Adds support for incoming and outgoing IPv4 fragmented packet support,
allowing a single packet that is too large to be sent to be split up
and sent successfully.
Signed-off-by: Jamie McCrae <spam@helper3000.net>
The net_core:process_data() and connection:net_conn_input() methods are
the central network packet reception pipeline which:
1) guide network packets through all network layers,
2) decode, validate and filter packages along the way and
3) distribute packages to connections/sockets on all layers.
This code seems to have grown complex and rather cluttered over time as
all protocols, layers and socket implementations meet there in one single
place.
The code also reveals its origin as a pure IP stack which makes it hard
to introduce non-IP protocols and their supporting socket infrastructure
in a modularized way.
For an outside contributor it seems almost impossible to add another
protocol, protocol layer, filter rule or socket implementation without
breaking things.
This change doesn't try to solve all issues at once. It focuses
exclusively on aspects that maintain backwards compatibility:
* Improve modularization and encapsulation on implementation level by
disentangling code that mixes up layers, protocols and socket
implementations.
* Make IP just one protocol among others by removing assymmetry in
protocol handling logic and introduce preprocessor markup so that
IP-specific code can be eliminated by the preprocessor if not needed.
* Use preprocessor markup to delineate hook points for future
modularization or expansion without introducing structural changes (as
this would almost certainly break the API).
* Reduce cyclomatic complexity, use positive rather than negative logic,
improve variable naming, replace if/elseif/else blocks with switches,
reduce variable span, introduce inline comments where code does not
speak for itself, etc. as much as possible to make the code overall
more human-friendly.
Background: These are preparative steps for the introduction of IEEE
802.15.RAW sockets, DGRAM sockets and sockets bound to PAN IDs and device
addresses similar to what the Linux kernel does.
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
While a previous change had already decoupled the IEEE 802.15.4 L2 from
IP upper layers, this only worked when at least one other interface of
the device supported IP.
This change removes this requirement and thereby fixes a build error
that occurred when disabling IP support while maintaining IEEE 802.15.4
L2 support.
Fixes: #48718
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
Datagram AF_PACKET sockets were not processed properly by the net stack.
Instead of receving a packet already processed L2, and thus with L2
header trimmed, it was receiving a raw, unprocessed packet.
Fix this by calling net_packet_socket_input() for the second time, after
L2 has processed the packet. An updated connection handler module will
forward the packet correctly based on the corresponding socket type and
packet L2 processing status.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In order to bring consistency in-tree, migrate all subsystems code to
the new prefix <zephyr/...>. Note that the conversion has been scripted,
refer to zephyrproject-rtos#45388 for more details.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
This provides the infrastructure to create network packet filter rules
and to apply them to the RX and TX packet paths. Rules are made of
simple condition tests that can be linked together, creating a facility
similarly to the Linux iptables functionality.
A couple of generic and Ethernet-specific condition tests are also
provided.
Additional tests can be easily created on top of this.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
Replace unpacked in6_addr structures with raw buffers in net_ipv6_hdr
struct, to prevent compiler warnings about unaligned access.
Remove __packed parameter from `struct net_6lo_context` since the
structure isn't really serialized.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Replace unpacked in_addr structures with raw buffers in net_ipv4_hdr
struct, to prevent compiler warnings about unaligned access.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The k_work handler cannot manipulate the used k_work. This means
that it is not easy to cleanup the net_pkt because it contains
k_work in it. Because of this, use k_fifo instead between
RX thread and network driver, and between application and TX
thread.
A echo-server/client run with IPv4 and UDP gave following
results:
Using k_work
------------
TX traffic class statistics:
TC Priority Sent pkts bytes time
[0] BK (1) 21922 5543071 103 us [0->41->26->34=101 us]
[1] BE (0) 0 0 -
RX traffic class statistics:
TC Priority Recv pkts bytes time
[0] BK (0) 0 0 -
[1] BE (0) 21925 6039151 97 us [0->21->16->37->20=94 us]
Using k_fifo
------------
TX traffic class statistics:
TC Priority Sent pkts bytes time
[0] BK (1) 15079 3811118 94 us [0->36->23->32=91 us]
[1] BE (0) 0 0 -
RX traffic class statistics:
TC Priority Recv pkts bytes time
[0] BK (1) 0 0 -
[1] BE (0) 15073 4150947 79 us [0->17->12->32->14=75 us]
So using k_fifo gives about 10% better performance with same workload.
Fixes#34690
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Set the default behaviour of the networking subsystem so that
no TX or RX threads are created. This will save RAM as there
is no need to allocate stack space for the RX/TX threads.
Also this will give small improvement to network packet latency
shown here:
* with 1 traffic class (1 TX and RX thread)
Avg TX net_pkt (42707) time 60 us [0->22->15->22=59 us]
Avg RX net_pkt (42697) time 36 us [0->10->3->12->7=32 us]
* with 0 traffic classes (no TX and RX threads)
Avg TX net_pkt (41608) time 42 us [0->21->20=41 us]
Avg RX net_pkt (41593) time 31 us [0->9->12->8=29 us]
In this qemu_x86 test run, 40k UDP packets was transferred between
echo-server and echo-client. In TX the speed increase was 30% and
in RX it was 14%.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Create net_l2_send() function which will be called by each L2
sending function so that we can catch all the network packets
that are being sent. Some L2 layers send things a bit differently,
so in those cases call the net_capture_send() directly by the L2
layer.
Add network packet capture call in receive side after the pkt has
been received by the RX queue handler. This avoids calling the
net_capture_send() from ISR context.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
With these changes, dial up Zephyr application/driver can use
socket(AF_PACKET, SOCK_RAW, IPPROTO_RAW) for creating
a socket for sending/receiving data to/from ppp net link, i.e.
packet is going to/from PPP L2.
Signed-off-by: Jani Hirsimäki <jani.hirsimaki@nordicsemi.no>
This can be used to implement tunneling, VPN etc. The virtual
interfaces can be chained together to support multilayer
network interfaces.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If the network driver for some reason did not set the data in
the network packet properly, then just drop it as we cannot do
anything with just plain net_pkt.
Fixes#28131
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Now that device_api attribute is unmodified at runtime, as well as all
the other attributes, it is possible to switch all device driver
instance to be constant.
A coccinelle rule is used for this:
@r_const_dev_1
disable optional_qualifier
@
@@
-struct device *
+const struct device *
@r_const_dev_2
disable optional_qualifier
@
@@
-struct device * const
+const struct device *
Fixes#27399
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
The current design of the network-specific stack dumping APIs
is fundamentally unsafe. You cannot properly dump stack data
without information which is only available in the thread object.
In addition, this infrastructure is unnecessary. There is already
a core shell command which dumps stack information for all
active threads.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Randomly generating ID the first time coap_next_id() is called is more
in accordance with CoAP recommendations (see
https://tools.ietf.org/html/draft-ietf-core-coap-18, section 4.4)
"It is strongly recommended that the initial value of the
variable (e.g., on startup) be randomized, in order to make successful
off-path attacks on the protocol less likely."
Doing this in a dedicated init function is the cleanest and most
idiomatic approach. This init function is not exposed publically which
means it will be called only once, by the network stack init procedure.
Signed-off-by: Benjamin Lindqvist <benjamin.lindqvist@endian.se>
If the loopback driver is enabled, then the packet might come
from localhost in which case mark it properly. Without this marking
the packet from/to 127.0.0.1 or ::1 would be dropped in later checks.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Provide access functions for manipulating network interface flags.
There is no need for the caller of this API to know about the inner
details of the flags.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
DNS is not part of L3, but as dhcpv4 or the net shell, it is a services
on top of the network stack. So let's gather all in a dedicated
function.
This also rework the order when starting the DNS service. There was an
issue for offload device: these would be fully initialized in
init_rx_queues() which was called after l3_init. l3_init had already
started dns: which would not be able to bind correctly, proving to be
fully dead afterwards. Instead, starting the dns at the very end
ensures that all is initialized properly from devices to stack.
Fixes#15124
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
This attribute, in case CONFIG_NET_STATISTICS is enabled, made sense
when L2's send() function did not return the length of the sent packet.
But now, it's a superflous optimization as is it used only to set the
stats on recv or send, where net_pkt_get_len() can be used directly.
This helps to save 2 bytes from struct net_pkt.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
No need to hide the symbols in the header file if CONFIG_NET_LLDP
is not enabled. This also allows the documentation to be generated
properly.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
pkt->buffer is represented by 1+ net_buf. If some are unused, this will
deallocates them.
This situation can happen on TCP where net_pkt allocator evaluates the
header size to its maximum size. Which space might not be (fully) used
in the end. On fixed data size buffer, this might end up by having last
buffer(s) not bein used. So better removing those.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
If CONFIG_NET_SOCKETS_PACKET is enabled, then feed the packet
to net_packet_socket_input() for processing. It will search
for the net_contexts and if proper handler is found, pass
the packet to connection handler.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Use the new net_pkt API to proceed through IPv6 header and all the
extension header as well.
Use udp/tcp input functions relevantly, and call net_conn_input
afterwards.
Note: This commit temporarly disable IPv6 fragmentation support
in the code directly. Which support will be re-enabled afterwards.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
As before, such header is meant to be in a contiguous area (beginning
of the buffer, only 20 bytes)
Opportunistically chaning the function name to net_ipv4_input() (all
will be create/finalize/input).
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Newly received pkt can get their cursor intialized at net_recv_data()
(most of the time, drivers won't mangle with the content before calling
that function).
Right after l2 (net_if_recv_data()) parsing as well. L2s pull the
starting buffer after ll header. Instead of letting L2s updating the
cursor, it's simpler to reinitialize it directly after such parsing.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
This will avoid new API's writing functions to modify the packet's
content. For instance while checking its checksum etc...
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Remove network specific default and max log level setting
and start to use the zephyr logging values for those.
Remove LOG_MODULE_REGISTER() from net_core.h and place the
calls into .c files. This is done in order to avoid weird
compiler errors in some cases and to make the code look similar
as other subsystems.
Fixes#11343Fixes#11659
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If the destination IPv6 address is interface local scope multicast
address FF01::, then loopback those packets back to us as that is
the purpose of those addresses. They are to work same way as
localhost unicast address. See RFC 3513 ch 2.7 for details.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Unify the function naming for various network checking functions.
For example:
net_is_ipv6_addr_loopback() -> net_ipv6_is_addr_loopback()
net_is_my_ipv6_maddr() -> net_ipv6_is_my_maddr()
etc.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
We must drop packet that is received from outside and which has
IPv6 loopback address (::1) either as a destination address or
source address.
Fixes#10933
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If we receive an IPv4 that has broadcast destination address, then
properly handle it.
This means that for
* ICMPv4, if CONFIG_NET_ICMPV4_ACCEPT_BROADCAST is set (this is the
default value) and we receive echo-request then accept the packet.
Drop other ICMPv4 packets.
* TCP, drop the packet
* UDP, accept the packet if the destination address is the broadcast
address 255.255.255.255 or the subnet broadcast address.
Drop the packet if the packets broadcast address is not in our
configured subnet.
In sending side, make sure that we do not route broadcast address
IPv4 packets back to us. Also set Ethernet MAC destination address
properly if destination IPv4 address is broadcast one.
Fixes#10780
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Instead of one global log level option and one on/off boolean
config option / module, this commit creates one log level option
for each module. This simplifies the logging as it is now possible
to enable different level of debugging output for each network
module individually.
The commit also converts the code to use the new logger
instead of the old sys_log.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The LLDP protocol defines 2 separate agents, the Transmitters and
the Receivers. For the context of Zephyr, we are only interested in
the Tx agent, thus we drop any LLDP frames received by Zephyr.
LLDP frames are basically composed by an ethernet header followed by
the LLDP Protocol Data Unit (LLDPDU). The LLDPDU is composed by several
TLVs, some of them being mandatory and some optional.
Our approach here is having TLVs fully configured from Kconfig, thus
having the entire LLDPDU constructed on build time.
The commit adds NET_ETH_PTYPE_LLDP definition and related handling.
If CONFIG_NET_LLDP is enabled then ethernet_context has a pointer to
the struct net_lldpdu that belongs to that ethernet interface. Also
when CONFIG_NET_LLDP is enabled, the LLDP state machine will start to
send packets when network interface is coming up.
Currently the LLDP state machine is just a k_delayed_work() sending the
LLDPDU at a given period (defined by CONFIG_NET_LLDP_TX_INTERVAL).
Fixes#3233
Signed-off-by: Jesus Sanchez-Palencia <jesus.sanchez-palencia@intel.com>
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Add basic IPv4 Link Local support as described in RFC 3927.
Signed-off-by: Matthias Boesl <matthias.boesl@gmail.com>
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
