If local IO capabilities allow MITM and LE SC is enabled then
FIPS level is reachable.
Change-Id: Icfb32fbffa0355117b6723d641a6d3db38feb87d
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
If P256 key is present use it to start encryption instead of starting
new pairing.
Change-Id: I7c8541359a785e6e22e63cdab5a92a402db83db3
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
The outgoing fragments don't need to reserve space for the L2CAP
header since we're copying from an original buffer that already has
this header (and continuation fragments don't have it a all).
Change-Id: I3ce18bf45f2a31f5ab3db395a506e35aa246762b
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We can simplify & shorten the code by doing the copying from the
original buffer straight in the create_frag() function.
Change-Id: I8e7676642a13095783071275fbccc248f55e245c
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
When send_frag() is given the original buffer (from tx_fiber) the
tx_fiber itself takes care of unrefing in case of failure. We need to
therefore instruct send_frag() when it can fully assume to own the
buffer (in case it's a separately created fragment) and when it should
leave it alone in case of failure (when it's the original tx buffer).
Change-Id: If4804e1fe19a9c7a0aa0694fdc2cbb58b10ece2b
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This way we're both able to properly utilize the fragments pool as
well as ensure that no two buffers for this connection end up being
fragmented into the tx_queue in an interleaved fashion (which would
just confuse the controller).
Change-Id: I3934cd3fbfc5e190d61475eb691a34a2df13ed74
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Since bt_conn_send doesn't currently return an error code it must be
assumed to consume the buffer no matter what. The only failure
condition is the "not connected" case, so make sure the buffer is
unreffed there.
Change-Id: I30e9a81d6f801a67d90ab59c1040b6f55261e71c
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
With this split we get better control of the buffer sizes and counts.
We also anyway will need a fragments pool so a simple generic ACL_OUT
pool doesn't make sense anymore. The related Kconfig options for that
have been removed.
Change-Id: I616cf49915a1cc0dc0ddc724e2e182bcbe0c80f6
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We know the needed values at build-time, so there's no point in having
a runtime mechanism of accessing them in the code. Having the values
as defines makes it e.g. possible to use them as input for defining
the size of buffer pools.
Change-Id: Ib7556644719bfb631e638fa5bf29f3d1747a5072
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This seems like a more appropriate place, and it's where we'll anyway
need to manage a separate pool for ACL_OUT fragments.
Change-Id: I6e0e2ec67d2f89a7f09787a3674405570d9b9cce
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This helps move the ACL_OUT buffer management into conn.c.
Change-Id: Ie5ef48e02eeef5077f433e42c1e2eba9bdb94f63
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch adds bt_conn_enc_key_size function which will be used
by application to check encryption keys size of a encrypted connection.
This will be used especialy by GATT applications, because some
attributes to be accessed require encryption with specified
minimum encryption key length.
> ACL Data RX: Handle 64 flags 0x02 dlen 7 [hci0] 708547.536685
ATT: Read Request (0x0a) len 2
Handle: 0x0003
< ACL Data TX: Handle 64 flags 0x00 dlen 9 [hci0] 708547.544302
ATT: Error Response (0x01) len 4
Read Request (0x0a)
Handle: 0x0003
Error: Insufficient Encryption Key Size (0x0c)
Change-Id: Idbc9afde7ec80504898bd8d1e193f3e71a93f3f9
Signed-off-by: Mariusz Skamra <mariusz.skamra@tieto.com>
If no keys are set for connection look-up it done. If keys are already
present there is no need for another look-up.
Change-Id: I0518772c4c9d8458b4b79aa7cb34a049324fb552
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
It is more intuitive to assume that the driver send() consumes (takes
ownership) of the buffer given to it.
Change-Id: I53d9cbebc0564d1d11110fc78a62ce0bbb3cdfd2
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Isolates existing LE connection specific attributes and
prepares for now empty BR/EDR specific connection internals.
Change-Id: Ib423306fbf60e8451998e3933aee00cb672a1106
Signed-off-by: Arkadiusz Lichwa <arkadiusz.lichwa@tieto.com>
If we fail to send an ACL packet to the HCI driver we should give back
the semaphore that counts available buffers on the controller side.
Change-Id: Ibad4039d24bcd49fe40b1f87608e1ad4c0248251
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
These make the code more readable when it comes to encoding and
decoding ACL handle values.
Change-Id: Ibd1972d6001c6c0c55428300f839b288dff1ce52
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Now that we have the buffer type enum as part of the HCI driver API we
can take advantage of it to pass the buffer type information and not
have to have two separate callbacks.
Change-Id: Ib2ee5b1540e532c9b27903e97660a276c1293fbc
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Since the buffer type is essentially a HCI driver - HCI core
communication detail the appropriate place for it is driver.h. At the
same time remove the unnecessary and slightly confusing BT_DUMMY type.
Change-Id: Ic813ad24d8f0530d3779006063ea21b010d29cf6
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This is a necessary step in preparation for removing the buffer type
information from the buffers.
Change-Id: I29d8fae32aa660416a1c12e87840499c711e659f
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Convert the code to use the net_buf API instead of the soon to be
removed bt_buf API.
Change-Id: I7f4577ba31f8e5646873f164ff308c71d23021e5
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We want to make the naming convention ref/unref rather than get/put.
So far the only reference counted objects are the buffers and the
connections. For the buffers the new generic buffer API will also use
ref/unref.
Change-Id: I9fe8b8a6a50a8baf06ba231e8f6717a5a47dd292
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This split L2CAP API so that server API is available to applications
while the rest of the API is keep internal to the stack.
Change-Id: I031926ff906ce100684fba0947b2e9eb2c8fcaeb
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Factor out role dependent code to helper. This allows to get rid of
'done' label without decresing code readibility. Allows to cleanly
build with CONFIG_BLUETOOTH_PERIPHERAL and CONFIG_BLUETOOTH_SMP
defined.
Change-Id: I33606955ae8b1c75385e2eee89620761d59f0108
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This allows to pair with devices that use reduced encryption key size.
Encryption key size is stored with keys for future use. LTKs are kept
in full form (16 bytes) and are reduced only when used.
As master:
< ACL Data TX: Handle 64 flags 0x00 dlen 11
SMP: Pairing Request (0x01) len 6
IO capability: NoInputNoOutput (0x03)
OOB data: Authentication data not present (0x00)
Authentication requirement: Bonding, No MITM, Legacy,
No Keypresses (0x01)
Max encryption key size: 16
Initiator key distribution: EncKey Sign (0x05)
Responder key distribution: EncKey IdKey Sign (0x07)
> ACL Data RX: Handle 64 flags 0x02 dlen 11
SMP: Pairing Response (0x02) len 6
IO capability: KeyboardDisplay (0x04)
OOB data: Authentication data not present (0x00)
Authentication requirement: No bonding, No MITM, Legacy,
No Keypresses (0x00)
Max encryption key size: 7
Initiator key distribution: <none> (0x00)
Responder key distribution: <none> (0x00)
...
< HCI Command: LE Start Encryption (0x08|0x0019) plen 28
Handle: 64
Random number: 0x0000000000000000
Encrypted diversifier: 0x0000
Long term key: df3cff52a981d6000000000000000000
As slave:
> ACL Data RX: Handle 64 flags 0x02 dlen 11
SMP: Pairing Request (0x01) len 6
IO capability: KeyboardDisplay (0x04)
OOB data: Authentication data not present (0x00)
Authentication requirement: No bonding, No MITM, Legacy,
No Keypresses (0x00)
Max encryption key size: 7
Initiator key distribution: <none> (0x00)
Responder key distribution: <none> (0x00)
< ACL Data TX: Handle 64 flags 0x00 dlen 11
SMP: Pairing Response (0x02) len 6
IO capability: NoInputNoOutput (0x03)
OOB data: Authentication data not present (0x00)
Authentication requirement: No bonding, No MITM, Legacy,
No Keypresses (0x00)
Max encryption key size: 16
Initiator key distribution: <none> (0x00)
Responder key distribution: <none> (0x00)
...
> HCI Event: LE Meta Event (0x3e) plen 13
LE Long Term Key Request (0x05)
Handle: 64
Random number: 0x0000000000000000
Encrypted diversifier: 0x0000
< HCI Command: LE Long Term Key Request Reply (0x08|0x001a) plen 18
Handle: 64
Long term key: 701b431a9e17bb000000000000000000
Change-Id: Ibc70aa01c040aff0d39410d273d6880d35aa5ae0
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This is in preparation for supporting different encryption key sizes.
Change-Id: I36ed61a35fbe4988ce863127ae318c63f9298dd3
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Change all the Intel and Wind River code license from BSD-3 to Apache 2.
Change-Id: Id8be2c1c161a06ea8a0b9f38e17660e11dbb384b
Signed-off-by: Javier B Perez Hernandez <javier.b.perez.hernandez@linux.intel.com>
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Signed-off-by: Allan Stephens <allan.stephens@windriver.com>
Signed-off-by: Benjamin Walsh <benjamin.walsh@windriver.com>
If bt_conn_security failed required security level should be set
back to current security. Otherwise it might not be possible to
try later on with lower security.
Change-Id: I3ad7151f2cdff15147b9948bbdab516b8cc16ce2
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Rename bt_conn_connected to notify_connected. This will avoid
confusion with BT_CONN_CONNECTED state name. Same goes with
bt_conn_disconnected.
Change-Id: I6e9d50016036b30345068ef2a6bb556c45d7dd06
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Delaying only connected callback resulted in races where security
or pairing callback could be called before bt_conn connected.
Currently only procedure that relies on read features is connection
parameters update and that should not conflict with other traffic.
Change-Id: I835535abbff21ea8d86b728f5681f90ef9fd337c
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Gather SMP related code together so that it can be placed under
single blocks of ifdefs.
Change-Id: I3c2e71243b694e9984ae8e88025a6ead7969e020
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This allows to not compile SMP support for devices that don't
require pairing. It is required to support SMP channel and reply
with error for any command received even if pairing is not supported.
To handle this cleanly a null smp implementation is used that case.
Change-Id: I656a52dac882839db904eee65f25a4e29ea2d8c2
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This allows to specify which roles are supported. Broadcaster and
Observer roles are always supported.
Image size reduction for samples apps:
beacon 43148 -> 15196
central 46892 -> 46356
peripheral 47532 -> 45940
Change-Id: If260c13d63651b9b54df5bafc2c412b01dcb1eb0
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Separate connection master role related parts in single block making
it simpler to split. This is a preparation for being able to compile
in only central or peripheral role support.
Change-Id: I27dc9b32048bf4e682149d5f1d5edbd994155e2b
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
The HCI driver send() callback may fail and in such a case require
different handling on the core stack side. This patch introduces the
missing error handling to the places calling drv->send().
Change-Id: Ia0e4f05aedd88c268cf0da98b11924eb3c5c4c0b
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The core specification says the following about the treatment of
unacknowledged packets when a disconnection occurs (page 773 in core
spec 4.2):
"When the Host receives a Disconnection Complete, Disconnection Physical
Link Complete or Disconnection Logical Link Complete event, the Host shall
assume that all unacknowledged HCI Data Packets that have been sent to the
Controller for the returned Handle have been flushed, and that the
corresponding data buffers have been freed. A Primary Controller does not
have to notify the Host about this in a Number Of Completed Packets event"
This patch adds tracking of unacknowledged packets on a per-connection
basis and makes sure the semaphore that counts controller buffers is
given back the appropriate amount when a disconnection occurs.
Change-Id: I2ff4d12ffa50d4dda5b3e8c75fc75b4c0927e609
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
All required includes should be placed in source file that includes
internal header.
Change-Id: I161e7ebe2e62377ea4cf03f759d48f5900103076
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This callback is called if security level of a connection was changed.
Change-Id: I268da245cf4b7f6d2bfbd57969ce2da6c34fc69f
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
bt_conn role can be set when LE Connection Complete event is received.
Controller indicates to both Hosts forming the connection their role
in this connection.
Change-Id: I35455eff54afa30665611415ac52e19089f2e649
Signed-off-by: Mariusz Skamra <mariusz.skamra@tieto.com>
This callback is called if identity was resolved for remote device
that was using Resolvable Private Address while connection. From
now on only Identity Address is used.
Change-Id: I5976be575a8e4ad8c13f56d7bc274d751ae37511
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Keys from same pairing have are of similar key type and
this can be stored in single place.
Change-Id: I38426c282604769424098af6ee26e0cf9cb5f358
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Since then bt_conn_connected as well as bt_l2cap_disconnected callback
can be called from bt_conn_set_state directly.
Also connected cb could be called from there, however
eg. introduction of some additional state is required TBD.
Change-Id: Ida6906272e1468ef5b41ba8dba2a936db049d308
Signed-off-by: Mariusz Skamra <mariusz.skamra@tieto.com>
If ref is zero other struct bt_conn fields should be considered
garbage. Using ref count instead of address is also faster.
Change-Id: Ic3b30c0fdbce8f93f81095d3671be0e54eac1455
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
If high security is required but keys are unauthenticated start
pairing instead of encrypting with too weak keys.
Change-Id: I35e5f0c1ab86660479288908152d61823ffb102e
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Adds fiber which starts with some specified delay.
If the fiber is not cancelled, bt_disconnect is called to
cancel creation of connection.
Change-Id: I06667d970ba3398f205f19f1d2e76ab6c283f274
Signed-off-by: Mariusz Skamra <mariusz.skamra@tieto.com>
