa Chettimada
590b86039b Bluetooth: Controller: Fix Extended connection initiation assertion
Fix assertion on aux context release during extended
connection initiation when supporting multiple simultaneous
interleaved Extended scanning support.

Relates to commit a8065926ac ("Bluetooth: Controller: Fix
to release aux context stored in node rx").

Relates to commit 193ce73109 ("Bluetooth: Controller: Fix
missing resume of primary channel scanning").

Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
2025-05-02 15:20:30 +02:00
Troels Nilsson
6a5fa60ad4 Bluetooth: Controller: Fix missing window widening in ull_periph_setup
No window widening was applied to conn_offset_us causing the initial
ticker_cb to get called slightly too late

Apply window_widening_periodic_us to conn_offset_us, since this is the
worst-case window widening (win_offset is not allowed to be larger than
a connection interval) and is applied in the LLL window size already

Fixes EBQ failure in LL/TIM/PER/BV-02-C

Signed-off-by: Troels Nilsson <trnn@demant.com>
2025-05-02 07:20:03 +02:00
Emil Gydesen
6abdc389d4 Bluetooth: CSIP: Remove bt_csip_set_member_get_sirk
The bt_csip_set_member_get_sirk function is superseded by
bt_csip_set_member_get_info and uses of it has been replaced.

Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
2025-05-01 18:15:56 +02:00
Emil Gydesen
b04d6386db Bluetooth: Audio: Fix includes
Updates the includes in a a few files to
avoid including unused header files and include the
ones that are used.

Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
2025-05-01 13:42:37 +02:00
Emil Gydesen
b9ddaf7a5f Bluetooth: Audio: Shell: Fix includes
Updates the includes in a a few files to
avoid including unused header files and include the
ones that are used.

Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
2025-05-01 13:42:37 +02:00
Fredrik Danebjer
379eb7a0ff bluetooth: host: Fix premature semaphore giving
There was a semaphore in hci_core which was given to early when
receiving the BT_HCI_EVT_NUM_COMPLETED_PACKETS message from the
controller. This would sometimes cause an assert to happen in
function hci_num_completed_packets, where there would arise a
mismatch in the bookkept count, and actually stored nodes. More
concretely, due to premature semaphore giveing, the tx_pending node
would be have been removed in another context before it could be
fetched and moved to complete list in this function.

Signed-off-by: Fredrik Danebjer <frdn@demant.com>
2025-05-01 09:34:28 +02:00
Dmitrii Sharshakov
114bc8086d Bluetooth: ISO: fix hci_le_set_cig_params validation
Sizeof of a pointer doesn't make sense here, and
e.g. on native_sim/native/64 this would fail.

Signed-off-by: Dmitrii Sharshakov <d3dx12.xx@gmail.com>
2025-04-30 23:03:07 +02:00
Vinayak Kariappa Chettimada
5b17b5b44f Bluetooth: Controller: Fix adv aux release on insufficient resources
Fix missing adv aux release on insufficient adv data buffers
configured when starting multiple extended advertising sets.

Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
2025-04-30 16:26:48 +02:00
Lyle Zhu
cd43e03bbe Bluetooth: classic: shell: Support L2CAP channel seg_recv
Add the callback function `seg_recv` if the configuration
`CONFIG_BT_L2CAP_SEG_RECV` is enabled.

Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
2025-04-30 14:00:06 +02:00
Lyle Zhu
df1e2264ff Bluetooth: Classic: L2CAP: Fix seg_recv cannot work issue
When the L2CAP channel connection is in none basic mode, the
`seg_recv` cannot work properly if the configuration
`CONFIG_BT_L2CAP_SEG_RECV` is enabled. And the L2CAP channel
connection will be broken incorrectly.

Check whether the received data len exceeds the SDU length if the
`SAR` is `BT_L2CAP_CONTROL_SAR_END` or `BT_L2CAP_CONTROL_SAR_CONTI`.

And check whether the SDU length is valid if the `SAR` is
`BT_L2CAP_CONTROL_SAR_UNSEG` or `BT_L2CAP_CONTROL_SAR_START`.

Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
2025-04-30 14:00:06 +02:00
Emil Gydesen
24037ef20a Bluetooth: CAP: Broadcast: Add missing ISO test parameters
The cap_initiator_broadcast_to_bap_broadcast_param function
did not properly relay the ISO test parameters from the CAP
parameters to the BAP parameters.

Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
2025-04-30 10:54:56 +01:00
Troels Nilsson
9fbfa1f626 Bluetooth: Controller: Only validate CIS SDU interval for BN > 0
Some in-the-wild devices use SDU interval of 0 when BN == 0; This
is not allowed by BT Core Spec v6.0, but is not specifically
mentioned in v5.4 and earlier. To allow connecting a CIS to these
devices, relax the check on SDU interval

Note: LL/CIS/PER/BI-07-C only checks rejection of invalid SDU interval
with BN > 0, so it still passes with this change

Signed-off-by: Troels Nilsson <trnn@demant.com>
2025-04-30 09:48:24 +02:00
Lyle Zhu
e1d9db8b6e Bluetooth: Classic: L2CAP: Handle shorter data length of the request
The response L2CAP_COMMAND_REJECT_RSP(BT_L2CAP_REJ_NOT_UNDERSTOOD)
should be replied if the received L2CAP command is a invalid L2CAP
signaling command packets with extra data in the Information Payload.

Send L2CAP_COMMAND_REJECT_RSP(BT_L2CAP_REJ_NOT_UNDERSTOOD) if it a
small L2CAP signaling PDU or it has short length.

Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
2025-04-30 07:52:03 +02:00
Johan Hedberg
fd037c7990 Bluetooth: Kconfig: Remove outdated references to bt_recv_prio()
The bt_recv() and bt_recv_prio() APIs don't exist anymore, so remove any
references to them from the Kconfig help texts.

Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
2025-04-29 16:51:04 +02:00
Olivier Lesage
f4aa29d849 bluetooth: host: Fix param_len for LE CS Test command
The parameter length for this command was missing the additional
length from the arrayed parameters.

Signed-off-by: Olivier Lesage <olivier.lesage@nordicsemi.no>
2025-04-29 16:49:10 +02:00
Johan Hedberg
f85d63a6cc Bluetooth: Remove USB H4 mode support
This non-standard feature never had any proper host side implementation
(e.g. it was never upstreamed to BlueZ), and since it comes with notable
maintenance overhead it's fair to just remove it.

Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
2025-04-29 13:00:33 +02:00
Johan Hedberg
6113230ce3 Bluetooth: drivers: Update to use new H:4 buffer encoding
Update all HCI drivers to use the new H:4 encoding for buffers passing
to/from drivers.

One behavioral change that's done in favor of simplicity, is that where
there's previously been switch statements that could return an error for
unsupported packet types now simply pass any received packet unchanged to
lower layers of the controller (or the HCI transport). Handling this is
now the responsibility of the lower layers, however in practice hitting
such scenarios means that there's a mismatch between configured host and
controller features.

Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
2025-04-29 13:00:33 +02:00
Johan Hedberg
26d97164be Bluetooth: HCI: Use H:4 encoding for buffers
Encode the packet type as a H:4 payload prefix for buffers passing to &
from HCI drivers. The existing bt_buf_set/get_type functions are
deprecated, but kept compatible with the change, except that they can only
be called once, since they modify the buffer payload.

Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
2025-04-29 13:00:33 +02:00
Emil Gydesen
54df371740 Bluetooth: TBS: Add support for long read with dirty bit
The TBS spec states that if a value is changed during a
long read procedure, then the server shall reject
read requests with offset != 0 with a specific TBS GATT
error until the value has been read from the beginning again
(i.e. with offset = 0).

Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
2025-04-29 13:00:07 +02:00
Jiawei Yang
8b3eb368c6 Bluetooth: RFCOMM: Add RPN command sending support
Add support for Remote Port Negotiation (RPN) commands in the RFCOMM.
This allows applications to configure the serial port parameters
over RFCOMM connections, such as baud rate, data bits, stop bits, parity
and flow control.

Changes include:
- Add enumerations for RPN parameters (baud rate, data bits, stop bits,
  parity)
- Add a public API function bt_rfcomm_send_rpn_cmd() to send RPN
  commands
- Add shell command to test RPN with default parameters

This functionality is required by certain Bluetooth profiles that use
RFCOMM and need to configure serial port parameters.

Signed-off-by: Jiawei Yang <jiawei.yang_1@nxp.com>
2025-04-29 08:17:49 +01:00