The IEEE 802.15.4 security implementation had several severe bugs:
* A regression introduced by 6ea225e34a
(net/ieee802154: Finally removing usage of ll_reserve in L2)
introduced a buffer leak (reading/ writing beyond the end of the frame
buffer) and led the security implementation to malfunction in all but
the simplest cases (i.e. encryption/authentication: none).
* Encryption vs. authentication modes were not properly implemented i.e.
encryption was always active even if not required by the chosen
encryption level.
* Nonce endianness was not correctly handled on decryption of packets
which led to authentication failures.
* The frame counter was not checked for overflows.
* The encryption output buffer limit (out_buf_max) was not correctly set.
* Setting an invalid key mode led to a NULL pointer deref.
* We use CCM rather than CCM* as crypto.h does not provide access to
CCM*. CCM does not support encryption-only operation, though. This
condition was not checked by the code.
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
This change makes the packet socket and ieee802154 l2 drivers aware of
AF_PACKET sockets, see https://github.com/linux-wpan/wpan-tools/tree/master/examples
for examples which inspired this change.
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
Some IEEE 802.15.4 specification constants must be made available in
userspace as they will be needed to use IEEE 802.15.4 RAW/DGRAM sockets
which will be introduced in this changeset.
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
Zephyr IEEE 802.15.4 drivers and L2 stack use the same constant names
for different MTU definitions. The intent of this change is to introduce
a consistent MTU definition which can be used everywhere in zephyr to
avoid confusion, bugs and name conflict.
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
Newly introduced Coverity scan throws a warning about duplicate tag as
per MISRA coding standards, so, use a unique tag name in the existing
code for "shell".
Signed-off-by: Krishna T <krishna.t@nordicsemi.no>
Networking statistics framework is used to define handler and the data
structure, Wi-Fi management layer implements the handler and also adds a
new offload API to get statistics from the Wi-Fi driver.
Signed-off-by: Krishna T <krishna.t@nordicsemi.no>
A new net_mgmt command and event are added for interface status,
depending on the implementation the status can be returned when polled
or an unsolicited event can be send by driver whenever there is a change
in status.
This is planned to be implemented only by upcoming wpa_supplicant,
offload implementation is left for driver developers.
Signed-off-by: Krishna T <krishna.t@nordicsemi.no>
This commit replaces API that became deprecated with the release
of nrfx2.9 - see CHANGELOG in zephyrproject-rtos:hal_nordic repository
Signed-off-by: Adam Wojasinski <adam.wojasinski@nordicsemi.no>
Created the mutex registry_lock to:
- protect read and write operations
- protect the registry.
Only partially finished as the functions like lwm2m_engine_get_obj
warrants a larger refactoring to completely thread safe the registry.
Signed-off-by: Ola Tangen Kulseng <ola.kulseng@nordicsemi.no>
LwM2M was not reported properly case when message "Accept"
coap option was not not supported. In that case LwM2M transport
specification define 4.06 "Not Accepted"
Signed-off-by: Juha Heiskanen <juha.heiskanen@nordicsemi.no>
When AUX_ADV_IND or AUX_CHAIN_IND auxiliary channel PDU scan
radio event overlaps Periodic Sync radio event in unreserved
time space, let the Periodic Sync radio event be aborted so
that the auxiliary channel PDU can be received to generate
Extended Advertising Reports. Added a new Kconfig to enable
this.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Set the location in the init command. Also updates the
available context to the CONTEXT macro value.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The update result is supposed to indicate success only after a firmware
update has been applied. The bug here was that the success was reported
already when the update image download was done.
Signed-off-by: Veijo Pesonen <veijo.pesonen@nordicsemi.no>
Implements a logging backend implementing the mtrace protocol
to relay log messages over SRAM. This protocol is implemented
by the SOF Linux driver ("mtrace" debugfs interface).
This implementation follows example of the ADSP HDA logger implemented
in commit 6913da9ddd ("logging: cAVS HDA based logger").
Cc: Tom Burdick <thomas.burdick@intel.com>
Signed-off-by: Kai Vehmanen <kai.vehmanen@linux.intel.com>
Current ztress design supports both timer context and thread
context. The timer context always uses the first element of
several global array variables like exec_cnt[] and backoff[].
But progress_timeout() is using the last element of exec_cnt[]
to calculate the progress of timer context. It is not right.
Signed-off-by: Ming Shao <ming.shao@intel.com>
Increase deafult value of SHELL_ARGC_MAX configuration.
This allows users to utilize deeper nested shell menus without
risking maxing out the number of allowed arguments.
Signed-off-by: Anders Storrø <anders.storro@nordicsemi.no>
Tests with KERNEL enabled perform their cleanup logic after the suite's
after and test rules are executed. Unittests should do the same.
Signed-off-by: Yuval Peress <peress@google.com>
Updates the implementation when KERNEL is available to safely bail on
the test when the test calls fail, skip, or pass during invalid test
phases. Print a detailed message, and skip all other tests. The test
run will be marked as failed.
Signed-off-by: Yuval Peress <peress@google.com>
Move the function used for printing the phase name up so its available
for both unittest and KERNEL mode of tests.
Signed-off-by: Yuval Peress <peress@google.com>
When not running in setup, before, or in the test. Calling fail, skip,
or pass is invalid and should be considered an error. Properly handle
these cases by printing a more detailed error message and bailing the
process.
Signed-off-by: Yuval Peress <peress@google.com>
When KERNEL was not defined (unittest), the call to init_testing was
used to set a longjump target using 'stack_fail'. When triggered,
this was actually causing a segfault, because longjmp is only valid
if going directly up the stack. Since init_testing returned, it was
no longer on the stack. Instead, that logic MUST be inlined.
Signed-off-by: Yuval Peress <peress@google.com>
* Adds a default hook and init function for cavstool.
* Adds an optional padding on flush feature to ensure all data is written.
* Fixes an error in cavstool.py for correctly wrapping the ring buffer.
* The test case now ensures wraps and flushes occur numerous times.
Signed-off-by: Tom Burdick <thomas.burdick@intel.com>
Normal usage for Bluetooth applications are getting close to or
already overflowing the default BT RX stack size of 1024.
For example:
- Discovery using the fixed ATT channel used 984 bytes.
- Discovery using an enhanced ATT channel used 1048 bytes,
which would lead to stack overflow using the default BT RX thread
stack size.
Signed-off-by: Herman Berget <herman.berget@nordicsemi.no>
At some point, package copy function was extended and renamed
to cbprintf_package_convert. However, flags used by this
function were not renamed and used contained COPY idiom.
Deprecating flags with COPY and replacing them with flags
with CONVERT idiom to match function which is utilizing them.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
When using periodic advertising list and receiving
hci_le_per_adv_sync_established event from controller with
an error code the bt_le_per_adv_sync_term_info would be
incorrectly populated with le_addr and sid. This is because
the current pending advertising sync object is not populated
with any le_addr and sid from bt_le_per_adv_sync_create as
those are not used when option
BT_LE_PER_ADV_SYNC_OPT_USE_PER_ADV_LIST is set.
Instead the bt_le_per_adv_sync_term_info shall be populated
with the le_addr and sid coming in the event from controller.
Signed-off-by: Jakob Krantz <jakob.krantz@u-blox.com>
Re. peripheral phy update procedure: UNKNOWN_RSP from central was not
handled, leading to stall of procedure and subsequent procedure timeout
Proper handle and unit test for case added.
Signed-off-by: Erik Brockhoff <erbr@oticon.com>
Multiple places we assumed that we could simply just do
sink_stream->iso == chan without checking if sink_stream
was NULL.
This commit fixes that by adding proper NULL checks for that,
as well as additional checks before defaulting to the
source_stream.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
log_output.c was added in two places: unconditionally when logging
is enabled and when CONFIG_LOG_OUTPUT is set. Cleaning up to add
source file only when module is enabled.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
When shell was used as a log backend it did not enabled log_output
module used for string formatting. Adding missing dependency.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
The Bluetooth address constants (BT_ADDR[_LE]_ANY, BT_ADDR[_LE]_NONE)
are currently defined as the address of the local anonymous structs
that are initialised to the corresponding address values, and assigning
them to a variable whose scope is greater than that of a function may
end up creating dangling pointers (for instance, as done in the
`bt_conn_get_info` function).
This commit defines the Bluetooth address constants as global constant
variables that are placed in the read-only data section, and modifies
the Bluetooth address constant macros to use the address of these
variables instead.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit adds the `const` qualifier to the `addr` parameter of the
`bt_monitor_new_index` function because this parameter is and should
never be modified within this function.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
