If we were trying to send max MTU size data, then the temporary
frame_buf was overflowing because it only allocated 1500 bytes
for the buffer but then copied 1514 bytes into it (max mtu +
ethernet header).
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Add the following application-facing memory domain APIs:
k_mem_domain_init() - to initialize a memory domain
k_mem_domain_destroy() - to destroy a memory domain
k_mem_domain_add_partition() - to add a partition into a domain
k_mem_domain_remove_partition() - to remove a partition from a domain
k_mem_domain_add_thread() - to add a thread into a domain
k_mem_domain_remove_thread() - to remove a thread from a domain
A memory domain would contain some number of memory partitions.
A memory partition is a memory region (might be RAM, peripheral
registers, flash...) with specific attributes (access permission,
e.g. privileged read/write, unprivileged read-only, execute never...).
Memory partitions would be defined by set of MPU regions or MMU tables
underneath.
A thread could only belong to a single memory domain any point in time
but a memory domain could contain multiple threads.
Threads in the same memory domain would have the same access permission
to the memory partitions belong to the memory domain.
The memory domain APIs are used by unprivileged threads to share data
to the threads in the same memory and protect sensitive data from
threads outside their domain. It is not only for improving the security
but also useful for debugging (unexpected access would cause exception).
Jira: ZEP-2281
Signed-off-by: Chunlin Han <chunlin.han@linaro.org>
Building off the success of PR #4119, add more attributes to the sphinx
processing list (as encountered in PR #4123) plus others from
include/toolchain/gcc.h that looked safe to add.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Everything get passed to handlers as u32_t, make it simpler to check
something that is known to be a pointer, like we already do with
_SYSCALL_IS_OBJ().
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The compiler was complaining about impossible constraints since register
constraint was provided, but there are no general purpose registers left
available.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Device drivers need to be treated like other kernel objects, with
thread-level permissions and validation of struct device pointers passed
in from userspace when making API calls.
However it's not sufficient to identify an object as a driver, we need
to know what subsystem it belongs to (if any) so that userspace cannot,
for example, make Ethernet driver API calls using a UART driver object.
Upon encountering a variable representing a device struct, we look at
the value of its driver_api member. If that corresponds to an instance
of a driver API struct belonging to a known subsystem, the proper
K_OBJ_DRIVER_* enumeration type will be associated with this device in
the generated gperf table.
If there is no API struct or it doesn't correspond to a known subsystem,
the device is omitted from the table; it's presumably used internally
by the kernel or is a singleton with specific APIs for it that do not
take a struct device parameter.
The list of kobjects and subsystems in the script is simplified since
the enumeration type name is strongly derived from the name of the data
structure.
A device object is marked as initialized after its init function has
been run at boot.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
To define a system call, it's now sufficient to simply tag the inline
prototype with "__syscall" or "__syscall_inline" and include a special
generated header at the end of the header file.
The system call dispatch table and enumeration of system call IDs is now
automatically generated.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The doxygen/sphinx/breathe processing for API documentation has some
known issues and we've been using a post-processing filter to eliminate
"expected" warnings. Sphinx/Breathe 5.0 was updated to support
identifying attributes causing these warnings, so this PR adds a
starting list to get around warnings recently introduced with __syscall
and __syscall_inline (PR #4103).
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Issuing HCI reset command while having connections sometimes
hung the controller.
ll_reset supplied invalid stop ticker id to role_disable
when trying to stop all connections. Connection role does
not utilize stop ticker. The invalid ticker id supplied
referenced memory outside the pool of tickers and based on
what the content is in RAM there, the controller would hang
trying to stop connections.
Fixed by not calling the ticker_stop interface with invalid
ticker ids.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Update the versions of tools used to generate documentation locally and
include a description of the message filtering now included in the doc
build Makefile (formerlly only done in the CI scripts).
Also, include the documentation docs in the developer guides to help
folks that want to contribute and generate docs locally.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
The IPv6 address parameters in net_ipv6_send_na() can be const
as the function will not modify them. This avoids compile warning
about parameter constness.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
It is useful to return the neighbors in net_ipv6_nbr_foreach()
groupped by network interface. This way the caller has them
already in proper order and does not need to re-group them.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Proxy configuration messages are allowed (in fact required) to use
unassigned addresses, so they should be exempt from this check.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The test failure may be e.g. because of an unknown company id, and in
that case the spec expects us to ignore the message.
With this patch it should be possible to pass MESH/SR/HM/RFS/BI-01-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
A previous patch which moved dispatching the health publish callback
to a later moment introduced a regression where the period divider
does not get updated when it should. In fact, having the divider as
part of the Health Server context is redundant, since the same
information is already stored generically in the model publication
context. Switching to using the model publication context makes things
simpler and ensures that the value is always up-to-date.
With this patch it is possible to pass MESH/SR/HM/CFS/BV-02-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We should ignore invalid addresses (helps pass
MESH/NODE/CFG/LPNPT/BI-01-C). Also fix a copy-paste issue in an error
log.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The values all need to be zeroed when heartbeat subscription is
disabled. This makes it possible to pass MESH/NODE/CFG/HBS/BV-01-C.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
These tests test the IPv4 multicast address add, lookup and
removal functions found for network interface.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
There was no handler functions for adding, removing and looking up
IPv4 multicast addresses in the network interface.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If the user tried to bind to IPv4 multicast address, then the
operation failed and returned error.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The IPv4 address in struct in_addr is in big endian so check
the multicast address value correctly.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If the network interface does not support IPv4 like IEEE 802.15.4
or Bluetooth, then do not print IPv4 information for those interfaces.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Some versions of make seem to more greedy about how they match
$(notdir %).inc vs $(notdir %).gz.inc. If we put the gz.inc rule first
that seems to deal with the issue.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
- syscall.h now contains those APIs needed to support invoking calls
from user code. Some stuff moved out of main kernel.h.
- syscall_handler.h now contains directives useful for implementing
system call handler functions. This header is not pulled in by
kernel.h and is intended to be used by C files implementing kernel
system calls and driver subsystem APIs.
- syscall_list.h now contains the #defines for system call IDs. This
list is expected to grow quite large so it is put in its own header.
This is now an enumerated type instead of defines to make things
easier as we introduce system calls over the new few months. In the
fullness of time when we desire to have a fixed userspace/kernel ABI,
this can always be converted to defines.
Some new code added:
- _SYSCALL_MEMORY() macro added to check memory regions passed up from
userspace in handler functions
- _syscall_invoke{7...10}() inline functions declare for invoking system
calls with more than 6 arguments. 10 was chosen as the limit as that
corresponds to the largest arg list we currently have
which is for k_thread_create()
Other changes
- auto-generated K_SYSCALL_DECLARE* macros documented
- _k_syscall_table in userspace.c is not a placeholder. There's no
strong need to generate it and doing so would require the introduction
of a third build phase.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This header could be maintained by hand since there are no inputs
and it only changes if the generating script is modified, but given
the choice to maintain 800-ish lines of extremely repetitive C
preprocessor code, or 100-ish lines of Python, the choice is pretty
clear.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Implement the Read Build Information VS command. This returns a UTF-8
encoded string, which is extendable by the user via a new Kconfig
option.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Implement the Zephyr VS command that allows a Host to write a public
Bluetooth Address to the Controller in order to allow Hosts to provide
their own public Bluetooth addresses.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
If the data parameter in net_pkt_insert() is NULL, then just
insert amount of data but clear the area instead of copying.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
User was able to tweak IPv6 hop-limit so introduce similar
feature for IPv4 Time-To-Live value.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If the caller of http_client_send_req() sets the timeout to
K_NO_WAIT, then the function would still wait for a while before
returning to the caller.
Jira: ZEP-2624
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
From section 3.4.5.3 in the Mesh Profile Specification 1.0:
"A node shall implement a Local Network Interface."
Removing the Kconfig option also helps clean up quite a lot of code.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The bt_mesh_net_relay() function needs to allow TTL <= 1 for the local
network interface since that's the code path that locally originated
outgoing packets take.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Mesh Profile Specification v1.0, 5.3.3:
"On the PB-ADV bearer, when the receiver has received all segments of
a transaction, the receiver shall calculate the FCS for the received
Provisioning PDU, and if it matches the FCS field in the Transaction
Start PDU, it shall send a Transaction Acknowledgment PDU after
a random delay between 20 and 50 milliseconds."
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The Mesh specification recommends defaulting to the company ID in the
composition data when no other ID is relevant (e.g. in error cases or
if the app has not provided a callback).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Encrypting and sending a message takes a considerable amount of time
which makes the publication period longer than expected.
With this patch it is possible to pass MESH/SR/HM/CFS/BV-02-C test.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>