This adds a few line use zephyr_syscall_header() to include
headers containing syscall function prototypes.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
In order to allow the TLS accept() call to be interrupted, it should
release the top-level TLS socket mutex before blocking. As the
underlying TCP accept() makes no use of TLS resources, and has its own
mutex protection, it should be safe to do so.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The accept() so far would block with mutex held, making it impossible to
interrupt it from another thread when the socket was closed.
Fix this, by reusing the condvar mechanism used for receiving. It's OK
to use the same routine, as underneath accept() is monitoring the same
FIFO as recv().
Additionally, simplify k_fifo_get() handling in accept() - as the
waiting now takes place on condvar, it can be used in a non-blocking
manner. Blocking accept() call should not reach this place if there's no
new incoming connection waiting on the FIFO.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Installing recv callback with net_context_recv() after
net_context_connect() left an opening for a possible race - in case the
server send some data immediately after establishing TCP connection, and
Zephyr did not manage to install the callback on time, the data would be
lost, corrupting the stream.
This can be avoided, by installing the recv callback before the
connection is triggered. As net_context_recv() called w/o timeout only
registers the callback function, it should have no negative impact. The
only change on the TCP side is when the connection is closed - in case
TCP is in connect stage, do not call the recv callback (before this
change it'd be NULL at that point).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case recv() call was waiting for data, and the socket was closed from
another thread, the recv() call would not be interrupted, causing the
receiving thread to be blocked indefinitely.
Fix this, by signalling the condvar the recv() call is waiting on
close(). Additionally, close will now set the socket into error mode,
with EINTR as the error condition, allowing the blocked calls to
recognise that the call was interrupted, and return a proper error code
on the event.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Until now iterable sections APIs have been part of the toolchain
(common) headers. They are not strictly related to a toolchain, they
just rely on linker providing support for sections. Most files relied on
indirect includes to access the API, now, it is included as needed.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
For offloaded iface net_tcp_get is never called, so context->tcp
is always NULL. In that case net_tcp_tx_sem_get will return wrong pointer.
For pollout k_poll will be called with NULL semph,
which cause HardFault.
Signed-off-by: Wojciech Slenska <wsl@trackunit.com>
Calls put instead of unref on net contexts
in the socket accept function.
Mere unref didn't subtract the reference
count of net context which leaves
it in used state. This situation happens
in case of accepting already
closed connection.
Signed-off-by: Daniel Nejezchleb <dnejezchleb@hwg.cz>
Added a feature of socket connect
being asynchronous. If socket is set
to nonblock with O_NONBLOCK flag,
then connect() is non-blocking aswell.
App can normally poll the socket to
test when the connection is established.
Signed-off-by: Daniel Nejezchleb <dnejezchleb@hwg.cz>
The init infrastructure, found in `init.h`, is currently used by:
- `SYS_INIT`: to call functions before `main`
- `DEVICE_*`: to initialize devices
They are all sorted according to an initialization level + a priority.
`SYS_INIT` calls are really orthogonal to devices, however, the required
function signature requires a `const struct device *dev` as a first
argument. The only reason for that is because the same init machinery is
used by devices, so we have something like:
```c
struct init_entry {
int (*init)(const struct device *dev);
/* only set by DEVICE_*, otherwise NULL */
const struct device *dev;
}
```
As a result, we end up with such weird/ugly pattern:
```c
static int my_init(const struct device *dev)
{
/* always NULL! add ARG_UNUSED to avoid compiler warning */
ARG_UNUSED(dev);
...
}
```
This is really a result of poor internals isolation. This patch proposes
a to make init entries more flexible so that they can accept sytem
initialization calls like this:
```c
static int my_init(void)
{
...
}
```
This is achieved using a union:
```c
union init_function {
/* for SYS_INIT, used when init_entry.dev == NULL */
int (*sys)(void);
/* for DEVICE*, used when init_entry.dev != NULL */
int (*dev)(const struct device *dev);
};
struct init_entry {
/* stores init function (either for SYS_INIT or DEVICE*)
union init_function init_fn;
/* stores device pointer for DEVICE*, NULL for SYS_INIT. Allows
* to know which union entry to call.
*/
const struct device *dev;
}
```
This solution **does not increase ROM usage**, and allows to offer clean
public APIs for both SYS_INIT and DEVICE*. Note that however, init
machinery keeps a coupling with devices.
**NOTE**: This is a breaking change! All `SYS_INIT` functions will need
to be converted to the new signature. See the script offered in the
following commit.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
init: convert SYS_INIT functions to the new signature
Conversion scripted using scripts/utils/migrate_sys_init.py.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
manifest: update projects for SYS_INIT changes
Update modules with updated SYS_INIT calls:
- hal_ti
- lvgl
- sof
- TraceRecorderSource
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
tests: devicetree: devices: adjust test
Adjust test according to the recently introduced SYS_INIT
infrastructure.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
tests: kernel: threads: adjust SYS_INIT call
Adjust to the new signature: int (*init_fn)(void);
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Currently, the handshake operation could only be fully blocking or
non-blocking. This did not play well if SO_RCVTIMEO was set for DTLS
server, as the recv() call where the blocking handshake was used, could
block indefinitely, ignoring the timeout parameter. Fix this, by
allowing for the handshake operation to timeout.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
As the underlying socket operations for TLS/DTLS are now non-blocking,
it's no longer possible to rely on the underlying socket timeout
handling. Instead, implement SO_RCVTIMEO/SO_SNDTIMEO at the TLS socket
layer.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
As for TLS, switch to use non-blocking operations on underlying socket.
This is a bit tricker for DTLS, as there were not truly blocking bio
(binary input/output) function for DTLS, as timeout had to been
implemented. It is possible though to implement non-blocking mbedTLS bio
function instead, and handle timeout outside of mbedTLS context, which
has been done in this commit.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Switch TLS sockets to use non-blocking socket operations underneath.
This allows to implement the socket blocking outside of the mbedTLS
context (using poll()), and therefore release the mutex for the time the
underlying socket is waiting for data. In result, it's now possible to
do blocking TLS RX/TX operations simultaneously from separate threads.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Implement ZFD_IOCTL_SET_LOCK so that TLS socket layer gets access to the
mutex protecting socket calls.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Socketpair functionality has matured enough to be used in a
consistent way now regardless of architecture or platform,
even on `native_posix`.
Remove the experimental status to reflect that.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
The TX timeout configured with SO_SNDTIMEO on a socket did not work
properly. If the timeout was set on a socket, the TX would work as if
the socket was put into non-blocking mode. This commit fixes this.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The timeout recalculation logic was duplicated across several routines,
therefore it makes sense to make a helper function out of it,
especially, that the same functionality would be needed for the send
routines.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Minor refactoring in getaddrinfo() to make the code easier to
read and to make handling IPv4 and IPv6 support more equal.
- Move common wait and error handling code to exec_query()
- Use the same check for CONFIG_NET_IPV4 and CONFIG_NET_IPV6
- Add extra sanity check for family before exec_query()
- Do not set errno when return DNS_EAI_ADDRFAMILY
Fix issue with setting port number for all DNS servers.
Signed-off-by: Stig Bjørlykke <stig.bjorlykke@nordicsemi.no>
If we are using `CONFIG_ARCH_POSIX`, then include
`<fcntl.h>`. Otherwise, include `<zephyr/posix/fcntl.h>`
since there are no requirements to use `CONFIG_POSIX_API`
internally.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
* include `<zephyr/posix/fcntl.h>` instead of `<fcntl.h>`
* drop unused logging header and module declaration
* reorder headers alphabetically
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Fixes issue where a build warning would be emmited for sockets_tls.c due
to usage of the deprecated fcntl.h header file.
Signed-off-by: Jared Baumann <jared.baumann8@t-mobile.com>
The POSIX spec requires that `SO_LINGER`, `SO_RCVLOWAT`,
and `SO_SNDLOWAT`, and `SOMAXCONN` are defined in
`<sys/socket.h>`. However, most of the existing socket
options and related constants are defined in
`<zephyr/net/socket.h>`.
For now, we'll co-locate them. It would be
good to properly namespace things.
Additionally, a no-op for setsockopt for `SO_LINGER` to
make things Just Work (TM) for now.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Setting `hints.ai_family` to `AF_UNSPEC` was causing
`net_getaddrinfo_addr_str()` and in turn `getaddrinfo()` to resolve the
literal SNTP SERVER first into IPv4 and then (if supported) IPv6 addresses.
This was causing useless waste of time and memory in case IPv4 was not
supported. In addition, in case IPv4 addresses were not supported, other
system components (eg. SNTP) could fail due to the DNS returning IP
addresses with unsupported family type (ie. IPv4).
Now, if address family is not explicitly set to `AF_INET` (ie. IPv4), then
no attempt is made to resolve SNTP server address into an IPv4 address.
Signed-off-by: Marco Argiolas <marco.argiolas@ftpsolutions.com.au>
If gcc compiler option -Werror is used the warning,
declared inside parameter list will not be visible outside of this
definition or declaration [-Werror]
is treated as error, for
sockets_internal.h:18:28: ‘struct net_context’
sockets_internal.h:19:32: ‘struct zsock_pollfd’
fdtable.h:108:17: ‘struct k_mutex’
Signed-off-by: Christoph Schnetzler <christoph.schnetzler@husqvarnagroup.com>
Using a socketpair for communication in an ISR is not a great
solution, but the implementation should be robust in that case
as well.
It is not acceptible to block in ISR context, so robustness here
means to return -1 to indicate an error, setting errno to `EAGAIN`
(which is synonymous with `EWOULDBLOCK`).
Fixes#25417
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Add new socket options IP_TOS and IPV6_TCLASS which allows to set
DSCP/ECN values on a socket for an outgoing packet IPv4/IPv6 headers.
The options are compatible with Linux behaviour, where both DSCP and ECN
are set with a single socket option.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
SOL_SOCKET and IPPROTO_TCP levels were missing the break statement at
the end of their processing logic, which could cause unexpected
fallthrough on unhandled optname value.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
This is a follow-up to commit a418ad4bb4.
Since the path to zephyr_mbedtls_priv.h is added to include directories
only when CONFIG_MBEDTLS_BUILTIN is enabled, the inclusion of the file
needs to be done under the same condition. Otherwise, an error occurs
when socket_tls.c is compiled without CONFIG_MBEDTLS_BUILTIN.
Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
* reduced cyclomatic complexity
* group validation by family to make the validation easier to understand
and extend
* change preprocessor markup where possible to allow for complete code
elimination when features (esp. IP) are disabled
* renamed net_context_get/set_ip_proto() to net_context_get_proto()
While the latter is formally part of the public API and might therefore
have to be deprecated rather than renamed, it is considered internal API
by the net developers, see
https://github.com/zephyrproject-rtos/zephyr/pull/48751#discussion_r942402612
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
The net_core:process_data() and connection:net_conn_input() methods are
the central network packet reception pipeline which:
1) guide network packets through all network layers,
2) decode, validate and filter packages along the way and
3) distribute packages to connections/sockets on all layers.
This code seems to have grown complex and rather cluttered over time as
all protocols, layers and socket implementations meet there in one single
place.
The code also reveals its origin as a pure IP stack which makes it hard
to introduce non-IP protocols and their supporting socket infrastructure
in a modularized way.
For an outside contributor it seems almost impossible to add another
protocol, protocol layer, filter rule or socket implementation without
breaking things.
This change doesn't try to solve all issues at once. It focuses
exclusively on aspects that maintain backwards compatibility:
* Improve modularization and encapsulation on implementation level by
disentangling code that mixes up layers, protocols and socket
implementations.
* Make IP just one protocol among others by removing assymmetry in
protocol handling logic and introduce preprocessor markup so that
IP-specific code can be eliminated by the preprocessor if not needed.
* Use preprocessor markup to delineate hook points for future
modularization or expansion without introducing structural changes (as
this would almost certainly break the API).
* Reduce cyclomatic complexity, use positive rather than negative logic,
improve variable naming, replace if/elseif/else blocks with switches,
reduce variable span, introduce inline comments where code does not
speak for itself, etc. as much as possible to make the code overall
more human-friendly.
Background: These are preparative steps for the introduction of IEEE
802.15.RAW sockets, DGRAM sockets and sockets bound to PAN IDs and device
addresses similar to what the Linux kernel does.
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
Introducing additional socket implementations is rather involved right
now due to some more or less convoluted code that had grown over time.
This change introduces an additional configuration variable in preparation
for additional socket API drivers. The idea is to reduce redundant code
and make existing code more readable by better exposing its actual intent.
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
The code contained several repeated composite IPv4/v6 and UDP/TCP
preprocessor statements that can be simplified by introducing a hidden
NET_IP preprocessor constant that captures what probably is actually
"meant" by this code.
While we were on it we also used the new constant to further isolate
IP-specific code from non-IP specific generics.
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
This change makes the packet socket and ieee802154 l2 drivers aware of
AF_PACKET sockets, see https://github.com/linux-wpan/wpan-tools/tree/master/examples
for examples which inspired this change.
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
Decouple the zephyr/net/socketcan.h and zephyr/drivers/can.h header files
by moving the SocketCAN utilities to their own header.
This is preparation for including the SocketCAN types defined in
socketcan.h in a native posix (Linux) SocketCAN driver context without name
clashes.
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
Rename the SocketCAN header from socket_can.h to socketcan.h to better
match the naming of the functionality.
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
Rename the SocketCAN utility functions to reflect the new naming of the CAN
controller API and SocketCAN API data types.
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
Remove the "z" prefix from the public CAN controller API types as this
makes them appear as internal APIs.
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
Rename the SocketCAN data types to "socketcan_*" in preparation of renaming
the low-level CAN controller API data types.
This breaks the naming compatibility with the similar SocketCAN data types
from the Linux kernel, but Zephyr and Linux SocketCAN are not 100%
compatible anyways (only the structure fields are compatible, extended
functionality such filtering, error reporting etc. are not).
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
This new implementation of pipes has a number of advantages over the
previous.
1. The schedule locking is eliminated both making it safer for SMP
and allowing for pipes to be used from ISR context.
2. The code used to be structured to have separate code for copying
to/from a wating thread's buffer and the pipe buffer. This had
unnecessary duplication that has been replaced with a simpler
scatter-gather copy model.
3. The manner in which the "working list" is generated has also been
simplified. It no longer tries to use the thread's queuing node.
Instead, the k_pipe_desc structure (whose instances are on the
part of the k_thread structure) has been extended to contain
additional fields including a node for use with a linked list. As
this impacts the k_thread structure, pipes are now configurable
in the kernel via CONFIG_PIPES.
Fixes#47061
Signed-off-by: Peter Mitsis <peter.mitsis@intel.com>
mbedTLS library threshold initialization was done in native TLS socket
implementation (which tends to use mbedTLS now) and inside mbedTLS
benchmark test. Move that to mbedTLS module initialization, as this is a
global setting.
Update description of CONFIG_MBEDTLS_DEBUG_LEVEL to clarify when
mbedtls_debug_set_threshold() is called.
Signed-off-by: Marcin Niestroj <m.niestroj@emb.dev>
So far there was a debug log hook installed in TLS socket implementation.
However, mbedTLS (with debug enabled) might be used outside from TLS socket
and even outside from networking context.
Add new module, which implements debug log hook and makes it available
whenever CONFIG_MBEDTLS_DEBUG is enabled.
Note that debug hook needs to be installed for each mbedTLS context
separately, which means that this requires action from mbedTLS users, such
as TLS sockets implementation.
Signed-off-by: Marcin Niestroj <m.niestroj@emb.dev>
The packet socket implementation did not fill the address structure
provided by the application. This commit fixes this.
Note, that the implementation needs to cover two cases: SOCK_RAW and
SOCK_DGRAM. In the first case, the information is extracted directly
from the L2 header (curently only Ethernet supported). In latter case,
the header is already removed from the packet as the L2 has already
processed the packet, so the information is obtained from the net_pkt
structure.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
There is a potential, corner case scenario, where a deadlock can occur
between TCP and socket layers, when both ends of the connection transmit
data.
The scenario is as follows:
* Both ends of the connection transmit data,
* Zephyr side send() call gets blocked due to filing the TX window
* The next incoming packet is data packet, not updating the RX window
on the peer side or acknowledging new data. The TCP layer will
attepmt to notify the new data to the socket layer, by calling the
registered callback. This will block the RX thread processing the TCP
layer, as the socket mutex is already acquired by the blocked send()
call.
* No further packets are processed until the socket mutex is freed,
which does not happen as the only way to unblock send() is process
a new ACK, either updating window size or a acknowledging data.
The connection stalls until send() times out.
The deadlock is not permament, as both threads get unlocked once send()
times out. It effectively breaks the active connection though.
Fix this, by unlocking the socket mutex for the time the send() call is
idle. Once the TCP layer notifies that the window is available again,
the mutex is acquired back.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Move the CAN bus network driver from drivers/can to drivers/net as it
implements a network driver, not a CAN controller driver.
Use a separate Kconfig for enabling the CAN bus network driver instead of
piggybacking on the SocketCAN Kconfig. This allows for other
(e.g. out-of-tree) SocketCAN transports.
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
