Due to a change in the company name, the LwM2M copyrights need
to be changed from "Open Source Foundries Limited" ->
"Foundries.io".
Signed-off-by: Michael Scott <mike@foundries.io>
The autoconfigured IPv6 addresses that are related to removed
prefix, need also removed.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This commit contains several fixes for DTLS implementation, proposed in
a post-merge review of #9338.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Instead of having one delayed_work struct / IP address, use
only one delayed_work struct for lifetime timer. This saves
over 20 bytes / allocated address struct.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Some locations like DHCPv4 client create a prefilled packet by appending
new fragments in a loop with one byte each via net_pkt_append_u8() which
is wasteful and noisy. This patch adds the new functions
net_pkt_append_memset() which creates fragments as needed in the desired
size and initialises it to the specified value.
This change also adds a unittest for the new function.
Prerequisite for #9287
Signed-off-by: Daniel Egger <daniel@eggers-club.de>
Make several enums, that are used inside structs, to be packed so
that they use only needed amount of memory.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Instead of waiting forever for a network buffer, have a timeout
when allocating net_buf. This way we cannot left hanging for a
long time waiting for a buffer and possibly deadlock the system.
This commit only adds checks to core IP stack in subsys/net/ip
Fixes#7571
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Add system calls for the zsock implementations of socket,
close, bind, connect, listen, accept, sendto, recvfrom,
fcntl, poll, inet_pton, and getaddrinfo.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Make TLS poll function verify if decrypted data is available after
socket has notified activity with POLLIN flag. This prevents from giving
false notifications in case data was received on socket but was consumed
by mbedTLS.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add write-only socket option to set role for DTLS connection. This
option is irrelevant for TLS connections.
This options accepts and integer with a TLS role, compatible with
mbedTLS values:
0 - client,
1 - server.
By default, DTLS will assume client role.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
If the driver has created start() and stop() functions, then those
are called when ethernet L2 is enabled or disabled.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The ethernet sending routine sent a corrupted ARP packet instead
of the actual IPv4 packet.
Fixes#9348
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
No need to inline the net_if_ipv6_addr_lookup_by_iface() function
as it is used multiple times in ipv6.c
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Add a function which returns proper network interface to send either
IPv4 or IPv6 network packet to corresponding destination address.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Add a function that will return the network interface that would
be used when sending a IPv6 network packet to specific IPv6 destination
address.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
For example for Bluetooth IPSP, it is not needed to join solicited
node multicast group address.
From https://tools.ietf.org/html/rfc7668#section-3.2.2 :
"""
There is no need for 6LN to join the solicited-node multicast address,
since 6LBR will know device addresses and hence link-local addresses
of all connected 6LNs.
"""
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The LLDP protocol defines 2 separate agents, the Transmitters and
the Receivers. For the context of Zephyr, we are only interested in
the Tx agent, thus we drop any LLDP frames received by Zephyr.
LLDP frames are basically composed by an ethernet header followed by
the LLDP Protocol Data Unit (LLDPDU). The LLDPDU is composed by several
TLVs, some of them being mandatory and some optional.
Our approach here is having TLVs fully configured from Kconfig, thus
having the entire LLDPDU constructed on build time.
The commit adds NET_ETH_PTYPE_LLDP definition and related handling.
If CONFIG_NET_LLDP is enabled then ethernet_context has a pointer to
the struct net_lldpdu that belongs to that ethernet interface. Also
when CONFIG_NET_LLDP is enabled, the LLDP state machine will start to
send packets when network interface is coming up.
Currently the LLDP state machine is just a k_delayed_work() sending the
LLDPDU at a given period (defined by CONFIG_NET_LLDP_TX_INTERVAL).
Fixes#3233
Signed-off-by: Jesus Sanchez-Palencia <jesus.sanchez-palencia@intel.com>
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This change moves the logic for linearize and append_bytes from
the net_pkt sources into the net_buf sources where it can be
made available to layers which to not depend on net_pkt. It also,
adds a new net_buf_skip() function which can be used to iterated
through a list of net_buf (freeing the buffers as it goes).
For the append_bytes function to be generic in nature, a net_buf
allocator callback was created. Callers of append_bytes pass in
the callback which determines where the resulting net_buf is
allocated from.
Also, the dst buffer in linearize is now cleared prior to copy
(this was an addition from the code moved from net_pkt).
In order to preserve existing callers, the original functions are
left in the net_pkt layer, but now merely act as wrappers.
Signed-off-by: Michael Scott <mike@foundries.io>
This are all the parameters defined by the standard (12.21.1).
Additionally the parameters that are read-only are validated in the
ethernet_set_config callback.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
Best Effort is the default priority with the assigned value of 0, but
Background is the lowest priority with the assigned value of 1.
Ref: IEEE 802.1Q, Chapter I.4, Table I-2.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
Allows ethernet drivers to provide vendor specific statistics
and details in the form of key-value pairs with the name of
the staticstic and its value.
The new string tables will be behind a new config:
NET_STATISTICS_ETHERNET_VENDOR
Suggested-by: Jukka Rissanen <jukka.rissanen@intel.com>
Signed-off-by: Jonathan Yong <jonathan.yong@intel.com>
There are too many individual requests for Qav related parameters. There
are more Qav parameters that need to be supported (and will be supported
soon - both on the GET and SET side). Handling it the way it was handled
so far would render the eth mgmt API dominated by Qav parameters. That
would make the file hard to read and understand.
Instead of that - use a single GET and SET requests for all Qav
parameters. This works by adding a separate enum with Qav request type
to the ethernet_qav_param struct.
Additionally this approach makes it much easier to document it all since
we now have just a single request and documentation comments in the
ethernet_qav_param struct.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
Add calls responsible for getting and setting on/off status of Qav on
capable priority queues.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
Add basic IPv4 Link Local support as described in RFC 3927.
Signed-off-by: Matthias Boesl <matthias.boesl@gmail.com>
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Some Ethernet devices can filter out incoming packets through a list of
valid MAC addresses, so let's add a way to expose this capability, using
it through the ethernet device API.
Fixes#7596
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
This makes use of the get_config callback added to the Ethernet API.
For now the only parameter to get is the number of available priority
queues.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
This callback will be used to get HW specific configuration that cannot
be accessed through L2 directly.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
This reduces memory overhead on net_if_dhcpv4: 16 bytes vs 120 bytes
before. This might proove to be beneficial when there are many network
interface.
dhcpv4 ROM consumption is now 2132 bytes vs 4224 (many switches removed)
Fixes#8727
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Add write only TLS secure option to set peer verification level for
TLS connection.
This option accepts an integer with a peer verification
level, compatible with mbedtls values (0 - none, 1 - optional, 2 -
required.
By default, socket mimics mebdTLS behavior - (none for server, required
for client).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add TLS secure socket option to read a ciphersuite chosen during TLS
handshake. Might be useful during development.
This is a read-only option that returns an integer containing an
IANA assigned ciphersuite identifier of chosen ciphersuite.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add TLS secure socket option that enables to narrow list of ciphersuites
available for TLS connection.
This option accepts an array of integers with IANA assigned ciphersuite
identifiers and returns such.
By default, every statically configured ciphersuite is available for a
socket and getsockopt returns an array of these.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add write-only TLS secure socket option to set hostname.
This option accepts a string containing the hostname. May be NULL, to
disable hostname verification.
By default, an empty string is set as a hostname for TLS clients,
to enforce hostname verification in mbedTLS.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add TLS secure socket option to select TLS credentials to use.
This option accepts and returns an array of sec_tag_t that indicate
which TLS credentials should be used with specific socket.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add TLS credential management subsystem that enables to register TLS
credentials in the system. Once specific credentials are registered in
the system, they will be available for TLS secure sockets to use.
To use a TLS credential with a socket, the following steps have to be
taken:
1. TLS credential has to be registered in a system-wide pool, using the
API provided in "net/tls_credentials.h" header file.
2. TLS credential (and other TLS parameters) should be set on a socket
using setsockopt().
Note, that there is no need to repeat step 1 for different sockets using
the same credentials. Once TLS credential is registered in the system,
it can be used with mulitple sockets, as long as it's not deleted.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Move struct members around in networking code so that we avoid
unnecessary holes inside structs. No functionality changes by
this commit.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Allow user to set the network interface into promiscuous mode
and then receive all the network packets that are received by
that interface.
Fixes#7595
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
User is able to set the network interface to promiscuous mode
and query the promisc mode status.
Note that currently this is only supported for ethernet bearer.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
