Rework the rest of the IPv6-related code to avoid casting. Use raw
variants of IPv6-related functions whenever possible (especially on the
critical data path). For the routing case, use a copy of the address to
avoid massive rework of the routing module.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
IPv6 Neighbor Discovery interfaces modules like neighbor or routing
tables - converting them to raw variants seems futile. Therefore, for
IPv6 ND case, copy the raw IP address from the packet into the in6_addr
structure, and then pass it to respective functions. Performance
overhead should not be a big problem in such case as those actions are
only performed if a respective ND packet is received.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Refactor local functions to work with byte buffers instead of struct
in6_addr and use switch to use raw variants of functions operating on
IPv6 addresses.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
To address the misaligned access issues reported by UBSAN, introduce raw
variant of certain IPv6 functions used in the critical data path of the
network stack, operating on plain uint8_t buffers in stead of IPv6
address struct.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The peer uses the RPA address.
A BR connection is created firstly, a subsequent BLE connection is
created secondly, the BR SMP CTKD occur thirdly (The BLE LTK is
derived from BR and the BR SMP distribute peer's IRK and identity address
here), but the BLE LTK is saved to key pool that is not
matched with the previous BLE connection because the derived LTK is saved
with identity address and BLE connection uses RPA. Fix it by: Resolve the
BLE connections' RPA with the derived IRK to find the previous BLE
connections and match the connections with derived LTK key.
Signed-off-by: Mark Wang <yichang.wang@nxp.com>
According to RFC 793, ch 3.9 Event Processing,
after the connection is sync-ed with seqnum of both sides then,
1. drop any received segment if the ACK bit is off.
2. validate the acknum like this:
SND.UNA =< SEG.ACK =< SND.NXT
The ACK validation is done before entering the state-machine, so
remove the flags <ACK> check in the state-machine processing.
Signed-off-by: Shrek Wang <inet_eman@outlook.com>
Channel tx_queue purging on disconnect was inconsistently handled
by the different channels: iso, l2cap, l2cap_br.
iso channels handled purging in the tx_data_pull hook.
l2cap and l2cap_br did the purging in channel delete functions
and did not expect tx_data_pull to be called for a disconnected
channel. Their data_pull functions could return a ptr to a
net_buf that was still on the tx_queue, which is problematic
when the conn tx_processor unrefs the returned buffer resulting
in multiple calls to the buf destroy function.
To make things consistent and correct, remove the code that tries
to purge tx_queues in the tx_processor and only do purging in
the channels themselves when they are deleted/disconnected.
Also refactor and clarify referencing of the net_buf returned
by tx_data_pull. It was confusing who had a reference and
when, which could vary depending on the length of the original
buffer. There are three cases: the buffer length is less
than the tx.mps, greater the mps but less than the mtu so
requiring segementation but not fragmentation, or greater than
both mps and mtu so requiring both segmentation and fragmentation.
The conn layer would increase the refcnt if the length was
greater than the mtu, but not have any awareness of whether
the net_buf was still on the tx_queue or not.
Now it is the tx_data_pull callbacks responsibitity to increment
the reference count if it is returning a pointer to a net_buf
that it is still keeping on the tx_queue for segmentation purposes.
The conn layer will now always transfer that reference into a
fragment view and not conditional it on the length relative to
the mtu, and always decrement the reference to the parent when
the fragment is destroyed.
So there is no risk of decrementing a reference to a net buf
that might still be on a tx_queue, which simplifies error
handling in particular.
Also add error handling paths for when asserts are not enabled.
Signed-off-by: Mike J. Chen <mjchen@google.com>
Fix peripheral role assertion during connection update and
simultaneous flash operations.
prepare_cb: Actual EVENT_OVERHEAD_START_US = 6149
This happens due to instant latency at connection update
where the ticks_at_expire was in the past.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Write operations are not constant time on nRF54Lx SoCs and
depend on the previous value present versus new value to be
written. Hence, perform no more than one iteration.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
In HFP PTS, cases run fail with the log 'Bluetooth Profile Descriptor
List UUID (0x111E) is missing'.
With this patch, the affected cases can pass correctly.
Signed-off-by: Jiawei Yang <jiawei.yang_1@nxp.com>
This commit fixes the content of the log messages that appear when an
error occurs while applying the pinctrl.
Signed-off-by: Jun Lin <CHLin56@nuvoton.com>
htons() takes uint16_t as argument. Add the 'u' suffix to the
TTL constants to ensure the correct unsigned type is used and to avoid
undefined behavior if these functions are implemented as macros using
bit shifts.
Signed-off-by: Tim Pambor <tim.pambor@codewrights.de>
Verify if the block number isn't negative before processing it, to
prevent potentially undefined behavior. This was reported by the
undefined behavior sanitizer.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
SonarQube reports: cast from 'const struct _snode *' to 'struct _snode *'
drops const qualifier. Fix it by removing the const.
Signed-off-by: Mark Wang <yichang.wang@nxp.com>
(cherry picked from commit 7982ee0df13b7f9e54595f799e32f38c464b0f9e)
1. bt_sdp_discover may be called in two tasks at the same time:
(1) If the 2 calls are for 2 acl conns,
the same session may be new allocated to two acl conns.
(2) If the 2 calls are for the same acl conn, the same session should be
used.
Use the bt_conn_index to map acl conn with session to fix it.
2. fix that bt_sdp_discover may use one session that is disconnecting,
put req to reqs_next and process it after disconnected.
3. remove memset of session, reset each members individually.
Signed-off-by: Mark Wang <yichang.wang@nxp.com>
(cherry picked from commit dcbe5d7dc5d72ce0d2915cf2b291cc84a916a536)
Utilize a code spell-checking tool to scan for and correct spelling errors
in `Kconfig` files within the `soc` and `subsys` directory.
Additionally, incorporates a fix recommended by the reviewer.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
Ensure that the BR/EDR L2CAP RX MTU is limited to the configured
BT_L2CAP_RX_MTU value during channel configuration.
This change prevent potential buffer overflow issues when receiving
data larger than the configured buffer size.
Signed-off-by: Jiawei Yang <jiawei.yang_1@nxp.com>
The MTU calculation in rfcomm_connected() was incorrectly adding the FCS
size instead of subtracting it.
This could lead to buffer overflows when sending data that exceeds
the actual available space.
Fix the calculation by properly subtracting both the RFCOMM header size and
the FCS size from the L2CAP MTU to get the correct RFCOMM session MTU.
Signed-off-by: Jiawei Yang <jiawei.yang_1@nxp.com>
Some of the Kconfig options did not reflect the actual
requirements from the TMAP spec. Relying on the AUDIO_TX
and AUDIO_RX was misleading, as they could be set by
broadcast configurations when the features required
unicast features.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Instead of crashing fail with a message when -test arguments is of
wrong format.
Fixeszephyrproject-rtos/zephyr#91655
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Use UNALIGNED_MEMBER_ADDR when getting the address of possibly
unaligned structures members instead of attempting to directly
get the address as an offset.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Use UNALIGNED_MEMBER_ADDR when getting the address of possibly
unaligned structures members instead of attempting to directly
get the address as an offset.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Use UNALIGNED_MEMBER_ADDR when getting the address of possibly
unaligned structures members instead of attempting to directly
get the address as an offset.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Use UNALIGNED_MEMBER_ADDR when getting the address of possibly
unaligned structures members instead of attempting to directly
get the address as an offset.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Use UNALIGNED_MEMBER_ADDR when getting the address of possibly
unaligned structures members instead of attempting to directly
get the address as an offset.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
zperf should only return 'Kbps'. There are still two left-overs
from converting shell prints to 'Kbps'.
Align all prints to make it easier for scripting and parsing
content from console output.
Signed-off-by: Daniel Schultz <d.schultz@phytec.de>
POLLHUP event may be returned even if there is still data to read
and POLLIN is set. To ensure all data is consumed, check for
POLLHUP after handling POLLIN.
https://man7.org/linux/man-pages/man2/poll.2.html
Signed-off-by: Juha Ylinen <juha.ylinen@nordicsemi.no>
The NET_EVENT_WIFI_SIGNAL_CHANGE was not added to net mgmt event queue
so that no scan was triggered, which caused roaming fail. The event
NET_EVENT_WIFI_SIGNAL_CHANGE was dropped because it was not enabled in
WIFI_SHELL_MGMT_EVENTS. After adding NET_EVENT_WIFI_SIGNAL_CHANGE, the
roaming works as expected.
Same issue found on event NET_EVENT_WIFI_NEIGHBOR_REP_COMP for 11k
roaming. Add this event to WIFI_SHELL_MGMT_EVENTS, too.
Signed-off-by: Hui Bai <hui.bai@nxp.com>
Commit 3c47f91be4 introduced alignment
validation in K_MEM_SLAB_DEFINE macros.
A couple PTP message slabs wer using alignment 8, while the size of
the elements wasn't a multiple of 8, causing a static assertion
failure.
Fix by changing the alignment from 8 to 4 bytes.
Signed-off-by: Benjamin Cabé <benjamin@zephyrproject.org>
Fix peripheral EVENT_OVERHEAD_START_US assertion due to
missing packet timer timestamp accumulation under single
timer use in nRF54Lx SoCs.
Relates to commit 373dc0db71 ("Bluetooth: Controller:
Single timer use Extended Advertising nRF54L support").
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This commit adds a device-tree prop for the audio streaming
terminals to specify the bInterval values for the Isochronous
endpoints.
Signed-off-by: Victor Brzeski <vbrzeski@gmail.com>
This change allows for enabling/disabling the idle traces by setting the
CONFIG_TRACING_IDLE config.
Signed-off-by: Krzysztof Sychla <ksychla@antmicro.com>
Like other API in DNS cache, `dns_cache_remove` should check arguements
return -EINVAL if any of them is NULL.
Signed-off-by: Benjamin Cabé <benjamin@zephyrproject.org>
Since the addition of deinit operation in device, init and deinit have
been within each device, rendering their init entry's init function
useless.
In order to save ROM space, let's remove the init function from
init entry altogether, and introduce a new object called "service"
which owns an init function to go along with SYS_INIT/SYS_INIT_NAMED.
Signed-off-by: Tomasz Bursztyka <tobu@bang-olufsen.dk>
Introduce a new USB Video Class (UVC) implementation from scratch.
It exposes a native Zephyr Video driver interface, allowing to call the
video_enqueue()/video_dequeue() interface. It will query the attached
video device to learn about the video capabilities, and use this to
configure the USB descriptors. At runtime, this UVC implementation will
send this device all the control requests, which it will send to the
attached video device. The application can poll the format currently
selected by the host, but will not be alerted when the host configures
a new format, as there is no video.h API for it yet.
Signed-off-by: Josuah Demangeon <me@josuah.net>
UDC drivers use udc_buf_get_all() when dequeueing endpoint. On drivers
that require double buffering for isochronous IN endpoint, the dequeue
on interface disable will result in class request API called on net_buf
with frags set. Call release callback on the buffer pointed in frags
because it was passed in using usbd_uac2_send().
Signed-off-by: Tomasz Moń <tomasz.mon@nordicsemi.no>
Earlier we had socketpair to pass wifi event information from
wpa_supplicant side to zephyr adaption layer. This is now replaced
by k_fifo to save some RAM.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Call updatehub_report_error() when detecting an unconfirmed image in
autohandler to ensure the server is notified of the failure before
triggering a rollback.
Signed-off-by: Adrien Maillard <adrien.maillard@edu.hefr.ch>
Report the error state to the UpdateHub server before triggering a rollback
in autohandler mode. This prevents the server from redeploying the same
(failed) update after rollback, avoiding update loops. Also exposes a new
public syscall: updatehub_report_error(), allowing manual mode users to
report an error explicitly.
Signed-off-by: Adrien Maillard <adrien.maillard@edu.hefr.ch>
