Tests showed that mDNS responder needs slightly more stack on certain
platforms, hence increase the default for such case.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Fill-in the mode field of the fd_entry so that the
implementation can be made aware that the specific file
descriptors created are sockets.
Signed-off-by: Chris Friedt <cfriedt@tenstorrent.com>
Add returning timestamp of received packet in ancillary data buffer
in `msghdr` structure. This commit enables getting timestamp of
the received packet by calling `recvmsg()` function. The function
returns in the `msg_control` field timestamp if following criteria
are met:
- `CONFIG_NET_CONTEXT_TIMESTAMPING` is set
- `SO_TIMESTAMPING` socket option has `SOF_TIMESTAMPING_RX_HARDWARE`
option enabled for that socket
- driver used by sockets supports packet timestamping
Signed-off-by: Adam Wojasinski <awojasinski@baylibre.com>
This is the last commit of the set of patches that introduces
`SO_TIMESTAMPING` socket level optino in Zephyr. The patch
adds `SOF_TIMESTAMPING_RX_HARDWARE` and `SOF_TIMESTAMPING_TX_HARDWARE`
bitmasks. It can be extedned in the future to cover more timestamping
features. Currently the feature can be used with ptp_clock driver.
Signed-off-by: Adam Wojasinski <awojasinski@baylibre.com>
Add proper PSA_WANT kconfigs for TLS sockets and RSA key exchanges
when CONFIG_PSA_CRYPTO_CLIENT is set.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
If network socket tracing is enabled, then the system will track
various socket API calls for usage.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Until recently, the posix api was purely a consumer of the
network subsystem. However, a dependency cycle was added as
a stop-gap solution for challenges with the native platform.
Specifically,
1. eventfd symbols conflict with those of the host
2. eventfd was excluded from native libc builds via cmake
If any part of the posix were then to select the network
subsystem (which is a legitimate use case, given that networking
is a part of the posix api), we would get a build error due to
the Kconfig dependency cycle.
As usual, with dependency cycles, the cycle can be broken
via a third, mutual dependency.
What is the third mutual dependency? Naturally, it is ZVFS
which was planned some time ago. ZVFS will be where we
collect file-descriptor and FILE-pointer APIs so that we can
ensure consistency for Zephyr users.
This change deprecates EVENTFD_MAX in favour of
ZVFS_EVENTFD_MAX.
Signed-off-by: Chris Friedt <cfriedt@tenstorrent.com>
The POSIX_MAX_FDS option does not correspond to any standard
POSIX option. It was used to define the size of the file
descriptor table, which is by no means exclusively used by
POSIX (also net, fs, ...).
POSIX_MAX_FDS is being deprecated in order to ensure that
Zephyr's POSIX Kconfig variables correspond to those defined in
the specification, as of IEEE 1003.1-2017. Namely,
POSIX_OPEN_MAX. CONFIG_POSIX_MAX_OPEN_FILES is being deprecated
for the same reason.
To mitigate any possible layering violations, that option is
not user selectable. It tracks the newly added
CONFIG_ZVFS_OPEN_MAX option, which is native to Zephyr.
With this deprecation, we introduce the following Kconfig
options that map directly to standard POSIX Option Groups by
simply removing "CONFIG_":
* CONFIG_POSIX_DEVICE_IO
Similarly, with this deprecation, we introduce the following
Kconfig options that map directly to standard POSIX Options by
simply removing "CONFIG":
* CONFIG_POSIX_OPEN_MAX
In order to maintain parity with the current feature set, we
introduce the following Kconfig options.
* CONFIG_POSIX_DEVICE_IO_ALIAS_CLOSE
* CONFIG_POSIX_DEVICE_IO_ALIAS_OPEN
* CONFIG_POSIX_DEVICE_IO_ALIAS_READ
* CONFIG_POSIX_DEVICE_IO_ALIAS_WRITE
Gate open(), close(), read(), and write() via the
CONFIG_POSIX_DEVICE_IO Kconfig option and move
implementations into device_io.c, to be conformant with the
spec.
Lastly, stage function names for upcoming ZVFS work, to be
completed as part of the LTSv3 Roadmap (e.g. zvfs_open(), ..).
Signed-off-by: Chris Friedt <cfriedt@tenstorrent.com>
Do not depend on init level but start the socket service
already in net core init because DNS init code depends on
socket service API to be ready to serve. And we call DNS
init at the net core init.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
In an effort to shave off code size, remove out-of-the-box
enabling of crypto features (except SHA-256).
Configurations are adjusted to enable what they need.
Bonuses:
- When enabled, AES now defaults to using a smaller version
(`CONFIG_MBEDTLS_AES_ROM_TABLES` isn't default enabled anymore,
and if enabled, `CONFIG_MBEDTLS_AES_FEWER_TABLES` defaults to y).
- Conditions around Mbed TLS Kconfig options have been improved
to reflect the reality of the dependencies.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
In order to be compatible with Linux AF_PACKET socket calls, the
protocol field needs to be in network byte order.
So for example, if user wants to receive all packets, then the
protocol field needs to be set as "htons(ETH_P_ALL)".
See Linux manual page at
https://www.man7.org/linux/man-pages/man7/packet.7.html
for details.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Namespaced the generated headers with `zephyr` to prevent
potential conflict with other headers.
Introduce a temporary Kconfig `LEGACY_GENERATED_INCLUDE_PATH`
that is enabled by default. This allows the developers to
continue the use of the old include paths for the time being
until it is deprecated and eventually removed. The Kconfig will
generate a build-time warning message, similar to the
`CONFIG_TIMER_RANDOM_GENERATOR`.
Updated the includes path of in-tree sources accordingly.
Most of the changes here are scripted, check the PR for more
info.
Signed-off-by: Yong Cong Sin <ycsin@meta.com>
Add checks to make sure that we are not trying to use the socket
service library with eventfd if CONFIG_POSIX_API is not set and if
using native_sim based board. The reason is that we should always
use zephyr libc based eventfd implementation instead of host libc one.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This reverts commit b56297bf16
because it is causing problems when using native_sim and not
having CONFIG_POSIX_API set.
The proper fix is to set CONFIG_POSIX_API when using eventfd
and native_sim so that picolibc is used instead of host libc.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
With native_sim, this error is seen a lot when socket
service API is used.
<dbg> net_sock: get_sock_vtable: (net_socket_service):
Invalid access on sock 3 by thread 0x807a8e0 (net_socket_service)
If we just ignore the error, then we might get into forever
loop which is not good. So if this happens, mark the eventfd
fd as not pollable to basically ignore the eventfd support in
this case.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Print also thread name when printing socket access error.
This helps debugging what thread caused it.
Lowering the Error to Debug as we could be missing vtable
for example for eventfd descriptors, this is easily seen when using
socket service API.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Instead of using net_context API directly, the DNS resolver is
changed to use the socket service API. This allows DNS access
for offloaded sockets and can lower overall memory consumption.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
TLS socket have now been in Zephyr for a few years already and are
widely adopted across the codebase. Given above, they should no longer
be considered an experimental feature.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The local address used for established TCP socket needs to be
dig out from TCP internals and not from context->local.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add support for IPv6 Source Address Selection defined in RFC 5014.
This commit does not add any address selection support to getaddrinfo()
as described in the RFC. The AI_EXTFLAGS symbol and also the ai_eflags
to hints is added but they are not used by the code.
The public/temporary address selection is only done internally by
the net_if_ipv6_select_src_addr_hint() according to flags set by
setsockopt().
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add more error logs in case of (mostly) mbed TLS errors, so it's easier
to get an initial idea of what went wrong based on logs only. Getting
an information on an actual mbed TLS error code is quite helpful in such
cases.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Changing remaining users of fcntl.h to use the include from our own
POSIX file so that the values in there are consistent in all parts
of the sources.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Use only Zephyr specific POSIX header files so that the whole
system is getting values from the same files. There was an issue with
native_sim run of tests/net/socket/af_packet which had O_BLOCKING set
to 0x4000 from include/zephyr/posix/fcntl.h, but then the file
subsys/net/lib/socket/sockets.c was having O_BLOCKING set to 0x0800
because different header files were used.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Have special wrappers for zsock_fcntl and zsock_ioctl functions
so that gcc warning can be avoided.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The CONFIG_NET_SOCKETS_POSIX_NAMES option is marked as deprecated in
favor of using normal POSIX socket API includes found under the
include/zephyr/posix directory. If you want to use BSD socket API calls,
you need to select POSIX_API and use the socket headers found in the
POSIX subsystem. If you do not want to or cannot enable POSIX_API,
then you must use zsock_ prefix when working with BSD socket calls.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add an error log if there's a failure when attempting to load
certificates during socket connect.
Signed-off-by: Noah Pendleton <noah.pendleton@gmail.com>
With recently introduced DNS retransmission mechanism, a certain bug
could occur when calculating query timeout.
If the time until the final DNS timeout (as indicated by
CONFIG_NET_SOCKETS_DNS_TIMEOUT) was less than 1 millisecond, the actual
millisecond timeout value was rounded down, resulting in 0 ms timeout.
This in order was interpreted as invalid argument by dns_get_addr_info()
function, so in result, instead of reporting query timeout, the function
reported invalid argument error.
Fix this by rounding the millisecond timeout up, instead of down, so
that in any case, if the final timeout is not due, we always provide
non-zero timeout to dns_get_addr_info().
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Rework TELNET shell backend to use socket API for communication and
socket service library for socket monitoring.
Additionally, rework the TX part so that non-blocking TX is used when
sending from the system work queue. In case transfer is not possible at
the moment, the TX work is rescheduled instead of blocking the system
work queue.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Socket service pollfd count should not exceed the configured
NET_SOCKETS_POLL_MAX limit, as poll() will not be able to monitor
sockets beyond that limit anyway. Adding +1 there prevented the library
from catching the configuration error.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case the LL address is not set on a packet for any reason, don't try
to access address structure to determine packet type.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
If getaddrinfo() is called with a long DNS timeout, then split
the timeout to smaller pieces with exponential backoff. Reason
for this is that if a DNS query is lost, then we do not need
to wait for a long time to find it out.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
DTLS socket should be able to combine more than one message into a
single datagram when calling sendmsg().
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
It was an overlook to return 0 on TLS send() call, after detecting that
TLS session has been closed by peer, such a behavior is only valid for
recv(). Instead, an error should be returned.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The net_mgmt socket does not support poll() or fcntl(), so
return EOPNOTSUPP error if user tries to use those functions
for AF_NET_MGMT type socket.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add CONFIG_NET_SOCKETS_DTLS_MAX_FRAGMENT_LENGTH for limiting
the Maximum Fragment Length (MFL) for DTLS with Mbed TLS.
This is needed when MBEDTLS_SSL_OUT_CONTENT_LEN and
MBEDTLS_SSL_IN_CONTENT_LEN are set to larger values than the MTU
of the network and IP fragmentation is not supported.
Signed-off-by: Markus Lassila <markus.lassila@nordicsemi.no>
Make sure that socket service is started earlier than
config library. This is enforced in config libs init.c
but set the default value here too.
The reason for this is that the config library might need
to start dhcpv4 server which needs socket service to work,
so the ordering is important here.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If the CONFIG_NET_SOCKETS_POLL_MAX is smaller than what is needed
for the socket service API to work properly, then we should not
start the service thread as the service API cannot work and might
cause memory overwrite in ctx.events[] array.
Fixes#69233
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Changed poll to perform incoming data check with connected
DTLS connections. This allows the CONFIG_NET_SOCKETS_DTLS_TIMEOUT
to timeout the connections to server socket if there is no
incoming data.
Previously, if the remote client closed the DTLS connection without
close notify, the timeout of the ongoing connection only happened
when next connection was taken to the server socket. Depending on
the timeouts, this could prevent the next connection from succeeding.
Signed-off-by: Markus Lassila <markus.lassila@nordicsemi.no>
If recvmsg() does not update control data, then it must
set msg_controllen length to 0 so that the caller can
understand this.
Fixes#68352
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add sockaddr member in struct net_pkt to store peer address if offloaded
network inteface is used. This enables recvfrom() to fill in src_addr if
socket type is UDP and offloaded interface driver supports it.
Signed-off-by: John Johnson <john.filip.johnson@gmail.com>
We cannot always start the service monitor thread statically
because the static threads are started after the application
level. This means that when config library wants to start
dhcpv4 server which uses socket services, there would be a
deadlock. Simplest solution is to start the service thread
directly from socket service init function.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Increase socket services thread default stack size when DHCPv4 server is
enabled, as it uses synchronous processing.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Get TLS_DTLS_CID_STATUS and TLS_DTLS_PEER_CID_VALUE utilize
mbedtls_ssl_get_peer_cid, which expects that mbedtls_ssl_setup
has been done.
Signed-off-by: Markus Lassila <markus.lassila@nordicsemi.no>
User is able to tweak the socket service dispatcher thread
priority in order to get better performance from the system
if needed. By default the dispatcher thread runs in lowest
application thread priority (K_LOWEST_APPLICATION_THREAD_PRIO).
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If user has not supplied address pointer when calling accept(),
then we would not be able to figure out the used socket domain
properly. But as there is now SO_DOMAIN option supported, use
that to get the correct socket domain.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The getsockopt() will return the address domain of the given
socket like AF_INET or AF_INET6.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>