In case lwm2m_socket_start() internal error, it should only do cleanup
on the socket, i. e. call lwm2m_socket_close(), not lwm2m_engine_stop().
The latter resets the entire lwm2m_context, which results in removal of
active observations.
This should not be done, as it collides with the RD client logic, where
connection resumption may skip the full registration phase, in result
not notifying the server that it should restart the observations.
At the same time, the RD client should clean the lwm2m_context when it's
done trying to update the registration and proceeds with regular
registration/bootstrap in the network error handler. In that case, only
the socket was closed, so the lwm2m_context needs to be reset
separately.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
If the num_ase == 0xff then it is a special case that needs to be
handled like if num_ase == 0x01.
If there is an error with ase_id = 0x00 then the error cannot
be translated to a specific stream, so the callbacks may now get
NULL for the stream object.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
When CCC or CF store on write is disabled and the other one is enabled,
leading to the delayed store being enabled. This cause the value of the
corresponding `n` selected option to not be stored at all.
To fix this, the checks to know if we need to store the CCC or the CF,
happening at the disconnection, are now ensuring that the CCC or the CF
are stored even if the one of them does not enable store on write.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
Remove the lower check (BT_BAP_BASS_OP_SCAN_STOP) in
BT_BAP_BASS_VALID_OPCODE as it is always used on unsigned
variables, so no point in check if it is lower than 0.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Add check for the index in the function itself, as well as where
we call it internally, to ensure that we do not attempt to access
invalid indexes of broadcast_assistant.recv_state_handles.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
This fixes missing `CONFIG_*` prefix.
The `BT_HAS_PRESET_CONTROL_POINT_NOTIFIABLE` option is already guarded
with `BT_HAS_PRESET_SUPPORT`, so it has been removed from `depends on`
condition.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This fixes regression causing compilation errors seen when the
code is built without preset support (BT_HAS_PRESET_COUNT = 0).
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
nvs_sector_close has not been initializing nvs_ate.part, before
writing it to flash.
Fixes#58699
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Added assert when looking up the next instance, as the caller of this
function should ensure that the index is correct before calling
discover_next_instance.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
If the minimal value of an IN_RANGE is 0, then it is
a useless check, and the cases have been modified to
not use IN_RANGE. This also fixes some coverity issues.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The check was a && but should have been an ||. Fixed by moving
the check to a new if statement.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
When notify_app is called for BT_TBS_CALL_OPCODE_TERMINATE
we did a lookup on the call index, but never did a NULL check
before dereferecing it.
This does not fix the issue that the instance will always
be NULL in this case, as we have terminated the call so
we cannot possibly look up the call afterwards.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The friendly copy always assumed that the friendly name could
fit in memory, which could cause overflows. Fixed by using
utf8_lcpy as that not only ensures that the copy is truncated
to fit in memory, but also ensures that it is null terminated
and truncated in a way that supports multi-byte UTF8 characters.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The previous implementation would read from `addr->val[0]` before it was
initialized if the input string started with a colon ':'.
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
If offset is only 32-bit, then it can never be > UINT32_MAX,
so added another conditional that only if the type (off_t) is
larger than 32-bit, we perform the maximum value check.
off_t is not a standard type and thus the size of it is poorly
defined, and are just defined as a signed integer type.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The check compared the levels against < BT_IAS_ALERT_LVL_NO_ALERT
which of course does not make sense given than the lvl_u8 is an
unsigned value that can never be < BT_IAS_ALERT_LVL_NO_ALERT.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Use unsigned long long and shell_strtoull to get the ID of
OTS objects, as unsigned long may not be able to store all 48
bits.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Add a shell_strtoull function that works similar to
shell_strtoul except that it calls strtoull instead
of strtoul.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Ensure that scan_filter.addr is NULL terminated by only copying
the sizeof the buffer -1 and then always setting the last byte to
\0.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The number of buffer provided was verified in the final else block of a
long validation sequence. It would never be executed though, as one of
the conditions before would always evaluate to true.
As the number of buffers provided verification appears to be significant
in this case, as the buffers are referenced during other validations,
move this check at the beginning of the sequence instead. This also
eliminates the dead-code problem.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Use if-else-endif construction to avoid dead code.
Coverity-CID: 316484, GitHub issue #58539
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Just drop PENDING_RESET flag without checking it.
Coverity-CID: 316394, GitHub issue #58530
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Use ULL suffix to promote the type of the shift operand to uint64_t to
avoid undefined behavior when block_size_log is 32.
Coverity-CID: 316387, GitHub issue #58528
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Coverity is complaining:
CID 316017: Control flow issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true.
148 for (size_t i = 0; i < ARRAY_SIZE(substate_lock_t); i++) {
This is a false positive but we can still optimize the code and making
coverity happy by simply avoiding compiling the offending code when no
power states are defined into the DT.
Signed-off-by: Carlo Caione <ccaione@baylibre.com>
In places where we verify that the value of the long
variable does not exceed the limits of int32_t, we do
actually not need to compare the values if the two
types are the same size, which is often the case for
32-bit systems.
This fixes a variety of coverity reported issues.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
When copying the address in cmd_scan_filter_set_addr we now
use strncpy to not copy more bytes than what fits. This
should already have been fixed with a check earlier in the
function, but coverity still complains.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
For IEEE 802.15.4 compliance, the NET_L2_IEEE802154_ACK_REPLY option must
automatically be active if the radio driver does not AUTOACK and inactive
otherwise. No user interaction is required.
Future changes will deprecate this option and replace it by a standard
compliant automatic mechanism.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
The IEEE 802.15.4 standard does not specify a "Sub-GHz" option.
Therefore this option will be deprecated in the foreseeable future.
Rationale: Selecting PHYs and frequency bands is abstracted by the
concept of channel pages (see IEEE 802.15.4-2020, 10.1.3).
Radio drivers may expose additional configuration options that
specify the low level frequency band, operating mode and other
PHY-specific parameters. Such parameters should be exposed on a driver
instance level, e.g. via devicetree or as runtime options of the driver.
PHY-specific attributes derived from driver settings (e.g. available
channels) can then be announced to L2 w/o the user having to be aware of
any implementation details of the specific PHY.
Future changes will introduce the necessary infrastructure to define
channel pages and other PHY-specific configuration options to
replace this option. New drivers should therefore not rely on this
option.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
In theory, coap_header_get_token() should only be used on already parsed
packets, and coap_packet_parse() would detect an invalid token length in
a packet. Coverity however complains about possible out-of-bound access,
as in theory the function can return token length up to 15. Therefore
add an extra validation of the token length within the function, to
avoid out-of-bound access due to programming errors and to make Coverity
happy.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Log level is stored on 3 bits thus in theory it can be set to 7
and yet accepted levels are up to 4 thus Coverity complains.
Adding assert that prevents use of levels above 4.
Signed-off-by: Krzysztof Chruściński <krzysztof.chruscinski@nordicsemi.no>
Now that `lorawan_init` only initialises data structures and does not
start the stack or communicate with a physical device, run the init as
soon as possible. This allows `lorawan_register_downlink_callback` to
be called much earlier by other init functions.
Signed-off-by: Jordan Yates <jordan.yates@data61.csiro.au>
When `CONFIG_BT_SETTINGS_DELAYED_STORE` is enabled (by default it is),
the local GATT server will delay the write to flash of the CCC and CF
values. The delay is defined by `CONFIG_BT_SETTINGS_DELAYED_STORE_MS`.
If a disconnection happen before that delay, the `bt_gatt_disconnected`
will reschedule the delayed store operation. But that operation will not
happen before `bt_gatt_disconnected` is complete, at this moment, the
CCC and CF values will have already been cleared.
To fix this issue, the delayed store operation is now done during the
`bt_gatt_disconnected` function.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
When proxy advertising enabled, but at same time, the
connection event report, will cause `ADV_FLAG_PROXY` not
set, so cb `connected` will not be process, cause mesh message
unable to sent.
Fixes: https://github.com/zephyrproject-rtos/zephyr/issues/58721
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Only set a cpu as active (on pm subsystem) when the cpu is effectively
initialized. We cannot assume on pm subsystem that all cpus were
initialized since when the option CONFIG_SMP_BOOT_DELAY is used cpus are
initialized on demand by the application.
Note that once cpus are properly initialized the subystem is able to track
their status.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Some Bluetooth controllers (Nordic Softdevice) now use
`BT_HCI_ERR_INSUFFICIENT_RESOURCES` to signify when advertising sets
cannot be created, instead of the old `BT_HCI_ERR_CONN_LIMIT_EXCEEDED`.
Signed-off-by: Jordan Yates <jordan.yates@data61.csiro.au>
On CIS disconnect, the central will clear all data paths.
However hci_le_remove_iso_data_path will fail if attempting to remove a
data path that has not been setup, so if only the CTLR_TO_HOST
direction was set, and the HOST_TO_CTLR bit was set, the
function returned an error and never attempted to clear the other
direction.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
On CIS disconnect, the peripheral will clear all data paths.
However ll_remove_iso_path will fail if attempting to remove a
data path that has not been setup, so if only the CTLR_TO_HOST
direction was set, and the HOST_TO_CTLR bit was set, the
function returned an error and never attempted to clear the other
direction.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Before this change we had 2 top-level Doxygen entries for Testing APIs:
- Zephyr tests
- Zephyr testing suite
This patch creates a single top-level group to contain ZTest and FFF
extensions.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
The buffer_output interface is called a few times during one core dump,
so we need to maintain a memory write pointer to prevent data overwriting.
Signed-off-by: Rander Wang <rander.wang@intel.com>
This patch fixes commit b70f92e570
("net: buf: keep memory alignment provided by k_heap_alloc and k_malloc").
One-line was overlooked in the above patch and may result in a
cloned net_buf using a data block that has already been freed.
Signed-off-by: Johann Fischer <johann.fischer@nordicsemi.no>
