Commit 350c569a authored by Vinayak Kariappa Chettimada's avatar Vinayak Kariappa Chettimada Committed by Carles Cufi
Browse files

Bluetooth: controller: Avoid offseting to lldata 



Avoid offseting to lldata when populating event structure
members.

Signed-off-by: default avatarVinayak Kariappa Chettimada <vich@nordicsemi.no>
parent 861bae22

subsys/bluetooth/controller/hci/hci.c

+10 −13
Original line number Diff line number Diff line
@@ -76,8 +76,8 @@ static u64_t event_mask_page_2 = DEFAULT_EVENT_MASK_PAGE_2; 
static u64_t le_event_mask = DEFAULT_LE_EVENT_MASK;



#if defined(CONFIG_BT_CONN)

static void le_conn_complete(u8_t status, struct radio_le_conn_cmplt *radio_cc,

			     u16_t handle, struct net_buf *buf);

static void le_conn_complete(struct pdu_data *pdu_data, u16_t handle,

			     struct net_buf *buf);

#endif /* CONFIG_BT_CONN */



static void evt_create(struct net_buf *buf, u8_t evt, u8_t len)
@@ -2405,10 +2405,12 @@ static void le_scan_req_received(struct pdu_data *pdu_data, u8_t *b, 
#endif /* CONFIG_BT_CTLR_SCAN_REQ_NOTIFY */



#if defined(CONFIG_BT_CONN)

static void le_conn_complete(u8_t status, struct radio_le_conn_cmplt *radio_cc,

			     u16_t handle, struct net_buf *buf)

static void le_conn_complete(struct pdu_data *pdu_data, u16_t handle,

			     struct net_buf *buf)

{

	struct radio_le_conn_cmplt *radio_cc = (void *)pdu_data;

	struct bt_hci_evt_le_conn_complete *lecc;

	u8_t status = radio_cc->status;



#if defined(CONFIG_BT_CTLR_PRIVACY)

	if (!status) {
@@ -2533,7 +2535,7 @@ static void le_conn_update_complete(struct pdu_data *pdu_data, u16_t handle, 
		return;

	}



	radio_cu = (void *)pdu_data->lldata;

	radio_cu = (void *)pdu_data;



	sep = meta_evt(buf, BT_HCI_EVT_LE_CONN_UPDATE_COMPLETE, sizeof(*sep));
@@ -2591,7 +2593,7 @@ static void le_chan_sel_algo(struct pdu_data *pdu_data, u16_t handle, 
		return;

	}



	radio_le_chan_sel_algo = (void *)pdu_data->lldata;

	radio_le_chan_sel_algo = (void *)pdu_data;



	sep = meta_evt(buf, BT_HCI_EVT_LE_CHAN_SEL_ALGO, sizeof(*sep));
@@ -2607,7 +2609,7 @@ static void le_phy_upd_complete(struct pdu_data *pdu_data, u16_t handle, 
	struct bt_hci_evt_le_phy_update_complete *sep;

	struct radio_le_phy_upd_cmplt *radio_le_phy_upd_cmplt;



	radio_le_phy_upd_cmplt = (void *)pdu_data->lldata;

	radio_le_phy_upd_cmplt = (void *)pdu_data;



	if (!(event_mask & BT_EVT_MASK_LE_META_EVENT) ||

	    !(le_event_mask & BT_EVT_MASK_LE_PHY_UPDATE_COMPLETE)) {
@@ -2659,12 +2661,7 @@ static void encode_control(struct radio_pdu_node_rx *node_rx, 


#if defined(CONFIG_BT_CONN)

	case NODE_RX_TYPE_CONNECTION:

		{

			struct radio_le_conn_cmplt *cc;



			cc = (void *)pdu_data->lldata;

			le_conn_complete(cc->status, cc, handle, buf);

		}

		le_conn_complete(pdu_data, handle, buf);

		break;



	case NODE_RX_TYPE_TERMINATE:

subsys/bluetooth/controller/ll_sw/ctrl.c

+22 −42
Original line number Diff line number Diff line
@@ -961,7 +961,6 @@ static inline u32_t isr_rx_adv(u8_t devmatch_ok, u8_t devmatch_id, 
		   ((_radio.fc_ena == 0) || (_radio.fc_req == _radio.fc_ack)) &&

		   (_radio.advertiser.conn)) {

		struct radio_le_conn_cmplt *radio_le_conn_cmplt;

		struct pdu_data *pdu_data;

		struct connection *conn;

		u32_t ticks_slot_offset;

		u32_t conn_interval_us;
@@ -1033,8 +1032,7 @@ static inline u32_t isr_rx_adv(u8_t devmatch_ok, u8_t devmatch_id, 
		node_rx->hdr.type = NODE_RX_TYPE_CONNECTION;



		/* prepare connection complete structure */

		pdu_data = (void *)node_rx->pdu_data;

		radio_le_conn_cmplt = (void *)pdu_data->lldata;

		radio_le_conn_cmplt = (void *)node_rx->pdu_data;

		radio_le_conn_cmplt->status = 0x00;

		radio_le_conn_cmplt->role = 0x01;

#if defined(CONFIG_BT_CTLR_PRIVACY)
@@ -1090,8 +1088,7 @@ static inline u32_t isr_rx_adv(u8_t devmatch_ok, u8_t devmatch_id, 
			node_rx->hdr.handle = conn->handle;

			node_rx->hdr.type = NODE_RX_TYPE_CHAN_SEL_ALGO;



			pdu_data = (void *)node_rx->pdu_data;

			le_chan_sel_algo = (void *)pdu_data->lldata;

			le_chan_sel_algo = (void *)node_rx->pdu_data;



			if (pdu_adv->chan_sel) {

				u16_t aa_ls =
@@ -1353,7 +1350,6 @@ static inline u32_t isr_rx_scan(u8_t devmatch_ok, u8_t devmatch_id, 
		struct radio_le_conn_cmplt *radio_le_conn_cmplt;

		struct radio_pdu_node_rx *node_rx;

		struct pdu_adv *pdu_adv_tx;

		struct pdu_data *pdu_data;

		struct connection *conn;

		u32_t ticks_slot_offset;

		u32_t conn_interval_us;
@@ -1498,8 +1494,7 @@ static inline u32_t isr_rx_scan(u8_t devmatch_ok, u8_t devmatch_id, 
		node_rx->hdr.type = NODE_RX_TYPE_CONNECTION;



		/* prepare connection complete structure */

		pdu_data = (void *)node_rx->pdu_data;

		radio_le_conn_cmplt = (void *)pdu_data->lldata;

		radio_le_conn_cmplt = (void *)node_rx->pdu_data;

		radio_le_conn_cmplt->status = 0x00;

		radio_le_conn_cmplt->role = 0x00;

#if defined(CONFIG_BT_CTLR_PRIVACY)
@@ -1555,8 +1550,7 @@ static inline u32_t isr_rx_scan(u8_t devmatch_ok, u8_t devmatch_id, 
			node_rx->hdr.handle = conn->handle;

			node_rx->hdr.type = NODE_RX_TYPE_CHAN_SEL_ALGO;



			pdu_data = (void *)node_rx->pdu_data;

			le_chan_sel_algo = (void *)pdu_data->lldata;

			le_chan_sel_algo = (void *)node_rx->pdu_data;



			if (pdu_adv_rx->chan_sel) {

				u16_t aa_ls =
@@ -1989,8 +1983,7 @@ isr_rx_conn_pkt_ctrl_rej_conn_upd(struct radio_pdu_node_rx *node_rx, 
	node_rx->hdr.type = NODE_RX_TYPE_CONN_UPDATE;



	/* prepare connection update complete structure */

	pdu_data_rx = (void *)node_rx->pdu_data;

	cp = (void *)pdu_data_rx->lldata;

	cp = (void *)pdu_data_rx;

	cp->status = rej_ext_ind->error_code;

	cp->interval = conn->conn_interval;

	cp->latency = conn->latency;
@@ -2082,7 +2075,7 @@ isr_rx_conn_pkt_ctrl_rej_phy_upd(struct radio_pdu_node_rx *node_rx, 
		/* generate phy update complete event with error code */

		node_rx->hdr.type = NODE_RX_TYPE_PHY_UPDATE;



		p = (void *)pdu_data_rx->lldata;

		p = (void *)pdu_data_rx;

		p->status = rej_ext_ind->error_code;

		p->tx = _radio.conn_curr->phy_tx;

		p->rx = _radio.conn_curr->phy_rx;
@@ -3036,8 +3029,7 @@ isr_rx_conn_pkt_ctrl(struct radio_pdu_node_rx *node_rx, u8_t *rx_enqueue) 
			node_rx->hdr.type = NODE_RX_TYPE_CONN_UPDATE;



			/* prepare connection update complete structure */

			pdu_data_rx = (void *)node_rx->pdu_data;

			cp = (void *)pdu_data_rx->lldata;

			cp = (void *)pdu_data_rx;

			cp->status = BT_HCI_ERR_UNSUPP_REMOTE_FEATURE;

			cp->interval = conn->conn_interval;

			cp->latency = conn->latency;
@@ -3079,7 +3071,7 @@ isr_rx_conn_pkt_ctrl(struct radio_pdu_node_rx *node_rx, u8_t *rx_enqueue) 
				/* generate phy update complete event */

				node_rx->hdr.type = NODE_RX_TYPE_PHY_UPDATE;



				p = (void *)pdu_data_rx->lldata;

				p = (void *)pdu_data_rx;

				p->status = 0;

				p->tx = _radio.conn_curr->phy_tx;

				p->rx = _radio.conn_curr->phy_rx;
@@ -6201,7 +6193,6 @@ static void mayfly_adv_stop(void *param) 
{

	struct radio_le_conn_cmplt *radio_le_conn_cmplt;

	struct radio_pdu_node_rx *node_rx;

	struct pdu_data *pdu_data_rx;



	/* Prepare the rx packet structure */

	node_rx = packet_rx_reserve_get(1);
@@ -6212,8 +6203,7 @@ static void mayfly_adv_stop(void *param) 
	node_rx->hdr.type = NODE_RX_TYPE_CONNECTION;



	/* prepare connection complete structure */

	pdu_data_rx = (void *)node_rx->pdu_data;

	radio_le_conn_cmplt = (void *)pdu_data_rx->lldata;

	radio_le_conn_cmplt = (void *)node_rx->pdu_data;

	(void)memset(radio_le_conn_cmplt, 0x00,

		     sizeof(struct radio_le_conn_cmplt));

	radio_le_conn_cmplt->status = BT_HCI_ERR_ADV_TIMEOUT;
@@ -6711,18 +6701,17 @@ static inline u32_t event_conn_upd_prep(struct connection *conn, 
		ctrl_tx_enqueue(conn, node_tx);



	} else if (instant_latency <= 0x7FFF) {

		struct radio_pdu_node_rx *node_rx;

		struct pdu_data *pdu_data_rx;

		struct radio_le_conn_update_cmplt *radio_le_conn_update_cmplt;

		u32_t ticker_status;

		u32_t conn_interval_us;

		u32_t periodic_us;

		u32_t ticks_win_offset;

		u32_t ticks_slot_offset;

		struct radio_pdu_node_rx *node_rx;

		u32_t mayfly_was_enabled;

		u16_t conn_interval_old;

		u16_t conn_interval_new;

		u32_t ticks_slot_offset;

		u32_t ticks_win_offset;

		u32_t conn_interval_us;

		u32_t ticker_status;

		u32_t periodic_us;

		u16_t latency;

		u32_t mayfly_was_enabled;



		/* procedure request acked */

		conn->llcp_ack = conn->llcp_req;
@@ -6762,11 +6751,8 @@ static inline u32_t event_conn_upd_prep(struct connection *conn, 
			node_rx->hdr.type = NODE_RX_TYPE_CONN_UPDATE;



			/* prepare connection update complete structure */

			pdu_data_rx = (void *)node_rx->pdu_data;

			radio_le_conn_update_cmplt = (void *)

				pdu_data_rx->lldata;

			radio_le_conn_update_cmplt->status =

				0x00;

			radio_le_conn_update_cmplt = (void *) node_rx->pdu_data;

			radio_le_conn_update_cmplt->status = 0x00;

			radio_le_conn_update_cmplt->interval =

				conn->llcp.conn_upd.interval;

			radio_le_conn_update_cmplt->latency =
@@ -7911,7 +7897,6 @@ static inline void event_phy_upd_ind_prep(struct connection *conn, 
				/* generate phy update event */

				if (conn->llcp.phy_upd_ind.cmd) {

					struct radio_pdu_node_rx *node_rx;

					struct pdu_data *pdu_data;



					node_rx = packet_rx_reserve_get(2);

					LL_ASSERT(node_rx);
@@ -7920,8 +7905,7 @@ static inline void event_phy_upd_ind_prep(struct connection *conn, 
					node_rx->hdr.type =

						NODE_RX_TYPE_PHY_UPDATE;



					pdu_data = (void *)&node_rx->pdu_data;

					upd = (void *)pdu_data->lldata;

					upd = (void *)&node_rx->pdu_data;

					upd->status = 0;

					upd->tx = conn->phy_tx;

					upd->rx = conn->phy_rx;
@@ -7954,7 +7938,6 @@ static inline void event_phy_upd_ind_prep(struct connection *conn, 
	} else if (((event_counter - conn->llcp.phy_upd_ind.instant) & 0xFFFF)

			    <= 0x7FFF) {

		struct radio_pdu_node_rx *node_rx;

		struct pdu_data *pdu_data;

		u8_t old_tx, old_rx;



		/* procedure request acked */
@@ -7983,8 +7966,7 @@ static inline void event_phy_upd_ind_prep(struct connection *conn, 
		node_rx->hdr.handle = conn->handle;

		node_rx->hdr.type = NODE_RX_TYPE_PHY_UPDATE;



		pdu_data = (void *)&node_rx->pdu_data;

		upd = (void *)pdu_data->lldata;

		upd = (void *)&node_rx->pdu_data;

		upd->status = 0;

		upd->tx = conn->phy_tx;

		upd->rx = conn->phy_rx;
@@ -9323,7 +9305,7 @@ static inline u8_t phy_upd_ind_recv(struct radio_pdu_node_rx *node_rx, 
		/* generate phy update complete event */

		node_rx->hdr.type = NODE_RX_TYPE_PHY_UPDATE;



		upd = (void *)pdu_data_rx->lldata;

		upd = (void *)pdu_data_rx;

		upd->status = 0;

		upd->tx = conn->phy_tx;

		upd->rx = conn->phy_rx;
@@ -11321,11 +11303,9 @@ void ll_rx_dequeue(void) 
	if (node_rx->hdr.type == NODE_RX_TYPE_CONNECTION) {

		struct radio_le_conn_cmplt *radio_le_conn_cmplt;

		struct connection *conn = NULL;

		struct pdu_data *pdu_data_rx;

		u8_t bm;



		pdu_data_rx = (void *)node_rx->pdu_data;

		radio_le_conn_cmplt = (void *)pdu_data_rx->lldata;

		radio_le_conn_cmplt = (void *)node_rx->pdu_data;

		if ((radio_le_conn_cmplt->status == BT_HCI_ERR_ADV_TIMEOUT) ||

		    radio_le_conn_cmplt->role) {

			if (radio_le_conn_cmplt->status ==

CRA Git | Maintained and supported by SUSTech CRA and CCSE