Installing recv callback with net_context_recv() after
net_context_connect() left an opening for a possible race - in case the
server send some data immediately after establishing TCP connection, and
Zephyr did not manage to install the callback on time, the data would be
lost, corrupting the stream.
This can be avoided, by installing the recv callback before the
connection is triggered. As net_context_recv() called w/o timeout only
registers the callback function, it should have no negative impact. The
only change on the TCP side is when the connection is closed - in case
TCP is in connect stage, do not call the recv callback (before this
change it'd be NULL at that point).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The coap client takes requests and provides responses
asynchronously to callback given in a request.
Currently supports only 1 request at a time.
Signed-off-by: Jarno Lämsä <jarno.lamsa@nordicsemi.no>
In case recv() call was waiting for data, and the socket was closed from
another thread, the recv() call would not be interrupted, causing the
receiving thread to be blocked indefinitely.
Fix this, by signalling the condvar the recv() call is waiting on
close(). Additionally, close will now set the socket into error mode,
with EINTR as the error condition, allowing the blocked calls to
recognise that the call was interrupted, and return a proper error code
on the event.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Variable declarations are moved to the beginning of the block in
which they are visible to ensure consistency with the remainder
of the code base.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
The encryption-only security level has been removed from the
spec, see IEEE 802.15.4-2020, 9.4.2.2 Security Level field.
The standard provides the following explanation (ibid):
"This security level is deprecated and shall not be used in
implementation compliant with this standard. Devices that
receive frames with security level 4 shall discard them, as
described in 9.2.4. The counter mode encryption and cipher
block chaining message authentication code (CCM) used allows
trivial changes to the underlaying encrypted data unless
data authenticity is provided, thus using data confidentiality
only is not useful. In the case of TSCH mode, security level 4
allows higher security level frames to be downgraded to
security level 4 frames."
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
See IEEE 802.15.4-2020, 7.2.2.11 Source Addressing Mode field and
7.2.2.9 Destination Addressing Mode field, table 7-3: The
previously deprecated "Simple addressing mode" was removed
from the spec.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
Currently the insertion of an authentication tag requires a memcpy() call
and breaks encapsulation.
This change removes the need for memcpy() and improves the encapsulation
by calculating and reserving the required headspace early on while
keeping insertion where it belongs in the outgoing security procedure.
This is also a preparation for improved standard compliance of the
outgoing security procedure which is scheduled for a later commit.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
The naming of variables and arguments containing the authentication
tag length was inconsistent:
* Naming inconsistency between header "length" vs. authtag "size"
in the same API calls
* "Tag" rather than "Auth[orization ]Tag" in external API calls
which is too generic from a compliance and readability viewpoint.
This is in preparation to zero-copy authentication support.
Almost all call sites will be subject to required structural changes
later on so no relevant git blame noise/history loss will be introduced
by this naming change in the long run.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
Over time, some non-standard concepts and extensions were introduced
into the stack (in KConfig, in drivers, in the internal API and into the
implementation) which makes introduction of additional standard-
compliant extensions like TSCH (and others) unnecessarily difficult.
To introduce extensions like TSCH it is required for the IEEE 802.15.4
stack to become more structurally aligned with the standard again which
will be the focus of some of the upcoming preparatory changes.
One way to check and prove standard compliance is to reference the
standard from within the source code. This change therefore introduces
inline references to the IEEE 802.15.4-2020 standard wherever possible.
Deviations from the standard are documented with TODO or deprecation
labels to be addressed in future changes.
In the future, new code introduced to the IEEE 802.15.4 stack should
be documented and reviewed for standard-compliance to avoid further
divergence. Most importantly:
* MAC/PHY configuration (via net mgmt, radio API, devicetree or
KConfig) should always be directly linked to well-defined MAC/PHY
PIB attributes if visible to the MAC API or the end user.
* Net management/shell/radio API commands should have a documented
reference to the corresponding MLME action from the standard.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
According to RFC768 UDP packets with zero checksum are allowed with IPv4.
Enable this by default.
For example, some routers use zero checksum in DHCP packets.
Signed-off-by: Nils Ruf <nils.ruf@endress.com>
The current implicit MAC payload length algorithm (based on
an otherwise irrelevant footer pointer) produces invalid
(non-standard) values for beacon and command frames.
This change produces standard-conforming MAC payload length
values and simplifies access to payload length.
It would have been possible to fix the current footer pointer
based approach but there are arguments in favor of the new
approach:
- The footer pointer is used nowhere in the current code
base and makes length calculations rather non-obvious.
- The new approach does not use more memory and is easier
to understand and use.
- This change is a first step to support of IEEE 802.15.4
information element (IE) support. At a later stage the
distinction between MAC payload length and frame payload
length will be introduced and become relevant to
distinguish between header and payload IEs. At that point
the current implicit length calculation algorithm will
break down anyways.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
The current IEEE 802.15.4 stack would not accept beacons
unless hardware filtering was active.
This change fixes the bug.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
The shell command calling the IEEE 802.15.4 scanning procedure
did not properly release its net management event callback.
This change fixes the memory leak.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
Active and passive scanning requires the channel and PAN to
be set temporarily.
This change ensures that the temporary configuration will
be reverted even when the scan is aborted due to an error.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
Beacon and command frames are consumed by the IEEE 802.15.4
stack internally and should therefore be released before
returning control to the generic net stack.
This change fixes the resource leak.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
In certain scenarios, it may be necessary to get values of additional
options from the application layer. With this patch, this can be
accomplished by registering a callback with the DHCP client.
This change has been tested using the posix build in qemu.
Signed-off-by: Matthias Breithaupt <m.breithaupt@vogl-electronic.com>
Until now iterable sections APIs have been part of the toolchain
(common) headers. They are not strictly related to a toolchain, they
just rely on linker providing support for sections. Most files relied on
indirect includes to access the API, now, it is included as needed.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
This change splits the IEEE 802.15.4 test into two separate
test profiles, one with and one without sockets enabled to ensure
that both configurations work correctly.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
The current IEEE 802.15.4 stack assumes that drivers will
not provide more than one fragment in incoming packages.
This change exposes and enforces the pre-existing assumption
made by the implementation.
So far this is not a limiting restriction as MPDUs with more
than 127 bytes are not supported yet. It will probably have to
be changed as soon as larger payloads (as allowed by PHYs
introduced more recently into the spec) might want to allocate
smaller fragments.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
When changing IEEE 802.15.4 security settings or setting security
to 'none' then the previous session must be cleaned up to avoid
resource leaks.
This change introduces proper clean-up of the security session.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
Shifting "timeout <<= conn->zwp_retries" by more then 63 bits results in
undefined behaviour.
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
If a socket has DSCP set then the packets from the socket should also be
marked with appropriate priority in case traffic classes are used in
networking stack.
Signed-off-by: Krishna T <krishna.t@nordicsemi.no>
This is needed for applications that rely on WPA supplicant being
in disconnected state before issue subsequent commands (e.g., issue scan
immediately after disconnect fails, until disconnect is completed).
Signed-off-by: Krishna T <krishna.t@nordicsemi.no>
In the FIN_WAIT_1 any incoming data is dropped, but anknowledged. Add a
check to see if the data is already acknowleged to prevent double
acknowledging of the data and bringing the acknowlegde counter out of
sync. When the acknowledge counter gets out of sync, the connection will
never properly terminate any more.
Signed-off-by: Sjors Hettinga <s.a.hettinga@gmail.com>
After sending a CoAP block and receiving the CONTINUE response
code the next block is sent.
Signed-off-by: Lukas Woodtli <lukas.woodtli@husqvarnagroup.com>
Allow to use a buffer for the complete message body if block transfer is
enabled. This buffer is used when serializing the message. For sending
the message the body is split into blocks.
Signed-off-by: Lukas Woodtli <lukas.woodtli@husqvarnagroup.com>
The function gets the the BLOCK1 option from a received message
and extracts the block number, block size and has-more flag from
it.
Signed-off-by: Lukas Woodtli <lukas.woodtli@husqvarnagroup.com>
The function adds a block option to a CoAP message. If the message
is a request the BLOCK1 option is added. Otherwise (response) the
BLOCK2 option is added.
Signed-off-by: Lukas Woodtli <lukas.woodtli@husqvarnagroup.com>
Add a trailing _ to the section iterable name. This is useful, for
example, to implement numeric sorting like this:
SORT(.z_device_LEVEL_?_)
SORT(.z_device_LEVEL_??_)
Without the trailing _ it would not be possible to use the ?? wildcard
without triggering into trigraphs issues, because linker-defs.h header
is included in C files as well.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Rather than raise error on connect if iface is down, just take the iface
up.
Rather than raise error on disconnect if iface is down, just ignore the
disconnection request.
Adjust tests and documentation accordingly.
This should make the API easier to use for applications and is more in
line with the original L2 agnostic connectivity RFC.
Also replace some instances of net_if_flag_is_set with
net_if_is_admin_up, which is cleaner and identical in function.
Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
The current method for handling DAD directly tracks a DAD state for each
iface.
This does not reflect the fact that each individual IP has a separate
DAD state.
This also does not align with the logic in conn_mgr_initial_state, which
instead uses net_if_ipv6_get_global_addr(NET_ADDR_PREFERRED, ...).
Thus, the current approach falsely reports IPv6 ready when DAD adds
the link_addr, and also fails to report IPv6 ready if DAD is disabled.
This commit removes DAD tracking completely, and relies solely on
net_if_ipv6_get_global_addr(NET_ADDR_PREFERRED, ...), fixing both
problems, and simplifying the event tracking.
For consistency, slight modifications to IPv4 handling as well.
Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
Currently, conn_mgr fires L4_CONNECTED and L4_DISCONNECTED events for
every individual iface that gains or loses connectivity.
After this commit, these events are only fired when the first iface gains
connectivity, and the last iface loses connectivity, respectively.
This is so that applications can rely on conn_mgr as a simple way to
track whether connectivity is available.
Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
Adds a flag to allow ifaces and L2s to be ignored.
This is so that applictions have better control over what ifaces they
want connectivity management for.
Enabling the flag forces conn_mgr to consider the iface
unready.
Also increase NET_CONNECTION_MANAGER_PRIORITY default value from 0 to 1
so that applications can register SYS_INIT callbacks that fire just
before conn_mgr initializes. This allows ignored ifaces to be configured
before conn_mgr starts, if needed.
Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
In preparation for altering the conditions under which conn_mgr
fires NET_EVENT_L4_CONNECTED and NET_EVENT_L4_DISCONNECTED,
refactor the event logic without changing its behavior.
These changes do not alter the behavior of conn_mgr. They merely change
how that behavior is expressed so that it is easier to understand, and so
that upcoming changes are easier to implement.
Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
Current implementation does not prevent the net_mgmt thread from
preempting during state change handling and generating more
state changes. Add a mutex to protect internal state of conn_mgr
Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
Relocate conn_mgr_if_get_binding to conn_mgr_private.h so that it
can be used by test suites.
Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
Since conn_mgr is a subsystem rather than a library, relocate it
directly into subsys/net rather than subsys/net/lib/
Rename header files to better match their function.
Remove net_ prefix from conn_mgr types, API, and files, since it is
unnecessary.
Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
Provide an extra struct net_if * iface parameter to
net_if_ipv*_maddr_join/leave functions, so that the corresponding
interface context, the mcast address belong to, can be locked for the
operation.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
As `net_if_get_link_addr()` returns a pointer to the link layer
structure, some extra protection is needed to prevent its contents from
being changed while accessed. Using the mutex lock associated with an
interface should do the trick.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Instead of having a single global mutex, covering, in most cases
unrelated, access to all network interfaces, introduce a separate mutex
for each network interface.
Wherever interface function operates on an individual interface context
data, use local mutex protection instead. The global mutex remains only
to protect access to shared resources (IPv4/6 context pool, timer lists
etc.).
Finally, rework the timer expiry handlers, to prevent interface
functions from being called while the global lock is held (the global
mutex has to be held when iterating over the timer list, as lists are
not thread safe). The reason for this is to avoid possible deadlock
scenario. The global mutex is sometimes being locked, while inside
interface function (protected by a local mutex), so if it was allowed
the other way as well, a deadlock could occur.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
