Add support to the Configuration Client Model for getting and setting
1-byte states (which can be nicely generalized in code) as well as the
2-byte Relay state.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch adds read permission for client characteristic configuration
descriptor. This is required by MESH/NODE/MPS/BV-06-C,
MESH/NODE/MPS/BV-07-C PTS tests.
Signed-off-by: Grzegorz Kolodziejczyk <grzegorz.kolodziejczyk@codecoup.pl>
Add a basic shell skeleton for Mesh, containing basic command for
initialization, provisioning and reset.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The restoring of the buffer parsing state was only correct for the
friend queue (which needs the app-layer data). Relaying on the other
hand requires the network layer data, i.e. it needs a different state
to be restored.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We never access the local network interface queue in a blocking
fashing, so it's unnecessary to have all the infrastructure that
k_fifo provides. Use the simpler sys_slist_t instead.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
It may be useful for the app to know when the provisioning link is
active and when it has been closed. This can be used e.g. to signal
the user the state of the device. Some PTS tests also require
verifying the link state.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The code was missing the sending of the Input Complete PDU, and was
also setting the link.auth value too late.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The parameter structs for advertising and scanning contain many
members that may not get explicitly set when enabling these states. Do
a memset to zero on them to make sure we don't operate on
uninitialized memory.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
A value of 20ms means it's possible the LPN will end up doing
simultaneous advertising & scanning, which increases the risk of lost
packets. Use a default of 100ms to keep these separate.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Handling Friend Clear messages and sending the Friend Clear
Confirmation responses wasn't so far properly implemented. One of the
requirements is to keep sending the reponses even though we no-longer
have a friendship. This means that we need to keep the net_idx, frnd
and lpn_counter values valid, which in turn requires the introduction
of a separate "valid" boolean value.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The PTS tests for the Friend node expect a minimum of 16 queued
messages and the ability to have two LPNs. Set these as defaults.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When sending PDUs from Friend to LPN we should adhere to the
configured network transmit count & interval to get better
reliability for the PDUs to be received by the LPN.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When a Friend Node receives a Friend Request with a unicast
PreviousAddress that's not an element on the Friend Node, it needs to
start the Friend Clear procedure. This procedure involves sending
periodic Friend Clear messages to the old Friend of the LPN.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The only messages that should be encrypted using the friendship
credentials are those coming through the Friend Queue on the Friend
node, most request-response pairs between LPN & Friend (exceptions are
Friend Request - Friend Offer, and Friend Clear - Friend Clear
Confirm), as well as Model Publication messages when the Friendship
Credentials Flag has been enabled in the model publication.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When the node is in LPN node, the LPN-Friend messages has its own
retries, so doing this on the advertising level (i.e. following the
network transmit state) is sub-optimal.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This makes it possible (in a subsequent patch) to fine-tune some
special cases, like the LPN poll messages.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Update the advertising callback to include the exact duration that we
will be sending out the packet. This is useful since sometimes we want
to use the end point of the advertising as the reference time to count
when some other action should take place.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Lower the attempts and make sure we track the old Friend address for
subsequent Friend Requests, in case we never receive a Clear
Confirmation.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add some automated policies for starting LPN establishment and make it
possible to perform the establishment in a "low power" way, i.e.
switching to low duty-cycle already when starting to send Friend
Requests.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
According to the Mesh Spec value 0x00 of ReceiveWindow parameter is
prohibited. This is needed to pass MESH/NODE/FRND/LPN/BI-03-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The intention of the code was to access client->conn and not
clients->conn (which would always access the first client struct).
Fixes#4738
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The function return type was declared incorrectly. Also, the magic
checking for i after exiting the loop could cause some false positive
compiler warnings. Instead, return directly from the loop (with the
downside of duplicating a few lines of code).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
It's in practice impossible for the time between two beacons to be
more than 50 hours (the approximate wrap-around time for a 32-bit
millisecond timer), so we can use a 32-bit timestamp instead of a
64-bit one for the beacon tracking.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The LE scanning and advertising implementations were allocating and
holding buffers (the scan & advertising parameters respectively) while
at the same time potentially sending other commands (such as setting
the local private address). If these APIs would end up being called
simultaneously from different contexts, this could lead to a deadlock
in trying to allocate HCI command buffers, especially considering that
the default HCI command buffer count is 2.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Introducing CMake is an important step in a larger effort to make
Zephyr easy to use for application developers working on different
platforms with different development environment needs.
Simplified, this change retains Kconfig as-is, and replaces all
Makefiles with CMakeLists.txt. The DSL-like Make language that KBuild
offers is replaced by a set of CMake extentions. These extentions have
either provided simple one-to-one translations of KBuild features or
introduced new concepts that replace KBuild concepts.
This is a breaking change for existing test infrastructure and build
scripts that are maintained out-of-tree. But for FW itself, no porting
should be necessary.
For users that just want to continue their work with minimal
disruption the following should suffice:
Install CMake 3.8.2+
Port any out-of-tree Makefiles to CMake.
Learn the absolute minimum about the new command line interface:
$ cd samples/hello_world
$ mkdir build && cd build
$ cmake -DBOARD=nrf52_pca10040 ..
$ cd build
$ make
PR: zephyrproject-rtos#4692
docs: http://docs.zephyrproject.org/getting_started/getting_started.html
Signed-off-by: Sebastian Boe <sebastian.boe@nordicsemi.no>
If we are a Friend node with multiple LPNs, we need to iterate through
all available Friendship credentials to find the right keys.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Mesh spec expects us to fall back to master credentials if
friendship ones are not available. Also remove an unnecessary branch
with the help of a new 'idx' variable.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The friend_cred and new_key information is common for all segments of
a segmented transaction, so it makes sense to store them as part of
struct seg_tx instead of each buffer's user data.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The friend_cred hint needs to be set already at the point of
segmenting, i.e. doing it in bt_mesh_net_send() is too late. Move the
setting to bt_mesh_trans_send() and bt_mesh_ctl_send().
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
MESH/NODE/FRND/LPN/BI-02-C requires us to ignore unknown Transport
OpCodes instead of treating them as valid responses to a Friend Poll.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Mesh Specification recommends retrying up to 6 times the Friend
Poll when establishing Friendship as LPN.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We should not have any valid key material in key slot 0 if the KR flag
is set, since then the new key/old key information will be incorrect
when network PDUs get decrypted.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
According to the Mesh Profile Specification: "The acknowledgment timer
shall be set to a minimum of 150 + 50 * TTL milliseconds".
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Mesh Profile Specification states that replay protection must be
done for all control and access messages. Furthermore, the replay
protection list must be updated with the sequence from the last
segment of a segmented message (the code was only updating based on
SeqZero).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Now that Friend support is complete we can create a full
implementation of the LPN PollTimeout Get message.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Even with the privacy feature disabled, the stack has so far defaulted
to using an NRPA for active scanning, in order to protect privacy.
This is mainly because it is not always clear that scanning for other
devices may risk revealing the local identity.
There may however be use cases where such revealing is actively
desired, so introduce a new option for this (which defaults to
disabled).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add support for loading IRKs into the controller as well as the LE
Enhanced Connection Complete HCI event. To simplify things, the old LE
Connection Complete handler translates its event into the new enhanced
one which is then the single place of processing new connection
events.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
MESH/NODE/CFG/HBS/BV-02-C expects it to be possible to do a Set with
the existing src & dst addresses but with a zero period in order to
"cancel" the current subscription. In such a case the addresses should
remain set but the period be set to zero, similar to what would happen
if the period would expire.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The heartbeat subscription Count, MinHops & MaxHops should only be
reset when enabling heartbeat subscription. Any other actions should
keep it unchanged.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The heartbeat should only be sent in case the relay state actually
changes. This fixes MESH/NODE/CFG/HBP/BV-03-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
"4.1.2 Log field transformation
In order to compress two-octet values into one-octet fields, the
following logarithmic transformation is used: any two-octet value is
mapped onto a one-octet field value representing the largest integer
n, where 2^(n-1) is less than or equal to the two-octet value."
Log field transformation table:
Log Field Value 2-octet Value
0x01 0x0001
0x02 0x0002 through 0x0003
0x03 0x0004 through 0x0007
0x04 0x0008 through 0x000F
0x05 0x0010 through 0x001F
0x06 0x0020 through 0x003F
0x07 0x0040 through 0x007F
0x08 0x0080 through 0x00FF
0x09 0x0100 through 0x01FF
0x0A 0x0200 through 0x03FF
0x0B 0x0400 through 0x07FF
0x0C 0x0800 through 0x0FFF
0x0D 0x1000 through 0x1FFF
0x0E 0x2000 through 0x3FFF
0x0F 0x4000 through 0x7FFF
0x10 0x8000 through 0xFFFF
"4.2.17.2 Heartbeat Publication Count Log
The Heartbeat Publication Count Log value between 0x01 and 0x11 shall
represent that smallest integer n where 2^(n-1) is greater than or
equal to the Heartbeat Publication Count value. For example, if the
Heartbeat Publication Count value is 0x0579, then the Heartbeat
Publication Count Log value would be 0x0C."
According to this definition 2^(n-1) is an upper bound for n log
value.
Proposed Publication Count Log transformation table:
Pub Count Log Value 2-octet Value
0x01 0x0001
0x02 0x0002
0x03 0x0003 through 0x0004
0x04 0x0005 through 0x0008
0x05 0x0009 through 0x0010
0x06 0x0011 through 0x0020
0x07 0x0021 through 0x0040
0x08 0x0041 through 0x0080
0x09 0x0081 through 0x0100
0x0A 0x0101 through 0x0200
0x0B 0x0201 through 0x0400
0x0C 0x0401 through 0x0800
0x0D 0x0801 through 0x1000
0x0E 0x1001 through 0x2000
0x0F 0x2001 through 0x4000
0x10 0x4001 through 0x8000
0x11 0x8001 through 0x10000
According to Log field transformation table 0x0579 would be
transformed to 0x0B and should be to transformed to 0x0C.
This is required to pass MESH/NODE/CFG/HBP/BV-01-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Section 4.2.18.2 in the Mesh Profile Specification states:
"The Heartbeat Subscription Destination shall be the unassigned address,
the primary unicast address of the node, or a group address, all other
values are Prohibited."
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch fixes issue when receiving iv index greater than current
index + 42 in update mode. According to Specification when node is in
update state it should only accept iv index equal to the current iv
index. When node is in normal mode it should ignore index that is
greater than current index + 42.
This allows to pass MESH/NODE/IVU/BI-02-C.
Also this patch cleans up the iv update procedure, to make it easier
to read.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The lower transport layer is responsible e.g. for the Friend Queue, so
we need to have the buffer in its original parsing state there.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fail on Mesh initialization if provisioning is enabled and keys were
not generated. This make it simpler to debug misconfigured devices.
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
On targets where non-Zephyr controllers are likely, such as qemu, it
may be harmful to try to issue any of the vendor HCI commands, since
non-Zephyr controllers may interpret them in completely different
ways.
Introduce a Kconfig option that, when enabled, uses some simple
heuristics (HCI version & lack of public address) to try to guess in
advance whether the Zephyr HCI vendor extensions are supported or not.
The new option is available for any host-only configuration and is
enabled by default for the qemu targets.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fixes the following conformance test regression failure
introduced in commit 7dd5fbee26 ("Bluetooth: controller:
Fix MIC error due to parallel Enc Proc")
TP/CON/MAS/BV-28-C [Initiating Connection Parameter Request
different procedure collision encryption]
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix to disallow initiating LE Start Encryption while another
procedure is in progress. Similarly, disallow initiating
another procedure while Encryption procedure is in progress.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix the controller Kconfig to enable use of fast radio ramp
up by default, hence enabling support for Asym PHY updates
by default on nRF52 Series SoCs.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Replace all controller asserts in control procedure responses
that checked for buffer availability with an implementation
that nacks request PDUs if there are no buffer to prepare
response PDUs.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The implementation of the Network Message Cache has so far been
suboptimal, since it has treated the same packet with different TTL
values as different packets. Since one of the purposes of this cache
is to prevent unnecessary relaying, it's important that we don't let
the TTL value influence the "hash" that's used for matching messages.
This patch changes the hash to consist of most of the IV Index (three
least significant bytes of it), the sequence number and the source
address, which should give fairly optimal matching behavior.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The main purpose of recv_thread is to process incoming events from the
radio and also any buffered items waiting to be dispatched to the Host
and that are pending because of lack of Host buffers.
When an iteration of the recv_thread obtains a element from the radio it
needs to process it immediately, either sending it straight away to the
Host or appending it to the queue. This was not the case before this
patch, where the concurrency of a buffered packet with one coming from
the radio would cause the latter to be "dropped", causing missing
packets.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
There was a missing net_buf_unref() for the response to reading the
controller static addresses.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add skeleton for HCI vendor extenstions and convert the nRF5x-specific
static address setting to use the HCI VS commands instead.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When a connection is disconnected with outstanding unacked packets, the
Host has no way to signal or acknowledge their processing to the
Controller, since it is illegal to send a Host Number of Completed
Packets command when the connection is not up. Instead, consider the
outstanding packets as acked in order not to affect the correct flow
control.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The feature bits for Proxy and Friend were missing in the composition
data and heart beat messages.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Both count and period must be non-zero for message publication
Stop publication when count becomes zero
Add count to debug message in hb_publish
Signed-off-by: Steve Brown <sbrown@cortland.com>
There have been situations where the remote stacks cannot responds
within a second, so increases it to 2 seconds. The timeout has to be
relatively short as the channel cannot be reused while disconnecting.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
MPS shall never be bigger than MTU + 2 as the remaining bytes cannot
be used since the SDU is limited to length + MTU.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Add implementation to support Coded PHY update procedure
with packet transmit time restrictions.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Use S8 coding Rx chain delay timings to calculate the PA
pin assertions when in Coded PHY.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Always use S8 Rx Chain Delay instead of the actual Rx-ed
packet coding. I believe, as the packet always start with
S8, hence S8 timings when used the tIFS is near correct
value.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
When calculating and setting up the header compelte timeout
use S8 coding Rx chain delay.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
In the commit dd52b8ea02 ("Bluetooth: controller: Fix
first connection interval timing"), instead of using just a
tick unit as workaround, microseconds corresponding to a
tick unit was used while calculating the window offset to be
used at the connection update instant. This introduced an
error in scheduling the first event with new connection
parameters, causing supervision timeout of connection update
procedure.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Mesh Profile Specification v1.0, 4.4.1.2.8:
"When an element receives a Config Model Subscription Add message
or a Config Model Subscription Virtual Address Add message that
is not successfully processed (i.e., it results in an error condition
listed in Table 4.113), it shall respond with the Config Model
Subscription Status message, setting its fields to the values
of the corresponding fields (i.e., the identically named fields)
of the incoming message and setting the Status field to a status code
(defined in Table 4.113), and setting all other fields to 0."
The same applies to other Model Subscription messages.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
It's possible that tx_notify still contains items when a Disconnect
Complete happens. Since the normal path for processing tx_notify is
not taken when the connection is not in CONNECTED state, we must make
sure to process the list latest in conn_cleanup() that's called as one
last thing before the connection object is freed up.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fixed a missing reset of FC feature on HCI reset. This
feature provided a simple connection handle based event
exclusions, but this is no longer needed with the
support for controller to host flow control. This feature
should be removed in the future.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
A connection might have gotten disconnected by the time that an ACL
buffer is free up, in which case there is no need to send a HCI
command for it.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When a peer master performed a PHY update procedure with no
change, the state machine was not released. This blocked
any future local initiation of the procedure and also
leading to termination of connection with reason LMP
response timeout.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fixed the usage of NRF_AAR peripheral for controller privacy
to clear events on configure and on every radio ISR entry.
Without this fix, there was spurious AAR matches leading to
controller asserts.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
PHY Update procedure timeout was started without transition
to the state that waits for the procedure to complete. This
prevented the timeout from being reset on successful
completion of the procedure and eventually leading to a
connection termination with reason LMP Response Timeout.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix Connection Parameter Request Procedure's Connection
Update Procedure initiation to calculate the offset rather
than selecting offsets from an out-of-bound memory area.
The symptoms of the bug was noticed as a supervision timeout
due to use of incorrect offset communicated to peer and a
wrong offset used in scheduling the connection events.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
When the peer slave rejects a Connection Parameter Request
Procedure, the controller proceeds to perform a Connection
Update Procedure without clearing the procedure timer that
causes the connection to terminate eventually. This is
fixed by clearing the procedure timeout when the Connection
Update Procedure completes.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
If a peer master role has support for Connection Parameter
Request Procedure set in its supported features but would
send an Extended Reject Ind as response to the procedure
then the controller incorrectly initiated a Connection
Update Procedure which is not permitted in a slave role.
This would lead to connection timeout after the used instant
in the invalid Connection Update Procedure.
This is fixed by initiating a Connection Update Procedure
only if in a master role.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Since the Zephyr HCI VS extensions apply to both the Host (using them
for additional functionality) and the Controller (implement the commands
and events), it make sense to make this a common setting in order for it
to be configurable in a way that applies to both.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The PA/LNA feature is not functional on nRF51x series due to added
interrupt latency. Disable this feature unconditionally for those ICs to
avoid unexpected behavior.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Issuing HCI reset command while having connections sometimes
hung the controller.
ll_reset supplied invalid stop ticker id to role_disable
when trying to stop all connections. Connection role does
not utilize stop ticker. The invalid ticker id supplied
referenced memory outside the pool of tickers and based on
what the content is in RAM there, the controller would hang
trying to stop connections.
Fixed by not calling the ticker_stop interface with invalid
ticker ids.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Proxy configuration messages are allowed (in fact required) to use
unassigned addresses, so they should be exempt from this check.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The test failure may be e.g. because of an unknown company id, and in
that case the spec expects us to ignore the message.
With this patch it should be possible to pass MESH/SR/HM/RFS/BI-01-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
A previous patch which moved dispatching the health publish callback
to a later moment introduced a regression where the period divider
does not get updated when it should. In fact, having the divider as
part of the Health Server context is redundant, since the same
information is already stored generically in the model publication
context. Switching to using the model publication context makes things
simpler and ensures that the value is always up-to-date.
With this patch it is possible to pass MESH/SR/HM/CFS/BV-02-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We should ignore invalid addresses (helps pass
MESH/NODE/CFG/LPNPT/BI-01-C). Also fix a copy-paste issue in an error
log.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The values all need to be zeroed when heartbeat subscription is
disabled. This makes it possible to pass MESH/NODE/CFG/HBS/BV-01-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Implement the Read Build Information VS command. This returns a UTF-8
encoded string, which is extendable by the user via a new Kconfig
option.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Implement the Zephyr VS command that allows a Host to write a public
Bluetooth Address to the Controller in order to allow Hosts to provide
their own public Bluetooth addresses.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
From section 3.4.5.3 in the Mesh Profile Specification 1.0:
"A node shall implement a Local Network Interface."
Removing the Kconfig option also helps clean up quite a lot of code.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The bt_mesh_net_relay() function needs to allow TTL <= 1 for the local
network interface since that's the code path that locally originated
outgoing packets take.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Mesh Profile Specification v1.0, 5.3.3:
"On the PB-ADV bearer, when the receiver has received all segments of
a transaction, the receiver shall calculate the FCS for the received
Provisioning PDU, and if it matches the FCS field in the Transaction
Start PDU, it shall send a Transaction Acknowledgment PDU after
a random delay between 20 and 50 milliseconds."
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Mesh specification recommends defaulting to the company ID in the
composition data when no other ID is relevant (e.g. in error cases or
if the app has not provided a callback).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Encrypting and sending a message takes a considerable amount of time
which makes the publication period longer than expected.
With this patch it is possible to pass MESH/SR/HM/CFS/BV-02-C test.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The branch for handling the case when the app has not provided a
callback for health faults was encoding the payload in a wrong way.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
To avoid signedness issues with some compilers, like icx, use 'char *'
instead of 'unsigned char *' for the at_client buffer.
Fixes#3600
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The code was passing the wrong first parameter to the sdu_len_is_ok()
function.
Fixes#3985Fixes#3984
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
It makes no sense to respond with Pairing Failed PDU to another
Pairing Failed PDU.
Jira: ZEP-2620
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Move the use of tIFS software switching PPI index set up by
one position to make place for use of PA/LNA implementation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Earlier design captured AA twice in the first Rx in a slave
connection event and retained one of the capture until end
of event to calculate drift.
Design updated to use single capture of AA and save the
first AA capture in a slave connection event in RAM instead.
This frees up a PPI channel in the controller design.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Document internal the purposes of various Tx/Rx PDU end
capture setup.
Also, removed any redundant capture of packet end.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Minor refactor of radio_tmr_start to reduced duplicate
assignments common in if-then-else control path.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Updated debug pin mapping so that the outputs are on P3 pin
head on all nRF5x Development Kits.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fixed the configuration of NRF_CCM for 2M PHY connections.
Now faster 2M data rate mode will be used when a connection
is in 2M PHY.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Use correct NRF_AAR enable macro defines from Nordic MDK.
Old code funtionally worked fine even though not setting
the correct enable value.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fixed a bug in the implementation of Connection Parameter
Request Procedure when initiated in master role caused the
connection to terminate with reason LL response timeout.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The status in the Command Complete event was uninitialized, leading to
incorrect contents of the event parsed by the Host. Correctly initialize
the status to success.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
During testing it was discovered that directed advertising
timeout is missing implementation to handle the timeout
happening while next event is already in preparation.
The consequence was that after the event ticker expired,
the counter is shutdown, stalling the setup PPI from
starting the erroneous advertising, leaving the controller
in an invalid hung state.
This has been fixed by correctly handling the cases, stop
between prepare and event, and stop inside radio advertising
event. The fix takes care of putting the radio active
callback and HF clock in the correct states.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Whenever the HCI ACL flow control is violated by the Host, a Data Buffer
Overflow event is now issued by the Controller (if enabled) to notify
the Host of the buffer overrun.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Added missing asserts to catch high CPU use in radio ISR and
latencies, without which if radio packet pointer is not set
correctly, would cause spurious transmissions and invalid
behavior.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Optimised the get() function in nRF5 hal rand implementation
to reduce number of probable branching operations.
This is needed to reduce nRF51 platform's CPU use in radio
ISR when using the fast encryption setup implementation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Move the code to acquire the RSSI sample after critical
control path that processes PDUs.
This is needed to reduce the time taken to assign the next
packet ptr inside radio ISR.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
To meet CPU time usage restricts inside radio ISR on nRF51
SoCs, use ccflags -Ofast when using fast encryption setup
implementation in the controller.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Default to n the support for Data Length Update and
PHY update procedures on nRF51 SoCs.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fixed an assert when peer responded with unknown rsp to
slave feature request when an existing another control
procedure was in progress.
This assert happened with a BT v4.0 peer implementation that
was performing a channel map update and local controller
initiated a slave feature request, receiving an unknown
response.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Without this fix there is an issue when doing PB-ADV provisioning
with PTS. We keep retransmitting Public Key which is ACKed by PTS and
this leads to transaction timeout as PTS does not send confirm probably
because it keep receiving PK from us.
This patch also makes sure that transaction id is between 0x80 - 0xFF
Signed-off-by: Łukasz Rymanowski <lukasz.rymanowski@codecoup.pl>
Needed for following PTS test cases:
MESH/NODE/PROV/UPD/BV-10-C
MESH/NODE/PROV/BI-02-C
Signed-off-by: Łukasz Rymanowski <lukasz.rymanowski@codecoup.pl>
Fix the control and data packet management implementation
discovered during conformance testing.
This fixes:
TP/SEC/MAS/BV-12 [Master Start Encryption: Overlapping
Procedure]
TP/SEC/MAS/BV-13 [Master Start Encryption: Overlapping
Procedure with LL_SLAVE_FEATURES_REQ]
conformance tests in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Privacy on nRF51 is not passing the conformance and qualification tests
due to the time it takes to execute the privacy code while in ISR. Until
we come up with a way of optimizing and/or deferring the work, do not
allow privacy on nRF51 targets.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Use the macros generated during the build and located in version.h to
fill in the version information in the Read Version Information VS
command. Additionally reply with the correct hardware identifiers when
running on Nordic hardware.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Seems due to incorrect rebase in commit 07270e52ba
("Bluetooth: controller: Coding style and refactoring"),
commit 95d55a2bfc ("Bluetooth: controller: Do not skip
one-shot tickers with slot"), and
commit 4ba2bb0d1c ("Bluetooth: controller: Be fair when
pre-empting a ticker"), a pointless expression was
introduced, fixed it.
Coverity-CID: 171563
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The code was setting the wrong bit of the Static OOB Type when a
static value has been provided.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fixes an assert during connection establishment when the
initiator overflows the initiator window in time while
sending the CONNECT_IND PDU. The actual window is one low
frequency tick less, hence corrected the check that permits
the transmission of CONNECT_IND PDU inside the initiator
window.
Symptom was, stopping of the scanner's ticker succeeds on
connection establishment, but next interval prepare was
already run when continuous scanning was used, breaking the
design, hence there was an assert.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Implement the Zephyr Read Key Hierarchy Roots command, returning the IR
and ER present in nRF5x ICs when compiling for those.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Implement the first Vendor-Specific Command of the Zephyr specification
other than the 3 mandatory ones already present in the codebase, along
with a Kconfig option to enable and disable the presence of the VS
commands.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
This is necessary in order for k_queue_get to work properly since that
is used with buffer pools which might be used by multiple threads asking
for buffers.
Jira: ZEP-2553
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Refactor the Connection Parameter Request Procedure to be
separate from and not overlap the variables of the
Connection Update Procedure.
Also, added missing implementations to pass all Connection
Parameter Request Procedure related Conformance Tests.
Jira: ZEP-1918
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Implement the LE Read Channel Map HCI command, along with making the
reading of the multi-byte channel map value from the connection pointer
thread-safe in case the ISR triggers while we are reading the value.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Although the current BLE controller only supports a single TX power (0
dBm), the qualification tests require the 2 Read TX Power to be
present and supported in the controller, so implement them while
returning always 0 dBm.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
When the CONFIG_BT_CTLR_CONN_RSSI option is set, the connection RSSI is
available in the controller, and can be reported to the Host via the
Read RSSI command. Implement the command, which is required for
qualification.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
There are 2 possible interpretations regarding the address to return in
response to the Read Peer RPA HCI Command:
1) The RPA that the local controller generates to be used in certain
packets it sends
2) The RPA generated and used by the peer device in its packets
We used to return 1) but our interpretation turned out to be incorrect
when reading the HCI test specification, so this commit switches to
returning 2).
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
In the ll_rl_pdu_adv_update() function, the check to verify if we are
dealing with an item from the resolving list or else with a simple
standard non-privacy enabled device was left over from the previous
iteration, which used negative values. Replace that check with the
proper current one, using the size of the rl array as an indicator of
whether the index is valid.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Due to varying remainder value, first interval will need to
consider the remainder value used in microsecond timing from
the start of the initiator window.
Also the tx chain delay and ready delay must be substract
after the window offset is calculated.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The Read Remote Version Information command is supported on the BLE
controller, enable the bit in Read Local Supported Commands to reflect
this.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Fix controller assert due to a bug introduced in commit
07270e52ba ("Bluetooth: controller: Coding style and
refactoring").
This reverts implementation to original way it was and the
calculation of the ticker expiry will now not overflow the
range of the RTC peripheral, which is a 24 bit counter.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix checks for BT_HCI_RAW and move default range after the other range
options, required by Kconfig to avoid overwriting other options.
Signed-off-by: Ricardo Salveti <ricardo.salveti@linaro.org>
The RSSI value is an 8-bit signed integer. Since the Link Layer works
only with positive unsigned integers, translate into a negative number
at the HCI layer.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Older value of 256 was introduced in 1.7 times. Testing on
BOARD=96b_carbon with 2 weeks old codebase however showed that TX
thread stack however can grow to 324 bytes. Finally, with the
latest master, following stacks are reported on BLE disconnect
(with CONFIG_INIT_STACKS enabled):
rx stack (real size 1024): unused 452 usage 572 / 1024 (55 %)
tx stack (real size 384): unused 16 usage 368 / 384 (95 %)
Two outcomes:
1. TX stack needs increase.
2. Over time, the stack usage grows, plus variations in SPI
drivers should also be taken into account.
So, increase the stack size to 416 bytes, to leave some headroom
beyond the immediate values seen on 96b_carbon.
Jira: ZEP-2510
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Add a sample application that allows a Zephyr-based Bluetooth
controller to interface with an HCI driver via SPI. This sample
implements the same BT SPI protocol already as Zephyr's HCI SPI
driver.
Currently, the sample only supports the legacy SPI API.
Provide a single configuration file, avoiding board-specific
files. Some board-specific configuration information must be provided
via other means:
- CONFIG_BT_CONTROLLER_TO_HOST_SPI_DEV_NAME
- CONFIG_BT_CONTROLLER_TO_HOST_SPI_IRQ_DEV_NAME
- CONFIG_BT_CONTROLLER_TO_HOST_SPI_IRQ_PIN
Signed-off-by: Ricardo Salveti <ricardo.salveti@linaro.org>
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
Signed-off-by: Michael Scott <michael.scott@linaro.org>
Since Extended Scanner Filter Policies is an independent feature from
Controller-based Privacy, split it out so it can be built independently
and included without it.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Unless offset was specified, it should default to 0, whereas
previously, value from the last command was used.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Whenever privacy is enabled, we support the Extended Scan Filter
Policies functionality, and therefore we must show it in the bitfield of
LE supported features for the controller.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Rename the BT_CONTROLLER prefix used in all of the Kconfig variables
related to the Bluetooth controller to BT_CTLR.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Avoiding segmentation in the GATT-based Mesh Proxy protocol requires
having an RX buffer length of at least 77. We could round it up to 80
since there's otherwise wasted space, however there's also
BT_HCI_RESERVE to consider, so to avoid pushing over the 4-byte
boundary for certain HCI drivers just leave the size at 77.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Implement the 4.2 event LE Directed Advertising Report, used for
scanners in a privacy-enabled controller to report directed advertising
events whose TargetA cannot be resolved by the local controller.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Add implementation to support PHY update procedure with
packet transmit time restrictions.
This fixes:
TP/CON/SLA/BV-49-C [Initiating PHY Update Procedure Packet
Time Restrictions]
TP/CON/SLA/BV-50-C [Responding to PHY Update Procedure
Packet Time Restrictions]
TP/CON/SLA/BV-52-C [Initiating PHY Update Procedure Packet
Time Restrictions, No Change]
TP/CON/SLA/BV-53-C [Responding to PHY Update Procedure
Packet Time Restrictions, No Change]
TP/CON/MAS/BV-49-C [Initiating PHY Update Procedure Packet
Time Restrictions]
TP/CON/MAS/BV-50-C [Responding to PHY Update Procedure
Packet Time Restrictions]
conformance tests in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The CONFIG_BT_WAIT_NOP define is used only by
zephyr/subsys/bluetooth/host/hci_core.c.
It is also the only config in drivers/bluetooth that is in use when
BT_CONTROLLER is enabled. Moving it into the bluetooth subsystem
allows us to restructure the drivers/kconfig code such that the entire
Bluetooth driver menu option is omitted when the BT_CONTROLLER is
enabled.
Moving it will also mean that all configs in drivers/bluetooth will
now be related to configuring the source code in drivers/bluetooth.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
The API name space for Bluetooth is bt_* and BT_* so it makes sense to
align the Kconfig name space with this. The additional benefit is that
this also makes the names shorter. It is also in line with what Linux
uses for Bluetooth Kconfig entries.
Some Bluetooth-related Networking Kconfig defines are renamed as well
in order to be consistent, such as NET_L2_BLUETOOTH.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There are two kinds of HCI implementations. Bluetooth drivers in
drivers/bluetooth that implement HCI by using a wired serial
transport layer to talk to an external controller chip. And a
bluetooth controller in subsys/bluetooth/controller that directly
talks to an internal on-chip controller node.
Currently, when the the subsys/bluetooth/controller is used there
still exists exposed to the user a bluetooth driver configuration
menu, even though no external bluetooth driver is in use. This is due
to a dependency on certain configs in driver/bluetooth that are needed
even though no external controller is used.
This patch moves one of these configs, BLUETOOTH_HCI_RESERVE, from
drivers/bluetooth/hci/Kconfig to subsys/bluetooth/host/Kconfig such
that eventually we can omit the entire Bluetooth driver menu option.
This re-organization does not change when the config can be enabled.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Fix incorrect return data type, which causes controller to
hang generating random numbers.
Fixes bug introduced in commit d90095b556 ("Bluetooth:
controller: Use random numbers in adv and enc setup")
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The specification requires the scanner to verify that the AdvA present
in a scan response matches the AdvA that was sent in the original scan
request.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Added implementation to get random numbers in ISR. And fixed
implementation to use random numbers in advertisement random
delay and encryption setup procedure.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The existing check for the TargetA address in directed advertising
events was incorrect. In fact the specification states:
"An initiator that has been instructed by the Host to use
Resolvable Private Addresses shall not respond to directed connectable
advertising events that contain Public or Static addresses for the
target’s address (TargetA field)."
Hence, reject TargetA values that have not been successfully resolved
when the controller is generating its own RPAs.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Fix compiler warnings resulting from passing C string literals to
functions expecting an unsigned char pointer.
Jira: 2443
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
To be able to get a hit on the AAR whenever a Scan Response is received,
enable it in the state transition.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Add missing checks for the logic that discriminates between whitelisting
and non-whitelisting filtering, so that we do not fall into an
unsuspected false positive.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Rework the ctrl_lrpa_get() function so that it doesn't require an
assignment to be present inside the if statement, yielding smaller and
safer code.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Advertising reports generated by a scanner require the controller to
look up the resolving list to supply the host with an ID address instead
of the RPA that has been sent over the air.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Use the actual scanner address to copy the generated RPA into, instead
of mistakenly copying it into the advertiser's address.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Whenever trying to generate a local RPA to send a scan request or a conn
ind, verify that it can be generated (i.e. no NULL IRK provided by the
Host) and fall back to using the public/random address if required.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Since the hardware expects big-endian IRKs but the common generation
function expects it in little-endian, copy and reverse the peer IRK
before generating RPAs.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Implement the LE Enhanced Connection Complete HCI event, but include it
only when controller-based privacy is enabled, since it is only relevant
with it.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Since a connection attempt can fail and will still generate an LE
Connection Complete event, check the status from the LL control module
before incrementing the HCI connection count used for flow control.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The Test ID was incorrectly being added as 4 bytes (size of a pointer)
instead of the intended 1 byte.
This fixes Coverity CID 173643.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The current 960 is at least too small under qemu_x86:
ecc stack (real size 1024): unused 36 usage 988 / 1024 (96 %)
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The nRF5 AAR requires the packet pointer to be placed exactly 3 bytes
before the beginning of the address. Since we don't use the S1 extra
length byte, substract one from the address of the radio packet pointer.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The currently supported hardware in the LL requires big-endian IRK
values to properly function. Reverse the order of the IRK bytes coming
from HCI to address this issue.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The nRF5's AAR was being improperly configured, leading to a NULL
scratch pointer which made it not function at all.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
In order to make sure that the ISR never gets an incomplete or partial
local RPA, use pointers to share the local RPA between thread mode and
ISRs. Pointer updates are guaranteed to be atomic at least on ARM
Cortex-M.
Additionally add support for using local RPAs when initiating a
connection or sending a scan request.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Since the hardware is only able to resolve the first address in the
packet, use the existing functionality to resolve a potential TargetA
RPA in software to verify if it matches the local device.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
This commit introduces controller-based privacy for both the scanner and
the initiator roles. All the features in the specification are
implemented except:
* RPA resolution for directed advertising (TargetA address)
* RPA generation for scan requests and conn ind packets
Follow-up patches will cover the 2 items of functionality still missing
from the basic implementation. Hosts not using controller-based privacy
should not be affected by this change.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
If peer has previously configure to received service changes indications
any changes to the database during the time it has been disconnected
shall be indicated once it reconnects:
[bt] [DBG] sc_process: (0x004065b4) start 0x000a end 0x0014
[bt] [DBG] sc_save: (0x004065b4) peer b8:8a:60:d8:17:d7 (public)
start 0x000a end 0x0014
[bt] [DBG] bt_gatt_connected: (0x00405240) conn 0x00405aa0
[bt] [DBG] gatt_ccc_changed: (0x00405240) ccc 0x00400b30 value 0x0002
[bt] [DBG] sc_ccc_cfg_changed: (0x00405240) value 0x0002
[bt] [DBG] sc_restore: (0x00405240) peer b8:8a:60:d8:17:d7 (public)
start 0x000a end 0x0014
[bt] [DBG] sc_process: (0x004065b4) start 0x000a end 0x0014
[bt] [DBG] gatt_indicate: (0x004065b4) conn 0x00405aa0 handle 0x0008
[bt] [DBG] sc_indicate_rsp: (0x00405240) err 0x00
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
bt_gatt_indicate return 0 in case of success, not true, so
SC_INDICATE_PENDING was flag was not set when it should.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Control and Data packet Tx queue management updated to be
optimal and defer control packet responses when Tx is paused
during encryption setup.
This fixes:
TP/SEC/MAS/BV-12 [Master Start Encryption: Overlapping
Procedure]
TP/SEC/MAS/BV-13 [Master Start Encryption: Overlapping
Procedure with LL_SLAVE_FEATURES_REQ]
conformance tests in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix handling of different procedure collision when receiving
a PHY update request and handling of reject extended
indication.
This fixes:
TP/CON/MAS/BV-47-C [Handling Protocol Collision – Different
Procedure – Channel Map],
TP/CON/SLA/BV-46-C [Handling Protocol Collision – Different
Procedure – Channel Map] and
TP/CON/SLA/BV-48-C [Handling Protocol Collision – Different
Procedure – Connection Update]
conformance test in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix missing PHY update event generation on same procedure
collision,
This fixes TP/CON/SLA/BV-44-C [Handling Protocol Collision –
Same Procedure] conformance test in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix PHY update procedure intiation to use correct No Change
value in MtoS and StoM when there is no change to respective
PHYs. Also, added missing HCI event generation under this
case.
This fixes TP/CON/MAS/BV-41-C [Initiating PHY Update
Procedure] conformance test in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
As ticker can only drift in 32kHz units, the slave Rx
window should consider a +/- one 32kHz unit in addition to
+/- 16us jitter of the master. Hence, for the current
implementation the slave Rx window jitter is +/- 48us.
Future improvement can be done by using remainder of 32kHz
unit drift to reduce this jitter to +/- 16us.
With this fix 20ppm clock accuracy passes conformance TIM
tests (else 251-500ppm had to be used).
Problem was not seen in real life as master do not have a
+/- 16us jitter.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix terminate procedure timeout when supervision timeout
equals connection interval. In this case, avoid timing out
in the first event of procedure initiation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix slave implementation to initiate reject_ext_ind if peer
supports reject_ext_ind.
This fixes:
TP/SEC/SLA/BV-11-C [Slave Sending Reject_Ind_Ext]
conformance test in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix handling invalid control PDUs by generating
LL_UNKNOWN_RSP PDU.
This fixes:
TP/PAC/SLA/BV-01-C [Unknown Packet from Master]
TP/PAC/MAS/BV-01-C [Unknown Packet from Slave]
conformance tests in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix access address generation to correctly have two
transitions in the six MS bits and add other missing checks.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Minor cleanup of Encryption Restart Procedure; No need to
pause rx for slave role on reception of PAUSE_ENC_RSP PDU as
its already paused.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The buf variable may have been unrefed by net_buf_frag_del thus it shall
not be used to store the sent data nor it should be in the
chan->tx_queue.
Jira: ZEP-2395
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fix assert in the controller on master connection creation
due to the CONNECT_IND PDU being transmitted beyond the
calculated scan window.
This is related to commit 80a796b493 ("Bluetooth:
controller: Fix scanner to use correct slot ticks")
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix an assert in next role event preparation when a
connection terminated during the connection event being
aborted/pre-empted out by the next role event.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Since we generate BLUETOOTH_MONITOR_ON_DEV_NAME based on dts we need a
!HAS_DTS check around it. Otherwise we can get into odd build errors.
Its also possibly that we don't specify "zephyr,bt-mon-uart" and in that
case we default to CONFIG_UART_CONSOLE_ON_DEV_NAME (ie 'zephyr,console'
on DTS platforms).
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Add an initial implementation for the Bluetooth Mesh Profile
Specification. The main code resides in subsys/bluetooth/host/mesh and
the public API can be found in include/bluetooth/mesh.h. There are a
couple of samples provided as well under samples/bluetooth and
tests/bluetooth.
The implementation covers all layers of the Bluetooth Mesh stack and
most optional features as well. The following is a list of some of
these features and the c-files where the implementation can be found:
- GATT & Advertising bearers (proxy.c & adv.c)
- Network Layer (net.c)
- Lower and Upper Transport Layers (transport.c)
- Access Layer (access.c)
- Foundation Models, Server role (health.c & cfg.c)
- Both PB-ADV and PB-GATT based provisioning (prov.c)
- Low Power Node support (lpn.c)
- Relay support (net.c)
- GATT Proxy (proxy.c)
Notable features that are *not* part of the implementation:
- Friend support (initial bits are in place in friend.c)
- Provisioner support (low-value for typical Zephyr devices)
- GATT Client (low-value for typical Zephyr devices)
Jira: ZEP-2360
Change-Id: Ic773113dbfd84878ff8cee7fe2bb948f0ace19ed
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When populating the hardware filter, add only slots that are marked as
taken to avoid the hardware being confused by all-0 addresses. This
solves an EBQ issue with whitelist filtering.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
To avoid warnings (seen on some machines) that a function reaches its
end without returning a value, conditionally compile the function in a
way that this cannot happen.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Fix master terminate procedure so that if slave responded to
the ack from master for the LL_TERMINATE_IND then the master
correctly disconnected.
This fixes TP/CON/MAS/BV-09-C [Master Accepting Termination]
in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Tested-by: Ulrich Myhre <ulmy@nordicsemi.no>
Fix implementation to maintain a connection in the slave
role not taking slave latency into use before receiving an
acknowledgement from the master.
This fixes TP/CON/ADV/BV-03-C [Master Missing Slave Packets]
in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Tested-by: Ulrich Myhre <ulmy@nordicsemi.no>
When the controller is configured to have its worker and job
be run at different interrupt priority, check for mayfly
priority being equal was incorrect.
Fixed by conditionally compiling the correct check of mayfly
priority level.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fixed a defect wherein anchor for first scanner event was in
the past (when looking for a free timeslice to avoid
overlapping with master role events) when actually there
were no master roles active. This defect caused the scanner
role to assert, when started with other roles active (eg.
advertiser), when trying to catch-up to current tick.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This reverts commit 3c23c6f53d ("Bluetooth: controller:
Fix assert due to stale tick count") as this leads to
connection events to be skipped, failing conformance tests.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This reverts commit b5235207d3 ("Bluetooth: controller:
Fix for scanner Rx window hang") as this leads to
connection events to be skipped, failing conformance tests.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix calculation of T_Terminate and other procedure timers by
using ceil on calculated connection interval units.
This fixes TP/CON/MAS/BI-02-C [Master T_Terminate Timer] and
TP/CON/SLA/BI-02-C [Slave T_Terminate Timer] in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Signed-off-by: Ulrich Solli Myhre <ulmy@nordicsemi.no>
Fix implementation so that both slave and master behave same
during connection setup and generate disconnection complete
with reason 0x3e (connection failed to be established).
This fixes TP/CON/ADV/BV-02-C [Accepting Connections
Timeout] in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Signed-off-by: Ulrich Solli Myhre <ulmy@nordicsemi.no>
Whenever not using the whitelist the resolving list is traversed to
verify that the device is allowed depending on its current privacy mode.
In the case where the device is not found by address in the resolving
list, allow the request to go through, since we are then dealing with an
unknown devices and the resolving list restrictions do not apply.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
This causes num of packets command handling to dead lock since it
is done on RX buffer destroy if used on TX it may not be destroyed
on time causing.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
The specification states that the AdvA in a Scan Request packet should
be identical to the one sent in the original advertising packet, so
check this when processing a Scan Request.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
When the initiator is using an RPA and we match it using the filtering,
we should return early and allow the device packet through instead of
going through the whole resolving list.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The specification states that filter policies shall be ignored for
directed advertising, so reflect this behaviour in the code.
Additionally when the local device is using RPAs but the peer uses an
identity address, the resolving list index needs to be updated when
traversing the RL to reflect that there has indeed been a device match
even though the IRK match did not happen.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The AdvA in the CONN_IND packet must match the AdvA in the advertising
packet that triggered it regardless of the advertising type.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Added BUILD_ASSERT check for Tx and Rx thread priorities.
The Tx thread priority shall be higher than Rx thread
priority in order to correctly detect transaction violations
in ATT and SMP protocols. The Number of Completed Packets
for a connection shall be processed before any new data is
received and processed for that connection.
The Controller's priority receive thread priority shall be
higher than the Host's Tx and the Controller's Rx thread
priority.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This adds a second vendor service testing if service changed indications
works with more than one change in a row and as a bonus it implements
echo attribute which notifies any data that is written to it:
> ACL Data TX: Handle 3585 flags 0x00 dlen 9
ATT: Write Command (0x52) len 4
Handle: 0x0013
Data: 0000
< ACL Data RX: Handle 3585 flags 0x02 dlen 9
ATT: Handle Value Notification (0x1b) len 4
Handle: 0x0013
Data: 0000
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
With introduction of bt_gatt_service_unregister it is now possible to
unregister service at runtime.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
There could be situations where many services are changed in a row which
would cause k_sem_take to block on the second change, but if the calling
thread is actually the RX thread then this will deadlock since the RX
thread is the one processing the confirmations of indications and it is
blocked k_sem_give is never called.
To solve this the services changes are now offloaded to the system wq
and the code will attempt to consolidate the range being changed so only
one indication is send. If for some reason another changes is caused
while confirmation is pending we just reschedule it to run later to
avoid blocking the system wq in the same way.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
For consistency with the Resolving List, rename the whitelist filter to
match its type and the privacy-enabled version to align it with the
short name used in the RL.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
To correctly handle the allocation and deallocation of resolving list
items, the ll_rl_find and wl_pees_find functions have been modified to
return an invalid index instead of a negative value in case of error.
This is to avoid the ambiguity when mixing indices and negative numbers,
which does not play well with the first index 0.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Upcoming memory protection features will be placing some additional
constraints on kernel objects:
- They need to reside in memory owned by the kernel and not the
application
- Certain kernel object validation schemes will require some run-time
initialization of all kernel objects before they can be used.
Per Ben these initializer macros were never intended to be public. It is
not forbidden to use them, but doing so requires care: the memory being
initialized must reside in kernel space, and extra runtime
initialization steps may need to be peformed before they are fully
usable as kernel objects. In particular, kernel subsystems or drivers
whose objects are already in kernel memory may still need to use these
macros if they define kernel objects as members of a larger data
structure.
It is intended that application developers instead use the
K_<object>_DEFINE macros, which will automatically put the object in the
right memory and add them to a section which can be iterated over at
boot to complete initiailization.
There was no K_WORK_DEFINE() macro for creating struct k_work objects,
this is now added.
k_poll_event and k_poll_signal are intended to be instatiated from
application memory and have not been changed.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The following error and warning is received when connecting
to certain central devices:
[bt] [ERR] hci_num_completed_packets: packets count mismatch
[bt] [WRN] bt_att_recv: Ignoring unexpected request
This could happen if Tx-ed packet is not added to pending
list before a num of completed packets event and/or new Rx
packet is received.
This is fixed by reducing the Rx thread priorities in the
Host and the Controller.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The code in send_frag() depends on being able to allocate a new
pending tx contexts with 100% certainty. We must therefore notify
*all* connections instead of the current one in order to ensure that
there are free contexts available in free_tx.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The num_handles parameter of the Number Of Completed Packets event is
8-bits and not 16-bits, so no helper variable or byte order conversion
is needed.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
In case both conn->tx_notify and conn->tx_queue have data in them we
should first process the notify queue and only then new outgoing
packets.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Due to the missing remainder support in the ticker_start
function for first interval, fix implementation so as to
round the first interval/offset during master connection
setup and connection update to within +/-16us.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The worst-case maximum number of CCC entries we need is actually
MAX_CONN + MAX_PAIRED. Provide a helper define for it and use it
whenever appropriate.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>