Previously, we would rely on service changed to complete successfully
to signify a successful cccd state restore.
However, android doesn’t register for service_changed notifications,
and as a result sd_ble_gatts_service_changed always returns an error.
This meant that cccds would be erased when the complete flag was not
one, which would have been all the time.
This commit introduces a wait_ms before entering DFU mode to allow soft
device to communicate to an android handset that the current connection
should be terminated.
This commit addresses a number of outstanding issues:
* whitelisting behaviour, form the nrf51-sdk, where an address and an
irk were added to the whitelist
* bond management bugs, from the nrf51-sdk, where one device would
replace another.
closes#57, closes#56, closes#58, closes#59, closes#44, closes#60
Re-pairing the same BLE device under SoftDevice 8.0 Nordic SDK 10 appears to
add a second entry to the bonding table when private resolvable addresses are
used by the central device. This adversely affects whitelisting, as only the
first added matching entry will be succesfully added to the whitelist. i.e. A
central device will no longer be able to connect to a micro:bit after pairing
a second time as the older bond will take prescedence.
Althoguh reported to Nordic, a long term fix is not immediately forthcoming.
This patch applies a workaround, by simply reversing the order of the
whitelist before use. As the list is maintained in the order of insertion,
reversing the list guarantees that the entry added to the whitelist will be
the most recently bonded one for any given peer.
Updates to MicroBitConfig options and initialisaiton code of the BLE stack to
allow Soft Device's GATT table to be of a given size. If this size is smaller
then the default, the runtime will reclaim that that memory as heap storage.
The nordic implementation of the mbed whitelist API introduces entries into
the table that are not bonds. This patch corrects an assumption in
microbit-dal that the number of entries in the bond table table corellates
with the number of bonds.
The BLE security options mandated for child protection can be highly
detrimental to the development process for new BLE services. This patch
introduces a configuration option to disable BLE security for this purpose.
Default BLE security settings remain unchanged.
Datagram receive code incorrectly calculated the payload length, resulting in
packets being delivered to applications that were two bytes shorter than they
should be.
There is an issue (https://github.com/bbc/microbit-extras/issues/2755)
whereby CCCD data is required to be persisted through device resets.
This commit integrates the new MicroBitStorage class, and persistently
stores this information in flash.
P.S. what a long night!
Previous revisions of microbit-dal would handle the case of a bonding request
when the bond table was full by attempting to purge the bonding table on
demand. This suffered two flaws:
1) Nordic's device manager does not support the purging of the bonding table
while a connection is active (including a pairing request).
2) Some devices (e.g. Android 4.4.2 take two entries in the bonding table
when paired), thus making predictions of how 'full' the table is challenging.
This patch employs a simpler replacement policy. The maximum size of the bond
table has been increased to 6 (from 4). However, if the bond table contains 4
or more entries when entering pairing mode it will be purged in advance of any
pairing requetss being initiated.
The BLE stack locks out the CPU for long periods of time when necessary. This
can be alleviated by eans of a flag that release the CPU between radio events.
(BLE_COMMON_OPT_RADIO_CPU_MUTEX).
This can cause issues from applications with tighter timing requirements.
This patch only enables this MUTEX when a BLE connection is active, rather
than automatically at startup. Therefore, application that do not actively use
BLE will not suffer this penalty.
Integration of new radio mode that permits simple local area multicast communication
directly between micro:bits using the device's on board radio hardware.
It should be noted that this implementation build directly on the nrf51822
hardware. It is not a BLE protocol, and must (currently) be operated with BLE
disabled.
A standard on the wire configuration is defined, to promote future
interoperability between projects and languages. A lightweight
packet format is also defined and adhered to, so as to promote future
extensibility without sacrificing compatibility. The notion of groups is also
introduced, that enable multiple groups of children to work in the same area
without compromising each other's projects.
In adition to a low level packet radio driver, two higher level protocols are
defined that allow simple user datagram communication between micro:bits and
an EventBus protocol that allows the micro:bit's MessageBus to be extended to
other micro:bits.
BLE maintains metadata on its characterisitics, some of which record whether
or not a central device (phone/tablet) wishes to receive notifications when a
given BLE characteristic changes value. One such characterisitic is used as
part of a core BLE service to indicate of the BLE profile of a device has
changed.
IOS is heavily reliant on this feature, and expects the state of this metadata
to be persistent across device reboots. This patch ensures that this metadata
is always set to allow Service Changed indications to be propagated to central
devices.
calibration
MicroBitCompass initiates a calibration procedure on demand if a heading is
requested from an uncalibrated device. The BLE MagnetometerService also
attempts to retrieve a heading periodically, but it is not good behaviour to
initiate calibration as a response to this.
This patch introduces a check such that the BLE MagnetometerService will only
attempt to read heading data from a previously calibrated compass.
BLE central devices (such as mobile phones/tablets) are permitted to cache the
list of services and characteristics provided by a BLE peripheral such as the
micro:bit. This was causing compatibility problems with IOS during FOTA
flashing, as the the list of BLE services may change after flashing.
The Nordic BLE stack contains a fixed size bond table - a list of devices that
have paired with our device (in the case the micro:bit). The default mbed
wrapper around the nordic stack does not account for the case where the bond
table is full.
This patch implements basic bounds checking within the MicroBitBLEManager so
that this table cannot overrun. If a new device attempts to pair when the bond
table is full, the table is emptied prior to completing bonding.
Added configuration option in MicroBitConfig to allow the default power level
to be defined. Based on experiments undertaken by the BBC and subsequent policies defined by
the BBC's child protection panel, to is set by default it's lowest level (0),
in order to protect children's privacy.
It should be noted that this is 30dB below the device's default setting, so will
inevitably leave the device more susceptible to interference, and therefore
significantly reduce the reliability of the device. This will likely present
itself through increased packet loss, reduced thorughout, lost data and
connection drop outs. The normal BLE power level on commercial devices
translates to power level of 6.
The author has witnessed an inability to connect to a micro:bit from a
distance of 40cm under domestic conditions using a Samsung S5 mini
running Android 4.4.2.
Added MicroBitConfig.h option to enable/disable whitelisting
Added MicroBitConfig.h option to enable/disable limited period advertising
Added support for limited period advertising
Minor code cleanups
Whilst Android devices permit explicit initiation of the BLE pairing process,
IOS based devices are only capable of implicit initiation of pairing based
on accessing a protected characteristic. Adding read capability to the
ControlPoint characteristic provides a safe and convenient way for IOS devices
to initiate pairing.
Minor amends:
- bleDisconnectionCallback signature change
- bleSetAdvertisingInterval now takes milliseconds as a parameter
- event based invocation of DFU bootloader
More specifically:
- BLUEZONE mode renamed to PairingMode (by popular request).
- Added timeout of 90 seconds before automatic device reboot.
- Move from a scroll to a print based algorithm to improve the amount of time key is displayed fully.
- Added compulsory 'click to bond' button press.
- Improved response time of tick/cross being displayed.
Changes to default BLE name. During normal operation, all micro:bits now have the same name: BBC micro:bit
When pairing mode (AKA BLUEZONE) is entered, device name details re appended as before, to give BBC micro:bit [<name>]
This is to provide a degree of anonymity to users, to make tracking of kids more difficult.