Commit Graph

2981 Commits

Author SHA1 Message Date
Zhe Weng
3a844d8dd7 net/netlink: Add NETLINK_NETFILTER's CONNTRACK support
Now we only supports conntrack info from NAT entries, to let our apps in user space know the mapping status in NAT.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-04-18 13:03:59 +08:00
Zhe Weng
9b77bb16c9 net/netlink: Move netlink_add_terminator as public
Prepare for other netlink dumps.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-04-18 13:03:59 +08:00
Zhe Weng
b0cf0acc66 net/nat: Add foreach interface for entries
Prepare for netlink conntrack dump of entries.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-04-18 13:03:59 +08:00
Zhe Weng
932c41debb net/nat: Remove unnecessary logic in inbound logic
Finish https://github.com/apache/nuttx/pull/12116#discussion_r1560880897

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-04-12 14:39:01 +02:00
Zhe Weng
17584eaa4f net/nat: Rename struct ipv*_nat_entry to ipv*_nat_entry_t
I found `struct ipv*_nat_entry` is missing `_s` suffix, but the name is too long in some cases, so maybe `ipv*_nat_entry_t` could be better.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-04-12 14:39:01 +02:00
Zhe Weng
e543a8086e net: Optimize TCP/UDP port selection
Optimize TCP/UDP port selection, and fix possibly dead loop.

Finish discussion in https://github.com/apache/nuttx/pull/12116#discussion_r1560851977

Note:
Linux also uses EADDRINUSE for failing in finding a portno, according to https://man7.org/linux/man-pages/man2/bind.2.html

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-04-12 15:46:29 +08:00
Zhe Weng
4eddf84a76 net/nat: Optimize port selection
And fix possibly dead loop.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-04-11 22:23:29 +08:00
Zhe Weng
f3b34c84c2 net/nat: Support IPv6 Masquerading (NAT66)
Notes:
1. This version of NAT66 is a stateful one like NAT44, corresponding to Linux's MASQUERADE target of ip6tables.  We can support stateless NAT66 & NPTv6 later by slightly modify the address & port selection logic (maybe just match the rules and skip the entry find).
2. We're using same flag `IFF_NAT` for both NAT44 & NAT66 to make control easier.  Which means, if we enable NAT, both NAT44 & NAT66 will be enabled.  If we don't want one of them, we can just disable that one in Kconfig.
3. Maybe we can accelerate the checksum adjustment by pre-calculate a difference of checksum, and apply it to each packet, instead of calling `net_chksum_adjust` each time.  Just a thought, maybe do it later.
4. IP fragment segments on NAT66 connections are not supported yet.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-04-11 22:23:29 +08:00
Zhe Weng
676826cb7c net/utils: Add net_ipv6_payload to get IPv6 L4 payload
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-04-11 22:23:29 +08:00
Zhe Weng
f2ff5cee03 net/nat: Make some IPv4 NAT functions as common
To prepare for future IPv6 NAT functions.
- Rename common ipv4_nat_xxx to nat_xxx
- Move some common definitions into header

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-04-11 22:23:29 +08:00
meijian
93beeeeab0 [tcp/udp] fix port generation not in range
(port % max + min)may overflow uint16

Signed-off-by: meijian <meijian@xiaomi.com>
2024-04-09 23:35:55 +08:00
wangchen
b446a002db net:add customizable default max & min port
add customizable default max & min port

Signed-off-by: wangchen <wangchen41@xiaomi.com>
2024-04-09 23:35:55 +08:00
Zhe Weng
7f1e80f0de net/nat: Slightly optimize the IPv4 NAT
1. Reduce getting `old_ip` in `ipv4_nat_ip_adjust`.
2. Some format change.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-04-09 14:44:26 +08:00
zhanghongyu
a9bff735e7 net/can: deliver data into multiple CAN conn bound to same dev
Because CAN is a broadcast protocol, each conn needs to be given independent data to avoid mutual interference.

Signed-off-by: zhanghongyu <zhanghongyu@xiaomi.com>
2024-04-09 00:25:44 +08:00
Zhe Weng
a1a09f271f net/nat: Support Symmetric NAT
The symmetric NAT limits one external port to be used with only one peer ip:port.

Note:
1. To avoid using too much #ifdef, we're always passing peer_ip and peer_port as arguments, but won't use them under full cone NAT, let the compiler optimize them.
2. We need to find port binding without peer ip:port, so don't add peer ip:port into hash key.
3. Symmetric NAT needs to *select another external port if a port is used by any other NAT entry*, this behavior is exactly same as Full Cone NAT, so we don't need to change anything related to `ipv4_nat_port_inuse`.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-04-07 23:57:55 +08:00
Xiang Xiao
2fd73bd82f net: Fix max conn always one less than configured value
return NULL only when the total number is larger than configured value

Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
2024-04-07 10:42:56 -03:00
Zhe Weng
806d783fd6 net/udp: Deliver data into multiple UDP conn bound to same port
Note: We'll only get multiple conn bound to same port when we support SO_REUSEADDR

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-03-29 11:52:24 +08:00
Zhe Weng
408320f2ba net/udp: Support deliver multicast packets back to local apps
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-03-29 11:52:24 +08:00
Zhe Weng
2a342d2424 net/netdev: Add netdev_iob_clone helper
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-03-29 11:52:24 +08:00
zhanghongyu
3956a52c58 net/tcp: return true only when send window updates
return true even when window has not changed will cause delayed ack cannot take effect.

Signed-off-by: zhanghongyu <zhanghongyu@xiaomi.com>
2024-03-13 22:24:04 +08:00
Xiang Xiao
615c4bc6e9 net/local: Fix the wrong direction of threshold setting
reader should set POLLIN threshold, writer should set POLLOUT threshold.

Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
2024-03-10 11:44:33 -03:00
Xiang Xiao
b0e3a35c39 net/local: Skip poll_notify in local_event_pollsetup if no event happen
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
2024-03-10 11:44:33 -03:00
Xiang Xiao
155768bae3 net/local: Fix minor issues found in code reading
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
2024-03-10 11:44:33 -03:00
Xiang Xiao
1ba065db87 drivers/pipe: Change to the block mode by file_ioctl(FIONBIO)
it's simpler and safer than file_fcntl(F_SETFL)

Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
2024-03-07 10:09:35 -03:00
Yanfeng Liu
3bd35487f0 docs/comments: add simple document and fix typo
This patch adds simple document for the shared memory file system.
with typos fix in a other places.

Signed-off-by: Yanfeng Liu <yfliu2008@qq.com>
2024-03-03 01:55:07 +08:00
Xiang Xiao
61d9394366 net/local: Add local_freectl to avoid the code duplicaton
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
2024-02-29 16:28:01 -03:00
Xiang Xiao
c7a513b182 net/local: Remove the check of SOCK_STREAM before local_stream_connect
since psock_local_connect is called only when the socket is SOCK_STREAM

Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
2024-02-29 16:28:01 -03:00
Xiang Xiao
039a3eccf4 net/local: Initialize lc_crefs to 1
and remove local_addref call after local_alloc

Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
2024-02-29 16:28:01 -03:00
Xiang Xiao
86039057f8 net/local: Remove the unused lc_psock from local_conn_s
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
2024-02-29 16:28:01 -03:00
ligd
7ccdd29f3e local: correct shutdown state when use UDP mode
Signed-off-by: ligd <liguiding1@xiaomi.com>
Signed-off-by: chao an <anchao@xiaomi.com>
2024-02-29 16:28:01 -03:00
Zhe Weng
5eb08a4b33 net: Fix minor coding problems
Fix minor problems when reading codes:
- icmpv6_autoconfig: Call net_unlock before return
- pkt_sendmsg: Return error for types other than SOCK_RAW

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-02-23 10:34:23 -03:00
Zhe Weng
9a23ebdbc0 net/pkt: Support binding to devices other than ETH
We're using the `sll_ifindex` inside `struct sockaddr_ll` to bind
device, so we don't need to translate it into mac address, we can just
match the index, which also let us bind to different type of devices
other than Ethernet.

Ref: Linux also uses `ifindex` to find related device and note it down without mac addresses.
https://man7.org/linux/man-pages/man7/packet.7.html
https://github.com/torvalds/linux/blob/v6.7/net/packet/af_packet.c#L3328
https://github.com/torvalds/linux/blob/v6.7/net/packet/af_packet.c#L3264-L3265

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-02-22 21:21:48 -08:00
Bowen Wang
fcfd5e8ebf rpmsg/Kconfig: add rpmsg_local_name to replace rptun_local_name
Because rpmsg service depends on RPMSG, make rpmsg socket use the
RPMSG_LOCAL_NAME

Signed-off-by: Bowen Wang <wangbowen6@xiaomi.com>
2024-02-18 04:09:34 -08:00
Bowen Wang
169f47beec rpmsg: make all the rpmsg services deponds on RPMSG
After decoupled the rpmsg and rptun, all the rpmsg service should
depends on the RPMSG.

Signed-off-by: Bowen Wang <wangbowen6@xiaomi.com>
2024-02-18 04:09:34 -08:00
Zhe Weng
5a10367312 net/nat: Fix ICMP Error MSG Processing
1. Don't assert on IGMP inside ICMP, just ignore it.
2. Check we have full IP header inside ICMP payload before accessing it.
3. `inner_l4hdrbak` need to be `L4_MAXHDRLEN`, not `L4_MAXHDRLEN/2`.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-02-05 19:36:59 +08:00
Xiang Xiao
3594e3e541 net/rpmsgsock: Rename rpmsg_socket_getconnname to rpmsg_socket_getpeername
to align with the naming convention of getpeername.

Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
2024-02-04 22:06:45 +08:00
Zhe Weng
8562dd5796 net/udp: Fix source address selection under IPv6
https://github.com/apache/nuttx/pull/11384 has changed the source
address selection of UDP from raddr to laddr, but not all UDP
connections have laddr set, then we need to fallback to get source from
raddr.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-02-02 09:07:38 -08:00
wangchen
204f4a18a0 Support to ARP Address Conflict Detection
Support to ARP Address Conflict Detection

Signed-off-by: wangchen <wangchen41@xiaomi.com>
2024-01-25 11:25:03 -03:00
Zhe Weng
3b74cfecc2 net/route: Support longest prefix match for routing
Support longest prefix match routing described as "Longest Match" in
RFC 1812, Section 5.2.4.3, Page 75.

Introduced `prefixlen` to indicate the prefix length of currently
founded route, and only looks up for longer prefix in all later steps.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-01-09 05:58:10 -08:00
Zhe Weng
54f3452293 net/route: Fix null pointer access when ramroute is full
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-01-09 05:58:10 -08:00
Zhe Weng
688f0e9117 net: Only call arp_send for PF_INET and icmpv6_neighbor for PF_INET6
If we only enable one of `CONFIG_NET_ARP_SEND` and
`CONFIG_NET_ICMPv6_NEIGHBOR`, both IPv4 and IPv6 traffic will send
ARP or NDP, which causes problem.

Example:
`CONFIG_NET_ARP_SEND=n`
`CONFIG_NET_ICMPv6_NEIGHBOR=y`

Wrong:
IPv4 traffic (`PF_INET`) goes into `icmpv6_neighbor`, which
definitely causes problem.

Correct:
IPv4 traffic doesn't call anything, IPv6 traffic calls `icmpv6_neighbor`

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-01-09 05:56:28 -08:00
Zhe Weng
1adfc1ae79 net/can: Release IOB when failed to queue in datahandler
If we just clear the IOB when failed to queue, we'll leak it.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-01-06 04:20:36 -08:00
Bowen Wang
e2cf0cad39 rpmsg_sockif: recv/recvmsg return 0 when peer close
Follow the posix standard:
If no messages are available to be received and the peer has
performed an orderly shutdown, recv() shall return 0.

Signed-off-by: Bowen Wang <wangbowen6@xiaomi.com>
2024-01-04 20:07:43 -08:00
Bowen Wang
7a9aa9539c local_sendmsg: fix peer->lc_cfps[] array out-of-range write
When peer->lc_cfpcount == LOCAL_NCONTROLFDS,
Line 122: peer->lc_cfps[peer->lc_cfpcount++] = filep2; access
out-of-range

Signed-off-by: Bowen Wang <wangbowen6@xiaomi.com>
2024-01-04 20:07:06 -08:00
zhanghongyu
e1a1f7b5f4 net/udp: set ipv6 remote addr before udpip_hdrsize
In this case, remote addr is all zero, and the length of the
ip header is not recognized as ipv6_is_ipv4, This will cause
problems in subsequent data filling.

Signed-off-by: zhanghongyu <zhanghongyu@xiaomi.com>
2023-12-27 12:24:59 +01:00
yinshengkai
9852428953 fs: procfs add poll support
Signed-off-by: yinshengkai <yinshengkai@xiaomi.com>
2023-12-26 19:23:13 -08:00
zhanghongyu
d50b1778f7 net/local: make the call return of each process consistent with linux
move the accept logic into connect flow.

In order to successfully establish a blocking connection between
the client and server on the same thread.

nonblock is not affected, and the block connect is now the same
as the nonblock flow, other apis are not affected.

Signed-off-by: zhanghongyu <zhanghongyu@xiaomi.com>
2023-12-25 16:53:46 -08:00
Zhe Weng
5aeb15469a netdev/ipv6: Move xxx_ipv6multicast from arch to common code
The `xxx_ipv6multicast` function in each driver is not adapted to
multiple IPv6 addresses yet, and they're redundant, so try to take them
into common code.

Change:
1. Add MAC `g_ipv6_ethallnodes` and `g_ipv6_ethallrouters` in
   `icmpv6_devinit` and call them in `netdev_register`
2. Add multicast MAC for Neighbor Solicitation when adding any IPv6
   address, and remove them when IPv6 address is removed
3. Select `NET_MCASTGROUP` when `NET_ICMPv6` because now we need
   `d_addmac` when we have ICMPv6

Note:
We want modules outside net stack to call functions like
`netdev_ipv6_add` and never touch the related MAC address, so these MAC
functions are added as internal functions to `net/netdev/netdev.h`

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2023-12-16 05:26:16 -08:00
Petteri Aimonen
06e5b661ed tcp: Recover from iob shortage with TCP_WRITE_BUFFERS
When CONFIG_NET_TCP_WRITE_BUFFERS is enabled, iobs are used for
both queuing data from application, and for assembling packets
for sending. If there is a system-wide shortage of iobs, it could
happen that there is not enough free space to form any packets
to send. The buffers allocated for TCP data also can't be released
until the packet is sent.

Normally this should be avoided by setting suitable values for
CONFIG_IOB_NBUFFERS and CONFIG_IOB_THROTTLE. The default values
are ok for light usage, but can run out when using multiple
simultaneous TCP streams.

Before this commit, iob shortage would cause TCP connections to
get stuck and eventually timeout. With this change, TCP stack
sends smaller packets, eventually freeing some buffers from the
write queue.
2023-12-15 20:12:13 -08:00
liqinhui
98e3615b60 net/netdev: Modify the logic for setting the IFF_RUNNING status of interfaces.
Refer to the logic of the `netif_carrier_on` on linux.
https://github.com/torvalds/linux/blob/master/net/sched/sch_generic.c#L575

Signed-off-by: liqinhui <liqinhui@xiaomi.com>
2023-12-15 18:24:23 -08:00