Fixed an assert when peer responded with unknown rsp to
slave feature request when an existing another control
procedure was in progress.
This assert happened with a BT v4.0 peer implementation that
was performing a channel map update and local controller
initiated a slave feature request, receiving an unknown
response.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix the control and data packet management implementation
discovered during conformance testing.
This fixes:
TP/SEC/MAS/BV-12 [Master Start Encryption: Overlapping
Procedure]
TP/SEC/MAS/BV-13 [Master Start Encryption: Overlapping
Procedure with LL_SLAVE_FEATURES_REQ]
conformance tests in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Privacy on nRF51 is not passing the conformance and qualification tests
due to the time it takes to execute the privacy code while in ISR. Until
we come up with a way of optimizing and/or deferring the work, do not
allow privacy on nRF51 targets.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Use the macros generated during the build and located in version.h to
fill in the version information in the Read Version Information VS
command. Additionally reply with the correct hardware identifiers when
running on Nordic hardware.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Seems due to incorrect rebase in commit 07270e52ba
("Bluetooth: controller: Coding style and refactoring"),
commit 95d55a2bfc ("Bluetooth: controller: Do not skip
one-shot tickers with slot"), and
commit 4ba2bb0d1c ("Bluetooth: controller: Be fair when
pre-empting a ticker"), a pointless expression was
introduced, fixed it.
Coverity-CID: 171563
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fixes an assert during connection establishment when the
initiator overflows the initiator window in time while
sending the CONNECT_IND PDU. The actual window is one low
frequency tick less, hence corrected the check that permits
the transmission of CONNECT_IND PDU inside the initiator
window.
Symptom was, stopping of the scanner's ticker succeeds on
connection establishment, but next interval prepare was
already run when continuous scanning was used, breaking the
design, hence there was an assert.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Implement the Zephyr Read Key Hierarchy Roots command, returning the IR
and ER present in nRF5x ICs when compiling for those.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Implement the first Vendor-Specific Command of the Zephyr specification
other than the 3 mandatory ones already present in the codebase, along
with a Kconfig option to enable and disable the presence of the VS
commands.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
This is necessary in order for k_queue_get to work properly since that
is used with buffer pools which might be used by multiple threads asking
for buffers.
Jira: ZEP-2553
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Refactor the Connection Parameter Request Procedure to be
separate from and not overlap the variables of the
Connection Update Procedure.
Also, added missing implementations to pass all Connection
Parameter Request Procedure related Conformance Tests.
Jira: ZEP-1918
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Implement the LE Read Channel Map HCI command, along with making the
reading of the multi-byte channel map value from the connection pointer
thread-safe in case the ISR triggers while we are reading the value.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Although the current BLE controller only supports a single TX power (0
dBm), the qualification tests require the 2 Read TX Power to be
present and supported in the controller, so implement them while
returning always 0 dBm.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
When the CONFIG_BT_CTLR_CONN_RSSI option is set, the connection RSSI is
available in the controller, and can be reported to the Host via the
Read RSSI command. Implement the command, which is required for
qualification.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
There are 2 possible interpretations regarding the address to return in
response to the Read Peer RPA HCI Command:
1) The RPA that the local controller generates to be used in certain
packets it sends
2) The RPA generated and used by the peer device in its packets
We used to return 1) but our interpretation turned out to be incorrect
when reading the HCI test specification, so this commit switches to
returning 2).
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
In the ll_rl_pdu_adv_update() function, the check to verify if we are
dealing with an item from the resolving list or else with a simple
standard non-privacy enabled device was left over from the previous
iteration, which used negative values. Replace that check with the
proper current one, using the size of the rl array as an indicator of
whether the index is valid.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Due to varying remainder value, first interval will need to
consider the remainder value used in microsecond timing from
the start of the initiator window.
Also the tx chain delay and ready delay must be substract
after the window offset is calculated.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The Read Remote Version Information command is supported on the BLE
controller, enable the bit in Read Local Supported Commands to reflect
this.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Fix controller assert due to a bug introduced in commit
07270e52ba ("Bluetooth: controller: Coding style and
refactoring").
This reverts implementation to original way it was and the
calculation of the ticker expiry will now not overflow the
range of the RTC peripheral, which is a 24 bit counter.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The RSSI value is an 8-bit signed integer. Since the Link Layer works
only with positive unsigned integers, translate into a negative number
at the HCI layer.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Since Extended Scanner Filter Policies is an independent feature from
Controller-based Privacy, split it out so it can be built independently
and included without it.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Whenever privacy is enabled, we support the Extended Scan Filter
Policies functionality, and therefore we must show it in the bitfield of
LE supported features for the controller.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Rename the BT_CONTROLLER prefix used in all of the Kconfig variables
related to the Bluetooth controller to BT_CTLR.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Implement the 4.2 event LE Directed Advertising Report, used for
scanners in a privacy-enabled controller to report directed advertising
events whose TargetA cannot be resolved by the local controller.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Add implementation to support PHY update procedure with
packet transmit time restrictions.
This fixes:
TP/CON/SLA/BV-49-C [Initiating PHY Update Procedure Packet
Time Restrictions]
TP/CON/SLA/BV-50-C [Responding to PHY Update Procedure
Packet Time Restrictions]
TP/CON/SLA/BV-52-C [Initiating PHY Update Procedure Packet
Time Restrictions, No Change]
TP/CON/SLA/BV-53-C [Responding to PHY Update Procedure
Packet Time Restrictions, No Change]
TP/CON/MAS/BV-49-C [Initiating PHY Update Procedure Packet
Time Restrictions]
TP/CON/MAS/BV-50-C [Responding to PHY Update Procedure
Packet Time Restrictions]
conformance tests in LL.TS.5.0.0.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The API name space for Bluetooth is bt_* and BT_* so it makes sense to
align the Kconfig name space with this. The additional benefit is that
this also makes the names shorter. It is also in line with what Linux
uses for Bluetooth Kconfig entries.
Some Bluetooth-related Networking Kconfig defines are renamed as well
in order to be consistent, such as NET_L2_BLUETOOTH.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fix incorrect return data type, which causes controller to
hang generating random numbers.
Fixes bug introduced in commit d90095b556 ("Bluetooth:
controller: Use random numbers in adv and enc setup")
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The specification requires the scanner to verify that the AdvA present
in a scan response matches the AdvA that was sent in the original scan
request.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Added implementation to get random numbers in ISR. And fixed
implementation to use random numbers in advertisement random
delay and encryption setup procedure.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The existing check for the TargetA address in directed advertising
events was incorrect. In fact the specification states:
"An initiator that has been instructed by the Host to use
Resolvable Private Addresses shall not respond to directed connectable
advertising events that contain Public or Static addresses for the
target’s address (TargetA field)."
Hence, reject TargetA values that have not been successfully resolved
when the controller is generating its own RPAs.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
To be able to get a hit on the AAR whenever a Scan Response is received,
enable it in the state transition.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Add missing checks for the logic that discriminates between whitelisting
and non-whitelisting filtering, so that we do not fall into an
unsuspected false positive.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Rework the ctrl_lrpa_get() function so that it doesn't require an
assignment to be present inside the if statement, yielding smaller and
safer code.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Advertising reports generated by a scanner require the controller to
look up the resolving list to supply the host with an ID address instead
of the RPA that has been sent over the air.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Use the actual scanner address to copy the generated RPA into, instead
of mistakenly copying it into the advertiser's address.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Whenever trying to generate a local RPA to send a scan request or a conn
ind, verify that it can be generated (i.e. no NULL IRK provided by the
Host) and fall back to using the public/random address if required.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Since the hardware expects big-endian IRKs but the common generation
function expects it in little-endian, copy and reverse the peer IRK
before generating RPAs.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Implement the LE Enhanced Connection Complete HCI event, but include it
only when controller-based privacy is enabled, since it is only relevant
with it.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Since a connection attempt can fail and will still generate an LE
Connection Complete event, check the status from the LL control module
before incrementing the HCI connection count used for flow control.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The nRF5 AAR requires the packet pointer to be placed exactly 3 bytes
before the beginning of the address. Since we don't use the S1 extra
length byte, substract one from the address of the radio packet pointer.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The currently supported hardware in the LL requires big-endian IRK
values to properly function. Reverse the order of the IRK bytes coming
from HCI to address this issue.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The nRF5's AAR was being improperly configured, leading to a NULL
scratch pointer which made it not function at all.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
In order to make sure that the ISR never gets an incomplete or partial
local RPA, use pointers to share the local RPA between thread mode and
ISRs. Pointer updates are guaranteed to be atomic at least on ARM
Cortex-M.
Additionally add support for using local RPAs when initiating a
connection or sending a scan request.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Since the hardware is only able to resolve the first address in the
packet, use the existing functionality to resolve a potential TargetA
RPA in software to verify if it matches the local device.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
