1 /* main.c - Host long advertising receive */
2
3 /*
4 * Copyright (c) 2021-2024 Nordic Semiconductor ASA
5 *
6 * SPDX-License-Identifier: Apache-2.0
7 */
8
9 #include <stddef.h>
10
11 #include <zephyr/bluetooth/hci_types.h>
12 #include <zephyr/fff.h>
13 #include <zephyr/kernel.h>
14 #include <zephyr/ztest.h>
15
16 #include <errno.h>
17 #include <zephyr/tc_util.h>
18
19 #include <zephyr/bluetooth/hci.h>
20 #include <zephyr/bluetooth/buf.h>
21 #include <zephyr/bluetooth/bluetooth.h>
22 #include <zephyr/drivers/bluetooth.h>
23 #include <zephyr/sys/byteorder.h>
24 #include <zephyr/ztest_assert.h>
25
26 #define DT_DRV_COMPAT zephyr_bt_hci_test
27
28 struct driver_data {
29 bt_hci_recv_t recv;
30 };
31
32 #define LOG_LEVEL CONFIG_BT_LOG_LEVEL
33 #include <zephyr/logging/log.h>
34 LOG_MODULE_REGISTER(host_test_app);
35
36 DEFINE_FFF_GLOBALS;
37
38 struct test_adv_report {
39 uint8_t data[CONFIG_BT_EXT_SCAN_BUF_SIZE];
40 uint8_t length;
41 uint16_t evt_prop;
42 bt_addr_le_t addr;
43 };
44
45 #define COMPLETE BT_HCI_LE_ADV_EVT_TYPE_DATA_STATUS_COMPLETE << 5
46 #define MORE_TO_COME BT_HCI_LE_ADV_EVT_TYPE_DATA_STATUS_PARTIAL << 5
47 #define TRUNCATED BT_HCI_LE_ADV_EVT_TYPE_DATA_STATUS_INCOMPLETE << 5
48
49 /* Command handler structure for cmd_handle(). */
50 struct cmd_handler {
51 uint16_t opcode; /* HCI command opcode */
52 uint8_t len; /* HCI command response length */
53 void (*handler)(struct net_buf *buf, struct net_buf **evt, uint8_t len, uint16_t opcode);
54 };
55
56 /* Add event to net_buf. */
evt_create(struct net_buf * buf,uint8_t evt,uint8_t len)57 static void evt_create(struct net_buf *buf, uint8_t evt, uint8_t len)
58 {
59 struct bt_hci_evt_hdr *hdr;
60
61 hdr = net_buf_add(buf, sizeof(*hdr));
62 hdr->evt = evt;
63 hdr->len = len;
64 }
65
le_meta_evt_create(struct bt_hci_evt_le_meta_event * evt,uint8_t subevent)66 static void le_meta_evt_create(struct bt_hci_evt_le_meta_event *evt, uint8_t subevent)
67 {
68 evt->subevent = subevent;
69 }
70
adv_info_create(struct bt_hci_evt_le_ext_advertising_info * evt,uint16_t evt_type,const bt_addr_le_t * const addr,uint8_t length)71 static void adv_info_create(struct bt_hci_evt_le_ext_advertising_info *evt, uint16_t evt_type,
72 const bt_addr_le_t *const addr, uint8_t length)
73 {
74 evt->evt_type = evt_type;
75 bt_addr_le_copy(&evt->addr, addr);
76 evt->prim_phy = 0;
77 evt->sec_phy = 0;
78 evt->sid = 0;
79 evt->tx_power = 0;
80 evt->rssi = 0;
81 evt->interval = 0;
82 bt_addr_le_copy(&evt->direct_addr, BT_ADDR_LE_NONE);
83 evt->length = length;
84 }
85
86 /* Create a command complete event. */
cmd_complete(struct net_buf ** buf,uint8_t plen,uint16_t opcode)87 static void *cmd_complete(struct net_buf **buf, uint8_t plen, uint16_t opcode)
88 {
89 struct bt_hci_evt_cmd_complete *cc;
90
91 *buf = bt_buf_get_evt(BT_HCI_EVT_CMD_COMPLETE, false, K_FOREVER);
92 evt_create(*buf, BT_HCI_EVT_CMD_COMPLETE, sizeof(*cc) + plen);
93 cc = net_buf_add(*buf, sizeof(*cc));
94 cc->ncmd = 1U;
95 cc->opcode = sys_cpu_to_le16(opcode);
96
97 return net_buf_add(*buf, plen);
98 }
99
100 /* Loop over handlers to try to handle the command given by opcode. */
cmd_handle_helper(uint16_t opcode,struct net_buf * cmd,struct net_buf ** evt,const struct cmd_handler * handlers,size_t num_handlers)101 static int cmd_handle_helper(uint16_t opcode, struct net_buf *cmd, struct net_buf **evt,
102 const struct cmd_handler *handlers, size_t num_handlers)
103 {
104 for (size_t i = 0; i < num_handlers; i++) {
105 const struct cmd_handler *handler = &handlers[i];
106
107 if (handler->opcode != opcode) {
108 continue;
109 }
110
111 if (handler->handler) {
112 handler->handler(cmd, evt, handler->len, opcode);
113
114 return 0;
115 }
116 }
117
118 zassert_unreachable("opcode %X failed", opcode);
119
120 return -EINVAL;
121 }
122
123 /* Lookup the command opcode and invoke handler. */
cmd_handle(const struct device * dev,struct net_buf * cmd,const struct cmd_handler * handlers,size_t num_handlers)124 static int cmd_handle(const struct device *dev, struct net_buf *cmd,
125 const struct cmd_handler *handlers, size_t num_handlers)
126 {
127 struct driver_data *drv = dev->data;
128 struct net_buf *evt = NULL;
129 struct bt_hci_evt_cc_status *ccst;
130 struct bt_hci_cmd_hdr *chdr;
131 uint16_t opcode;
132 int err;
133
134 chdr = net_buf_pull_mem(cmd, sizeof(*chdr));
135 opcode = sys_le16_to_cpu(chdr->opcode);
136
137 err = cmd_handle_helper(opcode, cmd, &evt, handlers, num_handlers);
138
139 if (err == -EINVAL) {
140 ccst = cmd_complete(&evt, sizeof(*ccst), opcode);
141 ccst->status = BT_HCI_ERR_UNKNOWN_CMD;
142 }
143
144 if (evt) {
145 drv->recv(dev, evt);
146 }
147
148 return err;
149 }
150
151 /* Generic command complete with success status. */
generic_success(struct net_buf * buf,struct net_buf ** evt,uint8_t len,uint16_t opcode)152 static void generic_success(struct net_buf *buf, struct net_buf **evt, uint8_t len, uint16_t opcode)
153 {
154 struct bt_hci_evt_cc_status *ccst;
155
156 ccst = cmd_complete(evt, len, opcode);
157
158 /* Fill any event parameters with zero */
159 (void)memset(ccst, 0, len);
160
161 ccst->status = BT_HCI_ERR_SUCCESS;
162 }
163
164 /* Bogus handler for BT_HCI_OP_READ_LOCAL_FEATURES. */
read_local_features(struct net_buf * buf,struct net_buf ** evt,uint8_t len,uint16_t opcode)165 static void read_local_features(struct net_buf *buf, struct net_buf **evt, uint8_t len,
166 uint16_t opcode)
167 {
168 struct bt_hci_rp_read_local_features *rp;
169
170 rp = cmd_complete(evt, sizeof(*rp), opcode);
171 rp->status = 0x00;
172 (void)memset(rp->features, 0xFF, sizeof(rp->features));
173 }
174
175 /* Bogus handler for BT_HCI_OP_READ_SUPPORTED_COMMANDS. */
read_supported_commands(struct net_buf * buf,struct net_buf ** evt,uint8_t len,uint16_t opcode)176 static void read_supported_commands(struct net_buf *buf, struct net_buf **evt, uint8_t len,
177 uint16_t opcode)
178 {
179 struct bt_hci_rp_read_supported_commands *rp;
180
181 rp = cmd_complete(evt, sizeof(*rp), opcode);
182 (void)memset(rp->commands, 0xFF, sizeof(rp->commands));
183 rp->status = 0x00;
184 }
185
186 /* Bogus handler for BT_HCI_OP_LE_READ_LOCAL_FEATURES. */
le_read_local_features(struct net_buf * buf,struct net_buf ** evt,uint8_t len,uint16_t opcode)187 static void le_read_local_features(struct net_buf *buf, struct net_buf **evt, uint8_t len,
188 uint16_t opcode)
189 {
190 struct bt_hci_rp_le_read_local_features *rp;
191
192 rp = cmd_complete(evt, sizeof(*rp), opcode);
193 rp->status = 0x00;
194 (void)memset(rp->features, 0xFF, sizeof(rp->features));
195 }
196
197 /* Bogus handler for BT_HCI_OP_LE_READ_SUPP_STATES. */
le_read_supp_states(struct net_buf * buf,struct net_buf ** evt,uint8_t len,uint16_t opcode)198 static void le_read_supp_states(struct net_buf *buf, struct net_buf **evt, uint8_t len,
199 uint16_t opcode)
200 {
201 struct bt_hci_rp_le_read_supp_states *rp;
202
203 rp = cmd_complete(evt, sizeof(*rp), opcode);
204 rp->status = 0x00;
205 (void)memset(&rp->le_states, 0xFF, sizeof(rp->le_states));
206 }
207
208
209 /* Setup handlers needed for bt_enable to function. */
210 static const struct cmd_handler cmds[] = {
211 { BT_HCI_OP_READ_LOCAL_VERSION_INFO, sizeof(struct bt_hci_rp_read_local_version_info),
212 generic_success },
213 { BT_HCI_OP_READ_SUPPORTED_COMMANDS, sizeof(struct bt_hci_rp_read_supported_commands),
214 read_supported_commands },
215 { BT_HCI_OP_READ_LOCAL_FEATURES, sizeof(struct bt_hci_rp_read_local_features),
216 read_local_features },
217 { BT_HCI_OP_READ_BD_ADDR, sizeof(struct bt_hci_rp_read_bd_addr), generic_success },
218 { BT_HCI_OP_SET_EVENT_MASK, sizeof(struct bt_hci_evt_cc_status), generic_success },
219 { BT_HCI_OP_LE_SET_EVENT_MASK, sizeof(struct bt_hci_evt_cc_status), generic_success },
220 { BT_HCI_OP_LE_READ_LOCAL_FEATURES, sizeof(struct bt_hci_rp_le_read_local_features),
221 le_read_local_features },
222 { BT_HCI_OP_LE_READ_SUPP_STATES, sizeof(struct bt_hci_rp_le_read_supp_states),
223 le_read_supp_states },
224 { BT_HCI_OP_LE_RAND, sizeof(struct bt_hci_rp_le_rand), generic_success },
225 { BT_HCI_OP_LE_SET_RANDOM_ADDRESS, sizeof(struct bt_hci_cp_le_set_random_address),
226 generic_success },
227 { BT_HCI_OP_LE_SET_EXT_SCAN_PARAM, 0, generic_success },
228 { BT_HCI_OP_LE_SET_EXT_SCAN_ENABLE, 0, generic_success },
229 { BT_HCI_OP_RESET, 0, generic_success },
230 };
231
232 /* HCI driver open. */
driver_open(const struct device * dev,bt_hci_recv_t recv)233 static int driver_open(const struct device *dev, bt_hci_recv_t recv)
234 {
235 struct driver_data *drv = dev->data;
236
237 drv->recv = recv;
238
239 return 0;
240 }
241
242 /* HCI driver send. */
driver_send(const struct device * dev,struct net_buf * buf)243 static int driver_send(const struct device *dev, struct net_buf *buf)
244 {
245 zassert_true(cmd_handle(dev, buf, cmds, ARRAY_SIZE(cmds)) == 0, "Unknown HCI command");
246
247 net_buf_unref(buf);
248
249 return 0;
250 }
251
252 static DEVICE_API(bt_hci, driver_api) = {
253 .open = driver_open,
254 .send = driver_send,
255 };
256
257 #define TEST_DEVICE_INIT(inst) \
258 static struct driver_data driver_data_##inst = { \
259 }; \
260 DEVICE_DT_INST_DEFINE(inst, NULL, NULL, &driver_data_##inst, NULL, \
261 POST_KERNEL, CONFIG_KERNEL_INIT_PRIORITY_DEVICE, &driver_api)
262
263 DT_INST_FOREACH_STATUS_OKAY(TEST_DEVICE_INIT)
264
265
266 struct bt_recv_job_data {
267 struct k_work work; /* Work item */
268 struct k_sem *sync; /* Semaphore to synchronize with */
269 struct net_buf *buf; /* Net buffer to be passed to bt_recv() */
270 } job_data[CONFIG_BT_BUF_EVT_RX_COUNT];
271
272 #define job(buf) (&job_data[net_buf_id(buf)])
273
274 /* Work item handler for bt_recv() jobs. */
bt_recv_job_cb(struct k_work * item)275 static void bt_recv_job_cb(struct k_work *item)
276 {
277 const struct device *dev = DEVICE_DT_GET(DT_DRV_INST(0));
278 struct driver_data *drv = dev->data;
279 struct bt_recv_job_data *data = CONTAINER_OF(item, struct bt_recv_job_data, work);
280
281 /* Send net buffer to host */
282 drv->recv(dev, data->buf);
283
284 /* Wake up bt_recv_job_submit */
285 k_sem_give(job(data->buf)->sync);
286 }
287
288 /* Prepare a job to call bt_recv() to be submitted to the system workqueue. */
bt_recv_job_submit(struct net_buf * buf)289 static void bt_recv_job_submit(struct net_buf *buf)
290 {
291 struct k_sem sync_sem;
292
293 /* Store the net buffer to be passed to bt_recv */
294 job(buf)->buf = buf;
295
296 /* Initialize job work item/semaphore */
297 k_work_init(&job(buf)->work, bt_recv_job_cb);
298 k_sem_init(&sync_sem, 0, 1);
299 job(buf)->sync = &sync_sem;
300
301 /* Make sure the buffer stays around until the command completes */
302 buf = net_buf_ref(buf);
303
304 /* Submit the work item */
305 k_work_submit(&job(buf)->work);
306
307 /* Wait for bt_recv_job_cb to be done */
308 k_sem_take(&sync_sem, K_FOREVER);
309
310 net_buf_unref(buf);
311 }
312
313 /* Semaphore to test if the prop callback was called. */
314 static K_SEM_DEFINE(prop_cb_sem, 0, 1);
315
adv_report_evt(struct net_buf * buf,uint8_t data_len,uint16_t evt_type,const bt_addr_le_t * const addr)316 static void *adv_report_evt(struct net_buf *buf, uint8_t data_len, uint16_t evt_type,
317 const bt_addr_le_t *const addr)
318 {
319 struct bt_hci_evt_le_meta_event *meta_evt;
320 struct bt_hci_evt_le_ext_advertising_info *evt;
321
322 evt_create(buf, BT_HCI_EVT_LE_META_EVENT, sizeof(*meta_evt) + sizeof(*evt) + data_len + 1);
323 meta_evt = net_buf_add(buf, sizeof(*meta_evt));
324 le_meta_evt_create(meta_evt, BT_HCI_EVT_LE_EXT_ADVERTISING_REPORT);
325 net_buf_add_u8(buf, 1); /* Number of reports */
326 evt = net_buf_add(buf, sizeof(*evt));
327 adv_info_create(evt, evt_type, addr, data_len);
328
329 return net_buf_add(buf, data_len);
330 }
331
332 /* Send a prop event report wit the given data. */
send_adv_report(const struct test_adv_report * report)333 static void send_adv_report(const struct test_adv_report *report)
334 {
335 LOG_DBG("Sending adv report");
336 struct net_buf *buf;
337 uint8_t *adv_data;
338
339 buf = bt_buf_get_rx(BT_BUF_EVT, K_FOREVER);
340 adv_data = adv_report_evt(buf, report->length, report->evt_prop, &report->addr);
341 memcpy(adv_data, &report->data, report->length);
342
343 /* Submit job */
344 bt_recv_job_submit(buf);
345 }
346
347 FAKE_VALUE_FUNC(struct test_adv_report, get_expected_report);
348
scan_recv_cb(const struct bt_le_scan_recv_info * info,struct net_buf_simple * buf)349 static void scan_recv_cb(const struct bt_le_scan_recv_info *info, struct net_buf_simple *buf)
350 {
351 ARG_UNUSED(info);
352
353 LOG_DBG("Received event with length %u", buf->len);
354
355 const struct test_adv_report expected = get_expected_report();
356
357 zassert_equal(buf->len, expected.length, "Lengths should be equal");
358 zassert_mem_equal(buf->data, expected.data, buf->len, "Data should be equal");
359 }
360
scan_timeout_cb(void)361 static void scan_timeout_cb(void)
362 {
363 zassert_unreachable("Timeout should not happen");
364 }
365
generate_sequence(uint8_t * dest,uint16_t len,uint8_t range_start,uint8_t range_end)366 static void generate_sequence(uint8_t *dest, uint16_t len, uint8_t range_start, uint8_t range_end)
367 {
368 uint16_t written = 0;
369 uint8_t value = range_start;
370
371 while (written < len) {
372 *dest++ = value++;
373 written++;
374 if (value > range_end) {
375 value = range_start;
376 }
377 }
378 }
379
380 ZTEST_SUITE(long_adv_rx_tests, NULL, NULL, NULL, NULL, NULL);
381
ZTEST(long_adv_rx_tests,test_host_long_adv_recv)382 ZTEST(long_adv_rx_tests, test_host_long_adv_recv)
383 {
384 struct test_adv_report expected_reports[2];
385
386 /* Go! Wait until Bluetooth initialization is done */
387 zassert_true((bt_enable(NULL) == 0), "bt_enable failed");
388
389 static struct bt_le_scan_cb scan_callbacks = { .recv = scan_recv_cb,
390 .timeout = scan_timeout_cb };
391 bt_le_scan_cb_register(&scan_callbacks);
392 zassert_true((bt_le_scan_start(BT_LE_SCAN_PASSIVE, NULL) == 0), "bt_le_scan_start failed");
393
394 bt_addr_le_t addr_a;
395 bt_addr_le_t addr_b;
396 bt_addr_le_t addr_c;
397 bt_addr_le_t addr_d;
398
399 bt_addr_le_create_static(&addr_a);
400 bt_addr_le_create_static(&addr_b);
401 bt_addr_le_create_static(&addr_c);
402 bt_addr_le_create_static(&addr_d);
403
404 struct test_adv_report report_a_1 = { .length = 30, .evt_prop = MORE_TO_COME };
405 struct test_adv_report report_a_2 = { .length = 30, .evt_prop = COMPLETE };
406
407 bt_addr_le_copy(&report_a_1.addr, &addr_a);
408 bt_addr_le_copy(&report_a_2.addr, &addr_a);
409
410 struct test_adv_report report_b_1 = { .length = 30, .evt_prop = MORE_TO_COME };
411 struct test_adv_report report_b_2 = { .length = 30, .evt_prop = COMPLETE };
412
413 bt_addr_le_copy(&report_b_1.addr, &addr_b);
414 bt_addr_le_copy(&report_b_2.addr, &addr_b);
415
416 struct test_adv_report report_c = { .length = 30,
417 .evt_prop = COMPLETE | BT_HCI_LE_ADV_EVT_TYPE_LEGACY };
418
419 bt_addr_le_copy(&report_c.addr, &addr_c);
420
421 struct test_adv_report report_d = { .length = 30, .evt_prop = TRUNCATED };
422
423 bt_addr_le_copy(&report_c.addr, &addr_c);
424
425 struct test_adv_report report_a_combined = { .length = report_a_1.length +
426 report_a_2.length };
427
428 struct test_adv_report report_a_1_repeated = { .length = CONFIG_BT_EXT_SCAN_BUF_SIZE };
429
430 struct test_adv_report report_b_combined = { .length = report_b_1.length +
431 report_b_2.length };
432
433 generate_sequence(report_a_combined.data, report_a_combined.length, 'A', 'Z');
434 generate_sequence(report_b_combined.data, report_b_combined.length, 'a', 'z');
435 generate_sequence(report_c.data, report_c.length, '0', '9');
436
437 (void)memcpy(report_a_1.data, report_a_combined.data, report_a_1.length);
438 (void)memcpy(report_a_2.data, &report_a_combined.data[report_a_1.length],
439 report_a_2.length);
440
441 for (int i = 0; i < report_a_1_repeated.length; i += report_a_1.length) {
442 memcpy(&report_a_1_repeated.data[i], report_a_1.data,
443 MIN(report_a_1.length, (report_a_1_repeated.length - i)));
444 }
445
446 (void)memcpy(report_b_1.data, report_b_combined.data, report_b_1.length);
447 (void)memcpy(report_b_2.data, &report_b_combined.data[report_b_1.length],
448 report_b_2.length);
449
450 /* Check that non-interleaved fragmented adv reports work */
451 expected_reports[0] = report_a_combined;
452 expected_reports[1] = report_b_combined;
453 SET_RETURN_SEQ(get_expected_report, expected_reports, 2);
454 send_adv_report(&report_a_1);
455 send_adv_report(&report_a_2);
456 send_adv_report(&report_b_1);
457 send_adv_report(&report_b_2);
458 zassert_equal(2, get_expected_report_fake.call_count);
459 RESET_FAKE(get_expected_report);
460 FFF_RESET_HISTORY();
461
462 /* Check that legacy adv reports interleaved with fragmented adv reports work */
463 expected_reports[0] = report_c;
464 expected_reports[1] = report_a_combined;
465 SET_RETURN_SEQ(get_expected_report, expected_reports, 2);
466 send_adv_report(&report_a_1);
467 send_adv_report(&report_c); /* Interleaved legacy adv report */
468 send_adv_report(&report_a_2);
469 zassert_equal(2, get_expected_report_fake.call_count);
470 RESET_FAKE(get_expected_report);
471 FFF_RESET_HISTORY();
472
473 /* Check that complete adv reports interleaved with fragmented adv reports work */
474 expected_reports[0] = report_b_2;
475 expected_reports[1] = report_a_combined;
476 SET_RETURN_SEQ(get_expected_report, expected_reports, 2);
477 send_adv_report(&report_a_1);
478 send_adv_report(&report_b_2); /* Interleaved short extended adv report */
479 send_adv_report(&report_a_2);
480 zassert_equal(2, get_expected_report_fake.call_count);
481 RESET_FAKE(get_expected_report);
482 FFF_RESET_HISTORY();
483
484 /* Check that fragmented adv reports from one peer are received,
485 * and that interleaved fragmented adv reports from other peers are discarded
486 */
487 expected_reports[0] = report_a_combined;
488 expected_reports[1] = report_b_2;
489 SET_RETURN_SEQ(get_expected_report, expected_reports, 2);
490 send_adv_report(&report_a_1);
491 send_adv_report(&report_b_1); /* Interleaved fragmented adv report, NOT SUPPORTED */
492 send_adv_report(&report_a_2);
493 send_adv_report(&report_b_2);
494 zassert_equal(2, get_expected_report_fake.call_count);
495 RESET_FAKE(get_expected_report);
496 FFF_RESET_HISTORY();
497
498 /* Check that host discards the data if the controller keeps sending
499 * incomplete packets.
500 */
501 expected_reports[0] = report_b_combined;
502 SET_RETURN_SEQ(get_expected_report, expected_reports, 1);
503 for (int i = 0; i < (2 + (CONFIG_BT_EXT_SCAN_BUF_SIZE / report_a_1.length)); i++) {
504 send_adv_report(&report_a_1);
505 }
506 send_adv_report(&report_a_2);
507
508 /* Check that controller truncated reports do not generate events */
509 send_adv_report(&report_d);
510
511 /* Check that reports from a different advertiser works after truncation */
512 send_adv_report(&report_b_1);
513 send_adv_report(&report_b_2);
514 zassert_equal(1, get_expected_report_fake.call_count);
515 }
516
