In order to avoid any mutex deadlocks between iface->lock and
TX lock, release the interface lock before calling a function
that will acquire TX lock. See previous commit for similar issue
in RS timer handling.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The net_if.c:rs_timeout() is sending a new IPv6 router solicitation
message to network by calling net_if_start_rs(). That function will
then acquire iface->lock and call net_ipv6_start_rs() which will try
to send the RS message and acquire TX send lock.
During this RS send, we might receive TCP data that could try to
send an ack to peer. This will then in turn cause also TX lock
to be acquired. Depending on timing, the lock ordering between
rx thread and system workq might mix which could lead to deadlock.
Fix this issue by releasing the iface->lock before starting the
RS sending process. The net_if_start_rs() does not really need to
keep the interface lock for a long time as it is the only one sending
the RS message.
Fixes#86499
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Fix handling of poll setting socket error flag.
In this case errno is no set, so should not be the return value either.
Instead retrieve the socket error for SOCKERR and return EBADF for
SOCKNVAL.
Signed-off-by: Joakim Andersson <joerchan@gmail.com>
Queueing packets should be possible from the ISR context, recent changes
prevented that. Therefore add extra checks in
net_tc_submit_to_tx/rx_queue() to make them ISR friendly again.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Building with clang warns:
subsys/net/l2/ethernet/ethernet.c:178:18: error: unused function
'ethernet_check_ipv4_bcast_addr' [-Werror,-Wunused-function]
enum net_verdict ethernet_check_ipv4_bcast_addr(struct net_pkt *pkt,
^
ethernet_check_ipv4_bcast_addr is called by ethernet_ip_recv, which only
exists when CONFIG_NET_IPV4 or CONFIG_NET_IPV6 is defined.
Signed-off-by: Tom Hughes <tomhughes@chromium.org>
The ARP protocol handler cannot directly access the Ethernet header
because the caller has removed the header already when the handler
is called. So change net_arp_input() and pass source and destination
MAC address there instead of bogus pointer that was pointing to ARP
header instead of Ethernet header. This requires changes to ARP tests.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
When run the Zperf UDP throughput with '-a' (Asynchronous call),
zperf_work_q thread will generate and send the packets to tx_q thread.
When zperf_work_q and tx_q threads have same priority, if zperf_work_q
fails to take the semaphore of fifo_slot, it will not wait and directly
drop the net_pkt. Then it will allocate new net_pkt, repeat, and always
occupy the CPU, which leads to extreme low throughput.
For TX, when take the semaphore of fifo_slot, setting a wait time of
K_FOREVER to let other thread to process and free these packets.
For RX, when failed to take the semaphore of fifo_slot, yield the CPU
to let the thread of data path with same priority to run to reduce
dropping packets.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
In rare occasions when sending DAD NS packet fails, we should still
setup the DAD timer, unless we implement some kind of more advanced
retry mechanism. If we don't do that, the IPv6 address added to the
interface will never be usable in such cases.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
DAD creates an entry in the neighbor cache for the queried (own)
address. In case the address is removed from the interface while DAD is
still incomplete, we need to remove the corresponding cache entry (just
like in case of DAD timeout) to avoid stale entries in the cache.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Calling coap_client_cancel_requests() clears the internal request
context only for active requests (i. e. not replied yet). However,
if there are any pending request context monitoring ACK duplicates,
those would still make the corresponding client socket being monitored
by poll(). In result, when application closes the socket, the polling
thread will throw POLLNVAL error for the socket.
Fix this, by resetting all request contexts unconditionally. The request
callback will only be called for the active requests.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Remove the CONFIG_WIFI_NM_WPA_SUPPLICANT_WNM macro in L2 shell level
to make 11v BTM query support embedded supplicant.
Signed-off-by: Rex Chen <rex.chen_1@nxp.com>
According to RFC 4861, ch. 7.2.5:
"If the Override flag is set, or the supplied link-layer address
is the same as that in the cache, or no Target Link-Layer Address
option was supplied, the received advertisement MUST update the
Neighbor Cache entry as follows
...
If the Solicited flag is set, the state of the entry MUST be
set to REACHABLE"
This indicates that Target Link-Layer Address option does not need to be
present in the received solicited Neighbor Advertisement to confirm
reachability. Therefore remove `tllao_offset` variable check from the
if condition responsible for updating cache entry. No further changes in
the logic are required because if TLLA option is missing,
`lladdr_changed` will be set to false, so no LL address will be updated.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
According to RFC 4861, ch. 7.3.3:
"Upon entering the PROBE state, a node sends a unicast Neighbor
Solicitation message to the neighbor using the cached link-layer
address."
Zephyr's implementation was not compliant with behavior, as instead of
sending a unicast probe for reachability confirmation, it was sending a
multicast packet instead. This commit fixes it.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
When Router Advertisement with Source Link-Layer Address option is
received, host should register a new neighbor marked as STALE
(RFC 4861, ch. 6.3.4). This behavior was broken however, because
we always added a new neighbor in INCOMPLETE state before processing
SLLA option. In result, the entry was not updated to the STALE state,
and a redundant Neighbor Solicitation was sent.
Fix this by moving the code responsible for adding neighbor in
INCOMPLETE state after options processing, and only as a fallback
behavior if the SLLA option was not present.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
This condition can happen if there is MDNS activity on the network that is
either not according to specifications or not supported by Zephyr.
Lowering the log level from ERR to DBG, since this does not indicate an
error in the Zephyr application.
Signed-off-by: Helge Juul <helge@fastmail.com>
We need to make sure that within Zephyr different users of the PSA APIs
don't interfere with each other because of using the same numerical IDs
for persistent assets.
This takes care of the PSA key IDs when using persistent keys through
the PSA Crypto API.
See the comments in `<zephyr/psa/key_ids.h>` for more information.
This removes the recently-introduced Kconfig options that allowed changing
the base IDs subsystems were using for their persistent keys.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Implement support for DNS Recursive Name option and use obtained
information to configure DNS resolver.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
There's nothing in RFC 2131 or RFC 8415 that would mandate the DHCP
server to reply with a source port set to the IANA assigned one, and
some servers seem to send responses with some arbitrary source port set.
Therefore, make Zephyr's DHCP client implementation more permissive,
accepting packets with a source port set to a different port than the
IANA assigned server port.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In ap enable cmd, channel set to 0 means ACS mode.
Remove hostapd AP macro for this case to make ACS mode
available for public usage.
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
When writing to a time resource, the logic was incorrect when validation
was enabled for the resource - when determining the actual underlying data
type we should compare against the data buffer length and not the
validation buffer length.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
If an IP address already exists when it is tried to be added to the
network interface, then just return it but update ref count if it was
not updated. This could happen if the address was added and then removed,
but for example an active connection was still using it and keeping the
ref count > 0. In this case we must update the ref count so that the IP
address is not removed if the connection is closed.
Fixes#85380
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The mDNS probing is described in RFC 6762 chapter 8.1.
The code will send an unsolicited mDNS query to network and
will check if there are existing hosts with the same name.
If there are, then the mDNS responder will not respond to
queries it is configured to use.
Fixes#84333
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Allow user to specify the network interface where the query should
be sent, but only if the user has supplied the DNS servers in sockaddr
list. If user has specified a DNS servers in a string list, then the
possible network interface is taken from the string.
The reason for this is that it is not possible to add network interface
to the sockaddr list so an extra parameter is needed.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Allow user to specify socket service struct and port number so
that DNS servers specified in Kconfig etc are not used. This way
we can send a DNS query to arbitrary address without it affecting
the system configuration.
This is used in mDNS probing so that that mDNS responder can send
probe message and not change / configure system global DNS config.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Introduce dns_resolve_name_internal() that allows resolving a name
and not use DNS cache if caching is enabled.
This is needed in mDNS probing (RFC 6762 chapter 8.1) which needs
to send a mDNS query and not get any results from cache.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Building with clang warns:
subsys/net/lib/http/http_hpack.c:21:20: error: unused function
'http_hpack_key_is_dynamic' [-Werror,-Wunused-function]
static inline bool http_hpack_key_is_dynamic(uint32_t key)
^
Signed-off-by: Tom Hughes <tomhughes@chromium.org>
The coap_client.h header won't build if included from c++ file:
error: expected primary-expression before ‘.’ token
.value[0] = coap_bytes_to_block_size(CONFIG_COAP_CLIENT_BLOCK_SIZE),
Therefore move the actual function implementation to the library C file
to prevent this.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Added new parameter "A" in wifi connect command to support
CA certificate used or CA certificate skipped for
EAP-TTLS-MSCHAPV2 and EAP-PEAP-MSCHAPV2.
Signed-off-by: Qingling Wu <qingling.wu@nxp.com>
option struct was uninitialized in insert_option() function
during encode_options() call when the while loop wasn't
executed before.
Signed-off-by: Jakub Witowski <jakub.witowski9302@gmail.com>
The hdr_len was uninitialized when none of if-else
conditions were met in decode_delta() function.
Signed-off-by: Jakub Witowski <jakub.witowski9302@gmail.com>
From the MQTT-SN spec:
6.5 Topic Name Registration Procedure
...
At any point in time a client may have only one
REGISTER message outstanding, i.e. it has to wait
for a REGACK message before it can register another
topic name.
...
6.9 Client’s Topic Subscribe/Un-subscribe Procedure
...
As for the REGISTER procedure, a client may have only
one SUBSCRIBE or one UNSUBCRIBE transaction open at a time.
...
Until now, the library did not comply with these requirements.
An additional "waiting" state for topics was introduced:
REGISTER, SUBSCRIBE and UNSUBSCRIBE as an extra step before
switching to REGISTERING, SUBSCRIBING and UNSUBSCRIBING. The
library now makes sure that only one topic can be REGISTERING
and only one topic can be in either SUBSCRIBING or UNSUBSCRIBING.
Additionally, requesting to UNSUBSCRIBE is now denied if the topic
is not yet SUBSCRIBED, to avoid weird race conditions.
Also, added two tests that verify this behavior.
This fixes#84644
Signed-off-by: Rene Beckmann <rene.bckmnn@gmail.com>
Add word 'by' to function names to clarify which is the thing that
is found and which is the thing that is searched for. For example,
mqtt_sn_topic_find_name was renamed to mqtt_sn_topic_find_by_name
because the function does not find the name but finds a topic by
its name.
Signed-off-by: Rene Beckmann <rene.bckmnn@gmail.com>
When HTTP 101 Switching Protocols response is received, force the HTTP
parser to ignore any potential message body payload (which should
already belong to the new protocol).
This is usually not an issue, as Switching Protocols reply should
contain headers only, however it's been observed that some servers
specify chunked transfer-encoding header which tricks the parser
to wait for payload event though it never arrives.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Print interface status information for "net iface" command.
This is useful information when debugging connectivity issues.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add the check if dev is NULL (when iface is NULL, dev is NULL) when
setting Wi-Fi CMD, in case Wi-Fi driver init fails and shell crashes.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Setting Wi-Fi cmd only when the net interface is up, avoid the case
that driver deinit and net interface is down, then the L2 APIs interact
with supplicant and driver, which may lead to CPU exception.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Building with clang warns:
subsys/net/ip/utils.c:600:24: error: unused function 'pkt_calc_chksum'
[-Werror,-Wunused-function]
static inline uint16_t pkt_calc_chksum(struct net_pkt *pkt, uint16_t sum)
^
pkt_calc_chksum is called by net_calc_chksum, which only exists when
CONFIG_NET_NATIVE_IP is defined.
Signed-off-by: Tom Hughes <tomhughes@chromium.org>
It might happen now after the commit 8519fa1627 ("net: socket service
resets its restart flag") that the event has disappeared before we
call the work, if that happens we must not bail out but restart
the service.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Just ignore any EALREADY error returned when trying to register a
DNS dispatcher. This could happen if trying to init things when the
interface comes up and we have already initialized the dispatcher.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The DNS_EAI_SYSTEM error value tells that the errno value
contains the actual system error value. So set the errno
properly when there is a system error.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Feed the dispatcher context to dispatcher callbacks instead of
resolver or responder context. The callback can then use the
proper context because the dispatcher context contains those
two context. This allows dispatcher callback to utilize all the
information (like interface etc) stored in dispatcher context.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
