The runtime filters (both aggregated and per-backend) are all getting
initialized to the default level CONFIG_LOG_DEFAULT_LEVEL. This is not
correct behavior: the initial runtime setting for each source ID
should match its compile-time level setting.
Otherwise, setting CONFIG_LOG_RUNTIME_FILTERING=y changes the logging
behavior for messages that pass the compile time filter check, but not
the runtime check (this currently happens when LOG_LEVEL=4, since
CONFIG_LOG_DEFAULT_LEVEL=3).
Fix this by initializing all filters to their module's compile time
settings. Also make sure that filters are set up before backends are
activated, to avoid race conditions.
Fix a stray documentation typo while we are here.
Signed-off-by: Marti Bolivar <marti@foundries.io>
Settings consider the character space the end of the value, so instead
encode the name using settings_str_from_bytes and restore it with
settings_bytes_from_str.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When compiling with the native_posix console, the prototype
for posix_flush_stdout() was missing => added.
Signed-off-by: Alberto Escolar Piedras <alpi@oticon.com>
The dummy L2 does not setup the link layer address. Do not check the
source and destination link layer addresses when routing packets
otherwise packet routing will not work when using a dummy L2.
Signed-off-by: Florian Vaussard <florian.vaussard@gmail.com>
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Unspecified address 0.0.0.0 was used as a requested IPv4 address
because the ARP message was generated second time. So for IPv4
autoconf ARP message, generate the message only once.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Allows ethernet drivers to provide vendor specific statistics
and details in the form of key-value pairs with the name of
the staticstic and its value.
The new string tables will be behind a new config:
NET_STATISTICS_ETHERNET_VENDOR
Suggested-by: Jukka Rissanen <jukka.rissanen@intel.com>
Signed-off-by: Jonathan Yong <jonathan.yong@intel.com>
If a disconnection callback was registered, it is not called
as the check done in net_app is reversed. The disconnection callback
is not called if there are any inactive contexts.
The check should be on any active context.
Signed-off-by: Philémon Jaermann <p.jaermann@gmail.com>
Normally App Keys are identified using the AppKey Index value (a 12
bit value in practice), whereas the stack-internal array index has
very little relevance.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When we receive a security request we need to make sure that any
existing keys contain an LTK to encrypt with. Otherwise there's a risk
of trying to encrypt with an all-zeroes LTK.
Fixes#3221
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Added implementation to check and wait for stable 32KHz
clock source before starting connectable/directed
advertising state and initiating state.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fixed the implementation to generate command status as per
Bluetooth v5.0 specification instead of the incorrect
command complete that was generated before.
Also, the unsupported features status will be generated
before the invalid parameters status.
Relates to commit 258c7ccff1 ("Bluetooth: controller: Fix
HCI LE Set PHY invalid behavior check")
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
- Remove redundant 'n' defaults. 'n' is the default value for bool
symbols.
This makes the auto-generated documentation clearer as well: You get
"implicitly defaults to n" instead of
"- n if <propagated dependencies>".
- Shorten
<type>
prompt "foo"
to
<type> "foo"
This works for all types, not just bool.
- Various formatting nits.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Add a callback struct with only the pairing_confirm authentication
method. This is useful both for just-works testing as well as the
recently added fixed passkey support.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add a new bt_passkey_set() API that can be used to set a fixed passkey
to be used for pairing. The new API also requires a new Kconfig option
to be enabled first (CONFIG_BT_FIXED_PASSKEY).
Fixes#8350
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The code was not doing the right thing when we as peripheral would
send a security request to the central. First of all, the SEQ_REQ flag
was getting cleared by the pairing request handler, resulting in
pairing_confirm() callbacks for no reason. Secondly, the behavior in
encrypt_change() was not utilizing the smp_reset() helper as it should
have done.
Fix the situation by calling smp_init() when sending a security
request, and detect that this has been done when receiving a pairing
request. Also do the appropriate cleanup if the result is an encrypt
change instead of a pairing request (in case we were already paired
with the peer).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The smp pointer is the return value of CONTAINER_OF() which is
guaranteed to always be non-NULL.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Provide proper documentation for all of the authentication callbacks,
and clarify the usage of the cancel callback. Previously the cancel
callback was always required, even though that doesn't necessarily
make sense now that the pairing_complete/failed callbacks exist.
Fixes#8385
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There are too many individual requests for Qav related parameters. There
are more Qav parameters that need to be supported (and will be supported
soon - both on the GET and SET side). Handling it the way it was handled
so far would render the eth mgmt API dominated by Qav parameters. That
would make the file hard to read and understand.
Instead of that - use a single GET and SET requests for all Qav
parameters. This works by adding a separate enum with Qav request type
to the ethernet_qav_param struct.
Additionally this approach makes it much easier to document it all since
we now have just a single request and documentation comments in the
ethernet_qav_param struct.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
Print information about supported hardware capabilities for
ethernet interfaces when executing "net iface" command.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If ethernet mgmt is enabled and the driver supports priority queues,
show info about them including the Qav status
(enabled/disabled/unsupported).
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
Add calls responsible for getting and setting on/off status of Qav on
capable priority queues.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
Add basic IPv4 Link Local support as described in RFC 3927.
Signed-off-by: Matthias Boesl <matthias.boesl@gmail.com>
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Whoever added Zephyr's prefer-later-defaults Kconfig patch originally
didn't do the same for 'range's. Earlier ranges are still preferred.
Swap the ranges on BT_RFCOMM_L2CAP_MTU to give the intended behavior.
Fixes the following warning for tests/bluetooth/shell/prj_br.conf:
warning: default value 200 on BT_RFCOMM_L2CAP_MTU (defined at
subsys/bluetooth/host/Kconfig:508) clamped to 264 due to being outside
the active range ([264, 32767])
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Essentially all products that support pairing or Mesh need to be able
to support ECC. This is particularly important for traditional
peripheral/central use cases where legacy pairing is considered
insecure. With split builds we don't know if the controller supports
ECC HCI commands or not, however with a combined build we know that
the current controller lacks any special ECC support, so enable
TINYCRYPT_ECC by default for such a configuration.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
OpenThread L2 could've called multicast address registration multiple
times for specific address, which resulted in having multiple entries
containing the same multicast IPv6 address in Zephyr.
Checking if address was already registered prevents that.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
No need to keep technologies in main L2 directory so for consistency
create a directory for each of them and place each L2 component to
relevant L2 directory.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The SMP_FLAG_ENC_PENDING flag indicates that we've generated an STK
and are waiting for encryption to happen. In case the remote enables
encryption prematurely we should not try to encrypt with whatever is
stored in smp->tk, rather reject the pairing attempt.
Fixes#3222
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The recently added pairing_complete & pairing_failed callbacks
were missing a NULL-check for bt_auth, since it is possible that
there's no authentication callback structure registered at all.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This makes use of the get_config callback added to the Ethernet API.
For now the only parameter to get is the number of available priority
queues.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
hci-cmd can be used to inject an arbritrary HCI command which can be
useful when testing vendor/new commands.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
commit 9b6ad4067b introduced some minor
coding style issues related to line splitting. Fix these.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Added two new callbacks for Bluetooth stack to notify
the application that pairing has been completed or failed.
fixes: #8390
Signed-off-by: Jun Li <jun.r.li@intel.com>
This reduces memory overhead on net_if_dhcpv4: 16 bytes vs 120 bytes
before. This might proove to be beneficial when there are many network
interface.
dhcpv4 ROM consumption is now 2132 bytes vs 4224 (many switches removed)
Fixes#8727
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Empty line before if (unless test uses previous line assignment) and
after } (unless it's another } ...)
Indentation fixed as well.
Fixes#8727
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
- Pre-assigned are always coming first.
- Always declare at the beginning of a code block
Fixes#8727
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Add write only TLS secure option to set peer verification level for
TLS connection.
This option accepts an integer with a peer verification
level, compatible with mbedtls values (0 - none, 1 - optional, 2 -
required.
By default, socket mimics mebdTLS behavior - (none for server, required
for client).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add TLS secure socket option to read a ciphersuite chosen during TLS
handshake. Might be useful during development.
This is a read-only option that returns an integer containing an
IANA assigned ciphersuite identifier of chosen ciphersuite.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add TLS secure socket option that enables to narrow list of ciphersuites
available for TLS connection.
This option accepts an array of integers with IANA assigned ciphersuite
identifiers and returns such.
By default, every statically configured ciphersuite is available for a
socket and getsockopt returns an array of these.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add write-only TLS secure socket option to set hostname.
This option accepts a string containing the hostname. May be NULL, to
disable hostname verification.
By default, an empty string is set as a hostname for TLS clients,
to enforce hostname verification in mbedTLS.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add TLS secure socket option to select TLS credentials to use.
This option accepts and returns an array of sec_tag_t that indicate
which TLS credentials should be used with specific socket.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
