Having a checksum of zeros in UDP means "missing checksum" and is a
valid case as per RFC 768:
"An all zero transmitted checksum value means that the transmitter
generated no checksum (for debugging or for higher level protocols
that don't care)."
Such support is made possible by adding a new Kconfig option named
CONFIG_NET_UDP_MISSING_CHECKSUM.
However, that is valid only for IPv4. For IPv6, see the RFC 2460
section 8.1:
"Unlike IPv4, when UDP packets are originated by an IPv6 node, the UDP
checksum is not optional."
So the UDP checksum will always be verified in IPv6.
Fixes#16375
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
From RFC 768, in "Fields":
"If the computed checksum is zero, it is transmitted as all ones"
Fixes#16379
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Do not always print general help for ping cmd. Only if user supplies
'-h' or '--help' command, print information about the parameters.
After this the generated HTML documentation looks better for the
ping command.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The net_if_ipv4_select_src_addr() should return global address
in the interface if nothing else is being found.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Let's filter out on a state parameter.
There is no impact as this function is not used anywhere yet.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
If we receive a multicast ICMPv4 packet, then send the reply back
with correct source address and not with multicast address.
Fixes#16257
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Make sure we are able to receive UDP packets with broadcast
destination address. If CONFIG_NET_IPV4_ACCEPT_ZERO_BROADCAST
is set, then check here also non-standard broadcast address
that is described in RFC 1122 chapter 3.3.6.
Fixes#11617
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Libraries that use mbedTLS have been invoking
zephyr_link_interface(mbedTLS). It is not clear what the intent of
this code has been, but it is redundant with the mbedTLS build
scripts, so it can be safely removed.
In addition to being redundant, it causes problems as it introduces an
ordering dependency, with this code mbedTLS must be declared before
users of mbedTLS are declared. Since this code is redundant, this
ordering dependency is also unnecessary.
This code is believed to have been added early on by accident and
copied through cargo-cult programming since.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Calling functions like `net_if_start_dad`, `join_mcast_nodes` or
`net_if_start_rs` lead to L2 API function calls, which is not correct
for offloaded interfaces and leads to a crash. This is especially
problematic, as they are called in the default configuration.
Avoid calling these functions while an offloaded interface is brought up
by adding extra jump label.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case socket offloading is used, one might want to disable native IP
stack, both IPv4 and IPv6, to save memory. Currently it is not possible
due to preprocessor check. Prevent that by adding additional exception
for socket offloading.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
It is possible that the device driver API pointer is null.
For example if the device driver returns an error, the device
code will make the API pointer NULL so that the API would not
be used. This can cause errors in networking code where we
typically do not check the NULL value.
Fixes#15003
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
- renaming functions to better names
- reordering functions place (register, then unregister for instance)
- centralizing logs to relevant place
Fixes#8722
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Also, there is no need for unspecified address bit. If specified address
bit is not set, then it will be obvious address is unspecified. Reducing
the amount of bits from 6 to 4.
This permits to reduce net_conn structure of 4 bytes. Its size is as
before indroducing node attribute.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
This will optimize path when unused an connection is required or when
looking up a used one.
That said, at this stage, it bloats up the net_conn structure with 4
added bytes. More optimization will overcome this drawback.
Fixes#8722
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Most of present #ifdef can be removed via using IS_ENABLED() macro.
Only small part of cache related logic still require #ifdef.
Fixes#8722
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
There were various flaws in it that motivated its removal:
- No hash collision handling mechanism. In case that would happen, the
behavior of the network connection would be unknown. This is the main
drawback
- The lookup is not that much more efficient than the default one. The
only difference of gain is in connection comparison (a u32t comparison
vs a full connection compare). But the list handling is the same. It's
made worse by the presence of a negatives match array which can be
easily filled in and becomes then fully usless, appart from consuming
CPU. As well as adding a new connection: it requires the whole cache
to be cleared which is unefficient.
- Not memory efficient, even compared to a proper hash table.
Two arrays instead of one etc...
All of this could be fixed by using a proper hash table, though it
remains to be seen if such object could fit in Zephyr core.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
During net_pkt/net_context API changes, some ip handling blocks were
ordered ipv4 first, ipv6 second. While it is the contrary everywhere
else. So reordering to get things consistent.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
- Not all #ifdef can be removed: those which have a dedicated attribute
in struct net_context.
- For CONFIG_NET_CONTEXT_CHECK: switching the NET_ASSERT_INFO to
NET_DBG (simpler to read and anyway an error code is returned)
Fixes#8725
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
If the loopback driver is enabled, then the packet might come
from localhost in which case mark it properly. Without this marking
the packet from/to 127.0.0.1 or ::1 would be dropped in later checks.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Allow for including arbitrary data in net_icmpv6_send_echo_request()
that will be echoed verbatim by the receiver.
This allows to use ICMP echo for diagnostic use cases, e.g. by testing
packet framentation (large payload) or measuring round-trip-time.
Signed-off-by: Benjamin Valentin <benjamin.valentin@ml-pa.com>
Allow for including arbitrary data in net_icmpv4_send_echo_request()
that will be echoed verbatim by the receiver.
This allows to use ICMP echo for diagnostic use cases, e.g. by testing
packet framentation (large payload) or measuring round-trip-time.
Signed-off-by: Benjamin Valentin <benjamin.valentin@ml-pa.com>
Allow accessing already parsed information from the ICMP header
that callbacks might be interested in.
This makes the callback signature and behaviour match that of
the ICMPv6 implementation.
Signed-off-by: Benjamin Valentin <benpicco@googlemail.com>
We need to re-initialize the trickle->timer delayed work to use
trickle_timeout() if there are multiple triggerings.
Fixes#15606
Signed-off-by: ling wei <lingwei@cisco.com>
If the NET_IF_NO_AUTO_START network interface flag is set, then
do not take network interface up during the initialization of the
network interface. The network device driver can set the flag in its
network interface initialization function if needed.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Provide access functions for manipulating network interface flags.
There is no need for the caller of this API to know about the inner
details of the flags.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The source address in unicast DHCPv4 Request packets was found out
to be all zeros address 0.0.0.0. This address is only acceptable if
the destination is a multicast one, where the host in question is
acquiring a DHCP address lease. This is true for the DHCP Discover
and the initial DHCP Request message from the client towards the
server. As subsequent DHCP Request renewal messages are sent as
unicast to the server, the server will drop such packets.
Fix this issue by explicitely specifying what source IP address is
to be used, if none is specified, the all zeros address 0.0.0.0 is
used in multicast addresses. The source address in the other
unicast cases is identical to the 'ciaddr' in the DHCP message.
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
Increase the default mgmt event stack size from 512 to 768 because of
stack overflows.
Signed-off-by: Alexander Wachter <alexander.wachter@student.tugraz.at>
Update the files which contain no license information with the
'Apache-2.0' SPDX license identifier. Many source files in the tree are
missing licensing information, which makes it harder for compliance
tools to determine the correct license.
By default all files without license information are under the default
license of Zephyr, which is Apache version 2.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
This macro is slated for complete removal, as it's not possible
on arches with an MPU stack guard to know the true buffer bounds
without also knowing the runtime state of its associated thread.
As removing this completely would be invasive to where we are
in the 1.14 release, demote to a private kernel Z_ API instead.
The current way that the macro is being used internally will
not cause any undue harm, we just don't want any external code
depending on it.
The final work to remove this (and overhaul stack specification in
general) will take place in 1.15 in the context of #14269Fixes: #14766
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Rename reserved function names in the subsys/ subdirectory except
for static _mod_pub_set and _mod_unbind functions in bluetooth mesh
cfg_srv.c which clash with the similarly named global functions.
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
Rename reserved function names in drivers/ subdirectory. Update
function macros concatenatenating function names with '##'. As
there is a conflict between the existing gpio_sch_manage_callback()
and _gpio_sch_manage_callback() names, leave the latter unmodified.
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
DNS is not part of L3, but as dhcpv4 or the net shell, it is a services
on top of the network stack. So let's gather all in a dedicated
function.
This also rework the order when starting the DNS service. There was an
issue for offload device: these would be fully initialized in
init_rx_queues() which was called after l3_init. l3_init had already
started dns: which would not be able to bind correctly, proving to be
fully dead afterwards. Instead, starting the dns at the very end
ensures that all is initialized properly from devices to stack.
Fixes#15124
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
With or without options headers it has to work. Currently it was
setting always hop-by-hop next header which is obviously wrong but
worked on ipv6_fragment test since that one has only packets with
optional headers (hop-by-hop in that case has to be the first optional
header).
Fixes#14622
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
If the TCP segment is not sent properly by L2, then do not mark
it "not sent" in net_if.c:net_if_tx(). That "not sent" marking
confused TCP ref counting in tcp.c:tcp_retry_expired() and caused
the packet to be freed too early which then caused free net_buf
access issue during packet resend. This free memory access was
seen with zperf sample application.
From TCP point of view, the packet can be considered sent when
it is given to L2. The TCP timer will resend the packet if needed.
Fixes#15050
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This reverts commit 9cd547f53b.
The commit we are reverting, fixed originally the issue that was
seen with zperf. There we freed the net_pkt too early while it was
still waiting for a TCP ACK. The commit 9cd547f5 seemd to fix that
issue but it was causing issues in dump_http_server sample app which
then started to leak memory. No issues were seen with echo-server
with or without the commit 9cd547f5.
So the lessons learned here is that one needs to test with multiple
network sample apps like dump_http_server, echo_server and zperf
before considering TCP fixes valid, especially fixes that touch
ref counting issues.
Fixes#15031
The next commit will fix the zperf free memory access patch.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The network packet ref count was not properly increased when
the TCP was retried. This meant that the second time the packet
was sent, the device driver managed to release the TCP frame even
if we had not got ACK to it.
Somewhat long debug log follows:
The net_pkt 0x08072d5c is created, we write 1K data into it, initial ref
count is 1.
net_pkt_write: pkt 0x08072d5c data 0x08075d40 length 1024
net_tcp_queue_data: Queue 0x08072d5c len 1024
net_tcp_trace: pkt 0x08072d5c src 5001 dst 5001
net_tcp_trace: seq 0x15d2aa09 (366127625) ack 0x7f67d918
net_tcp_trace: flags uAPrsf
net_tcp_trace: win 1280 chk 0x0bea
net_tcp_queue_pkt: pkt 0x08072d5c new ref 2 (net_tcp_queue_pkt:850)
At this point, the ref is 2. Then the packet is sent as you see below.
net_pkt_ref_debug: TX [13] pkt 0x08072d5c ref 2 net_tcp_queue_pkt():850
net_tcp_send_data: Sending pkt 0x08072d5c (1084 bytes)
net_pkt_unref_debug: TX [13] pkt 0x08072d5c ref 1 (ethernet_send():597)
Ref is still correct, packet is still alive. We have not received ACK,
so the packet is resent.
tcp_retry_expired: ref pkt 0x08072d5c new ref 2 (tcp_retry_expired:233)
net_pkt_ref_debug: TX [10] pkt 0x08072d5c ref 2 tcp_retry_expired():233
net_pkt_unref_debug: TX [10] pkt 0x08072d5c ref 1 ... (net_if_tx():173)
net_pkt_unref_debug: TX [10] pkt 0x08072d5c ref 0 ... (net_if_tx():173)
Reference count is now wrong, it should have been 1. This is because we
did not increase the ref count when packet was placed first time into
sent list in tcp.c:tcp_retry_expired().
The fix is quite simple as you can see from this commit.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This patch fixes following issues.
* If IPv6 neighbor table is full, stack can not add any new
neighbors. So stale counter is introduced. Whenever neighbor
enters into STALE state, stale counter will be incremented
by one. When table is full and if stack wants to add new
neighbor, oldest neighbor in STALE state will be removed
and new neighbor will be added.
* When neighbor is in PROBE state and when it exceeds max
number of PROBEs, only neighbor with router is removed.
As per RFC 4861 Appendix C, entry can be discarded. Now
neighbor will be removed from the table.
* Reachability timer has an issue. e.g. if a first entry timer
is 10 seconds, after 3 seconds, a new entry added with
only 3 seconds. But current implementation does not check
whether remaining time of current left over timeout is more
than new entry timeout or not. In this example, when new entry
timeout is 3 seconds, left over timeout from first etnry is
still 7 seconds. If k_delayed_work_remaining_get() returns
some value then new entry time out was not considered.
Which is bad. It fixed now.
* nbr_free is used sometimes to remove the neighbor. Which does
not remove route if that particulat neighbor is route to some
other neighbor. net_ipv6_nbr_rm() should be used in such places.
* Trivial changes which does not affect functionality.
Fixes#14063
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Fix regression and allow incoming packet when source and
destination port numbers are the same.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
In case of Ethernet for instance, the MTU is larger than the minimal
IPv6 MTU, so it is not required to fragment a packet that fits in
Ethernet MTU.
Fixes#14659
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
The "is this packet for us?" filter in net_ipv4_input() has a minor
logic error which fails to discard many packets which are.. not for us.
Fixes: #14647
Signed-off-by: Charles E. Youse <charles.youse@intel.com>
