Made the definition of in_addr all_routers conditional to remove
compiler warning:
warning: 'all_routers' defined but not used [-Wunused-const-variable=]
The warning occurs when igmpv3 is enabled.
Signed-off-by: Ibe Van de Veire <ibe.vandeveire@basalte.be>
The help text was incorrect, we return -ETIMEDOUT instead
of -ECONNRESET when retransmission timeout occurs.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
__bswap_ in zephyr/sys/byteorder.h conflicts with __bswap_ in host's
byteswap.h. byteswap.h from host compiler used in posix_native_64 boards
causes a compilation issue.
This commit renames __bswap_ to BSWAP_ to prevent collision.
Before this commit a compilation error can be created by adding #include
<byteswap.h> to samples/net/sockets/echo/src/socket_echo.c
This does not change external API to byteorder.h, but does change
internal implementation which some other source files depend on.
Replaced manual byteswap operations in devmem_service.c with APIs from
byteorder.h which automatically converts to CPU endianess when necessary.
Fixes#44324
Signed-off-by: Jonathan Hamberg <jonathanhamberg@gmail.com>
Add a function callback that is called when the TCP connection
is closed. This is only available if doing network tests.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The FIN timer was not set when we entered the FIN_WAIT_1 state.
This could cause issues if we did not receive proper packets
from peer. With this fix, the connection is always terminated
even if peer does not respond.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If we are in a passive close state, then it is possible that
the ack we are waiting is lost or we do not accept the one peer
sent to us because of some earlier out of memory issue.
So install a timer (using by default the FIN timer value) to
close the connection if the last ack is not received on time.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If we receive a IPv4 packet to v4 mapped address, the relevant
net_context is bound to IPv6. This causes issues if we try
to get the family from the context struct in sendto.
Fix this by checking if the destination address is IPv4 but
the socket is bound to IPv6 and v4 mapping is enabled.
If all these criterias are set, then set the family of the
packet separately and do not get it from net_context.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Any received address is no longer valid once the interface goes down.
Leaving the address assigned results in the L4 interface transitioning
through the following on reconnection:
UP: Interface is connected
DOWN: Old address is removed by DHCP
UP: New address is re-added by DHCP
Signed-off-by: Jordan Yates <jordan.yates@data61.csiro.au>
If we receive a packet where the source address is our own
address, then we should drop it.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If we receive a packet from non localhost interface, then
drop it if either source or destination address is a localhost
address.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Zephyr does not support MLDv1 (which has a shorter header than MLDv2),
and this resulted in log errors being printed on header access if MLDv1
queries were received. Since receiving such packet is not really an
error, just drop it silently.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case one of the networking shell backends is enabled, net arp command
could potentially trigger a deadlock, as it locks the ARP mutex before
TCP connection mutex, while TCP stack could do this in reverse order
(for instance when sending ACK or retransmission).
Mitigate this, by forcing a separate TX thread in such case, so that ARP
mutex is no longer accessed with TCP mutex locked.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
It is pointless to take net interface up if the underlaying
device is not ready. Set also the interface status properly
in this case.
Fixes#65423
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Calling the registered receive callback when releasing TCP context
doesn't make sense, as at that point the application should've already
closed the associated socket (that's one of the conditions for the
context to be released). Therefore, remove the pointless receive
callback call, while keeping the loop to unref any leftover data packets
(although again, I don' think there should be any packets left at that
point, as they're all consumed in tcp_in()).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
While improving thread safety of the TCP stack I've introduced a
possible deadlock scenario, when calling tcp_conn_close() in tcp_in().
This function shall not be called with connection mutex locked, as it
calls registered recv callback internally, which could lead to deadlock
between TCP/socket mutexes.
This commit moves the tcp_conn_close() back where it was originally
called. I've verified that the thread safety is still solid with the
test apps used originally.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add empty macro for net_if_mon functions if they are not otherwise
defined, like the other functions in the net_if.c file have.
Signed-off-by: Declan Snyder <declan.snyder@nxp.com>
The number of Kconfig options for the TCP stack grew considerably,
therefore it makes sense to move them to a separate file not to bloat
the Kconfig file with generic networking options.
Take this opportunity to reorder TCP options, so that protocol
parameters (timings/buffer sizes) are not mixed up with optional
protocol features (fast retransmit/congestion avoidance etc.).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
When a TCP connection is established, if there is no data exchange
between the two parties within the set time, the side that enables
TCP Keep-alive will send a TCP probe packet with the same sequence
number as the previous TCP packet. This TCP probe packet is an empty
ACK packet (the specification recommends that it should not contain
any data, but can also contain 1 nonsense byte, such as 0x00.). If
there is no response from the other side after several consecutive
probe packets are sent, it is determined that the tcp connection has
failed, and the connection is closed.
The keep-alive default parameters are aligned with Linux defaults.
Signed-off-by: Horse Ma <mawei@coltsmart.com>
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add Kconfig choice for the user to select how Network Events are
handled. It's own thread, the system work queue or synchronous when
events are emitted.
By default a separate thread is created to be backwards compatible.
Signed-off-by: Pieter De Gendt <pieter.degendt@basalte.be>
Iterating over connection list w/o mutex lock could lead to a crash on
constant incoming packet flow. Fix this by:
1. Adding mutex lock when iterating over an active connection list, to
prevent list corruption.
2. Create a copy of the callback and user data pointers before releasing
lock, to prevent NULL pointer dereference in case connection is
released before callback is executed.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Eliminate race between TCP input thread and TCP work queue, when
dereferencing connection. This normally would not manifest itself during
standard TCP operation, but could be a potential opening for abuse, when
the already closed TCP connection is kept being spammed with packets.
The test scenario involved sending multiple TCP RST packets as a
response to establishing the connection, which could result in system
crash. The following changes in the TCP stack made it stable in such
scenario:
1. Use `tcp_lock` when searching for active connections, to avoid
potential data corruption when connection is being removed when
iterating.
2. Avoid memset() during connection dereference, not to destroy mutex
associated with the connection. The connection context is only
cleared during allocation now.
3. Lock the connection mutex while releasing connection.
4. In tcp_in(), after locking the mutex, verify the connection state,
and quit early if the connection has already been dereferenced.
5. When closing connection from the TCP stack as a result of RST or
malformed packet, verify connection state to make sure it's only done
once, even if multiple RST packets were received.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Silently drop the IPv6 Neighbor Advertisement if we receive it
for an unknown neighbor or if there some some issue in the packet.
Returning error here would cause the ICMP module to print an
actual error which just pollutes the log without any apparent
benefit.
Fixes#66063
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
* Check IPv4 TTL or IPv6 hop limit and drop the packet if
the value is 0
* Check the IP addresses so that we do the loopback check
at runtime if the packet is destined to loopback interface.
* Update the statistics properly for dropped packets.
* Do not update sent packets if we drop packets.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The IPv4 TTL could only manipulated via net_context interface.
It makes sense to allow the same from socket interface via
the setsockopt/getsockopt calls.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The net_if_ipv6_set_hop_limit() API was missing the "_if_"
part in it. Fix this so that the network interface API is
consistent. The old function is deprecated and should not
be used. The old function is left to the code and it calls
the new properly named function.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
When interface names are enabled, a default name is applied
after initialization. Unintuitively, this overwrites any name that is
set during the net_if init.
This change sets a default name first, and then allows net_if
init to overwrite that default name if it chooses to.
Signed-off-by: Noah Luskey <noah@silvertree.io>
Signed-off-by: Noah Luskey <LuskeyNoah@gmail.com>
Fix two issues with sending ICMP Echo Reply for requests sent for
multicast address:
* Use the originator IP address instead of multicast when selecting
source address for the reply
* In case no address match is found, drop the packet, instead of
replying with unspecified address.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Fix the possible race between TCP work items already scheduled for
execution, and tcp_conn_unref(), by moving the actual TCP context
releasing to the workqueue itself. That way we can be certain, that when
the work items are cancelled, they won't execute. It could be the case,
that the work item was already being processed by the work queue, so
clearing the context could lead to a crash.
Remove the comments around the mutex lock in the work handlers regarding
the race, as it's not the case anymore. I've kept the locks however, as
they do make sense in those places.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
If some specific option is not enabled, then add missing
ARG_UNUSED() calls in relevant functions.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Set separate option setters for bool, uint8_t and uint16_t
values. Use those generic setters when storing the desired
option value.
The uint16_t option setter stores the value to uint16_t variable
and expects that user supplies int value.
For uint8_t value, it is expected that uint8_t value is supplied
instead of int.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Set separate option getters for bool, uint8_t and uint16_t
values. Use those generic getters when fetching the desired
option value.
Noticed mixed usage (bool vs int) for txtime option. Changed
the code to use int type like in other options.
The uint16_t option getter gets the value from uint16_t variable
but returns int value to the caller, and also expects that user
supplies int value.
For uint8_t value, it is expected that uint8_t value is supplied
instead of int.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add low level support for setting IP_PKTINFO or IPV6_RECVPKTINFO
socket options. The support is disabled by default.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Added igmpv3 support based on the already existing structure for igmpv2.
The already existing api is not modified to prevent breaking exisiting
applications.
Signed-off-by: Ibe Van de Veire <ibe.vandeveire@basalte.be>
Added igmpv3 checksum function to make it possible to calculate the
checksum of a complete igmpv3 pkt at once.
Signed-off-by: Ibe Van de Veire <ibe.vandeveire@basalte.be>
Otherwise, if the application was for example blocked on poll() pending
POLLOUT, it won't be notified.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Rework how data is queued for the TCP connections:
* net_context no longer allocates net_pkt for TCP connections. This
was not only inefficient (net_context has no knowledge of the TX
window size), but also error-prone in certain configuration (for
example when IP fragmentation was enabled, net_context may attempt
to allocate enormous packet, instead of let the data be fragmented
for the TCP stream.
* Instead, implement already defined `net_tcp_queue()` API, which
takes raw buffer and length. This allows to take TX window into
account and also better manage the allocated net_buf's (like for
example avoid allocation if there's still room in the buffer). In
result, the TCP stack will not only no longer exceed the TX window,
but also prevent empty gaps in allocated net_buf's, which should
lead to less out-of-mem issues with the stack.
* As net_pkt-based `net_tcp_queue_data()` is no longer in use, it was
removed.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add new function to allocate additional buffers for net_pkt, w/o any
additional preconditions/checks. Just allocate what was requested.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Verify the return value of net_pkt_skip() function, in case the parser
ignores the unrecognized options, so that in case the option was
malformed and the actual provided option length exceeds the packet
length, it is recognize (net_pkt_skip() should fail then).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add a helper macro that can be used at runtime to return
the number of network interfaces in the system.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Allow user to bind to different network interface. This is
useful if binding a multicast address to a certain network
interface.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
A recent iface lock removal in ed17320c3d
exposed issues with concurrent access on TX to drivers that are not
re-entrant.
Reverting that commit does not really solve the problem, as it would
still exist if multiple Traffic Class queues are in use.
Therefore, introduce a separate mutex for TX data path, protecting the
L2/driver from concurrent transfers from several threads.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
