Connecting to a non-open port causes connect() to hang forever.
This patch releases connect() to return error to the caller.
Signed-off-by: Björn Stenberg <bjorn@haxx.se>
Remove network specific default and max log level setting
and start to use the zephyr logging values for those.
Remove LOG_MODULE_REGISTER() from net_core.h and place the
calls into .c files. This is done in order to avoid weird
compiler errors in some cases and to make the code look similar
as other subsystems.
Fixes#11343Fixes#11659
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
IPv4, ICMPv4/6, UDP, TCP: all checksums are meant to be one's complement
on a calculated sum. Thus return one's complement already from the right
place instead of applying it in each and every place where
net_calc_chksum is called.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
As the debugging print calls are async, all the strings that might
be overwritten must use log_strdup() which will create a copy
of the printable string.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Currently logging subsystem supports quite small number of function
parameters. So split some long functions into smaller pieces.
Hopefully this is just a temporary patch and we can support more
parameters to logging macros.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Instead of one global log level option and one on/off boolean
config option / module, this commit creates one log level option
for each module. This simplifies the logging as it is now possible
to enable different level of debugging output for each network
module individually.
The commit also converts the code to use the new logger
instead of the old sys_log.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The return of memset is never checked. This patch explicitly ignore
the return to avoid MISRA-C violations.
The only directory excluded directory was ext/* since it contains
only imported code.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
*_ll_src/*_ll_dst/*_ll_swap/*_ll_if were not self explanatory, ll
meaning "link layer" it's ambiguous what the names meant.
Changing to:
*_lladdr_src/*_lladdr_dst/*_lladdr_swap/*_lladdr_if to fix this.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
NET_CONN_CB() functional macro hides the parameters a function takes
and its return type. In #8723, it's proposed to remove that macro
altogether. Until that proposal is reviewed, at least provide real
protype in code comments to help people who read/analyze the code.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
These were at most set, but never used. They appear to be artifacts
of importing code from the FNET stack.
Addresses: #9570
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
In TCP protocol, any packet is subject to retransmission if not
ACKed in expected time. Thus, any packet, including FIN (and SYN
for that matter) should be added to the retransmission queue.
In our case, despite its name, queue_fin() function didn't add
FIN packet to rexmit queue, so do that. Then, in
net_tcp_ack_received() which handles ACKs, make sure that we can
handle FIN packets: calculate its sequence number properly, don't
make adhoc adjustments to retransmission logic (it's handled
centrally in restart_timer() already), etc.
Fixes: #8188
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
If we run out of buffers and cannot create the TCP segment,
then handle it properly and do not access NULL pointer.
Coverity-CID: 187822
Fixes#9639
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Spurious TCP retries were observed using Wireshark while continuously
sending TCP packets at an interval faster than the initial RTO.
If the send list is empty and CONFIG_NET_TCP_TIME_WAIT_DELAY is used,
the retry timer will not be correctly stopped when receiving a valid
ACK. As a consequence, the timer might be running when a new packet is
queued, but the logics in net_tcp_queue_data() will not restart the
timer as it is already running. This will make the retry timer to expire
prematurely, potentially while sending packets.
The nested condition is merged into a single condition, allowing the
final else clause to be reached when a valid ACK is received.
Signed-off-by: Florian Vaussard <florian.vaussard@gmail.com>
irq_lock returns an unsigned int, though, several places was using
signed int. This commit fix this behaviour.
In order to avoid this error happens again, a coccinelle script was
added and can be used to check violations.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
After it sends SYN_ACK, there is a case that the client sends the packet
with both ACK and RST bits are set, and this packet needs to be handled
if the packet is valid.
CLIENT SERVER
------ ------
|--------- SYN -------->|
|<------ SYN_ACK -------|
|------- ACK_RST ------>|
|--------- SYN -------->|
|<-------- ??? ---------|
This patch checks the RST bits even if other flags are set and process
the packet.
Signed-off-by: Tedd Ho-Jeong An <tedd.an@intel.com>
This net_buf leak happends when we are low on available net_buf
count. During TCP segment preparation we do allocate IP header
successfully, but we fail to allocate TCP header. In such case
pkt->frags is not NULL anymore (it contains IP header), but we
override it during TCP header allocation error path. This results
in net_buf containing IP header to never be deallocated, because
it does not belong to any net_pkt anymore.
Use net_pkt_frag_add() function to add tail for future net_pkt
deallocation, instead of assigning tail to pkt->frags pointer.
Fixes: c6407659f3 ("net: tcp: Add the frag back to caller allocated
net_pkt")
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Move struct members around in networking code so that we avoid
unnecessary holes inside structs. No functionality changes by
this commit.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Currently, we add TCP options only to SYN+ACK reply to peer's SYN
(i.e. passive open). For consistency, add them also when we send
SYN ourselves (active open). In both cases, we add just MSS option
currently.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
The IP stack drops any TCP segment which doesn't fit into our
receive window. However, we still must accept Zero Window Probe
segments, which are segments, usually with data length of 1, which
a peer sends to us after we stayed with zero window for some time.
In this case, we need to repeat an ACK with the old ack number.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
It's rather confusing to not see current TCP state in any way (it
makes distinguishing different TCP contexts very hard). And nobody
can know/remember that it's printed with CONFIG_NET_DEBUG_TCP
defined. So, just make it be printed always (initially I thought
about printing just numeric value if CONFIG_NET_DEBUG_TCP isn't
defined, but why, if we can print symbolic name easily).
Also, add a hint that defining CONFIG_NET_DEBUG_TCP will still
print even more info (like unacked pkt list) - similarly to
similar helpful hints we have in other parts of net shell.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
This one converts "raw" timeout value to use K_MSEC() macro
in order to make clear how long the timeout is.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Previously, there was a boolean CONFIG_NET_TCP_TIME_WAIT setting
("master switch") and numeric CONFIG_NET_TCP_2MSL_TIME setting,
both named not ideally (there were both NET_TCP_TIME_WAIT and
CONFIG_NET_TCP_TIME_WAIT symbols in the source, with very different
meaning; "2MSL_TIME" was also a roundabout way to refer to
TIME_WAIT state time). In addition to that, some code was defining
adhoc, hardcoded duplicates for these settings.
CONFIG_NET_TCP_2MSL_TIME was also measured in seconds, giving
poor precision control for this resource-tying setting.
Instead, replace them all with the single
CONFIG_NET_TCP_TIME_WAIT_DELAY setting, measured in milliseconds.
The value of 0 means that TIME_WAIT state is skipped.
Fixes: #7459
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Similar to UDP, some drivers can make use of the following functions:
net_tcp_get_hdr()
net_tcp_set_hdr()
Let's expose them as <net/tcp.h> and change all internal references
to "tcp_internal.h".
Signed-off-by: Michael Scott <michael@opensourcefoundries.com>
After successful send, the packet is automatically cleared, so
trying to call print_send_info() on it leads to errors:
[net/pkt] [ERR] net_pkt_tcp_data: NULL fragment data!
[net/tcp] [ERR] net_tcp_get_hdr: NULL TCP header!
(if error logging enabled).
This change is similar to how print_send_info() is called in
existing send_reset() function of this source file.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
According to RFC 793 we should wait for FIN in FIN_WAIT_1 and
FIN_WAIT_2 states. Receiving ACK in FIN_WAIT_1 just moves us to
FIN_WAIT_2 state.
Right now TCP connection is never closed if FIN is not received
in FIN_WAIT_2 state. Fix that by keeping fin_timer active in
FIN_WAIT_2 state, but canceling it just after FIN is received.
Fixes: 124c067027 ("net: tcp: Cancel the fin_timer on FIN message
in FIN_WAIT1 state")
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Instead of one global statistics, collect statistics information
separately for each network interface. This per interface statistics
collection is optional but turned on by default. It can be turned
off if needed, in which case only global statistics are collected.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
SYN flood causes crash in RX thread due to NULL pointer access. After
the crash available RX memory is zero, hence echo server does not
respond to echo request.
Signed-off-by: Ruslan Mstoi <ruslan.mstoi@intel.com>
Move core TCP functionality from net_context.c to tcp.c. Create empty
functions that the compiler can remove if TCP is not configured. As a
result remove TCP ifdefs from net_context.
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
Queue a TCP FIN packet when needed if the socket was connected or
listening and where FIN wasn't already received.
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
Refactor sendto() code so that destination address and its validity
is checked first, followed by offloading verification. Move context
and shutdown checks into TCP queueing function.
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
Move IP address settings from net_if to separate structs.
This is needed for VLAN support.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If context is bound to IPv6 unspecified addresss and some port
number, then unspecified address is passed in TCP reset packet
message preparation. Eventually packet dropped at the peer.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Zephyr doesn't have luxury to create re-transmit timer per packet. So
it has different methods to handle packets in queue. But re-sending
packets on valid ack messages causing issues.
E.g. A TCP node sent two packets (packet-1, packet-2). Peer replied
two ACKs (ACK-1 and ACK-2), and these two ACK's are at rx_thread
queue. Now ACK-1 is handled and reference of packet-1 is freed
from sent list. Then if condiftion (valid ACK and connection
state is ESTABLISHED) notices that, sent list is not empty.
Restart the timer, modify sent flag and resend packets in a
list. Here packet-2 is sent again, even though ACK-2 is already
received. Situation is worse if there are more packets in the
list.
So only start the re-transmit timer in-case queue is not empty. It
allows rx_thread to handle all incoming packets (in this e.g ACKs).
When the re-trasmit timer expires, it sends the packets which
are left in queue.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
prepare_segment() returned NULL in case of any error, which then
net_context_send() translated into -EINVAL. That's highly confusing
though, because a common case of failure for prepare_segment() is
being unable to allocate data fragment(s) (for TCP header, etc.)
So, return output pkt by reference, and detailed error status as
a return value.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
This field is set and maintained, but not actually used for anything.
The only purpose for it would be to validate ACK numbers from peer,
but such a validation is now implemented by using send_seq field
directly.
Fixes: #4653
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Case #1: If ACK received and our retransmit (i.e. unacked) queue is
empty, it's error. It's incorrect because TCP requires ACK to set for
every packet of established connection. For example, if we didn't
send anything to peer, but it sends us new data, it will reuse the
older ack number. It doesn't acknowledge anything new on our side,
but it's not an error in any way.
Case #2: If retransmit queue is only partially acknowledged, it's an
error. Consider that we have 2 packets in the queue, with sequence
numbers (inclusive) 100-199 and 200-399. There's nothing wrong if
we receive ACK with number 200 - it just acknowledges first packet,
we can remove and finish processing. Second packet remains in the
queue to be acknowledged later.
Fixes: #5504
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Per RFC 793:
A new acknowledgment (called an "acceptable ack"), is one for which
the inequality below holds:
SND.UNA < SEG.ACK =< SND.NXT
If acknowledgement is received for sequence number which wasn't yet
sent, log an error and ignore it.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Right now in FIN_WAIT1 state, if we receive FIN+ACK message, then
tcp state changed to FIN_WAIT2 on ACK flag and immediately on FIN
flag state changed to TIME_WAIT. Then final ACK is prepared and sent
(in queue at-least) to peer. Again immediately state changed to
TCP_CLOSED, where context is freed. net_context_put frees context
and releases tcp connection. Final ACK packet which is in queue
is dropped.
As a side effect of freed ACK packet, peer device keep on sending
FIN+ACK messages (that's why we see a lot of "TCP spurious
retransimission" messages in wireshark). As a result
of context free (respective connection handler also removed), we see
lot of packets dropped at connection input handler and replying with
ICMP error messages (destination unreachable).
To fix this issue, timewait timer support is required. When tcp
connection state changed to TIMEWAIT state, it should wait until
TIMEWAIT_TIMETOUT before changing state to TCP_CLOSED. It's
appropriate to close the tcp connection after timewait timer expiry.
Note: Right now timeout value is constant (250ms). But it should
be 2 * MSL (Maximum segment lifetime).
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
The original fragment chain of incoming packet will be lost and leaked
in case of early error, add frag back to packet and
let the caller do unref.
Fixes#4323
Signed-off-by: june li <junelizh@foxmail.com>
