Merge pull request #13662 from paul-szczepanek-arm/host-privacy-feature

Host privacy feature configuration

Author: pan-

connectivity/FEATURE_BLE/include/ble/gap/Types.h

@@ -455,8 +455,8 @@ struct scanning_filter_policy_t : SafeEnum<scanning_filter_policy_t, uint8_t> {
         NO_FILTER = 0x00,
 
         /**
-        * Accept only advertising packets from devices in the whitelist except
-        * directed advertising packets not addressed to this device.
+        * Accept only advertising packets from devices in the whitelist.
+        * Directed advertising packets not addressed to this device will be ignored.
         */
         FILTER_ADVERTISING = 0x01,
 

connectivity/FEATURE_BLE/mbed_lib.json

@@ -93,10 +93,25 @@
             "value": 15,
             "macro_name": "BLE_GAP_MAX_ADVERTISING_SETS"
         },
+        "ble-gap-host-based-private-address-resolution": {
+            "help": "Perform address resolution on the host, not the controller. Controller based privacy is preferred as it happens lower down the stack but this can be used in case controller based privacy is unavailable. If this is enabled the controller will not be used for privacy.",
+            "value": true,
+            "macro_name": "BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION"
+        },
         "ble-gap-max-advertising-reports-pending-address-resolution": {
             "help": "How many advertising reports can be pending while awaiting private address resolution. This is only used if host privacy is enabled and controller privacy is disabled. Must be non-zero",
             "value": 16,
             "macro_name": "BLE_GAP_MAX_ADVERTISING_REPORTS_PENDING_ADDRESS_RESOLUTION"
+        },
+        "ble-gap-host-privacy-resolved-cache-size": {
+            "help": "Used for host privacy. How many last resolved addresses to store to speed up resolution. This is especially valuable for resolving advertising which creates repeated queries for the same address.",
+            "value": 16,
+            "macro_name": "BLE_GAP_HOST_PRIVACY_RESOLVED_CACHE_SIZE"
+        }
+    },
+    "target_overrides": {
+        "MCU_NRF52840": {
+            "ble-gap-host-based-private-address-resolution": false
         }
     }
 }

connectivity/FEATURE_BLE/source/Gap.cpp

@@ -1,7 +1,7 @@
 /* mbed Microcontroller Library
  * Copyright (c) 2020 ARM Limited
  * SPDX-License-Identifier: Apache-2.0
- * 
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -506,4 +506,4 @@ ble::address_t Gap::getRandomStaticAddress()
     return impl->getRandomStaticAddress();
 }
 
-} // namespace ble
+} // namespace ble

connectivity/FEATURE_BLE/source/cordio/source/PalPrivateAddressControllerImpl.cpp

@@ -1,7 +1,7 @@
 /* mbed Microcontroller Library
  * Copyright (c) 2020 ARM Limited
  * SPDX-License-Identifier: Apache-2.0
- * 
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -193,6 +193,7 @@ bool PalPrivateAddressController::cordio_handler(const wsfMsgHdr_t *msg)
             return true;
         }
 
+#if BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
         case DM_PRIV_RESOLVED_ADDR_IND: {
             instance()._resolving_rpa = false;
 
@@ -203,6 +204,7 @@ bool PalPrivateAddressController::cordio_handler(const wsfMsgHdr_t *msg)
             handler->on_private_address_resolved(msg->status == HCI_SUCCESS);
             return true;
         }
+#endif // BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
 
         case DM_PRIV_ADD_DEV_TO_RES_LIST_IND: // Device added to resolving list
         case DM_PRIV_REM_DEV_FROM_RES_LIST_IND: // Device removed from resolving list

connectivity/FEATURE_BLE/source/generic/GapImpl.cpp

@@ -900,9 +900,11 @@ ble_error_t Gap::enablePrivacy(bool enable)
         _address_registry.stop_private_address_generation();
     }
 
+#if !BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
     if (_address_registry.is_controller_privacy_supported()) {
         update_ll_address_resolution_setting();
     }
+#endif // !BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
 
     return BLE_ERROR_NONE;
 }
@@ -914,9 +916,11 @@ ble_error_t Gap::setPeripheralPrivacyConfiguration(
 {
     _peripheral_privacy_configuration = *configuration;
 
+#if !BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
     if (_address_registry.is_controller_privacy_supported()) {
         update_ll_address_resolution_setting();
     }
+#endif // !BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
 
     return BLE_ERROR_NONE;
 }
@@ -938,9 +942,11 @@ ble_error_t Gap::setCentralPrivacyConfiguration(
 {
     _central_privacy_configuration = *configuration;
 
+#if !BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
     if (_address_registry.is_controller_privacy_supported()) {
         update_ll_address_resolution_setting();
     }
+#endif // !BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
 
     return BLE_ERROR_NONE;
 }
@@ -1428,7 +1434,7 @@ bool Gap::initialize_whitelist() const
     return true;
 }
 
-
+#if BLE_FEATURE_PRIVACY && !BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
 ble_error_t Gap::update_ll_address_resolution_setting()
 {
     // enable if privacy is enabled and resolution is requested in either central or peripheral mode
@@ -1450,6 +1456,7 @@ ble_error_t Gap::update_ll_address_resolution_setting()
 
     return _address_registry.enable_controller_address_resolution(enable);
 }
+#endif // BLE_FEATURE_PRIVACY && !BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
 
 uint8_t Gap::getMaxAdvertisingSetNumber()
 {
@@ -2219,12 +2226,11 @@ void Gap::signal_connection_complete(
     ConnectionCompleteEvent& event
 )
 {
-#if BLE_FEATURE_PRIVACY
+#if BLE_FEATURE_PRIVACY && BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
     bool address_resolved = false;
 
     /* if address resolution is not needed or already handled then the address is already resolved */
     if (!_privacy_enabled ||
-        _address_registry.is_controller_privacy_supported() ||
         event.getPeerAddressType() == peer_address_type_t::PUBLIC ||
         !is_random_private_resolvable_address(event.getPeerAddress())) {
         address_resolved = true;
@@ -2235,7 +2241,7 @@ void Gap::signal_connection_complete(
                 address_resolved = true;
             }
         }
-#endif
+#endif // BLE_ROLE_CENTRAL
 
 #if BLE_ROLE_PERIPHERAL
         if (event.getOwnRole() == connection_role_t::PERIPHERAL) {
@@ -2252,7 +2258,7 @@ void Gap::signal_connection_complete(
 
     /* first try to resolve synchronously in cache */
     if (!address_resolved) {
-        address_resolved = _address_registry.resolve_address_in_cache(
+        address_resolved = _address_registry.resolve_address_in_host_cache(
             event.getPeerAddress(),
             &peer_address_type,
             &peer_address
@@ -2277,7 +2283,7 @@ void Gap::signal_connection_complete(
         _event_handler->onConnectionComplete(event);
     } else {
         bool resolution_pending = false;
-        ble_error_t ret = _address_registry.queue_resolve_address(event.getPeerAddress());
+        ble_error_t ret = _address_registry.queue_resolve_address_on_host(event.getPeerAddress());
 
         if (ret == BLE_ERROR_NONE) {
             ConnectionCompleteEvent* event_copy = new(std::nothrow) ConnectionCompleteEvent(event);
@@ -2300,13 +2306,17 @@ void Gap::signal_connection_complete(
         }
     }
 #else
+#if BLE_FEATURE_PRIVACY
+    if (!apply_peripheral_privacy_connection_policy(event)) {
+        return;
+    }
+#endif // BLE_FEATURE_PRIVACY
     report_internal_connection_complete(event);
     _event_handler->onConnectionComplete(event);
-#endif // BLE_FEATURE_PRIVACY
+#endif // BLE_FEATURE_PRIVACY && BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
 }
 
 #if BLE_FEATURE_PRIVACY
-
 bool Gap::apply_peripheral_privacy_connection_policy(
     const ConnectionCompleteEvent &event
 )
@@ -2328,6 +2338,10 @@ bool Gap::apply_peripheral_privacy_connection_policy(
 
     switch (_peripheral_privacy_configuration.resolution_strategy) {
         case peripheral_privacy_configuration_t::REJECT_NON_RESOLVED_ADDRESS:
+            /* if there is no bond then allow unresolved addresses */
+            if (_address_registry.read_resolving_list_size() == 0) {
+                return true;
+            }
             _pal_gap.disconnect(
                 connection_handle,
                 local_disconnection_reason_t::AUTHENTICATION_FAILURE
@@ -2356,8 +2370,9 @@ bool Gap::apply_peripheral_privacy_connection_policy(
     return true;
 #endif
 }
+#endif // BLE_FEATURE_PRIVACY
 
-
+#if BLE_FEATURE_PRIVACY && BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
 void Gap::conclude_signal_connection_complete_after_address_resolution(
     ConnectionCompleteEvent &event,
     target_peer_address_type_t identity_address_type,
@@ -2383,21 +2398,20 @@ void Gap::conclude_signal_connection_complete_after_address_resolution(
     report_internal_connection_complete(event);
     _event_handler->onConnectionComplete(event);
 }
-#endif // BLE_FEATURE_PRIVACY
+#endif // BLE_FEATURE_PRIVACY && BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
 #endif // BLE_FEATURE_CONNECTABLE
 
 #if BLE_ROLE_OBSERVER
 void Gap::signal_advertising_report(
     AdvertisingReportEvent& event
 )
 {
-#if BLE_FEATURE_PRIVACY
+#if BLE_FEATURE_PRIVACY && BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
     bool address_resolved = false;
 
     /* if address resolution is not needed or already handled then the address is already resolved */
     if (!_privacy_enabled ||
         _central_privacy_configuration.resolution_strategy == central_privacy_configuration_t::DO_NOT_RESOLVE ||
-        _address_registry.is_controller_privacy_supported() ||
         event.getPeerAddressType() == peer_address_type_t::PUBLIC ||
         !is_random_private_resolvable_address(event.getPeerAddress())) {
         address_resolved = true;
@@ -2408,7 +2422,7 @@ void Gap::signal_advertising_report(
         const address_t *peer_address = nullptr;
         target_peer_address_type_t peer_address_type(target_peer_address_type_t::RANDOM);
 
-        address_resolved = _address_registry.resolve_address_in_cache(
+        address_resolved = _address_registry.resolve_address_in_host_cache(
             event.getPeerAddress(),
             &peer_address_type,
             &peer_address
@@ -2441,7 +2455,7 @@ void Gap::signal_advertising_report(
 
         /* if there is already an item with the same address pending don't kick off resolution*/
         if (!duplicate_pending_event) {
-            ret = _address_registry.queue_resolve_address(event.getPeerAddress());
+            ret = _address_registry.queue_resolve_address_on_host(event.getPeerAddress());
         }
 
         if (ret == BLE_ERROR_NONE) {
@@ -2455,14 +2469,21 @@ void Gap::signal_advertising_report(
         }
     }
 #else
+    /* filter out unresolved address if at least one bond exists */
+    if (_address_registry.read_resolving_list_size() > 0 &&
+        _central_privacy_configuration.resolution_strategy == central_privacy_configuration_t::RESOLVE_AND_FILTER &&
+        event.getPeerAddressType() != peer_address_type_t::PUBLIC &&
+        is_random_private_resolvable_address(event.getPeerAddress())) {
+        return;
+    }
     _event_handler->onAdvertisingReport(
         event
     );
-#endif // BLE_FEATURE_PRIVACY
+#endif // BLE_FEATURE_PRIVACY && BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
 }
 #endif //BLE_ROLE_OBSERVER
 
-#if BLE_FEATURE_PRIVACY
+#if BLE_FEATURE_PRIVACY && BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
 #if BLE_ROLE_OBSERVER
 void Gap::conclude_signal_advertising_report_after_address_resolution(
     AdvertisingReportEvent &event,
@@ -2472,21 +2493,21 @@ void Gap::conclude_signal_advertising_report_after_address_resolution(
 {
     /* fix the report with the new address if there's an identity found */
     if (identity_address) {
-        /* filter out resolved address based on policy */
-        if (_central_privacy_configuration.resolution_strategy ==
-            central_privacy_configuration_t::RESOLVE_AND_FILTER) {
-            return;
-        }
         event.setPeerAddress(*identity_address);
         event.setPeerAddressType(identity_address_type == target_peer_address_type_t::RANDOM ?
                                  peer_address_type_t::RANDOM_STATIC_IDENTITY
                                  : peer_address_type_t::PUBLIC_IDENTITY);
+    } else if (_central_privacy_configuration.resolution_strategy ==
+        central_privacy_configuration_t::RESOLVE_AND_FILTER &&
+        _address_registry.read_resolving_list_size() > 0) {
+        /* filter out unresolved address if at least one bond exists */
+        return;
     }
 
     _event_handler->onAdvertisingReport(event);
 }
 #endif // BLE_ROLE_OBSERVER
-#endif // BLE_FEATURE_PRIVACY
+#endif // BLE_FEATURE_PRIVACY && BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
 
 void Gap::on_periodic_advertising_sync_established(
     hci_error_code_t error,
@@ -3047,15 +3068,15 @@ void Gap::on_private_address_generated(bool connectable)
     }
 }
 
-
+#if BLE_FEATURE_PRIVACY
+#if BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
 void Gap::on_address_resolution_completed(
     const address_t &peer_resolvable_address,
     bool resolved,
     target_peer_address_type_t identity_address_type,
     const address_t &identity_address
 )
 {
-#if BLE_FEATURE_PRIVACY
     if (!_event_handler || !_privacy_enabled) {
         return;
     }
@@ -3105,9 +3126,9 @@ void Gap::on_address_resolution_completed(
         delete event;
     }
 #endif // BLE_ROLE_OBSERVER
-#endif // BLE_FEATURE_PRIVACY
 }
-
+#endif // BLE_GAP_HOST_BASED_PRIVATE_ADDRESS_RESOLUTION
+#endif // BLE_FEATURE_PRIVACY
 
 bool Gap::is_advertising() const
 {
@@ -3165,7 +3186,7 @@ const address_t *Gap::get_random_address(controller_operation_t operation, size_
 #if BLE_FEATURE_EXTENDED_ADVERTISING
     if (is_extended_advertising_available()) {
         if (operation == controller_operation_t::advertising) {
-            if (_set_is_connectable.get(set_id) == false && peripheral_non_resolvable) {
+            if (!_set_is_connectable.get(set_id) && peripheral_non_resolvable) {
                 return &non_resolvable_address;
             } else {
                 return &resolvable_address;