The storage for the public key is pub_key in hci_core.c.
When the public key event is generated the public key is copied into
this buffer, but the pointer to the event storage of the key is given
in the public key ready callback (bt_smp_pkey_ready).
SMP expects that it is safe to assign a global pointer to this variable.
In smp_init bt_pub_key_get is used to get the pointer to the public key.
In both cases SMP assigns the le_sc_pub_key to the pointer given.
This creates an issue when bt_smp_pkey_ready callback occurs after
smp_init during pairing procedure, SMP will then have a pointer to an
event buffer that has been released and contains invalid data.
Fixes: #18580
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Increase temporary buffer size to 8 bytes in fcb_append to prevent
stack overflow in case flash alignment is bigger then 2 bytes.
Signed-off-by: Jan Van Winkel <jan.van_winkel@dxplore.eu>
We need to increase the stack size of the main thread, to
avoid stack overflow, when executing the tests on various
platforms.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Add console testing harness for expected output. This allows us
to validate that the test is running properly on hardware.
We expect output of the form (the Reboot_counter will increment
overtime).
Id: 1, Address: 192.168.1.1
Id: 2, Key: ff fe fd fc fb fa f9 f8
Id: 3, Reboot_counter: 5
Id: 4, Data: DATA
Id: 5, Longarray: 0 1 2 3 4 5 6 7 8 9 ... 7f
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Add simple console testing harness for expected output. This allows us
to validate that the test is running properly on hardware.
We expect the sample to report back somthing like:
Counter received: 1
Counter received: 2
Counter received: 3
Counter received: 4
...
etc.
So have a simple regex check for it.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Some smaller stm32l0x MCUs, such as stm32l011x, do not have GPIOH
port. Fix build for those by checking LL_SYSCFG_EXTI_PORTH macro.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Ensure that two routines won't interfere with eachother.
In current situation there is possibility that ENDRX will be called
during rx_timeout routine or vice-versa which will result in wrong
offset and length passed to user.
Signed-off-by: Mieszko Mierunski <mieszko.mierunski@nordicsemi.no>
Due to longer than expected user callback handling, rx byte counting
got out of sync with real values. It leads to incorrect values
reported to user. This fix adds sync point at the end of buffer.
When using hardware rx counting this issue should not occur.
Signed-off-by: Mieszko Mierunski <mieszko.mierunski@nordicsemi.no>
The size of the request buffer (USB_REQUEST_BUFFER_SIZE)
is configurable and depends on the needs of an application.
Check if the request buffer is not too small.
Signed-off-by: Johann Fischer <j.fischer@phytec.de>
Give the security changed callback when the peripheral initiated
security request and peer attempted to encrypt the connection but no LTK
match was found.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Make sure that a new pairing procedure with an existing bond does not
result in a security with weaker security properties.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add option to force the host to initiate pairing procedure even if the
host has encryption keys for the peer.
This option can be used to pair with a bonded peer that has deleted its
bonding information without deleting the keys. If new pairing results
in weaker keys the pairing will be aborted.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add security error to security_changed callback. Call this callback when
security has failed and provide current security level and error.
Reason for failure can be.
- Pairing procedure failed, pairing aborted before link encryption.
- Link encrypt procedure failed
- Link key refresh procedure failed.
Fix missing bt_conn_unref on encryption key refresh with error status.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Stop the pairing procedure in the request phase if no storage is
available for the keys. This avoids the pairing procedure from failing
during the key distribution phase.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Proved the Authentication callback for pairing failed and pairing
complete when BR/EDR SSP is complete.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Allow SMP debug keys to behave in the same way as normal keys, in order
to debug with encryption and Bluetooth sniffer the exact way it behaves
when not using debug keys.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
A second semaphore is used for the second trickle timer, so that if the
first timer expires twice before the second one, the test would still
wait before proceeding to check on cb_2_called.
Fixes#18598.
Signed-off-by: Vincent Wan <vincent.wan@linaro.org>
The commit fixes the way we determine an available
NVIC IRQ line to perform the zero-latency IRQ test.
The test can now run properly on SOCs that do not
have a continous set of implemented NVIC IRQ lines.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
The reason we decide to ignore it in code coverage:
1.No test case can cover the function for code coverage.
2.Even if we added a test for testing, it would be marked as
"never be called by other code" because the function cause
CPU halted and it can't return.
Signed-off-by: Peng Su <peng.su@intel.com>
Set the recommended thread stack size to 40 bytes in case a build is
made for a 64-bit native posix board
Signed-off-by: Jan Van Winkel <jan.van_winkel@dxplore.eu>
When LWM2M_RD_CLIENT_SUPPORT_BOOTSTRAP is enabled:
- Mark the first server as a bootstrap server
- Create second server and security instances (used by bootstrap
server)
This allows bootstrap support to be tested out of the box with
the following:
- setup Leshan bss-server-demo (bootstrap server) on port 5783
- setup Leshan server-demo (lwm2m server) on port 5683
- add an entry into the bootstrap server:
LWM2M Server=coap://[2001:db8::2]:5683
- build the sample like so:
west build -t run -b qemu_x86 \
-s zephyr/samples/net/lwm2m_client/ -- \
-DCONFIG_LWM2M_RD_CLIENT_SUPPORT_BOOTSTRAP=y \
-DCONFIG_LWM2M_PEER_PORT=5783
Signed-off-by: Michael Scott <mike@foundries.io>
When the bootstrap support was added, it looks like I somehow missed
the handling block in the engine.
Let's add it now to fix boostrap support.
Fixes: https://github.com/zephyrproject-rtos/zephyr/issues/18080
Signed-off-by: Michael Scott <mike@foundries.io>
- LWM2M_SECURITY_INSTANCE_COUNT wasn't following the standard of
having the unconditional default in the last position
- LWM2M_SERVER_INSTANCE_COUNT needs another instance when
bootstrap is enabled.
Signed-off-by: Michael Scott <mike@foundries.io>
LwM2M boostrap support is enabled via the config option:
LWM2M_RD_CLIENT_SUPPORT_BOOTSTRAP. If enabled, this config sets
the default # of server and security instances. However, this is
not working correctly because LWM2M_RD_CLIENT_SUPPORT_BOOTSTRAP
is defined below it's uses in the Kconfig file.
Let's move the RD_CLIENT configs higher in the Kconfig to fix this
behavior.
Signed-off-by: Michael Scott <mike@foundries.io>
The sphinx-tabs extension provides a tabbed interface within documents
that will let us dynamically display information based on a user
selection, for example, for instruction variations based on the user's
development OS (Linux, macOS, Windows).
I'm adding this early so it can get integrated into the CI doc build
before subsequent PRs using this extension are submitted.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
The test assumes that storage is clear before it runs. This
might be not true as lot of devices are only partially erased by
'west flash'.
Patch introduce procedure for testing whether test runs the first
time and clear storage if so.
The procedure uses mark which is stored inside SoC embedded program
flash. It will not work one devices on which read/write to it is
impossible.
fixes#16463
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
CONFIG_NUM_IRQS blindly assumes CONFIG_2ND_LEVEL_INTERRUPTS
and CONFIG_3RD_LEVEL_INTERRUPTS are always enabled together,
which is not always the case. So fix the #define.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
There are only 178 interrupt lines on CC3220SF. Hence we should not set
NUM_IRQS to a value exceeding that value. We are changing it to 178.
Fixes#18593
Signed-off-by: Vincent Wan <vincent.wan@linaro.org>
CONFIG_NET_SOCKETS_POSIX_NAMES is incompatible with POSIX_API, so it's
disabled by the build system. It's no longer required anyway.
It is a leftover from before #16557 was merged.
Signed-off-by: Piotr Zierhoffer <pzierhoffer@antmicro.com>
west is yet another python package, so lets add it here. This will
provide us with one single file with all python requirements that can be
used during setup and for example for docker images.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
The commit contributes the implementation of
get_entropy_isr API function for the SAM entropy
driver. The implementation is similar to get_entropy,
with the difference that it does not invoke k_yield()
when called with the ENTROPY_BUSYWAIT options flag set.
When the function is invoked without the ENTROPY_BUSYWAIT
flag, it simply returns whatever data is available,
without busy waiting on the RNG herdware.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Use LOG_LEVEL_INF as defautl log level and use LOG_INF
for important messages. Relax while loop and
give CPU resources to low priority threads like logging.
Signed-off-by: Johann Fischer <j.fischer@phytec.de>
Update state after RESUME event.
Use LOG_INF for important events and log a
warning if the data is discarded.
Fixes#17488
Signed-off-by: Johann Fischer <j.fischer@phytec.de>
If no challenger went to replace the best port/vector, then the best
port is still the global_ds and thus point to the same memory: no need
to update the global_ds then.
Coverity-CID: 203471
Coverity-CID: 203464
Fixes#18395
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Looks like the logic to count rejection is missing. Removing count_rej
variable, and set a comment about initializing the code to the right
value once this logic will be in.
Coverity-CID: 203514
Fixes#18398
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Nordic platforms measure ticks in cycles of a 32 KiHz clock for which
the minimum compare delay is 2 ticks. The test assumed an upper bound
of four ticks delay per loop iteration, resulting from alignment at
various layers. This delay is met on Nordic for tick rates at or below
16384, but is too short for the default 32768 Hz tick rate.
Instrumentation confirms that the usleep test loop body on Nordic at 32
KiHz ticks takes 3 ticks as the optimum delay, only when a debug probe
is active. In other circumstances it can take either 5 or 6 ticks,
depending on timer alignment and stability.
Relax the upper bound for platforms using this system timer at the
highest rate.
Closes#17965.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
Documents generated for a tagged release have a header that mentions
that the "latest" (master branch) version of the doc may be more up to
date, but the link to the corresponding master doc is missing the
/latest/ (previously the master docs were in the root folder.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Fixes: #17764
The mutex locking was written to use k_sched_lock(), which doesn't
work as a synchronization primitive if there is another CPU running
(it prevents the current CPU from preempting the thread, it says
nothing about what the others are doing).
Use the pre-existing spinlock for all synchronization. One wrinkle is
that the priority code was needing to call z_thread_priority_set(),
which is a rescheduling call that cannot be called with a lock held.
So that got split out with a low level utility that can update the
schedule state but allow the caller to defer yielding until later.
Fixes#17584
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
