Most places used an int so that should have handled most cases but
keys_set was using an unsigned int, which meant that checking len > 0
is an expression that is always false, and the error handling is not
working.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fixes#23485
When we create a GATT table dynamically, we also create a hash
identifying this table. This hash can be stored in persistent memory and
we can thus determine after recreating the GATT table whether the
services have changed or not from before the reboot.
When these hashes are identical, it implies that the table has not
changed, wherefore a service changed indication should not be sent to
any bonded clients. The method for achieving this was to remove the
gatt_sc.work entry from the work queue. This work queue entry was to
send an indication to the clients when the table had been allocated.
If the final entry then caused the hashes to match, the indication
would be cancelled.
On unit testing this behaviour in simulation and in practice, we found
that the indication was sent nonetheless, and the issue was located to
be tied to the SERVICE_RANGE_CHANGED flag which is set when the services
are changed and is cleared when the indications are being sent out.
It was the job of the work queue entry to clear this flag, and as the
entry was never serviced, the flag was never cleared, and when
sc_commit() is called at the end of the process, it believes that there
is a new service change pending and therefore starts the job over, thus
creating a redundant indication to the clients.
This commit fixes the issue by clearing the flag when the work entry
is removed due to a hash match. This has been unittested in a live
environment, in a simulation environment, and sanitycheck has been run
on it.
Signed-off-by: Dan Erichsen <daee@demant.com>
If the client is change-unware and disconnects the spec requires that
the stack still sends the error out of sync for the next request:
'The ATT_ERROR_RSP PDU is sent only once after the client becomes
change-unaware, unless the client _disconnects_ or the database changes
again before the client becomes change-aware in which case the
ATT_ERROR_RSP PDU shall be sent again'
Fixes#23110
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fix issue where a new connection with the same peer would use the CCC
from from first connection, despite different local identity.
Since there is no CCC for the new connection yet this caused the
application to think that CCC was enabled but the remote device had not
yet subscribed.
Fix this issue by making the id as an input to the peer address check
function. This will force us to make the check every time. This commit
might also fix similar issues not yes discovered as the ID check was
missing in a few other places as well.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix issue where an invalid (all zeroes) hash was written to settings
storage on reset. This caused the old value to written to zeroes, before
being written back to it's original value again immediately after.
This causes excessive flash wear.
This happens because the check if (k_delayed_work_remaining) returns the
amount of time until the work will execute. When that time has run out
the time is zero, but the work has not yet been executed.
We then write the invalid hash to flash, and then once the work-item
executes it will write the correct value.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
SC config data is no longer stored within the CCC config itself
therefore it must be cleared separately.
Fixes#22539
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fix bt_gatt_indicate using the wrong attribute pointer when a uuid was
provided as input.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The path to include/drivers should not be in the compiler include path
list, only include/. In order to make this possible, always explictly
refer to hci_driver.h via the drivers/bluetooth/ path and not only
bluetooth/.
Fixes#21974.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Current implementation of application's cfg_write callback only has the
possibility of returning boolean status, which in case of failure only
allows for one error code; BT_ATT_ERR_WRITE_NOT_PERMITTED.
This change makes the application able to add own security check on
characteristic subscription in the cfg_write callback and report a more
relevant error code (e.g. BT_ATT_ERR_AUTHORIZATION).
Signed-off-by: Kim Sekkelund <ksek@oticon.com>
This further reduce the overhead on each subscription at expense of
having a dedicated array to store subscriptions, the code now maintain
a separate list for each peer which should also scale better with large
number of subscriptions to different peers.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This should reduce the footprint on applications that do a lot of
requests i.e have a lot of subscriptions.
Fixes#21103
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Providing 'tmp', which was never updated, resulted in removeal of
subscriptions from the beginning.
Using the updated 'prev' resolves this.
Signed-off-by: Marco Sterbik <madbadmax00@gmail.com>
Check that the bluetooth device has in fact been initialized before
continuing with public API calls. This could lead to crashes when using
state that has not yet been initialized.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
When set, the BT_GATT_SUBSCRIBE_FLAG_NO_RESUB flag indicates that the
subscription should not be renewed when reconnecting with the server.
This is useful if the application layer knows that the GATT server
persists subscription information.
Signed-off-by: François Delawarde <fnde@oticon.com>
Fix issues that surfaced when trying out GCC 9.2, official release name
gcc-arm-none-eabi-9-2019-q4-major, both related to invalid pointers in
GATT when declaring UUIDs in if-scope.
1. Fix the discovery callback giving an invalid pointer in the discovery
callback in two instances.
2. Fix gatt_find_type sending invalid data during discovery procedure.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix ATT MTU size of length variables resulting in wrong length values
reported to the user. Communicating with an Android device using an MTU
of 517 resulted in write commands reported as length 2 instead.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Since bt_conn_send_cb can fail to send buffer causing it to unref this
may cause buffer leaks as the caller is not aware of the error assuming
the buffer could be sent.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fix GCC9 warning "warning: taking address of packed member of
'struct sc_data' may result in an unaligned pointer value"
Issue is that the on-air structure of sc_data was re-used for the gatt
service changed data.
Added build assert because data is stored in settings, so the structure
should be the same size to be compatible.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Move functions in order to avoid function prototype and use IS_ENABLED
instead of #if defined where possible.
Signed-off-by: François Delawarde <fnde@oticon.com>
This commits adds a BT_SETTINGS_CCC_LAZY_LOADING option to allow for
CCC settings to be loaded on demand when a peer device connects in
order to reduce memory usage.
Signed-off-by: François Delawarde <fnde@oticon.com>
Maintain Service Changed entry as long as the peer device is subscribed
to SC indications and bonded. This allows to save indication data for
disconnected peers peers when CCC settings are not available (loaded
on-demand).
Signed-off-by: François Delawarde <fnde@oticon.com>
Fix GATT buffer leak when bt_att_send returns error the allocated
buffer is never freed. Discovered case where the link was disconnected
during the function call, so when GATT checkd the link was still
connected, but ATT checkd the link was disconnected.
Fixes: #19889
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix bug in bt_gatt_attr_next when given an attribute that has static
allocation. The handle is then 0 and the function would always return
the attribute with handle 1.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add public API function in GATT to check if a specific connection has
subscribed to the given attribute.
Without this function the application has to keep track of which
connections has subscribed using the callbacks from BT_GATT_CCC_MANAGED
since the cfg_changed callback of the CCC doesn't carry connection
context.
The other alternative is for the application to parse the information
in the struct _bt_gatt_ccc object. Although this object has structure
information available to the application the structure is marked as
internal, so the application shouldn't rely on this definition.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add support for persisted Service Changed data, to fix the case of a
paired device not reconnecting before a reboot and thus not receiving
SC indication. It also enables support for GATT database being changed
during a firmware update.
Move Service Changed data outside of the CCC struct and make it
persistent by adding support for a bt/sc/... setting.
Signed-off-by: François Delawarde <fnde@oticon.com>
The Service Changed characteristic support should also work when the
GATT database has been modified after reboot (firmware update scenario)
This commit introduces a BT_GATT_SERVICE_CHANGED config option that is
independent from BT_GATT_CACHING and BT_GATT_DYNAMIC_DB.
Signed-off-by: François Delawarde <fnde@oticon.com>
Calling indicate or notify on a disconnected connection object would
result in the error code ENOMEM when failing to acquire buffers instead
of the expected return code ENOTCONN.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Some modules use snprintk to format the settings keys. Unfortunately
snprintk is tied with printk which is very large for some embedded
systems.
To be able to have settings enabled without also enabling printk
support, change creation of settings key strings to use bin2hex, strlen
and strcpy instead.
A utility function to make decimal presentation of a byte value is
added as u8_to_dec in lib/os/dec.c
Add new Kconfig setting BT_SETTINGS_USE_PRINTK
Signed-off-by: Kim Sekkelund <ksek@oticon.com>
This moves check_perm code under GAT and make use of it to check if CCC
write permission can be attended by the connection security level or if
it needs to be increased.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds support to set different permissions to CCCD so security can
be checked when enabling notification which conforms to:
BLUETOOTH CORE SPECIFICATION Version 5.1 | Vol 3, Part G page 2360:
'3.3.3.3 Client Characteristic Configuration
Authentication and authorization may be required by the server to
write the configuration descriptor.'
In addition to that also ensure that notification are not re-enabled
until the proper security level is reached to conform to the following
statement:
'10.3.1.1 Handling of GATT indications and notifications
A client “requests” a server to send indications and notifications
by appropriately configuring the server via a Client Characteristic
Configuration Descriptor. Since the configuration is persistent
across a disconnection and reconnection, security requirements must
be checked against the configuration upon a reconnection before
sending indications or notifications. When a server reconnects to a
client to send an indication or notification for which security is
required, the server shall initiate or request encryption with the
client prior to sending an indication or notification. If the client
does not have an LTK indicating that the client has lost the bond,
enabling encryption will fail.'
Fixes#17983
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
CCC storaged is no longer declared separetly so check if ccc->cfg
matches with sc_ccc_cfg no longer works so instead use the cfg_changed
callback and match against sc_ccc_cfg_changed.
Fixes#19267
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This removes the necessity of registering the storage for CCC and make
it part of the declaration itself.
Fixes#18547
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds support to provide an UUID to bt_gatt_indicate so API user
don't need to hardcode the attribute offset by hand.
Fixes#18572
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This fixes the dead code when parsing Find Information response since
the index counter can never be zero, instead it checks there are any
attributes found and if there nothing don't proceed with discovering
which was the original intent of the now dead code.
Fixes#18384
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When the database changes and a client becomes change unware it should
also clear the out of sync flag as the following request should return
an error:
Core Spec 5.1 | Vol 3, Part G, 2.5.2.1 Robust Caching:
'The error response is sent only once after the client becomes
change-unaware, unless the client disconnects or the database changes
again before the client becomes change-aware in which case the error
response shall be sent again.'
Fixes: #18183
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This fixes the following crash:
ASSERTION FAIL [0] @ ZEPHYR_BASE/subsys/logging/log_core.c:180
argument 2 in log message "%s: Stored CCCs for %s (%s)"
missing log_strdup().
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Core 5.1, Vol 3, Part F, 3.3.1
"Multi-octet fields within the GATT profile shall be sent least
significant octet first (little-endian) with the exception of the
Characteristic Value field. The Characteristic Value and any fields
within it shall be little-endian unless otherwise defined in the
specification which defines the characteristic."
Fixes: GATT/SR/GAS/BV-02-C
Fixes: #17857
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
This introduces a new flag (BT_GATT_SUBSCRIBE_WRITE_PENDING) which is
set when a write operation requires canceling before the parameters can
be reused.
Fixes#17534
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Submit GATT database hash as a delayed work to prevent it being run
twice if we register dynamic services.
Signed-off-by: François Delawarde <fnde@oticon.com>
