HID report map data size limit?

Hi guys. May I ask some questions for ble_app_hids_keyboard_pca10056_s113 project from 17.1.0 nRF5 SDK:

Sadly a similar ticket was there but there were no clear answer: Is there a limit to HID report map data?

My setup is NRF52840-QIAA with s113, 3 BLE services (DIS, BAS, HID similar to the original keyboard example).

Thanks to HID keyboard + Mouse combo answers BLE HID Mouse and BLE HID keyboard integration in the same program with nrf52 dk. Need urgent help

I also tested this and the report map data was added successfully.

So now I'm trying to add consumer control as well.

https://github.com/Rallare/nrf51_ble_app_hids_kbd_consumercontrol/blob/eb9253685fe097f9b0c88212bb51c5e5ff3f7e08/main.c#L220

May I ask what's the size limit of report_map_data[] array? Will this be 251, similar to LE data length extension feature?

Or can this size be indefinite depending on how many BLE services and characteristics are supported?

Parents

0 Kenneth over 2 years ago

Hello,

The report map is limited to 255bytes yes, see here for why:
RE: [nRF52833] GATT Read of HID Report Map Char exceeding ATT MTU

Kenneth
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 Kenneth over 2 years ago

Hello,

The report map is limited to 255bytes yes, see here for why:
RE: [nRF52833] GATT Read of HID Report Map Char exceeding ATT MTU

Kenneth
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

0 Matthew K over 2 years ago in reply to Kenneth

Thank you, Kenneth.

"We see a failure mode where the HID enumeration fails because the GATT Read fails (due to a malformed packet exceeding MTU error). "

Then how about

[1] can I set the ATT_MTU size higher, like 510 so that I can set the report_map_data[] array size to 500?

or

[2] Have two HID services?

HID service 1 has keyboard

HID service 2 has mouse + consumer control
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Kenneth over 2 years ago in reply to Matthew K

Hello,

Are you able to perform an on-air sniffer trace? E.g. using ellisys, frontline or for instance nrf sniffer? I just want to understand whether the problem is related to the size of the report map (and not that it may be fragmented over several att mtu packet (which should not be a problem, since it should be re-assembled when entire packet is read)). The report map can (afaik) only be 255bytes, this is not due to limitation in BLE, but limitation in the USB spec for HID devices (and the HID over GATT for BLE inherit these limitations, even if the BLE transport could support larger packets).

Edit: All that said, there is no problem to exchange larger ATT MTU in any case no.

Kenneth
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Matthew K over 2 years ago in reply to Kenneth

main - hid combo extra feature reports.c

Hello Kenneth.

Kenneth said:
The report map can (afaik) only be 255bytes

May I ask two things regarding this? I think this can go over 255 bytes.

https://www.usb.org/sites/default/files/hid1_11.pdf

6.2.1 HID Descriptor - wDescriptorLength is two bytes.

Doesn't that mean the report map can go upto 2^16 - 1 = 65535 bytes in total?

Also, if you try my main.c file for the ble_app_hids_keyboard_pca10056_s113 project,

(I modified the BLE HID Mouse and BLE HID keyboard integration in the same program with nrf52 dk. Need urgent help

keyboard mouse combo example by adding 4 extra keyboard feature reports)

in this case, the report_map_data[] array size is now 266 > 255.

I didn't get any error codes and my Samsung Galaxy S10 was able to connect with this modified example and worked.

I have another nRF52840-DK to work as the nRF Sniffer v4.1.1

but I don't know what filters to use to track my nRF52 device.

May I also ask how to have a proper filter to track this to check "fragmented over several att mtu packet"?

The filter that I only know is "bthci_evt.bd_addr ==". After the nRF52 is connected to the Galaxy S10, I need a different filter to track this and may I ask your help for this part?

Thank you very much for your great support!
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Kenneth over 2 years ago in reply to Matthew K

Matthew K said:
Doesn't that mean the report map can go upto 2^16 - 1 = 65535 bytes in total?

A good point, it may be that it's a not a limit anymore.

Matthew K said:
I have another nRF52840-DK to work as the nRF Sniffer v4.1.1

but I don't know what filters to use to track my nRF52 device.

I assume you have performed sniffing of the connection you want first by using:
https://infocenter.nordicsemi.com/topic/ug_sniffer_ble/UG/sniffer_ble/action_connection.html

After performing sniffing you can find display filters here:
https://infocenter.nordicsemi.com/topic/ug_sniffer_ble/UG/sniffer_ble/inspecting_data.html

A filter I use a lot: btle.data_header.llid > 0 && btle.length > 0

Best regards,
Kenneth
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Matthew K over 2 years ago in reply to Kenneth

Thank you Kenneth. Although this report_map_data[] array size of 266 > 255 is working,

let me use the nRF sniffer v4.1.1 to verify the MTU fragmentation. Back to my questions,

first of all, what's the max MTU size I can use while using NRF52840-QIAA with s113?

This should be 512 bytes, right?

Matthew K said:
[1] can I set the ATT_MTU size higher, like 510 so that I can set the report_map_data[] array size to 500?

So this means the max report_map_data[] array size is 509 for Bluetooth 5, right?

Matthew K said:
[2] Have two HID services?

HID service 1 has keyboard

HID service 2 has mouse + consumer control

If the report_map_data[] size exceeds 509, I should split this into several HID services, right?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel