Enclose default LLEXT heap section placements with
!CONFIG_LLEXT_CUSTOM_HEAP_PLACEMENT. Users who want to
write a custom linker script can include files like
snippets-noinit.ld, common-noinit.ld or the SOC linker
scripts without including the default LLEXT heap
section placements.
Signed-off-by: Lauren Murphy <lauren.murphy@intel.com>
Moved the TCP header validation in tcp_recv() before the connection
lookup to prevent processing malformed packets and improve efficiency.
Signed-off-by: Nikhil Namjoshi <nikhilnamjoshi@google.com>
Inverted the condition in tcp_input() to correctly process
valid packets and drop invalid ones.
Signed-off-by: Nikhil Namjoshi <nikhilnamjoshi@google.com>
Reduce scope of restriction that
CONFIG_LLEXT_HEAP_MEMBLK_BLOCK_SIZE be a multiple
of LLEXT_PAGE_SIZE to apply only when CONFIG_MMU
or CONFIG_MPU are enabled.
Referring to llext_copy_region in llext_mem.c, we
see that allocations only need to be sized / aligned
to LLEXT_PAGE_SIZE when MMU or MPU is enabled.
Signed-off-by: Lauren Murphy <lauren.murphy@intel.com>
Add an optional function to connectivity bindings that communicates
whether the binding has the configuration it needs in order to attempt
a connection. This is then used by the connectivity API for
non-persistent interfaces to determine whether it makes sense for the
interface to be powered up.
Signed-off-by: Jordan Yates <jordan@embeint.com>
Move header for IEEE 802.15.4-2020 constants from subsystem
location to common for usage by 15.4 radio device drivers.
Signed-off-by: David Boullie <David.Boullie@silabs.com>
shell_vfprintf can block on k_event_wait when the TX ring buffer is full.
Calling it from a non-yieldable context (ISR, spinlock, pre-kernel)
causes a deadlock.
Add a k_can_yield() check in shell_vfprintf as both an assert for debug
builds and a runtime guard that silently drops the output when called
from a context that cannot yield, preventing the deadlock regardless
of whether asserts are enabled.
Fixes: #103954
Signed-off-by: Jakub Rzeszutko <jakub.rzeszutko@verkada.com>
For a busy wait needed only for simulation we can use the Z_SPIN_DELAY
macro which is more compact and does nothing in real targets.
For the ecb test, we do not need to treat simulated HW differently than
real HW.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
For P2P connect set frequency default value as 0.
Let wpa_supplicant choose channel. User can override with -f option.
Signed-off-by: Kapil Bhatt <kapil.bhatt@nordicsemi.no>
When a client subscribes to Service Changed CCC before bonding
and privacy is enabled, the SC config is initially stored under
the peer's RPA. On reconnection with a new RPA, sc_restore()
looks up the config by identity address and fails to find it,
so the SC indication is never delivered.
Re-key the SC config entry from the RPA to the resolved identity
address in bt_gatt_identity_resolved(), matching the existing
re-keying logic for CCC and CF configs in the same callback.
If a separate entry already exists under the identity address,
merge the attribute handle ranges and remove the duplicate.
Signed-off-by: Håvard Reierstad <haavard.reierstad@nordicsemi.no>
Co-authored-by: Einar Thorsrud <einar.thorsrud@nordicsemi.no>
Adds an assert to the `update_range` function in gatt.c to verify
that the start handle is not larger than the end handle.
Signed-off-by: Håvard Reierstad <haavard.reierstad@nordicsemi.no>
Modify the behavior of update_recv_state_big_cleared to follow
what the current BASS test specification and PTS expects to pass
test cases related to bad broadcast codes. There are open
errata for this behavior to properly define it, but until then
we should follow what the qualification tests expect.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
At some point CONFIG_LOG_FRONTEND_STMESP_EARLY_BUF_SIZE default value
was set to 0 on cpuapp. It meant that log entries which happend before
STM and Coresight initialization were lost. Add buffer which is used
to store those logs.
Signed-off-by: Krzysztof Chruściński <krzysztof.chruscinski@nordicsemi.no>
Add input validation for PSK and SAE password length in wifi_ap_enable().
Invalid lengths could trigger driver-side assertions during AP startup.
Return -EINVAL when parameters are out of range instead of letting the
AP enable flow proceed.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Add validation to ensure the indicator index is within the valid range
of the ind_table array before accessing it in cind_handle_values().
Without this check, an out-of-bounds index could lead to buffer overrun
when the index is used to access hf->ind_table array elements later in
the function.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
To ensure correctness and to avoid any race conditions,
atomic_test_and_set_bit should be use instead of a atomic_test_bit
followed by an atomic_set_bit.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
add_bonded_addr_to_client_list returned after adding the address of
`info->addr` once, which mean that only the first svc_inst got updated
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Before config flags were introduced to `bt_keys`, the `keys_set`
allowed loading previously stored keys after disabling support for
Bluetooth LE legacy pairing or signing during DFU (only beginning of the
settings record was used after the DFU).
Introducing version field prevents from loading keys in this scenario.
Settings records that contain extra data are not migrated to the new
format during the settings load operation and eventually are cleared.
Change allows to automatically migrate `bt_keys` stored with extra data
to the new format in the most common scenario where both legacy pairing
and signing support are disabled. This allows to still properly load and
use the keys.
Signed-off-by: Marek Pieta <Marek.Pieta@nordicsemi.no>
Improve error handling for L2CAP BR/EDR signaling buffer allocation
failures by introducing a fallback mechanism and proper cleanup paths.
Add l2cap_br_create_pdu() helper function that attempts to allocate
from the specified pool with a timeout, and falls back to the default
pool if allocation fails. This prevents system hangs when the BR/EDR
signaling buffer pool is exhausted.
Update all bt_l2cap_create_pdu() call sites to use the new helper with
appropriate timeouts (K_FOREVER for requests, specific timeouts for
responses). Add error handling to properly disconnect channels or clean
up resources when buffer allocation fails.
Introduce l2cap_br_chan_disconn() helper to centralize channel
disconnection logic, ensuring proper cleanup when disconnect requests
cannot be sent.
Change br_sig_pool user data size from hardcoded 8 bytes to
CONFIG_BT_CONN_TX_USER_DATA_SIZE for consistency with other buffer
pools.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
When an ISO channel is established, we now log all the
information we receive from the controller for that
specific channel.
This can be useful in debugging and determining certain
behaviors.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
The HAL has now a function to set the each GRTC group interrupt mask
Let's use it, fixing this old FIXME.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Fixed issue where an aborted CAP commander procedure would
never get past bt_cap_common_proc_all_handled and thus never
call the callback with an error, e.g. if the remote CAP
Acceptor rejects a request.
The fix required a significant refactor of the broadcast
part of the CAP commander, as it was fundamentally flawed.
The biggest change is that the implementation now uses both
the receive state notification as well as the write responses
to determine completeneess. Additionally, it also handles
notifications not initiated from our write requests, i.e.
it is now more similar to an event based procedure rather
than a linear one. This also means that when the callbacks
for the start and stop procedures are now called, we have
receive the events (notifications) from the remote CAP
acceptors that they are actually synced (or not synced) to
the broadcasts.
Since the broadcast reception start and stop now waits
for the receive state to be updated, a change in the
Handover implementation was also done.
To test the solution 2 new test cases were added,
and the existing tests were modified to allow for the
new expected behavior.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
In the http client, the body of 5xx was skipped, leading to a parse error
in the http parser when it reaches the body.
Signed-off-by: Arthur Gay <arthur.gay@marshmallow.kids>
If CMUX is not yet connected, or is doing a disconnection,
we should not accept any traffic into pipes.
Block the traffic by replacing the !cmux->attached test with
a runtime test is_connected() that compare states as well.
Rename previous is_connected() to is_active() as it was used
on runtime power management checks.
One exception to rule is pipe->open(), which should be allowed
to be called same time as CMUX connection is initiated.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
When the CMUX control channel is closed, CMUX is shut down and
all pipes should be in closed state too.
Notify all modules of this by calling modem_cmux_dlci_pipes_release()
when disconnecting.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
In certain configurations there could be a warning due to potential
use of uninitialized variable. Add initialization.
Signed-off-by: Krzysztof Chruściński <krzysztof.chruscinski@nordicsemi.no>
Avoid accessing the packet after sending it, as the driver may
have already unreferenced or freed it. Use iface argument instead
of calling net_pkt_iface() on a potentially freed packet when
updating packet statistics.
Signed-off-by: Tim Pambor <tim.pambor@codewrights.de>
Avoid accessing the packet after sending it, as the driver may
have already unreferenced or freed it. Store the iface before
sending instead of calling net_pkt_iface() on a potentially
freed packet when updating packet statistics.
Signed-off-by: Tim Pambor <tim.pambor@codewrights.de>
Avoid accessing the packet after sending it, as the driver may
have already unreferenced or freed it. Store the iface before
sending instead of calling net_pkt_iface() on a potentially
freed packet when updating packet statistics.
Signed-off-by: Tim Pambor <tim.pambor@codewrights.de>
Avoid accessing the packet after sending it, as the driver may
have already unreferenced or freed it. Store the iface before
sending instead of calling net_pkt_iface() on a potentially
freed packet when updating packet statistics.
Signed-off-by: Tim Pambor <tim.pambor@codewrights.de>
Avoid accessing the packet after sending it, as the driver may
have already unreferenced or freed it. Store the iface before
sending instead of calling net_pkt_iface() on a potentially
freed packet when updating packet statistics.
Signed-off-by: Tim Pambor <tim.pambor@codewrights.de>
Fixes an issue whereby a write might have partially been successful
but failed due to insufficient space in the storage device by
re-attempting the write again with the offset, and if it still
fails, return an error
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
If a Remove Source request is received while the IUT is in PA sync
states INFO_REQ or SYNCED, the request is rejected and the source
is not removed.
Signed-off-by: Alex Ciascai <alexandru.ciascai@nordicsemi.no>
Add Kconfig options to control where RTIO SQEs and the RTIO block pool
are allocated: default RAM, DTCM, or a Zephyr nocache region.
This improves robustness and performance for DMA-heavy RTIO users:
- Avoids D-cache coherency pitfalls (especially with tiny DMA buffers).
- Enables using DTCM for lower-latency RTIO queue and pool access.
Signed-off-by: Peter van der Perk <peter.vanderperk@nxp.com>
Comparisons only triggered on comma, leaving the last entry unchecked,
and start_idx was never advanced after each delimiter, making all
subsequent length calculations wrong.
Fix by updating start_idx and uri_scheme_cand on each comma, then
adding a post-loop check for the final entry.
Fixes#105073
Signed-off-by: Hanliang Xu <leonxu2004@outlook.com>
encode_be32() is only used in some configurations.
Let's mark it as possibly unused so the compiler does not warn us about
it
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Commit b9d3344fd4 introduced this static
helper function that is effectively unused and makes clang unhappy.
Signed-off-by: Benjamin Cabé <benjamin@zephyrproject.org>
On architectures with strict alignment (RISC-V, ARM Cortex-M0),
multi-domain logging can trigger a Load/Store Address Misaligned
exception. This occurs when z_log_msg_enqueue receives a data
pointer from an IPC transport that is not word-aligned.
This commit reorders the operations to perform the memcpy into
the aligned internal buffer before accessing any struct members.
Signed-off-by: Syed Syed <syeds@amd.com>
When credit-based flow control (CFC) is supported, reduce the MTU by
one byte to account for the credits field in RFCOMM frames. This
prevents the SDU length from exceeding the maximum frame size when
the credits field is included in the frame.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Replace custom RFCOMM CRC table and calculation with the generic CRC8
implementation from zephyr/sys/crc.h. This reduces code duplication and
improves maintainability. Also, it will reduce the flash footprint by
about 300 bytes.
The RFCOMM FCS calculation uses CRC-8 with polynomial 0x07, reflected
input/output, and initial value 0xff, which matches the definition of
the specification GSM 07.10.
Also simplify rfcomm_check_fcs() to reuse rfcomm_calc_fcs() and compare
the calculated FCS with the received value directly. It is consistent
with the following logic:
o Calculate the CRC,
o CRC = crctable[CRC^"received FCS"],
o if the CRC equals to 0xcf.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Use atomic_set_bit() instead of atomic_test_bit() in
set_call_incoming_flag().
atomic_test_bit() is read-only, so the previous code did not update
INCOMING_3WAY/OUTGOING_3WAY flags when call_count > 1.
Signed-off-by: Yuheng Li <liyuheng@xiaomi.com>
Turn the hardcoded TLS_SETTINGS_PREFIX into a Kconfig symbol
CONFIG_NET_SOCKETS_TLS_SESSION_CACHE_PERSISTENT_PREFIX so users
can choose a different settings key prefix if needed.
Signed-off-by: Rithic Chellaram Hariharan <gr8rithic@gmail.com>
Add persistent TLS/DTLS session cache support using the settings
subsystem. Sessions are saved after each successful handshake and
restored during tls_init(), enabling session resumption across
device reboots without a full handshake.
Backend-agnostic: works with any settings backend (NVS, ZMS, FCB,
filesystem).
Signed-off-by: Rithic Chellaram Hariharan <gr8rithic@gmail.com>
Support controlling mdm-dtr-gpios in uart_isr, same as it is already
supported in uart_async and uart_async_hwfc.
Signed-off-by: Marcin Niestroj <m.niestroj@emb.dev>
Added support for TLSv1.3 to the OCPP subsystem by enabling
TLS secure sockets. This allows secure WebSocket
connections over TLSv1.3 during OCPP communication.
Signed-off-by: Sanjay Vallimanalan <sanjay@linumiz.com>
Convert the RFCOMM DLC (Data Link Connection) management from a manual
linked list implementation using _next pointers to use Zephyr's
sys_slist API. This change improves code maintainability and safety by
using the standard list handling primitives.
Key changes:
- Replace bt_rfcomm_dlc._next with sys_snode_t _node for list handling
- Convert bt_rfcomm_session.dlcs from pointer to sys_slist_t
- Update rfcomm_dlcs_lookup_dlci() to use
SYS_SLIST_FOR_EACH_CONTAINER_SAFE
- Update rfcomm_dlcs_remove_dlci() to use
sys_slist_find_and_remove()
- Replace manual list traversal with sys_slist iterators throughout
- Initialize session DLC list with sys_slist_init() in
rfcomm_session_new()
- Use sys_slist_is_empty() instead of NULL pointer checks
- Use sys_slist_prepend() for adding DLCs to session
The conversion eliminates manual pointer manipulation and reduces the
risk of list corruption while maintaining the same functional behavior.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
