Several distinct naming conventions existed within the IEEE 802.15.4
stack wrt header length. This change converges to a single naming
convention, the one that is less ambiguous and already most used.
The change also makes the distinction between L2 (link layer/LL) header
length and 6LoWPAN fragmentation header length to avoid confusion.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
The naming of variables and arguments containing the authentication
tag length was inconsistent:
* Naming inconsistency between header "length" vs. authtag "size"
in the same API calls
* "Tag" rather than "Auth[orization ]Tag" in external API calls
which is too generic from a compliance and readability viewpoint.
This is in preparation to zero-copy authentication support.
Almost all call sites will be subject to required structural changes
later on so no relevant git blame noise/history loss will be introduced
by this naming change in the long run.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
When changing IEEE 802.15.4 security settings or setting security
to 'none' then the previous session must be cleaned up to avoid
resource leaks.
This change introduces proper clean-up of the security session.
Signed-off-by: Florian Grandel <fgrandel@code-for-humans.de>
The IEEE 802.15.4 L2 code stores representation of attributes like
PAN id, short address and extended address in different encodings:
* big endian for extended address and CPU byte order for everything
else whenever such attributes enter user space (except for IP/socket
link layer addresses which are always big endian - even in case of
short addresses - to maintain POSIX compatibility).
* little endian for everything that is close to the radio driver as
IEEE 802.15.4 frames are little endian encoded.
Endianness was almost nowhere documented which led to several bugs and
inconsistencies where assignments of different byte order were not
converted (or sometimes converted, sometimes not).
This change documents endianness wherever possible within the realm of
the IEEE 802.15.4 L2 code. Conversion bugs and inconsistencies that were
revealed by the improved documentation will be fixed in a separate
commit.
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
The IEEE 802.15.4 security implementation had several severe bugs:
* A regression introduced by 6ea225e34a
(net/ieee802154: Finally removing usage of ll_reserve in L2)
introduced a buffer leak (reading/ writing beyond the end of the frame
buffer) and led the security implementation to malfunction in all but
the simplest cases (i.e. encryption/authentication: none).
* Encryption vs. authentication modes were not properly implemented i.e.
encryption was always active even if not required by the chosen
encryption level.
* Nonce endianness was not correctly handled on decryption of packets
which led to authentication failures.
* The frame counter was not checked for overflows.
* The encryption output buffer limit (out_buf_max) was not correctly set.
* Setting an invalid key mode led to a NULL pointer deref.
* We use CCM rather than CCM* as crypto.h does not provide access to
CCM*. CCM does not support encryption-only operation, though. This
condition was not checked by the code.
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
This change makes the files which are part of this changeset comply to
the project's coding style rules as defined in .clang-format.
This required addition of some forward declarations and additional
dependencies into header files as some of them depended on the order of
header inclusion which was changed due to alphabetical ordering of
includes.
Background: .clang-format states "SortIncludes:true" which will force
re-ording of include-statements which in turn might break the build if
header file inclusion is not order-independent.
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
In order to bring consistency in-tree, migrate all subsystems code to
the new prefix <zephyr/...>. Note that the conversion has been scripted,
refer to zephyrproject-rtos#45388 for more details.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
The subsys/net/ directory is more logical place for L2 code instead
of ip/ directory. No functionality changes by this commit.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
2018-06-27 17:02:59 +03:00
Renamed from subsys/net/ip/l2/ieee802154/ieee802154_security.h (Browse further)
