SYS_PORT_TRACING_OBJ_FUNC_* are for when the function being
traced is a method of an object. Use SYS_PORT_TRACING_FUNC_* instead.
Signed-off-by: Benjamin Cabé <benjamin@zephyrproject.org>
Add new socket offloading functions, allowing to enable/disable
offloaded DNS implementation at runtime. This may be useful if there is
a mix of offloaded/native network interfaces in the system, so the
application can choose which DNS backend to use.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Also allow `gethostname` to be compiled in, even when the socket offloading
option is selected.
Signed-off-by: Cla Mattia Galliard <cla-mattia.galliard@zuehlke.com>
Add new TLS socket option, TLS_CERT_VERIFY_CALLBACK, which allows to
register an application callback to verify certificates obtained during
the TLS handshake.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add new TLS socket option, TLS_CERT_VERIFY_RESULT, to obtain the
certificate verification result from the most recent handshake on the
socket. The option works if TLS_PEER_VERIFY_OPTIONAL was set on the
socket, in which case the handshake may succeed even if certificate
verification fails.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Turn the MBEDTLS_RSA_FULL selects into depends on.
This is how the other MBEDTLS_KEY_EXCHANGE_* Kconfig options are defined.
This is done to avoid circular dependencies.
At the same time update uses of the affected MBEDTLS_KEY_EXCHANGE_*
Kconfig options to enable/disable the dependencies which used to be
automatically handled.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
In order to be able to receive packets on unbound packet sockets (which
should collect packet from all interfaces in such case), it's needed to
register receive callback at the socket layer as soon as the socket is
created.
In additional to that, the default binding for packet sockets need to be
revisited. Packet socket should not be bound to the default interface,
as this way the socket would only be receiving packets from that
particular interface. Instead, leave the interface unspecified in such
case.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Increased the heap mempool size for the socketpairs. This way there will
be enough memory available to allocate 2 * struct spair.
Signed-off-by: Ibe Van de Veire <ibe.vandeveire@basalte.be>
Make sure that when sendto is being used without the socket being bound
before, a correct interface is used for transmission. As
zpacket_sendto_ctx() calls net_context_recv() to register receive
callback before sending, a default binding was used by the context
layer, which would bind the socket to the default interface. This could
lead to unexpected results, i.e. packet being sent on a default
interface, even though a different one was specified.
Make also sure that there is no ambiguity in the interface selection -
the application should be explicitly clear what interface it wants to
use when it comes to packet sockets. It's better to return an error if
no valid interface was specified.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
According to AF_PACKET man pages protocol number 0 is allowed, however
in such case the socket is only capable of transmitting packets then:
"If protocol is set to zero, no packets are received."
Therefore, allow to create sockets with such protocol, and at the
connection.c level filter out such sockets from data reception.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
According to `f9901e8e` and validated by testing, the supplicant only
use case only requires 4 socket pairs. 6 pairs are required for the
`hostapd` use case.
Signed-off-by: Jordan Yates <jordan@embeint.com>
IPPROTO_RAW is not a valid protocol type for AF_PACKET sockets, which
should only use IEEE 802.3 protocol numbers. Therefore remove support
for this type of sockets.
As an alternative, users can use AF_PACKET/SOCK_DGRAM or
AF_INET(6)/SOCK_RAW, depending on the actual use case.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Introduce changes in the networking stack which allow to create raw IP
sockets, so that applications can send and receive raw IP datagrams.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add support for the IP_MULTICAST_LOOP socket option to control
multicast packet loopback.
Signed-off-by: AbdElRahman Khalifa <abdelrahman.5alifa@gmail.com>
Add support for the IPV6_MULTICAST_LOOP socket option.
This option allows enabling or disabling the consumption of multicast
packets by the sender. By default, the socket option will be enabled.
Co-authored-by: Pieter De Gendt <pieter.degendt@gmail.com>
Signed-off-by: Sayooj K Karun <sayooj@aerlync.com>
TLS_CREDENTIAL_SERVER_CERTIFICATE credential type is misleading, as in
fact it just represents a public certificate, it does not matter if the
certificate belongs to a server or a client. And actually, it was
already used in-tree for clients as well, for example in LwM2M.
Therefore rename the credential type to a more generic
TLS_CREDENTIAL_PUBLIC_CERTIFICATE and deprecate the old one.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Clear all previous events when register is called a second time. This is
the same behavior as before, if the call happens with `len` equal or
greater then the previous call but in the case if `len` is less then the
first call, now, all events are cleared. This is more predictable behavior.
Signed-off-by: Cla Mattia Galliard <cla-mattia.galliard@zuehlke.com>
Previously the net_linkaddr struct had pointers to the link address.
This is error prone and difficult to handle if cloning the packet as
those pointers can point to wrong place. Mitigate this issue by
allocating the space for link address in net_linkaddr struct. This will
increase the size of the net_pkt by 4 octets for IEEE 802.15.4 where the
link address length is 8, but there no increase in size if link address
is 6 bytes like in Ethernet/Wi-Fi.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Use Wi-Fi connecting to Qualcomm IPQ8074 AP, and run the UDP RX traffic
with Zperf, but zperf does not return the throughput number after
traffic completion nor any session started prints. After traffic
completion, ping from STA to AP and vice versa does not work. The
socket_service thread is found blocked forever at zsock_wait_data()
after dns_dispatcher_svc_handler() is called via trigger_work().
The root cause of this issue is:
STA received one DHCPv4 packet containing DHCPV4_OPTIONS_DNS_SERVER,
it will create DNS socket and registered to socket_service. Then STA
received another IPv6 router advertisement packet containing
NET_ICMPV6_ND_OPT_RDNSS, it will close socket and change the state of
poll_events to K_POLL_STATE_CANCELLED(8), then registered to
socket_service with same fd. In socket_service thread, zsock_poll()
called zsock_poll_update_ctx() when handled ZFD_IOCTL_POLL_UPDATE, and
it checked the state of poll_events was not K_POLL_STATE_NOT_READY(0),
then it will set pfd->revents to '|= ZSOCK_POLLIN'. Finally
trigger_work() can be called as 'ctx.events[i].revents > 0' is matched.
The fix of this issue is that, in zsock_poll_update_ctx(), it should
check the state of poll_events is neither K_POLL_STATE_NOT_READY nor
K_POLL_STATE_CANCELLED before setting revents as ZSOCK_POLLIN, to avoid
trigger_work be unexpectedly called.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
It might happen now after the commit 8519fa1627 ("net: socket service
resets its restart flag") that the event has disappeared before we
call the work, if that happens we must not bail out but restart
the service.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
As the zsock_recv_dgram() is rather large, remove the inline
keyword from it and let compiler to decide what to do with it.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Restore only the socket descriptor that we marked as -1 after running
the work related to that socket. Earlier we tried to restore the whole
global array of descriptors which could go wrong and is not needed
as we only support synchronous work.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The socket service restarts whenever a new socket is registered.
This is triggered via zvfs_eventfd_write(ctx.events[0].fd, 1),
but the restart flag (ctx.events[0].revents) is not properly cleared,
causing unintended repeated restarts and skipped socket processing.
Detecting socket restart is done after the socket fd has processed its
data, so the socket doesn't lose its data. Ensure the socket service
clears its restart flag (ctx.events[0].revents = 0) immediately after
detecting a restart event, preventing unnecessary restarts.
Fixes#81813
Signed-off-by: Dominic Moffat <dom@illysky.com>
The recvmsg() function should not modify the buffer configuration
provided in struct msghdr, such behavior is not specified in the POSIX
function description, nor is it consistent with well-known behavior of
this function in Linux.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
If we have received data to the accepted socket, then release
those before removing the accepted socket. This is a rare event
as it requires that we get multiple simultaneous connections
and there is a failure before the socket accept is called by
the application.
For example one such scenario is when HTTP server receives multiple
connection attempts at the same time, and the server poll fails
before socket accept is called. This leads to buffer leak as the
socket close is not called for the accepted socket because the
accepted is not yet created from application point of view.
The solution is to flush the received queue of the accepted socket
before removing the actual accepted socket.
Fixes#84538
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Replaced the k_pipe-based implementation in sockpair with ring_buffer
based implementation instead.
The move to ring_buffer is done to avoid overhead of k_pipe and to align
with the new k_pipe API.
This does not pose any added risk to concurrency as the read and write
functions are protected by semaphores for both spairs.
Signed-off-by: Måns Ansgariusson <Mansgariusson@gmail.com>
Mostly a revert of commit b1def7145f ("arch: deprecate `_current`").
This commit was part of PR #80716 whose initial purpose was about providing
an architecture specific optimization for _current. The actual deprecation
was sneaked in later on without proper discussion.
The Zephyr core always used _current before and that was fine. It is quite
prevalent as well and the alternative is proving rather verbose.
Furthermore, as a concept, the "current thread" is not something that is
necessarily architecture specific. Therefore the primary abstraction
should not carry the arch_ prefix.
Hence this revert.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
Latest supplicant uses 1K buffer size for sending control message via
socketpair, so reducing the NET_SOCKETPAIR_BUFFER_SIZE to save memory
footprint. There are 4 socketpairs for supplicant only case, and 6
socketpairs for hostapd case, update the heap size correspondingly.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Don't check 'HEAP_MEM_POOL_SIZE != 0', as HEAP_MEM_POOL_SIZE might be 0,
but HEAP_MEM_POOL_ADD_SIZE_xxx is defined, which means the actual heap
size is not zero. So check KERNEL_MEM_POOL instead.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
In case TLS connect timed out during the handshake, errno was set to
EAGAIN which is unexpected and confusing. Fix this and set the errno
to ETIMEDOUT instead.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The deprecated CONFIG_NET_SOCKETS_POSIX_NAMES option is removed.
If one wishes to use POSIX API socket calls, then CONFIG_POSIX_API
option needs to be enabled.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
`_current` is now functionally equals to `arch_curr_thread()`, remove
its usage in-tree and deprecate it instead of removing it outright,
as it has been with us since forever.
Signed-off-by: Yong Cong Sin <ycsin@meta.com>
Signed-off-by: Yong Cong Sin <yongcong.sin@gmail.com>
Add support for IP_LOCAL_PORT_RANGE socket option. The option
supports both IPv4 and IPv6 sockets although the type is IPPROTO_IP.
The option can be used to enforce the ephemeral port number selection
to be in certain range.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add IPV6_MTU IPv6 socket option and implement getsockopt() and
setsockopt() calls for the option.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add IP_MTU IPv4 socket option and implement getsockopt()
call for the option. The IP_MTU option does not support
setsockopt() call.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The sock_obj_core_dealloc() was not called if close() is called
instead of zsock_close(). This happens if POSIX API is enabled.
Fix this by calling zvfs_close() from zsock_close() and then
pass the socket number to zsock_close_ctx() so that the cleanup
can be done properly.
Reported-by: Andreas Ålgård <aal@ixys.no>
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
As the socket service API is currently used by mutiple applications
(dhcpv4 server, dns, telnet), it should be marked as unstable,
according to the docs:
https://docs.zephyrproject.org/latest/develop/api/api_lifecycle.html
Signed-off-by: Fin Maaß <f.maass@vogl-electronic.com>
remove k_work related code and change
the argument of the callback to `struct net_socket_service_event`.
Signed-off-by: Fin Maaß <f.maass@vogl-electronic.com>
CONFIG_ZVFS_POLL_MAX is now used to control the maximum number of poll()
entires. Thereby, CONFIG_NET_SOCKETS_POLL_MAX is redundant and shall
be deprecated.
Modify the defaults for NET_SOCKETS_POLL_MAX and ZVS_POLL_MAX so that
the deprecation actually makes sense instead of symbol removal. In case
the application still sets the old config, it will modify the
ZVS_POLL_MAX default.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Signed-off-by: Chris Friedt <cfriedt@tenstorrent.com>
Move the implementation of zsock_select() to zvfs_select(). This
allows other types of file descriptors to also make use of
select() functionality even when the network subsystem is not
enabled.
Additionally, it partially removes a dependency cycle between
posix and networking by moving functionality into a mutual
dependency.
Signed-off-by: Chris Friedt <cfriedt@tenstorrent.com>
Move the implementation of zsock_poll to zvfs_poll. This allows
other types of file descriptors to also make use of poll()
functionality even when the network subsystem is not enabled.
Additionally, it partially removes a dependency cycle between
posix and networking by moving functionality into a mutual
dependency.
Signed-off-by: Chris Friedt <cfriedt@tenstorrent.com>
msghdr_non_empty_iov_count() is used by TLS sockets too therefore should
be available regardless of native IP sockets being enabled or not.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Remove the `work_q` parameter from `NET_SOCKET_SERVICE_SYNC_DEFINE` and
`NET_SOCKET_SERVICE_SYNC_DEFINE_STATIC` as this feature was dropped
during review but the removal was not 100% complete.
Signed-off-by: Jordan Yates <jordan@embeint.com>
