Currently, the only thread-safe part of the IPv6 Neighbor processing
implementation are stale_counter related operation.
Fix this, by extending the mutex protection over all of the module, so
that message handlers, timers and API functions do not interfere with
each other.
As IPv6 Neighbor cache is tightly coupled with the Routing module, use
the same mutex to protect both, neighbor and routing tables, to prevent
deadlocks.
Also, replace the semaphore used with a mutex, as it seems more fit for
this particular job.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
This commit introduces a new IPv6 API for positive reachability
confirmation, as specified in RFC 4861, Section 7.3.1. This feature aims
to enhance the effectiveness of the Neighbor Discovery mechanism, by
enabling upper-layer protocols to signal that the connection makes a
"forward progress".
The implementation within TCP serves as a reference. Compliance with
RFC 4861, especially Appendix E.1, was ensured by focusing on reliable
handshake and acknowledgment of new data transmissions.
Though initially integrated with TCP, the API is designed for broader
applicability. For example, it might be used by some UDP-based protocols
that can indicate two-way communication progress.
Signed-off-by: Łukasz Duda <lukasz.duda@nordicsemi.no>
If a socket has DSCP set then the packets from the socket should also be
marked with appropriate priority in case traffic classes are used in
networking stack.
Signed-off-by: Krishna T <krishna.t@nordicsemi.no>
If we're disabling certain features and instead providing function stubs,
it doesn't make sense to use macros for those routines that return values
that the user may check unless we want to provide them with vague errors
like:
src/coap-server.c:101:55: error: expected expression before ';' token
101 | ret = net_ipv6_mld_join(iface, &mcast_addr.sin6_addr);
When a function we're mocking up returns a value, use a static inline
stub.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@huawei.com>
In order to bring consistency in-tree, migrate all subsystems code to
the new prefix <zephyr/...>. Note that the conversion has been scripted,
refer to zephyrproject-rtos#45388 for more details.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Currently the stack is limited to a maximum of 2 incoming fragments per
packet. While this can be enough in most cases, it might not be enough
in other cases.
Make this value configurable at build time.
Signed-off-by: Florian Vaussard <florian.vaussard@gmail.com>
Replace all existing deprecated API with the recommended alternative.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This can be used to implement tunneling, VPN etc. The virtual
interfaces can be chained together to support multilayer
network interfaces.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This commit fixes a problem where our own IP address
is added to the cache instead of the senders.
This bug was due to a swap of the address in the original packet.
The swapping of the address is now removed.
Signed-off-by: Alexander Wachter <alexander@wachter.cloud>
Allow user to disable native IP stack and use offloaded IP
stack instead. It is also possible to enable both at the same
time if needed.
Fixes#18105
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This patch fixes following issues.
* If IPv6 neighbor table is full, stack can not add any new
neighbors. So stale counter is introduced. Whenever neighbor
enters into STALE state, stale counter will be incremented
by one. When table is full and if stack wants to add new
neighbor, oldest neighbor in STALE state will be removed
and new neighbor will be added.
* When neighbor is in PROBE state and when it exceeds max
number of PROBEs, only neighbor with router is removed.
As per RFC 4861 Appendix C, entry can be discarded. Now
neighbor will be removed from the table.
* Reachability timer has an issue. e.g. if a first entry timer
is 10 seconds, after 3 seconds, a new entry added with
only 3 seconds. But current implementation does not check
whether remaining time of current left over timeout is more
than new entry timeout or not. In this example, when new entry
timeout is 3 seconds, left over timeout from first etnry is
still 7 seconds. If k_delayed_work_remaining_get() returns
some value then new entry time out was not considered.
Which is bad. It fixed now.
* nbr_free is used sometimes to remove the neighbor. Which does
not remove route if that particulat neighbor is route to some
other neighbor. net_ipv6_nbr_rm() should be used in such places.
* Trivial changes which does not affect functionality.
Fixes#14063
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Make sure that network related functions are always documented.
This means keeping the prototype and possible stub together.
Fixes#12615
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This optimizes the memory quite a bit since we do not need to clone nor
split the original packet at any time.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Also, return a verdict instead of a pointer to net_pkt. It's simpler as
it will be up to net_send_data()'s caller to unref the net_pkt in case
of NET_DROP: less places where net_pkt can be unref.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
And let's use net_ipv6_create, net_icmpv6_create, net_ipv6_finalize to
factorize the code better.
De-clutter the code by reordering where src/dst are evaluated.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
This API is meant to work with pre-allocated net_pkt.
It assumes net_pkt's buffer cursor is at the right position where to
create the IPv6 header. Once done, the cursor will be placed right
after the newly created IPv6 header.
Finalizing assumes the same.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
No functionality changes. Just moved IPv6 fragment and related functions
to ipv6_fragment.c for better readability
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
No functionality changes. Just moved IPv6 MLD and related functions
to ipv6_mld.c for better readability.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
No functionality changes. Just moved IPv6 neighbor and related functions
to ipv6_nbr.c for better readability.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Each IPv6 neighbor entry had a k_delayed_work to be used as a timer to
send ND reachable message and waiting for the reply in order to get to
the neighbor details.
But k_delayed_work is not a small object (40 bytes). Thus reworking the
IPv6 ND reachable request timer by having one central k_delayed_work
and a timestamp in every IPv6 neighbor data entry properly handled at
every timeout.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Each IPv6 neighbor entry had a k_delayed_work to be used as a timer to
send NS message and waiting for the NS reply in order to get to the
neighbor details.
But k_delayed_work is not a small object (40 bytes). Thus reworking the
IPv6 send NS request timer by having one central k_delayed_work and
a timestamp in every IPv6 neighbor data entry properly handled at every
timeout.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Instead of waiting forever for a network buffer, have a timeout
when allocating net_buf. This way we cannot left hanging for a
long time waiting for a buffer and possibly deadlock the system.
This commit only adds checks to core IP stack in subsys/net/ip
Fixes#7571
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This doesn't appear to be used by anything in Zephyr. Remove it,
as it doesn't perform correct bounds checking.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Of these, only struct net_ipv6_nbr_data::send_ns is a descriptive
change:
send_ns is used for timing Neighbor Solicitations in general, not
just for DAD.
The rest are typo/grammar fixes.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
The IPv6 address parameters in net_ipv6_send_na() can be const
as the function will not modify them. This avoids compile warning
about parameter constness.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This adds a new state NET_IPV6_NBR_STATE_STATIC which never timeouts
which is required in case of RFC 7668 which doesn't allow publishing
the address:
https://tools.ietf.org/html/rfc7668#section-3.2.3
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
If the user really wants, it is possible to increase the
maximum size of the fragmented packet. According to RFC 2460
chapter 5, we do not need to accept larger than 1500 byte IPv6
packets, so the max pkt limit is set to 2. But if really needed
the limit can be raised by defining NET_IPV6_FRAGMENTS_MAX_PKT
to some new value. Currently there is no Kconfig option for
doing this as it is unlikely that this is needed.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The IPv6 fragmentation was not working properly when the large
IPv6 packet was being sent. There is unit tests in next commit
that will test the IPv6 fragmentation sending.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Convert code to use u{8,16,32,64}_t and s{8,16,32,64}_t instead of C99
integer types.
Jira: ZEP-2051
Change-Id: I4ec03eb2183d59ef86ea2c20d956e5d272656837
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
IPv6 next headers are processed in a way so it is not required to store
which header has been already seen in the net_pkt, as the processing loop
can store internally which one it has seen already.
Change-Id: I266ba8a3a0081a162318cdafb474a0fc44a3185e
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
- net_pkt becomes a stand-alone structure with network packet meta
information.
- network packet data is still managed through net_buf, mostly named
'frag'.
- net_pkt memory management is done through k_mem_slab
- function got introduced or relevantly renamed to target eithe net_pkt
or net_buf fragments.
- net_buf's sent_list ends up in net_pkt now, and thus helps to save
memory when TCP is enabled.
Change-Id: Ibd5c17df4f75891dec79db723a4c9fc704eb843d
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
There have been long lasting confusion between net_buf and net_nbuf.
While the first is actually a buffer, the second one is not. It's a
network buffer descriptor. More precisely it provides meta data about a
network packet, and holds the chain of buffer fragments made of net_buf.
Thus renaming net_nbuf to net_pkt and all names around it as well
(function, Kconfig option, ..).
Though net_pkt if the new name, it still inherit its logic from net_buf.
'
This patch is the first of a serie that will separate completely net_pkt
from net_buf.
Change-Id: Iecb32d2a0d8f4647692e5328e54b5c35454194cd
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
This is a start to move away from the C99 {u}int{8,16,32,64}_t types to
Zephyr defined u{8,16,32,64}_t and s{8,16,32,64}_t. This allows Zephyr
to define the sized types in a consistent manor across all the
architectures we support and not conflict with what various compilers
and libc might do with regards to the C99 types.
We introduce <zephyr/types.h> as part of this and have it include
<stdint.h> for now until we transition all the code away from the C99
types.
We go with u{8,16,32,64}_t and s{8,16,32,64}_t as there are some
existing variables defined u8 & u16 as well as to be consistent with
Zephyr naming conventions.
Jira: ZEP-2051
Change-Id: I451fed0623b029d65866622e478225dfab2c0ca8
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Fix doxygen comment typos used to generate API docs
Change-Id: I3efff6f5fa26f87d1e658d6336fef01ce45f5bb0
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
This makes net_ipv6_nbr_add able to update entries so it can be reused
when receiving RA or NS requests, so it now performs a lookup before
creating a new entry (using nbr_new to reuse more code) and in case it
finds a match attempts to update the lladdr.
Change-Id: I305a67a955e037cbbb862fef947a5fcfe131507c
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Figure out what is the last extension header in IPv6 packet
and return offset to it. This is needed by IPv6 fragmentation
when fragmentation header is added to the packet.
Change-Id: I925ab806a5de076a425ff354711730d4f4b3c52f
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This commit adds support for IPv6 packet fragmentation when
receiving (IPv6 reassembly) and when sending larger than 1280 bytes
long IPv6 packet. See RFC 2460 chapter 4.5 for more details.
Jira: ZEP-1718
Change-Id: Ia31c147cce4d456ee48f39276cca99aa09ce81d6
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Refining the names around IPv6's neighbor states to differentiate them
easily from any net_nbr related names (which are not tighten to IPv6).
Change-Id: Ibc24df2a9485477a53fe5fe1c8f993f0fcd91635
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Add CONFIG_NET_IPV6_NBR_CACHE option that is the base for both
neighbor discovery (ND) and duplicate address detection (DAD).
Both ND and DAD can be disabled if needed. If NBR cache is
disabled, then ND and DAD are disabled too.
Note that it makes not much sense to disable DAD or NBR cache
as IPv6 will not work properly without them. It is possible
to disable ND but then the neighbor information needs to come
via other sources like RPL.
Change-Id: I57c8668ad828b3a153dfc58eea78bf5f7ac3938a
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Current finalize api's takes buf as input parameter and returns
the finalized buf. But if there are any issue while finalizing,
it failed to throw an error.
Change-Id: I6db54b7453eec41a8051fab50d5c0dc937debd54
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
To be used by net-shell and other files for debugging neighbor
state.
Change-Id: Ie9b09a54a05dcb066906a3697dfe38aeffc886e6
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This and subsequent commits adds API to join or leave
an IPv6 multicast group.
Jira: ZEP-1673
Change-Id: I26dcfe16a4527dbf7886a30827a5d4ebfdeaac01
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The ll_reserve parameter is useless in net_ipv{4|6}_create_raw()
function as the reserve information is already stored in buf.
Change-Id: I7815a78c001e3da532478c04b3dac9b37bbc723c
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
