Due to new checks in mbedTLS config sanitizer, TLS option can no longer
be left enabled, when TLS is not used. OpenThread needs MBEDTLS_MD_C
and MBEDTLS_CIPHER_C even without TLS being used, so we need an option
to enable them manually.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The Router Advertisement can have prefix option. It's length
is 4 but the code did not check that which meant that we could
accept malformed packet. See RFC 4861 chapter 4.6.2 for details.
Fixes#25694
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Make sure that we do not add same IPv6 prefix, received from RA,
multiple times to prefix timer list. This avoids possible
denial-of-service issue if we receive suitably crafted RA packet.
Fixes#25698
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
OpenThread moved from 4 to 5 debug levels and it was not possible
to configure all of them with Kconfig.
Signed-off-by: Eduardo Montoya <eduardo.montoya@nordicsemi.no>
In order to support the retransmission for the outgoing data:
1. The outgoing data packet is appended to the send_data queue
in net_tcp_queue_data().
2. tcp_send_queued_data() is called and will use tcp_send_data()
to sends queued but unsent data packet by packet
until there's an unsent data and the receiver's window isn't full.
tcp_send_queued_data() subscribes send_data_timer
that will handle retrasmissions with tcp_resend_data().
3. tcp_send_data() peeks a single chunk of data from the send_data
queue that will not exceed the maximum segment size
until the the receiver's window is full.
tcp_send_data() uses conn->seq and conn->unack_len as the sequence
number for the TCP packet.
conn->unacked_len is advanced on each send.
4. On data acknowledgment:
- acknowledged amount of data is removed from the beginning
of the send_data queue
- conn->seq is advanced by the acknowledged amount
- conn->unacked_len is decremented by the acknowledged amount
- send_data_timer is cancelled
- tcp_send_queued_data() is called to send queued but
prevoiusly unsent data
5. On timeout, tcp_resend_data() will reset conn->unack_len,
peek one packet from the beginning of the send_queue and resend,
terminating the connection on retries exceeded.
Meanwhile the outgoing data tcp_send_queued_data() is just
appended to the send_data but not sent.
In case of the acknowledgement, tcp_send_queued_data() will
start sending multiple packets until the receiver's window
is full.
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
In order to support the retransmission for the outgoind data,
add the following into the TCP connection:
- struct net_pkt *send_data (used as a queue)
- send_data_total
- unack_len
- send_data_timer
- send_data_retries
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
In order to support the send window, add send_win into
the TCP connection.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
In order to support the data retransmission, refactor tcp_out()
into tcp_out_ext() which supports passing the sequence number.
In addition drop modifications of the connection sequence number
from tcp_out_ext(), this is the responsibility of data retransmission.
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
In order to use struct net_pkt for the outgoing data queue,
update tcp_pkt_alloc() macros, so they support allocation
without buffer.
Additionally, merge tcp_pkt_alloc() macros macros into one.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
Unsuccessfull packet clone in tcp_data_get() isn't handled,
add an error handling and don't ACK the incoming data in this case.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
In order to handle sequence overflow cases, use
net_tcp_seq_greater() to check if the sequence is greater/lower.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
The initial sequence number for a connection should be randomized
to prevent easy guesses.
Do not randomize the sequence number if network test or
test protocol is enabled.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
There was a possible race condition between sock_is_nonblock()
and k_sem_take() in spair_read() and spair_write() that was
mitigated.
Also clarified some of the conditional branching in those
functions.
Signed-off-by: Christopher Friedt <chrisfriedt@gmail.com>
The link address was not printed correctly as log_strdup() was
missing from the debug print.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Print detailed information about a given net_pkt. This is
useful if there is a memory leak and you want to see more
detailed information about the data inside the buffer.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Added support for Qemu User Networking and tested with
qemu_x86 model. The support is kept simple assuming that
the TAP interface will always be preferred for more
sophisticated / practical use cases.
QEMU User Networking is implemented using "slirp", which
provides a full TCP/IP stack within QEMU and uses that
stack to implement a virtual NAT'd network. As this
support is built into QEMU, it can be used with any model
and requires no admin privileges on the host machine,
unlike TAP.
Added documentation to facilitate the user.
Signed-off-by: Bilal Wasim <bilalwasim676@gmail.com>
The LLDP packet was created but its type was not set to LLDP
and was sent as ARP message.
Fixes#25084
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Add OpenThread configuration option, which allows to configure and start
OpenThread stack operation manually. This mode should be used in NCP
devices, as well as is needed for certification purposes, where
OpenTread stack have to be configured by the test framework and not
initialize and join the network on its own.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Frame format was validated, but its length should be also validated
relevantly against the format.
Fixes#24970
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Convert all canbus related API/samples/tests/subsys
to the new timeout API with k_timeout_t.
Signed-off-by: Alexander Wachter <alexander@wachter.cloud>
If we have removed first net_buf, then we must not restore the
original cursor as that will point to wrong head net_buf.
Add also unit test to check that the packets are removed
properly.
Clarify the documentation that we are removing data from
beginning of the function, also document that the cursor
is reset after this call.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Replace:
DT_FLASH_ERASE_BLOCK_SIZE ->
DT_PROP(DT_CHOSEN(zephyr_flash), erase_block_size)
DT_FLASH_WRITE_BLOCK_SIZE ->
DT_PROP(DT_CHOSEN(zephyr_flash), write_block_size)
As this allows us to phase out the old generator.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Adding RFC1350 compliant support for TFTP Client in Zephyr. The
current implementation is minimal and only supports the ability
to get a file from the server.
Things for the future include support for putting files to
server and adding support for RFC2347.
Signed-off-by: Bilal Wasim <bilalwasim676@gmail.com>
In order to avoid retransmissions from the peer's side
on full-close, handle states properly.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
If net_pkt_pull() would cause an empty net_buf, then unref
those empty buffers from the list.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
So far socket errors reported by poll/recvfrom were ignored, which could
lead to an unexpected behavior when socket was left in an undefined
state.
Fix this, by requesting a re-registration in the LWM2M state machine,
which will close the faulty socket and open a new one. Note, that simply
closing and re-opening a socket in the lwm2m engine would not work,
since this would silently invalidate any open observations on the
lwm2m server side (due to port number change). Triggering a fresh
registration will notify the server to update its observations.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
SNTP implementation defined symbols like "MODE_MASK", which can easily
conflict with similary laxly defined symbols in other modules, and
indeed, we hit a case like that (below). So, prefix these symbols
consistently with "SNTP_", until more clear private namespacing
convention are made pervasive in Zephyr.
subsys/net/lib/sntp/sntp_pkt.h:14: error: "MODE_MASK" redefined
include/arch/arm/aarch32/cortex_a_r/cpu.h:17: note: this is the
location of the previous definition
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
On OT network with poor coverage, very often request/observe packets
doesn't get it's ACK and consumes from pendings/replies/message stacks.
In such cases when LWM2M engine tries to recover by resetting its state,
it fails because of lack of free messages.
Signed-off-by: Kiril Petrov <retfie@gmail.com>
In networks with high latencies (like NB-IoT), it's quite common to
recieve duplicated response. It's not an error condition, a correct way
to handle it is to simply ignore the duplicate. Lower the log level for
this event, not to disturb users.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The retaransmission logic was not correct in the lwm2m_engine, and could
lead to faulty behavior in case multiple messages were pending for
retransmission in the queue.
1. Since there is a singe delayed work item for entire retransmission
queue, `coap_pending_next_to_expire` should be called before
scheduling next timeout, to identify which message is going to expire
next (and when). Currently, the engine always set next timeout, based
on timeout from the message being currently re-transmitted.
2. In case the message was re-transmitted several times, and is removed
from the retansmission queue due to a timeout, next retransmission
should be scheduled, in case there are other messages on the queue.
3. Verify the timeout of the earliest message to expire in the
retransmission handler. In case messages from the beginning of the
queue were removed, we might need to schedule the retransmission
again, instead of sending message rightaway.
4. `lwm2m_send_message` is not handling retransmissions anyway, so
there's no need to check send attempts. Instead, verify
retransmission work item is already pending, and update its timeout
if needed.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
So far, coap_pending structure kept track only of the timeout interval
between two consecutive retransmissions. Calculations inside
`coap_pending_next_to_expire` relied only on this value. This approach
gives incorrect results though, in case multiple messages are pending
for retransmission.
For instance, assuming initial retransmission timeout is set to 2
seconds. If some message had been retransmitted already, its timeout
would be increased to 4 seconds. Any new message added to the pending
list would have a retransmission timeout set to 2 seconds, and will be
returned as a first message to expire, no matter how long the initial
message was already on the list.
To resolve this, add a `t0` field to the coap_pending structure. This
field is initialized to the initial transmission time, and is increased
on each retransmission by the retransmission timeout.
`coap_pending_next_to_expire` uses this value to calculate absolute
time, when the next retransmission should take place, and based on this
information returns correctly first pending message to expire.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Replace DT_FLASH_DEV_NAME with DT_CHOSEN_ZEPHYR_FLASH_CONTROLLER_LABEL.
We now set zephyr,flash-controller in the chosen node of the device
tree to the flash controller device.
NOTE: For a SoCs with on die flash, this points to the controller and
not the 'soc-nv-flash' node. Typically the controller is the
parent of the 'soc-nv-flash' node).
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
