No functionality changes. Just moved IPv6 neighbor and related functions
to ipv6_nbr.c for better readability.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Each IPv6 neighbor entry had a k_delayed_work to be used as a timer to
send ND reachable message and waiting for the reply in order to get to
the neighbor details.
But k_delayed_work is not a small object (40 bytes). Thus reworking the
IPv6 ND reachable request timer by having one central k_delayed_work
and a timestamp in every IPv6 neighbor data entry properly handled at
every timeout.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Each IPv6 neighbor entry had a k_delayed_work to be used as a timer to
send NS message and waiting for the NS reply in order to get to the
neighbor details.
But k_delayed_work is not a small object (40 bytes). Thus reworking the
IPv6 send NS request timer by having one central k_delayed_work and
a timestamp in every IPv6 neighbor data entry properly handled at every
timeout.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Instead of having one delayed_work struct / IP address, use
only one delayed_work struct for lifetime timer. This saves
over 20 bytes / allocated address struct.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Refactor usage of net_sprint_ip*() where multiple
invocations are needed per single log call.
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
Echo server crashes upon reception of fragmented packets. This
occurs when fragmentation is enabled with the default prj.conf
of echo server. The cause is that by default with logs disabled
net_sprint_ipv6_addr returns NULL.
Signed-off-by: Ruslan Mstoi <ruslan.mstoi@intel.com>
Instead of waiting forever for a network buffer, have a timeout
when allocating net_buf. This way we cannot left hanging for a
long time waiting for a buffer and possibly deadlock the system.
This commit only adds checks to core IP stack in subsys/net/ip
Fixes#7571
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
IPv6 cleanup patch introduced a regression. Misunderstood the logic.
Do not drop the packet if packet does not have ND options, just skip.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Instead of reading or writing different icmpv6 header's individual
variables, better to read or write whole struct at a time. This
minimizes the calls to net_frag_read() or net_frag_write().
changes also removed slow and fast paths. Changes should optimize
the total flow.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
IPv6 fragmentation splits the packet into two parts, one is header
and another is payload. Every time header is cloned and part of
payload is appended. At the end original header packet is not freed.
Causes memory leak.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
When an echo request is sent to an unknown neighbor, a Neighbor
Solicitation request is sent, however if the source address
cannot be determined the NS request is dropped but the pending
packet is not freed.
Signed-off-by: Léonard Bise <leonard.bise@gmail.com>
Current implementation does not handle large extension headers
(e.g HBHO). Which resulted network stack crashes or due to
misinterpretation of lengths network packets are dropped. Also
caused issues while preparing IPv6 packet (e.g. large HBHO header
with IPv6 fragmentation support).
Issues fixed and provided more unit tests.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
If Neighbor Advertisement cannot be sent, then print info about it.
Earlier we printed info when NA succeeded.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Because per-interface statistics rely on interface pointer stored in a
net_pkt, it should not be unreferenced before stats are updated.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The hop limit value in net_pkt was not updated according to
received IPv6 header.
Fixes#8182
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This one converts "raw" timeout value to use K_MSEC() macro
in order to make clear how long the timeout is.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Use of K_SECONDS() macro is more intuitive so use that instead of
plain MSEC_PER_SEC define.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Convert couple of MSEC() calls to K_MSEC() as the timeouts
when using MSEC() are just too long.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Similar to UDP, some drivers can make use of the following functions:
net_tcp_get_hdr()
net_tcp_set_hdr()
Let's expose them as <net/tcp.h> and change all internal references
to "tcp_internal.h".
Signed-off-by: Michael Scott <michael@opensourcefoundries.com>
This commit fixes crash caused by double free from message sequence
fragmentation. When double free happens the call stack is:
0 reassembly_cancel
1 handle_fragment_hdr
2 net_ipv6_process_pkt
3 process_data
4 processing_data
5 net_rx
6 process_rx_packet
7 work_q_main
8 _thread_entry
So at first packet is unrefed in reassembly_cancel and then also in
processing_data.
Signed-off-by: Ruslan Mstoi <ruslan.mstoi@intel.com>
Instead of one global statistics, collect statistics information
separately for each network interface. This per interface statistics
collection is optional but turned on by default. It can be turned
off if needed, in which case only global statistics are collected.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Instead of always allocating both IPv6 and IPv4 address information
to every network interface, allow more fine grained address
configuration. So it is possible to have IPv6 or IPv4 only network
interfaces.
This commit introduces two new config options:
CONFIG_NET_IF_MAX_IPV4_COUNT and CONFIG_NET_IF_MAX_IPV6_COUNT
which tell how many IP address information structs are allocated
statically. At runtime when network interface is setup, it is then
possible to attach this IP address info struct to a specific
network interface. This can save considerable amount of memory
as the IP address information struct can be quite large (depends
on how many IP addresses user configures in the system).
Note that the value of CONFIG_NET_IF_MAX_IPV4_COUNT and
CONFIG_NET_IF_MAX_IPV6_COUNT should reflect the estimated number of
network interfaces in the system. So if if CONFIG_NET_IF_MAX_IPV6_COUNT
is set to 1 and there are two network interfaces that need IPv6
addresses, then the system will not be able to setup IPv6 addresses to
the second network interface in this case. This scenario might be
just fine if the second network interface is IPv4 only. The net_if.c
will print a warning during startup if mismatch about the counts and
the actual number of network interface is detected.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Move IP address settings from net_if to separate structs.
This is needed for VLAN support.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Create infrastructure that allows ethernet device driver to tell
if it supports network packet checksum offloading. This applies only
to IPv4, UDP or TCP checksums. The driver can enable/disable checksum
offloading separately for Tx and Rx network packets.
If the device (ethernet in this case) can calculate the network
packet checksum for IPv4, UDP or TCP, then do not calculate the
corresponding checksum by the stack itself.
Fixes#2987
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Memory leak occurs if neighbor table is full and echo request from an
unknown neighbor is received. Hence, on an attempt to send NS unref of
pending is not done, causing the memory leak.
Signed-off-by: Ruslan Mstoi <ruslan.mstoi@intel.com>
If net-shell is enabled then it could try to access neighbor state
names. This would cause compile error as net_ipv6_nbr_state2str()
function is then missing.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This commit fixes incorrect Ethernet frame check sequence and ICMPv6
checksum caused by MTU set to zero in RA
Fixes#6342
Signed-off-by: Ruslan Mstoi <ruslan.mstoi@intel.com>
This commit fixes the crash of echo server from unsolicited RA with
reachable time set to 2147483648. The crash was in
net_if_ipv6_calc_reachable_time because such large value resulted in
modulus by zero due to integer overflow.
Fixes#6382
Signed-off-by: Ruslan Mstoi <ruslan.mstoi@intel.com>
Assertions should only be used to check invariants. Things that may
change value in runtime are better left to proper checks.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Assertions should only be used to check invariants. Things that may
change value in runtime are better left to proper checks.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
This doesn't appear to be used by anything in Zephyr. Remove it,
as it doesn't perform correct bounds checking.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
If net_icmpv6_get_na_hdr() returns NULL (which is possible with a
specially crafted packet), utility functions net_is_solicited(),
net_is_router(), and net_is_override() will attempt to read invalid
memory.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
This commit fixes the crash of echo_server from overflow in ICMPv6 NS
source link-layer address option.
Fixes#6235
Signed-off-by: Ruslan Mstoi <ruslan.mstoi@intel.com>
Instead of having K_FOREVER when allocating a packet in IPv4 ARP
and IPv6 ND, set a timeout so that we do not have a case where we
would wait net_buf forever.
Fixes#5484
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Unlinking of neighbor also needed after nbr_unref. Otherwise
neighbor id is still in use and can not be linked further.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
If CONFIG_NET_MGMT_EVENT_INFO is enabled then provide mgmt info
about the neighbor, which is added or deleted.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Remove any routes with neighbor as a nexthop first and then remove
neighbor from neighbor table.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
When net_ipv6_prepare_for_send() needs to route packets, it missed
updating of RPL header.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Doing neighbor discovery in RPL network is not necessary and
that can be disabled in RPL nodes. Unfortunately the border
router needs to have ND enabled as it has also non-RPL network
interfaces in use. So in this case, mark RPL node as always
reachable.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
As this is very specialized info which is not normally needed,
do not print it by default.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Introduce CONFIG_NET_ROUTING option that allows the IP stack
to route IPv6 packets between multiple network interfaces.
No support for IPv4 routing is implemented by this commit.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Add in6addr_any and in6addr_loopback which are defined in RFC2553 Basic
Socket Interface Extensions for IPv6.
Signed-off-by: Aska Wu <aska.wu@linaro.org>
If we receive a neighbor solicitation which does not have any
options, then there is no need to assert this condition as that
is a perfectly valid use case.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The IPv6 address parameters in net_ipv6_send_na() can be const
as the function will not modify them. This avoids compile warning
about parameter constness.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
It is useful to return the neighbors in net_ipv6_nbr_foreach()
groupped by network interface. This way the caller has them
already in proper order and does not need to re-group them.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This adds a new state NET_IPV6_NBR_STATE_STATIC which never timeouts
which is required in case of RFC 7668 which doesn't allow publishing
the address:
https://tools.ietf.org/html/rfc7668#section-3.2.3
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Create support for registering a callback that will be called
if the device leaves or joins IPv6 multicast group.
Jira: ZEP-1673
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Earlier we modified the original pkt chain when creating IPv6
fragments. This is not a proper way as the original chain might
still be used in TCP when re-sending a message. So when fragmenting
the packet, clone it first and leave original packet intact. This
occupies litle more memory but is now safe.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
k_delayed_work_cancel now only fail if it hasn't been submitted which
means it is not in use anyway so it safe to reset its data regardless
of its return.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
When IPv6 fragments were sent, the last IPv6 fragmented packet
was accessing NULL pointer.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
We had various asserts when checking network packet length but
printed also error when there was none. Fix this by checking
do we really have a too short message.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Remove NET_TCP_HDR() macro as we cannot safely access TCP header
via it if the network packet header spans over multiple net_buf
fragments.
Fixed also the TCP unit tests so that they pass correctly.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Remove NET_UDP_HDR() macro as we cannot safely access UDP header
via it if the network packet header spans over multiple net_buf
fragments.
Fixed also the UDP unit tests so that they pass correctly.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Remove NET_ICMP_HDR() macro as we cannot safely access ICMP header
via it if the network packet header spans over multiple net_buf
fragments.
Jira: ZEP-2306
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The IPv6 HBH option PAD1 ext header was not parsed properly
as the code read one extra byte from the ext header. The
PAD1 length is only 1 byte.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Empty RPL HBH header will be inserted while finalizing IPv6 packet
but updated after finding nexthop and sent the packet. In case of
Bluetooth or multicast dst address it was missed. Resulted in
empty RPL HBH header and packet dropped at peer node. It should
be updated in all circumstances.
Jira: ZEP-2088
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
If we receive unknown option in neighbor advertisement message,
then skip those properly. Old code did not check the length of
the extension options which could cause infinite loop.
Jira: ZEP-2219
Signed-off-by: Ruslan Mstoi <ruslan.mstoi@intel.com>
The cancellation of reassembly did not work as expected because
K_WORK_INITIALIZER() did not setup the timeout function properly.
So do the timer initialization at runtime instead.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The IPv6 fragmentation was not working properly when the large
IPv6 packet was being sent. There is unit tests in next commit
that will test the IPv6 fragmentation sending.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If the fragmented IPv6 packet was very large, we could run out
of resources. When that happened, we leaked the memory for the
pending fragments that were waiting reassembly.
Jira: ZEP-2166
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The previous default 60 seconds is way too long for our limited
amount of memory. It might be that the 5 sec is still too long
but that can be changed in the future.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If we receive unknown option in neighbor solicitation message,
then skip those properly. Old code did not check the length of
the extension options which could cause infinite loop.
Jira: ZEP-2174
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
net_if_ipv6_router_rm() is the correct API to remove IPv6 router
from the interface as it also cancels the timer and raises a mgmt
event. The net_if_router_rm() only sets router as unused and
nothing else.
Change-Id: I55114288c9ae748520b67b206edcd4f5e420b1af
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
For stream-based protocols (TCP), adding less data than requested
("short write") is generally not a problem - the rest of data can
be sent in the next packet. So, make net_pkt_append() return length
of written data instead of just bool flag, which makes it closer
to the behavior of POSIX send()/write() calls.
There're many users of older net_pkt_append() in the codebase
however, so net_pkt_append_all() convenience function is added which
keeps returning a boolean flag. All current users were converted to
this function, except for two:
samples/net/http_server/src/ssl_utils.c
samples/net/mbedtls_sslclient/src/tcp.c
Both are related to TLS and implement mbedTLS "tx callback", which
follows POSIX short-write semantics. Both cases also had a code to
workaround previous boolean-only behavior of net_pkt_append() - after
calling it, they measured length of the actual data added (but only
in case of successful return of net_pkt_append(), so that didn't
really help). So, these 2 cases are already improved.
Jira: ZEP-1984
Change-Id: Ibaf7c029b15e91b516d73dab3612eed190ee982b
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Convert code to use u{8,16,32,64}_t and s{8,16,32,64}_t instead of C99
integer types.
Jira: ZEP-2051
Change-Id: I4ec03eb2183d59ef86ea2c20d956e5d272656837
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Only 2 attributes lacked this prefix, which makes sense to have, so
applying it accordingly and changing the helpers as well.
Change-Id: I095b2729f977f8fb1624eff8801a4a4e21416693
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Most of these macros are not exactly exposing a buffer, but a specific
header pointer (ipv6, ivp4, ethernet and so on), so it relevant to
rename them accordingly.
Change-Id: I66e32f7c3f2bc75994befb28d823e24299a53f5c
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
IPv6 next headers are processed in a way so it is not required to store
which header has been already seen in the net_pkt, as the processing loop
can store internally which one it has seen already.
Change-Id: I266ba8a3a0081a162318cdafb474a0fc44a3185e
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
- net_pkt becomes a stand-alone structure with network packet meta
information.
- network packet data is still managed through net_buf, mostly named
'frag'.
- net_pkt memory management is done through k_mem_slab
- function got introduced or relevantly renamed to target eithe net_pkt
or net_buf fragments.
- net_buf's sent_list ends up in net_pkt now, and thus helps to save
memory when TCP is enabled.
Change-Id: Ibd5c17df4f75891dec79db723a4c9fc704eb843d
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
There have been long lasting confusion between net_buf and net_nbuf.
While the first is actually a buffer, the second one is not. It's a
network buffer descriptor. More precisely it provides meta data about a
network packet, and holds the chain of buffer fragments made of net_buf.
Thus renaming net_nbuf to net_pkt and all names around it as well
(function, Kconfig option, ..).
Though net_pkt if the new name, it still inherit its logic from net_buf.
'
This patch is the first of a serie that will separate completely net_pkt
from net_buf.
Change-Id: Iecb32d2a0d8f4647692e5328e54b5c35454194cd
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
While very unlikely it might happen that fragment pointer is NULL
when going through fragment list.
Coverity-CID: 167148
Change-Id: Ic3dbed7ee29c7b864d4830d726f65d7f62dcea84
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This does not save any space but sets the fields in the
structs in more natural order. Move IPv6 related
fields in net_if into internal ipv6 struct so that all
IPv6 fields are located inside one struct. Same thing
is done for IPv4 fields which are now located inside
IPv4 internal struct in net_if.
There is no functionality changes by this commit.
Change-Id: I7d72ec0a28e2b88c79a4c294655d5ef6da6ccb25
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
We need a way to know when IPv6 address is successfully set
into network interface.
If IPv6 DAD (Duplicate Address Detection) succeeds or fails,
we send a management event for that. This can be used by
other components to detect when the network interface is in
usable state.
Change-Id: Ifb22415fe21f31f5dba4f55455d6e0f89b414d32
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This makes net_ipv6_nbr_add able to update entries so it can be reused
when receiving RA or NS requests, so it now performs a lookup before
creating a new entry (using nbr_new to reuse more code) and in case it
finds a match attempts to update the lladdr.
Change-Id: I305a67a955e037cbbb862fef947a5fcfe131507c
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
net_ipv6_nbr_add shall init the delayed work as nbr_new does, so this
unifies both codes into nbr_init which does take care of initializing
the fields properly.
Change-Id: I91746276d346a3dc3c36be20d49bcf1968245fc5
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
The default hop limit is defined in struct net_if. It is possible
that user might want to tweak it for each network packet. For this
purpose, a net_nbuf_set_ipv6_hop_limit(buf) function is created.
Change-Id: I7568330358f80f0f5007d6d3c411c120b043c04f
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Figure out what is the last extension header in IPv6 packet
and return offset to it. This is needed by IPv6 fragmentation
when fragmentation header is added to the packet.
Change-Id: I925ab806a5de076a425ff354711730d4f4b3c52f
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This commit adds support for IPv6 packet fragmentation when
receiving (IPv6 reassembly) and when sending larger than 1280 bytes
long IPv6 packet. See RFC 2460 chapter 4.5 for more details.
Jira: ZEP-1718
Change-Id: Ia31c147cce4d456ee48f39276cca99aa09ce81d6
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This helps debugging as printable string of the ICMPv6 type is
printed when packet is received if debugging is active.
Change-Id: I22b84bb6b28db7fba030699af3e561a0775b53d2
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
It requires a net_nbuf, so the actual buf, and not a frag here.
Change-Id: I4fd888c9a91f5e3f3dd664ae5e3bf93f90a2f597
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
This will refactor net_core.c and move IPv6 specific code
into ipv6.c which is a more logical place for it.
Change-Id: I5bbecbb760111326b9a6bbef5802c53d7f6efda9
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Refining the names around IPv6's neighbor states to differentiate them
easily from any net_nbr related names (which are not tighten to IPv6).
Change-Id: Ibc24df2a9485477a53fe5fe1c8f993f0fcd91635
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Probably some refactoring left-over.
Change-Id: I9715441a54b2e675135ce4072651dcead3216d3b
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Instead of simply dropping the packet if the destination IPv6
address is not ours, try to figure out if there is a route
to real destination and then re-route the IPv6 packet there.
Change-Id: I6b2a0d7096b3d7877b82b04f38e3a6e588587c11
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
k_delayed_work_init shall only be called once per work and not every
time before as that can trash the workqueue list if the work is pending.
Change-Id: I454f40b63133bb7d6239dbe902858932bacfc454
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
