Rework the BT_ASSERT infrastructure with the following changes:
- Transition from LOG() macros to printk()
- Allow the BT_ASSERT() macro to map directly to stancard __ASSERT()
- Allow printing of the assert reason to be disabled
- Switch from k_oops() to k_panic() configurable
There are 2 reasons for using printk() instead of LOG():
- BT_ERR uses deferred logging by default, which is problematic with
ASSERTs
- The __ASSERT() macro in Zephyr uses printk()
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Fix issue when checking if SMP pairing procedure is allowed to use the
SMP debug keys. This check did not consider the case where the keys
pointer was assigned, but did not contain a valid LTK key.
This resulted in being unable to pair with debug keys without an
existing bond.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix shell build dependencies, subsys/bluetooth/controller is only added
for CONFIG_BT_LL_SW_SPLIT or CONFIG_BT_LL_SW_LEGACY.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The return code of set_random_address is not always handled. This could
lead to connection using the wrong Identity address.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
nrf_timer.h and nrf_ppi.h are included by including
radio_nrf5.h, so we do not need to include them in
radio.c.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit enabled TEST_USERSPACE_WITHOUT_HW_STACK_PROTECTION
Kconfig option by default for ke1xf SoC Series, which instructs
the build to disable HW stack protection from tests that are to
run with User Mode enabled. This is done because this platform
does not have a sufficient number of MPU regions to support HW
stack protection (Stack Guards) and User Mode simultaneously.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit introduces a new Kconfig option in the testsuite
sub-system, which allows us to disable HW stack protection from
tests that run with user mode enabled.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Remove incorrect LL_ASSERT check in Lower Link Layer that
checked for invalid connection handle on reception of PDU.
The assert is not needed as PDUs can be received until the
Upper Link Layer is aware of the acknowledgement of the
terminate ind PDU.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Add workaround for advertising data issue in the internal bluetooth
controller. The advertising data must be set after advertising
parameters in order to successfully update the advertising data after
an directed advertiser has been active.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Make sure that the last entry added is deleted correctly by storing the
fact that one was found in a local variable.
Fix by Laczen JMS <laczenjms@gmail.com>
Fixes#18813.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Fix handling of Rx-ed PDU on termination, do not process
Rx-ed control PDUs and release the PDU buffer back to the
free pool.
Without this fix, Rx-ed control PDU was responded with a
Tx PDU, which did not get acknowledged or released.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The usdhc driver was incorrectly post-decrementing a do/while loop
iterator, causing an extra iteration of the loop and an out-of-bounds
array access. Change the iterator to decrement within the loop instead.
Tested samples/subsys/fs/fat_fs on the mimxrt1050_evk board.
Coverity-CID: 203403
Signed-off-by: Maureen Helm <maureen.helm@nxp.com>
Endianness bug fix in bt_uuid_create function.
Replaced bt_uuid_create_le with bt_uuid_create which
handles both UUID from air and internal varaiable.
Fixed bug with endianess in case of big endian targets.
Signed-off-by: Akshatha Harishchandra <akhr@oticon.com>
The LwM2M implementation for DNS resolving has checks which
configure hints based on whether IPv4 or IPv6 are enabled.
Neither of them need enabled if using NET_SOCKETS_OFFLOAD,
which then causes an error to be returned to due to
"hints.ai_family" not being set.
Also the offload API need to know when to free the allocated
"struct addrinfo" instead of calling free() generically,
thus let's use the freeaddrinfo() API for sockets which will
call into the offload API if needed.
Fixes: https://github.com/zephyrproject-rtos/zephyr/issues/18765
Signed-off-by: Jun Qing Zou <jun.qing.zou@nordicsemi.no>
When an opcode doesn't have a handle that doesn't mean it is unknown
just that it will not be handle as it could have been disabled.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
SMP shall be considered internal TX notify callbacks so they are
allowed to be run from TX thread context like the others.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When CONFIG_BT_GATT_CLIENT is not set att_op_get_type would return
unkown operation instead of properly return the opcode.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Since bt_l2cap_create_pdu can return NULL when used under syswq context
the code should always check its result, this also changes the timeout
to have a specific value (RTX maximum timeout) so signalling PDUs still
wait for a buffer to become available.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
In certain cases there could be no buffer available which may lead to
NULL being returned by bt_l2cap_create_pdu so instead use
bt_l2cap_create_pdu_timeout to wait with a specific timeout.
Note that this should also ensure the SMP will not be waiting for a
buffer when the remote might have timed out already.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds bt_conn_create_pdu_timeout function which can be used
to provide a timeout when allocating a buffer.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When the firmware_pull mechansim sends the callback to notify the
sample of a new firmware block, the user supplied buffer can be
smaller than the CoAP BLOCK_SIZE setting. To handle this case,
we loop through the payload and fill the user supplied buffer with
smaller chunks.
Unfortunately, the last_block calculation is done outside this loop
which causes several callbacks (while in this loop) to have
last_block true. Let's fix this by adding a small check to make
sure we're at the end of the current payload block before notifying
the user of a last_block.
Fixes: https://github.com/zephyrproject-rtos/zephyr/issues/16158
Signed-off-by: Michael Scott <mike@foundries.io>
The mDNS packet receive had issues:
* The DNS id needs to be 0 for both sending and receiving, we did
not accepted 0 incoming id.
* The mDNS response does not have any questions in it so we just
need to skip the question count checks in response.
* Skip the Cache-Flush bit in Class field so that we can properly
parse CLASS_IN value.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
In DNS server init, print information whether the DNS server
is mDNS or LLMNR one. This way we do not need to remember what
IP addresses are used either of them.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The source UDP port in all Multicast DNS responses MUST be 5353
as described in RFC 6762 chapter 6.
Fixes#18732
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Increase the length of the request buffer.
Current value is not enough for an average
device descriptor.
Signed-off-by: Johann Fischer <j.fischer@phytec.de>
Mitigate the check of the request buffer length because
the host may not know the real length for some responds.
Signed-off-by: Johann Fischer <j.fischer@phytec.de>
Make sure we use the IPv4 event command when checking IPv4 address
add or delete instead of event mask.
Coverity-CID: 203483
Fixes#18400
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Fix reset of Encryption Procedure state on reception of
REJECT_IND and REJECT_EXT_IND.
This is a regression in commit 79cb615770 ("Bluetooth:
controller: split: Port Enc setup to be queueable")
Relates to #18578.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
When val1 is 0, we need to handle a negative val2 value so that we
generate correct TLV value.
Example: val1 = 0, val2 = -500000 is equivalent to -0.5 decimal.
Currently we generate: 0.5 (losing the sign).
Fixes: https://github.com/zephyrproject-rtos/zephyr/issues/16154
Signed-off-by: Michael Scott <mike@foundries.io>
Current JSON formatting for float32/64 is broken in a similar way as
plain text. Let's use the newly fixed logic for plain text to
generate the float32/64 values in the JSON string.
Fixes: https://github.com/zephyrproject-rtos/zephyr/issues/16154
Signed-off-by: Michael Scott <mike@foundries.io>
We can use the plain text float32/64 formatter for JSON as well, so
let's expose the put_float32/64 functions.
Signed-off-by: Michael Scott <mike@foundries.io>
Formatting a float32/64 value for plain text is broken.
Example for 32bit: val1=0 and val2=500000 is equivalent to 0.5
Current formatter was using %d.%d (%lld.%lld for 64bit) so
exported value was 0.500000 (or 0.5)
To fix this, for val2 use a zero-padded formatter for the maximum
length of each bit length (6 for 32bit and 9 for 64bit), and then
remove the zero characters at the end of the string.
Notes re: handling of val1/val2 signs:
- eliminate potential negative sign when converting val2 to avoid:
a value like: 0.-5
- use negative val2 when val1 is 0 to fix small negative handling
such as -0.5
Fixes: https://github.com/zephyrproject-rtos/zephyr/issues/16154
Signed-off-by: Michael Scott <mike@foundries.io>
This commit adds basic userspace support to the logging subsystem.
With this change, the following API could be called from user mode:
- LOG_*()
- LOG_INST_*(),
- LOG_HEXDUMP_*(),
- LOG_HEXDUMP_INST_*(),
- LOG_PANIC(), LOG_PROCESS(),
- log_printk(), log_generic(), log_buffrered_cnt(),
- log_filter_set(NULL, ...)
With userspace disabled, the logger behavior and performance
is not affected. With userspace enabled, the calls from kernel
space have an additional overhead introduced by _is_user_context().
The logger behavior changes when it is called from the user context.
All strings logged using LOG_*() and LOG_INST_*() API from userspace
are rendered in place for security reasons and then placed in
log_strdup() memory pool, which should be large enough to hold bursts
of log messages.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Signed-off-by: Piotr Zięcik <piotr.ziecik@nordicsemi.no>
if base64_decode function returns error, function can't continue
otherwise a fatal error will cause the thread to spin, putting the
system into an unrecoverable state
Signed-off-by: Faisal Saleem <faisal.saleem@setec.com.au>
Do not try to memcpy() the same buffer to itself.
This one also reverts commit 112ecb7290
("net: gptp: Fix for coverity CIDs 203471 and 203464") as that
did not fully fix the issue.
Coverity-CID: 203464
Coverity-CID: 203471
Fixes#18394
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Fix the controller implementation to handle data packet
enqueue being pause on Encryption Request be done early in
the ULL when enqueueing packets towards LLL.
Fixes#18645.
Signed-off-by: Vinayak Kariappa Chettimada <vinayak.chettimada@gmail.com>
Rename AUTHENTICATION, to AUTH, since this is a well established short
form of the word.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename bt_conn_security to bt_conn_set_security, this makes the API
naming more consistent.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename security level enum, using level and number instead of low,
medium, high and fips.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Make sure that the extension, like HBHO, sub-option length is
not too large.
Fixes#16323
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
A security vulnerability in the Bluetooth BR/EDR Bluetooth Core
specification versions 1.0 through 5.1 has been identified as
CVE-2019-9506. The Bluetooth BR/EDR encryption key negotiation
protocol is vulnerable to packet injection that could allow an
unauthenticated user to decrease the size of the entropy of the
encryption key, potentially causing information disclosure and/or
escalation of privileges via adjacent access. There is not currently
any knowledge of this being exploited.
From Core spec erratum 11838:
A device shall enforce an encryption key with at least 128-bit
equivalent strength for all services that require Security Mode 4,
Level 4. For all other services that require encryption, a device
should enforce an encryption key with at least 56-bit equivalent
strength, irrespective of whether the remote device supports Secure
Simple Pairing.
After encryption has been enabled, the Host should check the
encryption key size using either the HCI_Read_Encryption_Key_Size
command (see [Vol 2] Part E, Section 7.5.7) or a vendor-specific
method.
Fixes#18658
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
In case sufficient security level wasn't reached the error propagation
was missing, which could lead to incorrect state transitions when
update_sec_level_br() returns. Return true/false and make sure to
abort any further operations in case the update fails.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The storage for the public key is pub_key in hci_core.c.
When the public key event is generated the public key is copied into
this buffer, but the pointer to the event storage of the key is given
in the public key ready callback (bt_smp_pkey_ready).
SMP expects that it is safe to assign a global pointer to this variable.
In smp_init bt_pub_key_get is used to get the pointer to the public key.
In both cases SMP assigns the le_sc_pub_key to the pointer given.
This creates an issue when bt_smp_pkey_ready callback occurs after
smp_init during pairing procedure, SMP will then have a pointer to an
event buffer that has been released and contains invalid data.
Fixes: #18580
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Increase temporary buffer size to 8 bytes in fcb_append to prevent
stack overflow in case flash alignment is bigger then 2 bytes.
Signed-off-by: Jan Van Winkel <jan.van_winkel@dxplore.eu>
