Spin locks held for any lengthy duration prevent interrupts and
in a real time system where interrupts drive tasks this can be
problematic. Add an option to assert if a spin lock is held for
a duration longer than the configurable number of microseconds.
Signed-off-by: Tom Burdick <thomas.burdick@intel.com>
Adds check to verify that the audio stream is actually
in the streaming state before handling the
audio data. As per the BAP spec, a stream that
is not in the streaming state shall not send
any data, and this check is to handle any
remote devices that are not working correctly.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Cosmetic change: the zst was short for zephyr_smp_transport,
now it is just smp_transport so smpt makes more sense.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The MCUMgr library is now part of Zephyr, so there is no point
to prefix SMP functions with Zephyr.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This change implements part two of the program laid out in the TSCH RFC,
see #50336#issuecomment-1250250154 :
> Consolidate IEEE 802.15.4 options in net_pkt
This change improves decoupling of generic net core code from
IEEE 802.15.4 internals. It also simplifies IEEE 802.15.4
attribute cloning and thereby makes it easier to maintain and less
error prone (and probably even faster as individual bits are no longer
copied over separately).
This enables us to extend and design IEEE 802.15.4 L2 attributes inside
the package in isolation from the net core code which will no longer
have to be changed when introducing changes or additions to the flags.
This flexibility will be built upon in later change sets to model the
IEEE 802.15.4 attributes closer to the spec.
The solution is inspired by Linux's sk_buff->cb attribute which addresses
the same concern as the attribute introduced in this change set:
https://elixir.bootlin.com/linux/v6.0.1/source/include/linux/skbuff.h#L871
As the inline comment says: The cb attribute can be made a union or even a
uint8[something] in the future, if further L2s need a control block, too.
Right now such full indirection would make the code overly abstract, so
I chose to compromise with maintainability in mind.
Care has been taken to ensure that this changes does not introduce
additional padding into the net package. To maintain zero-padding, future
changes to the net packet struct will have to ensure that the
IEEE 802.15.4 struct is 4-byte aligned (iff the IEEE 802.15.4 struct
continues with max uint32_t scalar members) which is no deviation from
the previous implementation.
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
The IEEE 802.15.4 L2 now sets the ll protocol in the packet to a
specific value. This corresponds to the respective solution in Linux and
is required to validate access to IEEE 802.15.4 specific attributes of
the packet.
Later change sets will rely on this value to ensure that IEEE 802.15.4
specific package content can only be accessed on IEEE 802.15.4 packages.
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
The net packet structure contains pointers to link-layer source and
destination addresses. Usually, these structures do not point to
separately allocated memory but directly into the packet's data buffer.
In case of a deep package clone (which includes copying the buffer) the
copy of the ll addresses continued to point into the old package
(contrary to a rather misleading inline comment). This was proven by an
additional failing unit test assertion.
As the original package may be unreferenced while the cloned package is
still being accessed, the ll address pointers of the cloned package may
become invalid.
The fix consists of two parts:
* First it is determined whether a given ll address actually points into
the buffer and if so at which logical cursor offset it is located.
* If the address points into the package buffer then the cursor API is
used to determine the corresponding physical memory location in the
cloned package. The ll address of the cloned package is then patched
to point to the cloned buffer.
Additional assertions were introduced to the existing unit test to ensure
that the newly generated address points to the correct content of the
cloned package.
The solution is implemented in a generic way so that the previously
redundant implementations were consolidated into a single one. The code
includes a check that ensures that the ll address check and manipulation
will be skipped in case of shallow package copies.
The change also addresses problems related to the "overwrite" flag of the
package:
* Package cloning assumes the overwrite flag to be set. Otherwise it
will not work correctly. This was not ensured inside the clone method.
* Package cloning manipulates the overwrite flag of the cloned package
but does not reset it to represent the same state as the original
package.
The change introduces a fix and unit test assertions for both problems.
Fixes: #51265
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
Most IEEE 802.15.4 drivers do not support promiscuous mode, some do.
There is a dedicated L2 flag to signal this capability to clients.
Unfortunately the IEEE 802.15.4 L2 stack does not announce this flag
even for drivers that correctly expose it in their HW capabilities.
Some clients (notably the OpenThread L2) even uses promiscuous mode
without checking whether the driver actually supports it.
This change lets the vanilla IEEE 802.15.4 L2 check the driver's
HW capabilities to announce promiscuous mode on its 'get_flags()'
interface if supported.
The OpenThread L2 uses a constant (potentially incorrect) response
to 'get_flags()'. Fixing the OpenThread L2 is out of scope of this
change. This change just introduces TODO messages to the OpenThread code
so that the OpenThread team may fix the issue (or delete the TODO if they
deem it irrelevant).
Fixes: #51263
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
Change automated searching for files using "IRQ_CONNECT()" API not
including <zephyr/irq.h>.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Change linkage for ctx_shell and default_key in shell.c to external to
share their usage in other places.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
This commits renames `health_cli.c` and `cfg_cli.c` under `mesh/shell`
folder to `health.c` and `cfg.c` accordingly. This is to create a
generic pattern for the future, when not only clients, but server models
will also expose some API through shell commands. This means that server
models' shell commands should be located in the same file as client
commands to avoid cluttering `mesh models` subcommand.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
This code is a boulerplate that will be needed for many models in mesh
shell module. This commit adds a special macro designed to improve
readability of the code and helps to avoid potential bugs when
copy-pasting identical code.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Not all shell commands may be needed for an end application even if a
certain feature is enabled. In that case they will just occupy flash
space without being used. This commit adds a separate Kconfig for each
feature to make possible to selectively disable some mesh shell commands.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Move mesh shell related options to a new file to avoid cluttering of
the main Bluetooth Mesh Kconfig file when extending it with new options.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Header lora.h and lorawan.c files make use of types defined
in kernel.h without including it.
The types.h is no more relevant with inclusion of kernel.h
Explicitely including <stdint.h>, even if the kernel.h includes
the stdint.h, this is an implementation detail. "If Kernel
decides one day to drop usage of stdint.h (unlikely),
lora.h users be in trouble."
Signed-off-by: Francois Ramu <francois.ramu@st.com>
Added link that sends messages over ipc_service. It uses
log_link_remote and will talk to log_backend_ipc_service based
on log_link_backend.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Added backend that sends messages over ipc_service. It uses
log_backend_remote and will talk to log_link_ipc_service based
on log_link_remote.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Added implementation of link and backend that are intended to
complement each other. Both requires transport function hooks
to be provided.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Add support to multidomain case where source field contains
ID and not address of the source structure.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Adding multidomain support by introducing log_link module which
acts as a receiver of log messages created by another domain.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
log_cache is capable of storing fixed length byte arrays
identified by a generic ID. If entry identified by given ID
is not found in cache, the least recently used entry is evicted
from cache.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
The cmsis implementations of osMutex was trying to inspect internal
k_mutex state (the owner and lock count) in the process of trying to
acquire the lock. This is unfixably racy, by definition other
contexts will be trying to do the same on the unsynchronized data.
As far as I can tell, the only purpose was to be able to synthesize
osMutex's specified error behavior, which we can do with the existing
return codes from k_mutex_lock(). Add similar logic to osSemaphore,
which didn't have the race but was likewise abusing access to kernel
internals.
Signed-off-by: Andy Ross <andyross@google.com>
The "limit" field of struct k_sem was in use in two places in the BTLE
host code, in one it was being used as a duplicate placeholder for the
"iso_max_num" field received in read_buffer_size_v2_complete[1]. In
another, it was just being tested for zero[2].
Those are pretty clear abuses of internal data, provide minimal value
beyond a few bytes of memory in struct bt_dev_le, and in any case
won't work with zync, where that field doesn't have the same name and
may not even exist depending on app configuration.
Copy the limit value into the struct where it belongs, and use it from
there.
[1] I strongly suspect there is a bug lurking there if the semaphore
maximum is being used to implement the kind of "packet buffer" this
code looks like. Calling k_sem_give() on a "full" semaphore WILL NOT
BLOCK. It will just drop the increment on the floor and return
synchronously. Semaphores aren't msgqs or ringbuffers! But disabling
the max value feature in zync does not result in test failures, so
maybe this usage is safe.
[2] Again, this seems suspicious; a valid k_sem should never have a
zero in that field. Presumably this is really a test for "is
initialized", and so implies there's a mixed up initialization path
somewhere?
Signed-off-by: Andy Ross <andyross@google.com>
The bridge subsystem was written with a ETH_BRIDGE_INITIALIZER that
assumed it could initialize a k_mutex with a zero-filled initializer.
That never worked. Unlike semaphores, mutexes have always required a
runtime call to k_mutex_init(). What happened instead is that
k_mutex_un/lock() returned error codes, which were ignored by the code
here. So no locking was happening.
This was discovered while migrating to zync, where an attempt to
unlock an unlocked mutex is a panic condition (and where zero-filled
initializers are legal, but represent an unfair semaphore and not a
mutex, so deadlock correctly).
Signed-off-by: Andy Ross <andyross@google.com>
This is a public API for the subsystem, can be called from app
context, unlocks the local k_mutex on one of its three exit paths, and
it's quite clear that nothing ever locks that mutex!
The code used to work because k_mutex simply returned an error if you
tried to unlock an unlocked object. Now zync will panic (when
CONFIG_ZYNC_VALIDATE=y) if you try that.
Signed-off-by: Andy Ross <andyross@google.com>
Zephyrs Host has by default enabled automatic resume of advertising
in case of disconnection when peripheral role is enabled.
The feature becomes a bit problematic in case of multirole usage.
For example assume a use case where a device is working as peripheral
and central, where it may establish single connection for each role.
In case there are two connections established and connection in
central role is dropped by peer, Host will automatically resume
advertising. After that an application can resume scanning, e.g.
in disconnected callback. That should not happen.
If one of connections was used for central role, it should not
be stolen by Host to run peripheral role. Host should verify
if a disconnected connection role was peripheral and then resume
advertising.
This approach will not break backward compatibility and change
correct resume behavior. What more, Host will follow an application
decisions about use of connection objects.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
The `audio init` should only initialize the audio (BAP)
stack. Furthermore, given that the `bt init` may do more
than just calling `bt_enable` it is generally for the best,
and more future proof, to let that command be the exclusive
way of calling `bt_enable` in the shell.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
It was possible to enter a state where setting the QoS
for a source stream after having released a sink stream
as the unicast client would cause a segmentation error.
This issue is related to how the unicast shell is using
the unicast group.
A fix has been added for it, and a check for
whether or not `audio init` (to register the needed
callback) has been added. This check has also been added
for the broadcast sink.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
If user has not specified any DNS servers in
CONFIG_DNS_SERVER_IP_ADDRESSES, then the DNS resolver will not be
initialized properly. So fix this by always calling dns_resolve_init()
so that DNS mutex get properly initialized.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Adds proper support for having more than one PDU pool for the advertising
PDUs (to save memory)
- Introduces lll_adv_aux_data_init, lll_adv_aux_scan_rsp_alloc and
lll_adv_sync_data_init to indicate if the PDU is a primary/legacy PDU
or secondary/auxillary PDU
- Scan response PDUs are initialized later, since the correct pool to draw
from depends on whether the advertising is extended or legacy
Signed-off-by: Troels Nilsson <trnn@demant.com>
The device_service shell was missing the capability to list devices
registered in the EARLY init level.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Not all C compilers understands how to use the address of a return
value as an argument to a function call. At least not our compiler.
Fix the issue by adding a variable to hold the converted value
before passing it to the function call.
Signed-off-by: Kim Sekkelund <ksek@oticon.com>
This fixes the output below by moving the closing bracket to "<Security
type (optional: valid only for secure SSIDs)>" after the enumeration of
security types "0:None, 1:PSK, 2:PSK-256, 3:SAE".
Fixes:
uart:~$ wifi
wifi - Wi-Fi commands
Subcommands:
connect :Connect to a Wi-Fi AP
"<SSID>"
<channel number (optional), 0 means all>
<PSK (optional: valid only for secure SSIDs)>
<Security type (optional: valid only for secure SSIDs)>
v----------------------^
0:None, 1:PSK, 2:PSK-256, 3:SAE
(...)
Signed-off-by: Gaël PORTAY <gael.portay@gmail.com>
Return to line after the first parameter to:
- have the second parameter in a single line (not splitted) and
- start every parameters from a brand new line (easier to read)
Signed-off-by: Gaël PORTAY <gael.portay@gmail.com>
This fixes the output below by adding the missing closing bracket to
"<MFP (optional): 0:Disable, 1:Optional, 2:Required":
Fixes:
uart:~$ wifi
wifi - Wi-Fi commands
Subcommands:
connect :Connect to a Wi-Fi AP
"<SSID>"
<channel number (optional), 0 means all>
<PSK (optional: valid only for secure SSIDs)>
<Security type (optional: valid only for secure SSIDs)>
0:None, 1:PSK, 2:PSK-256, 3:SAE
<MFP (optional): 0:Disable, 1:Optional, 2:Required
^-------------------------------------------------^
(...)
Signed-off-by: Gaël PORTAY <gael.portay@gmail.com>
This fixes the output below by returning to line after "Connect to a
Wi-Fi AP":
Fixes:
uart:~$ wifi
wifi - Wi-Fi commands
Subcommands:
connect :Connect to a Wi-Fi AP"<SSID>"
^------^
<channel number (optional), 0 means all>
(...)
Signed-off-by: Gaël PORTAY <gael.portay@gmail.com>
When calling bt_audio_discover, the discovered PAC records
were just added to the pac_cache. If called multiple times,
the PAC records would just be duplicated.
This change reset the pac records for the direction when
called.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
bt_audio_stream_config should not be called with a stream
that is already configured to another connection.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
This caused the sink to attempt to sync to more stream
for each call to bt_audio_broadcast_sink_sync as the
stream count was stored in the struct bt_audio_broadcast_sink
but never reset.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
There is no reason for the previous limitation.
The limit of 255 for the ASEs is based on the ASE IDs
which is a uint8_t, so there is a maximum of 255 of
each ASE type.
The limit of 73 * 2 = 146 is based on the maximum size of an
GATT attribute (512), and the minimum size of a PAC record (7)
makes it a total of 73 PAC records for each direction.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
There is access to the procedure context after a potential release
of the context, which (in theory) can lead to incorrect behaviour
There is no good way of testing this with a unittest without adding
specal debug code to the ull_llcp_local module
After code-inspection no other location has been found with
potential access after context release
Signed-off-by: Andries Kruithof <andries.kruithof@nordicsemi.no>
