Date   

USB HID sample

Johannes Hutter
 

Hello guys,


I tried to run the USB HID sample on a STM-based device and ran into some problems. I get a usage fault caused by a division by zero. This actually happens in the ST HAL, where a division by the MPS of the USB enpoint is done. The MPS is actually 0 when the sample does the USB write. Is there something missing in the sample? When turning the logging in the USB subsystem on, I can also see, that the Enpoints 0x00 and 0x80 are configured, but not the HID endpoint (on 0x83). the set_callback function is however called in the stm driver.

Would be great if someone could point me in the right direction.


Thanks and Best Regards,

Joe

--

Johannes Hutter | Embedded Software Engineer
Mail: johannes@...


Workaround GmbH (ProGlove)
Friedenstr. 4 | 81671 München

Managing Director: Thomas Kirchner
HRB: 216605 | AG München
USt.-IdNr.: DE298859320


Re: Custom per project flash runner

Marti Bolivar
 

Hi Roman,

You can specify a flash and debug runner without touching any board files by setting BOARD_FLASH_RUNNER and/or BOARD_DEBUG_RUNNER in the CMake command line when generating a build system.

Here is an example branch, in which I have created a "dummy" runner:


Here is the commit which adds the extra runner, which just prints the command instead of acting on hardware:


Here is an example shell session where the flash and debug runners are set at CMake time and then used later using "ninja flash", "ninja debug", and "ninja debugserver". I have used the nrf52_pca10040 board, but it should work with any board.

plop: ~/src/zephyr/samples/hello_world/build (set-runner) mbolivar
$ cmake -GNinja -DBOARD=nrf52_pca10040 -DBOARD_FLASH_RUNNER=dummy -DBOARD_DEBUG_RUNNER=dummy ..
CMake Deprecation Warning at /home/mbolivar/src/zephyr/cmake/app/boilerplate.cmake:38 (cmake_policy):
  The OLD behavior for policy CMP0000 will be removed from a future version
  of CMake.

  The cmake-policies(7) manual explains that the OLD behaviors of all
  policies are deprecated and that a policy should be set to OLD only under
  specific short-term circumstances.  Projects should be ported to the NEW
  behavior and not rely on setting a policy to OLD.
Call Stack (most recent call first):
  CMakeLists.txt:2 (include)


-- Found PythonInterp: /usr/bin/python3 (found suitable version "3.6.3", minimum required is "3.4") 
-- Selected BOARD nrf52_pca10040
Zephyr version: 1.11.99
[snip]
-- Configuring done
-- Generating done
-- Build files have been written to: /home/mbolivar/src/zephyr/samples/hello_world/build


plop: ~/src/zephyr/samples/hello_world/build (set-runner) mbolivar
$ ninja
[1/118] Generating always_rebuild
Building for board nrf52_pca10040
[113/118] Linking C executable zephyr/zephyr_prebuilt.elf
Memory region         Used Size  Region Size  %age Used
           FLASH:       44732 B       512 KB      8.53%
            SRAM:       11388 B        64 KB     17.38%
        IDT_LIST:         132 B         2 KB      6.45%
[118/118] Linking C executable zephyr/zephyr.elf


plop: ~/src/zephyr/samples/hello_world/build (set-runner) mbolivar
$ ninja flash
[1/89] Generating always_rebuild
Building for board nrf52_pca10040
[1/2] Flashing nrf52_pca10040
command: flash


plop: ~/src/zephyr/samples/hello_world/build (set-runner) mbolivar
$ ninja debug
[1/89] Generating always_rebuild
Building for board nrf52_pca10040
[1/2] Debugging nrf52_pca10040
command: debug


plop: ~/src/zephyr/samples/hello_world/build (set-runner) mbolivar
$ ninja debugserver
[1/89] Generating always_rebuild
Building for board nrf52_pca10040
[1/2] Debugging nrf52_pca10040
command: debugserver


Hope this helps. Please let me know if you still have problems.

Thanks,
Marti


On Sun, Mar 25, 2018, 3:48 PM Roman Tataurov <diytronic@...> wrote:
Hello!

I there some way to specify custom flash runner command instead of default one used for board.
For example I have a flasher what work with my board, but does not specified with board configuration.
Tried to play with set(BOARD_FLASH_RUNNER - it work if change it inside board config, but found no way to overwrite it in project files, not touching board files.

--
Roman Tataurov

_______________________________________________
Zephyr-users mailing list
Zephyr-users@lists.zephyrproject.org
https://lists.zephyrproject.org/mailman/listinfo/zephyr-users


Custom per project flash runner

Roman Tataurov
 

Hello!

I there some way to specify custom flash runner command instead of default one used for board.
For example I have a flasher what work with my board, but does not specified with board configuration.
Tried to play with set(BOARD_FLASH_RUNNER - it work if change it inside board config, but found no way to overwrite it in project files, not touching board files.

--
Roman Tataurov


What is need of addition authentication in case of #BluetoothMesh if ECDH public key exchanged over OOB ? #bluetoothmesh

Vikrant More <vikrant8051@...>
 

Hi, 

If #BluetoothMesh DEVICE ECDH-public key (oob public key) is exchanged over OOB channel then what is further need of authentication using input-OOB or output-OOB or static-OOB ?

Thanks,


Re: [Zephyr-devel] How hacker will hack/impact my BLE device, when ...??

Vikrant More <vikrant8051@...>
 

Hi,
I think we can do OOB pairing, even if Device doesn't have display to share Passkey with user App.

1. Create ECDH public-private key pair (only once in Device life)
2. Read ECDH-Public key via Device serial terminal. Create QR code from it & add it in Device packaging.

3. User will scan it with APP & APP will transfer own dynamically created public key over BLE link.
4. Shared secret will created on both side which can be used to encrypt further communication.

Thanks,
vikrant8051



On Wed, Mar 21, 2018 at 9:13 PM, Vikrant More <vikrant8051@...> wrote:
Hi,
https://eewiki.net/display/Wireless/A+Basic+Introduction+to+BLE+Security

MITM attacks are when a third device, which we will call the malicious device, impersonates the other two legitimate devices, in order to fool these devices into connecting to it. In this scenario, both the GAP Central and GAP Peripheral will connect to the malicious device which in turn routes the communication between the two other devices. This gives the legitimate devices the illusion that they are directly connected to each other when in fact their connection has been compromised. This setup not only allows the malicious device to intercept all the data being sent, but also allows it to inject false data into the communication or remove data before it reaches its intended recipient.

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

After reading this, I understand that without OOB Pairing everything is more or less insecure.


On Wed, Mar 21, 2018 at 7:04 PM, Marcio Montenegro <mtuxpe@...> wrote:
Google Secure beacons.No new hardware design :
https://developers.google.com/beacons/eddystone-eid

Regards,
Marcio


On Wed, Mar 21, 2018 at 10:15 AM, Vikrant More <vikrant8051@...> wrote:
Hi Marcio,
I'm not allowed to add anything extra in my current hardware design.

Besides this, is there any thing which is very serious ?
I'm still trying to understand various security risk behind my current implementation.

Thanks,
 

On Wed, Mar 21, 2018 at 5:35 PM, Marcio Montenegro <mtuxpe@...> wrote:
Hi all,
Maybe you can use crypto device on your product.


You also need to develop an application to configure  crypto device chip.
Then after configuration each device are unique.
For inspiration see:

Note that this devices has no Bluetooth.
Best,
Marcio


On Wed, Mar 21, 2018 at 2:08 AM, Vakul Garg <vakul.garg@...> wrote:

Hi Vikrant

 

I am curious to understand about your security implementation.

I work in area of TLS security and I am not bluetooth security expert.

 

In your case, does the app need to differentiate between a genuine or fake device?

Will it be able to create a shared secret with the device even if it is a clone of genuine device and purpose programmed to leak the common encryption key?

 

Regards

 

Vakul

 

From: zephyr-devel-bounces@lists.zephyrproject.org [mailto:zephyr-devel-bounces@lists.zephyrproject.org] On Behalf Of Vikrant More
Sent: Tuesday, March 20, 2018 11:28 PM
To: zephyr-devel@lists.zephyrproject.org; zephyr-users@lists.zephyrproject.org
Subject: [Zephyr-devel] How hacker will hack/impact my BLE device, when ...??

 

Hi,

 

In my current project, I haven't implemented OOB pairing ( BLE based smart lights)

 

Using Zephyr built-in ECDH library, shared secret (using secp256r1 curve) get created on Device as well as on APP side which will act like encryption key for further communication.

 

On that encrypted link, APP send encryption key which is common for all devices associated with it.

 

All this happens when DEVICE is in factory reset mode.

 

There after communication link is encrypted using newly assign common key.

 

..................................................................................….........................................

 

This will create security risk, only if device is not authenticated by user & it could transfer security key ( which is common to many devices) to unauthorized device.

 

To solve this, APP will automatically trigger DEVICE's LEDs to blink & ask user "do you see blinking LED?" 

 

If user click on "YES" then & only then ECDH process will initiate & common key get share with new DEVICE.

 

------------------------------------------------------------------------------------------------------------------------

 

Besides this I didn't found any security flaw in this implementation. So I need help from Bluetooth Security expert. Is there anyone who can help me to find out flaws & security risks in my current implementation ?

 

Thanks,

vikrant8051


_______________________________________________
Zephyr-devel mailing list
Zephyr-devel@lists.zephyrproject.org
https://lists.zephyrproject.org/mailman/listinfo/zephyr-devel







Re: USB on STM32

Yannis Damigos
 

On Fri, Mar 23, 2018 at 11:15 AM Johannes Hutter <johannes@...> wrote:

Hey Yannis,

that makes of course sense, if the missing define is generated from the dts. Thanks a lot!

Best Regards,

Joe




Hi Joe,

please consider creating a PR to enable USB on nucleo_f411re.

Best Regards,

Yannis



Re: USB on STM32

Johannes Hutter
 

Hey Yannis,

that makes of course sense, if the missing define is generated from the dts. Thanks a lot!

Best Regards,

Joe


On 22.03.2018 19:56, Yannis Damigos wrote:
On 03/22/2018 08:09 PM, Johannes Hutter wrote:
Hello guys,


I have trouble getting the usb/cdc_acm sample running on the nucleo_f411re. During the build I get errors of a couple of undeclared macros. For example:

 error: ‘ST_STM32_OTGFS_50000000_NUM_BIDIR_ENDPOINTS’ undeclared here (not in a function)
#define CONFIG_USB_NUM_BIDIR_ENDPOINTS  ST_STM32_OTGFS_50000000_NUM_BIDIR_ENDPOINTS

Is it possible that there is part of the stm HAL needed for USB missing?


 
Hi Joe,

USB is not enabled on nucleo_f411re. It should be easy to enable it.
Check the following link https://github.com/zephyrproject-rtos/zephyr/pull/6535/files

Best regards,
Yannis


--

Johannes Hutter | Embedded Software Engineer
Mail: johannes@...


Workaround GmbH (ProGlove)
Friedenstr. 4 | 81671 München

Managing Director: Thomas Kirchner
HRB: 216605 | AG München
USt.-IdNr.: DE298859320


Re: USB on STM32

Yannis Damigos
 

On 03/22/2018 08:09 PM, Johannes Hutter wrote:
Hello guys,


I have trouble getting the usb/cdc_acm sample running on the nucleo_f411re. During the build I get errors of a couple of undeclared macros. For example:

 error: ‘ST_STM32_OTGFS_50000000_NUM_BIDIR_ENDPOINTS’ undeclared here (not in a function)
#define CONFIG_USB_NUM_BIDIR_ENDPOINTS  ST_STM32_OTGFS_50000000_NUM_BIDIR_ENDPOINTS

Is it possible that there is part of the stm HAL needed for USB missing?


Hi Joe,

USB is not enabled on nucleo_f411re. It should be easy to enable it.
Check the following link https://github.com/zephyrproject-rtos/zephyr/pull/6535/files

Best regards,
Yannis


USB on STM32

Johannes Hutter
 

Hello guys,


I have trouble getting the usb/cdc_acm sample running on the nucleo_f411re. During the build I get errors of a couple of undeclared macros. For example:

 error: ‘ST_STM32_OTGFS_50000000_NUM_BIDIR_ENDPOINTS’ undeclared here (not in a function)
#define CONFIG_USB_NUM_BIDIR_ENDPOINTS  ST_STM32_OTGFS_50000000_NUM_BIDIR_ENDPOINTS

Is it possible that there is part of the stm HAL needed for USB missing?


Best regards,

Joe

--

Johannes Hutter | Embedded Software Engineer
Mail: johannes@...


Workaround GmbH (ProGlove)
Friedenstr. 4 | 81671 München

Managing Director: Thomas Kirchner
HRB: 216605 | AG München
USt.-IdNr.: DE298859320


Re: BBC:microbit like pairing implementation on nRF52840-PDK

Vikrant More <vikrant8051@...>
 

Hi,
Suppose there is Admin Characteristic (which requires OOB pairing since I've enable BT_GATT_PERM_WRITE_AUTHEN | BT_GATT_PERM_WRITE_ENCRYPT | BT_GATT_PERM_READ_AUTHEN | BT_GATT_PERM_READ_ENCRYPT)
Can I send AES Key(common for all devices) after OOB pairing to Admin characteristic?

If Yes, then Device can save it on flash & future communication with all other characteristics
( where I've not enable BT_GATT_PERM_WRITE_AUTHEN | BT_GATT_PERM_WRITE_ENCRYPT | BT_GATT_PERM_READ_AUTHEN | BT_GATT_PERM_READ_ENCRYPT)
will be encrypted using it. That's it !!


Thanks,

On Thu, Mar 22, 2018 at 2:48 PM, Vikrant More <vikrant8051@...> wrote:
In this video, user directly enter PIN from BBC:microbit for pairing.


https://www.youtube.com/watch?v=L54Sp2DZibA
In this video, user add pattern first & then enter PIN to pair.

What is pros & cons in these two styles of pairing ?

----------------------------------------------------------------------------------------------------------------------------------------
In both cases. user transform microbit into pairing mode.

What is significance behind it ? Is it help to device enter into factory reset mode ?

As per current Zephyr implementation, we can do pairing without goes into pairing mode.
----------------------------------------------------------------------------------------------------------------------------------------

By using combination of,

 1. BT_GATT_PERM_WRITE_AUTHEN
 2. BT_GATT_PERM_WRITE_ENCRYPT
 3. BT_GATT_PERM_READ_AUTHEN
 4. BT_GATT_PERM_READ_ENCRYPT

we could block Guest users to access certain characteristics & allow only Admin to access them
(who has paired with the Device)

If I do OOB pairing using Device Serial Terminal, it works as expected but after Device reboot I have to do it again to access admin characteristic.

There should be some variable which I have to store on device flash after Pairing & have to reinitialize them on every reboot.
But there is no any demo examples or documentations which shows what to save on flash.
I think this is what I want but this much is not sufficient for noob like me to implementation it with actual products.
----------------------------------------------------------------------------------------------------------------------------------------

Thank You !!












BBC:microbit like pairing implementation on nRF52840-PDK

Vikrant More <vikrant8051@...>
 

In this video, user directly enter PIN from BBC:microbit for pairing.


https://www.youtube.com/watch?v=L54Sp2DZibA
In this video, user add pattern first & then enter PIN to pair.

What is pros & cons in these two styles of pairing ?

----------------------------------------------------------------------------------------------------------------------------------------
In both cases. user transform microbit into pairing mode.

What is significance behind it ? Is it help to device enter into factory reset mode ?

As per current Zephyr implementation, we can do pairing without goes into pairing mode.
----------------------------------------------------------------------------------------------------------------------------------------

By using combination of,

 1. BT_GATT_PERM_WRITE_AUTHEN
 2. BT_GATT_PERM_WRITE_ENCRYPT
 3. BT_GATT_PERM_READ_AUTHEN
 4. BT_GATT_PERM_READ_ENCRYPT

we could block Guest users to access certain characteristics & allow only Admin to access them
(who has paired with the Device)

If I do OOB pairing using Device Serial Terminal, it works as expected but after Device reboot I have to do it again to access admin characteristic.

There should be some variable which I have to store on device flash after Pairing & have to reinitialize them on every reboot.
But there is no any demo examples or documentations which shows what to save on flash.
I think this is what I want but this much is not sufficient for noob like me to implementation it with actual products.
----------------------------------------------------------------------------------------------------------------------------------------

Thank You !!











Sensor Subsystem FIFO-operation

Thomas Li Fredriksen
 

Good morning,

Have for some time looked in to the Sensor API. From what I can see, there does not appear to be any built-in way of handling FIFO-operation or buffering.

A lot of sensors support internal FIFO operations with interrupts triggered by some FIFO threshold. How would this commonly be handled in Zephyr?

Cheers.


Re: k_thread_user_mode_enter() usage

Vakul Garg <vakul.garg@...>
 

Hi Andy

 

To reproduce the problem, you can simply use the following one line change in tests/kernel/mem_protect/…

 

diff --git a/tests/kernel/mem_protect/userspace/src/main.c b/tests/kernel/mem_protect/userspace/src/main.c

index 0d994548d..a8e2ab77e 100644

--- a/tests/kernel/mem_protect/userspace/src/main.c

+++ b/tests/kernel/mem_protect/userspace/src/main.c

@@ -475,6 +475,7 @@ static void umode_enter_func(void)

                 * to signal a pass status or else run_test() will hang

                 * forever waiting on test_end_signal semaphore.

                 */

+               printf("I am inside user mode\n");

                ztest_test_pass();

        } else {

                zassert_unreachable("Thread did not enter user mode\n");

 

 

Regards

Vakul

 

 

From: Andy Gross [mailto:andy.gross@...]
Sent: Wednesday, March 21, 2018 9:04 PM
To: Andrew Boie <andrew.p.boie@...>
Cc: Vakul Garg <vakul.garg@...>; zephyr-users@...
Subject: RE: k_thread_user_mode_enter() usage

 

I'll try to take a look tomorrow.  Do you have a branch I can pull from?

 

Andy

 

On Mar 21, 2018 23:01, "Boie, Andrew P" <andrew.p.boie@...> wrote:

Andy,

Can you take a look at this? Seems to be rooted in the privileged stack mechanism..


-----Original Message-----
From: Vakul Garg [mailto:vakul.garg@...]
Sent: Tuesday, March 20, 2018 11:26 PM
To: Boie, Andrew P <andrew.p.boie@...>; zephyr-users@...
Cc: Andy Gross <andy.gross@...>
Subject: RE: k_thread_user_mode_enter() usage

Importance: High

Hi Andrew

I am using nxp frdm_k64f (has cortex M4 core).
In my application, I have a printf() at beginning. This is causing bus fault.
Replacing it with an infinite while(1) loop hides the bus fault but stack check still remains.

Further I tried running zephyr/tests/kernel/mem_protect/userspace.
It passes successfully.

However if I introduce a printf() in function userspace/src/main.c: umode_enter_func() under the condition when is_user_context is true, it also crashes.
But here it is different exception !!

***** USAGE FAULT *****
  Executing thread ID (thread): 0x200002ec
  Faulting instruction address:  0x61a0
  Attempt to execute undefined instruction Caught system error -- reason 0

Further decoding faulting instruction address 0x61a0 using 'addr2line' takes me to userspace/build/frdm_k64f/zephyr/priv_stacks_hash.gperf:32
The given line number is inside following function (at the location where variable map is being dereferenced to get priv_stack_addr).

u8_t *_k_priv_stack_find(void *obj)
{
    const struct _k_priv_stack_map *map =
        _k_priv_stack_map_lookup((const char *)obj, sizeof(void *));
    return map->priv_stack_addr;
}

I tried increasing MAIN/PREVILEDGED stack sizes in project config, but result is same.

Regards

Vakul

> -----Original Message-----
> From: Boie, Andrew P [mailto:andrew.p.boie@...]
> Sent: Tuesday, March 20, 2018 8:16 PM
> To: Vakul Garg <vakul.garg@...>; zephyr-
> users@...
> Cc: Andy Gross <andy.gross@...>
> Subject: RE: k_thread_user_mode_enter() usage
>
> It looks like you are getting two exceptions in a row.
> Were you able to determine the source of the bus fault? That seems
> like the real issue.
> What platform is this on?
>
> Andrew
>
> -----Original Message-----
> From: zephyr-users-bounces@...
> [mailto:zephyr-users- bounces@...] On Behalf Of
> Vakul Garg
> Sent: Tuesday, March 20, 2018 3:57 AM
> To: zephyr-users@...
> Subject: [Zephyr-users] k_thread_user_mode_enter() usage
>
> Hi
>
> I want my application auto-launched at zephyr startup to drop its
> privileges to become user mode app.
> So I moved my applications entry point to app_main() and invoked it
> from k_thread_user_mode_enter(app_main, NULL, NULL, NULL) from
> function void main().
>
> Now, before app_main() could get called, I get following error:
>
> ***** BUS FAULT *****
>   Executing thread ID (thread): 0x20002eec
>   Faulting instruction address:  0x12da
>   Precise data bus error
>   Address: 0x20011208
> Fatal fault in thread 0x20002eec! Aborting.
> ***** Stack Check Fail! *****
> Current thread ID = 0x20002eec
> Faulting instruction address = 0x2a290
>
> I checked that the stack sentinel check is failing in function
> _check_stack_sentinel().
>
> Can someone advise what I am doing wrong?
>
> Regards
>
> Vakul
>
> _______________________________________________
> Zephyr-users mailing list
> Zephyr-users@...
> https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flis
> t
> s.zephyrproject.org%2Fmailman%2Flistinfo%2Fzephyr-
> users&data=02%7C01%7Cvakul.garg%40nxp.com%7Cee6448f50f03472d438
> 908d58e7162a5%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C63
> 6571540048549904&sdata=7%2B4eiwFRT0gglTQxGjYUNbVXu1PEoF9cp4tgK
> FaIg70%3D&reserved=0

 


Re: [Zephyr-devel] Firmware over the air (FOTA) and FCB support in 1.11.0

Michael Scott
 



On 03/21/2018 10:09 AM, Vikrant More wrote:
Hi,
>> Regarding FCB: the initial implementation is done in v1.11,
>>but the APIs are fairly complex and IMHO it's meant to be used as a base layer for other higher level implementations to manage persistent data such as device configuration, system logs and other uses. 
>>There are several pull requests in-progress which aim to add these higher level services.  (The first PR will probably be re-written to use FCB as it's base layer):
>> https://github.com/zephyrproject-rtos/zephyr/pull/6391
>> https://github.com/zephyrproject-rtos/zephyr/pull/6408

Are these PRs, suitable to save #BluetoothMesh's Sequence Numbers on flash which updates frequently ?

IIRC, the idea is to settle on 1 solution which would be appropriate for most use-cases (including Mesh Sequence Numbers).   You might want to have 2 separate storage locations if you have data that only updates occasionally *and* data that updates frequently.

The guys from Nordic (and possibly Johan) are looking at this issue as well.

- Mike


Thanks,


On Wed, Mar 21, 2018 at 9:59 PM, Michael Scott <michael@...> wrote:



On 03/20/2018 09:14 PM, ashish.shukla@... wrote:
Hi all,

I've been waiting for FOTA and FCB support in zephyr and now when it is supported, I cannot see any samples available or proper documentation to use these features in my project.

Hi Ashish,

Your question is a bit open-ended, and might be difficult to answer without some details regarding your paricular use-case (BLE update, IP-based update, Mesh, etc)

For instance, the LwM2M subsystem provides a mechanism for receiving a firmware update in the LwM2M client, but the implementation of where to store the incoming binary data is up to you.  See https://github.com/zephyrproject-rtos/zephyr/blob/master/samples/net/lwm2m_client/src/lwm2m-client.c#L208 for a callback example that is triggered on each incoming block of data.  Documentation for the sample itself doesn't discuss the firmware update mechanism, but it's here for reference: http://docs.zephyrproject.org/samples/net/lwm2m_client/README.html

Then, there is a robust DFU (Device Firmware Update) subsystem to help implement the image writing portion of a firmware update as well as integrate with mcuboot (an MCU bootloader) which would check an image for validity and then move it into the bootable application slot.   See: https://github.com/zephyrproject-rtos/zephyr/tree/master/subsys/dfu for sources.

Regarding FCB: the initial implementation is done in v1.11, but the APIs are fairly complex and IMHO it's meant to be used as a base layer for other higher level implementations to manage persistent data such as device configuration, system logs and other uses.  There are several pull requests in-progress which aim to add these higher level services.  (The first PR will probably be re-written to use FCB as it's base layer):
https://github.com/zephyrproject-rtos/zephyr/pull/6391
https://github.com/zephyrproject-rtos/zephyr/pull/6408

Hopefully that helps get you started,

- Mike


Any help regarding the same would be of great help.

--
Warm regards,
Ashish Shukla
Jr. Embedded Engineer
Research & Development


Please consider the environment before printing this e-mail or its attachments.

Disclaimer: The information contained herein (including any accompanying documents) is confidential and is intended solely for the addressee(s). If you have erroneously received this message, please immediately delete it and notify the sender. Also, if you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this message or any accompanying document is strictly prohibited and is unlawful. The organization is not responsible for any damage caused by a virus or alteration of the e-mail by a third party or otherwise. The contents of this message may not necessarily represent the views or policies of Corvi



_______________________________________________
Zephyr-devel mailing list
Zephyr-devel@lists.zephyrproject.org
https://lists.zephyrproject.org/mailman/listinfo/zephyr-devel


_______________________________________________
Zephyr-devel mailing list
Zephyr-devel@lists.zephyrproject.org
https://lists.zephyrproject.org/mailman/listinfo/zephyr-devel




Re: [Zephyr-devel] Firmware over the air (FOTA) and FCB support in 1.11.0

Vikrant More <vikrant8051@...>
 

Hi,
>> Regarding FCB: the initial implementation is done in v1.11,
>>but the APIs are fairly complex and IMHO it's meant to be used as a base layer for other higher level implementations to manage persistent data such as device configuration, system logs and other uses. 
>>There are several pull requests in-progress which aim to add these higher level services.  (The first PR will probably be re-written to use FCB as it's base layer):
>> https://github.com/zephyrproject-rtos/zephyr/pull/6391
>> https://github.com/zephyrproject-rtos/zephyr/pull/6408

Are these PRs, suitable to save #BluetoothMesh's Sequence Numbers on flash which updates frequently ?

Thanks,


On Wed, Mar 21, 2018 at 9:59 PM, Michael Scott <michael@...> wrote:



On 03/20/2018 09:14 PM, ashish.shukla@... wrote:
Hi all,

I've been waiting for FOTA and FCB support in zephyr and now when it is supported, I cannot see any samples available or proper documentation to use these features in my project.

Hi Ashish,

Your question is a bit open-ended, and might be difficult to answer without some details regarding your paricular use-case (BLE update, IP-based update, Mesh, etc)

For instance, the LwM2M subsystem provides a mechanism for receiving a firmware update in the LwM2M client, but the implementation of where to store the incoming binary data is up to you.  See https://github.com/zephyrproject-rtos/zephyr/blob/master/samples/net/lwm2m_client/src/lwm2m-client.c#L208 for a callback example that is triggered on each incoming block of data.  Documentation for the sample itself doesn't discuss the firmware update mechanism, but it's here for reference: http://docs.zephyrproject.org/samples/net/lwm2m_client/README.html

Then, there is a robust DFU (Device Firmware Update) subsystem to help implement the image writing portion of a firmware update as well as integrate with mcuboot (an MCU bootloader) which would check an image for validity and then move it into the bootable application slot.   See: https://github.com/zephyrproject-rtos/zephyr/tree/master/subsys/dfu for sources.

Regarding FCB: the initial implementation is done in v1.11, but the APIs are fairly complex and IMHO it's meant to be used as a base layer for other higher level implementations to manage persistent data such as device configuration, system logs and other uses.  There are several pull requests in-progress which aim to add these higher level services.  (The first PR will probably be re-written to use FCB as it's base layer):
https://github.com/zephyrproject-rtos/zephyr/pull/6391
https://github.com/zephyrproject-rtos/zephyr/pull/6408

Hopefully that helps get you started,

- Mike


Any help regarding the same would be of great help.

--
Warm regards,
Ashish Shukla
Jr. Embedded Engineer
Research & Development


Please consider the environment before printing this e-mail or its attachments.

Disclaimer: The information contained herein (including any accompanying documents) is confidential and is intended solely for the addressee(s). If you have erroneously received this message, please immediately delete it and notify the sender. Also, if you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this message or any accompanying document is strictly prohibited and is unlawful. The organization is not responsible for any damage caused by a virus or alteration of the e-mail by a third party or otherwise. The contents of this message may not necessarily represent the views or policies of Corvi



_______________________________________________
Zephyr-devel mailing list
Zephyr-devel@lists.zephyrproject.org
https://lists.zephyrproject.org/mailman/listinfo/zephyr-devel


_______________________________________________
Zephyr-devel mailing list
Zephyr-devel@lists.zephyrproject.org
https://lists.zephyrproject.org/mailman/listinfo/zephyr-devel



How to dynamically OR on reboot update BLE device TX power ?

Vikrant More <vikrant8051@...>
 

Hi,
How to dynamically OR on reboot update nRF52 based BLE Device TX power ?


Thanks,
vikrant8051


Re: [Zephyr-devel] Firmware over the air (FOTA) and FCB support in 1.11.0

Michael Scott
 



On 03/20/2018 09:14 PM, ashish.shukla@... wrote:
Hi all,

I've been waiting for FOTA and FCB support in zephyr and now when it is supported, I cannot see any samples available or proper documentation to use these features in my project.

Hi Ashish,

Your question is a bit open-ended, and might be difficult to answer without some details regarding your paricular use-case (BLE update, IP-based update, Mesh, etc)

For instance, the LwM2M subsystem provides a mechanism for receiving a firmware update in the LwM2M client, but the implementation of where to store the incoming binary data is up to you.  See https://github.com/zephyrproject-rtos/zephyr/blob/master/samples/net/lwm2m_client/src/lwm2m-client.c#L208 for a callback example that is triggered on each incoming block of data.  Documentation for the sample itself doesn't discuss the firmware update mechanism, but it's here for reference: http://docs.zephyrproject.org/samples/net/lwm2m_client/README.html

Then, there is a robust DFU (Device Firmware Update) subsystem to help implement the image writing portion of a firmware update as well as integrate with mcuboot (an MCU bootloader) which would check an image for validity and then move it into the bootable application slot.   See: https://github.com/zephyrproject-rtos/zephyr/tree/master/subsys/dfu for sources.

Regarding FCB: the initial implementation is done in v1.11, but the APIs are fairly complex and IMHO it's meant to be used as a base layer for other higher level implementations to manage persistent data such as device configuration, system logs and other uses.  There are several pull requests in-progress which aim to add these higher level services.  (The first PR will probably be re-written to use FCB as it's base layer):
https://github.com/zephyrproject-rtos/zephyr/pull/6391
https://github.com/zephyrproject-rtos/zephyr/pull/6408

Hopefully that helps get you started,

- Mike


Any help regarding the same would be of great help.

--
Warm regards,
Ashish Shukla
Jr. Embedded Engineer
Research & Development


Please consider the environment before printing this e-mail or its attachments.

Disclaimer: The information contained herein (including any accompanying documents) is confidential and is intended solely for the addressee(s). If you have erroneously received this message, please immediately delete it and notify the sender. Also, if you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this message or any accompanying document is strictly prohibited and is unlawful. The organization is not responsible for any damage caused by a virus or alteration of the e-mail by a third party or otherwise. The contents of this message may not necessarily represent the views or policies of Corvi



_______________________________________________
Zephyr-devel mailing list
Zephyr-devel@...
https://lists.zephyrproject.org/mailman/listinfo/zephyr-devel


Re: [Zephyr-devel] How hacker will hack/impact my BLE device, when ...??

Vikrant More <vikrant8051@...>
 

Hi,
https://eewiki.net/display/Wireless/A+Basic+Introduction+to+BLE+Security

MITM attacks are when a third device, which we will call the malicious device, impersonates the other two legitimate devices, in order to fool these devices into connecting to it. In this scenario, both the GAP Central and GAP Peripheral will connect to the malicious device which in turn routes the communication between the two other devices. This gives the legitimate devices the illusion that they are directly connected to each other when in fact their connection has been compromised. This setup not only allows the malicious device to intercept all the data being sent, but also allows it to inject false data into the communication or remove data before it reaches its intended recipient.

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

After reading this, I understand that without OOB Pairing everything is more or less insecure.


On Wed, Mar 21, 2018 at 7:04 PM, Marcio Montenegro <mtuxpe@...> wrote:
Google Secure beacons.No new hardware design :
https://developers.google.com/beacons/eddystone-eid

Regards,
Marcio


On Wed, Mar 21, 2018 at 10:15 AM, Vikrant More <vikrant8051@...> wrote:
Hi Marcio,
I'm not allowed to add anything extra in my current hardware design.

Besides this, is there any thing which is very serious ?
I'm still trying to understand various security risk behind my current implementation.

Thanks,
 

On Wed, Mar 21, 2018 at 5:35 PM, Marcio Montenegro <mtuxpe@...> wrote:
Hi all,
Maybe you can use crypto device on your product.


You also need to develop an application to configure  crypto device chip.
Then after configuration each device are unique.
For inspiration see:

Note that this devices has no Bluetooth.
Best,
Marcio


On Wed, Mar 21, 2018 at 2:08 AM, Vakul Garg <vakul.garg@...> wrote:

Hi Vikrant

 

I am curious to understand about your security implementation.

I work in area of TLS security and I am not bluetooth security expert.

 

In your case, does the app need to differentiate between a genuine or fake device?

Will it be able to create a shared secret with the device even if it is a clone of genuine device and purpose programmed to leak the common encryption key?

 

Regards

 

Vakul

 

From: zephyr-devel-bounces@... [mailto:zephyr-devel-bounces@...] On Behalf Of Vikrant More
Sent: Tuesday, March 20, 2018 11:28 PM
To: zephyr-devel@...; zephyr-users@...
Subject: [Zephyr-devel] How hacker will hack/impact my BLE device, when ...??

 

Hi,

 

In my current project, I haven't implemented OOB pairing ( BLE based smart lights)

 

Using Zephyr built-in ECDH library, shared secret (using secp256r1 curve) get created on Device as well as on APP side which will act like encryption key for further communication.

 

On that encrypted link, APP send encryption key which is common for all devices associated with it.

 

All this happens when DEVICE is in factory reset mode.

 

There after communication link is encrypted using newly assign common key.

 

..................................................................................….........................................

 

This will create security risk, only if device is not authenticated by user & it could transfer security key ( which is common to many devices) to unauthorized device.

 

To solve this, APP will automatically trigger DEVICE's LEDs to blink & ask user "do you see blinking LED?" 

 

If user click on "YES" then & only then ECDH process will initiate & common key get share with new DEVICE.

 

------------------------------------------------------------------------------------------------------------------------

 

Besides this I didn't found any security flaw in this implementation. So I need help from Bluetooth Security expert. Is there anyone who can help me to find out flaws & security risks in my current implementation ?

 

Thanks,

vikrant8051


_______________________________________________
Zephyr-devel mailing list
Zephyr-devel@...
https://lists.zephyrproject.org/mailman/listinfo/zephyr-devel






Re: k_thread_user_mode_enter() usage

Andy Gross
 

I'll try to take a look tomorrow.  Do you have a branch I can pull from?

Andy

On Mar 21, 2018 23:01, "Boie, Andrew P" <andrew.p.boie@...> wrote:
Andy,

Can you take a look at this? Seems to be rooted in the privileged stack mechanism..

-----Original Message-----
From: Vakul Garg [mailto:vakul.garg@...]
Sent: Tuesday, March 20, 2018 11:26 PM
To: Boie, Andrew P <andrew.p.boie@...>; zephyr-users@lists.zephyrproject.org
Cc: Andy Gross <andy.gross@...>
Subject: RE: k_thread_user_mode_enter() usage
Importance: High

Hi Andrew

I am using nxp frdm_k64f (has cortex M4 core).
In my application, I have a printf() at beginning. This is causing bus fault.
Replacing it with an infinite while(1) loop hides the bus fault but stack check still remains.

Further I tried running zephyr/tests/kernel/mem_protect/userspace.
It passes successfully.

However if I introduce a printf() in function userspace/src/main.c: umode_enter_func() under the condition when is_user_context is true, it also crashes.
But here it is different exception !!

***** USAGE FAULT *****
  Executing thread ID (thread): 0x200002ec
  Faulting instruction address:  0x61a0
  Attempt to execute undefined instruction Caught system error -- reason 0

Further decoding faulting instruction address 0x61a0 using 'addr2line' takes me to userspace/build/frdm_k64f/zephyr/priv_stacks_hash.gperf:32
The given line number is inside following function (at the location where variable map is being dereferenced to get priv_stack_addr).

u8_t *_k_priv_stack_find(void *obj)
{
    const struct _k_priv_stack_map *map =
        _k_priv_stack_map_lookup((const char *)obj, sizeof(void *));
    return map->priv_stack_addr;
}

I tried increasing MAIN/PREVILEDGED stack sizes in project config, but result is same.

Regards

Vakul

> -----Original Message-----
> From: Boie, Andrew P [mailto:andrew.p.boie@intel.com]
> Sent: Tuesday, March 20, 2018 8:16 PM
> To: Vakul Garg <vakul.garg@...>; zephyr-
> users@...
> Cc: Andy Gross <andy.gross@...>
> Subject: RE: k_thread_user_mode_enter() usage
>
> It looks like you are getting two exceptions in a row.
> Were you able to determine the source of the bus fault? That seems
> like the real issue.
> What platform is this on?
>
> Andrew
>
> -----Original Message-----
> From: zephyr-users-bounces@lists.zephyrproject.org
> [mailto:zephyr-users- bounces@....org] On Behalf Of
> Vakul Garg
> Sent: Tuesday, March 20, 2018 3:57 AM
> To: zephyr-users@lists.zephyrproject.org
> Subject: [Zephyr-users] k_thread_user_mode_enter() usage
>
> Hi
>
> I want my application auto-launched at zephyr startup to drop its
> privileges to become user mode app.
> So I moved my applications entry point to app_main() and invoked it
> from k_thread_user_mode_enter(app_main, NULL, NULL, NULL) from
> function void main().
>
> Now, before app_main() could get called, I get following error:
>
> ***** BUS FAULT *****
>   Executing thread ID (thread): 0x20002eec
>   Faulting instruction address:  0x12da
>   Precise data bus error
>   Address: 0x20011208
> Fatal fault in thread 0x20002eec! Aborting.
> ***** Stack Check Fail! *****
> Current thread ID = 0x20002eec
> Faulting instruction address = 0x2a290
>
> I checked that the stack sentinel check is failing in function
> _check_stack_sentinel().
>
> Can someone advise what I am doing wrong?
>
> Regards
>
> Vakul
>
> _______________________________________________
> Zephyr-users mailing list
> Zephyr-users@lists.zephyrproject.org
> https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flis
> t
> s.zephyrproject.org%2Fmailman%2Flistinfo%2Fzephyr-
> users&data=02%7C01%7Cvakul.garg%40nxp.com%7Cee6448f50f03472d438
> 908d58e7162a5%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C63
> 6571540048549904&sdata=7%2B4eiwFRT0gglTQxGjYUNbVXu1PEoF9cp4tgK
> FaIg70%3D&reserved=0


Re: k_thread_user_mode_enter() usage

Boie, Andrew P
 

Andy,

Can you take a look at this? Seems to be rooted in the privileged stack mechanism..

-----Original Message-----
From: Vakul Garg [mailto:vakul.garg@nxp.com]
Sent: Tuesday, March 20, 2018 11:26 PM
To: Boie, Andrew P <andrew.p.boie@intel.com>; zephyr-users@lists.zephyrproject.org
Cc: Andy Gross <andy.gross@linaro.org>
Subject: RE: k_thread_user_mode_enter() usage
Importance: High

Hi Andrew

I am using nxp frdm_k64f (has cortex M4 core).
In my application, I have a printf() at beginning. This is causing bus fault.
Replacing it with an infinite while(1) loop hides the bus fault but stack check still remains.

Further I tried running zephyr/tests/kernel/mem_protect/userspace.
It passes successfully.

However if I introduce a printf() in function userspace/src/main.c: umode_enter_func() under the condition when is_user_context is true, it also crashes.
But here it is different exception !!

***** USAGE FAULT *****
Executing thread ID (thread): 0x200002ec
Faulting instruction address: 0x61a0
Attempt to execute undefined instruction Caught system error -- reason 0

Further decoding faulting instruction address 0x61a0 using 'addr2line' takes me to userspace/build/frdm_k64f/zephyr/priv_stacks_hash.gperf:32
The given line number is inside following function (at the location where variable map is being dereferenced to get priv_stack_addr).

u8_t *_k_priv_stack_find(void *obj)
{
const struct _k_priv_stack_map *map =
_k_priv_stack_map_lookup((const char *)obj, sizeof(void *));
return map->priv_stack_addr;
}

I tried increasing MAIN/PREVILEDGED stack sizes in project config, but result is same.

Regards

Vakul

-----Original Message-----
From: Boie, Andrew P [mailto:andrew.p.boie@intel.com]
Sent: Tuesday, March 20, 2018 8:16 PM
To: Vakul Garg <vakul.garg@nxp.com>; zephyr-
users@lists.zephyrproject.org
Cc: Andy Gross <andy.gross@linaro.org>
Subject: RE: k_thread_user_mode_enter() usage

It looks like you are getting two exceptions in a row.
Were you able to determine the source of the bus fault? That seems
like the real issue.
What platform is this on?

Andrew

-----Original Message-----
From: zephyr-users-bounces@lists.zephyrproject.org
[mailto:zephyr-users- bounces@lists.zephyrproject.org] On Behalf Of
Vakul Garg
Sent: Tuesday, March 20, 2018 3:57 AM
To: zephyr-users@lists.zephyrproject.org
Subject: [Zephyr-users] k_thread_user_mode_enter() usage

Hi

I want my application auto-launched at zephyr startup to drop its
privileges to become user mode app.
So I moved my applications entry point to app_main() and invoked it
from k_thread_user_mode_enter(app_main, NULL, NULL, NULL) from
function void main().

Now, before app_main() could get called, I get following error:

***** BUS FAULT *****
Executing thread ID (thread): 0x20002eec
Faulting instruction address: 0x12da
Precise data bus error
Address: 0x20011208
Fatal fault in thread 0x20002eec! Aborting.
***** Stack Check Fail! *****
Current thread ID = 0x20002eec
Faulting instruction address = 0x2a290

I checked that the stack sentinel check is failing in function
_check_stack_sentinel().

Can someone advise what I am doing wrong?

Regards

Vakul

_______________________________________________
Zephyr-users mailing list
Zephyr-users@lists.zephyrproject.org
https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flis
t
s.zephyrproject.org%2Fmailman%2Flistinfo%2Fzephyr-
users&data=02%7C01%7Cvakul.garg%40nxp.com%7Cee6448f50f03472d438
908d58e7162a5%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C63
6571540048549904&sdata=7%2B4eiwFRT0gglTQxGjYUNbVXu1PEoF9cp4tgK
FaIg70%3D&reserved=0

2041 - 2060 of 2707