1 /* main.c - Host long advertising receive */
2
3 /*
4 * Copyright (c) 2021-2024 Nordic Semiconductor ASA
5 *
6 * SPDX-License-Identifier: Apache-2.0
7 */
8
9 #include <stddef.h>
10
11 #include <zephyr/bluetooth/hci_types.h>
12 #include <zephyr/fff.h>
13 #include <zephyr/kernel.h>
14 #include <zephyr/ztest.h>
15
16 #include <errno.h>
17 #include <zephyr/tc_util.h>
18
19 #include <zephyr/bluetooth/hci.h>
20 #include <zephyr/bluetooth/buf.h>
21 #include <zephyr/bluetooth/bluetooth.h>
22 #include <zephyr/drivers/bluetooth.h>
23 #include <zephyr/sys/byteorder.h>
24 #include <zephyr/ztest_assert.h>
25
26 #define DT_DRV_COMPAT zephyr_bt_hci_test
27
28 struct driver_data {
29 bt_hci_recv_t recv;
30 };
31
32 #define LOG_LEVEL CONFIG_BT_LOG_LEVEL
33 #include <zephyr/logging/log.h>
34 LOG_MODULE_REGISTER(host_test_app);
35
36 DEFINE_FFF_GLOBALS;
37
38 struct test_adv_report {
39 uint8_t data[CONFIG_BT_EXT_SCAN_BUF_SIZE];
40 uint8_t length;
41 uint16_t evt_prop;
42 bt_addr_le_t addr;
43 };
44
45 #define COMPLETE BT_HCI_LE_ADV_EVT_TYPE_DATA_STATUS_COMPLETE << 5
46 #define MORE_TO_COME BT_HCI_LE_ADV_EVT_TYPE_DATA_STATUS_PARTIAL << 5
47 #define TRUNCATED BT_HCI_LE_ADV_EVT_TYPE_DATA_STATUS_INCOMPLETE << 5
48
49 /* Command handler structure for cmd_handle(). */
50 struct cmd_handler {
51 uint16_t opcode; /* HCI command opcode */
52 uint8_t len; /* HCI command response length */
53 void (*handler)(struct net_buf *buf, struct net_buf **evt, uint8_t len, uint16_t opcode);
54 };
55
56 /* Add event to net_buf. */
evt_create(struct net_buf * buf,uint8_t evt,uint8_t len)57 static void evt_create(struct net_buf *buf, uint8_t evt, uint8_t len)
58 {
59 struct bt_hci_evt_hdr *hdr;
60
61 hdr = net_buf_add(buf, sizeof(*hdr));
62 hdr->evt = evt;
63 hdr->len = len;
64 }
65
le_meta_evt_create(struct bt_hci_evt_le_meta_event * evt,uint8_t subevent)66 static void le_meta_evt_create(struct bt_hci_evt_le_meta_event *evt, uint8_t subevent)
67 {
68 evt->subevent = subevent;
69 }
70
adv_info_create(struct bt_hci_evt_le_ext_advertising_info * evt,uint16_t evt_type,const bt_addr_le_t * const addr,uint8_t length)71 static void adv_info_create(struct bt_hci_evt_le_ext_advertising_info *evt, uint16_t evt_type,
72 const bt_addr_le_t *const addr, uint8_t length)
73 {
74 evt->evt_type = evt_type;
75 bt_addr_le_copy(&evt->addr, addr);
76 evt->prim_phy = 0;
77 evt->sec_phy = 0;
78 evt->sid = 0;
79 evt->tx_power = 0;
80 evt->rssi = 0;
81 evt->interval = 0;
82 bt_addr_le_copy(&evt->direct_addr, BT_ADDR_LE_NONE);
83 evt->length = length;
84 }
85
86 /* Create a command complete event. */
cmd_complete(struct net_buf ** buf,uint8_t plen,uint16_t opcode)87 static void *cmd_complete(struct net_buf **buf, uint8_t plen, uint16_t opcode)
88 {
89 struct bt_hci_evt_cmd_complete *cc;
90
91 *buf = bt_buf_get_evt(BT_HCI_EVT_CMD_COMPLETE, false, K_FOREVER);
92 evt_create(*buf, BT_HCI_EVT_CMD_COMPLETE, sizeof(*cc) + plen);
93 cc = net_buf_add(*buf, sizeof(*cc));
94 cc->ncmd = 1U;
95 cc->opcode = sys_cpu_to_le16(opcode);
96
97 return net_buf_add(*buf, plen);
98 }
99
100 /* Loop over handlers to try to handle the command given by opcode. */
cmd_handle_helper(uint16_t opcode,struct net_buf * cmd,struct net_buf ** evt,const struct cmd_handler * handlers,size_t num_handlers)101 static int cmd_handle_helper(uint16_t opcode, struct net_buf *cmd, struct net_buf **evt,
102 const struct cmd_handler *handlers, size_t num_handlers)
103 {
104 for (size_t i = 0; i < num_handlers; i++) {
105 const struct cmd_handler *handler = &handlers[i];
106
107 if (handler->opcode != opcode) {
108 continue;
109 }
110
111 if (handler->handler) {
112 handler->handler(cmd, evt, handler->len, opcode);
113
114 return 0;
115 }
116 }
117
118 zassert_unreachable("opcode %X failed", opcode);
119
120 return -EINVAL;
121 }
122
123 /* Lookup the command opcode and invoke handler. */
cmd_handle(const struct device * dev,struct net_buf * cmd,const struct cmd_handler * handlers,size_t num_handlers)124 static int cmd_handle(const struct device *dev, struct net_buf *cmd,
125 const struct cmd_handler *handlers, size_t num_handlers)
126 {
127 struct driver_data *drv = dev->data;
128 struct net_buf *evt = NULL;
129 struct bt_hci_evt_cc_status *ccst;
130 struct bt_hci_cmd_hdr *chdr;
131 uint16_t opcode;
132 int err;
133
134 chdr = net_buf_pull_mem(cmd, sizeof(*chdr));
135 opcode = sys_le16_to_cpu(chdr->opcode);
136
137 err = cmd_handle_helper(opcode, cmd, &evt, handlers, num_handlers);
138
139 if (err == -EINVAL) {
140 ccst = cmd_complete(&evt, sizeof(*ccst), opcode);
141 ccst->status = BT_HCI_ERR_UNKNOWN_CMD;
142 }
143
144 if (evt) {
145 drv->recv(dev, evt);
146 }
147
148 return err;
149 }
150
151 /* Generic command complete with success status. */
generic_success(struct net_buf * buf,struct net_buf ** evt,uint8_t len,uint16_t opcode)152 static void generic_success(struct net_buf *buf, struct net_buf **evt, uint8_t len, uint16_t opcode)
153 {
154 struct bt_hci_evt_cc_status *ccst;
155
156 ccst = cmd_complete(evt, len, opcode);
157
158 /* Fill any event parameters with zero */
159 (void)memset(ccst, 0, len);
160
161 ccst->status = BT_HCI_ERR_SUCCESS;
162 }
163
164 /* Bogus handler for BT_HCI_OP_READ_LOCAL_FEATURES. */
read_local_features(struct net_buf * buf,struct net_buf ** evt,uint8_t len,uint16_t opcode)165 static void read_local_features(struct net_buf *buf, struct net_buf **evt, uint8_t len,
166 uint16_t opcode)
167 {
168 struct bt_hci_rp_read_local_features *rp;
169
170 rp = cmd_complete(evt, sizeof(*rp), opcode);
171 rp->status = 0x00;
172 (void)memset(rp->features, 0xFF, sizeof(rp->features));
173 }
174
175 /* Bogus handler for BT_HCI_OP_READ_SUPPORTED_COMMANDS. */
read_supported_commands(struct net_buf * buf,struct net_buf ** evt,uint8_t len,uint16_t opcode)176 static void read_supported_commands(struct net_buf *buf, struct net_buf **evt, uint8_t len,
177 uint16_t opcode)
178 {
179 struct bt_hci_rp_read_supported_commands *rp;
180
181 rp = cmd_complete(evt, sizeof(*rp), opcode);
182 (void)memset(rp->commands, 0xFF, sizeof(rp->commands));
183 rp->status = 0x00;
184 }
185
186 /* Bogus handler for BT_HCI_OP_LE_READ_LOCAL_FEATURES. */
le_read_local_features(struct net_buf * buf,struct net_buf ** evt,uint8_t len,uint16_t opcode)187 static void le_read_local_features(struct net_buf *buf, struct net_buf **evt, uint8_t len,
188 uint16_t opcode)
189 {
190 struct bt_hci_rp_le_read_local_features *rp;
191
192 rp = cmd_complete(evt, sizeof(*rp), opcode);
193 rp->status = 0x00;
194 (void)memset(rp->features, 0xFF, sizeof(rp->features));
195 }
196
197 /* Bogus handler for BT_HCI_OP_LE_READ_SUPP_STATES. */
le_read_supp_states(struct net_buf * buf,struct net_buf ** evt,uint8_t len,uint16_t opcode)198 static void le_read_supp_states(struct net_buf *buf, struct net_buf **evt, uint8_t len,
199 uint16_t opcode)
200 {
201 struct bt_hci_rp_le_read_supp_states *rp;
202
203 rp = cmd_complete(evt, sizeof(*rp), opcode);
204 rp->status = 0x00;
205 (void)memset(&rp->le_states, 0xFF, sizeof(rp->le_states));
206 }
207
208
209 /* Setup handlers needed for bt_enable to function. */
210 static const struct cmd_handler cmds[] = {
211 { BT_HCI_OP_READ_LOCAL_VERSION_INFO, sizeof(struct bt_hci_rp_read_local_version_info),
212 generic_success },
213 { BT_HCI_OP_READ_SUPPORTED_COMMANDS, sizeof(struct bt_hci_rp_read_supported_commands),
214 read_supported_commands },
215 { BT_HCI_OP_READ_LOCAL_FEATURES, sizeof(struct bt_hci_rp_read_local_features),
216 read_local_features },
217 { BT_HCI_OP_READ_BD_ADDR, sizeof(struct bt_hci_rp_read_bd_addr), generic_success },
218 { BT_HCI_OP_SET_EVENT_MASK, sizeof(struct bt_hci_evt_cc_status), generic_success },
219 { BT_HCI_OP_LE_SET_EVENT_MASK, sizeof(struct bt_hci_evt_cc_status), generic_success },
220 { BT_HCI_OP_LE_READ_LOCAL_FEATURES, sizeof(struct bt_hci_rp_le_read_local_features),
221 le_read_local_features },
222 { BT_HCI_OP_LE_READ_SUPP_STATES, sizeof(struct bt_hci_rp_le_read_supp_states),
223 le_read_supp_states },
224 { BT_HCI_OP_LE_RAND, sizeof(struct bt_hci_rp_le_rand), generic_success },
225 { BT_HCI_OP_LE_SET_RANDOM_ADDRESS, sizeof(struct bt_hci_cp_le_set_random_address),
226 generic_success },
227 { BT_HCI_OP_LE_SET_EXT_SCAN_PARAM, 0, generic_success },
228 { BT_HCI_OP_LE_SET_EXT_SCAN_ENABLE, 0, generic_success },
229 { BT_HCI_OP_RESET, 0, generic_success },
230 };
231
232 /* HCI driver open. */
driver_open(const struct device * dev,bt_hci_recv_t recv)233 static int driver_open(const struct device *dev, bt_hci_recv_t recv)
234 {
235 struct driver_data *drv = dev->data;
236
237 drv->recv = recv;
238
239 return 0;
240 }
241
242 /* HCI driver send. */
driver_send(const struct device * dev,struct net_buf * buf)243 static int driver_send(const struct device *dev, struct net_buf *buf)
244 {
245 uint8_t type = net_buf_pull_u8(buf);
246
247 zassert_true(type == BT_HCI_H4_CMD, "Unexpected command buffer, got %u", type);
248
249 zassert_true(cmd_handle(dev, buf, cmds, ARRAY_SIZE(cmds)) == 0, "Unknown HCI command");
250
251 net_buf_unref(buf);
252
253 return 0;
254 }
255
256 static DEVICE_API(bt_hci, driver_api) = {
257 .open = driver_open,
258 .send = driver_send,
259 };
260
261 #define TEST_DEVICE_INIT(inst) \
262 static struct driver_data driver_data_##inst = { \
263 }; \
264 DEVICE_DT_INST_DEFINE(inst, NULL, NULL, &driver_data_##inst, NULL, \
265 POST_KERNEL, CONFIG_KERNEL_INIT_PRIORITY_DEVICE, &driver_api)
266
267 DT_INST_FOREACH_STATUS_OKAY(TEST_DEVICE_INIT)
268
269
270 struct bt_recv_job_data {
271 struct k_work work; /* Work item */
272 struct k_sem *sync; /* Semaphore to synchronize with */
273 struct net_buf *buf; /* Net buffer to be passed to bt_recv() */
274 } job_data[CONFIG_BT_BUF_EVT_RX_COUNT];
275
276 #define job(buf) (&job_data[net_buf_id(buf)])
277
278 /* Work item handler for bt_recv() jobs. */
bt_recv_job_cb(struct k_work * item)279 static void bt_recv_job_cb(struct k_work *item)
280 {
281 const struct device *dev = DEVICE_DT_GET(DT_DRV_INST(0));
282 struct driver_data *drv = dev->data;
283 struct bt_recv_job_data *data = CONTAINER_OF(item, struct bt_recv_job_data, work);
284
285 /* Send net buffer to host */
286 drv->recv(dev, data->buf);
287
288 /* Wake up bt_recv_job_submit */
289 k_sem_give(job(data->buf)->sync);
290 }
291
292 /* Prepare a job to call bt_recv() to be submitted to the system workqueue. */
bt_recv_job_submit(struct net_buf * buf)293 static void bt_recv_job_submit(struct net_buf *buf)
294 {
295 struct k_sem sync_sem;
296
297 /* Store the net buffer to be passed to bt_recv */
298 job(buf)->buf = buf;
299
300 /* Initialize job work item/semaphore */
301 k_work_init(&job(buf)->work, bt_recv_job_cb);
302 k_sem_init(&sync_sem, 0, 1);
303 job(buf)->sync = &sync_sem;
304
305 /* Make sure the buffer stays around until the command completes */
306 buf = net_buf_ref(buf);
307
308 /* Submit the work item */
309 k_work_submit(&job(buf)->work);
310
311 /* Wait for bt_recv_job_cb to be done */
312 k_sem_take(&sync_sem, K_FOREVER);
313
314 net_buf_unref(buf);
315 }
316
317 /* Semaphore to test if the prop callback was called. */
318 static K_SEM_DEFINE(prop_cb_sem, 0, 1);
319
adv_report_evt(struct net_buf * buf,uint8_t data_len,uint16_t evt_type,const bt_addr_le_t * const addr)320 static void *adv_report_evt(struct net_buf *buf, uint8_t data_len, uint16_t evt_type,
321 const bt_addr_le_t *const addr)
322 {
323 struct bt_hci_evt_le_meta_event *meta_evt;
324 struct bt_hci_evt_le_ext_advertising_info *evt;
325
326 evt_create(buf, BT_HCI_EVT_LE_META_EVENT, sizeof(*meta_evt) + sizeof(*evt) + data_len + 1);
327 meta_evt = net_buf_add(buf, sizeof(*meta_evt));
328 le_meta_evt_create(meta_evt, BT_HCI_EVT_LE_EXT_ADVERTISING_REPORT);
329 net_buf_add_u8(buf, 1); /* Number of reports */
330 evt = net_buf_add(buf, sizeof(*evt));
331 adv_info_create(evt, evt_type, addr, data_len);
332
333 return net_buf_add(buf, data_len);
334 }
335
336 /* Send a prop event report wit the given data. */
send_adv_report(const struct test_adv_report * report)337 static void send_adv_report(const struct test_adv_report *report)
338 {
339 LOG_DBG("Sending adv report");
340 struct net_buf *buf;
341 uint8_t *adv_data;
342
343 buf = bt_buf_get_rx(BT_BUF_EVT, K_FOREVER);
344 adv_data = adv_report_evt(buf, report->length, report->evt_prop, &report->addr);
345 memcpy(adv_data, &report->data, report->length);
346
347 /* Submit job */
348 bt_recv_job_submit(buf);
349 }
350
351 FAKE_VALUE_FUNC(struct test_adv_report, get_expected_report);
352
scan_recv_cb(const struct bt_le_scan_recv_info * info,struct net_buf_simple * buf)353 static void scan_recv_cb(const struct bt_le_scan_recv_info *info, struct net_buf_simple *buf)
354 {
355 ARG_UNUSED(info);
356
357 LOG_DBG("Received event with length %u", buf->len);
358
359 const struct test_adv_report expected = get_expected_report();
360
361 zassert_equal(buf->len, expected.length, "Lengths should be equal");
362 zassert_mem_equal(buf->data, expected.data, buf->len, "Data should be equal");
363 }
364
scan_timeout_cb(void)365 static void scan_timeout_cb(void)
366 {
367 zassert_unreachable("Timeout should not happen");
368 }
369
generate_sequence(uint8_t * dest,uint16_t len,uint8_t range_start,uint8_t range_end)370 static void generate_sequence(uint8_t *dest, uint16_t len, uint8_t range_start, uint8_t range_end)
371 {
372 uint16_t written = 0;
373 uint8_t value = range_start;
374
375 while (written < len) {
376 *dest++ = value++;
377 written++;
378 if (value > range_end) {
379 value = range_start;
380 }
381 }
382 }
383
384 ZTEST_SUITE(long_adv_rx_tests, NULL, NULL, NULL, NULL, NULL);
385
ZTEST(long_adv_rx_tests,test_host_long_adv_recv)386 ZTEST(long_adv_rx_tests, test_host_long_adv_recv)
387 {
388 struct test_adv_report expected_reports[2];
389
390 /* Go! Wait until Bluetooth initialization is done */
391 zassert_true((bt_enable(NULL) == 0), "bt_enable failed");
392
393 static struct bt_le_scan_cb scan_callbacks = { .recv = scan_recv_cb,
394 .timeout = scan_timeout_cb };
395 bt_le_scan_cb_register(&scan_callbacks);
396 zassert_true((bt_le_scan_start(BT_LE_SCAN_PASSIVE, NULL) == 0), "bt_le_scan_start failed");
397
398 bt_addr_le_t addr_a;
399 bt_addr_le_t addr_b;
400 bt_addr_le_t addr_c;
401 bt_addr_le_t addr_d;
402
403 bt_addr_le_create_static(&addr_a);
404 bt_addr_le_create_static(&addr_b);
405 bt_addr_le_create_static(&addr_c);
406 bt_addr_le_create_static(&addr_d);
407
408 struct test_adv_report report_a_1 = { .length = 30, .evt_prop = MORE_TO_COME };
409 struct test_adv_report report_a_2 = { .length = 30, .evt_prop = COMPLETE };
410
411 bt_addr_le_copy(&report_a_1.addr, &addr_a);
412 bt_addr_le_copy(&report_a_2.addr, &addr_a);
413
414 struct test_adv_report report_b_1 = { .length = 30, .evt_prop = MORE_TO_COME };
415 struct test_adv_report report_b_2 = { .length = 30, .evt_prop = COMPLETE };
416
417 bt_addr_le_copy(&report_b_1.addr, &addr_b);
418 bt_addr_le_copy(&report_b_2.addr, &addr_b);
419
420 struct test_adv_report report_c = { .length = 30,
421 .evt_prop = COMPLETE | BT_HCI_LE_ADV_EVT_TYPE_LEGACY };
422
423 bt_addr_le_copy(&report_c.addr, &addr_c);
424
425 struct test_adv_report report_d = { .length = 30, .evt_prop = TRUNCATED };
426
427 bt_addr_le_copy(&report_c.addr, &addr_c);
428
429 struct test_adv_report report_a_combined = { .length = report_a_1.length +
430 report_a_2.length };
431
432 struct test_adv_report report_a_1_repeated = { .length = CONFIG_BT_EXT_SCAN_BUF_SIZE };
433
434 struct test_adv_report report_b_combined = { .length = report_b_1.length +
435 report_b_2.length };
436
437 generate_sequence(report_a_combined.data, report_a_combined.length, 'A', 'Z');
438 generate_sequence(report_b_combined.data, report_b_combined.length, 'a', 'z');
439 generate_sequence(report_c.data, report_c.length, '0', '9');
440
441 (void)memcpy(report_a_1.data, report_a_combined.data, report_a_1.length);
442 (void)memcpy(report_a_2.data, &report_a_combined.data[report_a_1.length],
443 report_a_2.length);
444
445 for (int i = 0; i < report_a_1_repeated.length; i += report_a_1.length) {
446 memcpy(&report_a_1_repeated.data[i], report_a_1.data,
447 MIN(report_a_1.length, (report_a_1_repeated.length - i)));
448 }
449
450 (void)memcpy(report_b_1.data, report_b_combined.data, report_b_1.length);
451 (void)memcpy(report_b_2.data, &report_b_combined.data[report_b_1.length],
452 report_b_2.length);
453
454 /* Check that non-interleaved fragmented adv reports work */
455 expected_reports[0] = report_a_combined;
456 expected_reports[1] = report_b_combined;
457 SET_RETURN_SEQ(get_expected_report, expected_reports, 2);
458 send_adv_report(&report_a_1);
459 send_adv_report(&report_a_2);
460 send_adv_report(&report_b_1);
461 send_adv_report(&report_b_2);
462 zassert_equal(2, get_expected_report_fake.call_count);
463 RESET_FAKE(get_expected_report);
464 FFF_RESET_HISTORY();
465
466 /* Check that legacy adv reports interleaved with fragmented adv reports work */
467 expected_reports[0] = report_c;
468 expected_reports[1] = report_a_combined;
469 SET_RETURN_SEQ(get_expected_report, expected_reports, 2);
470 send_adv_report(&report_a_1);
471 send_adv_report(&report_c); /* Interleaved legacy adv report */
472 send_adv_report(&report_a_2);
473 zassert_equal(2, get_expected_report_fake.call_count);
474 RESET_FAKE(get_expected_report);
475 FFF_RESET_HISTORY();
476
477 /* Check that complete adv reports interleaved with fragmented adv reports work */
478 expected_reports[0] = report_b_2;
479 expected_reports[1] = report_a_combined;
480 SET_RETURN_SEQ(get_expected_report, expected_reports, 2);
481 send_adv_report(&report_a_1);
482 send_adv_report(&report_b_2); /* Interleaved short extended adv report */
483 send_adv_report(&report_a_2);
484 zassert_equal(2, get_expected_report_fake.call_count);
485 RESET_FAKE(get_expected_report);
486 FFF_RESET_HISTORY();
487
488 /* Check that fragmented adv reports from one peer are received,
489 * and that interleaved fragmented adv reports from other peers are discarded
490 */
491 expected_reports[0] = report_a_combined;
492 expected_reports[1] = report_b_2;
493 SET_RETURN_SEQ(get_expected_report, expected_reports, 2);
494 send_adv_report(&report_a_1);
495 send_adv_report(&report_b_1); /* Interleaved fragmented adv report, NOT SUPPORTED */
496 send_adv_report(&report_a_2);
497 send_adv_report(&report_b_2);
498 zassert_equal(2, get_expected_report_fake.call_count);
499 RESET_FAKE(get_expected_report);
500 FFF_RESET_HISTORY();
501
502 /* Check that host discards the data if the controller keeps sending
503 * incomplete packets.
504 */
505 expected_reports[0] = report_b_combined;
506 SET_RETURN_SEQ(get_expected_report, expected_reports, 1);
507 for (int i = 0; i < (2 + (CONFIG_BT_EXT_SCAN_BUF_SIZE / report_a_1.length)); i++) {
508 send_adv_report(&report_a_1);
509 }
510 send_adv_report(&report_a_2);
511
512 /* Check that controller truncated reports do not generate events */
513 send_adv_report(&report_d);
514
515 /* Check that reports from a different advertiser works after truncation */
516 send_adv_report(&report_b_1);
517 send_adv_report(&report_b_2);
518 zassert_equal(1, get_expected_report_fake.call_count);
519 }
520