Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bluetooth: Mesh: do not send time status often than 30 seconds #11997

Merged
merged 2 commits into from
Aug 17, 2023
Merged

Bluetooth: Mesh: do not send time status often than 30 seconds #11997

merged 2 commits into from
Aug 17, 2023

Conversation

alxelax
Copy link
Contributor

@alxelax alxelax commented Aug 9, 2023

Commit adds restriction for the Time model to not send Time Status more often than 30 seconds if this is aresult of state update after Time Set or Time Status commands.

@alxelax alxelax requested a review from ludvigsj as a code owner August 9, 2023 14:55
@github-actions github-actions bot added ble mesh Label for ble mesh PRbot. Add this if PR is related to ble mesh and you need to get review. changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added. labels Aug 9, 2023
@NordicBuilder
Copy link
Contributor

NordicBuilder commented Aug 9, 2023
edited
Loading

Test specification

CI/Jenkins/NRF

  • Integration Platforms

CI/Jenkins/integration

Test Module File based changes Manually selected West overwrite
test-fw-nrfconnect-ble_mesh X

Detailed information of selected test modules

Note: This message is automatically posted and updated by the CI

@alxelax alxelax removed the changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added. label Aug 9, 2023
@NordicBuilder
Copy link
Contributor

You can find the documentation preview for this PR at this link. It will be updated about 10 minutes after the documentation build succeeds.

Note: This comment is automatically posted by the Documentation Publishing GitHub Action.

@alxelax alxelax marked this pull request as draft August 10, 2023 12:16
@alxelax
Copy link
Contributor Author

alxelax commented Aug 10, 2023

PR has been converted into draft. I want to implement unit tests for the changes.

@github-actions github-actions bot added the changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added. label Aug 10, 2023
ludvigsj
ludvigsj requested changes Aug 10, 2023
View reviewed changes
Copy link
Contributor

@ludvigsj ludvigsj left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have a few questions.

  1. Why does the time relaying introduce randomness, whereas the time set response does not?
  2. If I read the current code correctly, the time set handling will just not send a response if it is less than 30 seconds since last response was sent. In my opinion, we should always send one response after the "last" time set, potentially having to delay this response (between 1 and 30 seconds, depending on when the last status was sent).
  3. Also, if I read correctly, the relay handling will first wait until 30 seconds have passed and then schedule a delayed status at 20-50 seconds later after this, meaning there will be 50-80 seconds between these two relays. Is this on purpuse? If so: why? Sorry, I misread. The delay will of course be pending if the handler is called again while waiting to send the first randomly delayed relayed status.

subsys/bluetooth/mesh/time_srv.c Outdated Show resolved Hide resolved
@alxelax
Copy link
Contributor Author

alxelax commented Aug 10, 2023

I have a few questions.

  1. Why does the time relaying introduce randomness, whereas the time set response does not?

This is an errata requirement. Please take a look errata reference in JIRA task since Omkar asked to not reference the errata number and text here. Changes to this subclause: 5.3.1.2.3 Receiving a Time Status message.
The general idea is to prevent the broadcast storm of Time Statuses by Time Relays roles when Authorities change for example Time Zone simultaneously by GPS etc.

  1. If I read the current code correctly, the time set handling will just not send a response if it is less than 30 seconds since last response was sent. In my opinion, we should always send one response after the "last" time set, potentially having to delay this response (between 1 and 30 seconds, depending on when the last status was sent).

Time Set will always send a response to the sender here: https://github.com/nrfconnect/sdk-nrf/pull/11997/files#diff-626675688a86ce1b261757ffd4f251e64c8b334403c2432102a99ec505fa8c32R273
The only state change publishing is restricted by 30 seconds limitation.

The time model had the bug and didn't publish state change at all. Luckily errata coincided with this code. I fixed the bug according to the errata requirement.

@alxelax alxelax requested a review from ludvigsj August 10, 2023 13:29
@ludvigsj
Copy link
Contributor

Time Set will always send a response to the sender here: https://github.com/nrfconnect/sdk-nrf/pull/11997/files#diff-626675688a86ce1b261757ffd4f251e64c8b334403c2432102a99ec505fa8c32R273 The only state change publishing is restricted by 30 seconds limitation.

My point is, it should probably sent one more status update than it does now. Meaning, the behavior should be this, I think:

t = 0, time_set
t = 0, publishes time because of time_set
t = 10, time_set
t = 20, time_set
t = 30, publish time a final time to inform of latest state change.

The last step will not be done with the current code.

@alxelax
Copy link
Contributor Author

alxelax commented Aug 10, 2023

Time Set will always send a response to the sender here: https://github.com/nrfconnect/sdk-nrf/pull/11997/files#diff-626675688a86ce1b261757ffd4f251e64c8b334403c2432102a99ec505fa8c32R273 The only state change publishing is restricted by 30 seconds limitation.

My point is, it should probably sent one more status update than it does now. Meaning, the behavior should be this, I think:

t = 0, time_set t = 0, publishes time because of time_set t = 10, time_set t = 20, time_set t = 30, publish time a final time to inform of latest state change.

The last step will not be done with the current code.

I asked this question to @omkar3141 during implementation. Should the server skip or postpone publishing? I got answered it should skip.
@omkar3141, could you clarify @ludvigsj's concern?

omkar3141
omkar3141 requested changes Aug 11, 2023
View reviewed changes
Copy link
Contributor

@omkar3141 omkar3141 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The spec does not have clarity about whether 30 second limit applies to all kinds of publishing or only to periodic publishing. The intention in the spec seems to be to prevent flooding of network by Time_Status messages if someone sets the publish period to a low value. We will ask for clarification.

Meanwhile it is enough to implement rate limitation for handing of 'Time_Status' messages (in handle_time_status). So, if other server is misbehaving, this server does not start misbehaving as well.

subsys/bluetooth/mesh/time_srv.c Outdated Show resolved Hide resolved
subsys/bluetooth/mesh/time_srv.c Show resolved Hide resolved
subsys/bluetooth/mesh/time_srv.c Outdated Show resolved Hide resolved
omkar3141
omkar3141 requested changes Aug 11, 2023
View reviewed changes
subsys/bluetooth/mesh/time_srv.c Outdated Show resolved Hide resolved
@alxelax
Copy link
Contributor Author

alxelax commented Aug 11, 2023

The spec does not have clarity about whether 30 second limit applies to all kinds of publishing or only to periodic publishing. The intention in the spec seems to be to prevent flooding of network by Time_Status messages if someone sets the publish period to a low value. We will ask for clarification.

Meanwhile it is enough to implement rate limitation for handing of 'Time_Status' messages (in handle_time_status). So, if other server is misbehaving, this server does not start misbehaving as well.

Hm... Seems spec clarifies the time restriction only for one kind of publishing. This is state change publishing. I added periodic here to follow 30 seconds rules. I'll remove considering time in periodic publishing. If user wants to do DDoS attack of network over the time service, let's allow to do this. :)

@alxelax
Copy link
Contributor Author

alxelax commented Aug 14, 2023
edited
Loading

Discussed IRL. For now, we decided to apply publishing time restriction rules for handling Time Status messages and not do for Time Set messages. At the current moment, publishing the last Time model state depends on configured periodic publishing time of the Time model. If Time Set is received during 30 seconds restriction time it is not clear what is better to do: publish immediately or postpone until the end of the already started 30 seconds timeout.

If clarification for the Time Set message is gotten from Bluetooth SIG it will be applied later as a separate task\PR.

@alxelax alxelax force-pushed the 30_seconds_timer_restrict branch 2 times, most recently from 20739a6 to 61352aa Compare August 14, 2023 13:11
@alxelax
Bluetooth: Mesh: do not send time status often than 30 seconds
533638e 
Commit adds restriction for the Time model
to not send Time Status more often than 30 seconds
if this is aresult of state update after Time Set or
Time Status commands.

Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
@alxelax alxelax force-pushed the 30_seconds_timer_restrict branch 2 times, most recently from e850dcc to 7018d94 Compare August 16, 2023 13:18
@alxelax alxelax removed the changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added. label Aug 16, 2023
@alxelax alxelax marked this pull request as ready for review August 16, 2023 13:19
@github-actions github-actions bot added the changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added. label Aug 16, 2023
@alxelax alxelax removed the changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added. label Aug 16, 2023
@github-actions github-actions bot added the changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added. label Aug 16, 2023
@alxelax
tests: Bluetooth: Mesh: time status timing of time model
a9325ab 
Commit adds unit test to check the Time Status timig of
the Time model (including time restrictions).

Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
@alxelax alxelax removed the changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added. label Aug 16, 2023
@nordicjm nordicjm merged commit d800e7d into nrfconnect:main Aug 17, 2023
14 checks passed
@alxelax alxelax deleted the 30_seconds_timer_restrict branch August 17, 2023 12:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ludvigsj ludvigsj ludvigsj approved these changes

@omkar3141 omkar3141 omkar3141 approved these changes

Assignees
No one assigned
Labels
ble mesh Label for ble mesh PRbot. Add this if PR is related to ble mesh and you need to get review.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@alxelax @NordicBuilder @ludvigsj @omkar3141 @nordicjm