move sbc to bluetooth because only bluetooth uses it,
change CONFIG_LIBSBC_ENCODER and CONFIG_LIBSBC_DECODER as CONFIG_LIBSBC.
Signed-off-by: Mark Wang <yichang.wang@nxp.com>
Fix assertion failure when buf_rx_freed_notify() is called from ISR
by replacing k_sched_lock with atomic_ptr operations for callback
pointer access.
The scheduler lock is retained during callback execution in thread
context to maintain backward compatibility, but is skipped in ISR
context where it's not available.
Updated documentation to clarify the behavior difference between
thread and ISR contexts.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Commit fixes the issue when lpn device relays
broad- and group cast messages received over
friendship queue. This is specification violation,
see Table 3.13: Network layer Network PDU retransmission
requirements. Also, it does not have sense since
sending messages have already happened and lpn
just consumes extra power to retransmit useless data.
In general, lpn device will be more power efficient after
this fix.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
PTS may send absolute volume values with bit 7 set, which exceed the
valid range. Instead of rejecting these values, mask the invalid bit
to ensure compatibility.
Signed-off-by: Make Shi <make.shi@nxp.com>
Added a check in the vendor dependent handler to ensure the PDU ID
matches supported command handlers. If the PDU ID or command type
is invalid, respond with BT_AVRCP_STATUS_INVALID_COMMAND.
Signed-off-by: Make Shi <make.shi@nxp.com>
Update write_name function to check the offset value against 0 as long
writes are not used here.
Simplify write_appearance function also to remove long writes support.
The appearance property is always 16 bit and is should not even support
long writes.
Signed-off-by: Radosław Koppel <r.koppel@k-el.com>
When using BT_CTLR_LOW_LAT and LLL_PRIO equals ULL_LOW_PRIO,
add missing mayfly_enable() call for ULL_LOW execution
context, without this ticker_stop() does not get processed.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Add !BT_ADV_RPA_VALID check to force RPA regeneration when re-enabling
an advertising set after RPA rotation occurred while disabled.
The BT_ADV_RANDOM_ADDR_UPDATED flag was added to prevent unnecessary
address regeneration (RPA/NRPA) between bt_le_ext_adv_param_set() and
bt_le_ext_adv_start() calls. However, this revealed an issue:
When RPA rotation (le_force_rpa_timeout) occurs while an advertiser is
disabled, BT_ADV_RPA_VALID is cleared but the RPA is not regenerated.
On subsequent bt_le_ext_adv_start() without a new param_set() call:
- BT_ADV_RANDOM_ADDR_UPDATED is already cleared (from previous start)
- Without BT_PER_ADV_ENABLED, no regeneration occurs
- Stale RPA is used, violating privacy requirements
Add !BT_ADV_RPA_VALID check for both connectable and non-connectable
advertisers to ensure fresh RPA generation when the previous RPA was
invalidated while the advertiser was disabled.
Fixes regression introduced in #98117.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Starting with nrfx 4.0.0, the nrfx_err_t, NRFX_SUCCESS and NRFX_ERROR_*
have been deprecated. Most of them were removed here:
https://github.com/zephyrproject-rtos/zephyr/pull/99399
but a few were missed.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Rename GPIO coex binding to use 'radio-' prefix for consistency with
other radio bindings (radio.yaml, radio-fem-two-ctrl-pins.yaml).
Updated beacon sample overlay and coex documentation.
Signed-off-by: Ivan Pankratov <ivan.pankratov@silabs.com>
Rename generic FEM binding to use 'radio-' prefix for consistency with
other radio bindings (radio.yaml, ble-radio.yaml).
Updated 3 board files, Nordic BLE controller HAL, documentation, and
test overlays. Added missing settle-time properties to pan1783a board.
Signed-off-by: Ivan Pankratov <ivan.pankratov@silabs.com>
This is a negative detection. The conn index should be never out of
bounds of the array `connection`. Because the size of the array is
`CONFIG_BT_MAX_CONN`.
To improve the readability, add a `__ASSERT` checking to check if the
conn index is out of bounds.
CID 487769
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
This is a negative detection. The conn index should be never out of
bounds of the array `bt_sdp_client_pool`. Because the size of the
array is `CONFIG_BT_MAX_CONN`.
To improve the readability, add a `__ASSERT` checking here. Check
whether the conn index is out of bounds.
Fix#99985
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
There is a corner case that the connect complete event is notified
before the function `bt_hci_cmd_send_sync()` returns. Because the
created conn object is in the state of `BT_CONN_DISCONNECTED`, it
cannot be found in the connect complete event. As a result, the
connect can not established normally.
Fix the issue by setting the connect state and role before calling
the function `bt_hci_cmd_send_sync()`.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Updated in-system profiling for CPU usage with on target
measurements and added assertion checks.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The rank cannot be notified and the function allowed for
just updated to the rank. The CSIS spec does not mention
the usecase, nor support, for changing the rank of a device.
The spec only seems to allow for dynamic changes to the set
size (and only during that can the rank be set).
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
New nrfx release contains major rework of nrfx drivers
instantiation making it easier to integrate with dts nodes.
Now, nrfx driver instances can no longer be `const`
because they contain driver runtime state.
Additionally, all nrfx drivers return `errno` error codes
instead of deprecated `nrfx_err_t`.
Signed-off-by: Nikodem Kastelik <nikodem.kastelik@nordicsemi.no>
If the connect type is not `LE`, the return value of function
`bt_conn_get_dst()` is a NULL pointer. In function `bt_addr_le_str()`,
the NULL pointer will be accessed without any checking. It will cause
the issue `Segmentation fault` in the platform `native_sim`.
Fix the issue by checking the conn type at the beginning of the
function `eatt_auto_connect()`.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
In current implementation, the call will be terminated, or rejected if
the audio connect cannot be established. But from the application
view, if the sco connect cannot be established, the audio paths can be
routed towards the AG. So force routeing the audio towards the HF is
not reasonable and it is not the mandatory.
The changes aim to keep the sequence that creating SCO connect in the
right time. And ignore the result whether the SCO connect has been
created or can be established.
If the audio connect cannot be established, the application can try to
change the audio route paths according to the audio connection
procedure.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
The workaround in bt_cmd_send_sync should no longer by needed when
tx_processor is not on the system work queue.
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
When thread that TX processor is used to send commands and data to
Controller is also used for sync commands sending and command buffer
allocation, a deadlock happens.
This thread is used to avoid such deadlocks by moving TX processor to
its own dedicated thread exclusively used by tx processor only.
Co-authored-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
ATT is invoking user callbacks in its net_buf destroy function. It is
common practice that these callbacks can block on bt_hci_cmd_alloc().
This is a deadlock when the net_buf_unref() happens inside the HCI
driver, invoked from tx_processor.
Blocking callbacks like this appear in our own samples. See further down
about how this problem was detected.
tx_processor not protect against blocking callbacks so it is de-facto
forbidden. The Host should not equip net_bufs with dangerous destroy
callbacks.
This commit makes ATT defer its net_buf destruction and user callback
invocation to the system workqueue, so that net_buf_unref is safe to
call from non-blocking threads. In the case of the deadlock, the
net_buf_unref() was below the tx_processor in the call stack, which (at
the time of this commit) is on the system work queue, so defering it to
the system work queue is preserving the existing behavior.
Future improvement may be to allow the user to provide their own
workqueue for ATT callbacks.
This deadlock was detected because the following test was failing while
moving tx_processor to the bt_taskq:
tests/bsim/bluetooth/ll/throughput/tests_scripts/gatt_write.sh
The above test has an ATT callback `write_cmd_cb` invokes
`bt_conn_le_param_update` can block waiting for `tx_processor`.
The reason it was not failing while tx_processor was on the system work
queue is that the GATT API has a special non-blocking behavior when
called from the system work queue.
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
In current implementation, there are two issues found,
Issue 1, the feature defined in the SDP HFP HF record are used in
combination as HFP HF supported features reported via `+BRSF`.
Issue 2, the macro `BT_HFP_HF_FEATURE_CODEC_NEG_ENABLE` is not
aligned with macro name of other features. The other macros are named
with prefix `BT_HFP_HF_FEATURE_`.
Use `BT_HFP_HF_FEATURE_VOLUME_ENABLE` to set the volume feature
instead of `BT_HFP_HF_SDP_FEATURE_VOLUME_ENABLE`.
Rename `BT_HFP_HF_CODEC_NEG_ENABLE` with new name
`BT_HFP_HF_FEATURE_CODEC_NEG_ENABLE`.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Adds the `CONFIG_BT_SMP_LEGACY_PAIR_ONLY` Kconfig option to force
devices to use legacy pairing. This has a dependency on
`CONFIG_BT_TESTING` as it is only intended for testing purposes, and use
of legacy pairing is discouraged.
Signed-off-by: Håvard Reierstad <haavard.reierstad@nordicsemi.no>
A CIS may be connected in either the QoS Configured state
or the enabling state. The QoS Configured state is the
earliest state it is allowed, due to it being the first
state where the CIS_ID and ASE_ID are paired.
The enabling state is the "last" state it is allowed,
as if the ASE is in the streaming, disabling or releasing
state we should not allow/expect a CIS connection to happen.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
This change implements full AVRCP Browsing support on both CT/TG,
and included all public APIs and callbacks, and add shell commands
for testing.
Signed-off-by: Make Shi <make.shi@nxp.com>
Introduce an optional alloc_buf() callback into AVCTP so that each
session can decide which RX buffer pool to use. Provided a dedicated
RX pool for the AVRCP browsing channel.
Also provided BT_AVRCP_BROWSING_L2CAP_MTU for configure.
Signed-off-by: Make Shi <make.shi@nxp.com>
Drop the 'U' suffix from enum hex literals keep style consistent
and rename `bt_avrcp_list_app_setting_attr_rsp` to the clearer.
Signed-off-by: Make Shi <make.shi@nxp.com>
As of Core v6.2, the passkey entry pairing method for legacy pairing
does no longer grant authenticated MITM protection. This commit
updates `smp.c` accordingly to not grant the authenticated states when
using legacy passkey entry pairing.
Adds a check to make sure that bonds that have been stored persistently
adheres to these changes. Bonds that have been generated using the
legacy passkey entry pairing method will thus be downgraded from
authenticated to unauthenticated when restored from storage.
Signed-off-by: Håvard Reierstad <haavard.reierstad@nordicsemi.no>
If both the TX and RX SDUs are 0, then we reject
the call as that is an invalid configuration
(minimum SDU size is 1, and 0 indicates that
no data in that direction is being configured).
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Fix a missing unref of a bt_conn reference, leading to a ref count
mismatch, and causing the following warning to be printed:
bt_conn: Found valid connection ... in disconnected state.
Signed-off-by: Aleksandar Stanoev <aleksandar.stanoev@nordicsemi.no>
- BASS mandates that a remove_source operation is not done if
we are synced to PA or BIS. This PR fixes that
- Update BabbleSim tests to reflect this behavior
- Fixes BASS/SR/SPE/BI-05-C
Signed-off-by: Alexander Svensen <alexander.svensen@nordicsemi.no>
Refactor how receive states are handled in the BAP
shell.
The scan delegator's receive states are not available from
the broadcast sink, and the broadcast sink makes sure to
properly set the pa_sync object in the receive state
struct.
The receive states are now also using the BAP service data to
identity the receive state when using PAST.
The broadcast assistant will now cache data from a remote device,
and makes it available to e.g. CAP.
Additionally if there is a broadcast source, we cache the values
neccesary to identity if a remote receive state represents our
local broadcast source.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
When using the add_src and mod_src APIs the
aggregated_bis_syncs variable was only ever set to 0
and never updated, thus making all calls to
bis_syncs_unique_or_no_pref to be true.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Fix the active client validation in OBEX abort operations to
handle concurrent request scenarios. The check now
ensures that if there is an active client and it's different
from the current client, the operation is rejected with -EBUSY.
Signed-off-by: Cheng Chang <cheng.chang@nxp.com>
Add STATIC macro definition to conditionally expose static functions
for testing purposes. When CONFIG_ZTEST is enabled, STATIC expands
to nothing, making functions globally visible for unit tests.
Otherwise, STATIC expands to 'static' for normal builds.
Signed-off-by: Cheng Chang <cheng.chang@nxp.com>
- Fixes bug where bis_sync_requests were wrongfully validated.
- Two BISes across subgroups should not have the same bits set
- Remove use of internal->bis_syncs before it's updated in mod_src.
Signed-off-by: Alexander Svensen <alexander.svensen@nordicsemi.no>
Since Shorter Connection Intervals changes the unit that connection
intervals can be represented in. It is necessary to change how
they are stored and represented.
This commit deprecates interval in favour of interval_us.
Remove use of interval in internal bt_conn struct since it is no longer
needed.
Signed-off-by: Timothy Keys <timothy.keys@nordicsemi.no>
This commit deprecates:
- the `CONFIG_BT_SIGNING` Kconfig option
- `BT_GATT_CHRC_AUTH` property
IOW, this commit deprecates the LE Security mode 2 support.
Explanation:
Erratum ES-26047 introduced in Bluetooth Core Specification v6.2
requires SingCounter to be persistently stored to prevent replay
attacks.
Currently, the Host doesn't store SignCounter, therefore the device is
vulnerable to replay attacks after reboot.
Additionally, the current implementation doesn't assume that SignCounter
of a received message can be incremented by more than one and thus may
not validate correct message.
The Bluetooth Security and Privacy Best Practices Guide recommends to
not using Data signing and recommends to use LE Security mode 1 levels
2, 3 or 4 instead.
The Signed Write Without Response sub-procedure, which is the only user
of Data signing, is optional (see Vol 3, Part G, Table 4.1).
See also ES-18901.
The aforementioned reasons make no sense to keep this feature.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Commit updates maximum OOB authentication size from 8 bytes
till 32 bytes according to specification errata ES-27446.
Since previous OOB API does not allow to expose OOB values
with such width the new API has been introduced.
The previous API was deprecated and hidden under
BT_MESH_PROV_OOB_API_LEGACY option and left for backward
compatibility with existing code base.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
