Fix the CMakeLists of the tls_credentials and sockets folders
to link/interface to the net library instead of the zephyr library.
This fixes issues where some files are not found in the link interface
when compiling the sources in this folder.
Signed-off-by: Declan Snyder <declan.snyder@nxp.com>
In case underlying socket reported error while waiting for TX, the
errno value was not set accordingly. This commit fixes this.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Move the syscall_handler.h header, used internally only to a dedicated
internal folder that should not be used outside of Zephyr.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Moving the Zephyr specific config options from
modules/hostap/Kconfig to corresponding Kconfig where the
option is specified.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The writefds is typically set if there is an error while
waiting for example the connect() to finish. So check if
the user supplied the writefds and update it accordingly.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This allows IPv4 and IPv6 share the same port space.
User can still control the behavior of the v4-mapping-to-v6
by using the IPV6_V6ONLY socket option at runtime.
Currently the IPv4 mapping to IPv6 is turned off by
default, and also the IPV6_V6ONLY is true by default which
means that IPv4 and IPv6 do not share the port space.
Only way to use v4-mapping-to-v6 is to enable the Kconfig
option and turn off the v6only socket option.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
rand32.h does not make much sense, since the random subsystem
provides more APIs than just getting a random 32 bits value.
Rename it to random.h and get consistently with other
subsystems.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This adds a function k_object_is_valid() to check if a kernel
object exists, of certain type, and has been initialized.
This replaces the same (or very similar) code that has been
copied from kernel into the network subsystem.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Code using sys_csrand_get should depend on CONFIG_CSPRNG_ENABLED symbol
and not in ENTROPY_HAS_DRIVER since they are not using the entropy
device directly.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This commits adds support for the SO_REUSEPORT socket option.
The implementation follows the behavior of BSD and tries to also follow
the specific additional features of linux with the following
limitations:
* SO_REUSEADDR and SO_REUSEPORT are not "the same" for client sockets,
as we do not have a trivial way so identify a socket as "client"
during binding. To get the Linux behavior, one has to use SO_REUSEPORT
with Zephyr
* No prevention of "port hijacking"
* No support for the load balancing stuff for incoming
packets/connections
There is also a new Kconfig option to control this feature, which is
enabled by default if TCP or UDP is enabled.
Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
This commit adds support for the SO_REUSEADDR option to be enabled for
a socket using setsockopt(). With this option, it is possible to bind
multiple sockets to the same local IP address / port combination, when
one of the IP address is unspecified (ANY_ADDR).
The implementation strictly follows the BSD implementation and tries to
follow the Linux implementation as close as possible. However, there is
one limitation: for client sockets, the Linux implementation of
SO_REUSEADDR behaves exactly like the one for SO_REUSEPORT and enables
multiple sockets to have exactly the same specific IP address / port
combination. This behavior is not possible with this implementation, as
there is no trivial way to identify a socket to be a client socket
during the bind() call. For this behavior, one has to use the
SO_REUSEPORT option in Zephyr.
There is also a new Kconfig to control this feature similar to other
socket options: CONFIG_NET_CONTEXT_REUSEADDR. This option is enabled by
default if TCP or UDP are enabled. However, it can still be disabled
explicitly.
Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
Releasing the lock before notifying condvar led to a race condition
between a thread calling k_condvar_wait to wait for a condition variable
and another thread signalling for this same condition variable. This
resulted in the waiting thread to stay pending and the handle to it
getting removed from the notifyq, meaning it couldn't get woken up
again.
Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
In low memory conditions, its possible for socketpair memory allocation
to fail and then the socketpair is freed but after that the remote
semaphore is released causing a crash.
Fix this by freeing the socketpair after releasing the semaphore. Add a
test case to induce low memory conditions (low HEAP and high socketpair
buffer size), with the fix issue is not seen.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
The errors are printed in hex, but no prefix was used. This could be
confused with usual errno return values. The 0x prefix makes clear
that it's a hex value.
Also a missing minus sign is added to one log message.
Signed-off-by: Martin Jäger <martin@libre.solar>
Modify the signature of the k_mem_slab_free() function with a new one,
replacing the old void **mem with void *mem as a parameter.
The following function:
void k_mem_slab_free(struct k_mem_slab *slab, void **mem);
has the wrong signature. mem is only used as a regular pointer, so there
is no need to use a double-pointer. The correct signature should be:
void k_mem_slab_free(struct k_mem_slab *slab, void *mem);
The issue with the current signature, although functional, is that it is
extremely confusing. I myself, a veteran Zephyr developer, was confused
by this parameter when looking at it recently.
All in-tree uses of the function have been adapted.
Fixes#61888.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Make sure we use the network interface name (if configured)
instead of device name when binding to certain network
interface.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add TLS_DTLS_CID socket option, which enables to use the Connection ID
extension for the DTLS session.
The option provides control of the use of CID with the `setsockopt()`
function. The value provided can disable, enable, and control whether to
provide a CID to the peer. It uses a random self CID (if told to provide
one to the peer) unless TLS_DTLS_CID_VALUE set previously.
Add TLS_DTLS_CID_VALUE to get or set the CID sent to the peer, if any.
Add TLS_DTLS_PEER_CID_VALUE to get the CID value provided by the peer,
if any.
Add TLS_DTLS_CID_STATUS to determine if CID used, and whether
bidirectional or one way.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Signed-off-by: Pete Skeggs <peter.skeggs@nordicsemi.no>
getsockname() did not work properly on bound sockets, as it verified
whether the socket has an active connection before retuning result. This
is not correct, as socket after bound may not have a connection yet.
Fix this, by verifying that local_addr on an underlying net_context is
set, to determine whether socket has a local address assigned, before
returning result.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The previous patch to address race condition on STREAM sockets had a
side effect on DGRAM socket, where net_context_recv() is not only
installing recv callback, but also registering a connection at net_conn
level. Doing so before setting remote address first (which is done in
net_context_connect()) had an impact on the connected DGRAM socket
operation, which now accepted packets from any remote peer, and not only
the one socket was connected to.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The `ioctl()` interface is already supported by the network
subsystem but there was no `zsock_` interface available for it.
Add the `zsock_ioctl()` syscall.
Implement two somewhat commont ioctl requests for socket
file descriptors; namely
- `FIONBIO` set non-blocking I/O mode
- `FIONREAD` get the number of available bytes
In the process, added `net_pkt_ip_proto_hdr_len()`
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
In order to get a semi-accurate assessment of how many
bytes are available on a socket prior to performing a read,
BSD and POSIX systems have typically used
`ioctl(fd, FIONREAD, &avail)`
We can support this in Zephyr as well with little effort, so
add support for `socketpair()` sockets as an example.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Previously, if a net_context had multiple packets already in
the receive queue, and a call to zsock_recvfrom() was made with
a buffer large enough to receive content from multiple packets,
only the content from a single receive buffer would be received.
Since zsock_recvfrom() is a system call, which has a
non-negligible overhead, it makes sense to receive as many bytes
as possible per system call.
Add zsock_recv_stream_immediate() as a shorthand for
"fill this receive buffer with as many bytes as possible without
blocking". Allow nullable buffer parameters so that we can also
have a shorthand for "count how many bytes are immediately
available".
With minor refactoring, zsock_recv_stream_timed() is a simple
wrapper around zsock_recv_stream_immediate() that handles timing
and error conditions.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
When the protocol layer like TCP is blocking transmission, the socket
layer will attempt and wait for a maximum amount of time before returning
with an ENOBUFS error.
This change allows to set the maximum waiting time from the configuration
file instead of using a fixed 10 second value.
Signed-off-by: Sjors Hettinga <s.a.hettinga@gmail.com>
Updates NET_SOCKETS_TLS_MAX_APP_PROTOCOLS Kconfig option description to use
DTLS instead of DTL.
Signed-off-by: Daniel Mangum <georgedanielmangum@gmail.com>
When the target board does not have heap by default, allows
statically reserving the space for required socketpairs.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
This adds a few line use zephyr_syscall_header() to include
headers containing syscall function prototypes.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
In order to allow the TLS accept() call to be interrupted, it should
release the top-level TLS socket mutex before blocking. As the
underlying TCP accept() makes no use of TLS resources, and has its own
mutex protection, it should be safe to do so.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The accept() so far would block with mutex held, making it impossible to
interrupt it from another thread when the socket was closed.
Fix this, by reusing the condvar mechanism used for receiving. It's OK
to use the same routine, as underneath accept() is monitoring the same
FIFO as recv().
Additionally, simplify k_fifo_get() handling in accept() - as the
waiting now takes place on condvar, it can be used in a non-blocking
manner. Blocking accept() call should not reach this place if there's no
new incoming connection waiting on the FIFO.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Installing recv callback with net_context_recv() after
net_context_connect() left an opening for a possible race - in case the
server send some data immediately after establishing TCP connection, and
Zephyr did not manage to install the callback on time, the data would be
lost, corrupting the stream.
This can be avoided, by installing the recv callback before the
connection is triggered. As net_context_recv() called w/o timeout only
registers the callback function, it should have no negative impact. The
only change on the TCP side is when the connection is closed - in case
TCP is in connect stage, do not call the recv callback (before this
change it'd be NULL at that point).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case recv() call was waiting for data, and the socket was closed from
another thread, the recv() call would not be interrupted, causing the
receiving thread to be blocked indefinitely.
Fix this, by signalling the condvar the recv() call is waiting on
close(). Additionally, close will now set the socket into error mode,
with EINTR as the error condition, allowing the blocked calls to
recognise that the call was interrupted, and return a proper error code
on the event.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Until now iterable sections APIs have been part of the toolchain
(common) headers. They are not strictly related to a toolchain, they
just rely on linker providing support for sections. Most files relied on
indirect includes to access the API, now, it is included as needed.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
