The bt_settings_encode_key() cannot know if the given path pointer is
on the stack or not, so the only safe way to pass it to the logger is
by using a log_strdup() call. Not doing this will likely cause
corrupted strings to show up in the log output.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
It is planned to deprecate SHELL_CREATE_STATIC_SUBCMD_SET macro
which is replaced by SHELL_STATIC_SUBCMD_SET_CREATE.
Additionally, removed irrelevant comments about alphabetical
ordering which is no longer needed.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Changed the order of Bluetooth callbacks. Now the connected callback is
received before CCC changed callbacks.
Signed-off-by: Kamil Piszczek <Kamil.Piszczek@nordicsemi.no>
In certain configurations, such as with MPU support enabled, the
consumption of the advertising thread has gone slightly up. In some
case it was seen to overflow by some 48 bytes. Let it always be 786,
like it was so far with CONFIG_BT_HOST_CRYPTO.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There are issues using lowercase min and max macros when compiling a C++
application with a third-party toolchain such as GNU ARM Embedded when
using some STL headers i.e. <chrono>.
This is because there are actual C++ functions called min and max
defined in some of the STL headers and these macros interfere with them.
By changing the macros to UPPERCASE, which is consistent with almost all
other pre-processor macros this naming conflict is avoided.
All files that use these macros have been updated.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
This adds BT_GATT_ENFORCE_CHANGE_UNAWARE option which when enable
returns -EAGAIN when notifying or indicating if the client is
change-unware to conform with following statement on the spec:
'BLUETOOTH CORE SPECIFICATION Version 5.1 | Vol 3, Part G page 2350:
Except for the Handle Value indication, the server shall not send
notifications and indications to such a client until it becomes
change-aware.'
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
BLUETOOTH CORE SPECIFICATION Version 5.1 | Vol 3, Part G page 2405:
'For clients with a trusted relationship, the characteristic value
shall be persistent across connections. For clients without a
trusted relationship the characteristic value shall be set to the
default value at each connection.'
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This implement Robust Caching which is mandatory when Database Hash and
Service changed Characteristics are supported.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This implements the Database Hash characteristic which generates a hash
with the contents of certain attributes. The generation of hash is
usually offloaded to the systemwq using a delayed work so that when
application register multiple services only one hash needs to be
calculated.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
The Client Supported Features characteristic is used by the client to
inform the server which features are supported by the client.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds BT_GATT_CACHING option which can be used to enable support
for Client Supported Features and Database Hash characteristics.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When optimizations are disabled more RAM is used and we get a stack
overflow on BT_HCI_TX_STACK_SIZE. To rectify this, increase the stack
size when CONFIG_NO_OPTIMIZATIONS.
This does not scale well, and will have to be replaced by a a more
general solution eventually, but in the mean time it follows the
existing best practice established by the GCOV infrastructure in
commit e908ea9aa5
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Translate HCI error codes to POSIX error codes in order to be able to
distinguish reason of connectable advertising start failure.
Signed-off-by: Filip Kubicz <filip.kubicz@nordicsemi.no>
The Bluetooth 5.1 specification was recently released, and has a new
version identifier (10) assigned to it in the Bluetooth Assigned
Numbers.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Convert the remaining places of the host stack where
net_buf_pull_mem() makes more sense than net_buf_pull().
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Take advantage of the new net_buf_pull_mem() API, and refactor the
events from long switch statements into (const) handler tables. This
helps reduce code size and makes it cheap to add proper checks/asserts
for having sufficient data in the buffers coming from the controller.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Sending a model publication message could fail e.g. if there are no
buffers available, however this doesn't mean that we should stop doing
periodic publishing indefinitely. When an error occurs, make sure to
call the publish_sent() function so that the periodic publishing timer
gets resubmitted if necessary.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
In some cases the Friendship & Low Power Node features aren't
available or feasible, however power saving is nevertheless required.
This patch introduces two new APIs to suspend and resume the Mesh
network. Currently, what this impacts is the LE scanning, the
ability to allocate new outgoing buffers, as well as the model
publishing, beacon and heartbeat timers.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Tracking of the BT_MESH_VALID flag and the PB-GATT state was rather
fragile. Add proper error returns to the various GATT service enable &
disable handlers, and toggle the BT_MESH_VALID flag in a single file
(main.c). Use the newly added error returns to ensure that we don't
re-enable PB-GATT if it wasn't already enabled from before.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There's already a flags member in the bt_mesh context, so take
advantage of that for any boolean members that have so far been
bit-fields. This should produce more efficient code, also for the
sequence number that's now its own u32_t.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Build fails in smp.c:3942 if BT_SMP_SELFTEST is enabled,
sign_test uses smp_sign_buf which only available for BT_SIGNING.
Signed-off-by: Johann Fischer <j.fischer@phytec.de>
This adds bt_gatt_write_response_cb works similarly to
bt_gatt_notify_cb which can take a callback to be called when the PDU
is considered transmitted over the air.
Note: This can also be used to disable the ATT flow control which would
blocks sending multiple commands without wainting their transmissions.
Fixes#11558
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
The current stack consumption with the H4 driver on qemu_x86 is as
follows with a change from 256 to 512:
usage 396 / 512 (77 %)
Increase the default for this configuration, as well as other similar
configurations. Set the fallback default to a higher value as well.
Fixes#12429
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The msg->prev_addr is already stored in frnd->clear.frnd, so there's
no need to have an extra stack variable for this (in the form of
prev_addr).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Currently, when handling a Friend Request message with `prev_addr` set,
we look up existing friend entry using `prev_addr` as the address.
However, `prev_addr` is the address of the requesting node's previous
friend, NOT the address of the requesting node itself. Therefore, we
should always look up existing friend entry using `rx->ctx.addr` as the
address.
Signed-off-by: Jiahao Li <reg@ljh.me>
This fixes usage of an uninitialized variable (to_store) as introduced
by commit bfad2a0.
Fixes#12314
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When using bt_gatt_discover with BT_GATT_DISCOVER_CHARACTERISTIC the
read callback would be set to bt_gatt_attr_read_chrc which would attempt
to access the next attribute which in this case would not be set since
the value attribute is no fetched by the discovery, the spec actually
omit the value handle saying it should always be the first attribute to
appear after the characteristic thus we can assume it to be handle + 1.
Fixes#12159
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Both "store" and "clear" are verbs, so putting them after each other
is just confusing. Use "clean" consistently when clearing settings
entries.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The code need to be align after introduction of stream codec to
setting serialization subsystem.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
The Code need to be align after introduction of stream codec to
setting serialization subsystem.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
1. Created new shell module: shell_help.
2. Simplified command handlers with new shell print macros.
3. Removed help functions from command handlers.
Signed-off-by: Jakub Rzeszutko <jakub.rzeszutko@nordicsemi.no>
Removing help "options" from shell API.
Currently SHELL_OPT macro is not used by users. What is more
commit: a89690d10f ignores possible options created in
command handler by the user. As a result they are not printed
in help message.
Second, currntly implemented "options" in command handlers options are
implemented without SHELL_OPT macro.
And last but not least this change will allow to implement
help handler in a way that user will not need to think about calling
functions printing help in a command handler.
Signed-off-by: Jakub Rzeszutko <jakub.rzeszutko@nordicsemi.no>
When we're acting as a Friend for an LPN, we need to consider all
elements of the LPN. The information of how many elements the LPN has
is provided in the Friend Request message, however until now the code
did not do anything with this information.
Fix the issue by tracking the number of elements for each LPN and
update the unicast address matching code to take this into account.
Fixes#11731
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There is not an easy way to relate an application's user_data to a
connection. One way is to save a pointer to bt_conn in the
application's user_data array upon connection establishment.
Each connection related callback function will have to loop for all
user_data and compare the saved pointer to the passed bt_conn
pointer. This is inefficient if there are many callback activations
during the connection.
This change makes the internal bt_conn mapping function accessible to
applications in conn.h. The function name is changed to
bt_conn_index() to clearly indicate that the function returns an
index of an array.
Add an ASSERT to catch illegal parameter.
Signed-off-by: Kim Sekkelund <ksek@oticon.com>
When removing a peer from a CCC, it also needs to be removed from
the attribute `cfg`.
Not removing it would create a shortage of `cfg` that could
prevent new host to pair to the BLE device.
Signed-off-by: Olivier Martin <olivier.martin@proglove.de>
CCC settings was not removed when unpairing all keys.
It means CCC settings were still present in flash and were
loading at bluetooth initialization time.
Loading these orphan CCC settings would fill `bt_gatt_ccc_cfg`
configurations and would prevent to add new CCC when pairing
with a new device.
Signed-off-by: Olivier Martin <olivier.martin@proglove.de>
Accourding to Bluetooth specification the Service Changed
Characteristic shall not have its handle changed once it has been
bonded, so this moves the GATT service to be the very first service
registered that way it is guaranteed that it won't change even if
device is flashed with a different configuration which end up changing
the handles after it.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
It is related to b904ad387f.
This fixes checking ECDH related events in event mask.
If ECDH support is disabled in host, there is no need to check
if those are supported in the controller.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Some backends may actually contain the same key multiple times so the
code needs to check if there is already a ccc_cfg for an address before
attempting to use one that is unallocated.
Fixes#11409
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
If there are no CCC to be stored the value should be set to NULL so it
is properly cleared otherwise calling settings_str_from_bytes will leave
str uninitialized which may cause a crash when attempting to load the
value.
Fixes#11564
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds Kconfig option to disable HCI ECDH support.
It will compile out ECDH related code, especially HCI event handlers.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This adds common option to disable support for LE Data Length Update
procedure in controller and host.
This will reduce flash usage by compiling out le_data_len_change
event handler that will never be called if controller has been
compiled with BT_CTLR_DATA_LENGTH option disabled.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This adds common option to disable support for PHY Update
procedure in controller and host.
This will reduce flash usage by compiling out le_phy_update_complete
event handler that will never be called if controller has been
compiled with BT_CTLR_PHY option disabled.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Logging subsystem could take few extra bytes when enabled.
ECC thread stack has been unconditionally increased to
support it.
During my test, I noticed a usage of 1052 bytes when logging
subsystem is enabled.
Signed-off-by: Olivier Martin <olivier.martin@proglove.de>
This makes it clear that only request need to set an opcode since they
require a error response in case it fails.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
The comment was suggesting that write callback was reading and storing
buffer when in fact it should write to the attribute value.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Application may need to handle the write differently depending on the
write operation so this adds a flag called BT_GATT_WRITE_FLAG_CMD which
can then be checked by the callback, for instance one can respond with
BT_ATT_ERR_WRITE_REQ_REJECTED when that flag is not set which should
indicate to the client to use write command instead.
Fixes#11206
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Consider invalid if the request pointer is NULL or the callback is NULL
or there is a request ongoing. This conditions would likely lead to a
crash and most likely there is some other bug involved like for example
the application queueing the same request multiple times.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When issuing LE Set Data Length Command host should not assume that
LE Data Length Change Event will be generated. From Core Spec 5.0:
"If the command causes the maximum transmission packet size or maximum
packet transmission time to change, an LE Data Length Change Event
shall be generated."
Change-Id: I17723b58ed4f390aa465db3f69126ee229871123
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
If master or application decided to switch connection parameters to
ones that meet pending parameters don't bother sending request
after 5 seconds timeout.
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
Experiments have shown that the probability of missing advertising
packets is significantly lower with 30ms scan window compared to 10ms
scan window. This is especially the case with advertisers using a 20ms
advertising interval, which in turn is perhaps the most common one
since it's the smallest allowed by the Bluetooth 5.0 specification.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
By default, CCC value is only stored to persistent memory during
BT disconnection. This commit adds an optional storing of CCC right
after it has been updated. This results in better robustness of
peripheral but increases system workqueue stack usage.
Signed-off-by: Filip Kubicz <filip.kubicz@nordicsemi.no>
Couple of findings which were revealed after changing
LOG_MODULE_REGISTER macro:
- missing semicolons after LOG_MODULE_REGISTER()
- missing LOG_LEVEL defines
- other
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
The endif comment block is for CONFIG_BT_FIXED_PASSKEY not
CONFIG_SMP_FIXED_PASSKEY. Fix the comment to match.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This makes mesh shell to register commands with the new shell subsystem
and stop using the legacy shell.
Fixes#11056
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
With multiple devices on auto-connect list it is possible that while
having pending connection to device A, device B disconnects. In that
case host should not try to start scan (currently controller doesn't
support concurrent scanning and initiating).
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
Fallback to L2CAP Connection Parameters Update Request if LL Connection
Update Request was rejected by remote device that has this marked as
supported in features. This can happen if procedure is supported only
by remote controller, but not enabled by host. This is connection
parameters update with iOS devices.
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
This will exclude GATT Client response handlers from compilation
if GATT Client support is disabled.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
k_poll_signal was being used by both, struct and function. Besides
this being extremely error prone it is also a MISRA-C violation.
Changing the function to contain a verb, since it performs an action
and the struct will be a noun. This pattern must be formalized and
followed and across the project.
MISRA-C rules 5.7 and 5.9
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Fix misspellings in Kconfig files that show up in the configuration
documentation (and make menuconfig screens).
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
In Bluetooth 5 the definition of LE security mode 1, has changed.
LE Security Mode 1 level 4 requires authenticated LE Secure Connections
pairing with encryption using a 128-bit strength encryption key.
This also changes the behaviour when a security request and response
would end up with a security level that is lower than the one requested.
Before pairing would complete, and the link would disconnect with error
authentication failure. Instead a SMP will abort pairing with error code
authentication requirement, or encryption key size.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This adds new API fuction to update running advertising data.
It will remove the need of advertising restarting.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Connection complete event with error code can be received only for
central role and can be compiled conditionally.
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
This adds support for returning various return codes from
the channel accept callback.
This is needed for implementation of incoming connection
authorization for certification purposes.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Rename connection response results to map those that are defined
for BR.
BR: BT_L2CAP_BR_*
LE: BT_L2CAP_LE_*
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Convert the monitor protocol to a proper logger backend. This also
means that our log.h headerfile gets greatly simplified.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Now that log processing happens in a separate thread, the
BT_STACK_EXTRA macro is not needed (since there's no significant
overhead), and therefore the BT_STACK macros become unnecessary as
well.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Mkae sure that variable pointed by params is valid when passing it
as function argument.
Fixes#10587
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
Improve the error feedback when calling bt_le_adv_start and inputting
too much data in the advertisement.
Error feedback before:
Bluetooth initialized
Advertising failed to start (err -22)
Error feedback after:
Bluetooth initialized
[bt] [ERR] set_ad: Advertising data does not fit in buffer
Advertising failed to start (err -22)
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Add option to disable legacy pairing and only use secure connection.
If legacy pairing was requested pairing will be denied with status
insufficient authenticated
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This commit adds missed const modifier for addr pointer for
bt_le_set_auto_conn function
Signed-off-by: Radoslaw Koppel <radoslaw.koppel@nordicsemi.no>
bt_conn_disconnect removes device from autoconnect list and thus
should not be called from le_conn_update when timeouting pending
connection. Also auto connect flag needs to be check on connection
failure to make sure scan is restarted.
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
Auto connect code reuses bt_conn object and connection code was assuming
object was cleared which resulted in invalid code being provided to
application. Fix that by explicitly setting error code to 0 on
successful connection.
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
Depending on perhiperal advertising interval 3 seconds might not be
enough and would result in cancelling pending connection. Make this
Kconfig configurable and let application to decide.
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
Under GNU C, sizeof(void) = 1. This commit merely makes it explicit u8.
Pointer arithmetics over void types is:
* A GNU C extension
* Not supported by Clang
* Illegal across all ISO C standards
See also: https://gcc.gnu.org/onlinedocs/gcc/Pointer-Arith.html
Signed-off-by: Mark Ruvald Pedersen <mped@oticon.com>
Applications may require different scan windows and interval depending
on expected re-connection time or peer devices advertising parameters.
Default to GAP recommended slow values.
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
The address of the device is also set via HCI interface when passive
scanning is used. As a result, LL does not filter out directed
advertising packets that are targeted at this device.
Signed-off-by: Kamil Piszczek <Kamil.Piszczek@nordicsemi.no>
This allows to configure desired parameters for peripheral. When set
PPCP characteristic is also added to GAP service. If disabled it is
up to application to controll connection parameters and stack will
only enforce 5 seconds delay before update.
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
This fixes a few issues with the handling of Connection Parameter
update in the Host:
- starting conn param update timer as master
- ignoring 5 seconds slave timer when calling bt_conn_le_param_update
- starting conn param update timer on every PHY update
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
So far the stack hasn't provided any way for the application to access
the existing bonds. This patch adds such an API.
Fixes#10122
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This uses net_buf_append_bytes to reassemble the SDU segments instead of
doing it manually.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
If the remote stack is not able to fully utilize each segment it is
possible it would run out of credits before completing the SDU, these
changes detects if that would happen and attempt to restore enough
credits for the SDU to be received.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This simplify the logic of restoring the credits after each SDU instead
of using an arbitrary threshold which was not configurable per channel.
Because the credits are restored only when the full SDU has been
reassembled it means the channels needs to be set up with enough for
the configured MTU otherwise there is a risk of the channel to run out
of RX credits before the packet is fully reassembled, because of such
corner case the code will now warn if a channel is setup with not enough
init_credits.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds a int return to recv callback which can be used to notify the
stack about errors when receiving a packet. In addition to that the user
can return -EINPROGRESS to inform the stack the data will be processed
asynchronously which can be complete by calling
bt_l2cap_chan_recv_complete.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When activating SystemView internal kernel header files will be
included. This causes a name conflict with smp_init in smp.c
and smp_init in kernel_internal.h
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This fix ensures that the handle range used for next GATT discovery is
always inclusive. Previously, the discovery procedure could not be
started with equal value of start and end handle.
Signed-off-by: Kamil Piszczek <Kamil.Piszczek@nordicsemi.no>
The current method relies heavily on the linker/compiler to
do the correct operation. Which is to eliminate the code that will
never get called. This posses a problem if the build even changes
by a smallest fraction.
The current patch will enforce proper inclusion of the code at the
pre-processing stage. Thereby not relying on the compiler/linker to
do the right thing.
Signed-off-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
New shell implementation is on the way. For now old one and all
references are kept to be gradually replaced by new shell.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Add functionality for setting the host channel classification in
the controller using the HCI command.
This closes issue #9851
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When running combined build on nRF5 with disabled VS command it is
possible to simply read static random address from FICR in host.
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
This adds a function that will disable Bonding flag in
Authentication Requirements flag in SMP Pairing Request/Response.
This is needed for qualification purposes.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This will exclude testing Mesh related code from build if BT_MESH
option in Kconfig is not set.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This makes bt_gatt_discover perform discover all proceduce if no UUID
is given in the parameters.
Fixes#9713
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Long write procedure currently requires BT_GATT_PERM_PREPARE_WRITE to
be set otherwise the prepares would fail. This changes the behavior so
that BT_GATT_PERM_PREPARE_WRITE enables checking each prepare chunk
skipping it otherwise.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
None of the data for the CEP, CUD and CPF descriptors needs to be
modified by the stack at runtime. Make it possible to pass constant
data to the descriptor macros, and make sure the descriptor handlers
cast the data back to be a constant.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The req variable in smp_pairing_failed() does get used, so
ARG_UNUSED() is inappropriate for it.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Just like we set the address for an identity without depending on the
BT_DEV_READY flag, we should do the same for the IRK. Otherwise we
risk getting an all-zeroes IRK. Remove the condition and always set
the IRK value whenever CONFIG_BT_PRIVACY is enabled.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The code creating identities from the Read_Static_Addresses vendor
command was failing to create matching IRKs, resulting in an
all-zeroes IRK to be used. Fix this by using the existing id_create()
function which takes care of generaing an IRK when necessary.
Fixes#10003
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
A subsequent patch will make bt_setup_id_addr() depend on id_create()
which was so far lower down in the hci_core.c c-file. Move
bt_setup_id_addr() further down to avoid a forward declaration.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There are some cases where atomic_and/or don't need to be
checked. Actively acknowledge these cases.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
The return of memset is never checked. This patch explicitly ignore
the return to avoid MISRA-C violations.
The only directory excluded directory was ext/* since it contains
only imported code.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This changed added notification complete callback which
gives information if a given notification has been sent.
Signed-off-by: Kamil Gawor <Kamil.Gawor@nordicsemi.no>
Added implementation to the directed advertising API in the Connection
Management module. Introduced a new connection state for this type of
advertising. The new state is symmetric to the connection state used for
scanning.
Added a new advertising option that can be used to trigger low and high
duty directed advertising. Added macros for default values of
Advertising Parameters, which are used to trigger directed advertising.
Signed-off-by: Kamil Piszczek <Kamil.Piszczek@nordicsemi.no>
This adds Central Address Resolution characteristic that is required
to check by peer if it's about to send directed advertisements where
initiator address is set to RPA.
Zephyr supports the Address Resolution, so the characteristic value
is hard-coded.
Please check Core 5.0 Vol 3 Part C 12.4 CENTRAL ADDRESS RESOLUTION
Related PTS test case: GAP/CONN/ACEP/BV-03-C
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This ensures the core services are always registered first and the
gatt_sc work is initialized.
Fixes#9785
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
The test for IS_ENABLED(BT_SETTINGS) in mod_reset()
should be IS_ENABLED(CONFIG_BT_SETTINGS).
Signed-off-by: David Leach <david.leach@nxp.com>
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
The ordering of items in flash is not guaranteed, so it's possible we
get an App Key before the corresponding Net Key. Remove the check for
a Net Key, since the storing code should never store an App Key if
there is no corresponding Net Key.
Fixes#9670
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The code in le_set_private_addr() was hardcoding identity 0, even
though it is given a specific identity as an input parameter.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
If cfg_changed has not been set consider that the application don't
care and just skip it.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
PTS version 7.3.0 incorporates some errata which change the expected
behavior of the heartbeat subscription state. Update the code so that
the following tests pass successfully:
MESH/NODE/CFG/HBS/BV-01
MESH/NODE/CFG/HBS/BV-02
MESH/NODE/CFG/HBS/BV-03
MESH/NODE/CFG/HBS/BV-04
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Some things, such as UUID, URI or even the local name may be different
when bt_mesh_prov_enable() is called compared to when bt_mesh_init()
was called. Create the advertising data on-demand each time when
enabling PB-GATT.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
In some cases the application might only initialize its UUID after
calling bt_mesh_init(), e.g. in the case of deriving the UUID from the
identity address. To avoid confusing logs, only print the UUID when
actually enabling one of the provisioing bearers.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This API makes it possible to delete an existing identity and to flag
its storage slot as unused.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Make sure the application doesn't pass existing identity addresses to
bt_id_create() and bt_id_reset(). Also make sure we don't accidentally
create a duplicate when generating random identity addresses.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add a new API which can be used to reclaim an identity slot for a new
identity. When called, any previous pairings, connections, or other
data will be cleared, and then a new identity will be generated in the
place of the old one.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
None of the callers of these APIs do anything with the return value,
so just remove it to produce more efficient code.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This wasn't used anywhere and was typed incorrectly (the foreach
callback takes two parameters). There was also one user of this which
was triggering compiler warnings of mismatched callback type.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When doing bt_unpair() we need to pass the given identity when
disconnecting and clearing keys, in case all associated pairings were
requested to be cleared.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Update the storage handling to take into account multiple identities.
We can save a bit of code by using the new bt_id_create() API from
within settings.c.
Also make the treatment of addr & irk parameters to bt_id_create()
consistent, in that NULL is acceptable for both of them.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This flag was both redundant and creates confusion with potentially
multiple identity addresses (it was only referring to the first
identity address). We can simply just look at the type of the identity
address wanting to be used.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Make it possible to have multiple identity addresses as an LE
peripheral. For central role only the default identity is supported
for now. This also extends the flash storage in a backward compatible
way.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Up until now, Zephyr has patched Kconfig to use the last 'default' with
a satisfied condition, instead of the first one. I'm not sure why the
patch was added (it predates Kconfiglib), but I suspect it's related to
Kconfig.defconfig files.
There are at least three problems with the patch:
1. It's inconsistent with how Kconfig works in other projects, which
might confuse newcomers.
2. Due to oversights, earlier 'range' properties are still preferred,
as well as earlier 'default' properties on choices.
In addition to being inconsistent, this makes it impossible to
override 'range' properties and choice 'default' properties if the
base definition of the symbol/choice already has 'range'/'default'
properties.
I've seen errors caused by the inconsistency, and I suspect there
are more.
3. A fork of Kconfiglib that adds the patch needs to be maintained.
Get rid of the patch and go back to standard Kconfig behavior, as
follows:
1. Include the Kconfig.defconfig files first instead of last in
Kconfig.zephyr.
2. Include boards/Kconfig and arch/<arch>/Kconfig first instead of
last in arch/Kconfig.
3. Include arch/<arch>/soc/*/Kconfig first instead of last in
arch/<arch>/Kconfig.
4. Swap a few other 'source's to preserve behavior for some scattered
symbols with multiple definitions.
Swap 'source's in some no-op cases too, where it might match the
intent.
5. Reverse the defaults on symbol definitions that have more than one
default.
Skip defaults that are mutually exclusive, e.g. where each default
has an 'if <some board>' condition. They are already safe.
6. Remove the prefer-later-defaults patch from Kconfiglib.
Testing was done with a Python script that lists all Kconfig
symbols/choices with multiple defaults, along with a whitelist of fixed
symbols. The script also verifies that there are no "unreachable"
defaults hidden by defaults without conditions
As an additional test, zephyr/.config was generated before and after the
change for several samples and checked to be identical (after sorting).
This commit includes some default-related cleanups as well:
- Simplify some symbol definitions, e.g. where a default has 'if FOO'
when the symbol already has 'depends on FOO'.
- Remove some redundant 'default ""' for string symbols. This is the
implicit default.
Piggyback fixes for swapped ranges on BT_L2CAP_RX_MTU and
BT_L2CAP_TX_MTU (caused by confusing inconsistency).
Piggyback some fixes for style nits too, e.g. unindented help texts.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Settings consider the character space the end of the value, so instead
encode the name using settings_str_from_bytes and restore it with
settings_bytes_from_str.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Normally App Keys are identified using the AppKey Index value (a 12
bit value in practice), whereas the stack-internal array index has
very little relevance.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When we receive a security request we need to make sure that any
existing keys contain an LTK to encrypt with. Otherwise there's a risk
of trying to encrypt with an all-zeroes LTK.
Fixes#3221
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add a new bt_passkey_set() API that can be used to set a fixed passkey
to be used for pairing. The new API also requires a new Kconfig option
to be enabled first (CONFIG_BT_FIXED_PASSKEY).
Fixes#8350
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The code was not doing the right thing when we as peripheral would
send a security request to the central. First of all, the SEQ_REQ flag
was getting cleared by the pairing request handler, resulting in
pairing_confirm() callbacks for no reason. Secondly, the behavior in
encrypt_change() was not utilizing the smp_reset() helper as it should
have done.
Fix the situation by calling smp_init() when sending a security
request, and detect that this has been done when receiving a pairing
request. Also do the appropriate cleanup if the result is an encrypt
change instead of a pairing request (in case we were already paired
with the peer).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The smp pointer is the return value of CONTAINER_OF() which is
guaranteed to always be non-NULL.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Provide proper documentation for all of the authentication callbacks,
and clarify the usage of the cancel callback. Previously the cancel
callback was always required, even though that doesn't necessarily
make sense now that the pairing_complete/failed callbacks exist.
Fixes#8385
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Whoever added Zephyr's prefer-later-defaults Kconfig patch originally
didn't do the same for 'range's. Earlier ranges are still preferred.
Swap the ranges on BT_RFCOMM_L2CAP_MTU to give the intended behavior.
Fixes the following warning for tests/bluetooth/shell/prj_br.conf:
warning: default value 200 on BT_RFCOMM_L2CAP_MTU (defined at
subsys/bluetooth/host/Kconfig:508) clamped to 264 due to being outside
the active range ([264, 32767])
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Essentially all products that support pairing or Mesh need to be able
to support ECC. This is particularly important for traditional
peripheral/central use cases where legacy pairing is considered
insecure. With split builds we don't know if the controller supports
ECC HCI commands or not, however with a combined build we know that
the current controller lacks any special ECC support, so enable
TINYCRYPT_ECC by default for such a configuration.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The SMP_FLAG_ENC_PENDING flag indicates that we've generated an STK
and are waiting for encryption to happen. In case the remote enables
encryption prematurely we should not try to encrypt with whatever is
stored in smp->tk, rather reject the pairing attempt.
Fixes#3222
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The recently added pairing_complete & pairing_failed callbacks
were missing a NULL-check for bt_auth, since it is possible that
there's no authentication callback structure registered at all.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
commit 9b6ad4067b introduced some minor
coding style issues related to line splitting. Fix these.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Added two new callbacks for Bluetooth stack to notify
the application that pairing has been completed or failed.
fixes: #8390
Signed-off-by: Jun Li <jun.r.li@intel.com>
Update the RX SDU Kconfig value to something that reflects better
current use cases and doesn't waste memory needlessly. Also lower the
minimum to two segments, since while many samples need three for their
composition data (typically the biggest transferred payload), it's
possible to have a very simple node whose composition fits in two
segments.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Mesh specification doesn't support more than 32 transport layer
segments, the way the number was so far derived from the advertising
buffer count could result in a highre numbe than 32, thereby wasting
memory. Make the number of supported segments build-time configurable
through a new BT_MESH_TX_SEG_MAX configuration option.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The controller already has a minimum of 1, and the host should mirror
that (in particular to avoid Kconfig warnings). A single buffer is
unsafe in some scenarios (such as with LE SC enabled) however there
are valid scenarios where a single buffer makes sense, so leave it up
to the developer to choose this.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This enables the user to provide a ScanData, as long as it contain
names, and set BT_LE_ADV_OPT_USE_NAME.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This introduces a new advertising flag BT_LE_ADV_OPT_USE_NAME which can
be used by applications to make the stack automatically include the
Bluetooth Device Name in the Scan Response.
The name is also updated in case there is already an advertising
instance using it.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This makes GAP name writable if CONFIG_BT_DEVICE_NAME_STORAGE is > 0
which means the name can be persisted.
Fixes#8357
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This uses bt_dev to store the name and allow changing it at runtime, in
addtion to that if CONFIG_BT_SETTINGS is defined make the name
persistent.
Fixes#8357
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
If we use newlib the isdigit (and other similar functions) return an
error as char can possibly be viewed as signed:
usr/include/ctype.h:57:54: error: array subscript has type ‘char’ [-Werror=char-subscripts]
#define __ctype_lookup(__c) ((__ctype_ptr__+sizeof(""[__c]))[(int)(__c)])
Explicity cast to unsigned char so we deal with both this warning and
possible warning when -Wpointer-sign is enabled.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
If we use newlib the isdigit (and other similar functions) return an
error as char can possibly be viewed as signed:
usr/include/ctype.h:57:54: error: array subscript has type ‘char’ [-Werror=char-subscripts]
#define __ctype_lookup(__c) ((__ctype_ptr__+sizeof(""[__c]))[(int)(__c)])
Explicity cast to unsigned char so we deal with both this warning and
possible warning when -Wpointer-sign is enabled.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Bool symbols implicitly default to 'n'.
A 'default n' can make sense e.g. in a Kconfig.defconfig file, if you
want to override a 'default y' on the base definition of the symbol. It
isn't used like that on any of these symbols though.
Remove some 'default ""' properties on string symbols too.
Also make definitions more consistent by converting some
config FOO
<type>
prompt "foo"
definitions to a shorter form:
config FOO
<type> "foo"
This shorthand works for int/hex/string symbols too, not just for bool
symbols.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
The Configuration Model specification states that all non-unicast
addresses given as the address of an element are Prohibited. The
correct action for Prohibited parameter values is to ignore the
message. As of writing this patch the PTS does not enforce this, but
it might in the future (as it does for many other Prohibited values).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Previously the code only checked if any of the models within an
element had the destination address in their subscription list. After
that check the specific model that the message was addressed to was
not verified to have that address in it's subscription list. This
patch fixes the problem.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When we're reading the initial state from flash, calling the various
internal functions was leading to scheduling a rewrite to flash. Add
an extra parameter to the appropriate functions so they know when
they're called due to active configuration by a configuration client,
and when they're called due to restoring the state from flash.
This was not only wasting flash space, but also causing erroneous
behavior with the FCB settings backend if there was an intermediate
node reset operation stored, followed by a reprovisioning. The node
reset entries would cause them to be re-appened after the second valid
provisioning, leading to an incomplete node state.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
If the model publication is not enabled, we should return success,
however no other steps need to be done. This also helps avoid writing
redundant entries to flash when resetting a node that never had model
publication enabled.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There were several things broken with the initialization order during
node reset:
- The model->flags should not be touched since the writing to
persistent storage happends through delayed work, and the flags
need to be kept until that.
- The unprovision() function should only be called at the very end of
the reset procedure, since it calls model-specific init functions
which may clear things which the earlier reset routines depend on.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Provide flexibility in choosing to use the host defined crypto
functions or the ones provided by the controller
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This adds an Kconfig option to disable GATT Multiple Read support.
This GATT sub-procedure is optional and does not have to be supported.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This function does nothing actually if SMP is disabled.
This excludes att_signed_write_cmd handler from build if BT_SMP
is disabled or BT_SIGNING is disabled.
Note:
BT_SIGNING depends on BT_SMP
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This chunks should be excluded from build if the target application
does not support neither observer not central role.
This helps to reduce the application image size that implement
Peripheral or Broadcaster role.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This adds dependency upon BT_BROADCASTER and BT_OBSERVER roles.
Those are necessary to implement Mesh device.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Don't build the code that is related to central role if the target
does not support connection creation.
This helps to reduce the application image size that implement
either Observer, Peripheral or Broadcaster role.
Note:
BT_CENTRAL implies BT_CONN and BT_OBSERVER
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
It is quite easy to implement a buggy or security vulnerable
advertising data parser. Provide a helper for this purpose, which uses
the existing bt_data struct which is used for programming the local
advertising data.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This fixes a regression introduced in commit 6af5d1cd1f
("Bluetooth: Compress bt_keys struct").
Instead of passing a value zero as the random number, the
value at the RAM address zero was being used by the start
encryption function call. It is now fixed by consistently
using byte-array to store EDiv and Rand values.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This fixes invalid assert condition.
As stated in Bluetooth Core v5.0 Vol 3 Part F
3.4.4.1 Read By Type Request &&
3.4.4.9 Read by Group Type Request
"The starting handle shall be less than or equal to the
ending handle."
3.4.3.1 Find Information Request &&
3.4.3.3 Find By Type Value Request
"Only attributes with attribute handles between and
including the Starting Handle parameter and the Ending
Handle parameter that match the requested attribute type
and the attribute value that have sufficient permissions
to allow reading will be returned."
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Introduce a quirks field to the HCI driver struct, which can be used
to create exceptions in host behavior for non-standard or unusual
controller behavior. An initial quirk is added to prevent the host
from sending the HCI_Reset command (in which case the controller is
responsible for performing the reset).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This is the simplest & cleanest way to make these APIs available for
drivers. We already have a public hci.h header file, so using it seems
most natural.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Recent commits which made the choice of attribute to pass to
bt_gatt_notify() more flexible contained some unfortunate bugs in
handling the attributes and their values. In particular, both calls to
gatt_notify() would in certain circumstances pass the wrong handle
value. This should now be fixed.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Introduce a custom HCI driver for the native POSIX port, which opens a
HCI User Channel socket to the Linux kernel to gain access to a local
Bluetooth controller.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
With updates to bt_gatt_notify and bt_gatt_indicate it is now possible
to pass the Characteristic attribute instead of its value which makes
the code able to verify if attribute properties are set correctly.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Since BT_GATT_CHARACTERISTIC now expands to 2 attributes it may be
confusing to use bt_gatt_indicate as that expects the Value attribute to
be given which is no longer visible, so this enables the user to use
the Characteristic attribute in addition to its value.
Fixes#8231
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Since BT_GATT_CHARACTERISTIC now expands to 2 attributes it may be
confusing to use bt_gatt_notify as that expects the Value attribute to
be given which is no longer visible, so this enables the user to use
the Characteristic attribute in addition to its value.
Fixes#8231
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When att_disconnected is called a thread may be waiting for the tx_sem
but that is memset to 0, furthermore there exists a flag
ATT_DISCONNECTED to indicate the context is no longer valid so instead
move memset to bt_att_accept so it is cleared when it is about to be
reused.
Fixes#8083
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
The adv_send() function was incorrectly decoding the 5-bit value (it
was using it directly as milliseconds), which effectively lead to the
code always picking the controller's minimum supported interval.
Fix this issue, but do it by simplifying the (re)transmission state
tracking so that the state is always stored in the original "packed"
8-bit value, where 5 bits are reserved for the interval, and 3 for the
count.
Fixes#7972
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We should check for valid lengths, not just because flash may have
become corrupted, but also because this fixes coverity errors, such as
CID 186030.
Fixes#7739
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Some versions of gcc do not seem to compile out the inaccessible code
in this case and instead give the following error:
subsys/bluetooth/host/mesh/transport.c:419: undefined reference to
`bt_mesh_lpn_poll'
This happens at least when building samples/bluetooth/mesh for
native_posix on Fedora 28.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Remove non-existent Kconfig symbol references. An additional (but
related) change is the removal of all persistent storage symbols from
the Arduino 101 Bluetooth shell app, since BT_STORAGE no longer
exists.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Bluetooth core specification splits the valid LE L2CAP PSM range
into two subranges:
- Standard, SIG-assigned fixed PSM values in the range 0x0001-0x007f
- Dynamic, allocated at runtime in the range 0x0080-0x00ff
Previously the bt_l2cap_server_register() API was assuming that the
app would always decide the PSM, which effectively made it impossible
to have collision-free dynamic PSMs. This patch extends the
implementation so that if server->psm is 0, then the stack will look
for a free PSM from the dynamic range and take it into use.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Instead of having an ivu_unknown variable to track when we can ignore
the 96-hour minimum duration requirement, simply set the duration to
the minimum (96 hours) in the places where ivu_unknown would have been
1.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When the IV Update state enters Normal operation or IV Update in
Progress, we need to keep track of how many hours has passed in the
state, since the specification requires us to remain in the state at
least for 96 hours (Update in Progress has an additional upper limit
of 144 hours).
In order to fulfil the above requirement, even if the node might be
powered off once in a while, we need to store persistently how many
hours the node has been in the state. This doesn't necessarily need to
happen every hour (thanks to the flexible duration range). The exact
cadence will depend a lot on the ways that the node will be used and
what kind of power source it has.
Since there is no single optimal answer, this patch adds a new
configuration option, which allows specifying a divider, i.e. how many
intervals the 96 hour minimum gets split into. After each interval the
duration that the node has been in the current state gets stored to
flash. E.g. the default value of 4 means that the state is saved every
24 hours (96 / 4).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
After introducing persistent storage, it's useful for an app to check
if the node has been provisioned or not.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This ensures the every characteristic has a value attribute declared
with the same UUID since the old macro did not declare the value the
application would normally have to declare one itself using a different
UUID which is not allowed.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
The rx_prio_queue k_fifo object has not been used for anything for a
really long time. The use for it was originally removed by the following
commit:
commit ad475d863a
Author: Szymon Janc <ext.szymon.janc@tieto.com>
Date: Fri Apr 22 11:36:04 2016 +0200
Bluetooth: Remove RX priority fiber
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The sequence number was acting as a stop-gap for missing persistent
storage. Now that we have the settings support in place it's no longer
needed.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The logic for restoring the sequence number was flawed in that it
would not always cause an incremented sequence write upon the
transmission of the first packet. The reason the code didn't work is
that it assumed the stored value was a multiple of SEQ_STORE_RATE,
however since the sequence number is stored in a deferred fashion
that's not always true.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We can implicitly trust locally originated messages, so there's no
need to burden the RPL with them.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add support for storing the remaining configuration server model
states (all of which are one byte values). The states are stored under
a single settings key bt/mesh/Cfg.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add support for storing the heartbeat publication persistently. The
information is only stored as "publish indefinitely" or as "periodic
publishing disabled" since we can't know for how long the node is
powered off. The information is stored under the settings key
bt/mesh/HBPub.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add support for storing the model publication information
persistently. The addresses are stored under the settings key
bt/mesh/s/<mod id>/pub for SIG models and bt/mesh/v/<mod id>/pub for
vendor models.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add support for storing the subscribed group addresses for each model
persistently. The addresses are stored under the settings key
bt/mesh/s/<mod id>/sub for SIG models and bt/mesh/v/<mod id>/sub for
vendor models.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add support for storing the bound App Keys for each model
persistently. The bindings are stored under the settings key
bt/mesh/s/<mod id>/bind for SIG models and bt/mesh/v/<mod id>/bind for
vendor models.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Keeping the model struct same sized, change the element pointer to two
indexes, and add a flags member that will be used to track pending
storage actions.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
In order not to have a Node Reset consume more stack than other
operations, also perform the related storage writes through the same
delayed work as all other storage updates.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Instead of having an RPL-specific storage timer, introduce a generic
one that'll eventually be used for all persistent storage.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
To reduce stack consumption, and to avoid blocking the CPU during
network activity, prepare for a generic timer that can be used for
most (possibly all) mesh storage values.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There are valid use cases where the model layer must know the true
destination address. So far only the fact that it was one of the
addresses that the model subscribes to (its element's unicast
included) has been knowable.
Solve the issue by moving the destination address from the internal
net_rx context to the public bt_mesh_msg_ctx struct.
Fixes#7453
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There are certain use cases where the application needs to be able to
explicitly set a specific identity address. This was previously
possible using the bt_storage API, however now that it's gone another
solution is needed.
This patch adds a ne bt_set_id_addr() API which the application can
use to set a specific identity address before calling bt_enable().
Fixes#7434
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Instead of manually iterating all app keys and net keys, use the
bt_mesh_subnet_del() helper on all subnets. This will also clear any
app keys, and ensures that persistent storage is cleared as well.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Both the local sequence number as well as the Replay Protection List
(RPL) are states that may potentially change very often. In order not
to wear out the flash with these updates it makes sense to try to
avoid too frequent writes.
For the local sequence number a simple solution is not to write the
number on every increment. This patch introduces a new Kconfig option
to define after how many increments the sequence number gets written.
When the stack gets initialized it automatically adds the configured
number to the last stored one, thereby guaranteeing that the node
starts off with a number that's larger than the last used one.
The RPL is more problematic, since in principle it needs to be updated
every single time that we receive and process a message. Especially
security sentitive nodes will want this stored immediately to flash.
To give some use-case dependent flexibility, this patch introduces a
new Kconfig option to specify a timeout after which the RPL gets
written to flash.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
These are needed both for bt_mesh_provision() as well as persistent
storage-based network creation.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This variable is both redundant as well as problematic when it comes
to adding persistent-storage-based provisioning information, which
will not come through main.c or the bt_mesh_provision() API. Just
remove it and use bt_mesh.valid which serves the same purpose in
practice.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add APIs for storing core network values, such as Net and App Keys, IV
Index, Sequence number, RPL, etc.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add initial skeleton for doing settings-based persistent storage for
the mesh network state. This patch only includes restoring some core
network state such as IV Index, Sequence number, Net Keys, App Keys
and the Replay Protection list. The remaining state, and actually
storing the state, is left for follow-up patches.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The sequence number is incremented from several different places in
the stack. The way it was done was potentially race condition prone,
and was also problematic from the perspective of updating the
sequence number in persistent storage. Create a dedicated helper for
incrementing the sequence number (solves the race) which can in later
patches be used to add the persistent storage support.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This for loop runs inside an "if (!sub)" branch, so explicitly setting
sub to NULL in the loop is redundant.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
These app key and net key (subnet) helpers will soon be needed to be
called from the persistent storage code.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There's a bit of unnecessary space in the bt_keys struct. Re-design
some fields for a more compact format, which is particularly helpful
now that the struct gets stored as-is to flash through the settings
API.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Integrate the bt_keys submodule with bt_settings. Add a new
bt_keys_store() API to write keys to flash, and extend the existing
bt_keys_clear() to remove the keys from flash.
Along with this, add some helpers for genrating settings key values
containing a bluetooth address, as well as for decoding them to get
the binary bt_addr_le_t.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add a new linker section for a list of submodule settings handlers,
and iterate the list from the various settings callbacks.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The same functionality is now supported by the settings-based
solution, so remove bt_storage out of the way. There were stubs in
bt_storage to handle per-peer information (e.g. pairing keys) but this
was never actually implemented in full. The next step is to add this
support to the settings-based solution.
Leave the code for generating temporary IRK and identity address in
case BT_SETTINGS is not enabled. Also leave the code for using vendor
HCI to read the identity address, in which case the settings
implementation will not touch it.
Introduce a new bt_unpair() API to replace the removed
bt_storage_clear(), since the latter was actually doing more than just
storage management: it was also handling runtime storage of pairing
information. Later, the bt_unpair() implementation will be extended to
clear settings-based pairing storage.
There is one feature that the bt shell module looses: the ability to
give a specific identity address to the "init" command as a parameter.
We might look later in the future if this is really needed, and add a
separate API for this.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Introduce a basic skeleton for peristent storage based on the settings
subsystem. Also enable support for this to the peripheral sample
application, so the new code gets exersized by CI. For now, the
implementation provides the same level support as the bt_storage API
ever did, i.e. for the identity address and the IRK.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The code was updating net_rx->seq to make sure sdu_recv() gets the
right sequence number (seq_auth for segmented messages), however later
net_rx->seq was also used for enqueuing to the Friend Queue, causing
the queued messages to have the wrong value.
To fix this, don't update net_rx->seq, rather pass an explicit
sequence number value to sdu_recv(), which is just net_rx->seq for
unsegmented messages, and seq_auth for segmented messages.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The 'valid' member of struct bt_gatt_ccc_cfg was redundant, since
setting 'peer' to BT_ADDR_LE_ANY does the same job. What's worse, the
handling of 'valid' was also buggy in that some places looking for
valid CCC structs only matched the address, meaning it might yield a
positive match for invalid entries.
Fix these issues by removing the 'valid' struct member, and solely
using the 'peer' member to identify valid entries. Also simplify the
code by acknowledging that no CCC entry is essentially the same as the
value '0' written to CCC.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The bt_mesh_provision() call results in the provisioning link state
being cleared, so link.conn will become NULL. Add code to store the
information of whether PB-GATT was used and use this information after
the call instead of relying on link.conn anymore at this point.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The condition 'iv_index != bt_mesh.iv_index + 1' is already caught by
the earlier conditions in this branch.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
If the network is in IV Update In Progress state when we get
provisioned we should set a timer so we eventually transition back to
Normal mode (otherwise we may end up in IVU In Progress indefinitely).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When we get provisioned we can't know how long the network has been in
the current IV Update state. Introduce a special value for
bt_mesh.last_update to indicate that we don't know the duration.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Node Identity advertising should only be automatically enabled
when provisioning happened over PB-GATT, but not when it happened over
PB-ADV. Move the enabling of Node Identity to the provisioning code,
where we know the bearer that was used (this information does not get
passed to the bt_mesh_provision function).
Fixes#6338
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There's a small but real chance of a race-condition when sending
messages to the local node (through the local network interface) that
expected parameters will be NULL in the message handles. Add
appropriate NULL checks for them.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This updates result values for LE Credit Based Connection
Response according to Table 4.20 from Core 5.0 Vol 3 Part A.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This was originally added as a work-around to avoid the heavy stack
consumption of the TinyCrypt PRNG when generating NRPAs. This is
no-longer an issue, and there are in fact no (in-tree) users of this.
Remove it before it gains any wider users, since it was in many ways a
hack/work-around to begin with.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
In some cases the app may want to force using the identity address
regardless of privacy support or what type of advertising is done.
Provide such an option in bt_le_adv_param.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
If the thread that sends the configuration messages has low priority
and is sending to the local node (a common use case currently) it's
possible that the response arrives before the cli->op_* state
variables are set, resulting in the message never getting properly
processed and the client API call timing out.
Split the initialization into a separete cli_prepare() call and add a
cli_reset() to clean up the variables in case of premature completion
of the client operation (e.g. due to message sending failure).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
It's not always guaranteed that param->status will be non-NULL,
especially not after a subsequent patch to fix a race condition with
the response waiting.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
With the introduce of VFS the typedef for fs_file_t & fs_dir_t don't
exist anymore so we need to use 'struct fs_dir_t' or 'struct fs_file_t'.
Fix up some places that got missed in the VFS conversion.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
When reconnecting the code will attempt to recover the subscriptions
but it was not setting any callback causing the bt_att_req.func to be
NULL.
Fixes#5982
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This check is needed to not send command that is not supported
by controller. LE Set Privacy Mode command was introduced in
Bluetooth 5.0 so that it will fail on older controllers.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This fixes intercompatibility issues with controllers supporting
privacy feature.
Core Spec requires to use network privacy mode as a default when
peer device provides its IRK during bonding when LL Privacy is used,
which is the case for Zephyr. We've seen devices including PTS
which exchanges it's IRK but is not aware about network privacy
mode. This results in Zephyr not able do be reconnect to such bonded
devices.
This workaround sets device privacy mode to be able to reconnect
to such devices.
Fixes#4989Fixes#5486
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
As per TSE 10009 the TS will enforce that a Friend ever only uses a
single transmission when sending packets to an LPN. Make sure that our
implementation follows this.
https://www.bluetooth.org/tse/errata_view.cfm?errata_id=10009
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
If there's no more room to store new pairings, send a proper error
instead of letting the SMP timeout expire.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This makes things slightly cleaner, and we don't need to rely on the
deprecated net_buf_simple_init() API (which was a bit hackish for
these custom-constructed net_buf_simple objects anyway).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This fixes the issue when after incomplete timer expiration
host sent ACK.
The host failed in two cases:
1. Sending ACK right after the incomplete timer expiration;
2. Sending ACK from new RX context. Now, seq_auth of cancelled
message is not cleaned on RX reset, so segments of cancelled message
will be discarded when resend.
According to the Mesh Profile v1.0
"When the incomplete timer expires, the lower transport layer
shall consider that the message being received has failed and
cancel the acknowledgment timer. Any segment of a canceled
message shall be ignored."
Fixes#6023
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
In the case of an unexpected PDU we need to send the right response.
This was already taken care of for PB-ADV, but not for PB-GATT.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Provisioner might have missed our earlier Link Acknowledgement, so
if we receive another one with matching Link ID and link.expect state,
simply send another acknowledgement.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When sending a segmented message, the state could get stuck if the
advertising bearer fails in transmitting and we don't detect that it
happened. Add a send_start callback for all packets so we can always
know if sending fails.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When both PB-ADV and PB-GATT are enabled, the PB-ADV code (prov.c)
uses the bt_mesh_proxy_get_buf() API to get a net_buf_simple buffer.
Unfortunately this function also suffers from the same issue that was
fixed by commit 2b273444c1.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The conversion to the new net_buf_simple API was done incorrectly
here. The buffer initialization should use net_buf_simple_init()
instead of net_buf_simple_reset(), so that buf->__buf gets properly
initialized (and not left pointing at NULL).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There's a risk of a deadlock if we use the same pool for ACL fragments
as we use for general ACL TX buffers: all TX buffers are queued up,
and we try to segment one of them, a segment buffer will never become
available. To work around this risk, introduce a dedicated fragment
pool.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Convert the mesh code to use the new net_buf_siple APIs. This has the
benefit of saving 4 bytes off the stack due to the not needed pointer.
Also update the publication context helpers to map to the new
net_buf_simple API in an intuitive way.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Application should normally declare a bt_uuid with proper type and then
use bt_uuid_cmp.
Fixes#5162
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
New advertising started while scanning is already enabled
would delay the first advertisement event until the end of
the current overlapping scan window in the Zephyr native BLE
controller implementation. Hence, consider this scan window
duration when calculating the advertising stop.
Relates to: #6083
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
No one was setting this to any other value than its default, which
happens to be the same as BT_BUF_USER_DATA_MIN.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The HCI command buffers are the only ones with more than 4 bytes of
required user data. Move the user data into a separate array and do
the mapping with the help of net_buf_id(). After this, it will be
possible to reduce the default net_buf user data size from 8 to 4.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Having these in the beginning of a switch statement without any case
statement makes no sense.
Fixes#6135
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Redesign of the net_buf_simple and net_buf structs, where the data
payload portion is split to a separately allocated chunk of memory. In
practice this means that buf->__buf becomes a pointer from having just
been a marker (empty array) for where the payload begins right after
the meta-data.
Fixes#3283
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Until now the OOB info and URI fields in unprovisioned beacons were
generally ignored by the implementation. Add fields for these to
bt_mesh_prov and make sure to take them into account when encoding
advertising data, both for PB-ADV and PB-GATT. For PB-ADV the URI goes
out in a separate beacon, whereas for PB-GATT it is placed in the scan
response data.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The vendor variants of the model publication client messages were not
passing onward the CID, rather passing CID_NVAL which is clearly not
right.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
A few lines earlier the code bails out in case len is 0. Checking for
buf->len < 1 is the same as checking for buf->len == 0. Since len is
guaranteed to be > 0 here the check len > buf->len implicitly checks
for buf->len == 0, i.e. the second test can be removed.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The timeout was hard-coded to 400ms, but the spec actually states:
"This timer shall be set to a minimum of 200 + 50 * TTL milliseconds."
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The caculation was wrong since the value may be BT_MESH_TTL_DEFAULT,
i.e. 0xff, leading to much too large values.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Replay protection is not enforced at the Lower Transport Layer, so it
is possible to get an old replayed segment here. In such a case
cleanly discard it instead of causing a valid existing transaction
from being discarded.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This check is needed to not schedule the delayed work if current
message to be sent is the last heartbeat message.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
The timer should be reset before sending to ensure correct
publication period.
This patch allows to pass MESH/NODE/CFG/HBP/BV-02-C.
This patch is ported from mynewt:
Commit: d4b84638df47e7ea21629e6919f547f5dcd47285
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Virtual address labels array entries were not updated on va deletion,
so that STATUS_INSUFF_RESOURCES error was returned after few
subsequent Config Model Subscription Virtual Address Add, Delete,
Overwrite commands, even if there shall be free space available.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This fixes missing bt_mesh_lpn_group_del call in mod_sub_va_del.
If Config Model Subscription Virtual Address Delete was received
and successfully proceeded, subscription address shall be also
deleted from LPN Subscribe Groups.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Features received in Config Heartbeat Publication Set message can have
Feature bits set to RFU values.
This patch fixes setting this RFU bits in Heartbeat Publication
Features, so that those are not indicated in Config Heartbeat
Publication Status message.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This reverts commit ada5771d7c.
MESH/NODE/FRND/LPN/BI-02-C in Mesh Test Specification 1.0.1
has been fixed according to TSE #9774.
IUT shall ignore the message with an RFU Transport Control Opcode
but another Friend Poll message shall be sent with an alternating
FSN value.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
According to Mesh Specification v1.0 4.3.2.48 Config Model App Status:
"The Status Code shall be Success if the received request was redundant
(bind request of existing binding, or unbind of a non-existing binding),
with no further action taken."
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This adds commands to manage Friend node Subscription List.
Those will be used to add or remove and group/virtual address
from subscription list.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This command will be used to test if model can properly send
segmented and unsegmented messages to a given destination address.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Fixes many instances of errors similar to below:
zephyr/subsys/bluetooth/controller/ll_sw/ctrl.c:5927:22:
error: declaration of ‘s_link’ shadows a previous
local [-Werror=shadow]
static memq_link_t s_link;
^~~~~~
zephyr/subsys/bluetooth/controller/ll_sw/ctrl.c:5905:21:
note: shadowed declaration is here
static memq_link_t s_link;
^~~~~~
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This introduces Bluetooth internal API intended to be used for
qualification purposes. Application may register callbacks to get
data that is not exposed by public API.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
If we have the maximum number of supported connections, then it
doesn't make sense to try to do connectable advertising.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Create a slightly smarter algorithm for choosing how long to advertise
each subnet. This is particularly important for the mesh_shell app,
since it uses a 10 second NODE_ID_TIMEOUT, meaning starting Node ID
advertising through user interaction would only succeed in advertising
one subnet (due to this being configured to 10 seconds).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Mesh Profile Specification 1.0 section 7.2.2.2.3:
"When the server starts advertising as a result of user interaction,
the server shall interleave the advertising of each subnet it is a
member of"
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Node ID advertising is short lived, so it's important to make sure
that subnets that get it enabled are first in queue to start
advertising.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We'll soon extend the start functionality with a bit more stuff
(prioritizing the started subnet), so in order to avoid excessive code
duplication, create helpers for these actions.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Until now the proxy server code would only advertise with the first
subnet. Introduce tracking of what the last advertised subnet was, and
give each subnet 10 seconds of advertising at a time.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add configuration client model support for NetKey Add message, as well
as a mesh shell command for calling the new API.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The logic for choosing to relay from the GATT bearer to the
advertising bearer was still buggy. This patch refactors the logic to
a separate helper function to make it clearer.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The command handler already has support for decoding from hex, however
it was not using the decoded value when calling the client API.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
If relaying is not supported, or disabled, the Relay Transmit state
will normally be 0, which is not what we want to use when proxying out
packets from GATT clients. The bt_mesh_net_relay() function is also
used for sending out locally originated packets, in which case the
Relay Retransmit state is also the wrong one to use (the Network
Transmit state should be used instead).
This patch makes sure we only use the Relay Retransmit state for
packets originating from the advertising bearer, and for all other
packets use the Network Transmit state.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The bt_mesh_net_relay() function was missing several important checks
for whether a PDU should be relayed or not. In particular, it would
relay a packet from adv to adv even if the Relay state was set to
disabled, as long as GATT Proxy was set to enabled. The code would
also relay packets to the GATT Proxy bearer if the Relay state was set
to enabled but GATT Proxy was set to disabled. This patch addresses
both of these issues.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
If the Relay state is set to Not Supported (0x02) the Config Relay Set
message should not change the state, rather just return its current
value.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The beacon cache handling was severely broken in the way that the
cache_add() function was incorrectly mapping net_idx to array index,
which could have lead to array overflows.
To fix this, while also cleaning things up, move the cache to the
actual bt_mesh_subnet struct. This e.g. lets us avoid having to track
the net_idx twice.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
https://www.bluetooth.org/errata/errata_view.cfm?errata_id=9807
"If the computed Beacon Interval is less than 10 seconds, it should be
set to 10 seconds. If the computed Beacon Interval is greater than 600
seconds, it should be set to 600 seconds."
The lower limit is already covered by how frequently the delayed work
callback gets called, so we just need enforce the 600 second maximum.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Whenever there's a security change (Key Refresh or IV Update) we
should immediately send beacons to any Friend Queues or connected GATT
clients. Introduce a helper function to do this, and make sure it's
called from all places that change the Key Refresh or IV Update
states.
This fixes test case MESH/SR/PROX/PB-12-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This makes it clear why 18 is a valid minimum network PDU length to
enforce. This is particularly important since as of writing this patch
there's at least one PTS test case which sends too small PDUs, which
could potentially lead to people thinking the implementation is at
fault (it's not).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Some Transport Layer tests (MESH/NODE/TNPT/BV-13-C in particular)
require manual clearing of the RPL. Introduce an API for it as well as
a command to the mesh shell to call the API.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
If we the stored RPL entry was for an old IV Index, and the received
PDU is for a new IV Index we should not be comparing the sequence
number (as it's by definition always greater than the old one).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Section 4.2.11 of the Mesh Profile Specification 1.0 states:
"Upon transition from GATT Proxy state 0x01 to GATT Proxy state 0x00
the GATT Bearer Server shall disconnect all GATT Bearer Clients."
This also makes test case MESH/SR/MPXS/BV-08-C pass.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The bt_mesh_proxy_identity_enable() function was missing a line to
properly initialize the start time for Node Identity advertising.
Without it this public function wouldn't work as intended.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Test case MESH/SR/MPXS/BV-04-C requires the Proxy Service CCC to have
read permissions in order to pass.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Section 4.2.11.1 of the Mesh Profile specification 1.0 states:
"When the GATT Proxy state is set to 0x00, the Node Identity state for
all subnets shall be set to 0x00 and shall not be changed."
When the proxy state has been changed we also need to wake up the
advertising module to make sure we do the right kind of advertising.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Section 3.4.5.2 in the Mesh Profile Specification (1.0) states:
"The output filter of the interface connected to advertising or GATT
bearers shall drop all messages with TTL value set to 1."
Also: https://www.bluetooth.org/errata/errata_view.cfm?errata_id=9811
Note that this is specifically 1 and not 0, since e.g. Friend PDUs
always go out with TTL 0.
Another noteworthy thing is that the way this has to be implemented is
slightly contrary to how it's presented in the specification (both in
the text as well as the Message processing flow diagram in section
3.11. If this was implemented following the spec to its word, then any
PDU received over GATT or Advertising with TTL 2 would never be
relayed (since the TTL would be 1 when the PDU gets rerouted back to
the bearer). This would be both counterintuitive to the intended
purpose of the TTL, and would also be contrary to the test
specification (see Test Procedure step 1 in MESH/NODE/RLY/BV-01-C).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Most places in bt_mesh_friend_req() used rx->sub (which is already
quite short in itself), so just remove the only remaining user and the
helper variable itself.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There were several issues with the code:
- queue_size wasn't properly kept up to date, leading to erroneous
buffer discarding logic.
- Poll timeout when there were buffers in the Friend Queue didn't
work because we didn't track if there'd been a preceding request
for messages or not (hence the added pending_req variable).
- We would overwrite the recv_delay timer if there was another
request while the previous one was still sending (a likely scenario
if we send out multiple advertising events per packet).
- We weren't canceling the sending of a buffer if the Friendship was
suddenly cleared.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When receiving Friend Offers we should also consider unestablished
contexts, and simply start from the beginning if that happens.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Pass the subnet to some friend_cred_* APIs since it contains all
necessary information for choosing the right keys to generate them
from. Also shorten the API names to avoid awkward line splitting -
these are internal APIs so it's an acceptable compromise. One bug that
this fixes as part of the cleanup is using the right NetKey Index when
clearing Friendship: previously the code was always using the index of
the first subnet, regardless of which subnet the Friendship was based
on.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Key Refresh Phase 2 is analogous to the Key Refresh flag being set.
This means that the flag can directly be used as the index to the
new/old key two-element array.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Since the stack supports runtime reset and reprovisioning, we need to
clear the network message cache whenever creating a new mesh network.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Remove inconsistent and sometimes unreliable tracking of what
advertising parameters should be used and when the Node Identity
advertising started. The main change that facilitates this is to have
the Node ID start timestamp as part of the mesh subnet context.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Some PTS test cases only work when we're advertising using Network
Identity. Using the default timeout of 60 seconds for Node Identity
will cause this test cases to fail (i.e. the PTS gives up before
Zephyr transitions to advertising from Node Identity to Network
Identity).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The shell was being inconsistent in its parsing of boolean parameters.
Some commands were documented as accepting "on" but were actually
parsing the parameter with strtoul() which would result in 0.
Introduce a new helper to convert a string to a u8_t which still
accepts "on" or "enable". This gives us full flexibility of having a
simple interface to the user, but still allowing non-boolean values to
be tested (since on-air the value is a full octet).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Instead of having a hard-coded UUID, introduce a command to change it.
This is particularly useful if there are many unprovisioned nodes
around.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Having the Static OOB value set up-front can be confusing to the user
since they will not know what the value is. Start off by having it
unset, but introduce a new command using which the user can either set
or clear it.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We need to send out a Health Fault Current Status (the Health Model's
publication message) when all faults are cleared. The logic for
calculating number of faults was also wrong after the updated model
publication API.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Health Current Fault message size was being set too small to fit
any faults. Use a macro to make sure the size gets applied in both
places where appropriate.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fixes error encountered during connecting BLE endpoint.
[bt] [ERR] le_remote_feat_complete: Unable to lookup conn for handle 32
This is to work around a buggy controller that states support for
enhanced privacy, but misbehaves when it's enabled. This change
makes it possible to ensure the host doesn't try to enable the enhanced
event by simply disabling the privacy feature in Kconfig.
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
If we get a different key value in Phase 1 we should return the same
"Cannot Update" error as in phases 2 and 3. This fixes test case
MESH/NODE/KR/BI-02-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This makes it possible to pass all IV Update tests without having to
build a custom configuration for some of the tests. We also disable
the feature in all sample configurations, but leave it on in the
tests.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There was a chance that initial beacons for subnets would be sent with
uninitialized data. Make sure we initialize the beacon data each time
when we create a new subnet.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Use NULL instead of "", fix typos, and indicate app-key-add last
parameter as optional (to match the command implementation).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add support for sending messages that add, delete or overwrite Label
UUIDs, and add commands for these to the shell. With the help of these
commands it's possible to pass Transport Layer PTS tests (in
particular TNPT/BV-05-C) by manually adding a Label UUID through
module subscription, since the test case itself does not do this.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The code would unconditionally clear sent_req in update_timeout(),
which would e.g. cause us to switch to Friend Polls if the Friend
didn't respond to a Subscription List Add/Remove on the first attempt.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The purpose of using something less than the configured poll timeout
was to cover the case where the LPN establishes Friendship before the
provisioner has completely configured it. However, there's the "more
data" flag in the initial Friend Response, and we now also have a
public API to request for more messages. Both of these features
diminish the value of having a reduced initial timeout. Also, some LPN
test cases do not expect us to send frequent polls initially, causing
failures with the PTS.
Therefore, introduce a Kconfig option to set the initial timeout, and
make it default to the actual poll timeout.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Many apps, the mesh shell included (due to PTS test requirements)
benefit from exposing LPN state and polling outside of the stack.
Introduce new APIs for these, and add code to the mesh shell module to
take advantage of them.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Health Fault Test & Test Unacknowledged messages are supposed to
be sent for more than the Node Composition Data Company ID. It's true
that some PTS tests require the message to be ignored for
non-composition data ID, however that's something that should be
covered by the application that's used for testing, and not the
generic Health Server Code.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add support for sending Health Attention messages, as well as commands
to use these new APIs from the shell.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There was a lot of code duplicated in the Foundation Client Models for
waiting on a specific status message. Refactor this into helper
functions (one per client model).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add support for sending Health Period messages, as well as commands to
use these new APIs from the shell.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Company ID 0xffff is treated as invalid in some contexts, so use a
valid one. Also, the Health tests require the Health Fault Company ID
to match that found in the Composition Data.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add a callback to the Health Client Model context, so that the
application is able to receive Health Current Status messages that
some Health Server Model publishes.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add the needed Health Client API for sending Health Fault Get, and add
a command to the shell to utilize it.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fixes:
subsys/bluetooth/host/hci_core.c: In function ‘set_static_addr’:
subsys/bluetooth/host/hci_core.c:4043:1: error: label ‘generate’ defined
but not used [-Werror=unused-label]
generate:
^~~~~~~~
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Poll Timeout needs to be at least 24 bits, so u16_t doesn't
suffice and will potentially result in truncation. Use u32_t, thereby
also fixing a coverity warning.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The bt_mesh_model_publish() is supposed to return a "not supported"
error if the publish context doesn't exist. Fixing the premature
dereferencing also fixes coverity warnings.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The separate checking for "now < reftime" is unnecessary, since the
integer over/under-flow for unsigned 32-bit values resulting from
subtraction will give the right delta even if 'now' is less than the
reference.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
After the Publish Retransmit state was introduced the Publish Period
measurement would begin once the previous Publish message has finished
transmitting. This will however cause inaccurate periods, which is
particularly an issue with the PTS that expects accuracy of less than
0.5 seconds (apparently).
Since the publication timer is also used for the retransmissions we
can't simultaneously use if for the period as well. Therefore, we
introduce a new variable called period_start which makes a note of
when the period was supposed to start, and then once all
retransmissoins are done initializes the timer with the send duration
taken into account.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The only generally available model supporting publication that's
convenient to be used for testing is the Health Server Model.
Unfortunately since this model supports period publication, the
non-periodic side got less attention and had some bugs.
The first thing that needs to be done is to verify that the period
returned by bt_mesh_model_pub_period_get() is positive. If it's zero
then no periodic publication should take place.
Another thing that this patch cleans up is the naming of the callback
used for periodic publishing. There's no need do require the callback
to call bt_mesh_model_publish() since this must happen no matter what,
so instead rename the callback from 'func' to 'update' and have the
access layer call bt_mesh_model_publish() if the callback was
successful.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When a small amount of supported connections is configured (especially
the default number of 1), connectable advertising may fail. This is
perfectly fine since as soon as a disconnection event happens the
advertising will be successfully restarted. To avoid causing
unnecessary user worries, downgrade the resulting errors to warnings.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There were some things that were working only when receiving a Node
Reset message from someone else, but not when the app called
bt_mesh_reset() directly. There was also some state cleanup missing
for the transport layer. This patch addresses all of these issues.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Configuration Client is such a generally useful feature for the
shell that it makes sense to have it as a mandatory dependency (the
shell wasn't anyway compiling at the moment without it).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Del and Overwrite operations have the exact same parameters and
expected status response as the Add operation, so we can reuse most of
the code.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Even though we have LPN enabled, we might still receive messages
through other network interfaces than the advertising one (e.g. the
local network interface).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Using the start callback, especially with multi-segment messages, may
not be super useful for applications, but we should support if if they
do provide it. One application could e.g. be to calculate the duration
it takes for a multi-segment message to be completely received by the
remote end.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Model publication was broken in a couple of ways:
- The Publish Retransmit State was not taken into account at all
- Health Server used a single publish state for all elements
To implement Publish Retransmit properly, one has to use a callback to
track when the message has been sent. The problem with the transport
layer sending APIs was that giving a callback would cause the
transport layer to assume that segmentation (with acks) is desired,
which is not the case for Model Publication (unless the message itself
is too large, of course). Because of this, the message sending context
receives a new send_rel ("Send Reliable") boolean member that an app
can use to force reliable sending.
Another challenge with the Publish Retransmit state is that a buffer
is needed for storing the AppKey-encrypted SDU once it has been sent
out for the first time.To solve this, a new new net_buf_simple member
is added to the model publication context. The separate 'msg' input
parameter of the bt_mesh_model_publish() API is removed, since the
application is now expected to pre-fill pub->msg instead.
To help with the publishing API change, the Health Server model gets a
new helper macro for initializing the publishing context with a
right-sized publishing message.
The API for creating Health Server instances is also redesigned since
it was so far using a single model publishing state, which would
result in erratic behavior in case of multiple elements with the
Health Server Model. Now, the application needs to provide a unique
publishing context for each Health Server instance.
The changes are heavily intertwined, so it's not easily possible to
split them into multiple patches, hence the large(ish) patch.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Model Publish Retransmit Interval is in units of 50ms and not 10ms
like the other transmit/retransmit states. Create dedicated macros for
the Publish Retransmit State and use them where appropriate.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There's no need for callback exposed in the public API to be something
different than what's used internally. In fact this would just
complicate things. This patch exposes the internal callback under a
bt_mesh_adv_cb name and uses it throughout the mesh stack.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
In case an outgoing message gets only delivered to the proxy interface
we should not forget to notify the send callbacks of this.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Some places of the code are interested in when the first advertising
event goes out. Others, on the other hand, are interested when the
last advertising event goes out. Some are even interested in both of
these. Instead of providing a single callback, provide a struct with
two possible callbacks for sending advertising PDUs.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This simplifies the callback implementations since they no-longer need
to do their own look-ups of the needed context.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We've so far been trying to keep the per-buffer mesh meta-data to
a maximum of 8 bytes in anticipation of upcoming net_buf refactoring
that'll have all net_bufs in the system with the same sized user data.
It's however slowly becoming unfeasible to do this - e.g. simply
adding user data to the sending callback would already fill up the
full 8 bytes.
To solve this issue, treat the net_buf user data as just a pointer to
the actual user data, and keep the actual user data in a separate
array. We still keep taking advantage of net_buf_id() however, so
buffers can cheaply be mapped to their meta-data.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When resetting there is no point trying to start clearing the
Friendship since there will not be any security material left to send
out PDUs.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The common interpretation (among other implementations) seems to be
that Model Publication for a given AppKey Index implies a binding for
that AppKey. This isn't currently explicitly stated in the spec, but
in order to improve interoperability go with this interpretation as
well.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The variable for tracking that a buffer from the Friend Queue hasn't
been sent yet was not being properly set.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This simplifies the API since there is no-longer a need to pass a huge
number of function arguments around.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This simplifies the API since there is no-longer a need to pass a huge
number of function arguments around.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add a command for getting and setting the model publication. We also
have to adjust the app's configuration, since both the Model
Publication Set and Status messages are segmented messages, meaning we
need two TX and RX segment contexts.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The value 0xffff is reserved, so we can use that to indicate whether
there's a vendor model in question or not. Simplifies things over the
previously used separate boolean value.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There were some needed changes missing after the update to have manual
control of PB-ADV & PB-GATT provisioning bearers. E.g. the test for
CONFIG_BT_MESH_LOW_POWER in net.c was no-longer indicative of scanning
being on or not.
Do the scan enabling selection within the LPN module if LPN is
supported, or otherwise enable scanning unconditionally in
bt_mesh_provision().
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 seconds is quite long for configuration messages, and way too much
currently since we only talk through the local networking interface.
Set the default timeout to 2 seconds, and provide APIs through which
the timeout may be changed at run-time (mainly useful for the shell).
Note: The timeout_set() API is normally assumed to be called just once
for an application, based on the expected size of the network (hops &
latency). Trying to change it e.g. in a multi-threaded environment for
every message may not yield the expected results.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Convert the hb-ub-set command to a more generic hb-sub that can be
used both for getting and setting the Heartrate Subscription State.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Convert the hb-pub-set command to a more generic hb-pub that can be
used both for getting and setting the Heartrate Publication State.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Avoid having to go do "init" for the bt module before issuing "init"
for the mesh module. Instead perform Bluetooth init implicitly. The
bt_enable() API will cleanly fail with -EALREADY if it was previously
called.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
If the app does direct provisioning, it may still want to do common
handling through its provisioning complete callback (if it has one
registered). This also means that we always require a non-NULL
provisioning context provided to bt_enable(), and that it needs to
fail if NULL was given.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
It may be useful for the app to know what the initial NetKeyIndex that
it was given during provisioning is.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This is in anticipation of soon adding health client support, which
could then cause confusion due to the ambiguous API names.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Now that there's support for configuration client as well, rename cfg
to cfg_srv to avoid any confusion.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add the ability to track the provisioning bearer through an extra
parameter to link_open/close. Also introduce new public functions to
enable/disable specific provisioning bearers. This also means that one
now needs to explicitly enable provisioning bearers after calling
bt_mesh_init().
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add commands for 1-byte states such as Default TTL, Friend and GATT
Proxy, as well as the 2-byte Relay state.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add support to the Configuration Client Model for getting and setting
1-byte states (which can be nicely generalized in code) as well as the
2-byte Relay state.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch adds read permission for client characteristic configuration
descriptor. This is required by MESH/NODE/MPS/BV-06-C,
MESH/NODE/MPS/BV-07-C PTS tests.
Signed-off-by: Grzegorz Kolodziejczyk <grzegorz.kolodziejczyk@codecoup.pl>
Add a basic shell skeleton for Mesh, containing basic command for
initialization, provisioning and reset.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The restoring of the buffer parsing state was only correct for the
friend queue (which needs the app-layer data). Relaying on the other
hand requires the network layer data, i.e. it needs a different state
to be restored.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We never access the local network interface queue in a blocking
fashing, so it's unnecessary to have all the infrastructure that
k_fifo provides. Use the simpler sys_slist_t instead.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
It may be useful for the app to know when the provisioning link is
active and when it has been closed. This can be used e.g. to signal
the user the state of the device. Some PTS tests also require
verifying the link state.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The code was missing the sending of the Input Complete PDU, and was
also setting the link.auth value too late.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The parameter structs for advertising and scanning contain many
members that may not get explicitly set when enabling these states. Do
a memset to zero on them to make sure we don't operate on
uninitialized memory.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
A value of 20ms means it's possible the LPN will end up doing
simultaneous advertising & scanning, which increases the risk of lost
packets. Use a default of 100ms to keep these separate.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Handling Friend Clear messages and sending the Friend Clear
Confirmation responses wasn't so far properly implemented. One of the
requirements is to keep sending the reponses even though we no-longer
have a friendship. This means that we need to keep the net_idx, frnd
and lpn_counter values valid, which in turn requires the introduction
of a separate "valid" boolean value.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The PTS tests for the Friend node expect a minimum of 16 queued
messages and the ability to have two LPNs. Set these as defaults.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When sending PDUs from Friend to LPN we should adhere to the
configured network transmit count & interval to get better
reliability for the PDUs to be received by the LPN.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When a Friend Node receives a Friend Request with a unicast
PreviousAddress that's not an element on the Friend Node, it needs to
start the Friend Clear procedure. This procedure involves sending
periodic Friend Clear messages to the old Friend of the LPN.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The only messages that should be encrypted using the friendship
credentials are those coming through the Friend Queue on the Friend
node, most request-response pairs between LPN & Friend (exceptions are
Friend Request - Friend Offer, and Friend Clear - Friend Clear
Confirm), as well as Model Publication messages when the Friendship
Credentials Flag has been enabled in the model publication.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When the node is in LPN node, the LPN-Friend messages has its own
retries, so doing this on the advertising level (i.e. following the
network transmit state) is sub-optimal.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This makes it possible (in a subsequent patch) to fine-tune some
special cases, like the LPN poll messages.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Update the advertising callback to include the exact duration that we
will be sending out the packet. This is useful since sometimes we want
to use the end point of the advertising as the reference time to count
when some other action should take place.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Lower the attempts and make sure we track the old Friend address for
subsequent Friend Requests, in case we never receive a Clear
Confirmation.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add some automated policies for starting LPN establishment and make it
possible to perform the establishment in a "low power" way, i.e.
switching to low duty-cycle already when starting to send Friend
Requests.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
According to the Mesh Spec value 0x00 of ReceiveWindow parameter is
prohibited. This is needed to pass MESH/NODE/FRND/LPN/BI-03-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The intention of the code was to access client->conn and not
clients->conn (which would always access the first client struct).
Fixes#4738
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The function return type was declared incorrectly. Also, the magic
checking for i after exiting the loop could cause some false positive
compiler warnings. Instead, return directly from the loop (with the
downside of duplicating a few lines of code).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
It's in practice impossible for the time between two beacons to be
more than 50 hours (the approximate wrap-around time for a 32-bit
millisecond timer), so we can use a 32-bit timestamp instead of a
64-bit one for the beacon tracking.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The LE scanning and advertising implementations were allocating and
holding buffers (the scan & advertising parameters respectively) while
at the same time potentially sending other commands (such as setting
the local private address). If these APIs would end up being called
simultaneously from different contexts, this could lead to a deadlock
in trying to allocate HCI command buffers, especially considering that
the default HCI command buffer count is 2.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Introducing CMake is an important step in a larger effort to make
Zephyr easy to use for application developers working on different
platforms with different development environment needs.
Simplified, this change retains Kconfig as-is, and replaces all
Makefiles with CMakeLists.txt. The DSL-like Make language that KBuild
offers is replaced by a set of CMake extentions. These extentions have
either provided simple one-to-one translations of KBuild features or
introduced new concepts that replace KBuild concepts.
This is a breaking change for existing test infrastructure and build
scripts that are maintained out-of-tree. But for FW itself, no porting
should be necessary.
For users that just want to continue their work with minimal
disruption the following should suffice:
Install CMake 3.8.2+
Port any out-of-tree Makefiles to CMake.
Learn the absolute minimum about the new command line interface:
$ cd samples/hello_world
$ mkdir build && cd build
$ cmake -DBOARD=nrf52_pca10040 ..
$ cd build
$ make
PR: zephyrproject-rtos#4692
docs: http://docs.zephyrproject.org/getting_started/getting_started.html
Signed-off-by: Sebastian Boe <sebastian.boe@nordicsemi.no>
If we are a Friend node with multiple LPNs, we need to iterate through
all available Friendship credentials to find the right keys.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Mesh spec expects us to fall back to master credentials if
friendship ones are not available. Also remove an unnecessary branch
with the help of a new 'idx' variable.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The friend_cred and new_key information is common for all segments of
a segmented transaction, so it makes sense to store them as part of
struct seg_tx instead of each buffer's user data.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The friend_cred hint needs to be set already at the point of
segmenting, i.e. doing it in bt_mesh_net_send() is too late. Move the
setting to bt_mesh_trans_send() and bt_mesh_ctl_send().
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
MESH/NODE/FRND/LPN/BI-02-C requires us to ignore unknown Transport
OpCodes instead of treating them as valid responses to a Friend Poll.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Mesh Specification recommends retrying up to 6 times the Friend
Poll when establishing Friendship as LPN.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We should not have any valid key material in key slot 0 if the KR flag
is set, since then the new key/old key information will be incorrect
when network PDUs get decrypted.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
According to the Mesh Profile Specification: "The acknowledgment timer
shall be set to a minimum of 150 + 50 * TTL milliseconds".
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Mesh Profile Specification states that replay protection must be
done for all control and access messages. Furthermore, the replay
protection list must be updated with the sequence from the last
segment of a segmented message (the code was only updating based on
SeqZero).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Now that Friend support is complete we can create a full
implementation of the LPN PollTimeout Get message.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Even with the privacy feature disabled, the stack has so far defaulted
to using an NRPA for active scanning, in order to protect privacy.
This is mainly because it is not always clear that scanning for other
devices may risk revealing the local identity.
There may however be use cases where such revealing is actively
desired, so introduce a new option for this (which defaults to
disabled).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add support for loading IRKs into the controller as well as the LE
Enhanced Connection Complete HCI event. To simplify things, the old LE
Connection Complete handler translates its event into the new enhanced
one which is then the single place of processing new connection
events.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
MESH/NODE/CFG/HBS/BV-02-C expects it to be possible to do a Set with
the existing src & dst addresses but with a zero period in order to
"cancel" the current subscription. In such a case the addresses should
remain set but the period be set to zero, similar to what would happen
if the period would expire.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The heartbeat subscription Count, MinHops & MaxHops should only be
reset when enabling heartbeat subscription. Any other actions should
keep it unchanged.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The heartbeat should only be sent in case the relay state actually
changes. This fixes MESH/NODE/CFG/HBP/BV-03-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
"4.1.2 Log field transformation
In order to compress two-octet values into one-octet fields, the
following logarithmic transformation is used: any two-octet value is
mapped onto a one-octet field value representing the largest integer
n, where 2^(n-1) is less than or equal to the two-octet value."
Log field transformation table:
Log Field Value 2-octet Value
0x01 0x0001
0x02 0x0002 through 0x0003
0x03 0x0004 through 0x0007
0x04 0x0008 through 0x000F
0x05 0x0010 through 0x001F
0x06 0x0020 through 0x003F
0x07 0x0040 through 0x007F
0x08 0x0080 through 0x00FF
0x09 0x0100 through 0x01FF
0x0A 0x0200 through 0x03FF
0x0B 0x0400 through 0x07FF
0x0C 0x0800 through 0x0FFF
0x0D 0x1000 through 0x1FFF
0x0E 0x2000 through 0x3FFF
0x0F 0x4000 through 0x7FFF
0x10 0x8000 through 0xFFFF
"4.2.17.2 Heartbeat Publication Count Log
The Heartbeat Publication Count Log value between 0x01 and 0x11 shall
represent that smallest integer n where 2^(n-1) is greater than or
equal to the Heartbeat Publication Count value. For example, if the
Heartbeat Publication Count value is 0x0579, then the Heartbeat
Publication Count Log value would be 0x0C."
According to this definition 2^(n-1) is an upper bound for n log
value.
Proposed Publication Count Log transformation table:
Pub Count Log Value 2-octet Value
0x01 0x0001
0x02 0x0002
0x03 0x0003 through 0x0004
0x04 0x0005 through 0x0008
0x05 0x0009 through 0x0010
0x06 0x0011 through 0x0020
0x07 0x0021 through 0x0040
0x08 0x0041 through 0x0080
0x09 0x0081 through 0x0100
0x0A 0x0101 through 0x0200
0x0B 0x0201 through 0x0400
0x0C 0x0401 through 0x0800
0x0D 0x0801 through 0x1000
0x0E 0x1001 through 0x2000
0x0F 0x2001 through 0x4000
0x10 0x4001 through 0x8000
0x11 0x8001 through 0x10000
According to Log field transformation table 0x0579 would be
transformed to 0x0B and should be to transformed to 0x0C.
This is required to pass MESH/NODE/CFG/HBP/BV-01-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Section 4.2.18.2 in the Mesh Profile Specification states:
"The Heartbeat Subscription Destination shall be the unassigned address,
the primary unicast address of the node, or a group address, all other
values are Prohibited."
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch fixes issue when receiving iv index greater than current
index + 42 in update mode. According to Specification when node is in
update state it should only accept iv index equal to the current iv
index. When node is in normal mode it should ignore index that is
greater than current index + 42.
This allows to pass MESH/NODE/IVU/BI-02-C.
Also this patch cleans up the iv update procedure, to make it easier
to read.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The lower transport layer is responsible e.g. for the Friend Queue, so
we need to have the buffer in its original parsing state there.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fail on Mesh initialization if provisioning is enabled and keys were
not generated. This make it simpler to debug misconfigured devices.
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
On targets where non-Zephyr controllers are likely, such as qemu, it
may be harmful to try to issue any of the vendor HCI commands, since
non-Zephyr controllers may interpret them in completely different
ways.
Introduce a Kconfig option that, when enabled, uses some simple
heuristics (HCI version & lack of public address) to try to guess in
advance whether the Zephyr HCI vendor extensions are supported or not.
The new option is available for any host-only configuration and is
enabled by default for the qemu targets.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The implementation of the Network Message Cache has so far been
suboptimal, since it has treated the same packet with different TTL
values as different packets. Since one of the purposes of this cache
is to prevent unnecessary relaying, it's important that we don't let
the TTL value influence the "hash" that's used for matching messages.
This patch changes the hash to consist of most of the IV Index (three
least significant bytes of it), the sequence number and the source
address, which should give fairly optimal matching behavior.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There was a missing net_buf_unref() for the response to reading the
controller static addresses.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add skeleton for HCI vendor extenstions and convert the nRF5x-specific
static address setting to use the HCI VS commands instead.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The feature bits for Proxy and Friend were missing in the composition
data and heart beat messages.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Both count and period must be non-zero for message publication
Stop publication when count becomes zero
Add count to debug message in hb_publish
Signed-off-by: Steve Brown <sbrown@cortland.com>
There have been situations where the remote stacks cannot responds
within a second, so increases it to 2 seconds. The timeout has to be
relatively short as the channel cannot be reused while disconnecting.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
MPS shall never be bigger than MTU + 2 as the remaining bytes cannot
be used since the SDU is limited to length + MTU.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Mesh Profile Specification v1.0, 4.4.1.2.8:
"When an element receives a Config Model Subscription Add message
or a Config Model Subscription Virtual Address Add message that
is not successfully processed (i.e., it results in an error condition
listed in Table 4.113), it shall respond with the Config Model
Subscription Status message, setting its fields to the values
of the corresponding fields (i.e., the identically named fields)
of the incoming message and setting the Status field to a status code
(defined in Table 4.113), and setting all other fields to 0."
The same applies to other Model Subscription messages.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
It's possible that tx_notify still contains items when a Disconnect
Complete happens. Since the normal path for processing tx_notify is
not taken when the connection is not in CONNECTED state, we must make
sure to process the list latest in conn_cleanup() that's called as one
last thing before the connection object is freed up.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
A connection might have gotten disconnected by the time that an ACL
buffer is free up, in which case there is no need to send a HCI
command for it.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Proxy configuration messages are allowed (in fact required) to use
unassigned addresses, so they should be exempt from this check.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The test failure may be e.g. because of an unknown company id, and in
that case the spec expects us to ignore the message.
With this patch it should be possible to pass MESH/SR/HM/RFS/BI-01-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
A previous patch which moved dispatching the health publish callback
to a later moment introduced a regression where the period divider
does not get updated when it should. In fact, having the divider as
part of the Health Server context is redundant, since the same
information is already stored generically in the model publication
context. Switching to using the model publication context makes things
simpler and ensures that the value is always up-to-date.
With this patch it is possible to pass MESH/SR/HM/CFS/BV-02-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We should ignore invalid addresses (helps pass
MESH/NODE/CFG/LPNPT/BI-01-C). Also fix a copy-paste issue in an error
log.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The values all need to be zeroed when heartbeat subscription is
disabled. This makes it possible to pass MESH/NODE/CFG/HBS/BV-01-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>