If we receive IPv4 packet where source address is unspecified
(all zeros), then we need to drop it.
Fixes#17427
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Make sure we are able to receive UDP packets with broadcast
destination address. If CONFIG_NET_IPV4_ACCEPT_ZERO_BROADCAST
is set, then check here also non-standard broadcast address
that is described in RFC 1122 chapter 3.3.6.
Fixes#11617
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The "is this packet for us?" filter in net_ipv4_input() has a minor
logic error which fails to discard many packets which are.. not for us.
Fixes: #14647
Signed-off-by: Charles E. Youse <charles.youse@intel.com>
Since the new packet flow came in, payload comes at the end so udp
length for instance is known only when we "finalize" the packet.
However such finalization was still under the condition of chksum
offload, like it used to be in the former flow (udp headers were
inserted). This is obviously wrong but that was not caught with
existing driver in master as none of these drivers offloading
chksum calculation.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Now that legacy - and unrelated - function named net_pkt_get_data has
been removed, we can rename net_pkt_get_data_new relevantly.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
IPv4 header might come with options, unlike IPv6, these are not
encapsulated in option header but are fully part of the IPv4 header.
Zephyr must handles these. Now silently ignoring their content and
setting the cursor to the payload properly.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
It is now unused anywhere: former net_pkt_get_src/dst_addr where the
only one using it and that has been changed since.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Though these are currently used by the core only, it will be then used
by net_context as well. This one of the steps to get rid of net_pkt's
appdata/appdatalen attributes.
Also normalizing all ip/proto parameters name to ip_hdr and proto_hdr.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Only next to be removed functions like net_tcp_set_checksum() are left
untouched. All the rest is switched.
Adding net_tcp_finalize() to follow the same logic as for UDP and else.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
This is meant to remove the need for macro NET_IPV4_HDR(), since we
don't know in future if accessing the header that way will be valid.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Function names will be normalized then by the couple create/finalize.
This one only sets the checksum.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
As before, such header is meant to be in a contiguous area (beginning
of the buffer, only 20 bytes)
Opportunistically chaning the function name to net_ipv4_input() (all
will be create/finalize/input).
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
This API is meant to work with pre-allocated net_pkt.
It assumes net_pkt's buffer cursor is at the right position where to
create the IPv4 header. Once done, the cursor will be placed right
after the newly created IPv4 header.
Finalizing assumes the same.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
All IPv4 destination address related drop reasons in one place.
This helps also to have one unique call of net_conn_input().
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Remove network specific default and max log level setting
and start to use the zephyr logging values for those.
Remove LOG_MODULE_REGISTER() from net_core.h and place the
calls into .c files. This is done in order to avoid weird
compiler errors in some cases and to make the code look similar
as other subsystems.
Fixes#11343Fixes#11659
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
IPv4, ICMPv4/6, UDP, TCP: all checksums are meant to be one's complement
on a calculated sum. Thus return one's complement already from the right
place instead of applying it in each and every place where
net_calc_chksum is called.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
1. Clarify message telling that the actual packet length fed by the
driver differs from what specified in IPv4 header, and that leads to
drop.
2. Debug log any dropped packets in general.
These changes come from the experience of developing a networking
driver, where figuring out why packets get dropped may require
quite a head-scratching.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
If we receive extra data at the end of the IP message, then
discard that data and accept the packet.
Fixes#11649
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
As per RFC1112 sec 6.2 "A host group address must never be
placed in the source address field or anywhere in a source
route or record route option of an outgoing IP datagram."
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Unify the function naming for various network checking functions.
For example:
net_is_ipv6_addr_loopback() -> net_ipv6_is_addr_loopback()
net_is_my_ipv6_maddr() -> net_ipv6_is_my_maddr()
etc.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If we receive an IPv4 that has broadcast destination address, then
properly handle it.
This means that for
* ICMPv4, if CONFIG_NET_ICMPV4_ACCEPT_BROADCAST is set (this is the
default value) and we receive echo-request then accept the packet.
Drop other ICMPv4 packets.
* TCP, drop the packet
* UDP, accept the packet if the destination address is the broadcast
address 255.255.255.255 or the subnet broadcast address.
Drop the packet if the packets broadcast address is not in our
configured subnet.
In sending side, make sure that we do not route broadcast address
IPv4 packets back to us. Also set Ethernet MAC destination address
properly if destination IPv4 address is broadcast one.
Fixes#10780
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Cache the used transport protocol in net_pkt. This way we can
avoid traversing IP header to get the last protocol in network
packet. This is mostly an issue in IPv6 which can have a long
list of extension headers after IPv6 header and before the
transport protocol header.
Fixes#10853
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
As the debugging print calls are async, all the strings that might
be overwritten must use log_strdup() which will create a copy
of the printable string.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Instead of one global log level option and one on/off boolean
config option / module, this commit creates one log level option
for each module. This simplifies the logging as it is now possible
to enable different level of debugging output for each network
module individually.
The commit also converts the code to use the new logger
instead of the old sys_log.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Refactor usage of net_sprint_ip*() where multiple
invocations are needed per single log call.
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
Instead of waiting forever for a network buffer, have a timeout
when allocating net_buf. This way we cannot left hanging for a
long time waiting for a buffer and possibly deadlock the system.
This commit only adds checks to core IP stack in subsys/net/ip
Fixes#7571
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Instead of reading or writing different icmpv4 header's individual
variables, better to read or write whole struct at a time. This
minimizes the calls to net_frag_read() or net_frag_write().
changes also removed slow and fast paths. Changes should optimize
the total flow.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Reduces the logic as well as the ipv4 header checksum needs to be
computed either way.
Fixes#8720
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Similar to UDP, some drivers can make use of the following functions:
net_tcp_get_hdr()
net_tcp_set_hdr()
Let's expose them as <net/tcp.h> and change all internal references
to "tcp_internal.h".
Signed-off-by: Michael Scott <michael@opensourcefoundries.com>
Instead of one global statistics, collect statistics information
separately for each network interface. This per interface statistics
collection is optional but turned on by default. It can be turned
off if needed, in which case only global statistics are collected.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Instead of always allocating both IPv6 and IPv4 address information
to every network interface, allow more fine grained address
configuration. So it is possible to have IPv6 or IPv4 only network
interfaces.
This commit introduces two new config options:
CONFIG_NET_IF_MAX_IPV4_COUNT and CONFIG_NET_IF_MAX_IPV6_COUNT
which tell how many IP address information structs are allocated
statically. At runtime when network interface is setup, it is then
possible to attach this IP address info struct to a specific
network interface. This can save considerable amount of memory
as the IP address information struct can be quite large (depends
on how many IP addresses user configures in the system).
Note that the value of CONFIG_NET_IF_MAX_IPV4_COUNT and
CONFIG_NET_IF_MAX_IPV6_COUNT should reflect the estimated number of
network interfaces in the system. So if if CONFIG_NET_IF_MAX_IPV6_COUNT
is set to 1 and there are two network interfaces that need IPv6
addresses, then the system will not be able to setup IPv6 addresses to
the second network interface in this case. This scenario might be
just fine if the second network interface is IPv4 only. The net_if.c
will print a warning during startup if mismatch about the counts and
the actual number of network interface is detected.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
