Remove the `_MAC` part because those Kconfig options enable only hash
algorithms, nothing MAC-related, and the `_ENABLED` part to align the
naming to the Mbed TLS defines (plus we don't need such a part).
As a bonus, enabling SHA-256 does not automatically enable SHA-224
anymore.
See the migration guide entries for more details on the practical
changes.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Namespaced the generated headers with `zephyr` to prevent
potential conflict with other headers.
Introduce a temporary Kconfig `LEGACY_GENERATED_INCLUDE_PATH`
that is enabled by default. This allows the developers to
continue the use of the old include paths for the time being
until it is deprecated and eventually removed. The Kconfig will
generate a build-time warning message, similar to the
`CONFIG_TIMER_RANDOM_GENERATOR`.
Updated the includes path of in-tree sources accordingly.
Most of the changes here are scripted, check the PR for more
info.
Signed-off-by: Yong Cong Sin <ycsin@meta.com>
It is meant specifically for configuration of the PSA crypto library.
The underlying PSA configuration items are guarded by the condition
that a PSA crypto provider must be present, which is the case when
either TF-M is in use or MbedTLS's PSA core is built as part of
the application image.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
`OPENTHREAD_PLATFORM_KEY_REF` should not be selected for RCP
architecture, as keys are handled on host's side and passed to
device over Spinel, and therefore they cannot be exported
on platform from reference with PSA Crypto API.
Signed-off-by: Maciej Baczmanski <maciej.baczmanski@nordicsemi.no>
The commit adds dependency on Kconfig FLASH_PAGE_LAYOUT to subsystems
that really require it:
FCB, NVS, LittleFS
and removes direct selection from '*.conf' files where no longer
needed.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Regular OpenThread upmerge to commit `75694d2`.
Move CONFIG_OPENTHREAD_PLATFORM_KEY_REFERENCES_ENABLE
from header file to Kconfig.
Signed-off-by: Maciej Baczmanski <maciej.baczmanski@nordicsemi.no>
Do not enable subsystem/driver shell modules by default and stop abusing
CONFIG_SHELL_MINIMAL, which is internal to the shell subsystem, to decide
when to enable a driver shell.
The list of shell modules has grown considerably through the
years. Enabling CONFIG_SHELL for doing e.g. an interactive debug session
leads to a large number of shell modules also being enabled unless
explicitly disabled, which again leads to non-negligible increases in
RAM/ROM usage.
This commit attempts to establish a policy of subsystem/driver shell
modules being disabled by default, requiring the user/application to
explicitly enable only those needed.
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
Provide an extra struct net_if * iface parameter to
net_if_ipv*_maddr_join/leave functions, so that the corresponding
interface context, the mcast address belong to, can be locked for the
operation.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
TFM is not the only provider for PSA API, which means
the PSA config shouldn't depend only on it.
Signed-off-by: Piotr Jasiński <piotr.jasinski@nordicsemi.no>
OpenThread networks do not use ND or MLD as they have their own set of
protocols to cover this functionality. So far, the use of OpenThread
with Zephyr relied on disabling those protocols support statically with
Kconfig, which prevented OT interfaces from being used along with other
IPv6 interfaces.
With the new network interface flags, it's now possible to disable ND
and MLD on individual interfaces, therefore disable them for OT
specifically.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
This commit updates all in-tree code to use `CONFIG_CPP` instead of
`CONFIG_CPLUSPLUS`, which is now deprecated.
Signed-off-by: Stephanos Ioannidis <stephanos.ioannidis@nordicsemi.no>
Add a new callback list structure for state change information.
These APIs are meant to eventually replace the single callback API
provided by openthread_set_state_changed_cb().
This will allow multiple users to gain information about
OpenThread stage changes.
Note CONFIG_OPENTHREAD_MAX_STATECHANGE_HANDLERS
with OpenThread's otSetStateChangedCallback() API can also be
used to enable registration of multiple callbacks of this type but this
cannot be modified if a certified OpenThread binary is used in the
build.
Signed-off-by: Nick Ward <nick.ward@ftpsolutions.com.au>
Align OpenThread L2 with interface state handling update. Use the
dormant flag to indicate whether an interface joined a Thread network.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Most IEEE 802.15.4 drivers do not support promiscuous mode, some do.
There is a dedicated L2 flag to signal this capability to clients.
Unfortunately the IEEE 802.15.4 L2 stack does not announce this flag
even for drivers that correctly expose it in their HW capabilities.
Some clients (notably the OpenThread L2) even uses promiscuous mode
without checking whether the driver actually supports it.
This change lets the vanilla IEEE 802.15.4 L2 check the driver's
HW capabilities to announce promiscuous mode on its 'get_flags()'
interface if supported.
The OpenThread L2 uses a constant (potentially incorrect) response
to 'get_flags()'. Fixing the OpenThread L2 is out of scope of this
change. This change just introduces TODO messages to the OpenThread code
so that the OpenThread team may fix the issue (or delete the TODO if they
deem it irrelevant).
Fixes: #51263
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
Instead of using "select" on certain EC configurations, which is
considered unsafe for various reasons, use a "depends on" and rely on
the user to set a proper configuration in the config file.
Update the respective project configurations to comply with the new
configuration scheme.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add `OPENTHREAD_CONFIG_MESSAGE_BUFFER_SIZE` to Kconfig.
Also set the number of children to minumum possible for MTD builds
in order to save some resources (~512B of RAM).
Signed-off-by: Eduardo Montoya <eduardo.montoya@nordicsemi.no>
Move OpenThread's glue code along with the Kconfig files that configure
OpenThread stack itself into module directory.
Update the maintainers file to reflect this change.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Make sure MAC software transmission security is enabled by default
for Thread 1.3 builds as well.
Signed-off-by: Eduardo Montoya <eduardo.montoya@nordicsemi.no>
Logging v1 has been removed and log_strdup wrapper function is no
longer needed. Removing the function and its use in the tree.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
In case NET_MGMT_EVENT module was enabled but w/o NET_MGMT_EVENT_INFO,
the OpenThread integration layer failed to build as the "info" field in
the net mgmt callback structure is not available then.
Fix this by conditionally enabling code processing the event only if
NET_MGMT_EVENT_INFO is enabled. Otherwise, print a warning, as the event
is not really useful if no address information is provided.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Get actual keys from references when PSA crypto is enabled.
A more secure method should be implemented once 802.15.4 platforms
support other than clear text keys.
Signed-off-by: Eduardo Montoya <eduardo.montoya@nordicsemi.no>
Thread network makes no use of Solicited-node multicast addresses,
thereby do no create them on the interface to save multicast address
entries for important ones.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
There is a risk of deadlock in case net_if APIs are used from within
net_mgmt handlers as both module APIs are protected with their own
mutexes.
The scenario observed with OpenThread happend when
NET_EVENT_IPV6_ADDR_ADD/NET_EVENT_IPV6_MADDR_ADD events were processed.
The net_mgmt mutex is locked when both, an event handler is being
processed (from a separate net_mgmt thread) and when an event is raised
(for example when a new address is added on an interface). In case a
net_mgmt handler tried to use some mutex-protected net_if API, we could
end up in a deadlock situation - the net_mgmt would wait for the net_if
mutex to release, while some other thread (in this case main during
initialization) could wait within some net_if function, pending on
net_mgmt mutex to be released to notify the event.
Fix this, by preventing net_if APIs from being used from within OT
net_mgmt handlers.
Additionally, simplify the net_mgmt handlers logic, by making use of
additional info provided with an event. Instead of blindy assuming that
recently added address was the last on the list (which might not always
be the case, if addresses are added/removed dynamically), read the
actual address being added from the net_mgmt_event_callback structure.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In order to bring consistency in-tree, migrate all subsystems code to
the new prefix <zephyr/...>. Note that the conversion has been scripted,
refer to zephyrproject-rtos#45388 for more details.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Name OpenThread version selection option to `OPENTHREAD_STACK_VERSION`
to be able to superseed it somewhere else.
Signed-off-by: Eduardo Montoya <eduardo.montoya@nordicsemi.no>
According to Kconfig guidelines, boolean prompts must not start with
"Enable...". The following command has been used to automate the changes
in this patch:
sed -i "s/bool \"[Ee]nables\? \(\w\)/bool \"\U\1/g" **/Kconfig*
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
This commit moves openthread CMakeLists.txt from openthread submodule
to zephyr/modules/openthread.
Signed-off-by: Przemyslaw Bida <przemyslaw.bida@nordicsemi.no>
If OPENTHREAD_IP6_FRAGM is enabled the IPv6 fragments are handled in
OpenThread stack but also forwarder unconditionally to the Zephyr
uplayers. It causes additional packets processing and leads to errors
like unrecognized next header type or duplicate ping reply. What more
these errors generate additional traffic which jam channel and decrease
latency for packets required fragmentation.
This commit add filtering IPv6 fragments when data fragmentation and
reassembling is enabled in OpenThread.
Signed-off-by: Lukasz Maciejonczyk <lukasz.maciejonczyk@nordicsemi.no>
This commit adds OPENTHREAD_PLATFORM_CSL_UNCERToption to Kconfig.
This option will allow user to configure openthreads CSL clock
uncertianity during build time.
Signed-off-by: Przemyslaw Bida <przemyslaw.bida@nordicsemi.no>
This commit adds an option to store OpenThread settings in RAM for the
case where the flash driver is not available. This can be useful
for testing openthread on new platforms which are still under
development.
Signed-off-by: Lukasz Maciejonczyk <lukasz.maciejonczyk@nordicsemi.no>
Introduce a common config for all 802.15.4 based L2 implementations.
This way, any custom 15.4 L2 implementation will be able to
automatically enable use 15.4 driver, w/o a need to modify the actual
Kconfig.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
- Add a `log_strdup` to the role text output for logging V1
compatibility
- Fix style issues
- Change where the documentation refers to an OpenThread device as
"himself" to "itself"
Signed-off-by: Chris Pearson <ctpearson@gmail.com>
If CONFIG_NET_LOG=y is set, OpenThread will output the current OT
role whenever the state changes.
To simplify understanding of the log output, this change replaces
the numerical role ID with the text name of the role. This also
required a change to a documentation file to replace an instance
of a numerical ID.
NOTE: This is potentially a breaking change should anyone be using
test scripts that monitor the OpenThread state changes and look
for the numerical ID. This does not seem to be the case for the
Zephyr tests, however.
Signed-off-by: Chris Pearson <ctpearson@gmail.com>
OpenThread has lately got an option to provide a custom
crypto backend that replaces the default, based on mbedTLS
API. Implement a backend based on ARM PSA crypto API that
is better suited for applications willing to take advantage
of the ARM trust zone technology.
Add Kconfig option: OPENTHREAD_CRYPTO_PSA_ENABLE which
enables that backend.
Also, another Kconfig option:
OPENTHREAD_PLATFORM_KEY_REFERENCES_ENABLE, implied by the
former, which enables usage of key references instead of
literal keys in OpenThread. It will eventually allow
OpenThread applications to keep sensitive data such as
encryption keys in the secure storage, accessible from the
secure world only.
Signed-off-by: Damian Krolik <damian.krolik@nordicsemi.no>
Rework NCP interface configuration and NCP sample. Remove
CONFIG_OPENTHREAD_COPROCESSOR_SPINEL_ON_UART_DEV_NAME and
CONFIG_OPENTHREAD_COPROCESSOR_SPINEL_ON_UART_ACM Kconfig
options in favor of chosen node zephyr,ot-uart usage.
Signed-off-by: Johann Fischer <johann.fischer@nordicsemi.no>
The openthread has enhanced features for periodic parent search,
this commit adds kconfig options to enable and configure these.
Signed-off-by: Pieter De Gendt <pieter.degendt@basalte.be>
Regular OpenThread upmerge to bring in a fix for a possible
infinite loop and support for DNS service subtypes.
Signed-off-by: Damian Krolik <damian.krolik@nordicsemi.no>
Direct openthread API usage requires explicit locking,
which is also used internally.
Exposing a work queue through the openthread context allows
work to be submitted without the need to block other threads.
In particular with CONFIG_OPENTHREAD_MANUAL_START, application
logic can offload work which otherwise would need to wait for
the lock to become available.
Signed-off-by: Pieter De Gendt <pieter.degendt@basalte.be>
