Add system calls for the zsock implementations of socket,
close, bind, connect, listen, accept, sendto, recvfrom,
fcntl, poll, inet_pton, and getaddrinfo.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Make TLS poll function verify if decrypted data is available after
socket has notified activity with POLLIN flag. This prevents from giving
false notifications in case data was received on socket but was consumed
by mbedTLS.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add write-only socket option to set role for DTLS connection. This
option is irrelevant for TLS connections.
This options accepts and integer with a TLS role, compatible with
mbedTLS values:
0 - client,
1 - server.
By default, DTLS will assume client role.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
If the driver has created start() and stop() functions, then those
are called when ethernet L2 is enabled or disabled.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The ethernet sending routine sent a corrupted ARP packet instead
of the actual IPv4 packet.
Fixes#9348
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
No need to inline the net_if_ipv6_addr_lookup_by_iface() function
as it is used multiple times in ipv6.c
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Add a function which returns proper network interface to send either
IPv4 or IPv6 network packet to corresponding destination address.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Add a function that will return the network interface that would
be used when sending a IPv6 network packet to specific IPv6 destination
address.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
For example for Bluetooth IPSP, it is not needed to join solicited
node multicast group address.
From https://tools.ietf.org/html/rfc7668#section-3.2.2 :
"""
There is no need for 6LN to join the solicited-node multicast address,
since 6LBR will know device addresses and hence link-local addresses
of all connected 6LNs.
"""
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The LLDP protocol defines 2 separate agents, the Transmitters and
the Receivers. For the context of Zephyr, we are only interested in
the Tx agent, thus we drop any LLDP frames received by Zephyr.
LLDP frames are basically composed by an ethernet header followed by
the LLDP Protocol Data Unit (LLDPDU). The LLDPDU is composed by several
TLVs, some of them being mandatory and some optional.
Our approach here is having TLVs fully configured from Kconfig, thus
having the entire LLDPDU constructed on build time.
The commit adds NET_ETH_PTYPE_LLDP definition and related handling.
If CONFIG_NET_LLDP is enabled then ethernet_context has a pointer to
the struct net_lldpdu that belongs to that ethernet interface. Also
when CONFIG_NET_LLDP is enabled, the LLDP state machine will start to
send packets when network interface is coming up.
Currently the LLDP state machine is just a k_delayed_work() sending the
LLDPDU at a given period (defined by CONFIG_NET_LLDP_TX_INTERVAL).
Fixes#3233
Signed-off-by: Jesus Sanchez-Palencia <jesus.sanchez-palencia@intel.com>
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This change moves the logic for linearize and append_bytes from
the net_pkt sources into the net_buf sources where it can be
made available to layers which to not depend on net_pkt. It also,
adds a new net_buf_skip() function which can be used to iterated
through a list of net_buf (freeing the buffers as it goes).
For the append_bytes function to be generic in nature, a net_buf
allocator callback was created. Callers of append_bytes pass in
the callback which determines where the resulting net_buf is
allocated from.
Also, the dst buffer in linearize is now cleared prior to copy
(this was an addition from the code moved from net_pkt).
In order to preserve existing callers, the original functions are
left in the net_pkt layer, but now merely act as wrappers.
Signed-off-by: Michael Scott <mike@foundries.io>
This are all the parameters defined by the standard (12.21.1).
Additionally the parameters that are read-only are validated in the
ethernet_set_config callback.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
Best Effort is the default priority with the assigned value of 0, but
Background is the lowest priority with the assigned value of 1.
Ref: IEEE 802.1Q, Chapter I.4, Table I-2.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
Allows ethernet drivers to provide vendor specific statistics
and details in the form of key-value pairs with the name of
the staticstic and its value.
The new string tables will be behind a new config:
NET_STATISTICS_ETHERNET_VENDOR
Suggested-by: Jukka Rissanen <jukka.rissanen@intel.com>
Signed-off-by: Jonathan Yong <jonathan.yong@intel.com>
There are too many individual requests for Qav related parameters. There
are more Qav parameters that need to be supported (and will be supported
soon - both on the GET and SET side). Handling it the way it was handled
so far would render the eth mgmt API dominated by Qav parameters. That
would make the file hard to read and understand.
Instead of that - use a single GET and SET requests for all Qav
parameters. This works by adding a separate enum with Qav request type
to the ethernet_qav_param struct.
Additionally this approach makes it much easier to document it all since
we now have just a single request and documentation comments in the
ethernet_qav_param struct.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
Add calls responsible for getting and setting on/off status of Qav on
capable priority queues.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
Add basic IPv4 Link Local support as described in RFC 3927.
Signed-off-by: Matthias Boesl <matthias.boesl@gmail.com>
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Some Ethernet devices can filter out incoming packets through a list of
valid MAC addresses, so let's add a way to expose this capability, using
it through the ethernet device API.
Fixes#7596
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
This makes use of the get_config callback added to the Ethernet API.
For now the only parameter to get is the number of available priority
queues.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
This callback will be used to get HW specific configuration that cannot
be accessed through L2 directly.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
This reduces memory overhead on net_if_dhcpv4: 16 bytes vs 120 bytes
before. This might proove to be beneficial when there are many network
interface.
dhcpv4 ROM consumption is now 2132 bytes vs 4224 (many switches removed)
Fixes#8727
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Add write only TLS secure option to set peer verification level for
TLS connection.
This option accepts an integer with a peer verification
level, compatible with mbedtls values (0 - none, 1 - optional, 2 -
required.
By default, socket mimics mebdTLS behavior - (none for server, required
for client).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add TLS secure socket option to read a ciphersuite chosen during TLS
handshake. Might be useful during development.
This is a read-only option that returns an integer containing an
IANA assigned ciphersuite identifier of chosen ciphersuite.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add TLS secure socket option that enables to narrow list of ciphersuites
available for TLS connection.
This option accepts an array of integers with IANA assigned ciphersuite
identifiers and returns such.
By default, every statically configured ciphersuite is available for a
socket and getsockopt returns an array of these.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add write-only TLS secure socket option to set hostname.
This option accepts a string containing the hostname. May be NULL, to
disable hostname verification.
By default, an empty string is set as a hostname for TLS clients,
to enforce hostname verification in mbedTLS.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add TLS secure socket option to select TLS credentials to use.
This option accepts and returns an array of sec_tag_t that indicate
which TLS credentials should be used with specific socket.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add TLS credential management subsystem that enables to register TLS
credentials in the system. Once specific credentials are registered in
the system, they will be available for TLS secure sockets to use.
To use a TLS credential with a socket, the following steps have to be
taken:
1. TLS credential has to be registered in a system-wide pool, using the
API provided in "net/tls_credentials.h" header file.
2. TLS credential (and other TLS parameters) should be set on a socket
using setsockopt().
Note, that there is no need to repeat step 1 for different sockets using
the same credentials. Once TLS credential is registered in the system,
it can be used with mulitple sockets, as long as it's not deleted.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Move struct members around in networking code so that we avoid
unnecessary holes inside structs. No functionality changes by
this commit.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Allow user to set the network interface into promiscuous mode
and then receive all the network packets that are received by
that interface.
Fixes#7595
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
User is able to set the network interface to promiscuous mode
and query the promisc mode status.
Note that currently this is only supported for ethernet bearer.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This allows network stack headers to be included even if
no L3 networking support is enabled in Kconfig.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Current implementation does not handle large extension headers
(e.g HBHO). Which resulted network stack crashes or due to
misinterpretation of lengths network packets are dropped. Also
caused issues while preparing IPv6 packet (e.g. large HBHO header
with IPv6 fragmentation support).
Issues fixed and provided more unit tests.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
The advantage to this approach allows drivers for
devices that already keep statistics data on hardware
registers to use those instead, rather than try to
replicate it the same counters again within the driver
itself.
The eth_native_posix.c driver though do not benefit
from this, is modified to use the new callback system.
Suggested-by: Jukka Rissanen <jukka.rissanen@intel.com>
Signed-off-by: Jonathan Yong <jonathan.yong@intel.com>
The wifi_winc1500 driver's socket id is stored in
net_context->user_data, which may be overwritten later at
the socket layer, which also uses the net_context->user_data
field to store socket flags.
This patch introduces a dedicated offload_context field
for use by offload drivers, and updates the wifi_winc1500 offload
driver to use this field instead of user_data.
Fixes#8820
Signed-off-by: Gil Pitney <gil.pitney@linaro.org>
LwM2M engine now supports optional resources that may need to be
setup or torn down in user-based code during object instance
creation / deletion.
Let's provide callbacks that can be used for this purpose.
Signed-off-by: Michael Scott <mike@foundries.io>
Let's rename lwm2m_engine_exec_cb_t to lwm2m_engine_user_cb_t so that
future user-code callbacks can make use of the same definition.
Signed-off-by: Michael Scott <mike@foundries.io>
Add tls_context structure that stored data required by TLS socket
implementation. This structure is allocated from global pool during
socket creation and freed during socket closure.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add switch to a socket layer that will enable switching socket API to
TLS secure sockets. At this point there is no secure sockets
implementation, so secure socket calls redirect to regular socket calls.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
