Add option for setting a random MAC address to
the net iface set_mac command. With random option
a random MAC address can be assigned to an interface.
Signed-off-by: Kapil Bhatt <kapil.bhatt@nordicsemi.no>
In order to be compatible with Linux AF_PACKET socket calls, the
protocol field needs to be in network byte order.
So for example, if user wants to receive all packets, then the
protocol field needs to be set as "htons(ETH_P_ALL)".
See Linux manual page at
https://www.man7.org/linux/man-pages/man7/packet.7.html
for details.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
When tests control the LwM2M client entirely through
shell, we should be able to set the RD client context
from the application without causing RD client to
start registration.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
For default case it should print the option character provided by user.
Extra shell_help removed as it's being called in the caller function.
Signed-off-by: Ajay Parida <ajay.parida@nordicsemi.no>
Support to set BSS parameter "max_num_sta" at compile and run time
Added support to configure `max_num_sta` BSS parameter.
Maximum number of stations allowed in station table. New stations will be
rejected after the station table is full.
Signed-off-by: Ajay Parida <ajay.parida@nordicsemi.no>
Support for configuration of AP parameter "Skip inactivity poll".
Only build time setting is supported.
Signed-off-by: Ajay Parida <ajay.parida@nordicsemi.no>
Support to set BSS parameter at compile and run time.
Added support to configure `max_inactivity` BSS parameter.
Station inactivity timeout is the period for which AP may keep a client
in associated state while there is no traffic from that particular client.
If a non-zero value is set, AP may choose to disassociate the
client after the timeout.
Signed-off-by: Ajay Parida <ajay.parida@nordicsemi.no>
Remove the `_MAC` part because those Kconfig options enable only hash
algorithms, nothing MAC-related, and the `_ENABLED` part to align the
naming to the Mbed TLS defines (plus we don't need such a part).
As a bonus, enabling SHA-256 does not automatically enable SHA-224
anymore.
See the migration guide entries for more details on the practical
changes.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
When channel range is configured in scan params, get the
channel count from `chan_idx` instead of taking a difference
of start and end of the channel range. The `difference` method
fails in case of 5GHz band since channels may not be consecutive
numbers.
Signed-off-by: Ravi Dondaputi <ravi.dondaputi@nordicsemi.no>
Namespaced the generated headers with `zephyr` to prevent
potential conflict with other headers.
Introduce a temporary Kconfig `LEGACY_GENERATED_INCLUDE_PATH`
that is enabled by default. This allows the developers to
continue the use of the old include paths for the time being
until it is deprecated and eventually removed. The Kconfig will
generate a build-time warning message, similar to the
`CONFIG_TIMER_RANDOM_GENERATOR`.
Updated the includes path of in-tree sources accordingly.
Most of the changes here are scripted, check the PR for more
info.
Signed-off-by: Yong Cong Sin <ycsin@meta.com>
When opaque resources have post-write callback set, but
the write is not a Block-Wise write, there is no block_ctx
and the code causes null pointer dereference when calculating
the offset of the data.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
Add checks to make sure that we are not trying to use the socket
service library with eventfd if CONFIG_POSIX_API is not set and if
using native_sim based board. The reason is that we should always
use zephyr libc based eventfd implementation instead of host libc one.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This reverts commit b56297bf16
because it is causing problems when using native_sim and not
having CONFIG_POSIX_API set.
The proper fix is to set CONFIG_POSIX_API when using eventfd
and native_sim so that picolibc is used instead of host libc.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
According to RFC3927 and RFC5227, an ARP probe target HW address should
be set to all-zeroes:
"The 'target hardware address' field is ignored and
SHOULD be set to all zeroes."
Hence, we should allow the ARP probes to have all-zeroes target HW
address as well.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The socket allocation count was incorrectly calculated as
we have only one socket per listened port.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If DNS_EAI_ALLDONE is returned, it indicates that the request
was done and should not be considered an error.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
When the interface goes down, the safest thing to do is to return to
the INIT state, as there is no guarantee that any state is preserved
upon the interface coming back up again.
This is particularly the case with WiFi.
Signed-off-by: Jordan Yates <jordan@embeint.com>
If time aware system has more than 1 gptp port, because there is only
one boolean to handle callback registering, a race condition can occur
for instance in case 2 master ports are waiting for a timestamp following
sending of sync message. More in details, callback may be unregistered
by port 1 while port 2 is waiting for timestamp event.
The issue is solved by declaring as much as boolean and struct
net_if_timestamp_cb as the number of declared ports
(=CONFIG_NET_GPTP_NUM_PORTS).
Signed-off-by: Jean-Nicolas Graux <jean-nicolas.graux@st.com>
Setting a ration of 0 breaks the computation of scaled_rate_offset
in gptp_md_follow_up_prepare().
According to IEEE802.1AS 10.2.2.3.9, when sent by clock master
entity, rate_ratio shall be equal to gmRateRatio. But since
in gptp_md_follow_up_prepare(), in case we are the grand master
clock, we take the assumption that clock source is the local clock,
we may set this ratio to 1.0.
Signed-off-by: Jean-Nicolas Graux <jean-nicolas.graux@st.com>
Without this patch, in case time aware system is grand master capable
but is not the grand master clock and behave as a bridge so that it
shall ONLY relay SYNC and FUP messages from slave port to master port(s),
SYNC and FUP are mistakenly generated by ClockMasterSyncSend state
machine.
This patch only call ClockMasterSyncSend state machine in case a Grand
Master clock is present and is this time aware system.
This check is not described by IEEE802.1AS. Instead, according to
10.2.9.3, the SiteSyncSync state machine shall not take into account
information from ClockMasterSyncSend in case this time aware system is
not grand-master capable. Current implementation of ClockMasterSyncSend
state machine sends sync indication to the PortSync entities, instead of
sending it to the SiteSyncSync entity. And the SiteSyncSync state machine
does not make any check.
Signed-off-by: Jean-Nicolas Graux <jean-nicolas.graux@st.com>
Commit 413eceeddb ("net: gptp: fix follow_up message correction_field")
breaks computation of follow up correction field in case time aware system
is not the grand master clock but behave as a transparent clock which relay
sync and follow-up messages from one slave port to one or several master
port(s). In this case, according to IEEE802.AS 11.1.3 and 11.2.14.2.3,
md sync send state machine shall compute the sum of link propagation delay
and residence time, expressed in grand master time base. Then this quantity
shall be added to last received fup correction field to build value of
correction field. This patch checks whether time aware system is the grand
master clock or not, and computes value correction field accordingly.
Signed-off-by: Jean-Nicolas Graux <jean-nicolas.graux@st.com>
An earlier pull request implementing observe support was merged too
hastily. It had a few issues:
1. The predicate for whether a request should be marked not ongoing was
wrong (it checked ret != 0 instead of ret < 0)
2. Without observes in mind, MID-based deduplication is not a required
feature. Deduplication was handled implicitly - the exchange would get
dropped after the first response anyway, so duplicate responses would
not get matched to anything. But with observes, there are several
responses in an exchange. This commit adds this.
3. Using coap_request_is_observe(&internal_req->request) in the response
handler requires the whole request to stay in scope for the lifetime of
the observation, which I observed was not always the case. Adding an
is_observe bool to the internal struct improved stability significantly.
With these fixes, GETs with observe option works very well.
Signed-off-by: Benjamin Lindqvist <benjamin@eub.se>
Filtering out received packets which source address matches one of our
own addresses has broken the duplicate address detection conflict
reporting.
In case Neighbor Advertisement is sent during DAD collision, the source
address of such packet might be set to the address that triggered the
collision. This address would also be set on our interface, marked as
tentative. Therefore in order to make duplicate address detection work,
we cannot filter out packets in case our own address is still in
tentative state.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
A support for RDNSS option should not force DNS subsystem being enabled
in the system, especially that the option is enabled by default. It
should work the other way around - the option is supported only if DNS
was enabled by the user.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
With native_sim, this error is seen a lot when socket
service API is used.
<dbg> net_sock: get_sock_vtable: (net_socket_service):
Invalid access on sock 3 by thread 0x807a8e0 (net_socket_service)
If we just ignore the error, then we might get into forever
loop which is not good. So if this happens, mark the eventfd
fd as not pollable to basically ignore the eventfd support in
this case.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Print also thread name when printing socket access error.
This helps debugging what thread caused it.
Lowering the Error to Debug as we could be missing vtable
for example for eventfd descriptors, this is easily seen when using
socket service API.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Instead of using net_context API directly, the LLMNR responder is
changed to use the socket service API. This allows DNS access
for offloaded sockets and can lower overall memory consumption.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Instead of using net_context API directly, the mDNS responder is
changed to use the socket service API. This allows DNS access
for offloaded sockets and can lower overall memory consumption.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Instead of using net_context API directly, the DNS resolver is
changed to use the socket service API. This allows DNS access
for offloaded sockets and can lower overall memory consumption.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The input address originates from an RX net_buf which may
be unaligned. Consequently, word access to this unaligned buffer
can trigger an unaligned access exception on certain platforms,
such as the ARMv7 Cortex-A9.
Signed-off-by: Taras Zaporozhets <zaporozhets.taras@gmail.com>
Improve coap_client_cancel_requests(). Ensure it can be
called from a callback. Report error to waiting callbacks.
Clear active flag.
This is useful when the network becomes unavailable
or prior to disconnecting in order to save power.
Signed-off-by: Pete Skeggs <peter.skeggs@nordicsemi.no>
Fixes remote address for ping before upload. This caused the ping in zperf
upload to timeout as shown in the following output:
```
uart:~$ zperf udp upload 2001:db8::2 5001 10 50 1M
Remote port is 5001
Connecting to 2001:db8::2
Duration: 10.00 s
Packet size: 50 bytes
Rate: 1000 kbps
Starting...
ping 2001:db8::2 timeout
Rate: 1.00 Mbps
Packet duration 390 us
```
Fixes: https://github.com/zephyrproject-rtos/zephyr/issues/68674
Signed-off-by: Ayush Singh <ayushdevel1325@gmail.com>
Allow Block-Wise writes to resources that have enough buffer for
the whole content. Calculate the offset before calling the
content specific write handlers when callback is not set.
Previously only resources with post-write callback were able to
assemble the content.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
When Block-Wise transfer restarts, the post-write callback should
receive some indication that the block is actually a beginning of new,
instead of part of previous transfer.
Fixes#71351
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
When the network inteface goes operational DOWN (for example cable
unplugged), clear "joined" flag on all registered multicast addresses,
so that MLD report is sent for them when the interface goes back up.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
When bringing interface down, all IPv6 multicast addresses are removed
from the interface. However, when the interface was brought back up,
rejoin_ipv6_mcast_groups() would look only for solicited node mcast
addresses already present on the interface. In result, after going back
up, the interface was missing solicited-node mcast addresses for those
unicast addresses, that were already present on the interface when
bringing up.
As net_ipv6_mld_join() does similar checks to skip MLD when not needed,
we can just skip the lookup when rejoining, and use already defined
join_mcast_nodes().
Additionally, check for IPV6 and NO_ND flags on the interface before
attempting to add the address back, those multicast addresses are not
needed if ND is disabled on the interface.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case a network interface is brought down and back up, DAD was not
performed for link-local unicast address.
This happens because the logic in the network interface code assumed
that DAD for link-local address is triggered when the address is added,
and it's explicitly omited when looping over IPv6 address. This wasn't
the case however when interface was brought back up, as the address was
already present on the interface, hence DAD skipped.
In Linux, the link-local address is removed from the interface when the
interface is brought down. Such approach solves the issue described,
hence implement it in a similar way in Zephyr.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
There is no need to check our own context when going through
the used ports in the system. This prevents error when binding
in some corner cases.
Fixes#72035
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The new command is "net http" which shows all services and
related resources defined in the system.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Doing a normal close for a websocket does not close the underlying
real socket. If we do not have fd for the real socket, then it is
not possible to fully close a websocket connection. As we are allocating
a websocket using websocket_register() in HTTP server use case,
create a websocket_unregister() that will close both the real
socket and the websocket socket.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
It is meant specifically for configuration of the PSA crypto library.
The underlying PSA configuration items are guarded by the condition
that a PSA crypto provider must be present, which is the case when
either TF-M is in use or MbedTLS's PSA core is built as part of
the application image.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Add option for zperf tcp upload that will enable periodic result reporting.
This is useful for monitoring performance swings during a longer session.
Signed-off-by: Adam Matus <adam.matus@nxp.com>
TCP nodelay option is part of zperf upload params, but was not being
set in common zperf_prepare_upload_sock function. Move it there
to align with how other options are set.
Signed-off-by: Adam Matus <adam.matus@nxp.com>
TLS socket have now been in Zephyr for a few years already and are
widely adopted across the codebase. Given above, they should no longer
be considered an experimental feature.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
According to the RFC, MODE_IS_INCLUDE/MODE_IS_EXCLUDE codes should be
used while sendling Multicast Listener Reports in response to a query.
When performing a transition between states (e.g., when joining or
leaving a multicast group) CHANGE_TO_INCLUDE_MODE/CHANGE_TO_EXCLUDE_MODE
have to be used.
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
From RFC:
* "source list" is an unordered list of zero or more unicast
addresses from which multicast reception is desired or not desired [...]
It means that there is no need to add any special address to specify
"block all" and "allow all" states explicitly. This commit removes the
unnecessary addition.
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
When BUILD_WITH_TFM is enabled we can dispatch hash computation
to TFM. This allows to remove the built-in support of SHA256 from
the non-secure side (if it's not used for any other purpose, of course).
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Moving toward the adoption of PSA crypto APIs, TinyCrypt is going
to be deprecated so we can remove it in favor of newer APIs.
Moreover tls_credentials is mostly meant to store data in the
protected storage meaning that there is a TFM implementation
providing this service. The same TFM can of course be used to
compute sha256 hashing thus saving memory footprint on the NS
side by removing TC.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
When using the TLS_CREDENTIALS_BACKEND_PROTECTED_STORAGE there is
BUILD_WITH_TFM enabled which means that we can take advantage of
TFM (thorugh PSA interface) to compute the SHA256 hash.
This removes the need for the built-in implementation of
mbedtls_sha256() on the non-secure image (unless it's used somewhere
else, of course) and therefore it helps in reducing the memory
footprint.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Add support for gratuitous ARP transmission by Zephyr network stack.
This allows to prematurely fill the peer ARP table, so there's no need
to send an explicit request when peer needs to send an actual packet.
The gratuitous ARP is send when the network interface is brought up
(joins the network) or a new IP address is added. The gratuitous ARP
request is also sent periodically, with a configurable interval time.
The gratuitous ARP should also be sent whenever MAC address of the
interface is changed, but as Zephyr only allows to do this when
interface is down, this is already covered by the first case (interface
brought up).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Fixing the websocket command output to align the fields and
printing interface index instead of a pointer value.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add socket obj_core support to websocket so that the socket
information can be viewed by "net sockets" command.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
After upgrading the HTTP connection to websocket, call the
application registered callback to transfer the ownership of
the socket to the application.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If the other end closes the connection, it is not exactly an
error so downgrade the print to debug level.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The http_server needs a way to bind a websocket socket to the
upgraded http connection socket. So websocket_register() is used
for that.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Use normal "config" in order to avoid this error from compliance
check script:
Found pointless 'menuconfig' symbols without children.
Use regular 'config' symbols instead.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Allow connection to be upgraded from HTTP/1.1 to websocket.
This commit does nothing yet with the upgraded connection.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Check what kind of upgrading we are doing and return error
if we receive upgrade that we do not support.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
`OPENTHREAD_PLATFORM_KEY_REF` should not be selected for RCP
architecture, as keys are handled on host's side and passed to
device over Spinel, and therefore they cannot be exported
on platform from reference with PSA Crypto API.
Signed-off-by: Maciej Baczmanski <maciej.baczmanski@nordicsemi.no>
Two issues fixed:
When pull-context is created, it does not have to wake up the RD
client context. Ignore the EPERM warning.
When new pull-context creates a new socket, sometimes socket-loop
gets to recvfrom() before we have set O_NONBLOCK on the socket.
So use ZSOCK_MSG_DONTWAIT on zsock_recvfrom() so it does not
block the socket loop.
Fixes#71450
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
It may happen that the interface is up but not yet running
when we issue the rejoin_ipv6_mcast_groups(). This can be
fixed by calling this function again right after the iface
is set to 'running' state in the notify_iface_up handler.
Signed-off-by: Marcin Kajor <marcin.kajor@nordicsemi.no>
When calling net_if_get_default(), print a warning if no
network interfaces are found. This helps debugging mysterious
crashes.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
When trying to get IPv6 prefix, if there are no network interfaces
then the net_if_get_default() will return NULL but we should not
crash at that point but return gracefully.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Making default preferred time much closer to default valid time
so that the served addresses are much shorter time in deprecated
state where they cannot be utilized. This is important in Zephyr
as there are limited number of IPv6 addresses that can be allocated
to the network interface.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The local address used for established TCP socket needs to be
dig out from TCP internals and not from context->local.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
We usually cannot use context->local for established TCP connections
because the local address is not updated for TCP if we are bound to
any address. So create helper that try to figure out the end point
addresses.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add support for IPv6 Source Address Selection defined in RFC 5014.
This commit does not add any address selection support to getaddrinfo()
as described in the RFC. The AI_EXTFLAGS symbol and also the ai_eflags
to hints is added but they are not used by the code.
The public/temporary address selection is only done internally by
the net_if_ipv6_select_src_addr_hint() according to flags set by
setsockopt().
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
When printing IPv4 and IPv6 address information in "net ipv4" and
"net ipv6" commands, print also reference count of the IP address.
This is useful for debugging purposes.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add reference counting to network interface address (for both
IPv4 and IPv6) so that the address is not removed if there are
sockets using it. If the interface address is removed while there
are sockets using it, the connectivity will fail for the said
socket.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add events to be generated when privacy extension is enabled
or disabled, or when allow/deny filter is added or deleted.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
When executing "net iface" command, print current status of
IPv6 privacy extension if it is enabled in config file.
The "net ipv6 ..." command prints IPv6 privacy extension
information, and can add or delete IPv6 prefix filters.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If IPv6 privacy extension is enabled, then we need to select
proper public or temporary IPv6 source address when sending the
packet.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This creates support for IPv6 privacy extensions which is described
in RFC 8981. This will also add API that can be used to add IPv6
prefixes to a allow or deny list privacy extension filter.
The code will create temporary IPv6 addresses from prefixes that
are advertised by Router Advertisement messages. The temporary
IPv6 addresses are then expired according to lifetime and removed.
Fixes#9349
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If IPv6 address expires and moves to deprecated state, then
send a mgmt event so that listeners can act on it.
One such action is to close a socket bound to that source address
so that the address can be released.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This commit adds transmission of MLDv2 reports whenever a multicast
routing entry is added or removed when suitable (it checks if the
given interface itself has joined the group).
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
This commit introduces a new option CONFIG_NET_MCAST_ROUTE_MLD_REPORTS
which appends multiacst routes to MLDv2 reports. These records are
intended to inform reports' recipients about potential listeners on
the other interfaces.
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
The coap_client lib only handled "one-shot" requests properly. This
patch allows it to keep listening for additional responses to a request,
if the request was made with the CoAP OBSERVE option appended.
An API for canceling such requests is also added.
Signed-off-by: Benjamin Lindqvist <benjamin@eub.se>
The size field in net_buf should not be used directly as then
the optional headroom will not be taken into account.
There is the net_buf_max_len() API that should be used instead.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Kconfig option to enable object version reporting should
be moved into sub section "Engine features" so
it does not clutter up the main LwM2M menu.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
Due to recent changes in hostap to move few buffers from heap->stack (to
improve the reliability of allocations) this has increased the stack
size and with another recent change to increase the max polling sockets
this puts over the 4096 stack size for net_mgmt causing stack overflow.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
When PPP moves to the 'Closing' state it sends up to configured number
of 'Terminate-Request' packets. It only moves to the 'Initial' state,
after running out of retransmits or when it receives a 'Terminate-Ack'
packet.
Signed-off-by: Markus Lassila <markus.lassila@nordicsemi.no>
Original code developed as a GSoC 2023 project by Emna Rekik.
Code refactored in order to provide better bisectability
as the origical commits were not bisectable.
The server supports static and dynamic resources, managed by
HTTP_SERVICE/HTTP_RESOURCE macros.
Fixes#59685Fixes#59686Fixes#59688Fixes#59690Fixes#59670Fixes#59700Fixes#59684Fixes#59693Fixes#59693Fixes#59694Fixes#59699Fixes#59696Fixes#59688Fixes#59690Fixes#59670Fixes#59700Fixes#59685Fixes#59686Fixes#59688Fixes#59691
Signed-off-by: Emna Rekik <emna.rekik007@gmail.com>
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add HTTP/2 helper libraries to encode and decode HPACK encoded headers,
according to RFC7541.
HPACK string encoding requires to support certain set of Huffman codes,
therefore implement Huffman encoder/decoder as well.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case of successful submission, the reference shouldn't be put down,
this only should done on error cases.
As reference is put down on success, during the buffer unref, no action
is taken due to an uint8 overflow (ref is now 255), so, the buf->frags
isn't cleared properly and the next time the frags is used and when L2
inserts a second frag, the first head frag and next frag are same (due
to buffer re-use) causing an infinite loop in either net_buf_frag_last
or net_pkt_get_len.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Unicast RX stats
It represents total number of unicast (any type data, action or
any other unicast frames) frames received at firmware level.
The actual frames passed to host will be different as firmware
may drop packets or some packets may be dropped because of
errors.
Unicast TX stats
Transmission side the unicast packets count states the packets
handed over to firmware. The stats taken at firmware level.
Actual packets transmission may vary depending upon various factors.
Signed-off-by: Ajay Parida <ajay.parida@nordicsemi.no>
We were missing a helper function that can be used to check
whether the given function is the virtual VLAN interface.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Use lock while accessing nm data.
One of the use case is while setting regulatory, it accesses nm data,
while from some other place also it can be accessed same time.
Protected the nm data processing.
Signed-off-by: Ajay Parida <ajay.parida@nordicsemi.no>
Work items on the syswq should always run-to-completion.
Override the timeout value to always be K_NO_WAIT.
Allocating with K_FOREVER leads to deadlocks if the freeing also happens
from the syswq. Non-zero timeouts are also not nice for the other users
of the syswq.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
Even though we are passing mandatory args from the shell registration,
due to use of getopt the check can be bypassed without the hyphenated
options.
So, enforce and fail if mandatory parameters aren't passed through
getopt.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Adds a config that enables sending the object version for all objects.
According to LwM2M specification v1.0 and v1.1, non-core object versions
other than 1.0 'must' be provided, while all other versions 'may' be
provided. With specification v1.2, a client 'can always attach Object
Version Information'. Or in other words, it is OK to always report the
object version with all specifications.
Signed-off-by: Andreas Rudolf <andreas.rudolf@husqvarnagroup.com>
Updates the linker script fragments under 'subsys' to use
Z_LINK_ITERABLE_SUBALIGN for the subalignment instead of
a hardcoded value of 4.
Signed-off-by: Peter Mitsis <peter.mitsis@intel.com>
The IPv6 address lifetime timers are kept in a slist, but
the code that adds the entry to the list does not check
whether the item is already in the list. This will cause
problems when trying to remove the address from the list.
Normally this is not causing issues, but if the function
net_if_ipv6_addr_update_lifetime() is called multiple times
before the address expires, then the item was added to the
slist multiple times.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Applications need to run a scan to identify the security
mode before attempting the connection which adds to the time
taken for connection to be established.
To avoid the initial scan, support auto security mode which will
enable STA to choose between WPA, WPA2 and WPA3, based on the
network configuration.
Signed-off-by: Ravi Dondaputi <ravi.dondaputi@nordicsemi.no>
Since `NONE` is a valid option for key management in `connect`
command, we should remove the part in help text which says:
"valid only for secure SSIDs".
Signed-off-by: Ravi Dondaputi <ravi.dondaputi@nordicsemi.no>
This commit change a method of printing multicast routes by showing
all interfaces per entry instead of aggregating them by interface.
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
In order to save memory, a single multicast routing entry now
contains configurable number of network interfaces.
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
This commit adds a check to determine if the packet wasn't already
forwarded to a given interface.
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
This commmit changes the way of iterating over multicast routing
entries from explicit for-loop to ARRAY_FOR_EACH_PTR().
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
The commit 8256d02d3a introduced
getopt parsing for the wifi connect command
This needs to be updated for the wifi ap enable since ap
enable also uses the same parsing as connect.
The use of getopt removes the parameter ordering restrictions
Signed-off-by: Brad Kemp <brad@beechwoods.com>
In case FIN packet included data bytes, Zephyr would ignore the
data. It wasn't passed to the application, and it wasn't considered
when bumping the ACK counter. This ended out in connection timing out,
instead of being properly terminated.
Fix this, by refactoring FIN processing in TCP_ESTABLISHED state.
Instead of handling FIN/FIN,ACK/FIN,ACK,PSH cases separately, have a
common handler when FIN flag is present, and when ACK flag is present
along with FIN. When FIN is present, take any potentially incoming data
into account.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Allow changing the CoAP Block-wise transfers block-size
for subsequent GET requests.
It looks like Leshan switches block size back to its
configured value, if it is smaller.
So even when we send block N=0 with size of 512, Leshan
seem to handle that properly but still asks N=2 with
block size 256(if that is configured).
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
Minor improvements to usage of zperf_shell upload.
Added common defaults for the upload commands arguments.
Print defaults in cmd help.
Throw warning when user sets baud rate for TCP upload.
Signed-off-by: Adam Matus <adam.matus@nxp.com>
The network interface parameter for net_eth_get_vlan_tag() should
be the VLAN interface so use the search loop properly.
Earlier the main interface could be checked.
Add also test cases for this so that we can catch that the func
works properly.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add more error logs in case of (mostly) mbed TLS errors, so it's easier
to get an initial idea of what went wrong based on logs only. Getting
an information on an actual mbed TLS error code is quite helpful in such
cases.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Block size is a 3-bit value mapping values [0, 6] to powers of 2 in the
range [16, 1024]. Value 7 is invalid.
The previous formula was not working in case the client's preferred size
was 4 (or more) times bigger than the server's.
This commit takes into account also the case the client's preferred size
is smaller than the server's.
Signed-off-by: Marco Argiolas <marco.argiolas@ftpsolutions.com.au>
Remove IPSP support from the tree.
It has no maintainers, and is regularly broken. The fact that it's
nontrivial to set-up in linux makes it hard to fix reported issues.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
The "struct sockaddr" should only be used in casts and never
as a standalone variable because it might not have enough
space allocated for all the protocol specific fields.
So refactor the port_in_use() function to reflect that.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
errno values are positive, therefore they should be negated when
assigned as return values for net_dhcpv4_server_start().
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The commit adds dependency on Kconfig FLASH_PAGE_LAYOUT to subsystems
that really require it:
FCB, NVS, LittleFS
and removes direct selection from '*.conf' files where no longer
needed.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Check if the interface is down before joining IPv4 mDNS multicast
group. This avoids warning later when the network packet cannot be sent.
Fixes#71121
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Commit e99b5228a1 changed the default
networking behavior on qemu platforms, as the SLIP_TAP driver no longer
selected Ethernet L2. In results, qemu platforms in default
configuration had no network interface to work with.
Fix this, by restoring select for NET_L2_ETHERNET, but this time in
NET_SLIP_TAP. The difference is that SLIP_TAP is a generic driver
config, which could be enabled on any platform, so not changing the
behavior here, while NET_SLIP_TAP is a config dedicated for qemu only,
so it's reasonable to enable all that's needed to get SLIP to work with
qemu by default.
As there were circular Kconfig dependencies, move the respective qemu
configs outside of NET_RAW_MODE if block (as this caused the circular
dependency with ETH_DRIVER_RAW_MODE). Also, remove dependency to
NET_L2_BT, as it made little sense there, and also caused dependency
problems.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
There is no limitations for dwell time. Just add
valid condition for positive value. So , it's better
to remove those constraints.
Signed-off-by: Kapil Bhatt <kapil.bhatt@nordicsemi.no>
Running out of connection contexts is most likely due to app
misconfiguration, therefore it's useful to get an explicit information
that context allocation failed.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Correct various small edge-case behaviors that have been accidentally
introduced in the http_client.
- http_client_req no longer incorrectly returns -ETIMEDOUT on NULL HTTP
resonse. -ETIMEDOUT is now only returned when the underlying TLS
socket times out.
- http_client_req now returns -ECONRESET upon incomplete (but non-NULL)
HTTP response. The request callback is no longer called in this case
(as with any other error state).
- http_wait_data has been refactored slightly to increase clarity.
Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
If the packet cloning fails (can easily happen when working with
loopback interface and when having low net_buf count), then
print a warning to the user. Error could also be possible but
as the situation might correct itself in this case, the warning
should be enough.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If we fail to join all nodes or solicit node multicast groups
when the interface is down, then there is no need to print an
error message. The groups are automatically re-joined when the
interface comes up.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If user created the capture device using the API and not via
the shell, then the device name was not set. Use the default
capture device in this case.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The event NET_EVENT_CAPTURE_STARTED is generated when the
capture is enabled, and NET_EVENT_CAPTURE_STOPPED when capture
is disabled.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The net_capture_pkt() does not return information what happened
to the net_pkt because the packet was always cloned. With cooked
capture we can avoid the cloning in which case we need to know
the capture status in order to unref the packet if needed.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add support for capturing arbitrary data via the cooked mode (sll)
capture API. The actual packet capture is done using net_capture_data()
function, the packet capture infrastructure does not need any changes.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Allow user to create a kitchen sink pseudo a.k.a any network
interface that one is only able to write to. This might seem
unnecessary, but it is possible to attach virtual network
interfaces on top of this pseudo interface. These virtual
interfaces could then process the data for example for
packet capture purposes.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
For debugging purposes it would be nice to see the verdict
printed as a string instead of number.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add a recv callback to dummy API. After this it is possible to
receive data by a dummy network interface. This is only useful
if one attaches a virtual interface on top of the dummy one.
One such example is the cooked mode capture interface.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This commit fixes an issue where due to inverted logic (static function
returned 0 on success but the caller expected true/false) the MLDv2
reports were silently dropped.
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
Deprecate CONFIG_NET_TCP_ACK_TIMEOUT as it is redundant with the
combination of CONFIG_NET_TCP_INIT_RETRANSMISSION_TIMEOUT and
CONFIG_NET_TCP_RETRY_COUNT. The total retransmission timeout (i. e.
waiting for ACK) should depend on the individual retransmission timeout
and retry count, having separate config is simply ambiguous and
confusing for users.
Moreover, the config was currently only used during TCP handshake, and
for that purpose we could use the very same timeout that is used for the
FIN timeout. Therefore, repurpose the fin_timeout_ms to be a generic,
maximum timeout at the TCP stack.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add hostname changed printout to event monitor. As the name
says, it is generated when the hostname of the device changes.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Starting with b1d24e425c (net: lwm2m:
device object: optionally store error list in settings), it was no
longer possible to build the code with coverage enabled when the
settings subsystem was disabled.
The build would fail with an error like this:
> subsys/net/lib/lwm2m/lwm2m_obj_device.c:262: undefined reference to
> `settings_name_steq'
This fixes#70923.
Signed-off-by: Reto Schneider <reto.schneider@husqvarnagroup.com>
According to the `RFC8415` the length of the DUID is at least 1 octet
up to 128 octets. Now a user can choose buffer length without the need
for source code modification.
Signed-off-by: Marcin Gasiorek <marcin.gasiorek@nordicsemi.no>
eth_stats.h is using ethernet api but not including the header,
it must be working by luck in files that include it after
something else that includes ethernet.h, fix by just including it.
Signed-off-by: Declan Snyder <declan.snyder@nxp.com>
Instead of having a single config specifying the memory pool size for
variable-sized net buffers, have a separate one for TX and RX for better
configuration granularity when optimizing memory usage of the
application.
Deprecate the old configuration but use its value as a default (for now)
for the new configs. This will need to change when the config is
deleted.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
There should be a particular defines which clarify the
use of that number. So, replacing numbers with defines
in wifi shell.
Signed-off-by: Kapil Bhatt <kapil.bhatt@nordicsemi.no>
Outgoing block-transfers now set the socket hint
to ONGOING as long as the BLOCK1/BLOCK2 header has
MORE flag set to true.
This means as only the last packet in the block-transfer
set the socket hint to LAST or ONE_RESPONSE.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
Once Wi-Fi is associated few parameters like listen interval and
power-save mode cannot be changed. The state for association is
"ASSOCIATED" and not completed. Even after state transitions to
COMPLETE, it can still go back to other states, e.g., PTK/GTK renewal.
Fix the state check.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
The gPTP is not suppose to be run on top of VLAN and the
earlier support was just for testing purposes. Remove VLAN
support now after the VLAN overhaul.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Print also network interface index together with the pointer value
in order to get more useful information what is going on in the system.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Print information whether a multicast address is properly
joined to a multicast group when print addresses using
"net iface" command.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
As the interface type is always Virtual, no need to print it.
Print instead the name of the network interface as it is more
useful to the user.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If an IPv6 address was added to the interface while the
interface was down, its solicited node multicast address
is not joined properly and IPv6 communication will to
other hosts will fail. So make sure to rejoin all the
solicited node multicast groups that were joined already
when the network inteface is going up.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add debug information to print when the network L2 enable
callback is called and fails. Useful to see this information
as at that point the interface goes down.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Start any pending IPv6 DAD timers when interface comes up.
If IPv6 addresses have been added to the network interface when
it was down, the addresses would never work properly if the DAD
is not done.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Instead of printing just a network interface pointer, print
also the interface index so debugging is a bit faster as no
lookup from interface listing is needed.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
No need to do the checks any more because user has specified
the VLAN count and so many VLAN virtual interface are already
created.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Re-implement the VLAN support inside the network stack.
All the user facing APIs stay as is but internally the VLANs
are implemented using the L2 virtual interfaces.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Some compilers have trouble parsing variables directly after a case
statement.
Fixes: #70792
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Changing remaining users of fcntl.h to use the include from our own
POSIX file so that the values in there are consistent in all parts
of the sources.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Use only Zephyr specific POSIX header files so that the whole
system is getting values from the same files. There was an issue with
native_sim run of tests/net/socket/af_packet which had O_BLOCKING set
to 0x4000 from include/zephyr/posix/fcntl.h, but then the file
subsys/net/lib/socket/sockets.c was having O_BLOCKING set to 0x0800
because different header files were used.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Currently the socks library does not use sockets so there
is no need to select socket symbols.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The library should be using internal socket API functions
so that we do not need to depend on POSIX_API inside the
network stack.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Have special wrappers for zsock_fcntl and zsock_ioctl functions
so that gcc warning can be avoided.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The CONFIG_NET_SOCKETS_POSIX_NAMES option is marked as deprecated in
favor of using normal POSIX socket API includes found under the
include/zephyr/posix directory. If you want to use BSD socket API calls,
you need to select POSIX_API and use the socket headers found in the
POSIX subsystem. If you do not want to or cannot enable POSIX_API,
then you must use zsock_ prefix when working with BSD socket calls.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
By using `getopt_state` to access `optarg`, offering a better alternative
to direct global `optarg` access.
This approach mitigates the risks associated with concurrent access to
the global variable.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
This change marks each instance of the `struct option` as `static const`.
The rationale is that `struct option` is a read-only variable.
By using `static const`, we ensure immutability, leading to usage of only
the `.rodata` section and a reduction in the `.data` area.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
This commit simplifies the access to structure members and omits
unnecessary variable initializations.
Specific adjustments include:
- Moving from pointer-based access (`(®d)->chan_info`) to
direct structure member access (`regd.chan_info`).
- Removing explicit initializations where not required.
- Removing excess backslashes '\' before '%' in the format string.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
When setting a name to a network interface, verify that no other
interface has the same name as that would make very difficult to
select an interface by a name.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
For zero sized buffers, instead of pointing to a buffer, net_buf->__buf
is NULL. For this reason, when cloning a buffer, the code needs to check
__buf before dereferencing it.
Signed-off-by: Reto Schneider <reto.schneider@husqvarnagroup.com>
As stated in "[RFC7959], Section 2.5":
"The Block1 Option provides no way for a single endpoint to perform
multiple concurrently proceeding block-wise request payload transfer
(e.g., PUT or POST) operations to the same resource. Starting a new
block-wise sequence of requests to the same resource (before an old
sequence from the same endpoint was finished) simply overwrites the
context the server may still be keeping."
Signed-off-by: Marco Argiolas <marco.argiolas@ftpsolutions.com.au>
Refactor the IP tunneling support as the input callback was removed
in previous commit. The data will flow through the recv callback now
as expected.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The input callback was an unfortunate idea which just complicated
how the packet flows through virtual interfaces so removing it.
The data is passed normally through the recv callback from now on.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The function needs to loop through the virtual interfaces
tied to this physical interface.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Channel is mandatory for AP mode. It is processed only
if its less than or equal to three characters. Otherwise
we need to throw error for channel in AP mode.
Signed-off-by: Kapil Bhatt <kapil.bhatt@nordicsemi.no>
This functionality is useful on the following scenario:
1) The first buffer in a net_pkt contains user data which is relevant
for the (whole) net_pkt.
2) When inserting a new buffer in front of the net_pkt, the (previously)
first buffer (and its user data) are no longer accessible via
net_pkt->buffer.
3) net_buf_user_data_copy() allows to simply copy the user data from the
old to the new first buffer.
Signed-off-by: Reto Schneider <reto.schneider@husqvarnagroup.com>
If the network interface does not enable IPv4, then it is pointless
to print DHCPv4 information when invoking "iface" shell command.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The final ACK check during passive close was wrong - we should not
compare its SEQ number with the ACK number we've sent last, but rather
compare the ACK number it acknowledges matches our current SEQ number on
the connection. This ensures, that the ACK received is really
acknowledging the FIN packet we've sent from our side, and is not just
some earlier retransmission. Currently the latter could be the case, and
we've closed the connection prematurely. In result, when the real "final
ACK" arrived, the TCP stack replied with RST.
Subsequently, we should increment the SEQ number on the connection after
sending FIN packet, so that we are able to identify final ACK correctly,
just as it's done in active close cases.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>