Allows erasing secondary slot which is marked for test or confirmed.
This is safe as bootloader doesn't make any action on boot-setup yet.
Erase of such pending image might considered like the case when it
was never downloaded as well.
This allow user to not stuck with pending irremovable image.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
When k_heap_alloc() is expressed in terms of k_heap_aligned_alloc()
it invokes a longer aligned allocation code path with an extra runtime
overhead even though no alignment is necessary.
Let's reference and invoke the aligned allocation code path only when an
actual aligned allocation is requested. This opens the possibility for
the linker to garbage-collect the aligning code otherwise.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
We can't do synchronous HCI command sending in any settings commit()
callback, since we don't know what context the callback is being called
from. One particular deadlock can happen if settings_load() is called from
the preemptible main thread:
main()
|--> settings_load() (aquire settings_lock mutex)
|-->commit callback A that defers to system wq
|-->commit callback B that calls bt_hci_cmd_send_sync()
system wq from the previous deferral from within settings_load():
|--> work item
|--> settings_save_one()
|--> attempt to aquire settings_lock mutex
In the above scenario, the bt_hci_cmd_send_sync() call from the main thread
depends on the system workqueue being processed (since that's what does HCI
command processing by default), while at the same time holding the settings
subsystem's mutex. At the same time, a system wq item tries to store
something into settings, however it deadlocks waiting for the settings
mutex.
The actual scenario that we have in the Bluetooth subsystem is where
"commit callback A" is commit_settings() in host/settings.c, and "commit
callback B" is keys_commit() in host/keys.c.
The solution to the deadlock is to take advantage of deferred bt_id_add()
handling which already exists, i.e. set a flag and deferre the actual
adding to the system workqueue.
Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
The CS complete callbacks provide both status and params.
In the case of errors, NULL pointer is passed to the params of callbacks.
Signed-off-by: Ryan Chu <ryan.chu@nordicsemi.no>
If the HCI status of a complete event is not BT_HCI_ERR_SUCCESS,
the remaining parameters could be invalid.
In this case, the params is passed as NULL pointer to the callbacks.
- LE CS Read Remote Supported Capabilities Complete event
- LE CS Read Remote FAE Table Complete event
- LE CS Config Complete event
- LE CS Security Enable Complete event
- LE CS Procedure Enable Complete event
This change avoids forwarding the invalid fileds to the applications.
Signed-off-by: Ryan Chu <ryan.chu@nordicsemi.no>
String location information should only be sent for core which
do not append strings to the log message (PPR, FLPR). Without
this, cpurad was also sending that information and that was
redundant.
Signed-off-by: Krzysztof Chruściński <krzysztof.chruscinski@nordicsemi.no>
When decoding logs from a remote core with memory that APP can
access, wrong address of an array with string addresses was used.
Log message contains index of a string and APP strings array was
used instead of remote core. Extend STMESP logging so that address
of string array of a remote core is send during startup to the APP
and APP is using this array to decode strings from remote cores.
Bug applies only to PPR and FLPR as APP has no access to RAD memory.
Signed-off-by: Krzysztof Chruściński <krzysztof.chruscinski@nordicsemi.no>
By default the thread priority is still the lowest application thread
priority. Allow the priority to be increase by specifying both, the
`override` option as well as the desired `priority`. This pattern was taken
from the shell thread.
Signed-off-by: Cla Mattia Galliard <cla-mattia.galliard@zuehlke.com>
The least significant bit of the first octet of a MAC address is a
unicast/multicast bit. The bit should be cleared when generating a
random link address for a virtual interface. Any frames from such
interface/address will be dropped by the network as invalid if
the multicast bit is set.
Signed-off-by: Jack Chistyakov <jack.chistyakov@outlook.com>
Due to sizeof('\0') evaluating to 4 bytes instead of 1:
- Each UDI field had 4 instead of 1 'zero byte' appended
(as specified by BLE spec).
- Any field of length 4 was being skipped entirely.
Signed-off-by: Sean Kyer <Sean.Kyer@analog.com>
The publication period is defined by Steps and Resolution.
At BLE Mesh protocol level, the period is encoded in a byte
where first LSB 6 bits correspond to PerSteps and the last
two to PerRes. There is an issue on how the code at
`subsys/bluetooth/mesh/shell/cfg.c:model_pub_set` is encoding
these two values into the publication period byte.
This is commit fixes issue #87780
Signed-off-by: Raúl Gotor <raulgotor@gmail.com>
If the connection handle given to a Read/Write Authenticated Payload
Timeout HCI command is a CIS or BIS handle, the error returned has to
be BT_HCI_ERR_CMD_DISALLOWED with the new TCRL
Fixes EBQ test failures in HCI/BIS/BI-14-C, HCI/BIS/BI-15-C,
HCI/CIS/BI-20-C and HCI/CIS/BI-22-C
Signed-off-by: Troels Nilsson <trnn@demant.com>
Commit fixes bug when corresponding group ID was never
incremented for independent corresponding relationships.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
Allow only 0xc (0b11) as two highest bit to mark the compression
when parsing the CNAME response. See RFC 9267 ch. 2 for details.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Make sure that the CNAME handling checks recursive name pointers
and fails the response if recursion is detected.
See RFC 9267 ch. 2 for details.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The closing comment for CONFIG_SDMMC_STACK #ifdef directive was
incorrectly labeled as CONFIG_SDIO_STACK. This commit corrects the
comment to reflect the correct configuration macro and improve code
clarity.
Signed-off-by: Mirai SHINJO <oss@mshinjo.com>
When deriving the new LK, remove the old LK if it exists.
Store the derived LK if the flag `SMP_FLAG_BOND` of LE SMP is set.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
The flag `BT_LINK_KEY_SC` of LK will also be set when derive LK from
LTK.
It is a incorrect behavior.
The flag `BT_LINK_KEY_SC` should only be set if the flag `BT_KEYS_SC`
of LTK has been set.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
The check for index out of bound is missing, It turns into a crash
for input channel more than WIFI_MGMT_SCAN_CHAN_MAX_MANUAL.
Signed-off-by: Kapil Bhatt <kapil.bhatt@nordicsemi.no>
The flag `SMP_FLAG_BR_CONNECTED` is cleared by the function
`smp_br_reset()` and `smp_br_init`. But the flag
`SMP_FLAG_BR_CONNECTED` should not be cleared at this time.
Recovery the flag `SMP_FLAG_BR_CONNECTED` after the all flags of SMP
cleared.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
If the encrypt value of classic connection is
`BT_HCI_ENCRYPTION_ON_BR_AES_CCM`, set the flag `BT_KEYS_SC` for
the derived LTK.
Or, clear the flag `BT_KEYS_SC` for the derived LTK.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
In current implementation, the flag `local_dist` will be cleared when
the distributed key frame is performed if the local is the SMP
initiator. After the distributed key is sent out, the function
`smp_pairing_br_complete()` will be called if all bits of `local_dist`
are cleared.
It causes the function `smp_pairing_br_complete()` will be called
multiple times.
Add a flag `local_distributed` to flag the all sent keys. Add only the
flag `local_distributed` is not set, preform the key distribution
frame.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
The derived LE keys are not saved to NVM. And the IRK is not added to
controller resolving list. It causes two issues,
Issue 1, the LE connection connection cannot be established if the adv
address of peer is RPA.
Issue 2, the LE keys are missing after the power reset.
For issue 1, add a function `smp_br_id_add_replace` to add LE keys.
For issue 2, check the BR bondable flag `BT_CONN_BR_NOBOND` instead of
`SMP_FLAG_BOND`.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
For testing purposes only. Testing the fatal error handler or
a coredump backend. Or just out of curiosity.
Signed-off-by: Tomasz Bursztyka <tobu@bang-olufsen.dk>
Only meant to be used on platforms that would not wipe the RAM on reboot.
This won't work if the platform is halted and restarted as RAM is
volatile, obviously. A relevant fatal error handler needs to be provided
to reboot.
Signed-off-by: Tomasz Bursztyka <tobu@bang-olufsen.dk>
This might come in handy for other coredump backends too, not only flash
one. Obviously: changing the logic to use the coredump generic API instead
of the flash backend's internal functions.
Adding a better output, following how the coredump is actually created:
parsing and printing headers, and their respective content.
Signed-off-by: Tomasz Bursztyka <tobu@bang-olufsen.dk>
Fix incorrect payload count at CIS Establish due to existing
CIG event overlapping the ACL event at the instant when the
CIS gets the active flag set.
The overlapping CIG event picked up the new CIS that had its
active flag set in the current CIG event instead of at the
actual CIS offset which is in the next CIG event.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix CIS offset calculation due to use of decremented ACL
event counter, where as the CIS offset is inquired in the
next ACL event.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix incorrect CIS offset in use if instant is picked from
the peer sent CIS RSP PDU. Instead, keep the instant that
was sent in the CIS REQ PDU as the instant to send in the
CIS IND PDU.
This fixes CIS failed to be established when dissimilar
ACL and ISO intervals are in use.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix incorrect payload count at CIS Establish due to existing
CIG event overlapping the ACL event at the instant when the
CIS gets the active flag set.
The overlapping CIG event picked up the new CIS that had its
active flag set in the current CIG event instead of at the
actual CIS offset which is in the next CIG event.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix Peripheral CIS sorted by CIG implemenation to use CIS
offset stored in LLL context which is the correct offset
from the CIG anchor point. CIS offset in the ULL context
is the offset from the ACL anchor point at the time of
the CIS establishment.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix CIS event_count_prepare use missed as part of fixes
related to commit be91cfedfb ("Bluetooth: Controller: Fix
incorrect event_count when CIG overlaps").
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The settings shell returned an unhelpful message when provided
the incorrect arguments. This changes the returned message to
provide the correct usage message.
Signed-off-by: Tim Gibson <timmaxgibson@gmail.com>
dt_chosen_enabled argument was incorrect and it was always returning
n so option could not be used.
Signed-off-by: Krzysztof Chruściński <krzysztof.chruscinski@nordicsemi.no>
This is a hack that is used until we have proper IP routing
in place. The code has now special check that makes sure that
we only route IP packets to VPN interface when the packet is
destined to that subnet. So if destination IP address does
not belong to VPN interface subnet, it is not routed there.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Instead of calling various network interface API functions to get
the network interface and related source IP address, have a single
function that can return both data.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add support for setting up VPN enablers in the network stack.
These are to be used by the VPN implementation like Wireguard.
Signed-off-by: Jukka Rissanen <jukka.rissanen@gmail.com>
Currently we ignore the received domain name but make sure we
print it in order to avoid unknown option prints.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Currently we ignore the received host name but make sure we
print it in order to avoid unknown option prints.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Currently we ignore the broadcast address but make sure we
print it in order to avoid unknown option prints.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Commit removes device key candidate if provisionee failed
during device key refresh procedure or mesh reset has been
called in between. Otherwise, device key candidate gets
stuck in the internal trusted storage of crypto library.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
Avoid compiler warnings for zero-length-arrays in the http-server. By using
memcpy instead of strcpy.
Signed-off-by: Cla Mattia Galliard <cla-mattia.galliard@zuehlke.com>
