Date   

Re: DevDocs support for zephyr docs?

Marti Bolivar
 



On Wed, Mar 21, 2018 at 12:47 PM, Marti Bolivar <marti@...> wrote:



In short, the Breathe "doxygengroup" output is not enough on its own to use an API without falling back on the source code. Besides some output (as the K_POLL_TYPE_IGNORE example) just not being useful, other missing critical context includes explanatory text alongside the API docs that describes (or links to more information on) common use cases, motivation, examples, etc.


I forgot to write this here, sorry: ", the way you would expect if you were used to:"
 
- a reference book on an API (e.g. https://nostarch.com/download/TLPI_Ch4.pdf)
- other API doc systems, like Java's (e.g. see java.util in https://docs.oracle.com/javase/8/docs/api/)
 



Re: DevDocs support for zephyr docs?

Marti Bolivar
 



On Thu, Mar 15, 2018 at 1:04 PM, Kinder, David B <david.b.kinder@...> wrote:
No I haven't heard of DevDocs.

What does the Zephyr community think about such a tool (or others such as dash) that present project API documentation to developers?

What would make the Zephyr Project API material more useful?

For example, should we publish the doxygen-generated html public API documentation instead of (or in addition to) the Sphinx-generated rendering found at http://docs.zephyrproject.org/api/api.html?


I think that the Sphinx content that's rendered by Breathe is a great start (and I've used Breathe to document other projects before, and believe it has good features). However, in my opinion, there are problems with the current output that make it unlikely to be used much in practice by Zephyr developers.

Here are my favorites:

- The header files where the APIs are declared is not clear. What, for example, do I include to use these APIs?


- The output for defines is not useful in the case of macros which are just numbers:


What is K_POLL_TYPE_IGNORE? How do I use it -- are there any examples? Do I just need to read the code to see what its value is? ... but what header is it declared in?

- The lack of consistent cross-referencing is a problem. Let's say I want to use k_thread_access_grant():


What is a struct k_thread; where are its API docs? Note that this is not always a problem, e.g. I do get a reference to k_id_t from here:


In short, the Breathe "doxygengroup" output is not enough on its own to use an API without falling back on the source code. Besides some output (as the K_POLL_TYPE_IGNORE example) just not being useful, other missing critical context includes explanatory text alongside the API docs that describes (or links to more information on) common use cases, motivation, examples, etc.

- a reference book on an API (e.g. https://nostarch.com/download/TLPI_Ch4.pdf)
- other API doc systems, like Java's (e.g. see java.util in https://docs.oracle.com/javase/8/docs/api/)
 
Or do developers prefer to just "read the code" (header files in particular)?

In my opinion, given the problems above, reading the code (either directly, or using the help of an indexer like cscope, as I prefer) is the only practical choice for developers given the above problems. There's simply not enough information in the doxygengroup output to be useful, at least as it's currently implemented in Breathe and used in Zephyr. That's not ideal IMO -- while some developers always will prefer reading the code, "real" API docs are needed.

Here are some possible alternatives:

- Zephyr could continue to use Doxygen, reST, and Breathe only, but use lower-level Breathe directives like doxygenfunction and doxygendefine to pull in API documentation in appropriate places in a hand-written API description file (probably working with upstream Breathe as necessary to add any missing information and fix issues).

- Add in a publicly available searchable code index like LXR (https://en.wikipedia.org/wiki/LXR_Cross_Referencer, with an example live instance at https://elixir.bootlin.com) or OpenGrok (http://oracle.github.io/opengrok/, example live instance at http://androidxref.com/), and perhaps link to it from the restructuredText (perhaps with a custom directive).

- Combinations of these, etc.

Thanks,
Marti
 

-- david

> -----Original Message-----
> From: Kumar Gala [mailto:kumar.gala@...]
> Sent: Thursday, March 15, 2018 9:42 AM
> To: Kinder, David B <david.b.kinder@...>
> Cc: zephyr-devel@lists.zephyrproject.org
> Subject: DevDocs support for zephyr docs?
>
> David,
>
> I was wondering if you’ve ever come across the DevDocs project
> https://github.com/Thibaut/devdocs.  I wonder what it might take to get
> Zephyr docs supported.
>
> - k
_______________________________________________
Zephyr-devel mailing list
Zephyr-devel@lists.zephyrproject.org
https://lists.zephyrproject.org/mailman/listinfo/zephyr-devel


Re: Firmware over the air (FOTA) and FCB support in 1.11.0

Michael Scott
 



On 03/20/2018 09:14 PM, ashish.shukla@... wrote:
Hi all,

I've been waiting for FOTA and FCB support in zephyr and now when it is supported, I cannot see any samples available or proper documentation to use these features in my project.

Hi Ashish,

Your question is a bit open-ended, and might be difficult to answer without some details regarding your paricular use-case (BLE update, IP-based update, Mesh, etc)

For instance, the LwM2M subsystem provides a mechanism for receiving a firmware update in the LwM2M client, but the implementation of where to store the incoming binary data is up to you.  See https://github.com/zephyrproject-rtos/zephyr/blob/master/samples/net/lwm2m_client/src/lwm2m-client.c#L208 for a callback example that is triggered on each incoming block of data.  Documentation for the sample itself doesn't discuss the firmware update mechanism, but it's here for reference: http://docs.zephyrproject.org/samples/net/lwm2m_client/README.html

Then, there is a robust DFU (Device Firmware Update) subsystem to help implement the image writing portion of a firmware update as well as integrate with mcuboot (an MCU bootloader) which would check an image for validity and then move it into the bootable application slot.   See: https://github.com/zephyrproject-rtos/zephyr/tree/master/subsys/dfu for sources.

Regarding FCB: the initial implementation is done in v1.11, but the APIs are fairly complex and IMHO it's meant to be used as a base layer for other higher level implementations to manage persistent data such as device configuration, system logs and other uses.  There are several pull requests in-progress which aim to add these higher level services.  (The first PR will probably be re-written to use FCB as it's base layer):
https://github.com/zephyrproject-rtos/zephyr/pull/6391
https://github.com/zephyrproject-rtos/zephyr/pull/6408

Hopefully that helps get you started,

- Mike


Any help regarding the same would be of great help.

--
Warm regards,
Ashish Shukla
Jr. Embedded Engineer
Research & Development


Please consider the environment before printing this e-mail or its attachments.

Disclaimer: The information contained herein (including any accompanying documents) is confidential and is intended solely for the addressee(s). If you have erroneously received this message, please immediately delete it and notify the sender. Also, if you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this message or any accompanying document is strictly prohibited and is unlawful. The organization is not responsible for any damage caused by a virus or alteration of the e-mail by a third party or otherwise. The contents of this message may not necessarily represent the views or policies of Corvi



_______________________________________________
Zephyr-devel mailing list
Zephyr-devel@...
https://lists.zephyrproject.org/mailman/listinfo/zephyr-devel


Re: How hacker will hack/impact my BLE device, when ...??

Vikrant More <vikrant8051@...>
 

Hi,
https://eewiki.net/display/Wireless/A+Basic+Introduction+to+BLE+Security

MITM attacks are when a third device, which we will call the malicious device, impersonates the other two legitimate devices, in order to fool these devices into connecting to it. In this scenario, both the GAP Central and GAP Peripheral will connect to the malicious device which in turn routes the communication between the two other devices. This gives the legitimate devices the illusion that they are directly connected to each other when in fact their connection has been compromised. This setup not only allows the malicious device to intercept all the data being sent, but also allows it to inject false data into the communication or remove data before it reaches its intended recipient.

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

After reading this, I understand that without OOB Pairing everything is more or less insecure.


On Wed, Mar 21, 2018 at 7:04 PM, Marcio Montenegro <mtuxpe@...> wrote:
Google Secure beacons.No new hardware design :
https://developers.google.com/beacons/eddystone-eid

Regards,
Marcio


On Wed, Mar 21, 2018 at 10:15 AM, Vikrant More <vikrant8051@...> wrote:
Hi Marcio,
I'm not allowed to add anything extra in my current hardware design.

Besides this, is there any thing which is very serious ?
I'm still trying to understand various security risk behind my current implementation.

Thanks,
 

On Wed, Mar 21, 2018 at 5:35 PM, Marcio Montenegro <mtuxpe@...> wrote:
Hi all,
Maybe you can use crypto device on your product.


You also need to develop an application to configure  crypto device chip.
Then after configuration each device are unique.
For inspiration see:

Note that this devices has no Bluetooth.
Best,
Marcio


On Wed, Mar 21, 2018 at 2:08 AM, Vakul Garg <vakul.garg@...> wrote:

Hi Vikrant

 

I am curious to understand about your security implementation.

I work in area of TLS security and I am not bluetooth security expert.

 

In your case, does the app need to differentiate between a genuine or fake device?

Will it be able to create a shared secret with the device even if it is a clone of genuine device and purpose programmed to leak the common encryption key?

 

Regards

 

Vakul

 

From: zephyr-devel-bounces@... [mailto:zephyr-devel-bounces@...] On Behalf Of Vikrant More
Sent: Tuesday, March 20, 2018 11:28 PM
To: zephyr-devel@...; zephyr-users@...
Subject: [Zephyr-devel] How hacker will hack/impact my BLE device, when ...??

 

Hi,

 

In my current project, I haven't implemented OOB pairing ( BLE based smart lights)

 

Using Zephyr built-in ECDH library, shared secret (using secp256r1 curve) get created on Device as well as on APP side which will act like encryption key for further communication.

 

On that encrypted link, APP send encryption key which is common for all devices associated with it.

 

All this happens when DEVICE is in factory reset mode.

 

There after communication link is encrypted using newly assign common key.

 

..................................................................................….........................................

 

This will create security risk, only if device is not authenticated by user & it could transfer security key ( which is common to many devices) to unauthorized device.

 

To solve this, APP will automatically trigger DEVICE's LEDs to blink & ask user "do you see blinking LED?" 

 

If user click on "YES" then & only then ECDH process will initiate & common key get share with new DEVICE.

 

------------------------------------------------------------------------------------------------------------------------

 

Besides this I didn't found any security flaw in this implementation. So I need help from Bluetooth Security expert. Is there anyone who can help me to find out flaws & security risks in my current implementation ?

 

Thanks,

vikrant8051


_______________________________________________
Zephyr-devel mailing list
Zephyr-devel@...
https://lists.zephyrproject.org/mailman/listinfo/zephyr-devel






Re: compile error

Kai Ren
 

Hi Vinayak,

I just git pull this commit, “43bc30466ab4386940066cfa54e0a11bde130e14”, without any configuration, the dev environment recovered.

 

Regards,

Kai

 

 

 

From: "Chettimada, Vinayak Kariappa" <vinayak.kariappa.chettimada@...>
Date: Wednesday, 21 March 2018 at 8:42 PM
To: Kai Ren <kren@...>
Cc: "zephyr-devel@..." <zephyr-devel@...>
Subject: Re: [Zephyr-devel] compile error

 

Hi Kai,

 

Is this on latest upstream/master or an old commit head?

 

Seems the locale.setlocale  in the kconfig.py is not able to find a supporting setting in your OS distribution, probably you upgraded your distribution.

 

You can try simply editing the kconfig.py  and change “C.UTF-8” to “UTF-8”.

 

Regards,

Vinayak



On 21 Mar 2018, at 13:35, Kai Ren <kren@...> wrote:

 

Hi there,

I had set my Zephyr dev environment up and ran it for several months, but I hit a problem today when I tried to build my project for hex file, the error is below, is it anything I can configure to solve this problem?

Thanks in advance!

MacBook-Pro-2:build renkai$ make

CMake Deprecation Warning at /Users/renkai/Documents/Work/git/zephyr/cmake/app/boilerplate.cmake:38 (cmake_policy):

  The OLD behavior for policy CMP0000 will be removed from a future version

  of CMake.

 

  The cmake-policies(7) manual explains that the OLD behaviors of all

  policies are deprecated and that a policy should be set to OLD only under

  specific short-term circumstances.  Projects should be ported to the NEW

  behavior and not rely on setting a policy to OLD.

Call Stack (most recent call first):

  CMakeLists.txt:2 (include)

 

 

-- Selected BOARD nrf52_pca10040

Zephyr version: 1.11.99

Traceback (most recent call last):

  File "/Users/renkai/Documents/Work/git/zephyr/scripts/kconfig/kconfig.py", line 24, in <module>

    locale.setlocale(locale.LC_CTYPE, "C.UTF-8")

  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/locale.py", line 598, in setlocale

    return _setlocale(category, locale)

locale.Error: unsupported locale setting

CMake Error at /Users/renkai/Documents/Work/git/zephyr/cmake/kconfig.cmake:145 (message):

  command failed with return code: 1

Call Stack (most recent call first):

  /Users/renkai/Documents/Work/git/zephyr/cmake/app/boilerplate.cmake:241 (include)

  CMakeLists.txt:2 (include)

 

 

-- Configuring incomplete, errors occurred!

See also "/Users/renkai/Documents/Work/git/zephyr/samples/hello_world/build/CMakeFiles/CMakeOutput.log".

See also "/Users/renkai/Documents/Work/git/zephyr/samples/hello_world/build/CMakeFiles/CMakeError.log".

make: *** [cmake_check_build_system] Error 1

 

 

Regards,

Kai

 

 

 

_______________________________________________
Zephyr-devel mailing list
Zephyr-devel@...
https://lists.zephyrproject.org/mailman/listinfo/zephyr-devel

 


Re: How hacker will hack/impact my BLE device, when ...??

Vikrant More <vikrant8051@...>
 

Hi Marcio,
I'm not allowed to add anything extra in my current hardware design.

Besides this, is there any thing which is very serious ?
I'm still trying to understand various security risk behind my current implementation.

Thanks,
 

On Wed, Mar 21, 2018 at 5:35 PM, Marcio Montenegro <mtuxpe@...> wrote:
Hi all,
Maybe you can use crypto device on your product.


You also need to develop an application to configure  crypto device chip.
Then after configuration each device are unique.
For inspiration see:

Note that this devices has no Bluetooth.
Best,
Marcio


On Wed, Mar 21, 2018 at 2:08 AM, Vakul Garg <vakul.garg@...> wrote:

Hi Vikrant

 

I am curious to understand about your security implementation.

I work in area of TLS security and I am not bluetooth security expert.

 

In your case, does the app need to differentiate between a genuine or fake device?

Will it be able to create a shared secret with the device even if it is a clone of genuine device and purpose programmed to leak the common encryption key?

 

Regards

 

Vakul

 

From: zephyr-devel-bounces@...hyrproject.org [mailto:zephyr-devel-bounces@lists.zephyrproject.org] On Behalf Of Vikrant More
Sent: Tuesday, March 20, 2018 11:28 PM
To: zephyr-devel@...ct.org; zephyr-users@...ct.org
Subject: [Zephyr-devel] How hacker will hack/impact my BLE device, when ...??

 

Hi,

 

In my current project, I haven't implemented OOB pairing ( BLE based smart lights)

 

Using Zephyr built-in ECDH library, shared secret (using secp256r1 curve) get created on Device as well as on APP side which will act like encryption key for further communication.

 

On that encrypted link, APP send encryption key which is common for all devices associated with it.

 

All this happens when DEVICE is in factory reset mode.

 

There after communication link is encrypted using newly assign common key.

 

..................................................................................….........................................

 

This will create security risk, only if device is not authenticated by user & it could transfer security key ( which is common to many devices) to unauthorized device.

 

To solve this, APP will automatically trigger DEVICE's LEDs to blink & ask user "do you see blinking LED?" 

 

If user click on "YES" then & only then ECDH process will initiate & common key get share with new DEVICE.

 

------------------------------------------------------------------------------------------------------------------------

 

Besides this I didn't found any security flaw in this implementation. So I need help from Bluetooth Security expert. Is there anyone who can help me to find out flaws & security risks in my current implementation ?

 

Thanks,

vikrant8051


_______________________________________________
Zephyr-devel mailing list
Zephyr-devel@...ct.org
https://lists.zephyrproject.org/mailman/listinfo/zephyr-devel




Re: Firmware over the air (FOTA) and FCB support in 1.11.0

Carles Cufi
 

Hi Ashish,

 

I plan to submit a PR with documentation as soon as possible.

 

Please let me know your GitHub ID so I can include you in the review and you can let me know if the documentation is enough.

 

Regards,

 

Carles

 

From: zephyr-devel-bounces@... <zephyr-devel-bounces@...> On Behalf Of ashish.shukla@...
Sent: 21 March 2018 05:15
To: zephyr-devel@...; zephyr-users@...
Subject: [Zephyr-devel] Firmware over the air (FOTA) and FCB support in 1.11.0

 

Hi all,

I've been waiting for FOTA and FCB support in zephyr and now when it is supported, I cannot see any samples available or proper documentation to use these features in my project.

Any help regarding the same would be of great help.

 

--

Warm regards,
Ashish Shukla

Jr. Embedded Engineer

Research & Development

 

Please consider the environment before printing this e-mail or its attachments.

 

Disclaimer: The information contained herein (including any accompanying documents) is confidential and is intended solely for the addressee(s). If you have erroneously received this message, please immediately delete it and notify the sender. Also, if you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this message or any accompanying document is strictly prohibited and is unlawful. The organization is not responsible for any damage caused by a virus or alteration of the e-mail by a third party or otherwise. The contents of this message may not necessarily represent the views or policies of Corvi

 


Re: compile error

Carles Cufi
 

Hi Kai,

 

This was introduced yesterday, a fix is on the way.

 

https://github.com/zephyrproject-rtos/zephyr/pull/6731

 

Regards,

 

Carles

 

From: zephyr-devel-bounces@... <zephyr-devel-bounces@...> On Behalf Of Kai Ren
Sent: 21 March 2018 13:36
To: zephyr-devel@...
Subject: [Zephyr-devel] compile error

 

Hi there,

I had set my Zephyr dev environment up and ran it for several months, but I hit a problem today when I tried to build my project for hex file, the error is below, is it anything I can configure to solve this problem?

Thanks in advance!

MacBook-Pro-2:build renkai$ make

CMake Deprecation Warning at /Users/renkai/Documents/Work/git/zephyr/cmake/app/boilerplate.cmake:38 (cmake_policy):

  The OLD behavior for policy CMP0000 will be removed from a future version

  of CMake.

 

  The cmake-policies(7) manual explains that the OLD behaviors of all

  policies are deprecated and that a policy should be set to OLD only under

  specific short-term circumstances.  Projects should be ported to the NEW

  behavior and not rely on setting a policy to OLD.

Call Stack (most recent call first):

  CMakeLists.txt:2 (include)

 

 

-- Selected BOARD nrf52_pca10040

Zephyr version: 1.11.99

Traceback (most recent call last):

  File "/Users/renkai/Documents/Work/git/zephyr/scripts/kconfig/kconfig.py", line 24, in <module>

    locale.setlocale(locale.LC_CTYPE, "C.UTF-8")

  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/locale.py", line 598, in setlocale

    return _setlocale(category, locale)

locale.Error: unsupported locale setting

CMake Error at /Users/renkai/Documents/Work/git/zephyr/cmake/kconfig.cmake:145 (message):

  command failed with return code: 1

Call Stack (most recent call first):

  /Users/renkai/Documents/Work/git/zephyr/cmake/app/boilerplate.cmake:241 (include)

  CMakeLists.txt:2 (include)

 

 

-- Configuring incomplete, errors occurred!

See also "/Users/renkai/Documents/Work/git/zephyr/samples/hello_world/build/CMakeFiles/CMakeOutput.log".

See also "/Users/renkai/Documents/Work/git/zephyr/samples/hello_world/build/CMakeFiles/CMakeError.log".

make: *** [cmake_check_build_system] Error 1

 

 

Regards,

Kai

 

 

 


Re: compile error

Chettimada, Vinayak Kariappa
 

Hi Kai,

Is this on latest upstream/master or an old commit head?

Seems the locale.setlocale  in the kconfig.py is not able to find a supporting setting in your OS distribution, probably you upgraded your distribution.

You can try simply editing the kconfig.py  and change “C.UTF-8” to “UTF-8”.

Regards,
Vinayak

On 21 Mar 2018, at 13:35, Kai Ren <kren@...> wrote:

Hi there,
I had set my Zephyr dev environment up and ran it for several months, but I hit a problem today when I tried to build my project for hex file, the error is below, is it anything I can configure to solve this problem?
Thanks in advance!
MacBook-Pro-2:build renkai$ make
CMake Deprecation Warning at /Users/renkai/Documents/Work/git/zephyr/cmake/app/boilerplate.cmake:38 (cmake_policy):
  The OLD behavior for policy CMP0000 will be removed from a future version
  of CMake.
 
  The cmake-policies(7) manual explains that the OLD behaviors of all
  policies are deprecated and that a policy should be set to OLD only under
  specific short-term circumstances.  Projects should be ported to the NEW
  behavior and not rely on setting a policy to OLD.
Call Stack (most recent call first):
  CMakeLists.txt:2 (include)
 
 
-- Selected BOARD nrf52_pca10040
Zephyr version: 1.11.99
Traceback (most recent call last):
  File "/Users/renkai/Documents/Work/git/zephyr/scripts/kconfig/kconfig.py", line 24, in <module>
    locale.setlocale(locale.LC_CTYPE, "C.UTF-8")
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/locale.py", line 598, in setlocale
    return _setlocale(category, locale)
locale.Error: unsupported locale setting
CMake Error at /Users/renkai/Documents/Work/git/zephyr/cmake/kconfig.cmake:145 (message):
  command failed with return code: 1
Call Stack (most recent call first):
  /Users/renkai/Documents/Work/git/zephyr/cmake/app/boilerplate.cmake:241 (include)
  CMakeLists.txt:2 (include)
 
 
-- Configuring incomplete, errors occurred!
See also "/Users/renkai/Documents/Work/git/zephyr/samples/hello_world/build/CMakeFiles/CMakeOutput.log".
See also "/Users/renkai/Documents/Work/git/zephyr/samples/hello_world/build/CMakeFiles/CMakeError.log".
make: *** [cmake_check_build_system] Error 1
 
 
Regards,
Kai
 
 
 
_______________________________________________
Zephyr-devel mailing list
Zephyr-devel@...
https://lists.zephyrproject.org/mailman/listinfo/zephyr-devel


compile error

Kai Ren
 

Hi there,

I had set my Zephyr dev environment up and ran it for several months, but I hit a problem today when I tried to build my project for hex file, the error is below, is it anything I can configure to solve this problem?

Thanks in advance!

MacBook-Pro-2:build renkai$ make

CMake Deprecation Warning at /Users/renkai/Documents/Work/git/zephyr/cmake/app/boilerplate.cmake:38 (cmake_policy):

  The OLD behavior for policy CMP0000 will be removed from a future version

  of CMake.

 

  The cmake-policies(7) manual explains that the OLD behaviors of all

  policies are deprecated and that a policy should be set to OLD only under

  specific short-term circumstances.  Projects should be ported to the NEW

  behavior and not rely on setting a policy to OLD.

Call Stack (most recent call first):

  CMakeLists.txt:2 (include)

 

 

-- Selected BOARD nrf52_pca10040

Zephyr version: 1.11.99

Traceback (most recent call last):

  File "/Users/renkai/Documents/Work/git/zephyr/scripts/kconfig/kconfig.py", line 24, in <module>

    locale.setlocale(locale.LC_CTYPE, "C.UTF-8")

  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/locale.py", line 598, in setlocale

    return _setlocale(category, locale)

locale.Error: unsupported locale setting

CMake Error at /Users/renkai/Documents/Work/git/zephyr/cmake/kconfig.cmake:145 (message):

  command failed with return code: 1

Call Stack (most recent call first):

  /Users/renkai/Documents/Work/git/zephyr/cmake/app/boilerplate.cmake:241 (include)

  CMakeLists.txt:2 (include)

 

 

-- Configuring incomplete, errors occurred!

See also "/Users/renkai/Documents/Work/git/zephyr/samples/hello_world/build/CMakeFiles/CMakeOutput.log".

See also "/Users/renkai/Documents/Work/git/zephyr/samples/hello_world/build/CMakeFiles/CMakeError.log".

make: *** [cmake_check_build_system] Error 1

 

 

Regards,

Kai

 

 

 


Re: How hacker will hack/impact my BLE device, when ...??

Marcio Montenegro
 

Hi all,
Maybe you can use crypto device on your product.


You also need to develop an application to configure  crypto device chip.
Then after configuration each device are unique.
For inspiration see:

Note that this devices has no Bluetooth.
Best,
Marcio


On Wed, Mar 21, 2018 at 2:08 AM, Vakul Garg <vakul.garg@...> wrote:

Hi Vikrant

 

I am curious to understand about your security implementation.

I work in area of TLS security and I am not bluetooth security expert.

 

In your case, does the app need to differentiate between a genuine or fake device?

Will it be able to create a shared secret with the device even if it is a clone of genuine device and purpose programmed to leak the common encryption key?

 

Regards

 

Vakul

 

From: zephyr-devel-bounces@lists.zephyrproject.org [mailto:zephyr-devel-bounces@lists.zephyrproject.org] On Behalf Of Vikrant More
Sent: Tuesday, March 20, 2018 11:28 PM
To: zephyr-devel@lists.zephyrproject.org; zephyr-users@lists.zephyrproject.org
Subject: [Zephyr-devel] How hacker will hack/impact my BLE device, when ...??

 

Hi,

 

In my current project, I haven't implemented OOB pairing ( BLE based smart lights)

 

Using Zephyr built-in ECDH library, shared secret (using secp256r1 curve) get created on Device as well as on APP side which will act like encryption key for further communication.

 

On that encrypted link, APP send encryption key which is common for all devices associated with it.

 

All this happens when DEVICE is in factory reset mode.

 

There after communication link is encrypted using newly assign common key.

 

..................................................................................….........................................

 

This will create security risk, only if device is not authenticated by user & it could transfer security key ( which is common to many devices) to unauthorized device.

 

To solve this, APP will automatically trigger DEVICE's LEDs to blink & ask user "do you see blinking LED?" 

 

If user click on "YES" then & only then ECDH process will initiate & common key get share with new DEVICE.

 

------------------------------------------------------------------------------------------------------------------------

 

Besides this I didn't found any security flaw in this implementation. So I need help from Bluetooth Security expert. Is there anyone who can help me to find out flaws & security risks in my current implementation ?

 

Thanks,

vikrant8051


_______________________________________________
Zephyr-devel mailing list
Zephyr-devel@lists.zephyrproject.org
https://lists.zephyrproject.org/mailman/listinfo/zephyr-devel



Re: [Zephyr-users] err -5 when change BLE device name

Vikrant More <vikrant8051@...>
 

Hi Johan,

This is log,

Thanks,


[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 2 events
[bt] [DBG] bt_hci_cmd_send_sync: (0x20002c54) opcode 0x200a status 0x0c
Connected
[bt] [DBG] bt_hci_cmd_create: (0x20002c54) opcode 0x2016 param_len 2
[bt] [DBG] bt_hci_cmd_create: (0x20002c54) buf 0x200035c4
[bt] [DBG] bt_hci_cmd_send: (0x20002c54) opcode 0x2016 len 5
[bt] [DBG] process_events: (0x20001198) count 2
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] send_cmd: (0x20001198) calling net_buf_get
[bt] [DBG] send_cmd: (0x20001198) calling sem_take_wait
[bt] [DBG] send_cmd: (0x20001198) Sending command 0x2016 (buf 0x200035c4) to driver
[bt] [DBG] bt_send: (0x20001198) buf 0x200035c4 len 5 type 0
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] bt_buf_get_cmd_complete: (0x20001198) sent_cmd 0x200035c4
[bt] [DBG] cmd_handle: (0x20001198) Replying with event of 6 bytes
[bt] [DBG] hci_cmd_status: (0x20001198) opcode 0x2016
[bt] [DBG] hci_cmd_done: (0x20001198) opcode 0x2016 status 0x00 buf 0x200035c4
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] process_events: (0x20001198) ev->state 1
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:1 len:13
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 13
[bt] [DBG] hci_event: (0x20002c54) event 0x3e
[bt] [DBG] hci_le_meta_event: (0x20002c54) subevent 0x06
[bt] [DBG] bt_hci_cmd_create: (0x20002c54) opcode 0x2020 param_len 14
[bt] [DBG] bt_hci_cmd_create: (0x20002c54) buf 0x200035c4
[bt] [DBG] bt_hci_cmd_send: (0x20002c54) opcode 0x2020 len 17
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] send_cmd: (0x20001198) calling net_buf_get
[bt] [DBG] send_cmd: (0x20001198) calling sem_take_wait
[bt] [DBG] send_cmd: (0x20001198) Sending command 0x2020 (buf 0x200035c4) to driver
[bt] [DBG] bt_send: (0x20001198) buf 0x200035c4 len 17 type 0
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] bt_buf_get_cmd_complete: (0x20001198) sent_cmd 0x200035c4
[bt] [DBG] cmd_handle: (0x20001198) Replying with event of 8 bytes
[bt] [DBG] hci_cmd_complete: (0x20001198) opcode 0x2020
[bt] [DBG] hci_cmd_done: (0x20001198) opcode 0x2020 status 0x00 buf 0x200035c4
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:15
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 15
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 11 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 22 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:15
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 15
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 11 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 30 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:1 len:12
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 12
[bt] [DBG] hci_event: (0x20002c54) event 0x3e
[bt] [DBG] hci_le_meta_event: (0x20002c54) subevent 0x03
[bt] [DBG] le_conn_update_complete: (0x20002c54) status 0, handle 0
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:15
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 15
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 11 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 13 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:15
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 15
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 11 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 13 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:15
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 15
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 11 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 24 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:15
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 15
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 11 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 13 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:15
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 15
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 11 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 13 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:15
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 15
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 11 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 17 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:15
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 15
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 11 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 13 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:13
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 13
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 9 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 14 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:15
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 15
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 11 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 13 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:15
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 15
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 11 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 31 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:15
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 15
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 11 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 31 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:15
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 15
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 11 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 31 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:15
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 15
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 11 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 31 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:15
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 15
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 11 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 13 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:13
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 13
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 9 flags 2
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 14 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:1 len:13
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 13
[bt] [DBG] hci_event: (0x20002c54) event 0x3e
[bt] [DBG] hci_le_meta_event: (0x20002c54) subevent 0x06
[bt] [DBG] bt_hci_cmd_create: (0x20002c54) opcode 0x2020 param_len 14
[bt] [DBG] bt_hci_cmd_create: (0x20002c54) buf 0x200035c4
[bt] [DBG] bt_hci_cmd_send: (0x20002c54) opcode 0x2020 len 17
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] send_cmd: (0x20001198) calling net_buf_get
[bt] [DBG] send_cmd: (0x20001198) calling sem_take_wait
[bt] [DBG] send_cmd: (0x20001198) Sending command 0x2020 (buf 0x200035c4) to driver
[bt] [DBG] bt_send: (0x20001198) buf 0x200035c4 len 17 type 0
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] bt_buf_get_cmd_complete: (0x20001198) sent_cmd 0x200035c4
[bt] [DBG] cmd_handle: (0x20001198) Replying with event of 8 bytes
[bt] [DBG] hci_cmd_complete: (0x20001198) opcode 0x2020
[bt] [DBG] hci_cmd_done: (0x20001198) opcode 0x2020 status 0x00 buf 0x200035c4
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:1 len:12
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 12
[bt] [DBG] hci_event: (0x20002c54) event 0x3e
[bt] [DBG] hci_le_meta_event: (0x20002c54) subevent 0x03
[bt] [DBG] le_conn_update_complete: (0x20002c54) status 0, handle 0
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) RX node enqueue
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] recv_thread: (0x20002c54) unblocked
[bt] [DBG] recv_thread: (0x20002c54) Packet in: type:3 len:17
[bt] [DBG] bt_recv: (0x20002c54) buf 0x2000368c len 17
[bt] [DBG] hci_acl: (0x20002c54) buf 0x2000368c
[bt] [DBG] hci_acl: (0x20002c54) handle 0 len 13 flags 2
[bt] [DBG] bt_hci_cmd_create: (0x20002c54) opcode 0x2008 param_len 32
[bt] [DBG] bt_hci_cmd_create: (0x20002c54) buf 0x200035c4
[bt] [DBG] bt_hci_cmd_send_sync: (0x20002c54) buf 0x200035c4 opcode 0x2008 len 35
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] send_cmd: (0x20001198) calling net_buf_get
[bt] [DBG] send_cmd: (0x20001198) calling sem_take_wait
[bt] [DBG] send_cmd: (0x20001198) Sending command 0x2008 (buf 0x200035c4) to driver
[bt] [DBG] bt_send: (0x20001198) buf 0x200035c4 len 35 type 0
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] bt_buf_get_cmd_complete: (0x20001198) sent_cmd 0x200035c4
[bt] [DBG] cmd_handle: (0x20001198) Replying with event of 6 bytes
[bt] [DBG] hci_cmd_complete: (0x20001198) opcode 0x2008
[bt] [DBG] hci_cmd_done: (0x20001198) opcode 0x2008 status 0x00 buf 0x200035c4
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] bt_hci_cmd_send_sync: (0x20002c54) opcode 0x2008 status 0x00
[bt] [DBG] bt_hci_cmd_create: (0x20002c54) opcode 0x2009 param_len 32
[bt] [DBG] bt_hci_cmd_create: (0x20002c54) buf 0x200035c4
[bt] [DBG] bt_hci_cmd_send_sync: (0x20002c54) buf 0x200035c4 opcode 0x2009 len 35
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] send_cmd: (0x20001198) calling net_buf_get
[bt] [DBG] send_cmd: (0x20001198) calling sem_take_wait
[bt] [DBG] send_cmd: (0x20001198) Sending command 0x2009 (buf 0x200035c4) to driver
[bt] [DBG] bt_send: (0x20001198) buf 0x200035c4 len 35 type 0
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] bt_buf_get_cmd_complete: (0x20001198) sent_cmd 0x200035c4
[bt] [DBG] cmd_handle: (0x20001198) Replying with event of 6 bytes
[bt] [DBG] hci_cmd_complete: (0x20001198) opcode 0x2009
[bt] [DBG] hci_cmd_done: (0x20001198) opcode 0x2009 status 0x00 buf 0x200035c4
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] bt_hci_cmd_send_sync: (0x20002c54) opcode 0x2009 status 0x00
[bt] [DBG] set_random_address: (0x20002c54) ea:e8:05:9b:16:1d
[bt] [DBG] bt_hci_cmd_create: (0x20002c54) opcode 0x2006 param_len 15
[bt] [DBG] bt_hci_cmd_create: (0x20002c54) buf 0x200035c4
[bt] [DBG] bt_hci_cmd_send_sync: (0x20002c54) buf 0x200035c4 opcode 0x2006 len 18
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] send_cmd: (0x20001198) calling net_buf_get
[bt] [DBG] send_cmd: (0x20001198) calling sem_take_wait
[bt] [DBG] send_cmd: (0x20001198) Sending command 0x2006 (buf 0x200035c4) to driver
[bt] [DBG] bt_send: (0x20001198) buf 0x200035c4 len 18 type 0
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] bt_buf_get_cmd_complete: (0x20001198) sent_cmd 0x200035c4
[bt] [DBG] cmd_handle: (0x20001198) Replying with event of 6 bytes
[bt] [DBG] hci_cmd_complete: (0x20001198) opcode 0x2006
[bt] [DBG] hci_cmd_done: (0x20001198) opcode 0x2006 status 0x00 buf 0x200035c4
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] bt_hci_cmd_send_sync: (0x20002c54) opcode 0x2006 status 0x00
[bt] [DBG] bt_hci_cmd_create: (0x20002c54) opcode 0x200a param_len 1
[bt] [DBG] bt_hci_cmd_create: (0x20002c54) buf 0x200035c4
[bt] [DBG] bt_hci_cmd_send_sync: (0x20002c54) buf 0x200035c4 opcode 0x200a len 4
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] send_cmd: (0x20001198) calling net_buf_get
[bt] [DBG] send_cmd: (0x20001198) calling sem_take_wait
[bt] [DBG] send_cmd: (0x20001198) Sending command 0x200a (buf 0x200035c4) to driver
[bt] [DBG] bt_send: (0x20001198) buf 0x200035c4 len 4 type 0
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] bt_buf_get_cmd_complete: (0x20001198) sent_cmd 0x200035c4
[bt] [DBG] cmd_handle: (0x20001198) Replying with event of 6 bytes
[bt] [DBG] hci_cmd_complete: (0x20001198) opcode 0x200a
[bt] [DBG] hci_cmd_done: (0x20001198) opcode 0x200a status 0x0c buf 0x200035c4
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] bt_hci_cmd_send_sync: (0x20002c54) opcode 0x200a status 0x0c
Advertising failed to start (err -5)
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] bt_send: (0x20001198) buf 0x200037b8 len 9 type 2
[bt] [DBG] hci_driver_send: (0x20001198) enter
[bt] [DBG] hci_driver_send: (0x20001198) exit: 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events
[bt] [DBG] recv_thread: (0x20002c54) blocking
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem taken
[bt] [DBG] prio_recv_thread: (0x20002cbc) Num Complete: 0x0000:1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) num_handles 1
[bt] [DBG] hci_num_completed_packets: (0x20002cbc) handle 0 count 1
[bt] [DBG] prio_recv_thread: (0x20002cbc) sem take...
[bt] [DBG] process_events: (0x20001198) count 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] process_events: (0x20001198) ev->state 4
[bt] [DBG] process_events: (0x20001198) ev->state 0
[bt] [DBG] hci_tx_thread: (0x20001198) Calling k_poll with 4 events


On Wed, Mar 21, 2018 at 4:57 PM, Johan Hedberg <johan.hedberg@...> wrote:
Hi Vikrant,

You'll need to debug this more then, i.e. get HCI logs and enable debug
logs for hci_core.c.

Johan

On Wed, Mar 21, 2018, Vikrant More wrote:
> Hi Johan,
>
>
>
>
>
>
>
> *static void bt_le_adv_refresh(void){        int err,i;    for(i=0; i<=14;
> i++)    {        name_buffer[i]= '@';    *// it is global array
>     }
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> *        sd[0].data = name_buffer;     sd[0].data_len = 15;
> bt_le_adv_stop();    err = bt_le_adv_start(BT_LE_ADV_CONN, ad,
> ARRAY_SIZE(ad), sd, ARRAY_SIZE(sd));    if (err)     {
> printk("Advertising failed to start (err %d)\n", err);        return;
> }    printk("Refreshed Advertising successfully started\n");}*
>
>
> I modified my function as per your suggestion, but now
> 1) device stop advertising after this function get call (previously it was
> advertising with new Name )
> 2) plus getting same error as -> Advertising failed to start (err -5)
>
> On Wed, Mar 21, 2018 at 4:14 PM, Johan Hedberg <johan.hedberg@...>
> wrote:
>
> > Hi Vikrant,
> >
> > On Wed, Mar 21, 2018, Vikrant More wrote:
> > > *sd[0].data = name_buffer;        err = bt_le_adv_start(BT_LE_ADV_CONN,
> > ad,
> >
> > You also need to update sd[0].data_len.
> > E.g. sd[0].data_len = strlen(name_buffer);
> >
> > > ARRAY_SIZE(ad), sd, ARRAY_SIZE(sd));    if (err)     {
> > > printk("Advertising failed to start (err %d)\n", err);        return;
> > }*
> > >
> > > But when I did it, got an error -> Advertising failed to start (err -5)
> > >
> > > Despite this nRF52, successfully advertise itself with new name.
> > >
> > > How to update device name in real time scenario without rebooting it ?
> >
> > Doing bt_le_adv_stop() and bt_le_adv_start() with a new set of
> > parameters should work.
> >
> > Johan
> >


Re: [Zephyr-users] err -5 when change BLE device name

Johan Hedberg
 

Hi Vikrant,

You'll need to debug this more then, i.e. get HCI logs and enable debug
logs for hci_core.c.

Johan

On Wed, Mar 21, 2018, Vikrant More wrote:
Hi Johan,







*static void bt_le_adv_refresh(void){ int err,i; for(i=0; i<=14;
i++) { name_buffer[i]= '@'; *// it is global array
}















* sd[0].data = name_buffer; sd[0].data_len = 15;
bt_le_adv_stop(); err = bt_le_adv_start(BT_LE_ADV_CONN, ad,
ARRAY_SIZE(ad), sd, ARRAY_SIZE(sd)); if (err) {
printk("Advertising failed to start (err %d)\n", err); return;
} printk("Refreshed Advertising successfully started\n");}*


I modified my function as per your suggestion, but now
1) device stop advertising after this function get call (previously it was
advertising with new Name )
2) plus getting same error as -> Advertising failed to start (err -5)

On Wed, Mar 21, 2018 at 4:14 PM, Johan Hedberg <johan.hedberg@intel.com>
wrote:

Hi Vikrant,

On Wed, Mar 21, 2018, Vikrant More wrote:
*sd[0].data = name_buffer; err = bt_le_adv_start(BT_LE_ADV_CONN,
ad,

You also need to update sd[0].data_len.
E.g. sd[0].data_len = strlen(name_buffer);

ARRAY_SIZE(ad), sd, ARRAY_SIZE(sd)); if (err) {
printk("Advertising failed to start (err %d)\n", err); return;
}*

But when I did it, got an error -> Advertising failed to start (err -5)

Despite this nRF52, successfully advertise itself with new name.

How to update device name in real time scenario without rebooting it ?
Doing bt_le_adv_stop() and bt_le_adv_start() with a new set of
parameters should work.

Johan


Re: [Zephyr-users] err -5 when change BLE device name

Vikrant More <vikrant8051@...>
 

Hi Johan,

static void bt_le_adv_refresh(void)
{   
    int err,i;

    for(i=0; i<=14; i++)
    {
        name_buffer[i]= '@';   
// it is global array
    }
   
    sd[0].data = name_buffer;
    sd[0].data_len = 15;

    bt_le_adv_stop();

    err = bt_le_adv_start(BT_LE_ADV_CONN, ad, ARRAY_SIZE(ad), sd, ARRAY_SIZE(sd));

    if (err)
    {
        printk("Advertising failed to start (err %d)\n", err);
        return;
    }

    printk("Refreshed Advertising successfully started\n");
}



I modified my function as per your suggestion, but now
1) device stop advertising after this function get call (previously it was advertising with new Name )
2) plus getting same error as -> Advertising failed to start (err -5)

On Wed, Mar 21, 2018 at 4:14 PM, Johan Hedberg <johan.hedberg@...> wrote:
Hi Vikrant,

On Wed, Mar 21, 2018, Vikrant More wrote:
> *sd[0].data = name_buffer;        err = bt_le_adv_start(BT_LE_ADV_CONN, ad,

You also need to update sd[0].data_len.
E.g. sd[0].data_len = strlen(name_buffer);

> ARRAY_SIZE(ad), sd, ARRAY_SIZE(sd));    if (err)     {
> printk("Advertising failed to start (err %d)\n", err);        return;    }*
>
> But when I did it, got an error -> Advertising failed to start (err -5)
>
> Despite this nRF52, successfully advertise itself with new name.
>
> How to update device name in real time scenario without rebooting it ?

Doing bt_le_adv_stop() and bt_le_adv_start() with a new set of
parameters should work.

Johan


Re: [Zephyr-users] err -5 when change BLE device name

Johan Hedberg
 

Hi Vikrant,

On Wed, Mar 21, 2018, Vikrant More wrote:
*sd[0].data = name_buffer; err = bt_le_adv_start(BT_LE_ADV_CONN, ad,
You also need to update sd[0].data_len.
E.g. sd[0].data_len = strlen(name_buffer);

ARRAY_SIZE(ad), sd, ARRAY_SIZE(sd)); if (err) {
printk("Advertising failed to start (err %d)\n", err); return; }*

But when I did it, got an error -> Advertising failed to start (err -5)

Despite this nRF52, successfully advertise itself with new name.

How to update device name in real time scenario without rebooting it ?
Doing bt_le_adv_stop() and bt_le_adv_start() with a new set of
parameters should work.

Johan


err -5 when change BLE device name

Vikrant More <vikrant8051@...>
 

Hi,

I've added functionality where user can change BLE device name which is part of scan response by calling


    sd[0].data = name_buffer;
  
    err = bt_le_adv_start(BT_LE_ADV_CONN, ad, ARRAY_SIZE(ad), sd, ARRAY_SIZE(sd));

    if (err)
    {
        printk("Advertising failed to start (err %d)\n", err);
        return;
    }


But when I did it, got an error -> Advertising failed to start (err -5)

Despite this nRF52, successfully advertise itself with new name.

How to update device name in real time scenario without rebooting it ?

Thanks,
vikrant8051


Re: Is it allowed to use public Bluetooth device address instead of non-resolvable random device address in the project of /sample/bluetooth/mesh_deom?

Johan Hedberg
 

Hi,

On Wed, Mar 21, 2018, Johan Hedberg wrote:
On Wed, Mar 21, 2018, Kai Ren wrote:
Just tested it, it works well, evidence is as below. Adv address is
static even if I reset my micro:bit.

I guess this address is from Nordic chipset, NRF_FICR->DEVICEADDR,
correct?
Yes, that's correct. Could you also add a comment to the PR that you've
tested it? (this helps getting it merged quicker)

I'm also thinking of adding a new Kconfig entry (with a depends on
BT_MESH_DEBUG) which would allow you to enable this feature from the app
rather than having to hack the mesh stack's code.
I've now updated the PR with a third patch that adds this new Kconfig
option for Mesh (called CONFIG_BT_MESH_DEBUG_USE_ID_ADDR).

Johan


Re: How hacker will hack/impact my BLE device, when ...??

Vikrant More <vikrant8051@...>
 

Hi Vakul,

Thanks for reply !!

No, APP can't differentiate between Genuine & Fake device.

And Yes, user by mistake can connect with his neighbor/attacker Device.

solution - 1) APP will check RSSI signal strength of Device. If it is in the range of 1-2 meters then only APP proceeds further.

              2) APP will pop-up with BUTTON to force user to Blink LED on connected device. And ask user "Have you seen Blinking LED ?"
                  If he/she clicks on "YES",  then only APP proceeds further.

                  Let suppose,

                  A = attacker fake device
                  B = newly purchased User's device

                  if user by mistake connect with A, then APP will Blink A instead B. Even after this, if user click on "Yes" on response of "Have you seen Blinking LED ?"
                  then it is User responsibility.

                 Risk - In above example, User can connect with A, at same time attacker could connect with B.
                           And when user click on Button to blink LED, same time attacker may Blink LED on B. Here, user may feel that he is connected to B & will press on "YES"
                 

Regards,
vikrant8051
 



On Wed, Mar 21, 2018 at 10:38 AM, Vakul Garg <vakul.garg@...> wrote:

Hi Vikrant

 

I am curious to understand about your security implementation.

I work in area of TLS security and I am not bluetooth security expert.

 

In your case, does the app need to differentiate between a genuine or fake device?

Will it be able to create a shared secret with the device even if it is a clone of genuine device and purpose programmed to leak the common encryption key?

 

Regards

 

Vakul

 

From: zephyr-devel-bounces@lists.zephyrproject.org [mailto:zephyr-devel-bounces@lists.zephyrproject.org] On Behalf Of Vikrant More
Sent: Tuesday, March 20, 2018 11:28 PM
To: zephyr-devel@lists.zephyrproject.org; zephyr-users@lists.zephyrproject.org
Subject: [Zephyr-devel] How hacker will hack/impact my BLE device, when ...??

 

Hi,

 

In my current project, I haven't implemented OOB pairing ( BLE based smart lights)

 

Using Zephyr built-in ECDH library, shared secret (using secp256r1 curve) get created on Device as well as on APP side which will act like encryption key for further communication.

 

On that encrypted link, APP send encryption key which is common for all devices associated with it.

 

All this happens when DEVICE is in factory reset mode.

 

There after communication link is encrypted using newly assign common key.

 

..................................................................................….........................................

 

This will create security risk, only if device is not authenticated by user & it could transfer security key ( which is common to many devices) to unauthorized device.

 

To solve this, APP will automatically trigger DEVICE's LEDs to blink & ask user "do you see blinking LED?" 

 

If user click on "YES" then & only then ECDH process will initiate & common key get share with new DEVICE.

 

------------------------------------------------------------------------------------------------------------------------

 

Besides this I didn't found any security flaw in this implementation. So I need help from Bluetooth Security expert. Is there anyone who can help me to find out flaws & security risks in my current implementation ?

 

Thanks,

vikrant8051



Re: Is it allowed to use public Bluetooth device address instead of non-resolvable random device address in the project of /sample/bluetooth/mesh_deom?

Johan Hedberg
 

Hi Kai,

On Wed, Mar 21, 2018, Kai Ren wrote:
Just tested it, it works well, evidence is as below. Adv address is
static even if I reset my micro:bit.

I guess this address is from Nordic chipset, NRF_FICR->DEVICEADDR,
correct?
Yes, that's correct. Could you also add a comment to the PR that you've
tested it? (this helps getting it merged quicker)

I'm also thinking of adding a new Kconfig entry (with a depends on
BT_MESH_DEBUG) which would allow you to enable this feature from the app
rather than having to hack the mesh stack's code.

Johan


Re: How hacker will hack/impact my BLE device, when ...??

Vakul Garg <vakul.garg@...>
 

Hi Vikrant

 

I am curious to understand about your security implementation.

I work in area of TLS security and I am not bluetooth security expert.

 

In your case, does the app need to differentiate between a genuine or fake device?

Will it be able to create a shared secret with the device even if it is a clone of genuine device and purpose programmed to leak the common encryption key?

 

Regards

 

Vakul

 

From: zephyr-devel-bounces@... [mailto:zephyr-devel-bounces@...] On Behalf Of Vikrant More
Sent: Tuesday, March 20, 2018 11:28 PM
To: zephyr-devel@...; zephyr-users@...
Subject: [Zephyr-devel] How hacker will hack/impact my BLE device, when ...??

 

Hi,

 

In my current project, I haven't implemented OOB pairing ( BLE based smart lights)

 

Using Zephyr built-in ECDH library, shared secret (using secp256r1 curve) get created on Device as well as on APP side which will act like encryption key for further communication.

 

On that encrypted link, APP send encryption key which is common for all devices associated with it.

 

All this happens when DEVICE is in factory reset mode.

 

There after communication link is encrypted using newly assign common key.

 

..................................................................................….........................................

 

This will create security risk, only if device is not authenticated by user & it could transfer security key ( which is common to many devices) to unauthorized device.

 

To solve this, APP will automatically trigger DEVICE's LEDs to blink & ask user "do you see blinking LED?" 

 

If user click on "YES" then & only then ECDH process will initiate & common key get share with new DEVICE.

 

------------------------------------------------------------------------------------------------------------------------

 

Besides this I didn't found any security flaw in this implementation. So I need help from Bluetooth Security expert. Is there anyone who can help me to find out flaws & security risks in my current implementation ?

 

Thanks,

vikrant8051

3721 - 3740 of 8041