The TCP2 was calling accept callback before actually finalizing
the connection attempt.
Fixes#29164
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
No real need to assert when the send timer is cancelled. Just
check if there is re-transmission going on and do nothing if
there is not.
Fixes#28758
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The local and accepted socket was not bound which caused the
local address to be set as NULL. This then caused issues when
zsock_getsockname() was called by the application.
Fixes#28735
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
We run various TCP function from work queue. Make sure the
connection lock is taken before accessing the connection.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Instead of casting k_delayed_work directly to k_work, use the
k_work field name. This avoids warnings from Coverity and
allows the code to work even if the k_delayed_work fields are
re-ordered in the future.
Coverity-CID: 214346
Fixes#28659
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Bug description:
When in tcp_conn_unref(), in case one of the delayed works is already
submitted to sysworkq (after delay period), e.g. send_timer, the check
of k_delayed_work_remaining_get() prevents calling
k_delayed_work_cancel().
This leads to corrupting sysworkq when zeroing struct tcp* conn.
Note that the "next" pointer for the work queue is part of the struct
work (in _reserved field). Which is, in this case, a member of struct
tcp.
Scenario leading to the bug:
(1) net_tcp_connect() is called from a work in sysworkq
(2) net_tcp_connect() submits conn->send_timer to sysworkq
(3) while net_tcp_connect() is waiting on connect_sem, delay period
passes (z_timeout) and send_timer enters sysworkq work slist
(4) also, some other code (app) submits more works to queue, now pointed
by conn->send_timer in sysworkq work list
(5) connection fails (no answer to SYN), causing a call to
tcp_conn_unref()
(6) tcp_conn_unref() is calling tcp_send_queue_flush()
(7) checking k_delayed_work_remaining_get(&conn->send_timer) returns 0
due to delay period end, but send_timer is still in sysworkq work
slist (sysworkq thread still hasn't handled the work)
(8) BUG!: no call to k_delayed_work_cancel(&conn->send_timer)
(9) back in tcp_conn_unref(), a call to memset(conn, 0, sizeof(*conn))
zeroes conn->send_timer
(10) conn->send_timer is pointed to in sysworkq work slist, but is
zeroed, clearing pointer to following works submitted in stage (4)
(11) EFFECT! the works in stage (4) are never executed!!
NOTES:
* k_delayed_work_cancel(), handles both states:
(1) delayed work pends on timeout and
(2) work already in queue.
So there is no need to check k_delayed_work_remaining_get()
* This is also relevant for conn->send_data_timer
Solution:
removing checks of k_delayed_work_remaining_get(), always calling
k_delayed_work_cancel() for work in struct tcp, in unref, before memset
Signed-off-by: David Komel <a8961713@gmail.com>
Since conn->send_data_total is of time size_t we need to use %zu or
we'll get build errors in sanitycheck on 64-bit platforms
Fixes#28605
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
We need to have timer that closes the connection for good if
we do not get the FIN and ACK reponse from the peer.
If there is any pending data when application does close(),
send them before sending FIN.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If there is some error during connection creation, just bail
out in order to avoid null pointer access.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If we try to send data but the sending window is full, then
try to kick the resend of the pending data.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If there is no space in the sending window, then return -EAGAIN
so that the caller may try later.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
We should have a max value for sending window so that application
is not able to use all our net_bufs for queueing packets.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If there is an error, the net_context.c:context_sendto() will
free the net_pkt, so we must not do it here.
This commit fixes this error message:
<err> net_pkt: *** ERROR *** pkt 0x20421908 is freed already
(context_sendto():1672)
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Usually the out-of-memory situation will clear itself eventually,
so if that happens in TCP, then keep the connection running and
let the user to decide what to do next.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Instead of hardcoded value of 3, use the value from Kconfig file
so that user can tweak the TCP retry count.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Use SYS_SLIST_FOR_EACH_CONTAINER_SAFE() macro when searching
the connection list so that we notice if new entries are added
or removed in the list.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Instead of forcing the slist node to be first in the tcp struct,
use the pointer to node when accessing the slist. This way we
can change the ordering of fields in tcp struct.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
When the connection is terminated, make sure that any pending
data is feed to the application.
Fixes#28057
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If we receive a TCP segment with FIN | ACK | PSH flags, then
update the ack values properly.
Fixes#27982
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
When connection is closed and we send ACK flag, use proper seq
values so that any data that is still in flight will get acked too.
Currently this assumes that window is still open.
Fixes#27876
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The original return type of tcp_data_get() was unsigned and the
return value <0 was not checked properly.
Fixes#25723
Coverity-CID: 210559
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Remove the static buffer for TCP options. Make sure that the
options were read properly to temp buffer.
Fixes: #25729
Coverity-CID: 210056
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Bugfix: in tcp_conn_unref(), the conn was zeroed before removing it
from the connection list (tcp_conns).
Zeroing conn, results in zeroing its 'next' member,
which in effect removes all its following connections referred to
in tcp_conns linked list.
The solution is to move the memset() after sys_slist_find_and_remove().
Signed-off-by: David D <a8961713@gmail.com>
The TCP2 stack does operations directly on the packet data which may
or may not be aligned. The unaligned access causes a fault on the
Cortex-M0+ so use the UNALIGNED_* macros instead.
Signed-off-by: Michael Hope <mlhx@google.com>
In order to implement a blocking connect, add a semaphore
and block on it in net_tcp_connect().
The semaphore is released when ESTABLISHED state is reached.
In case tcp_conn_unref() is called while waiting on the semaphore,
defer the unreference, tcp_conn_unref() will be called from
net_tcp_connect().
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
In order to improve readability, refactor and simplify
the control flow in net_tcp_connect().
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
In order for events to be correctly interpreted in SYN_SENT,
check for SYN and ACK simultaneosly.
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
net_tcp_put() can be called before ESTABLISHED state
is reached, send FIN only in ESTABLISHED state.
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
Unit tests were failing to build because random header was included by
kernel_includes.h. The problem is that rand32.h includes a generated
file that is either not generated or not included when building unit
tests. Also, it is better to limit the scope of this file to where it is
used.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Need to use %zd in formatter string for net_pkt_get_len since it returns
a size_t otherwise we get something like:
error: format ‘%d’ expects argument of type ‘int’, but argument
3 has type ‘size_t’ {aka ‘long unsigned int’} [-Werror=format=]
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
In order to support the retransmission for the outgoing data:
1. The outgoing data packet is appended to the send_data queue
in net_tcp_queue_data().
2. tcp_send_queued_data() is called and will use tcp_send_data()
to sends queued but unsent data packet by packet
until there's an unsent data and the receiver's window isn't full.
tcp_send_queued_data() subscribes send_data_timer
that will handle retrasmissions with tcp_resend_data().
3. tcp_send_data() peeks a single chunk of data from the send_data
queue that will not exceed the maximum segment size
until the the receiver's window is full.
tcp_send_data() uses conn->seq and conn->unack_len as the sequence
number for the TCP packet.
conn->unacked_len is advanced on each send.
4. On data acknowledgment:
- acknowledged amount of data is removed from the beginning
of the send_data queue
- conn->seq is advanced by the acknowledged amount
- conn->unacked_len is decremented by the acknowledged amount
- send_data_timer is cancelled
- tcp_send_queued_data() is called to send queued but
prevoiusly unsent data
5. On timeout, tcp_resend_data() will reset conn->unack_len,
peek one packet from the beginning of the send_queue and resend,
terminating the connection on retries exceeded.
Meanwhile the outgoing data tcp_send_queued_data() is just
appended to the send_data but not sent.
In case of the acknowledgement, tcp_send_queued_data() will
start sending multiple packets until the receiver's window
is full.
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
In order to support the send window, add send_win into
the TCP connection.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
In order to support the data retransmission, refactor tcp_out()
into tcp_out_ext() which supports passing the sequence number.
In addition drop modifications of the connection sequence number
from tcp_out_ext(), this is the responsibility of data retransmission.
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
Unsuccessfull packet clone in tcp_data_get() isn't handled,
add an error handling and don't ACK the incoming data in this case.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
In order to handle sequence overflow cases, use
net_tcp_seq_greater() to check if the sequence is greater/lower.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
The initial sequence number for a connection should be randomized
to prevent easy guesses.
Do not randomize the sequence number if network test or
test protocol is enabled.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
In order to avoid retransmissions from the peer's side
on full-close, handle states properly.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
In order to fix the line tracking of the TCP packet allocation
with the test protocol enabled, refactor tcp_pkt_alloc(),
so the line of the allocation can be tracked properly.
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
Make sure we only parse the received TCP options only once. Store
the options to tcp conn struct for later use.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
