Send unknown rsp instead of asserting when encryption related control
PDUs are received in the wrong state.
This would allow an attacker to intentionally crash the device.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Stop the Length request procedure from initiating during the encryption
procedue. This would cause the peer to disconnect the link with error
code LMP_TRANSACTION_COLLISION
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Set the encryption procedure pending and start it as soon as
there are no other procedures running.
This allows the Host to enqueue the encryption procedure, and not
get disallowed command because a different LL procedure is active.
Fixes#15012
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The fix done in #14938 introduced a later assert when raising an HCI
event for the procedure that was terminated during the procedure
collision handling. This assert happens because the unknown rsp
has information that is needed when raising the event.
Solve this by copying the scratch packet into the node buffer so that
we keep the data.
Fixes#15183
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The master is using unknown rsp to terminate slave side initiated
procedures that has collided with the encryption procedure initiated by
the master.
We need to handle an unknown response that is sent in unencrypted during
the encryption procedure, even though we have already set up to receive
encrypted packets.
Fixes#14044
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix a bug where the controller would use the length
field of the advertisement packet before checking
if the length field was valid.
It is possible that the controller has received a packet
that passes CRC check but has a length field that is invalid.
This would cause the scanner to overwrite the scan report
buffer
Fixes: #14741
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Peer side will disconnect if controller initiates
Encryption procedure before PHY update procedure
has finished.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix bug in LL encryption procedure, controller was
using the wrong pointer to connection state.
Function event_enc_prep is called from
slave_event_prepare, where _radio.curr_conn has not
been assigned yet.
The connection ended up sending LL_START_ENC_RSP
unencrypted, resulting in disconnect on the peer
side with reason MIC failure.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix implementation to correctly return the configured
default Tx Power Level.
Also, fix the missing use of RADIO_TXP_DEFAULT in the new
ULL/LLL implementation of Advertiser and Observer states.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Add implementation in controller to use range delay
alongwith the active clock accuracy jitter.
Range has been hard coded to 1000 meters, suffices
modules out in the market.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Workaround from asserting when Rx PDU buffers from pool
needing resize is acquired by another connection. By
skipping the connection events to give some headroom for
the host to process the Rx packets and eventually make the
pool available for resize.
Fixes#11841.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Some old peer central controllers respond with Unknown
Response PDU to our local Slave Initiated Feature Request
after the peer initiated the Encryption Setup Procedure.
The peer has voilated the Bluetooth Specification by sending
the Unknown Response during the Encryption Setup Procedure,
but as a workaround to IOP with such controller our local
implementation is updated to not disconnect the connection
but accept the voilating Unknown Response PDU.
Relates to #12362.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
There are issues using lowercase min and max macros when compiling a C++
application with a third-party toolchain such as GNU ARM Embedded when
using some STL headers i.e. <chrono>.
This is because there are actual C++ functions called min and max
defined in some of the STL headers and these macros interfere with them.
By changing the macros to UPPERCASE, which is consistent with almost all
other pre-processor macros this naming conflict is avoided.
All files that use these macros have been updated.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
Return meaninful HCI error when it's not possible to start advertising
because of maximum number of connections already in use.
Signed-off-by: Filip Kubicz <filip.kubicz@nordicsemi.no>
Preliminary work done towards Mesh extensions on the old LL
architecture implementation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Missing updates to old architecture implementation towards
introduction of new ULL LLL architecture.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Refactored the internal LL interfaces to have return value
to match the HCI error code u8_t data type.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This commit renames the nrf5_clock_control.h and
nrf5_clock_control.c files to nrf_clock_control.h and
nrf_clock_control.c, respectively, as they are used
in nRF9160 builds, as well.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit renames the CLOCK_CONTROL_NRF5 Kconfig symbol to
CLOCK_CONTROL_NRF. The change is required to aleviates confusion
when selecting the symbol in nRF9160 SOC definition.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Preparation to introduce the Upper Link Layer (ULL) and
Lower Link Layer (LLL) split architecture.
- Move SoC dependent HAL to vendor specific folder.
- Preparation to split data structures into ULL and LLL
types.
- Added more role and state conditional compilations.
- Added some work-in-progress implementation of advertising
extensions, will be used as inspiration in the new split
architecture work.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix an issue wherein local or remote initiated Connection
Parameter Request procedure would stall without generation
of LE Connection Update Complete HCI event because a local
or remote initiated PHY Update procedure has overwritten the
currently active Link Layer Control Procedure type.
Signed-off-by: Vinayak Kariappa Chettimada <vinayak.kariappa@gmail.com>
Fix channel map update procedure implementation's handling
of different transaction collision by not asserting but
disconnecting the connection due to invalid behavior by
peer implementation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Explicitly track the connection update related ticker stop
and start to avoid asserting due to ticker update being done
at the same time for compensating the clock drift.
The compensation related ticker update failure in this case
can be safely ignored as new anchor point is used anyway
at the instant of the connection update.
Fixes#8796
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Updated controller implementation to disallow disabling
initiator state using scan disable. But allow disabling an
already disabled scan state. Also, disallow enabling scan
state while in initiator state.
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Updated the controller implementation to not feature
exchange if already done once either by local or remote peer
device in an active connection session.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Add support for exchanging both minimum and maximum
connection interval values in Connection Parameter Request
Procedure implementation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This is a pure refactoring of the k32src_wait function. It used the
following rules when refactoring:
Don't use the preprocessor when unprocessed C language suffices.
Don't undefine macro's.
Avoid global variables when possible.
Use consistent names for similiar things (hf_clock, lf_clock).
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Fix an integer overflow in the scheduling implementation
that calculates whether resources required for next radio
event be retained.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This commit optimizes access to RNG driver by taking advantage
of the data structures layout. As result, number of calls to RNG
driver is reduced.
Signed-off-by: Piotr Zięcik <piotr.ziecik@nordicsemi.no>
The entropy_nrf_get_entropy_isr(), which is specific to this driver,
is in fact equivalent of generic entropy_get_entropy_isr(..., 0).
This commit removes the entropy_nrf_get_entropy_isr() function
and replaces its usage by call to generic entropy API.
Signed-off-by: Piotr Zięcik <piotr.ziecik@nordicsemi.no>
Added implementation to avoid retransmitting NACK-ed Tx PDU,
to save on current consumption in retrying to transmit in
case peer device has no free buffer to receive the PDU.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
To allow the BLE stack to be used both in the real nRF platforms
and simulated ones, change the used macros in the code to the
COMPATIBLE ones.
Signed-off-by: Alberto Escolar Piedras <alpi@oticon.com>
Fix broken master role RSSI measurement. Since the original
contribution clean up into Zephyr, the radio shorts that was
set for measuring the RSSI for master role has been broken,
as it was cleared by the radio switching code further in the
Tx ISR.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix connection failed to be established regression
introduced by the commit 350c569aba ("Bluetooth:
controller: Avoid offseting to lldata").
As the Rx-ed PDU buffer is re-used to construct the
connection complete message towards HCI, the fields in the
Rx-ed PDU need to be backup for future use in the control
path. Here the channel selection bit is backup now.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix Connection Parameter Request Procedure implementation
to respond with sent interval_min and interval_max so that
certain peer devices dont reject the response as Invalid LL
Parameters.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Refactored the fix in the commit 685da02354 ("Bluetooth:
controller: Fix advertising random delay resolution calc")
to apply modulo in tick units before adding a tick.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Calling bt_recv in the Bluetooth host Tx thread by the
controller implementation caused deadlock in combined host
controller builds when HCI LE Create Connection Cancel
generated the HCI LE Connection Complete or HCI LE Enhanced
Connection Complete events.
Controller's HCI implementation has been updated to place
the generated event into Rx FIFO to avoid the deadlock.
Relates to commit a59f544fb4 ("bluetooth: controller:
Handle non-priority events correctly")
Relates to #10314.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
In commit d5836195d7 ("Bluetooth: controller: Increase advertising
random delay resolution"), the resolution of random_delay was
increased from 8-bit to 16-bit. Due to this switch the result
of HAL_TICKER_US_TO_TICKS() can now be a 0, which causes the following
crash:
***** Kernel OOPS! *****
Current thread ID = 0x200043f0
Faulting instruction address = 0x17914
Fatal fault in ISR! Spinning...
Let's make sure we don't pass a 0 to ticker_update() by increasing
the result of HAL_TICKER_US_TO_TICKS() by 1.
Signed-off-by: Michael Scott <mike@foundries.io>
Increase the resolution of advertising random delay from
1 ms unit to 1 us units. The controller scheduling will
floor it to nearest 32KHz clock unit on nRF5 series.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The Data Length Update implementation reused the flags used
by Encryption Procedure which caused invalid Encryption
Procedure sequence under conditions where Data Length Update
Procedure collide with Encryption Setup initiated by the
peer central device.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The return of memset is never checked. This patch explicitly ignore
the return to avoid MISRA-C violations.
The only directory excluded directory was ext/* since it contains
only imported code.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Replase magic numbers with HCI Error Code definitions in the
LE controller implementation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
