The friend_cred hint needs to be set already at the point of
segmenting, i.e. doing it in bt_mesh_net_send() is too late. Move the
setting to bt_mesh_trans_send() and bt_mesh_ctl_send().
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
MESH/NODE/FRND/LPN/BI-02-C requires us to ignore unknown Transport
OpCodes instead of treating them as valid responses to a Friend Poll.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Mesh Specification recommends retrying up to 6 times the Friend
Poll when establishing Friendship as LPN.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We should not have any valid key material in key slot 0 if the KR flag
is set, since then the new key/old key information will be incorrect
when network PDUs get decrypted.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
According to the Mesh Profile Specification: "The acknowledgment timer
shall be set to a minimum of 150 + 50 * TTL milliseconds".
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Mesh Profile Specification states that replay protection must be
done for all control and access messages. Furthermore, the replay
protection list must be updated with the sequence from the last
segment of a segmented message (the code was only updating based on
SeqZero).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Now that Friend support is complete we can create a full
implementation of the LPN PollTimeout Get message.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Even with the privacy feature disabled, the stack has so far defaulted
to using an NRPA for active scanning, in order to protect privacy.
This is mainly because it is not always clear that scanning for other
devices may risk revealing the local identity.
There may however be use cases where such revealing is actively
desired, so introduce a new option for this (which defaults to
disabled).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add support for loading IRKs into the controller as well as the LE
Enhanced Connection Complete HCI event. To simplify things, the old LE
Connection Complete handler translates its event into the new enhanced
one which is then the single place of processing new connection
events.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
MESH/NODE/CFG/HBS/BV-02-C expects it to be possible to do a Set with
the existing src & dst addresses but with a zero period in order to
"cancel" the current subscription. In such a case the addresses should
remain set but the period be set to zero, similar to what would happen
if the period would expire.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The heartbeat subscription Count, MinHops & MaxHops should only be
reset when enabling heartbeat subscription. Any other actions should
keep it unchanged.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The heartbeat should only be sent in case the relay state actually
changes. This fixes MESH/NODE/CFG/HBP/BV-03-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
"4.1.2 Log field transformation
In order to compress two-octet values into one-octet fields, the
following logarithmic transformation is used: any two-octet value is
mapped onto a one-octet field value representing the largest integer
n, where 2^(n-1) is less than or equal to the two-octet value."
Log field transformation table:
Log Field Value 2-octet Value
0x01 0x0001
0x02 0x0002 through 0x0003
0x03 0x0004 through 0x0007
0x04 0x0008 through 0x000F
0x05 0x0010 through 0x001F
0x06 0x0020 through 0x003F
0x07 0x0040 through 0x007F
0x08 0x0080 through 0x00FF
0x09 0x0100 through 0x01FF
0x0A 0x0200 through 0x03FF
0x0B 0x0400 through 0x07FF
0x0C 0x0800 through 0x0FFF
0x0D 0x1000 through 0x1FFF
0x0E 0x2000 through 0x3FFF
0x0F 0x4000 through 0x7FFF
0x10 0x8000 through 0xFFFF
"4.2.17.2 Heartbeat Publication Count Log
The Heartbeat Publication Count Log value between 0x01 and 0x11 shall
represent that smallest integer n where 2^(n-1) is greater than or
equal to the Heartbeat Publication Count value. For example, if the
Heartbeat Publication Count value is 0x0579, then the Heartbeat
Publication Count Log value would be 0x0C."
According to this definition 2^(n-1) is an upper bound for n log
value.
Proposed Publication Count Log transformation table:
Pub Count Log Value 2-octet Value
0x01 0x0001
0x02 0x0002
0x03 0x0003 through 0x0004
0x04 0x0005 through 0x0008
0x05 0x0009 through 0x0010
0x06 0x0011 through 0x0020
0x07 0x0021 through 0x0040
0x08 0x0041 through 0x0080
0x09 0x0081 through 0x0100
0x0A 0x0101 through 0x0200
0x0B 0x0201 through 0x0400
0x0C 0x0401 through 0x0800
0x0D 0x0801 through 0x1000
0x0E 0x1001 through 0x2000
0x0F 0x2001 through 0x4000
0x10 0x4001 through 0x8000
0x11 0x8001 through 0x10000
According to Log field transformation table 0x0579 would be
transformed to 0x0B and should be to transformed to 0x0C.
This is required to pass MESH/NODE/CFG/HBP/BV-01-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Section 4.2.18.2 in the Mesh Profile Specification states:
"The Heartbeat Subscription Destination shall be the unassigned address,
the primary unicast address of the node, or a group address, all other
values are Prohibited."
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch fixes issue when receiving iv index greater than current
index + 42 in update mode. According to Specification when node is in
update state it should only accept iv index equal to the current iv
index. When node is in normal mode it should ignore index that is
greater than current index + 42.
This allows to pass MESH/NODE/IVU/BI-02-C.
Also this patch cleans up the iv update procedure, to make it easier
to read.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The lower transport layer is responsible e.g. for the Friend Queue, so
we need to have the buffer in its original parsing state there.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fail on Mesh initialization if provisioning is enabled and keys were
not generated. This make it simpler to debug misconfigured devices.
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
On targets where non-Zephyr controllers are likely, such as qemu, it
may be harmful to try to issue any of the vendor HCI commands, since
non-Zephyr controllers may interpret them in completely different
ways.
Introduce a Kconfig option that, when enabled, uses some simple
heuristics (HCI version & lack of public address) to try to guess in
advance whether the Zephyr HCI vendor extensions are supported or not.
The new option is available for any host-only configuration and is
enabled by default for the qemu targets.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fixes the following conformance test regression failure
introduced in commit 7dd5fbee26 ("Bluetooth: controller:
Fix MIC error due to parallel Enc Proc")
TP/CON/MAS/BV-28-C [Initiating Connection Parameter Request
different procedure collision encryption]
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix to disallow initiating LE Start Encryption while another
procedure is in progress. Similarly, disallow initiating
another procedure while Encryption procedure is in progress.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix the controller Kconfig to enable use of fast radio ramp
up by default, hence enabling support for Asym PHY updates
by default on nRF52 Series SoCs.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Replace all controller asserts in control procedure responses
that checked for buffer availability with an implementation
that nacks request PDUs if there are no buffer to prepare
response PDUs.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The implementation of the Network Message Cache has so far been
suboptimal, since it has treated the same packet with different TTL
values as different packets. Since one of the purposes of this cache
is to prevent unnecessary relaying, it's important that we don't let
the TTL value influence the "hash" that's used for matching messages.
This patch changes the hash to consist of most of the IV Index (three
least significant bytes of it), the sequence number and the source
address, which should give fairly optimal matching behavior.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The main purpose of recv_thread is to process incoming events from the
radio and also any buffered items waiting to be dispatched to the Host
and that are pending because of lack of Host buffers.
When an iteration of the recv_thread obtains a element from the radio it
needs to process it immediately, either sending it straight away to the
Host or appending it to the queue. This was not the case before this
patch, where the concurrency of a buffered packet with one coming from
the radio would cause the latter to be "dropped", causing missing
packets.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
There was a missing net_buf_unref() for the response to reading the
controller static addresses.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add skeleton for HCI vendor extenstions and convert the nRF5x-specific
static address setting to use the HCI VS commands instead.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When a connection is disconnected with outstanding unacked packets, the
Host has no way to signal or acknowledge their processing to the
Controller, since it is illegal to send a Host Number of Completed
Packets command when the connection is not up. Instead, consider the
outstanding packets as acked in order not to affect the correct flow
control.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The feature bits for Proxy and Friend were missing in the composition
data and heart beat messages.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Both count and period must be non-zero for message publication
Stop publication when count becomes zero
Add count to debug message in hb_publish
Signed-off-by: Steve Brown <sbrown@cortland.com>
There have been situations where the remote stacks cannot responds
within a second, so increases it to 2 seconds. The timeout has to be
relatively short as the channel cannot be reused while disconnecting.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
MPS shall never be bigger than MTU + 2 as the remaining bytes cannot
be used since the SDU is limited to length + MTU.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Add implementation to support Coded PHY update procedure
with packet transmit time restrictions.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Use S8 coding Rx chain delay timings to calculate the PA
pin assertions when in Coded PHY.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Always use S8 Rx Chain Delay instead of the actual Rx-ed
packet coding. I believe, as the packet always start with
S8, hence S8 timings when used the tIFS is near correct
value.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
When calculating and setting up the header compelte timeout
use S8 coding Rx chain delay.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
In the commit dd52b8ea02 ("Bluetooth: controller: Fix
first connection interval timing"), instead of using just a
tick unit as workaround, microseconds corresponding to a
tick unit was used while calculating the window offset to be
used at the connection update instant. This introduced an
error in scheduling the first event with new connection
parameters, causing supervision timeout of connection update
procedure.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Mesh Profile Specification v1.0, 4.4.1.2.8:
"When an element receives a Config Model Subscription Add message
or a Config Model Subscription Virtual Address Add message that
is not successfully processed (i.e., it results in an error condition
listed in Table 4.113), it shall respond with the Config Model
Subscription Status message, setting its fields to the values
of the corresponding fields (i.e., the identically named fields)
of the incoming message and setting the Status field to a status code
(defined in Table 4.113), and setting all other fields to 0."
The same applies to other Model Subscription messages.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
It's possible that tx_notify still contains items when a Disconnect
Complete happens. Since the normal path for processing tx_notify is
not taken when the connection is not in CONNECTED state, we must make
sure to process the list latest in conn_cleanup() that's called as one
last thing before the connection object is freed up.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fixed a missing reset of FC feature on HCI reset. This
feature provided a simple connection handle based event
exclusions, but this is no longer needed with the
support for controller to host flow control. This feature
should be removed in the future.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
A connection might have gotten disconnected by the time that an ACL
buffer is free up, in which case there is no need to send a HCI
command for it.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When a peer master performed a PHY update procedure with no
change, the state machine was not released. This blocked
any future local initiation of the procedure and also
leading to termination of connection with reason LMP
response timeout.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fixed the usage of NRF_AAR peripheral for controller privacy
to clear events on configure and on every radio ISR entry.
Without this fix, there was spurious AAR matches leading to
controller asserts.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
PHY Update procedure timeout was started without transition
to the state that waits for the procedure to complete. This
prevented the timeout from being reset on successful
completion of the procedure and eventually leading to a
connection termination with reason LMP Response Timeout.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix Connection Parameter Request Procedure's Connection
Update Procedure initiation to calculate the offset rather
than selecting offsets from an out-of-bound memory area.
The symptoms of the bug was noticed as a supervision timeout
due to use of incorrect offset communicated to peer and a
wrong offset used in scheduling the connection events.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
When the peer slave rejects a Connection Parameter Request
Procedure, the controller proceeds to perform a Connection
Update Procedure without clearing the procedure timer that
causes the connection to terminate eventually. This is
fixed by clearing the procedure timeout when the Connection
Update Procedure completes.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
If a peer master role has support for Connection Parameter
Request Procedure set in its supported features but would
send an Extended Reject Ind as response to the procedure
then the controller incorrectly initiated a Connection
Update Procedure which is not permitted in a slave role.
This would lead to connection timeout after the used instant
in the invalid Connection Update Procedure.
This is fixed by initiating a Connection Update Procedure
only if in a master role.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Since the Zephyr HCI VS extensions apply to both the Host (using them
for additional functionality) and the Controller (implement the commands
and events), it make sense to make this a common setting in order for it
to be configurable in a way that applies to both.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The PA/LNA feature is not functional on nRF51x series due to added
interrupt latency. Disable this feature unconditionally for those ICs to
avoid unexpected behavior.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Issuing HCI reset command while having connections sometimes
hung the controller.
ll_reset supplied invalid stop ticker id to role_disable
when trying to stop all connections. Connection role does
not utilize stop ticker. The invalid ticker id supplied
referenced memory outside the pool of tickers and based on
what the content is in RAM there, the controller would hang
trying to stop connections.
Fixed by not calling the ticker_stop interface with invalid
ticker ids.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Proxy configuration messages are allowed (in fact required) to use
unassigned addresses, so they should be exempt from this check.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The test failure may be e.g. because of an unknown company id, and in
that case the spec expects us to ignore the message.
With this patch it should be possible to pass MESH/SR/HM/RFS/BI-01-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
A previous patch which moved dispatching the health publish callback
to a later moment introduced a regression where the period divider
does not get updated when it should. In fact, having the divider as
part of the Health Server context is redundant, since the same
information is already stored generically in the model publication
context. Switching to using the model publication context makes things
simpler and ensures that the value is always up-to-date.
With this patch it is possible to pass MESH/SR/HM/CFS/BV-02-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We should ignore invalid addresses (helps pass
MESH/NODE/CFG/LPNPT/BI-01-C). Also fix a copy-paste issue in an error
log.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The values all need to be zeroed when heartbeat subscription is
disabled. This makes it possible to pass MESH/NODE/CFG/HBS/BV-01-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Implement the Read Build Information VS command. This returns a UTF-8
encoded string, which is extendable by the user via a new Kconfig
option.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Implement the Zephyr VS command that allows a Host to write a public
Bluetooth Address to the Controller in order to allow Hosts to provide
their own public Bluetooth addresses.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
From section 3.4.5.3 in the Mesh Profile Specification 1.0:
"A node shall implement a Local Network Interface."
Removing the Kconfig option also helps clean up quite a lot of code.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The bt_mesh_net_relay() function needs to allow TTL <= 1 for the local
network interface since that's the code path that locally originated
outgoing packets take.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Mesh Profile Specification v1.0, 5.3.3:
"On the PB-ADV bearer, when the receiver has received all segments of
a transaction, the receiver shall calculate the FCS for the received
Provisioning PDU, and if it matches the FCS field in the Transaction
Start PDU, it shall send a Transaction Acknowledgment PDU after
a random delay between 20 and 50 milliseconds."
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Mesh specification recommends defaulting to the company ID in the
composition data when no other ID is relevant (e.g. in error cases or
if the app has not provided a callback).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Encrypting and sending a message takes a considerable amount of time
which makes the publication period longer than expected.
With this patch it is possible to pass MESH/SR/HM/CFS/BV-02-C test.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The branch for handling the case when the app has not provided a
callback for health faults was encoding the payload in a wrong way.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
To avoid signedness issues with some compilers, like icx, use 'char *'
instead of 'unsigned char *' for the at_client buffer.
Fixes#3600
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The code was passing the wrong first parameter to the sdu_len_is_ok()
function.
Fixes#3985Fixes#3984
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
It makes no sense to respond with Pairing Failed PDU to another
Pairing Failed PDU.
Jira: ZEP-2620
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Move the use of tIFS software switching PPI index set up by
one position to make place for use of PA/LNA implementation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Earlier design captured AA twice in the first Rx in a slave
connection event and retained one of the capture until end
of event to calculate drift.
Design updated to use single capture of AA and save the
first AA capture in a slave connection event in RAM instead.
This frees up a PPI channel in the controller design.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Document internal the purposes of various Tx/Rx PDU end
capture setup.
Also, removed any redundant capture of packet end.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Minor refactor of radio_tmr_start to reduced duplicate
assignments common in if-then-else control path.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Updated debug pin mapping so that the outputs are on P3 pin
head on all nRF5x Development Kits.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fixed the configuration of NRF_CCM for 2M PHY connections.
Now faster 2M data rate mode will be used when a connection
is in 2M PHY.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Use correct NRF_AAR enable macro defines from Nordic MDK.
Old code funtionally worked fine even though not setting
the correct enable value.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fixed a bug in the implementation of Connection Parameter
Request Procedure when initiated in master role caused the
connection to terminate with reason LL response timeout.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The status in the Command Complete event was uninitialized, leading to
incorrect contents of the event parsed by the Host. Correctly initialize
the status to success.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
During testing it was discovered that directed advertising
timeout is missing implementation to handle the timeout
happening while next event is already in preparation.
The consequence was that after the event ticker expired,
the counter is shutdown, stalling the setup PPI from
starting the erroneous advertising, leaving the controller
in an invalid hung state.
This has been fixed by correctly handling the cases, stop
between prepare and event, and stop inside radio advertising
event. The fix takes care of putting the radio active
callback and HF clock in the correct states.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Whenever the HCI ACL flow control is violated by the Host, a Data Buffer
Overflow event is now issued by the Controller (if enabled) to notify
the Host of the buffer overrun.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Added missing asserts to catch high CPU use in radio ISR and
latencies, without which if radio packet pointer is not set
correctly, would cause spurious transmissions and invalid
behavior.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Optimised the get() function in nRF5 hal rand implementation
to reduce number of probable branching operations.
This is needed to reduce nRF51 platform's CPU use in radio
ISR when using the fast encryption setup implementation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Move the code to acquire the RSSI sample after critical
control path that processes PDUs.
This is needed to reduce the time taken to assign the next
packet ptr inside radio ISR.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
To meet CPU time usage restricts inside radio ISR on nRF51
SoCs, use ccflags -Ofast when using fast encryption setup
implementation in the controller.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Default to n the support for Data Length Update and
PHY update procedures on nRF51 SoCs.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fixed an assert when peer responded with unknown rsp to
slave feature request when an existing another control
procedure was in progress.
This assert happened with a BT v4.0 peer implementation that
was performing a channel map update and local controller
initiated a slave feature request, receiving an unknown
response.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Without this fix there is an issue when doing PB-ADV provisioning
with PTS. We keep retransmitting Public Key which is ACKed by PTS and
this leads to transaction timeout as PTS does not send confirm probably
because it keep receiving PK from us.
This patch also makes sure that transaction id is between 0x80 - 0xFF
Signed-off-by: Łukasz Rymanowski <lukasz.rymanowski@codecoup.pl>
Needed for following PTS test cases:
MESH/NODE/PROV/UPD/BV-10-C
MESH/NODE/PROV/BI-02-C
Signed-off-by: Łukasz Rymanowski <lukasz.rymanowski@codecoup.pl>
Fix the control and data packet management implementation
discovered during conformance testing.
This fixes:
TP/SEC/MAS/BV-12 [Master Start Encryption: Overlapping
Procedure]
TP/SEC/MAS/BV-13 [Master Start Encryption: Overlapping
Procedure with LL_SLAVE_FEATURES_REQ]
conformance tests in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Privacy on nRF51 is not passing the conformance and qualification tests
due to the time it takes to execute the privacy code while in ISR. Until
we come up with a way of optimizing and/or deferring the work, do not
allow privacy on nRF51 targets.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Use the macros generated during the build and located in version.h to
fill in the version information in the Read Version Information VS
command. Additionally reply with the correct hardware identifiers when
running on Nordic hardware.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Seems due to incorrect rebase in commit 07270e52ba
("Bluetooth: controller: Coding style and refactoring"),
commit 95d55a2bfc ("Bluetooth: controller: Do not skip
one-shot tickers with slot"), and
commit 4ba2bb0d1c ("Bluetooth: controller: Be fair when
pre-empting a ticker"), a pointless expression was
introduced, fixed it.
Coverity-CID: 171563
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The code was setting the wrong bit of the Static OOB Type when a
static value has been provided.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fixes an assert during connection establishment when the
initiator overflows the initiator window in time while
sending the CONNECT_IND PDU. The actual window is one low
frequency tick less, hence corrected the check that permits
the transmission of CONNECT_IND PDU inside the initiator
window.
Symptom was, stopping of the scanner's ticker succeeds on
connection establishment, but next interval prepare was
already run when continuous scanning was used, breaking the
design, hence there was an assert.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Implement the Zephyr Read Key Hierarchy Roots command, returning the IR
and ER present in nRF5x ICs when compiling for those.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Implement the first Vendor-Specific Command of the Zephyr specification
other than the 3 mandatory ones already present in the codebase, along
with a Kconfig option to enable and disable the presence of the VS
commands.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
This is necessary in order for k_queue_get to work properly since that
is used with buffer pools which might be used by multiple threads asking
for buffers.
Jira: ZEP-2553
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Refactor the Connection Parameter Request Procedure to be
separate from and not overlap the variables of the
Connection Update Procedure.
Also, added missing implementations to pass all Connection
Parameter Request Procedure related Conformance Tests.
Jira: ZEP-1918
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Implement the LE Read Channel Map HCI command, along with making the
reading of the multi-byte channel map value from the connection pointer
thread-safe in case the ISR triggers while we are reading the value.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Although the current BLE controller only supports a single TX power (0
dBm), the qualification tests require the 2 Read TX Power to be
present and supported in the controller, so implement them while
returning always 0 dBm.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
When the CONFIG_BT_CTLR_CONN_RSSI option is set, the connection RSSI is
available in the controller, and can be reported to the Host via the
Read RSSI command. Implement the command, which is required for
qualification.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
There are 2 possible interpretations regarding the address to return in
response to the Read Peer RPA HCI Command:
1) The RPA that the local controller generates to be used in certain
packets it sends
2) The RPA generated and used by the peer device in its packets
We used to return 1) but our interpretation turned out to be incorrect
when reading the HCI test specification, so this commit switches to
returning 2).
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
In the ll_rl_pdu_adv_update() function, the check to verify if we are
dealing with an item from the resolving list or else with a simple
standard non-privacy enabled device was left over from the previous
iteration, which used negative values. Replace that check with the
proper current one, using the size of the rl array as an indicator of
whether the index is valid.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Due to varying remainder value, first interval will need to
consider the remainder value used in microsecond timing from
the start of the initiator window.
Also the tx chain delay and ready delay must be substract
after the window offset is calculated.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The Read Remote Version Information command is supported on the BLE
controller, enable the bit in Read Local Supported Commands to reflect
this.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Fix controller assert due to a bug introduced in commit
07270e52ba ("Bluetooth: controller: Coding style and
refactoring").
This reverts implementation to original way it was and the
calculation of the ticker expiry will now not overflow the
range of the RTC peripheral, which is a 24 bit counter.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix checks for BT_HCI_RAW and move default range after the other range
options, required by Kconfig to avoid overwriting other options.
Signed-off-by: Ricardo Salveti <ricardo.salveti@linaro.org>
The RSSI value is an 8-bit signed integer. Since the Link Layer works
only with positive unsigned integers, translate into a negative number
at the HCI layer.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Older value of 256 was introduced in 1.7 times. Testing on
BOARD=96b_carbon with 2 weeks old codebase however showed that TX
thread stack however can grow to 324 bytes. Finally, with the
latest master, following stacks are reported on BLE disconnect
(with CONFIG_INIT_STACKS enabled):
rx stack (real size 1024): unused 452 usage 572 / 1024 (55 %)
tx stack (real size 384): unused 16 usage 368 / 384 (95 %)
Two outcomes:
1. TX stack needs increase.
2. Over time, the stack usage grows, plus variations in SPI
drivers should also be taken into account.
So, increase the stack size to 416 bytes, to leave some headroom
beyond the immediate values seen on 96b_carbon.
Jira: ZEP-2510
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Add a sample application that allows a Zephyr-based Bluetooth
controller to interface with an HCI driver via SPI. This sample
implements the same BT SPI protocol already as Zephyr's HCI SPI
driver.
Currently, the sample only supports the legacy SPI API.
Provide a single configuration file, avoiding board-specific
files. Some board-specific configuration information must be provided
via other means:
- CONFIG_BT_CONTROLLER_TO_HOST_SPI_DEV_NAME
- CONFIG_BT_CONTROLLER_TO_HOST_SPI_IRQ_DEV_NAME
- CONFIG_BT_CONTROLLER_TO_HOST_SPI_IRQ_PIN
Signed-off-by: Ricardo Salveti <ricardo.salveti@linaro.org>
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
Signed-off-by: Michael Scott <michael.scott@linaro.org>
Since Extended Scanner Filter Policies is an independent feature from
Controller-based Privacy, split it out so it can be built independently
and included without it.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Unless offset was specified, it should default to 0, whereas
previously, value from the last command was used.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Whenever privacy is enabled, we support the Extended Scan Filter
Policies functionality, and therefore we must show it in the bitfield of
LE supported features for the controller.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Rename the BT_CONTROLLER prefix used in all of the Kconfig variables
related to the Bluetooth controller to BT_CTLR.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Avoiding segmentation in the GATT-based Mesh Proxy protocol requires
having an RX buffer length of at least 77. We could round it up to 80
since there's otherwise wasted space, however there's also
BT_HCI_RESERVE to consider, so to avoid pushing over the 4-byte
boundary for certain HCI drivers just leave the size at 77.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Implement the 4.2 event LE Directed Advertising Report, used for
scanners in a privacy-enabled controller to report directed advertising
events whose TargetA cannot be resolved by the local controller.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Add implementation to support PHY update procedure with
packet transmit time restrictions.
This fixes:
TP/CON/SLA/BV-49-C [Initiating PHY Update Procedure Packet
Time Restrictions]
TP/CON/SLA/BV-50-C [Responding to PHY Update Procedure
Packet Time Restrictions]
TP/CON/SLA/BV-52-C [Initiating PHY Update Procedure Packet
Time Restrictions, No Change]
TP/CON/SLA/BV-53-C [Responding to PHY Update Procedure
Packet Time Restrictions, No Change]
TP/CON/MAS/BV-49-C [Initiating PHY Update Procedure Packet
Time Restrictions]
TP/CON/MAS/BV-50-C [Responding to PHY Update Procedure
Packet Time Restrictions]
conformance tests in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The CONFIG_BT_WAIT_NOP define is used only by
zephyr/subsys/bluetooth/host/hci_core.c.
It is also the only config in drivers/bluetooth that is in use when
BT_CONTROLLER is enabled. Moving it into the bluetooth subsystem
allows us to restructure the drivers/kconfig code such that the entire
Bluetooth driver menu option is omitted when the BT_CONTROLLER is
enabled.
Moving it will also mean that all configs in drivers/bluetooth will
now be related to configuring the source code in drivers/bluetooth.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
The API name space for Bluetooth is bt_* and BT_* so it makes sense to
align the Kconfig name space with this. The additional benefit is that
this also makes the names shorter. It is also in line with what Linux
uses for Bluetooth Kconfig entries.
Some Bluetooth-related Networking Kconfig defines are renamed as well
in order to be consistent, such as NET_L2_BLUETOOTH.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There are two kinds of HCI implementations. Bluetooth drivers in
drivers/bluetooth that implement HCI by using a wired serial
transport layer to talk to an external controller chip. And a
bluetooth controller in subsys/bluetooth/controller that directly
talks to an internal on-chip controller node.
Currently, when the the subsys/bluetooth/controller is used there
still exists exposed to the user a bluetooth driver configuration
menu, even though no external bluetooth driver is in use. This is due
to a dependency on certain configs in driver/bluetooth that are needed
even though no external controller is used.
This patch moves one of these configs, BLUETOOTH_HCI_RESERVE, from
drivers/bluetooth/hci/Kconfig to subsys/bluetooth/host/Kconfig such
that eventually we can omit the entire Bluetooth driver menu option.
This re-organization does not change when the config can be enabled.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Fix incorrect return data type, which causes controller to
hang generating random numbers.
Fixes bug introduced in commit d90095b556 ("Bluetooth:
controller: Use random numbers in adv and enc setup")
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The specification requires the scanner to verify that the AdvA present
in a scan response matches the AdvA that was sent in the original scan
request.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Added implementation to get random numbers in ISR. And fixed
implementation to use random numbers in advertisement random
delay and encryption setup procedure.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The existing check for the TargetA address in directed advertising
events was incorrect. In fact the specification states:
"An initiator that has been instructed by the Host to use
Resolvable Private Addresses shall not respond to directed connectable
advertising events that contain Public or Static addresses for the
target’s address (TargetA field)."
Hence, reject TargetA values that have not been successfully resolved
when the controller is generating its own RPAs.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Fix compiler warnings resulting from passing C string literals to
functions expecting an unsigned char pointer.
Jira: 2443
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
To be able to get a hit on the AAR whenever a Scan Response is received,
enable it in the state transition.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Add missing checks for the logic that discriminates between whitelisting
and non-whitelisting filtering, so that we do not fall into an
unsuspected false positive.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Rework the ctrl_lrpa_get() function so that it doesn't require an
assignment to be present inside the if statement, yielding smaller and
safer code.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Advertising reports generated by a scanner require the controller to
look up the resolving list to supply the host with an ID address instead
of the RPA that has been sent over the air.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Use the actual scanner address to copy the generated RPA into, instead
of mistakenly copying it into the advertiser's address.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Whenever trying to generate a local RPA to send a scan request or a conn
ind, verify that it can be generated (i.e. no NULL IRK provided by the
Host) and fall back to using the public/random address if required.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Since the hardware expects big-endian IRKs but the common generation
function expects it in little-endian, copy and reverse the peer IRK
before generating RPAs.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Implement the LE Enhanced Connection Complete HCI event, but include it
only when controller-based privacy is enabled, since it is only relevant
with it.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Since a connection attempt can fail and will still generate an LE
Connection Complete event, check the status from the LL control module
before incrementing the HCI connection count used for flow control.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The Test ID was incorrectly being added as 4 bytes (size of a pointer)
instead of the intended 1 byte.
This fixes Coverity CID 173643.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The current 960 is at least too small under qemu_x86:
ecc stack (real size 1024): unused 36 usage 988 / 1024 (96 %)
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The nRF5 AAR requires the packet pointer to be placed exactly 3 bytes
before the beginning of the address. Since we don't use the S1 extra
length byte, substract one from the address of the radio packet pointer.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The currently supported hardware in the LL requires big-endian IRK
values to properly function. Reverse the order of the IRK bytes coming
from HCI to address this issue.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The nRF5's AAR was being improperly configured, leading to a NULL
scratch pointer which made it not function at all.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
In order to make sure that the ISR never gets an incomplete or partial
local RPA, use pointers to share the local RPA between thread mode and
ISRs. Pointer updates are guaranteed to be atomic at least on ARM
Cortex-M.
Additionally add support for using local RPAs when initiating a
connection or sending a scan request.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Since the hardware is only able to resolve the first address in the
packet, use the existing functionality to resolve a potential TargetA
RPA in software to verify if it matches the local device.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
This commit introduces controller-based privacy for both the scanner and
the initiator roles. All the features in the specification are
implemented except:
* RPA resolution for directed advertising (TargetA address)
* RPA generation for scan requests and conn ind packets
Follow-up patches will cover the 2 items of functionality still missing
from the basic implementation. Hosts not using controller-based privacy
should not be affected by this change.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
If peer has previously configure to received service changes indications
any changes to the database during the time it has been disconnected
shall be indicated once it reconnects:
[bt] [DBG] sc_process: (0x004065b4) start 0x000a end 0x0014
[bt] [DBG] sc_save: (0x004065b4) peer b8:8a:60:d8:17:d7 (public)
start 0x000a end 0x0014
[bt] [DBG] bt_gatt_connected: (0x00405240) conn 0x00405aa0
[bt] [DBG] gatt_ccc_changed: (0x00405240) ccc 0x00400b30 value 0x0002
[bt] [DBG] sc_ccc_cfg_changed: (0x00405240) value 0x0002
[bt] [DBG] sc_restore: (0x00405240) peer b8:8a:60:d8:17:d7 (public)
start 0x000a end 0x0014
[bt] [DBG] sc_process: (0x004065b4) start 0x000a end 0x0014
[bt] [DBG] gatt_indicate: (0x004065b4) conn 0x00405aa0 handle 0x0008
[bt] [DBG] sc_indicate_rsp: (0x00405240) err 0x00
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
bt_gatt_indicate return 0 in case of success, not true, so
SC_INDICATE_PENDING was flag was not set when it should.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Control and Data packet Tx queue management updated to be
optimal and defer control packet responses when Tx is paused
during encryption setup.
This fixes:
TP/SEC/MAS/BV-12 [Master Start Encryption: Overlapping
Procedure]
TP/SEC/MAS/BV-13 [Master Start Encryption: Overlapping
Procedure with LL_SLAVE_FEATURES_REQ]
conformance tests in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix handling of different procedure collision when receiving
a PHY update request and handling of reject extended
indication.
This fixes:
TP/CON/MAS/BV-47-C [Handling Protocol Collision – Different
Procedure – Channel Map],
TP/CON/SLA/BV-46-C [Handling Protocol Collision – Different
Procedure – Channel Map] and
TP/CON/SLA/BV-48-C [Handling Protocol Collision – Different
Procedure – Connection Update]
conformance test in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix missing PHY update event generation on same procedure
collision,
This fixes TP/CON/SLA/BV-44-C [Handling Protocol Collision –
Same Procedure] conformance test in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix PHY update procedure intiation to use correct No Change
value in MtoS and StoM when there is no change to respective
PHYs. Also, added missing HCI event generation under this
case.
This fixes TP/CON/MAS/BV-41-C [Initiating PHY Update
Procedure] conformance test in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
As ticker can only drift in 32kHz units, the slave Rx
window should consider a +/- one 32kHz unit in addition to
+/- 16us jitter of the master. Hence, for the current
implementation the slave Rx window jitter is +/- 48us.
Future improvement can be done by using remainder of 32kHz
unit drift to reduce this jitter to +/- 16us.
With this fix 20ppm clock accuracy passes conformance TIM
tests (else 251-500ppm had to be used).
Problem was not seen in real life as master do not have a
+/- 16us jitter.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix terminate procedure timeout when supervision timeout
equals connection interval. In this case, avoid timing out
in the first event of procedure initiation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix slave implementation to initiate reject_ext_ind if peer
supports reject_ext_ind.
This fixes:
TP/SEC/SLA/BV-11-C [Slave Sending Reject_Ind_Ext]
conformance test in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix handling invalid control PDUs by generating
LL_UNKNOWN_RSP PDU.
This fixes:
TP/PAC/SLA/BV-01-C [Unknown Packet from Master]
TP/PAC/MAS/BV-01-C [Unknown Packet from Slave]
conformance tests in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix access address generation to correctly have two
transitions in the six MS bits and add other missing checks.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Minor cleanup of Encryption Restart Procedure; No need to
pause rx for slave role on reception of PAUSE_ENC_RSP PDU as
its already paused.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The buf variable may have been unrefed by net_buf_frag_del thus it shall
not be used to store the sent data nor it should be in the
chan->tx_queue.
Jira: ZEP-2395
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fix assert in the controller on master connection creation
due to the CONNECT_IND PDU being transmitted beyond the
calculated scan window.
This is related to commit 80a796b493 ("Bluetooth:
controller: Fix scanner to use correct slot ticks")
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix an assert in next role event preparation when a
connection terminated during the connection event being
aborted/pre-empted out by the next role event.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Since we generate BLUETOOTH_MONITOR_ON_DEV_NAME based on dts we need a
!HAS_DTS check around it. Otherwise we can get into odd build errors.
Its also possibly that we don't specify "zephyr,bt-mon-uart" and in that
case we default to CONFIG_UART_CONSOLE_ON_DEV_NAME (ie 'zephyr,console'
on DTS platforms).
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Add an initial implementation for the Bluetooth Mesh Profile
Specification. The main code resides in subsys/bluetooth/host/mesh and
the public API can be found in include/bluetooth/mesh.h. There are a
couple of samples provided as well under samples/bluetooth and
tests/bluetooth.
The implementation covers all layers of the Bluetooth Mesh stack and
most optional features as well. The following is a list of some of
these features and the c-files where the implementation can be found:
- GATT & Advertising bearers (proxy.c & adv.c)
- Network Layer (net.c)
- Lower and Upper Transport Layers (transport.c)
- Access Layer (access.c)
- Foundation Models, Server role (health.c & cfg.c)
- Both PB-ADV and PB-GATT based provisioning (prov.c)
- Low Power Node support (lpn.c)
- Relay support (net.c)
- GATT Proxy (proxy.c)
Notable features that are *not* part of the implementation:
- Friend support (initial bits are in place in friend.c)
- Provisioner support (low-value for typical Zephyr devices)
- GATT Client (low-value for typical Zephyr devices)
Jira: ZEP-2360
Change-Id: Ic773113dbfd84878ff8cee7fe2bb948f0ace19ed
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When populating the hardware filter, add only slots that are marked as
taken to avoid the hardware being confused by all-0 addresses. This
solves an EBQ issue with whitelist filtering.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
To avoid warnings (seen on some machines) that a function reaches its
end without returning a value, conditionally compile the function in a
way that this cannot happen.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Fix master terminate procedure so that if slave responded to
the ack from master for the LL_TERMINATE_IND then the master
correctly disconnected.
This fixes TP/CON/MAS/BV-09-C [Master Accepting Termination]
in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Tested-by: Ulrich Myhre <ulmy@nordicsemi.no>
Fix implementation to maintain a connection in the slave
role not taking slave latency into use before receiving an
acknowledgement from the master.
This fixes TP/CON/ADV/BV-03-C [Master Missing Slave Packets]
in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Tested-by: Ulrich Myhre <ulmy@nordicsemi.no>
When the controller is configured to have its worker and job
be run at different interrupt priority, check for mayfly
priority being equal was incorrect.
Fixed by conditionally compiling the correct check of mayfly
priority level.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fixed a defect wherein anchor for first scanner event was in
the past (when looking for a free timeslice to avoid
overlapping with master role events) when actually there
were no master roles active. This defect caused the scanner
role to assert, when started with other roles active (eg.
advertiser), when trying to catch-up to current tick.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This reverts commit 3c23c6f53d ("Bluetooth: controller:
Fix assert due to stale tick count") as this leads to
connection events to be skipped, failing conformance tests.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This reverts commit b5235207d3 ("Bluetooth: controller:
Fix for scanner Rx window hang") as this leads to
connection events to be skipped, failing conformance tests.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix calculation of T_Terminate and other procedure timers by
using ceil on calculated connection interval units.
This fixes TP/CON/MAS/BI-02-C [Master T_Terminate Timer] and
TP/CON/SLA/BI-02-C [Slave T_Terminate Timer] in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Signed-off-by: Ulrich Solli Myhre <ulmy@nordicsemi.no>
Fix implementation so that both slave and master behave same
during connection setup and generate disconnection complete
with reason 0x3e (connection failed to be established).
This fixes TP/CON/ADV/BV-02-C [Accepting Connections
Timeout] in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Signed-off-by: Ulrich Solli Myhre <ulmy@nordicsemi.no>
Whenever not using the whitelist the resolving list is traversed to
verify that the device is allowed depending on its current privacy mode.
In the case where the device is not found by address in the resolving
list, allow the request to go through, since we are then dealing with an
unknown devices and the resolving list restrictions do not apply.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
This causes num of packets command handling to dead lock since it
is done on RX buffer destroy if used on TX it may not be destroyed
on time causing.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
The specification states that the AdvA in a Scan Request packet should
be identical to the one sent in the original advertising packet, so
check this when processing a Scan Request.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
When the initiator is using an RPA and we match it using the filtering,
we should return early and allow the device packet through instead of
going through the whole resolving list.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The specification states that filter policies shall be ignored for
directed advertising, so reflect this behaviour in the code.
Additionally when the local device is using RPAs but the peer uses an
identity address, the resolving list index needs to be updated when
traversing the RL to reflect that there has indeed been a device match
even though the IRK match did not happen.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The AdvA in the CONN_IND packet must match the AdvA in the advertising
packet that triggered it regardless of the advertising type.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Added BUILD_ASSERT check for Tx and Rx thread priorities.
The Tx thread priority shall be higher than Rx thread
priority in order to correctly detect transaction violations
in ATT and SMP protocols. The Number of Completed Packets
for a connection shall be processed before any new data is
received and processed for that connection.
The Controller's priority receive thread priority shall be
higher than the Host's Tx and the Controller's Rx thread
priority.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This adds a second vendor service testing if service changed indications
works with more than one change in a row and as a bonus it implements
echo attribute which notifies any data that is written to it:
> ACL Data TX: Handle 3585 flags 0x00 dlen 9
ATT: Write Command (0x52) len 4
Handle: 0x0013
Data: 0000
< ACL Data RX: Handle 3585 flags 0x02 dlen 9
ATT: Handle Value Notification (0x1b) len 4
Handle: 0x0013
Data: 0000
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
With introduction of bt_gatt_service_unregister it is now possible to
unregister service at runtime.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
There could be situations where many services are changed in a row which
would cause k_sem_take to block on the second change, but if the calling
thread is actually the RX thread then this will deadlock since the RX
thread is the one processing the confirmations of indications and it is
blocked k_sem_give is never called.
To solve this the services changes are now offloaded to the system wq
and the code will attempt to consolidate the range being changed so only
one indication is send. If for some reason another changes is caused
while confirmation is pending we just reschedule it to run later to
avoid blocking the system wq in the same way.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
For consistency with the Resolving List, rename the whitelist filter to
match its type and the privacy-enabled version to align it with the
short name used in the RL.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
To correctly handle the allocation and deallocation of resolving list
items, the ll_rl_find and wl_pees_find functions have been modified to
return an invalid index instead of a negative value in case of error.
This is to avoid the ambiguity when mixing indices and negative numbers,
which does not play well with the first index 0.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Upcoming memory protection features will be placing some additional
constraints on kernel objects:
- They need to reside in memory owned by the kernel and not the
application
- Certain kernel object validation schemes will require some run-time
initialization of all kernel objects before they can be used.
Per Ben these initializer macros were never intended to be public. It is
not forbidden to use them, but doing so requires care: the memory being
initialized must reside in kernel space, and extra runtime
initialization steps may need to be peformed before they are fully
usable as kernel objects. In particular, kernel subsystems or drivers
whose objects are already in kernel memory may still need to use these
macros if they define kernel objects as members of a larger data
structure.
It is intended that application developers instead use the
K_<object>_DEFINE macros, which will automatically put the object in the
right memory and add them to a section which can be iterated over at
boot to complete initiailization.
There was no K_WORK_DEFINE() macro for creating struct k_work objects,
this is now added.
k_poll_event and k_poll_signal are intended to be instatiated from
application memory and have not been changed.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The following error and warning is received when connecting
to certain central devices:
[bt] [ERR] hci_num_completed_packets: packets count mismatch
[bt] [WRN] bt_att_recv: Ignoring unexpected request
This could happen if Tx-ed packet is not added to pending
list before a num of completed packets event and/or new Rx
packet is received.
This is fixed by reducing the Rx thread priorities in the
Host and the Controller.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The code in send_frag() depends on being able to allocate a new
pending tx contexts with 100% certainty. We must therefore notify
*all* connections instead of the current one in order to ensure that
there are free contexts available in free_tx.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The num_handles parameter of the Number Of Completed Packets event is
8-bits and not 16-bits, so no helper variable or byte order conversion
is needed.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
In case both conn->tx_notify and conn->tx_queue have data in them we
should first process the notify queue and only then new outgoing
packets.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Due to the missing remainder support in the ticker_start
function for first interval, fix implementation so as to
round the first interval/offset during master connection
setup and connection update to within +/-16us.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The worst-case maximum number of CCC entries we need is actually
MAX_CONN + MAX_PAIRED. Provide a helper define for it and use it
whenever appropriate.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The HCI Read Remote Version Information Complete event structure was
incorrect, leading to qualification test failures. This patch fixes the
structure and also the storing of the data in an endianness-agnostic
manner.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
To avoid manipulation of the irkmatch_ok and irkmatch_id, rely instead
on Resolving List indices for all checks in the advertising ISR.
Although we do incur in a small overhead to look it up initially, the
overall gains are worth the change.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The Controller reserved more than required time for
advertisement event length. Due to this, directed
advertisements did not meet the required <= 3.75ms
interval. It is now fixed by having event lengths based
on the advertisement PDU types.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Correct the default value (0x0) for the Event Mask Page 2 and add the
command to set it to the list of supported commands.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Correctly filter out the Authenticated Payload Timeout Expired event
based on the bit present on page 2 of the Event Mask.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
In order to be able to filter events present in Page 2 of the Event
Mask, this command allows the Host to set the Page 2 of the bitmask
through the corresponding command.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Reset and initialize filters correctly based on whether privacy is
enabled in the controller. Particularly relevant in the case of the
whitelist, which is handled in a completely different way if privacy is
enabled. Additionally reset the peer IRK list in the resolving list
whenever the list itself is cleared.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
When flashing in synchronous mode with BLE roles active,
ticker function calls will be deferred to avoid radio ISR
latencies. Increase the total operations supported by 1, to
accommodate flash driver's use of ticker operations.
It has been observed, without this increase, either the
flash driver returned -ECANCEL or the BLE Controller
asserted on data transmit as a slave (trying to force data
transmit on earliest connection event interval).
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Locking interrupts for a long duration is in general bad design, and
is particularly bad for the controller which depends on low latency
interrupts. Instead of using interrupt locking introduce a new flag to
track the shared buffer usage and simply drop characters if the flag
is set.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Implement privacy-enabled filtering in the advertiser role. This
includes all required checks when running address generation and
resolution so that the advertiser complies with the relevant
specification sections.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Fix missing re-initialization of ret_cb to
TICKER_STATUS_BUSY before every new call to ticker interface
functions' with operation's callback.
One issue was undirected advertisement disable to return
failure status in the scan_adv sample.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
With the fix in commit 3c23c6f53d ("Bluetooth: controller:
Fix assert due to stale tick count") it is required that a
skipping event shall abort the previous role in order to
enable the ticker_job to resume and reschedule next ticker
expiry.
In the scan_adv sample, with continuous scanning, an
advertiser would pre-empt it, but if the advertiser skipped
its event without aborting the scanner, the scanner is hung
with its rx window without a timeout, and HCI command to
stop the advertiser will wait forever to complete.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The scanner was reserving a little less slot ticks which
caused other roles to overlap before scan window could
close.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This doesn't make much practical difference, however it should resolve
Coverity CIDs 170740 and 170748.
Jira: ZEP-2343
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
With the ticker for flash driver added, the Controller was
corrupting memory outside its allocations by incorrectly
using the flash ticker instance to be a BLE role and
corrupting memory. This is now fixed by checking for the
ticker ids to be within the Controller's use before using
them.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
In some cases applications may want better control of advertising
instead of the stack doing automated re-enablement. Introduce a new
option that can be used to do more "manual" advertising control.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The BT_DEV_ADVERTISING flag already does a suffient job with tracking
the actual advertising state, so there's no need for bt_le_adv_stop()
to return an error if KEEP_ADVERTISING is set. We still need to clear
KEEP_ADVERTISING, but it should not be considered an error if it was
not set.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fixed uninitialised auto variables, that had caused compile
errors under CONFIG_DEBUG=y.
Jira: Zep-2334
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Temporarily, disable scan request notification reports when
LE Advertising Extensions feature is enabled; as support for
enabling scan request notification is not yet added to the
Controller's Link Layer interface functions, yet.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Intention is to test flash driver along with BLE radio.
Added flash shell module with commands for erase, write-check, read and
co-operation with radio stress test.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Extend radio ticker nodes for support in-timeslice execution
Added interface for abort the radio
Added interface for check whether the radio is idle
Added interface for get ticker IDs for timeslice ticker node
Added interface for check whether radio ticker is running
Added interface for check whether radio ticker is initialized
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
In order to associate a hit on the hardware IRK filtering with an entry
of the resolving list, add an array of correspondance between the IRKs
and the resolving list entries.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
In order for some of the required checks in the ISR to be performed, we
need to keep track of which of the items in the resolving list are in
the whitelist as well. Track them using a single bit in the resolving
list entries.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
In order to obtain the ID (index) of the device matched in a hardware
filter, a new API call has been added along with the required
implementation for nRF5x devices.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
When force scheduling a ticker use the number of times the
tickers have already skipped their intervals to decide if
the forced ticker can pre-empt the colliding ticker. This
introduces a fairness amongst tickers contesting for the
overlapping time slice.
Flashing in co-operation with Radio needs to be fair in
order to avoid connection supervision timeouts.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
In preparation towards mesh advertise implementation, avoid
one-shot tickers with slots, that have been scheduled to
expire, from being removed by a forced start or update
operation on another ticker.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Move the PRNG initialization after reading local supported commands,
so that we don't send HCI_LE_Rand if the controller doesn't support it
(we still need to fail the init however). The patch also removes a few
unnecessary #ifdefs related to crypto.h.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
To avoid iterating twice through the list, have ll_rl_find() return the
first free empty slot on the list.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Add handling of the LE Set Privacy Mode HCI Command along with the logic
required to take it into account when populating the hardware filters.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
In order for privacy to work correctly with and without peer IRKs, an
additional hardware filter is required to help match the peer device in
the case address resolution is not possible for a peer since the Host
has not provided a peer IRK for it.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
When removing a device from the resolving list, if it contained a peer
IRK then it is necessary to update the indices that point to the peer
IRK list, since the list itself is contiguous in memory.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
When using privacy, an additional cache of the actual privacy peers is
required to avoid additional processing in the ISR (since some of the
peers in the whitelist will be disabled by the corresponding privacy
settings). Add the cache and populate the actual whitelist just before
advertising, scanning or initiating a connection.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Properly use the role and feature Kconfig variables to populate both the
supported commands and the supported states in the controller.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Since the peripheral role depends on the broadcaster one, and the
central role depends on the observer one, select them automatically
instead of using defaults.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
It's possible that the controller will emit the number of completed
packets event before bt_send() returns, or possibly preempt
send_frag() before it manages to call add_pending_tx(). We have to
therefore add the pending TX entry before calling bt_send().
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fixed assert due to stale tick count in role event
preparation. This happens when ticker timeout expiry is
delayed from the requested realtime anchor, due to thread
mode processing overheads and occurring interrupts therein,
if any, that added a delay between requested anchor tick
and actual scheduling for the requested ticker timeout.
The assert is reproduced in bt shell by starting advertising
and following it with continuous scanning (interval 2.5ms,
window 2.5ms), on nRF51x. If the overheads and/or a
advertiser event delayed the scheduling of scanner by over
2.5ms, then the preparation of scanner asserted.
The assert has been fixed by checking for stale tick count
at expiry in role event preparation and skip the event
gracefully.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
For whitelist and resolving list handling, avoid trying to start the
advertiser and scanner roles when they are already running.
Additionally, and since simultaneous scanning and initiating is not
supported, correctly report this to the host both in the supported
states and in the HCI command via an error code, instead of silently
disabling scanning.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
We have conflicting types between the decleration and implementation of
several radio functions. We should be using u32_t everywhere. This
shows up when we try and build with newlib enabled.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Added HAL Radio abstractions to use SoC specific Radio Timings
as documented in SoC's electrical characteristics.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
An OCF is a 10-bit value as defined by HCI, and therefore requires a
16-bit integer to store it.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Fixed assert due to incorrect implementation of stopping of
advertiser role under directed advertisement timeout, and
also, fixed assert due to adv stop ticker not being stopped
on advertisement disable from thread mode.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Added checks for advertiser and initiator/target addresses
received in CONNECT_IND when performing directed
advertising.
This is required to pass TP/CON/ADV/BV-04-C [Directed
Advertising Connection].
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
When directed advertisements timed out, connection context
associated was not being released. Subsequent connectable
advertising or connection creation failed.
This is now fixed by releasing the connection context on
directed advertisement timeout.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Refactor whitelist handling into generic filter management in
preparation for future resolving list ID address filters.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Rename bt_gatt_unregister_service to bt_gatt_service_unregister to be
consistent with other APIs such as bt_gatt_service_register.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This initial commit adds the following:
* Handling of privacy HCI commands
* New Link Layer filter module for both whitelist and resolving list
* Advertising RPA generation with timeouts
Follow-up commits will expand the functionality.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Enforce the logical dependency between SMP, RPA generation and privacy
in the Kconfig files for the Bluetooth subsysem.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
For consistency with the return value and to conform with other naming
schemes, rename mem_is_zero() to mem_nz().
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Use globally available find_lsb_set in Zephyr instead of a
custom find first set function.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Moving the net_buf_pool objects to a dedicated area lets us access
them by array offset into this area instead of directly by pointer.
This helps reduce the size of net_buf objects by 4 bytes.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
gatt-unregister-service can be used to remove the test service at
runtime causing service changed to be indicated:
00:1b:dc:07:31:88 (public)> gatt-unregister-service
[bt] [DBG] gatt_indicate: (0x0011e100) conn 0x0011d880 handle 0x0008
[bt] [DBG] bt_att_req_send: (0x0011e100) conn 0x0011d880 req 0x0011db00
[bt] [DBG] att_send_req: (0x0011e100) req 0x0011db00
Unregistering test vendor service
< ACL Data TX: Handle 3585 flags 0x00 dlen 11
ATT: Handle Value Indication (0x1d) len 6
Handle: 0x0008
Data: 0a001000
> ACL Data RX: Handle 3585 flags 0x02 dlen 5
ATT: Handle Value Confirmation (0x1e) len 0
Jira: ZEP-2225
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
With the introduction of Service Changed support it is now possible to
unregister services at runtime.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds bt_gatt_register_service using bt_gatt_service which contains
the attribute array that is then added to the database saving a pointer
in each and every attribute declared.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
GATT is mandatory service and now that the db can only be build
dynamically there is no reason to keep the applications registering it.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
GAP is mandatory service and now that the db can only be build
dynamically there is no reason to keep the applications registering it.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This makes applications able to select the value used for the
GAP appearance attribute.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Removes CONFIG_BLUETOOTH_GATT_DYNAMIC_DB in preparation to the
introduction of bt_gatt_unregister.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
In certain cases a response may happen even before number of complete
packets is generated by the controller:
[bt] [DBG] att_req_destroy: (0x0011cfe0) req 0x0011daa0
[bt] [DBG] att_process: (0x0011cfe0)
[bt] [DBG] att_req_sent: (0x0011d780) conn 0x0011d820 att 0x0011d9a0
att->req 0x00000000
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
In preparation towards Privacy 1.2, move implementation that
swapped scan response PDU double buffer to same place as
where adv data PDU double buffer is swapped. So that, change
in AdvA in adv data PDU can be reflected in scan response
PDU buffer.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Added fix to avoid adv data set function call from
corrupting a ADV_EXT_IND PDU under LE Extended Advertising.
Also, avoid redundant code execution under directed
advertising.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Only ADV_IND, ADV_DIRECT_IND, and CONNECT_IND PDUs can have
ChSel bit set in Advertising channel.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The Bluetooth subsystem assumes execution of its system threads in
cooperative priority, including the system workqueue and the thread
that interact with the controller (i.e. calling bt_send). This commit
adds a compile-time check for the system workqueue priority and
documentation for the bt_send API call.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Fixed compile error due to the missing header file
dependency on bluetooth/hci.h, for bt_addr_le_t, in the
Link Layer header file.
Merge of PR #475 introduced the new dependency that broke
compilation after merge of #474.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Added a callback function ll_adv_scan_state_cb from the
Controller that gets called on either an advertiser or a
scanner getting started as the Controller's first enabled
state. The callback is also called on the Controller's
last disabled advertising or scanning state.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix missing implementation to reset the advertiser state
when directed advertisements stop without a connection being
established.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Add Bluetooth Link Layer LE Advertising Extensions commands
for manual testing the feature during development. First one
being advx command to start non-connectable non-scannable
extended advertising.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
In order to reuse code, the reset() function is used both to handle the
reset HCI command but also to initialize the internal HCI variables when
bringing up the system. In the latter case, avoid setting the reset bit
in the state atomic and signalling the polling API, since that is not
required during initialization.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
As a preparation for advanced filtering (Controller-based privacy) this
commit refactors whitelisting so that it becomes its own module and
actually correctly performs state tracking to avoid modifying the
whitelist when it's in use.
Additionally it also removes the duplicate separate entries for
advertising and scanning, since the specification only allows one single
global whitelist singleton.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Add internal functions to read advertiser and scanner filter
policy if the roles are enabled. This is required to
restrict updates to whitelist and resolving lists when
filter policy are being used by the roles.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Under invalid host behavior, trying to start advertising
while already active would corrupt the advertiser context.
This is fixed by having an explicit flag to check whether
advertiser is already running.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Under invalid host behavior, trying to start scanning while
already active would corrupt the scanner context. This is
fixed by having an explicit flag to check whether scanner is
already running.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Restrict encryption support on nRF51 series SoC to Bluetooth
LE 1M PHY and max. 27 bytes PDU. If 251 bytes PDU using Data
Length Update procedure is desired, then LE Encryption
procedure will not be supported (until a software CCM is
implemented in future).
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Add Kconfig option to be able to conditional compile the
Bluetooth v4.0 LE Encryption procedure.
This is needed in order to be able to not support encryption
on nRF51 series when using Data Length Update procedure with
upto 251 byte payloads until a software-based CCM support is
implemented.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Add a repeat param to gatt-write-without-response so that
it covers what gatt-write-without-response-repeated was
doing. gatt-write-without-response was removed in the
commit 26eae70da.
gatt-write-signed too will have repeat param with this
change.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
At the moment all bluetooth logs are prefixed with [bt] making it
difficult to understand where the logs belong to.
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
It's mandatory to set chan->ops so explicit checks for it are
redundant. What's worse, inconsistent checking for this triggers
static code analyzer warnings. This patch fixes Coverity CID 151984.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
buf->len should be validated before accessing it since remote can
send invalid frame_len which can result in out of bound memory
access.
This also fix the len check wrt cstate, since current check is
not considering the cstate length size and frame_len size.
Jira: ZEP-2110
Signed-off-by: Jaganath Kanakkassery <jaganathx.kanakkassery@intel.com>
Added shell module for the Bluetooth Controller's ticker
interfaces.
For now, info command enumerates active tickers' details.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This makes gatt-write-signed to reuse cmd_gatt_write_without_rsp since
it is quite similar and that adds the ability to send multiple octecs
instead of just a single byte.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>