In case one of the networking shell backends is enabled, net arp command
could potentially trigger a deadlock, as it locks the ARP mutex before
TCP connection mutex, while TCP stack could do this in reverse order
(for instance when sending ACK or retransmission).
Mitigate this, by forcing a separate TX thread in such case, so that ARP
mutex is no longer accessed with TCP mutex locked.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The number of Kconfig options for the TCP stack grew considerably,
therefore it makes sense to move them to a separate file not to bloat
the Kconfig file with generic networking options.
Take this opportunity to reorder TCP options, so that protocol
parameters (timings/buffer sizes) are not mixed up with optional
protocol features (fast retransmit/congestion avoidance etc.).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
When a TCP connection is established, if there is no data exchange
between the two parties within the set time, the side that enables
TCP Keep-alive will send a TCP probe packet with the same sequence
number as the previous TCP packet. This TCP probe packet is an empty
ACK packet (the specification recommends that it should not contain
any data, but can also contain 1 nonsense byte, such as 0x00.). If
there is no response from the other side after several consecutive
probe packets are sent, it is determined that the tcp connection has
failed, and the connection is closed.
The keep-alive default parameters are aligned with Linux defaults.
Signed-off-by: Horse Ma <mawei@coltsmart.com>
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add low level support for setting IP_PKTINFO or IPV6_RECVPKTINFO
socket options. The support is disabled by default.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Instead of consistently checking for both, IPv4 and IPv6 fragmentation
in several places, add a hidden Kconfig symbol which indicates that some
IP fragmentation has been enabled (either IPv4 or IPv6 or both).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
This commit names a couple of choices to allow the default
value to be overridden by Kconfig files out of tree
Signed-off-by: Emil Lindqvist <emil@lindq.gr>
If user adds IPv6 address to the network interface, check
if the address is a multicast one and add it to multicast
group if it is.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If user adds IPv4 address to the network interface, check
if the address is a multicast one and add it to multicast
group if it is.
Fixes#64389
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If we run network tests under tests/net, then set the
Dummy network interface as a default one so that it will
be picked up first.
This should solve the issue if the DUT is having a real
network interfaces like onboard Ethernet interface which
could cause the test to fail. The test might fail in this
case because the network tests assume that only simulated
network interfaces are used by the tests.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This allows IPv4 and IPv6 share the same port space.
User can still control the behavior of the v4-mapping-to-v6
by using the IPV6_V6ONLY socket option at runtime.
Currently the IPv4 mapping to IPv6 is turned off by
default, and also the IPV6_V6ONLY is true by default which
means that IPv4 and IPv6 do not share the port space.
Only way to use v4-mapping-to-v6 is to enable the Kconfig
option and turn off the v6only socket option.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add Kconfig option to control TCP RST behavior on connection attempts on
unbound ports. If enabled, TCP stack will reply with RST packet (enabled
by default).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The priority 3 (Critical applications) was incorrectly marked as
"highest priority", which might have led to incorrect use of
NET_PRIORITY_CA in some cases.
Note that this is already correctly advertized in other places, as it
was partially fixed in af8a0b1a5d.
NET_TC_SKIP_FOR_HIGH_PRIO was previously only allowing to push priority
3 (Critical applications) packets directly to the driver, but not the
ones with a higher priority. Change it so that it is now in effect for
priority 3 and above.
Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
Add suitable functions that offloaded network device driver
can receive ICMP Echo-Request (ping) requests and give
ICMP responses back when it receives them from the network.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This commits adds support for the SO_REUSEPORT socket option.
The implementation follows the behavior of BSD and tries to also follow
the specific additional features of linux with the following
limitations:
* SO_REUSEADDR and SO_REUSEPORT are not "the same" for client sockets,
as we do not have a trivial way so identify a socket as "client"
during binding. To get the Linux behavior, one has to use SO_REUSEPORT
with Zephyr
* No prevention of "port hijacking"
* No support for the load balancing stuff for incoming
packets/connections
There is also a new Kconfig option to control this feature, which is
enabled by default if TCP or UDP is enabled.
Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
This commit adds support for the SO_REUSEADDR option to be enabled for
a socket using setsockopt(). With this option, it is possible to bind
multiple sockets to the same local IP address / port combination, when
one of the IP address is unspecified (ANY_ADDR).
The implementation strictly follows the BSD implementation and tries to
follow the Linux implementation as close as possible. However, there is
one limitation: for client sockets, the Linux implementation of
SO_REUSEADDR behaves exactly like the one for SO_REUSEPORT and enables
multiple sockets to have exactly the same specific IP address / port
combination. This behavior is not possible with this implementation, as
there is no trivial way to identify a socket to be a client socket
during the bind() call. For this behavior, one has to use the
SO_REUSEPORT option in Zephyr.
There is also a new Kconfig to control this feature similar to other
socket options: CONFIG_NET_CONTEXT_REUSEADDR. This option is enabled by
default if TCP or UDP are enabled. However, it can still be disabled
explicitly.
Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
This adds support to allow any priority from the user instead of
limiting to the protocol values (0-7). This is useful in conveying
custom priorities from application to the driver/chipset.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
If CONFIG_NET_INTERFACE_NAME is enabled (default is y), then
system will automatically set a user friendly name to the network
interface like eth0, wlan0 etc.
Application can change the interface name if needed.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
To avoid a TCP connection from collapsing a link, implement a collision
avoidance algorithm. Initially TCP new Reno is implemented for its
simplicity.
Signed-off-by: Sjors Hettinga <s.a.hettinga@gmail.com>
The TCP work queue is handles all TCP transmission and maintenance tasks.
Make it's priority configurable, so it can be configured to a lower
priority than the lower level network layers to avoid it consuming all
net_bufs before handing over execution to the lower layer network layers.
Signed-off-by: Sjors Hettinga <s.a.hettinga@gmail.com>
This is meant as a substitute for sys_clock_timeout_end_calc()
Current sys_clock_timeout_end_calc() usage opens up many bug
possibilities due to the actual timeout evaluation's open-coded nature.
Issue ##50611 is one example.
- Some users store the returned value in a signed variable, others in
an unsigned one, making the comparison with UINT64_MAX (corresponding
to K_FOREVER) wrong in the signed case.
- Some users compute the difference and store that in a signed variable
to compare against 0 which still doesn't work with K_FOREVER. And when
this difference is used as a timeout argument then the K_FOREVER
nature of the timeout is lost.
- Some users complexify their code by special-casing K_NO_WAIT and
K_FOREVER inline which is bad for both code readability and binary
size.
Let's introduce a better abstraction to deal with absolute timepoints
with an opaque type to be used with a well-defined API.
The word "timeout" was avoided in the naming on purpose as the timeout
namespace is quite crowded already and it is preferable to make a
distinction between relative time periods (timeouts) and absolute time
values (timepoints).
A few stacks are also adjusted as they were too tight on X86.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
Add a configuration option to set Wi-Fi as default interface and also
add an API to get first available Wi-Fi interface.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
According to RFC768 UDP packets with zero checksum are allowed with IPv4.
Enable this by default.
For example, some routers use zero checksum in DHCP packets.
Signed-off-by: Nils Ruf <nils.ruf@endress.com>
TCP packet allocation timeout is currently 100ms, but there are cases
where it is not enough and as a side effect, the kernel internals are
printing some errors on the log before retrying again, create a
Kconfig parameter to be able to tune this value.
Signed-off-by: Luca Fancellu <luca.fancellu@arm.com>
We need to make sure the user_data of the network buffer has enough room to
store the L2CAP metadata.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
After several fixes of the re-ordering logic in TCP, the receive queue
works as intended and cleans itself up properly. Previously the default
timeout was 100 ms, which pretty much disables it for real applications.
Increase the timeout to 2 seconds to actually enable it for in practice.
This should help pass much more of the Maxwell Pro tests.
This is the first step before removing the timeout completely.
Signed-off-by: Sjors Hettinga <s.a.hettinga@gmail.com>
Introduce the Kconfig symbol `NET_PKT_BUF_USER_DATA_SIZE`. It is used to
set the user data size in the buffers used in the rx and tx network buffer
pools.
Signed-off-by: Christian Taedcke <christian.taedcke@lemonbeat.com>
Add a new net_context option, which allows to set DSCP/ECN values on a
net context. Those values are then encoded into outgoing packet
IPv4/IPv6 header.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add new fields to the net_pkt structure, representing IP-specific
Differentiated services code point (DSCP) and Explicit Congestion
Notification (ECN) values. Those values are encoded in legacy
Type of Service (IPv4) and Trafic Class (IPv6) header fields.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Introducing additional socket implementations is rather involved right
now due to some more or less convoluted code that had grown over time.
This change introduces an additional configuration variable in preparation
for additional socket API drivers. The idea is to reduce redundant code
and make existing code more readable by better exposing its actual intent.
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
The code contained several repeated composite IPv4/v6 and UDP/TCP
preprocessor statements that can be simplified by introducing a hidden
NET_IP preprocessor constant that captures what probably is actually
"meant" by this code.
While we were on it we also used the new constant to further isolate
IP-specific code from non-IP specific generics.
Signed-off-by: Florian Grandel <jerico.dev@gmail.com>
Instead of waiting for the retransmit timeout, retransmit as soon as
missing data is deduced based on a triple-duplicate ACK.
Increase the number of buffers in the testcase, to allow for at least 4
packets in flight to trigger the triple-duplicate ACK.
Signed-off-by: Sjors Hettinga <s.a.hettinga@gmail.com>
It can happen that two similar stacks enter a retransmission cycle
due to a packet collision. If the transmission timeout is the same
both stacks will retry at the same moment resulting in another
collision.
By introducing a randomized retry timeout, the chance of
a second collision is reduced and it reduces furter the more
retransmissions occur.
Signed-off-by: Sjors Hettinga <s.a.hettinga@gmail.com>
The current default of 250ms appears to be too low in case connection
teardown takes place in lossy networks - in case of FIN packet
retransmission, the connection on the Zephyr side could have already
been dismissed due to low TIME_WAIT state delay, resulting in ICMP
Destination Unreachable replies.
Increase the default value to 1500ms - this is still pretty low, but at
least gives the peer some time to retransmit the FIN packet.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Remove NET_TCP_BACKLOG_SIZE from KConfig and from test,
because it's not present anymore in current version of TCP stack.
Signed-off-by: Andrey Dodonov <Andrey.Dodonov@endress.com>
Introduce set/get SO_SNDBUF option using the setsockopt
function. In addition, for TCP, check the sndbuf value
before queuing data.
Signed-off-by: Mohan Kumar Kumar <mohankm@fb.com>
Introduce set/get SO_RCVBUF option using the setsockopt
function. In addition, use the rcvbuf value to set the
tcp recv window.
Signed-off-by: Mohan Kumar Kumar <mohankm@fb.com>
According to Kconfig guidelines, boolean prompts must not start with
"Enable...". The following command has been used to automate the changes
in this patch:
sed -i "s/bool \"[Ee]nables\? \(\w\)/bool \"\U\1/g" **/Kconfig*
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
TCP2 is no longer needed as it is the unique implementation since the
legacy one has been removed.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
With the introduction of `EXPERIMENTAL` and `WARN_EXPERIMENTAL` in
Zephyr all subsys/net and drivers/ethernet/Kconfig.e1000 settings
having `[EXPERIMENTAL]` in their prompt has has been updated to include
`select EXPERIMENTAL` so that developers can enable warnings when
experimental features are enabled.
The following settings has EXPERIMENTAL removed as they are considered
mature:
- NET_OFFLOAD
- NET_PROMISCUOUS_MODE
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
As per #38352, we would like to start building out PTP (IEEE 1588)
support for superset of gPTP functionality in Zephyr. This is the first
step to abstract away some key interfaces from NET_GPTP umbrella to
NET_L2_PTP.
Signed-off-by: Alex Sergeev <asergeev@carbonrobotics.com>
By default ICMP desination unreachable error packets are generated when
input packets target ports that are not in a listening state. This not
only reveals the presence of the host on the network which may be
considered a security vulnerability depending on the application, it
also ends up triggering ARP lookups to respond to the sending host. With
a small ARP table and a network where there may be broadcast (or
multicast) service discovery traffic such as mDNS or uPnP, ARP table
thrashing can occur impacting network stack performance.
Signed-off-by: Berend Ozceri <berend@recogni.com>
Without TX thread support in network stack USB device stack
blocks it self by usb_transfer_sync() which is
called in the same context as usb_set_interface() in sequence
of netusb_enable(), net_if_up(), net_l2_send().
Fixes: #35338
Signed-off-by: Johann Fischer <johann.fischer@nordicsemi.no>
The ISN algorithm from RFC 6528 doesn't need Mbed TLS, but rather the
MD5 algorithm from Mbed TLS. Therefore select MBEDTLS_MD and
MBEDTLS_MAC_MD5_ENABLED in addition to MBEDTLS.
This fixes the following build failure when using TLS version 1.2 is
selected:
zephyr/subsys/net/ip/tcp2.c:1329: undefined reference to
`mbedtls_md5_ret'
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
