Accepting broadcast echo request and replying to it could provide an
attack vector.
Fixes#12162
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
If we receive an IPv4 that has broadcast destination address, then
properly handle it.
This means that for
* ICMPv4, if CONFIG_NET_ICMPV4_ACCEPT_BROADCAST is set (this is the
default value) and we receive echo-request then accept the packet.
Drop other ICMPv4 packets.
* TCP, drop the packet
* UDP, accept the packet if the destination address is the broadcast
address 255.255.255.255 or the subnet broadcast address.
Drop the packet if the packets broadcast address is not in our
configured subnet.
In sending side, make sure that we do not route broadcast address
IPv4 packets back to us. Also set Ethernet MAC destination address
properly if destination IPv4 address is broadcast one.
Fixes#10780
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Instead of one global log level option and one on/off boolean
config option / module, this commit creates one log level option
for each module. This simplifies the logging as it is now possible
to enable different level of debugging output for each network
module individually.
The commit also converts the code to use the new logger
instead of the old sys_log.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Up until now, Zephyr has patched Kconfig to use the last 'default' with
a satisfied condition, instead of the first one. I'm not sure why the
patch was added (it predates Kconfiglib), but I suspect it's related to
Kconfig.defconfig files.
There are at least three problems with the patch:
1. It's inconsistent with how Kconfig works in other projects, which
might confuse newcomers.
2. Due to oversights, earlier 'range' properties are still preferred,
as well as earlier 'default' properties on choices.
In addition to being inconsistent, this makes it impossible to
override 'range' properties and choice 'default' properties if the
base definition of the symbol/choice already has 'range'/'default'
properties.
I've seen errors caused by the inconsistency, and I suspect there
are more.
3. A fork of Kconfiglib that adds the patch needs to be maintained.
Get rid of the patch and go back to standard Kconfig behavior, as
follows:
1. Include the Kconfig.defconfig files first instead of last in
Kconfig.zephyr.
2. Include boards/Kconfig and arch/<arch>/Kconfig first instead of
last in arch/Kconfig.
3. Include arch/<arch>/soc/*/Kconfig first instead of last in
arch/<arch>/Kconfig.
4. Swap a few other 'source's to preserve behavior for some scattered
symbols with multiple definitions.
Swap 'source's in some no-op cases too, where it might match the
intent.
5. Reverse the defaults on symbol definitions that have more than one
default.
Skip defaults that are mutually exclusive, e.g. where each default
has an 'if <some board>' condition. They are already safe.
6. Remove the prefer-later-defaults patch from Kconfiglib.
Testing was done with a Python script that lists all Kconfig
symbols/choices with multiple defaults, along with a whitelist of fixed
symbols. The script also verifies that there are no "unreachable"
defaults hidden by defaults without conditions
As an additional test, zephyr/.config was generated before and after the
change for several samples and checked to be identical (after sorting).
This commit includes some default-related cleanups as well:
- Simplify some symbol definitions, e.g. where a default has 'if FOO'
when the symbol already has 'depends on FOO'.
- Remove some redundant 'default ""' for string symbols. This is the
implicit default.
Piggyback fixes for swapped ranges on BT_L2CAP_RX_MTU and
BT_L2CAP_TX_MTU (caused by confusing inconsistency).
Piggyback some fixes for style nits too, e.g. unindented help texts.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
- Remove redundant 'n' defaults. 'n' is the default value for bool
symbols.
This makes the auto-generated documentation clearer as well: You get
"implicitly defaults to n" instead of
"- n if <propagated dependencies>".
- Shorten
<type>
prompt "foo"
to
<type> "foo"
This works for all types, not just bool.
- Various formatting nits.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Add basic IPv4 Link Local support as described in RFC 3927.
Signed-off-by: Matthias Boesl <matthias.boesl@gmail.com>
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Bool symbols implicitly default to 'n'.
A 'default n' can make sense e.g. in a Kconfig.defconfig file, if you
want to override a 'default y' on the base definition of the symbol. It
isn't used like that on any of these symbols though.
Remove some 'default ""' properties on string symbols too.
Also make definitions more consistent by converting some
config FOO
<type>
prompt "foo"
definitions to a shorter form:
config FOO
<type> "foo"
This shorthand works for int/hex/string symbols too, not just for bool
symbols.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
This allows creation of virtual lan (VLAN) networks. VLAN support is
only available for ethernet network technology.
Fixes#3234
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
With this commit it is possible to add priority to sent or received
network packets. So user is able to send or receive higher priority
packets faster than lower level packets.
The traffic class support is activated by CONFIG_NET_TC_COUNT option.
The TC support uses work queues to separate the traffic. The
priority of the work queue thread specifies the ordering of the
network traffic. Each work queue thread handles traffic to one specific
work queue. Note that you should not enable traffic classes unless
you really need them by your application. Each TC thread needs
stack so this feature requires more memory.
It is possible to disable transmit traffic class support and keep the
receive traffic class support, or vice versa. If both RX and TX traffic
classes are enabled, then both will use the same number of queues
defined by CONFIG_NET_TC_COUNT option.
Fixes#6588
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Instead of always allocating both IPv6 and IPv4 address information
to every network interface, allow more fine grained address
configuration. So it is possible to have IPv6 or IPv4 only network
interfaces.
This commit introduces two new config options:
CONFIG_NET_IF_MAX_IPV4_COUNT and CONFIG_NET_IF_MAX_IPV6_COUNT
which tell how many IP address information structs are allocated
statically. At runtime when network interface is setup, it is then
possible to attach this IP address info struct to a specific
network interface. This can save considerable amount of memory
as the IP address information struct can be quite large (depends
on how many IP addresses user configures in the system).
Note that the value of CONFIG_NET_IF_MAX_IPV4_COUNT and
CONFIG_NET_IF_MAX_IPV6_COUNT should reflect the estimated number of
network interfaces in the system. So if if CONFIG_NET_IF_MAX_IPV6_COUNT
is set to 1 and there are two network interfaces that need IPv6
addresses, then the system will not be able to setup IPv6 addresses to
the second network interface in this case. This scenario might be
just fine if the second network interface is IPv4 only. The net_if.c
will print a warning during startup if mismatch about the counts and
the actual number of network interface is detected.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Fix Kconfig help sections and add spacing to be consistent across all
Kconfig file. In a previous run we missed a few.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Replace the existing Apache 2.0 boilerplate header with an SPDX tag
throughout the zephyr code tree. This patch was generated via a
script run over the master branch.
Also updated doc/porting/application.rst that had a dependency on
line numbers in a literal include.
Manually updated subsys/logging/sys_log.c that had a malformed
header in the original file. Also cleanup several cases that already
had a SPDX tag and we either got a duplicate or missed updating.
Jira: ZEP-1457
Change-Id: I6131a1d4ee0e58f5b938300c2d2fc77d2e69572c
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
* Moved networking code into subsys/net.
* Renamed net/yaip to net/ip at the same time.
* Fixed the tests/net to compile
* Fixed the Makefiles and Kconfig files in subsys/net
to use the new location of the IP stack
Change-Id: Ie45d9e8cb45a93fefdf969b20a81e3b1d3c16355
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Tomasz Bursztyka