Shift the error handling for `ethernet_ll_prepare_on_ipv4` out into
`ethernet_send`, since that is the function that needs to handle the
various result types of the ARP process.
Signed-off-by: Jordan Yates <jordan@embeint.com>
Make it clearer that the `net_buf_ref` is for `k_queue_unique_append`,
and reverse the reference if the queue add fails.
Signed-off-by: Jordan Yates <jordan@embeint.com>
Update `net_arp_prepare` to return a return code instead of a pointer,
so that the various results of the function can be differentiated.
Signed-off-by: Jordan Yates <jordan@embeint.com>
The new DSA framework purpose and changes are as below.
- Aligned to Linux DSA framework which has been already mature framework
for many years, For now in zephyr, the DSA components were splited
as: switch, port, master(not need driver file for now), slave, and tag.
Seperated drivers were used for maintaining and developing new
features.
- The unified dts bindings (aligned to linux) were supported. The port
driver would parse DTS to decide the port type (master port, slave
port, or cpu port) to set up the switch. All the ports registered as
standard ethernet devices. (dsa port and dsa switch tree was not
supported.)
- How to add DSA device driver based on the framework? All the device
driver needing to do is providing dsa_spi implementation and private
data, and calling below initialization.
DSA_INIT_INSTANCE(n, _dapi, data)
- For switch tag case, recv/xmit helpers in dsa_api could be used for
taging/untagging. No modified ethernet drivers.
For no-tag type case, ethernet driver of master port should support
packet injection/extraction for slave ports leaving NULL recv/xmit.
The dsa_nxp_imx_netc.c driver will be the first example of the new DSA
framework.
The future work for DSA will be supporting bridge for ports. We may align
Linux to give users two options to use DSA device:
- Standalone mode: the switch ports work as regular ethernet ports.
- Bridge mode: switch mode with virtual bridge device which could be
assigned IP address.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Current DSA TX/RX way was hard-coded in ethernet devices driver
with ETH_DSA_SUPPORT and NET_DSA.
This patch is to make such way obsolete, as we actually will support
a better DSA framework to handle this in NET/DSA core driver.
To make legacy devices not affected, below options are used instead.
- ETH_DSA_SUPPORT_DEPRECATED
- NET_DSA_DEPRECATED
Once the legacy devices are converted to new DSA framework, this code
could be removed.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Moved OpenThread-related Kconfigs from L2 layer to
modules/openthread. All of those configs were not strictly related
to the L2 layer, so they fits better to OpenThread module.
This operation allows using OpenThread Kconfigs even if L2 layer is
disabled.
Enabling NET_L2_OPENTHREAD also configures those configs by
selecting the OPENTHREAD kconfig, so there is no change regarding
backwards compatibility. The only change is that the Kconfigs
related to Thread were moved to the modules space, so their
location in the menuconfig also changed.
Once it is done, a choice for setting different L2 implementations
seems to be redundant.
Signed-off-by: Arkadiusz Balys <arkadiusz.balys@nordicsemi.no>
RSA3K based certs are not supported on all platforms, so, keep both
variants, rsa2k (the older certs but with longer expiry 9999 days) and
rsa3k (latest ones) and we can have more variants in this folders.
Also, add a cmake variable to override the path with default as rsa3k.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Certificates usage depends on STA/AP mode, but we don't have that
information at a build time, so, make all certs as optional and if a
file isn't found then generate an empty header so that corresponding C
code will be built.
Any missing mandatory certificates will be validated before connection
and connection is failed.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Using TLS credentials library add support for run-time certificates where
the installed certs are retrieved from the credential store (as of now
only volatile backend is tested).
This helps in production environments.
Implements #79564.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Make sure that we check possible network packet filtering status
before accepting the packet.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The number of ports in gptp_domain.default_ds.nb_ports is a uint8_t.
A pointer to it is passed to gptp_add_port.
However, in this method, the pointer is cast to an int pointer.
The C compiler generates an int-size store for this.
In addition to potentially overwriting adjacent attributes, on platforms
such as RISC-V that do not support unaligned accesses, this causes an
exception on access.
This commit casts nb_ports to the correct type, uint8_t.
Signed-off-by: Eric Ackermann <eric.ackermann@cispa.de>
Do not ignore return values of OT functions registering IPv6 addresses.
As this is called from the net_mgmt callback context, which returns
void, there's not much that can be done, other than logging the error.
To simplify the logging code and avoid the need to use extra buffer,
use net_sprint_ipv6_addr() networking utility function within the log
message to convert binary address to string.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
- Modified conditions in WIFI_CONNECT()
function to reject SAE password and
PSK based on length parameter
Signed-off-by: Nitin Pandey <nitin.pandey@silabs.com>
Fix the kconfig check for enterprise crypto support in AP mode.
Also, remove the unnecessary Hostapd enterprise crypto check in
credentials code.
Signed-off-by: Triveni Danda <triveni.danda@nordicsemi.no>
Some OpenThread functions were called without verifying the return
value, which not only is not the best practice, but also could lead to
build warnings with llvm. This commit fixes it.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The current mapping gets the network interface into dormant state when
Thread is not attached. While the node is not capable of doing multi-hop
communication when it's not attached, it should be able to do link-local
communication. This commit changes the mapping to look at OpenThread's
own network interface state instead without further checking Thread's
device role, so that link-local communication is supported when a node
in detached state.
Signed-off-by: Yakun Xu <xyk@google.com>
The least significant bit of the first octet of a MAC address is a
unicast/multicast bit. The bit should be cleared when generating a
random link address for a virtual interface. Any frames from such
interface/address will be dropped by the network as invalid if
the multicast bit is set.
Signed-off-by: Jack Chistyakov <jack.chistyakov@outlook.com>
The check for index out of bound is missing, It turns into a crash
for input channel more than WIFI_MGMT_SCAN_CHAN_MAX_MANUAL.
Signed-off-by: Kapil Bhatt <kapil.bhatt@nordicsemi.no>
Fix compiler warning by adjusting the number of chars copied to the
destination. Compiler does not like if the destination size of the
`strncpy`-operation is the same as the number of characters written. Even
though it is not a bug in this case. Only copying size-1 characters fixes
the warning and exhibits the same behavior.
Signed-off-by: Cla Mattia Galliard <cla-mattia.galliard@zuehlke.com>
The help text for connect says
[-b, --band] 0: any band (2:2.4GHz, 5:5GHz, 6:6GHz]
but it disallows setting band to 0. Change this and allow
band 0 option when doing normal connect. Disallow setting
the band 0 when enabling AP mode.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The negative status code is actually the errno which we might
get returned from lower levels. For example if user sets -t
(timeout) option, the -ETIMEDOUT might be returned. In this case
map the errno value to connection timeout status value.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If "wifi connect" fails, tell user why in textual format.
This helps debugging connectivity issues.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If there are no virtual interfaces attached to this virtual
interface, check if there is a RX handler for this virtual
interface and pass data to it.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Currently, the L2 PPP won't work with AF_PACKET socket family as it only
supports packets from AF_INET/AF_INET6 families. Because of this, it's
not possible to use AF_PACKET RAW or DGRAm sockets with PPP interfaces,
as the packets they generate have family field set to AF_PACKET.
Fix this, by verifying the LL protocol field in the PPP L2 before
passing the packet the respective PPP driver. If the AF_PACKET packet is
received, and the protocol field is set to IP/IPv6, update the packet
family to AF_INET/AF_INET6 accordingly.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Previously the net_linkaddr struct had pointers to the link address.
This is error prone and difficult to handle if cloning the packet as
those pointers can point to wrong place. Mitigate this issue by
allocating the space for link address in net_linkaddr struct. This will
increase the size of the net_pkt by 4 octets for IEEE 802.15.4 where the
link address length is 8, but there no increase in size if link address
is 6 bytes like in Ethernet/Wi-Fi.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The ethernet header size with VLAN tag is 18 bytes,
so the length check should accommodate this.
Signed-off-by: Christoph Seitz <christoph.seitz@infineon.com>
Do not update packet length for unsupported packet families.
AF_PACKET family used the IPv6 length update, which breaks the
packet length if there is a payload with bytes resembling a
IPv6 length field less then 6 or a IPv4 length field less
then 46.
Signed-off-by: Christoph Seitz <christoph.seitz@infineon.com>
Rename this driver to eth_native_tap, including renaming all its
options.
The old options remain until v4.4, but as deprecated.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
- Add possibility to choose implementation of OpenThread L2 and
set it to Zephyr's by default
- Remove unused `OPENTHREAD_SECURITY_INTERNAL` Kconfig
- Add missing choice names for logging and coprocessor
Signed-off-by: Maciej Baczmanski <maciej.baczmanski@nordicsemi.no>
Building with clang warns:
subsys/net/l2/ethernet/ethernet.c:178:18: error: unused function
'ethernet_check_ipv4_bcast_addr' [-Werror,-Wunused-function]
enum net_verdict ethernet_check_ipv4_bcast_addr(struct net_pkt *pkt,
^
ethernet_check_ipv4_bcast_addr is called by ethernet_ip_recv, which only
exists when CONFIG_NET_IPV4 or CONFIG_NET_IPV6 is defined.
Signed-off-by: Tom Hughes <tomhughes@chromium.org>
The ARP protocol handler cannot directly access the Ethernet header
because the caller has removed the header already when the handler
is called. So change net_arp_input() and pass source and destination
MAC address there instead of bogus pointer that was pointing to ARP
header instead of Ethernet header. This requires changes to ARP tests.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Remove the CONFIG_WIFI_NM_WPA_SUPPLICANT_WNM macro in L2 shell level
to make 11v BTM query support embedded supplicant.
Signed-off-by: Rex Chen <rex.chen_1@nxp.com>
In ap enable cmd, channel set to 0 means ACS mode.
Remove hostapd AP macro for this case to make ACS mode
available for public usage.
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
Added new parameter "A" in wifi connect command to support
CA certificate used or CA certificate skipped for
EAP-TTLS-MSCHAPV2 and EAP-PEAP-MSCHAPV2.
Signed-off-by: Qingling Wu <qingling.wu@nxp.com>
Add the check if dev is NULL (when iface is NULL, dev is NULL) when
setting Wi-Fi CMD, in case Wi-Fi driver init fails and shell crashes.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Setting Wi-Fi cmd only when the net interface is up, avoid the case
that driver deinit and net interface is down, then the L2 APIs interact
with supplicant and driver, which may lead to CPU exception.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
The RFC1122 section 3.3.6 says we SHOULD drop the packets if L2 address
is brodcast but L3 address is unicast, but we had seen some Wi-Fi access
points in the field not conforming to that, and DHCP offer is dropped
due to this and causes Wi-Fi connectivity issues.
As the RFC saus it's SHOULD and not a MUST, add a config option to allow
such packets, disabled by default.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
The family and proto type was not set for the IPv4 autoconf ARP packets.
Since those should be set for all ARP packets, just move the code
outside of the if block.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
There is no need to if-def away the net-stats function since there is a
shim available now.
Signed-off-by: Cla Mattia Galliard <cla-mattia.galliard@zuehlke.com>
