If the client removes its subscription to any of the TBS
characteristics at any time, the pending appropriate flags
are now being cleared.
Fixeszephyrproject-rtos/zephyr#104511
Signed-off-by: Hanliang Xu <leonxu2004@outlook.com>
This removes dead code. Since bt_bap_stream_detach sets
stream->ep = NULL then the call to bt_bap_stream_iso_chan_get
will always return NULL since stream->ep is NULL, and thus
the call to bt_bap_stream_disconnect would always be a no-op.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Modify foreach functions in LE Audio to follow the same pattern:
Return true to continue iterating.
Return false to stop iterating.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The usage of CHECKIF has been replaced with a regular
if. The reason for this is that higher layer may depend
on some of the checks defined by the API, and the higher
layers cannot do that properly if the checks can be
removed via a Kconfig option.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The usage of CHECKIF has been replaced with a regular
if. The reason for this is that higher layer may depend
on some of the checks defined by the API, and the higher
layers cannot do that properly if the checks can be
removed via a Kconfig option.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The usage of CHECKIF has been replaced with a regular
if. The reason for this is that higher layer may depend
on some of the checks defined by the API, and the higher
layers cannot do that properly if the checks can be
removed via a Kconfig option.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Use a code spell-checking tool to detect and fix spelling errors in
the files under `subsys/bluetooth`.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
When reading the value of the vendor attribute, strlen was used instead
of sizeof, causing a unpredictable read size. This commit changes the
implementation to use sizeof instead.
Signed-off-by: Håvard Reierstad <haavard.reierstad@nordicsemi.no>
If CONFIG_LOG_TIMESTAMP_64BIT is enabled, then the call to
log_set_timestamp_func in the Bluetooth monitor is type-invalid,
which may fail to build with -Werror.
To avoid this type inconsistency let's use the type `log_timestamp_t`,
which accounts for the correct size, depending on selected config.
Even though the monitoring protocol only seems to support 32b timestamps,
the rest of the module is already based on 64b timestamps, so the
truncation is only done when encoding the timestamp for transmission
to the host in encode_hdr()
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
The way that ASCS registers and unregisters for the ASCS
unittests does not work properly with UUIDs and local variables.
Hotfix is to use a `static` backup instead of a stack-allocated
backup. A proper fix will be provided later.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The usage of CHECKIF has been replaced with a regular
if. The reason for this is that higher layer may depend
on some of the checks defined by the API, and the higher
layers cannot do that properly if the checks can be
removed via a Kconfig option.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Add bt_uuid_compress() to compact a 128-bit Bluetooth UUID into its
16-bit or 32-bit short form when it matches the Bluetooth Base UUID.
If the UUID does not match the Base UUID pattern the 128-bit value is
copied unchanged and -ENOTSUP is returned, allowing callers to
distinguish compressible from non-compressible UUIDs.
16-bit and 32-bit source UUIDs are copied as-is.
Signed-off-by: Kai Cheng <chengkai@xiaomi.com>
Implement bt_uuid_from_str() function to convert string representations
to Bluetooth UUID structures. This provides bidirectional conversion
between UUID structures and their string representations, complementing
the existing bt_uuid_to_str() function.
Features:
- Supports 16-bit UUID format (4 hex characters, e.g., "180d")
- Supports 32-bit UUID format (8 hex characters, e.g., "abcdef12")
- Supports 128-bit UUID standard format (with hyphens)
- Comprehensive input validation and error handling
- Automatic UUID type detection based on string length
Signed-off-by: Kai Cheng <chengkai@xiaomi.com>
Refactor the Bluetooth UUID module to use the generic UUID library
(lib/uuid) instead of hand-rolled byte manipulation.
Changes:
- Replace bt_uuid_128-based base UUID with struct uuid (RFC 9562 order)
- Replace uuid_to_uuid128() with bt_uuid_to_uuid() for BT-to-generic
UUID conversion using proper big-endian / byte-swap operations
- Simplify bt_uuid_to_str() 128-bit case via uuid_to_string()
- Add Kconfig 'select UUID' dependency for BT_HCI_HOST
Signed-off-by: Kai Cheng <chengkai@xiaomi.com>
Fix three command handlers that were incorrectly returning the result
of callback functions with void return type:
- avrcp_unit_info_cmd_handler
- avrcp_subunit_info_cmd_handler
- avrcp_pass_through_cmd_handler
Split the callback invocation and return statement to properly handle
the void return type, avoiding potential compiler warnings or errors.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
The bt_hci_cmd_create() function was deprecated several releases ago (in
Zephyr 4.2) and can therefore now be removed.
Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
Add a check of the URI scheme length before comparing it
to any instance's supported URI schemes. If the incoming
URI scheme is longer than what we support, then there's
no point in checking if we support it, as we cannot.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The BT_GATT_INCLUDE_SERVICE is always included in
BT_MCS_SERVICE_DEFINITION even when CONFIG_BT_OTS=n,
this fixes it such that it is only included when OTS is enabled.
Fixes zephyrproject-rtos#105345
Signed-off-by: Vedant Malkar <vedantitsme@gmail.com>
When the controller supports BR/EDR and CONFIG_BT_CLASSIC is
enabled, call bt_br_init() to perform the full BR/EDR Classic
initialization (SSP mode, inquiry mode, local name, Class of
Device, etc.).
For non-Classic builds that still need BR/EDR buffer sizes,
gate the hci_read_buffer_size() fallback with
IS_ENABLED(CONFIG_BT_CONN) to make the build-time condition
explicit at the call site.
Signed-off-by: Kai Cheng <chengkai@xiaomi.com>
When CONFIG_BT_CLASSIC is enabled and the controller is ready,
push the updated device name to the BR/EDR controller via
bt_br_write_local_name() inside bt_set_name(). This ensures
runtime name changes are properly synchronized to the BR/EDR
transport.
Signed-off-by: Kai Cheng <chengkai@xiaomi.com>
When CONFIG_BT_DEVICE_NAME_DYNAMIC is enabled, write the device name
(restored from flash or the compile-time default) to the BR/EDR
controller during commit_settings().
Replace the bt_set_name() call with a direct strncpy into bt_dev.name
to avoid an unnecessary flash write, then explicitly push the name to
the BR/EDR controller via bt_br_write_local_name().
Signed-off-by: Kai Cheng <chengkai@xiaomi.com>
Extract the HCI Write Local Name command into a reusable
bt_br_write_local_name() helper and use it in bt_br_init().
When CONFIG_BT_DEVICE_NAME_DYNAMIC and CONFIG_BT_SETTINGS are
both enabled, skip writing the compile-time default here since
the settings commit callback will push the correct name (either
restored from flash or the default) to the controller.
Signed-off-by: Kai Cheng <chengkai@xiaomi.com>
Replaces usage of these deprecated macros with ones that support
fixed and mapped partition compatibles. Also includes an update to
hal_espressif which also (rightly or wrongly) has zephyr specific
code in it
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Remove the Kconfig option BT_TBS_SUPPORTED_FEATURES as it was
not used by the subsystem, but only by applications.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Modify bt_ccp_call_control_server_get_bearer_uci to
store the bearer UCI in an output buffer, instead of just
providing the pointer.
The reason for this is to make the result thread safe, and
avoid the user/application having a direct pointer to
internal storage.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The functions bt_cap_commander_cancel and
bt_cap_initiator_unicast_audio_cancel were not thread safe,
and calling these while handling e.g. a notifications
or a write response could cause fatal errors.
This commit modifies active_proc so that all access to it
is guarded by a mutex.
Some functions were modified to take the active_proc as an
argument, instead of calling bt_cap_common_get_active_proc
for performance reasons.
This also means that all the atomic fields can now be
treated like regular fields. This has not been done in this
commit to keep the changes minimal.
The design is that only the function that calls
bt_cap_common_get_active_proc should unlock it again.
If a function gets the actice_proc as an argument, it should
not unlock or complete it.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Move the call to bt_bap_setup_iso_data_path to the state_changed
clause in unicast_client_ep_streaming_state.
bt_bap_setup_iso_data_path should only be called once, as calling it
again would be rejected by the controller.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
A recent change in the host made it so that CIS always
disconnect before the ACL. This means that we do not need
to handle the case when the ACL disconnects before the CIS,
and the ACL and CIS disconnect handlers can thus be
simplified.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Move BT_CTLR_ADV_AUX_SET, BT_CTLR_ADV_SYNC_SET and
BT_CTLR_ADV_DATA_BUF_MAX out from the menu "Advanced features"
as they are not really advances, and users should be able to
adjust these values without enabling BT_CTLR_ADVANCED_FEATURES.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Improve AVRCP shell commands by adding success messages after
operations complete, including passthrough (PRESSED/RELEASED)
and get_caps command.
Signed-off-by: Make Shi <make.shi@nxp.com>
Add support for the IPT in the CS reflector subfeature
in the Bluetooth host stack.
Signed-off-by: Aleksandr Mirlenko <aleksandr.mirlenko@nordicsemi.no>
Refactor the Retransmission Disable (R) bit handling in L2CAP BR/EDR
to reuse the existing L2CAP_FLAG_REMOTE_BUSY flag instead of
maintaining separate R-bit tracking flags.
The previous implementation used dedicated flags (
`L2CAP_FLAG_RECV_FRAME_R` and `L2CAP_FLAG_RECV_FRAME_R_CHANGED`) to
track the R-bit state, which duplicated the functionality of
L2CAP_FLAG_REMOTE_BUSY and added unnecessary complexity.
Key changes:
- Remove `L2CAP_FLAG_RECV_FRAME_R` and
`L2CAP_FLAG_RECV_FRAME_R_CHANGED` flags
- Update `bt_l2cap_br_update_r()` to directly use
`L2CAP_FLAG_REMOTE_BUSY` for tracking remote busy state
- Trigger I-frame retransmission when R-bit transitions from 1 to 0
- Update I-frame and S-frame header packing to set R-bit based on
local busy state in retransmission mode
- Simplify I-frame sending logic by consolidating remote busy checks
- Remove redundant R-bit checks in data pull path
- Add RET mode specific handling in S-frame reception for RR and REJ
frames
- Enhance `bt_l2cap_br_chan_recv_complete()` to support both RET and
ERET modes with proper local busy state management
- Set S-frame type to REJ when local busy and in RET mode
These changes eliminate code duplication and make the remote busy
state management more consistent across the L2CAP implementation.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Fix the retransmit timer start logic to account for remote busy state
in L2CAP BR/EDR flow control.
The previous implementation would start the retransmit timer when there
are outstanding unacknowledged I-frames, but it didn't check if the
remote side is in a busy state (RNR received). Starting the timer while
the remote is busy is incorrect since the remote cannot process I-frames
until it sends an RR to clear the busy condition.
Add a check for L2CAP_FLAG_REMOTE_BUSY before starting the retransmit
timer to ensure the timer is only started when the remote side is ready
to receive I-frames.
This prevents unnecessary timer expirations and retransmissions when the
remote peer has signaled it cannot accept additional I-frames.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Refactor the I-frame retransmission mechanism to improve clarity and
correctness in L2CAP BR/EDR flow control.
The previous implementation used multiple flags (L2CAP_FLAG_PDU_RETRANS
and L2CAP_FLAG_REQ_SEQ_UPDATED) to track retransmission state, which
made the logic complex and error-prone. This change introduces a
per-window retransmit flag and dedicated helper functions to manage
retransmission of all unacknowledged I-frames.
Key changes:
- Replace L2CAP_FLAG_PDU_RETRANS with L2CAP_FLAG_RET_I_FRAME for
timeout-triggered retransmission of the first unacked I-frame
- Replace L2CAP_FLAG_REQ_SEQ_UPDATED with L2CAP_FLAG_RET_I_FRAMES for
retransmission of all unacked I-frames
- Add `retransmit` flag to `bt_l2cap_br_window` structure to track
which I-frames need retransmission
- Add `l2cap_br_retransmit_i_frames()` to mark all outstanding I-frames
for retransmission
- Add `l2cap_br_stop_retransmit_i_frames()` to clear retransmission
state
- Add `l2cap_br_get_ret_win()` to retrieve the next I-frame marked
for retransmission
- Update `l2cap_br_ret_fc_data_pull()` to handle both single I-frame
timeout retransmission and bulk retransmission separately
- Fix window memory management to only free newly allocated windows on
error, not retransmitted ones
- Update S-frame handlers (RR, REJ, RNR) to use new retransmission
helpers instead of setting flags directly
- Update comment for L2CAP_FLAG_RET_I_FRAME to clarify it handles
timeout retransmission
These changes make the retransmission logic more explicit and easier
to maintain while ensuring proper flow control behavior.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
There is a corner case that the S-frame (RR) needs to be sent. And
there is an I-frame (and only one I-frame) is in pending. But the
I-frame is pending for waiting for ack instead of sending. In this
case, the S-frame (RR) will not be preformed.
The previous implementation incorrectly checked for pending data
before sending S-frames, which could prevent timely acknowledgments.
Fix the S-frame sending logic to ensure proper flow control in L2CAP
BR/EDR channels.
Simplify the S-frame sending mechanism by removing the dedicated
S-frame buffer allocation and transmission path. Instead, rely on
the existing data ready mechanism to trigger S-frame transmission
when needed.
Key changes:
- Remove S-frame specific macros and flags for identifying S-frames
- Change `l2cap_br_send_s_frame()` to only set the pending flag
instead of allocating and sending buffers directly
- Remove error handling paths that would disconnect on S-frame send
failures since S-frames are now queued through the normal path
- Simplify `l2cap_br_get_next_sdu()` and `l2cap_br_ret_fc_data_pull()`
by removing S-frame specific handling
- Update `bt_l2cap_br_chan_recv_complete()` to always return 0
These changes ensure S-frames are sent promptly for flow control
regardless of pending I-frames in the transmission queue.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Fix buffer pool allocation size for BR/EDR L2CAP non-basic modes by
using the appropriate macro that accounts for SDU segmentation
overhead.
The previous implementation used BT_L2CAP_BUF_SIZE() which is designed
for basic mode and does not account for the additional overhead
required when segmenting SDUs in retransmission or flow control modes
(I-frame control field, FCS, and SDU length field).
- Replace BT_L2CAP_BUF_SIZE() with BT_L2CAP_RT_FC_MAX_SDU_BUF_SIZE()
- Ensures sufficient buffer space for segmented I-frames
- Aligns buffer allocation with recent MPS and MTU calculation fixes
This prevents potential buffer overruns when transmitting segmented
SDUs in non-basic modes.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Simplify the PDU length calculation in get_pdu_len() by using the
configured MPS value directly without manual adjustments for overhead.
The previous implementation attempted to manually calculate available
payload space by subtracting header/tail sizes and then adding back
the SDU length field size, which was unnecessarily complex and
error-prone.
- Remove manual calculation of actual_mps with header/tail overhead
- Use br_chan->tx.mps directly as the MPS limit
- Remove special handling for start segments (SDU length field
adjustment)
- Simplify logic: return pdu_len if within MPS, otherwise return MPS
The MPS value already represents the maximum PDU size that can be
transmitted, so no additional adjustments are needed. This aligns with
the recent fixes to MPS validation and MTU calculation.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Fix incorrect MPS validation for segmented I-frames by extracting the
SDU length field before checking payload size against MPS.
When an I-frame has SAR (Segmentation and Reassembly) set to START,
it contains a 2-byte SDU length field that precedes the actual payload.
The previous implementation validated buf->len against MPS before
removing this header, causing false positives when the SDU length field
pushed the total size over MPS.
- Extract SAR field from control header for all L2CAP modes
- Initialize SAR to UNSEG by default
- Pull SDU length (2 bytes) when SAR indicates START segment
- Perform MPS validation after SDU length extraction
- Move net_buf_simple_save/restore to encompass SDU length handling
This ensures MPS validation checks only the actual payload size,
preventing spurious disconnections for legitimate segmented transfers.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Fix incorrect RX MTU calculation when retransmission/flow control modes
are enabled. The previous implementation did not account for I-frame
overhead (control field and FCS), which could cause MTU to exceed the
maximum I-frame payload.
- Add l2cap_br_get_rx_mtu() helper to calculate proper RX MTU
- Discount extended control field size (4 bytes) when enhanced
retransmission or streaming mode is enabled
- Discount standard control field size (2 bytes) for basic mode
- Always discount FCS size (2 bytes) as it may be required by peer
- Add assertion to validate MTU meets minimum requirements
- Update l2cap_br_check_chan_config() to use new MTU calculation
This ensures the negotiated MTU fits within the I-frame payload limits
and prevents buffer overruns in non-basic L2CAP modes.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Currently, the CID for dynamic channels are not cleared on reuse.
l2cap_chan_alloc_cid() sees the non-zero CID and skips allocation.
If another dynamic channel (e.g. EATT) has claimed that CID in the
meantime, the reused CID collides and the remote rejects with
BT_L2CAP_LE_ERR_SCID_IN_USE.
This commit adds clearing of bt_l2cap_le_chan.rx.cid to
`l2cap_chan_rx_init()`, to match the pattern for how state is cleared
for bt_l2cap_le_chan.tx in `l2cap_chan_tx_init()`. As a consequence of
this, the function calling the CID-allocating function on the server
side (`l2cap_chan_add()`) is moved after the init functions.
Signed-off-by: Håvard Reierstad <haavard.reierstad@nordicsemi.no>
Replace the manual linked list (using _next pointer) for RFCOMM
servers with sys_slist_t. This enables use of slist utility functions
like sys_slist_find_and_remove(), which is needed to support server
unregistration in a subsequent commit.
Signed-off-by: Kai Cheng <chengkai@xiaomi.com>
Move the avdtp_tx_raise() call from avdtp_tx_processor() into
avdtp_tx_frags() to ensure the tx is not raised if there is no idle
net_buf.
The issue is: the `avdtp_tx_raise` is called always to trigger the
worker to run again, it will keeps occupying the cpu if there is pending
tx, but there is no idle net_buf. After moving the calling to
`avdtp_tx_frags`, it is only called when there is still idle net_buf.
After the previous avdtp sending net_buf is released, the `avdtp_tx_cb`
is called, and the `avdtp_tx_raise` will be triggered again.
Signed-off-by: Mark Wang <yichang.wang@nxp.com>
Move AVRCP SDP record registration and AVCTP server register from
bt_avrcp_init() to callback registration functions to align with
other Bluetooth Classic profiles.
Signed-off-by: Make Shi <make.shi@nxp.com>
Commit adds checking that the PB-ADV bearer has been
closed before opening the PB-Remote link for NPPI
interface. NPPI interface callbacks are NULL if
PB-ADV server bearer is still open.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
