I don't know, why this was added originally, but there are many issues with
it:
- You can't really return NULL, because src_addr is a `void*`, not a
`void**`. The `src_addr = NULL` didn't do anything.
- The code was checking if the src_addr equals to the broadcast address,
but under normal conditions, that's always a unicast address.
- Even if we would check if the destination address was the bcaddr, I don't
see how that's useful. Currently, the address is only used for messages
of types advertise and gwinfo, which use it to create a new entry in the
gateway list. In that list, you always need the unicast address, never
the broadcast address.
Signed-off-by: Michael Zimmermann <michael.zimmermann@sevenlab.de>
According to RFC 6763, chapter 12.1, PTR responses SHOULD include
"All address records (type "A" and "AAAA") named in the SRV rdata.".
This was not the case, as only one IPv6 and one IPv4 address was added
in the response by Zephyr. This commit changes this behavior, Zephyr
DNS SD responder will now try to include all IPv4/6 addresses configured
on a given network interface. The current approach of choosing one IPv6
and one IPv4 address first to include in the message is retained - this
is to prevent situation where for example IPv6 addresses will consume
all buffer space, leaving no place for IPv4 ones. The DNS responder will
encode those selected IPv6 and IPv4 addresses first, and then attempt to
include remaining IPv6/4 addresses with "best effort" approach, if there
still is a space in the buffer to add those.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
IPv4/IPv6 source address lookups may return unspecified address in case
there's no valid match (like for example LL address for global
destination). As it makes no sense to include unspecified addresses in
DNS SD replies, verify if that's not the case before adding A/AAAA
record in the response.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Instead of manipulating net_buf's data buffer directly, use net_buf APIs
to reduce complexity when creating mDNS response.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
RFC 6762 Section 6.2 "Responding to Address Queries" specifies that mDNS
responses must include all valid addresses on the interface that is
sending the response. That was not the case for Zephyr's implementation,
which sent only on address in the response (and in some corner cases no
address at all).
This commit fixes this problem. Instead of encoding a single
pre-selected address in the response, mDNS responder will now loop over
all addresses on a given interface, and try to encode them as separate
answer records in the reply.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Adds support for using MCUmgr over UART (not via shell) in a raw
mode which does not include base64 and other SMP over console
encoding
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
If we get DHCPv4 bound event, then resend mDNS announce message
for that interface. This way a new address from DHCP server will
get announced properly.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If we try to add an already existing IP address to the
address monitor list, then mark the address to be in use.
The address might have been marked as not-in-use before.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If we override a static address by a DHCPv4 address, then send
address DEL event so that listeners notice it. This happens
for example with mDNS responder that needs to keep track of
what IPv4 addresses it needs to advertise.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The "init_called" flag needs to be per context and cannot be global
as it is meant to tell whether the context is initialized first time
or not.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Fixed multicast address checking.
- net_eth_is_addr_multicast() should be for multicast address checking
but not for only IP multicast address. Then net_eth_is_addr_group()
is no longer needed.
- LLDP and gPTP multicast address checking should not depend on Kconfig
option.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Fix L2CAP configuration negotiation failure when peer device sends
MPS value larger than its own TX MTU in the configuration request.
This issue occurs when connecting to certain devices (e.g., iPhone)
using enhanced retransmission mode with MAP or PBAP profiles. The
peer may send an MPS that exceeds the TX MTU specified in the same
L2CAP_CONFIGURATION_REQ packet.
Instead of rejecting the configuration, adjust the MPS to match the
peer's TX MTU and include the corrected value in the
L2CAP_CONFIGURATION_RSP packet. This allows the connection to proceed
while ensuring MPS stays within valid bounds.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Since we have already supported sniff mode,
the corresponding link mode change event should be received.
Signed-off-by: Zhijie Zhong <zhongzhijie1@xiaomi.com>
There is no reason for which CONFIG_NET_SOCKETS_SOCKOPT_TLS should select
some crypto features by default. The correct list really depends on the
server/client the device would like to connect to.
For this reason the selection of any crypto feature is removed from
CONFIG_NET_SOCKETS_SOCKOPT_TLS with the idea that the proper ciphersuite
is to be enabled in the final sample/test configuration file.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
CID (card id register) can be useful to application for traceability of SD
cards (#66460).
Adds disk ioctl command to get the CID data that is read at initialisation.
Changes the card_read_cid function to take pointer to cid register so that
the ioctl command can utilize with the passed user buf. Updated
calling functions to pass this pointer.
Signed-off-by: John Whittington <git@jbrengineering.co.uk>
CID (card id register) can be useful to application for traceability of SD
cards.
Adds disk ioctl command to get the CID data that is read at initialisation.
The struct sd_cid is moved to sd_card so that it can be read and retrieved
by card_ioctrl.
Signed-off-by: John Whittington <git@jbrengineering.co.uk>
Add an optional power policy hook to provide custom "next event"
ticks during pm_system_suspend(), in addition to the existing
kernel ticks and policy event list.
This hook enables applications and SoC-specific code to derive
the next wake-up time directly from proprietary or
hardware-specific data structures (e.g. hardware registers,
binary-only modules, complex schedulers) that are not
practical to convert into the standard PM policy event list.
The feature is gated by CONFIG_PM_CUSTOM_TICKS_HOOK and is fully
backwards compatible when disabled.
Signed-off-by: Alessandro Manganaro <alessandro.manganaro@st.com>
Change the `pdu_len` parameter type from `uint8_t` to `uint16_t` in
function `bt_l2cap_br_pack_i_frame_header()`.
This fixes a potential overflow issue as PDU length can exceed 255
bytes, which is the maximum value that can be stored in a uint8_t.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Secure Storage is used as PSA ITS in builds where TF-M is not enabled,
but it needs a storage backend where to physically save data.
If CONFIG_SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_ZMS is used then its
"depends on" guarantee that there is a partition to use as physical
storage.
If CONFIG_SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_SETTINGS is used instead
we want to ensure that CONFIG_SETTINGS_NONE doesn't gets selected which
would result in Settings not being able to store data anywhere.
This commit add a depends_on for this last case.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
The return value variable was initialized but always overwritten
before being read.
Remove the redundant initialization to simplify the code and avoid
misleading default values.
No functional change.
Signed-off-by: Gaetan Perrot <gaetan.perrot@spacecubics.com>
Coverity found a REVERSE_INULL defect (CID 551615).
The 'hasher' pointer was used before it was checked
for NULL in crypto_query_hwcaps().
This patch reorders the logic to check the pointer
immediately after device_get_binding().
Fixes CID 551615
Signed-off-by: Shreya Kulkarni <kulkarnishreya2421@gmail.com>
Add shell commands to test the BR/EDR connection request callback
functionality introduced in the previous commit.
Add a `br_conn_req_cb()` callback function that demonstrates how
applications can handle incoming connection requests. The callback
supports:
- Accepting connections with a specified role (central/peripheral)
- Rejecting connections when auto-reject is enabled
Update the `pscan` (connectable) command to accept an optional
"central/peripheral" parameter. When provided, the connection request
callback is registered and configured to accept incoming connections
as the central/peripheral role. Without the parameter, the default
behavior is used.
Add `auto_reject_conn` shell command to enable/disable automatic
rejection of incoming connection requests for testing purposes.
This setting only takes effect if the `connectable` command has the
optional parameter `central/peripheral` set.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Add a callback mechanism to allow applications to handle incoming
BR/EDR connection requests and decide whether to accept or reject
them, as well as specify the desired role (central/peripheral).
Update bt_br_set_connectable() to accept an optional callback function
parameter. When provided, callback is invoked on incoming connection
requests, allowing the application to inspect the remote device address
and Class of Device before accepting or rejecting the connection.
If no callback is provided, the connection request is accepted
internally with the default behavior based on the
`CONFIG_BT_ACCEPT_CONN_AS_CENTRAL` configuration option.
The accept_conn() function is updated to:
- Call the registered callback if available
- Pass the remote device address and Class of Device to the callback
- Accept the connection if the callback returns BT_BR_CONN_REQ_ACCEPT_*
- If the returned value is BT_BR_CONN_REQ_ACCEPT_CENTRAL, the role
switch will be requested.
- Reject the connection if the callback returns BT_BR_CONN_REQ_REJECT_*
- Add error handling and logging for failed connection acceptance
Update all existing callers of bt_br_set_connectable() to pass NULL
for the callback parameter to maintain backward compatibility.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Add a new Kconfig option BT_ACCEPT_CONN_AS_CENTRAL to allow accepting
incoming ACL connection requests as the central role instead of the
default peripheral role.
When enabled, the accept_conn() function sets the role to central in
the HCI accept connection request command when handling the connection
request event.
The actual role will be updated in Role Change event.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
The return value variable was initialized but immediately
overwritten before.
Remove the redundant initialization and limit the variable scope to
where it is actually used.
No functional change.
Signed-off-by: Gaetan Perrot <gaetan.perrot@spacecubics.com>
- Use the minimum of our and peer MRU as the MTU of the link.
Allows for cases where our MRU is < 1500.
- Move all of the MRU handling under CONFIG_NET_L2_PPP_OPTION_MRU.
So that we handle both sending the LCP_OPTION_MRU in Configure-Request
and receiving it in Configure-Request.
- Remove CONFIG_NET_L2_PPP_OPTION_MAX_MRU.
From RFC 1661, 6.1 Implementation note:
... The peer need not Configure-Nak to indicate that it will only send
smaller packets, since the implementation will always require
support for at least 1500 octets.
- Set ppp_my_options_parse_conf_ack so that ack's are parsed.
Signed-off-by: Markus Lassila <markus.lassila@nordicsemi.no>
Move z_shell_backend_rx_buffer_flush() before state_set() in
shell_start() to prevent a race condition where incoming shell
commands could be lost.
Previously, the sequence was:
1. state_set() - prints the prompt
2. z_shell_backend_rx_buffer_flush() - flushes RX buffer
If the shell thread was preempted after printing the prompt,
the host could see the prompt and send commands. When the
thread resumed, z_shell_backend_rx_buffer_flush() would discard
those commands.
By flushing the RX buffer before printing the prompt, any
commands received after the prompt is visible will not be
affected by the flush operation.
Fixes#99674
Signed-off-by: Jakub Rzeszutko <jakub.rzeszutko@verkada.com>
Do direct resource path comparison on all registered resources before
falling back to fnmatch() so that exact path matches get always
preference.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Make USBD_HWINFO_DEVID_LENGTH prompt optional so that the code compiles
even if HWINFO is disabled.
Signed-off-by: Johann Fischer <johann.fischer@nordicsemi.no>
Both cases use a large static buffer, we can optimize here and use a
single mutex-protected buffer for both.
sendmsg() test case needed adjustments, as it was also testing a buffer
overflow scenario. This can only be properly tested however if CID
feature is disabled, as otherwise the common helper buffer size is
increased for the CID use case, preventing the overflow from taking
place.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
For options that return the handshake status, make sure they work in
multi-client DTLS server case, by returning the status for the session
that completed handshake most recently. For TLS and DTLS client cases
that should make no difference, as there should only be one session per
context.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
With support for multiple client sessions for DTLS server socket, the
session timeout can no longer rely on built-in mbed TLS timing out
mechanism, as this only works for the session that is currently active.
Background sessions would never time out if the client just went silent.
Therefore, allocate a per-session timestamp, that keeps track of the
last activity on the session. Then, whenever poll() or recv() is called
loop over all sessions to identify those that timed and should be
released.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case a client address changes, but a session uses Connection ID
extension, the server should verify if the packet belongs to any of the
established sessions based on the CID value.
Therefore, before attempting to allocate a new session in such case,
loop over sessions and try to match the packet to one of the existing
sessions based on CID. In case of success, update the corresponding peer
address.
If no session is found based on CID, only then try to allocate a new
one.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case of errors on an active session (in most cases peer closing the
session), the session should be freed. Note, that as mbed TLS needs some
session context to work with, the last session on a socket is not freed,
but only reset instead.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
For TX, the DTLS server needs to check the peer address before passing
the packet to mbed TLS. In case the peer address doesn't match the
active session, it needs to switch sessions.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Refactor RX side for DTLS server to allow session switching when a
datagram from a peer that does not match current session. The server
needs to loop over established sessions, and in case no session is
found allocate a new one.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Split DTLS BIO RX functions for client and server case, given the
functionality will differ heavily. DTLS server needs to peek packet
before passing it to mbed TLS to allow to switch DTLS sessions in case
peer address doesn't match.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Separate TLS session context from the TLS socket context so that a
single DTLS server socket can support multiple client sessions.
Other socket types will only have a single session per TLS socket.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Modbus is failing to turn on RX when using serial ASYNC mode. This
causes modbus to never receive inbound requests, leaving it inoperable.
Additionally, modbus also enables RX when in client mode, leading to
issues when running as a client. These have been fixed by enabling rx
only when serial init is successful and modbus is in server mode during
initialisation.
Signed-off-by: Ryan Wiebe <ryan.wiebe@analog.com>
Correct the minimum MTU calculation for GOEP over L2CAP to account
for the L2CAP I-frame overhead.
- Update BT_BUF_ACL_RX_SIZE default from 264 to 265 bytes for GOEP
- Update BT_GOEP_L2CAP_MTU minimum range from 259 to 265 bytes
- Add detailed comment explaining L2CAP I-frame field length (6 bytes):
* 4 bytes for extended control field
* 2 bytes for FCS field
The previous calculation only accounted for the L2CAP header (4 bytes)
but missed the 6-byte L2CAP I-frame overhead (extended control field
and FCS), resulting in an incorrect minimum of 264 bytes instead
of the correct 265 bytes. And it causes the minimum MTU of L2CAP
to be incorrectly set to 254. The MTU cannot meet the minimum
requirement of GOEP MOPL.
The correct calculation for GOEP over L2CAP is:
255 bytes (GOEP minimum MTU) + 4 bytes (L2CAP header) + 6 bytes
(L2CAP I-frame) = 265 bytes total.
Set the default value of CONFIG_BT_BUF_ACL_RX_SIZE to 265 if GOEP is
enabled.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
When the USB Bus is reset, the USBD stack will disable and re-enable
all Classes. If this occurs while streaming audio with UAC2, the
terminals remain active when re-enabled, yet the endpoints have
yet to be enabled (resulting in -ENODEV logspam). This change
disables all active terminals when the class is disabled.
Signed-off-by: Victor Brzeski <vbrzeski@gmail.com>
