Need to undefine LWIP_ICMP6_DATASIZE before change the setting.
While at it, also remove the unneeded #ifndef LWIP_ICMP6_DATASIZE
checking because it is set in lwip/opt.h.
Signed-off-by: Axel Lin <axel.lin@ingics.com>
Use NETIF_FOREACH macro to get some optimizations for LWIP_SINGLE_NETIF case.
Signed-off-by: Axel Lin <axel.lin@ingics.com>
Signed-off-by: goldsimon <goldsimon@gmx.de>
The macros are functions from ctype.h, but ctype.h declares them as functions, not as #defines
It makes no sense to abstract them in lwIPs portability layer, the functions are of low complexity and they are only used in this file.
ARMCC when using __packed structures will not implicitly convert a
pointer to a member of a packed structure to something which does not
have __packed. This results in a compiler error and was found with calls
to icmp6_param_problem
While there is a #pragma pack mode in ARMCC that disables this error, it
does require existing ports to switch over their packing mode and
perform integration
Hop-by-Hop, Destination option header structures consist of 2 unsigned char; next option type and header length field.
And TLV(Type-Length-Value) option headers come by the number in header length field.
If the option type in TLV option header is not recognized and 2 MSB is not 0, it is handled as an exception.
Signed-off-by: goldsimon <goldsimon@gmx.de>
Hop-by-Hop, Destination option header structures consist of 2 unsigned char; next option type and header length field.
And TLV(Type-Length-Value) option headers come by the number in header length field.
If the option type in TLV option header is not recognized and 2 MSB is not 0, it is handled as an exception.
Signed-off-by: goldsimon <goldsimon@gmx.de>
For this, convert 'u8_t nexth' to a pointer and change 'icmp6_param_problem()' to take a pointer, not an offset number
Signed-off-by: goldsimon <goldsimon@gmx.de>
The ip6_frag.drop counter is updated before all the code paths calling
goto nullreturn, so let's move updating ip6_frag.drop stats to nullreturn.
Signed-off-by: Axel Lin <axel.lin@ingics.com>
lwIP aims to support zero-copy TX, and thus, must internally handle
all cases that pbufs are referenced rather than copied upon low-level
output. However, in the current situation, the arp/ndp packet queuing
routines conservatively copy entire packets, even when unnecessary in
cases where lwIP is used in a zero-copy compliant manner. This patch
moves the decision whether to copy into a centralized macro, allowing
zero-copy compliant applications to override the macro to avoid the
unnecessary copies. The macro defaults to the safe behavior, though.
So far, the UDP core module implemented only IPv4 multicast support.
This patch extends the module with the features necessary for socket
layers on top to implement IPv6 multicast support as well:
o If a UDP PCB is bound to an IPv6 multicast address, a unicast source
address is selected and used to send the packet instead, as is
required (and was the case for IPv4 multicast already).
o Unlike IPv4's IP_MULTICAST_IF socket option, which takes a source
IPv4 address, the IPV6_MULTICAST_IF socket option (from RFC 3493)
takes an interface identifier to denote the interface to use for
outgoing multicast-destined packets. A new pair of UDP PCB API
calls, udp_[gs]et_multicast_netif_index(), are added to support
this. The new definition "NETIF_NO_INDEX" may be used to indicate
that lwIP should pick an interface instead.
IPv4 socket implementations may now also choose to map the given
source address to an interface index immediately and use the new
facility instead of the old udp_[gs]et_multicast_netif_addr() one.
A side effect of limiting the old facility to IPv4 is that for dual-
stack configurations with multicast support, the UDP PCB size is
reduced by (up to) 16 bytes.
o For configurations that enable loopback interface support, the IPv6
code now also supports multicast loopback (IPV6_MULTICAST_LOOP).
o The LWIP_MULTICAST_TX_OPTIONS opt.h setting now covers both IPv4
and IPv6, and as such is no longer strictly linked to IGMP. It is
therefore placed in its own lwIP options subgroup in opt.h.
The IPV6_MULTICAST_HOPS socket option can already be implemented using
the existing IP_MULTICAST_TTL support, and thus requires no additional
changes. Overall, this patch should not break any existing code.
This patch adds full support for IPv6 address scopes, thereby aiming
to be compliant with IPv6 standards in general and RFC 4007 in
particular. The high-level summary is that link-local addresses are
now meaningful only in the context of their own link, guaranteeing
full isolation between links (and their addresses) in this respect.
This isolation even allows multiple interfaces to have the same
link-local addresses locally assigned.
The implementation achieves this by extending the lwIP IPv6 address
structure with a zone field that, for addresses that have a scope,
carries the scope's zone in which that address has meaning. The zone
maps to one or more interfaces. By default, lwIP uses a policy that
provides a 1:1 mapping between links and interfaces, and considers
all other addresses unscoped, corresponding to the default policy
sketched in RFC 4007 Sec. 6. The implementation allows for replacing
the default policy with a custom policy if desired, though.
The lwIP core implementation has been changed to provide somewhat of
a balance between correctness and efficiency on on side, and backward
compatibility on the other. In particular, while the application would
ideally always provide a zone for a scoped address, putting this in as
a requirement would likely break many applications. Instead, the API
accepts both "properly zoned" IPv6 addresses and addresses that, while
scoped, "lack" a zone. lwIP will try to add a zone as soon as possible
for efficiency reasons, in particular from TCP/UDP/RAW PCB bind and
connect calls, but this may fail, and sendto calls may bypass that
anyway. Ultimately, a zone is always added when an IP packet is sent
when needed, because the link-layer lwIP code (and ND6 in particualar)
requires that all addresses be properly zoned for correctness: for
example, to provide isolation between links in the ND6 destination
cache. All this applies to packet output only, because on packet
input, all scoped addresses will be given a zone automatically.
It is also worth remarking that on output, no attempt is made to stop
outgoing packets with addresses for a zone not matching the outgoing
interface. However, unless the application explicitly provides
addresses that will result in such zone violations, the core API
implementation (and the IPv6 routing algorithm in particular) itself
will never take decisions that result in zone violations itself.
This patch adds a new header file, ip6_zone.h, which contains comments
that explain several implementation aspects in a bit more detail.
For now, it is possible to disable scope support by changing the new
LWIP_IPV6_SCOPES configuration option. For users of the core API, it
is important to note that scoped addresses that are locally assigned
to a netif must always have a zone set; the standard netif address
assignment functions always do this on behalf of the caller, though.
Also, core API users will want to enable LWIP_IPV6_SCOPES_DEBUG at
least initially when upgrading, to ensure that all addresses are
properly initialized.
../../../../lwip/src/core/ipv6/ip6_frag.c: In function ‘ip6_reass’:
../../../../lwip/src/core/ipv6/ip6_frag.c:567:7: error: ISO C90 forbids mixed declarations and code [-Werror=pedantic]
Fix below compile error:
../../../../lwip/src/core/ipv6/ip6_frag.c: In function ‘ip6_reass’:
../../../../lwip/src/core/ipv6/ip6_frag.c:533:20: error: declaration of ‘next_pbuf’ shadows a previous local [-Werror=shadow]
struct pbuf* next_pbuf = iprh->next_pbuf;
^~~~~~~~~
../../../../lwip/src/core/ipv6/ip6_frag.c:272:20: note: shadowed declaration is here
struct pbuf *q, *next_pbuf;
^~~~~~~~~
cc1: all warnings being treated as errors
../Common.mk:93: recipe for target 'ip6_frag.o' failed
make: *** [ip6_frag.o] Error 1
Fixes: 7cedf7ae71 ("IPv6: fragment reassembly fixes")
Signed-off-by: Axel Lin <axel.lin@ingics.com>
This patch aims to fix three closely related issues.
o The implementation of IPV6_FRAG_COPYHEADER was fundamentally
incompatible with the presence of extension headers between the
IPv6 header and the Fragment Header. This patch changes the
implementation to support such extension headers as well, with
pretty much the same memory requirements. As a result, we can
remove the check that prevented such packets from being reassembled
in all cases, even with IPV6_FRAG_COPYHEADER off.
o Given that temporary data is stored in the Fragment Header of
packets saved for the purpose of reassembly, but ICMPv6 "Fragment
Reassembly Time Exceeded" packets contain part of the original
packet, such ICMPv6 packets could actually end up containing part
of the temporary data, which may even include a pointer value. The
ICMPv6 packet should contain the original, unchanged packet, so
save the original header data before overwriting it even if
IPV6_FRAG_COPYHEADER is disabled. This does add some extra memory
consumption.
o Previously, the reassembly would leave the fragment header in the
reassembled packet, which is not permitted by RFC 2460 and prevents
reassembly of particularly large packets (close to 65535 bytes
after reassembly). This patch gets rid of the fragment header. It
does require an implementation of memmove() for that purpose.
Note that this patch aims to improve correctness. Future changes
might restore some of the previous functionality in order to regain
optimal performance for certain cases (at the cost of more code).
As per RFC requirements, upon removing a router from the default
router list, remove any entries pointing to it from the destination
cache. While here, synchronize timing out entries in the default
router list with the rest of the timer code.
When removing a netif, clear the destination cache altogether
in order to prevent more general inconsistency. When this happens,
the entries for other netifs will have to be rebuilt, but removing
netifs should be sufficiently rare that this is not worth optimizing.
The current ND implementation does not yet implement the most basic
required ('MUST') checks for message validation and generation.
- implement some of the required checks for message validation;
- document the remaining missing message validation checks;
- hardcode the hop limit of Neighbor Discovery messages rather than
having it depend on lwIP configuration which, if changed, would
cause all of ND to cease working.
The introduction of address lifetimes also means that lwIP correctly
supports transitions between PREFERRED and DEPRECATED address states,
and that means that the source address selection must be changed to
take this into account. Adding this feature to the previous algorithm
would have resulted in a mess, so this patch rewrites the algorithm to
stay close to the rules described in RFC 6724 (formerly 3484) Sec. 5.
This yields the following changes:
- Rule 2 ("prefer appropriate scope") is now fully implemented, most
importantly allowing larger-scope addresses to be picked if no
smaller-scope addresses are available (e.g., a global address may
now be used to connect to a unique-local address);
- Rule 3 ("avoid deprecated addresses") is now also fully implemented;
- unknown-scope addresses are also supported, with lowest priority;
- the link between the prescribed rules and the actual algorithm is
made much more explicit, hopefully allowing future improvements to
be made more easily.
For reasons explained in comments, one previous deviation from the RFC
on Rule 2 is retained for now.
As laid out in RFC 5942, the assumption that a dynamically assigned
(SLAAC/DHCPv6) address implies an on-link subnet, is wrong. lwIP does
currently make that assumption, routing packets according to local
address subnets rather than the on-link prefix list. The result is
that packets may not make it to their destination due to incorrect
routing decisions.
This patch changes the routing algorithms to be (more) compliant with
RFC 5942, by implementing the following new routing policies:
- all routing decisions check the on-link prefix list first, and
select a default router for off-link routing only if there is no
matching entry in the on-link prefix list;
- dynamically assigned addresses (from address autoconfiguration) are
considered /128 assignments, and thus, no routing decisions are taken
based on matches against their (/64) subnet anymore;
- more generally, all addresses that have a lifetime are considered
dynamically assigned and thus of size /128, which is the required
behavior for externally implemented SLAAC clients and DHCPv6;
- statically assigned (i.e., manually configured) addresses are still
considered /64 assignments, and thus, their associated subnet is
considered for routing decisions, in order to behave as generally
expected by end users and to retain backward compatibility;
- the link-local address in IPv6 address slot #0 is considered static
and thus has no lifetime and an implied /64 subnet, although link-
local routing is currently always handled separately anyway.
IPv6 source address selection is kept as is, as the subnet tests in
the algorithm serve as poor man's longest-common-prefix equivalent
there (RFC 6724 Sec. 5, Rule 8).
Previously, IPv6 routing could select a next-hop router on a netif
that was down or disconnected, potentially resulting in packets being
dropped unnecessarily. This patch changes router selection to take
into account the state of the router's associated netif, eliminating
such unnecessary packet loss.
Also, this patch fixes the test for router validity, which was
erroneously based on the router's invalidation timer rather than its
neighbor cache entry state. Given that an expired router has no
associated neighbor cache entry, no invalid routers would previously
ever be returned.
Finally, this patch also adds round-robin selection of routers that
are not known to be reachable or probably reachable, as per RFC 4861
Sec. 6.3.6 point (2). Support for this feature was partially present
but not actually functional.
Previously, Duplicate Address Detection (DAD) would work only for the
link-local address. For DAD-spawned Neighbor Solicitation requests for
any other address, the request would use the link-local address as the
source, meaning the other side would send a targeted reply (RFC 4861
Sec. 7.2.4). However, the nd6 implementation currently does not
consider targeted replies for DAD--even though technically an RFC 4862
Sec. 5.4.4 violation--supposedly because no real-world scenario could
trigger that case. The combination of these factors resulted in DAD
being entirely ineffective for non-link-local addresses.
This patch forces all DAD-spawned Neighbor Solicitation packets to use
the unspecified ('any') address as source, as per RFC 4862 Sec. 5.4.2.
As a result, other nodes would reply with multicast replies, for which
there is appropriate DAD checking code.
The patch also makes a slight rearrangement of statements such that
MLD join messages are sent before the NS packets, rather than after.
In the cases that nd6 checks whether the interface is up before
sending a packet, also check whether the link is up. Without this
additional check, temporary link downtime could easily result in
unnecessary false negatives for Duplicate Address Detection.
In addition, use the netif abstraction macros to perform the checks.
In summary, this patch aims to resolve bugs #47923 and #48162, by
decoupling address autoconfiguration from the on-link prefix list,
since those are not related. Important necessary changes are needed
to meet this goal, ultimately bringing the lwIP ND6 implementation
closer to compliance with RFC 4862. The main changes are:
1. support for address lifetimes, and,
2. addition of a new DUPLICATED address state.
The decoupling implies that the prefix list can no longer be used to
maintain state for address autoconfiguration. Most importantly, the
lifetime of each address, which was previously derived from the
prefix slot's lifetime, must now be associated with the address
itself. This patch implements address lifetime tracking, maintaining
both a valid and a preferred lifetime for each address, along with
the corresponding address state changes (e.g., between PREFERRED and
DEPRECATED), all as required by RFC 4862.
The support for address lifetimes can be enabled with a new
LWIP_IPV6_ADDRESS_LIFETIMES setting in lwipopts.h. It is required for
autoconfiguration and enabled by default if autoconfiguration is
enabled as well, but it may also be enabled separately, so as to allow
application-controlled lifetime management (e.g., if autoconfiguration
is implemented in a separate application). A special valid-lifetime of
zero is used to denote a static address--that is, an address that was
configured manually, that does not have lifetimes, and that should be
left alone by the autoconfiguration functionality. Addresses assigned
without setting a lifetime are deemed static, thus preserving
compatibility with existing lwIP-based applications in this respect.
Similarly, the decoupling implies that the prefix list can no longer
be used to remember cases of address duplication. Previously, the
detection of a duplicated address would simply result in removal of
the address altogether. Instead, this patch introduces a new state
"DUPLICATED", indicating that the address, while technically still
present, has been found to conflict with other node addresses, and no
attempt should be made to produce an autoconfiguration address for
that prefix.
Manually added addresses, including the link-local address, once set
to DUPLICATED, will remain in that state until manual intervention.
Autoconfigured DUPLICATED addresses will expire according to their
valid-lifetime, essentially preserving the current behavior but
without the use of the prefix list. As a first attempt to approach
compliance with RFC 4862 Sec. 5.4.5, if the link-local address is
detected to be duplicated, all derived addresses are marked duplicated
as well, and no new addresses will be autoconfigured. More work is to
be done for full compliance with that section, however.
Together, those two main changes indeed do fully decouple address
autoconfiguration from the on-link prefix list. Changes to the latter
thus no longer affect the former, resolving bug #47923. Moreover, as a
result, autoconfiguration can, and does, now also take place on
advertised prefixes that do not have the on-link flag set, resolving
bug #48162. The routing changes mentioned in the discussion of that
bug are left to a separate patch, though.
If MLD support is enabled, each locally assigned IPv6 address in the
appropriate state must be a member of the solicited-node multicast
group corresponding to that address. Ensure that this is always the
case by (re-)deciding on the membership upon every address state
change. By doing so, this patch enforces that user-initiated state
changes to addresses (e.g., deletion) never cause a desynchronization
with the corresponding solicited-node multicast group membership,
thereby making such user-initiated state changes simpler and safer.
Fix below build error when LWIP_ND6_RDNSS_MAX_DNS_SERVERS == 0
../../../../lwip/src/core/ipv6/nd6.c: In function ‘nd6_input’:
../../../../lwip/src/core/ipv6/nd6.c:400:10: error: unused variable ‘rdnss_server_idx’ [-Werror=unused-variable]
u8_t rdnss_server_idx = 0;
^~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
../Common.mk:93: recipe for target 'nd6.o' failed
make: *** [nd6.o] Error 1
Fixes: 6b1950ec24 ("nd6: add support for RDNSS option (as per RFC 6106)")
Signed-off-by: Axel Lin <axel.lin@ingics.com>
Previously, ethip6 and lowpan6 each had their own copy of code that
used internal nd6 data structures to decide whether to send a packet
on the local link right away, or queue it while nd6 performed local
address resolution. This patch moves that code into nd6, thereby
eliminating all remaining cases of external access to internal nd6
data structures, as well as the need to expose two specific nd6
functions.
As a side effect, the patch effectively fixes two bugs in the lowpan6
code that were already fixed in the ethip6 code.
This patch rearranges the code division between nd6.c and ip6.c such
that the latter does not need to access ND6-internal data structures
(specifically, "default_router_list") directly anymore.
The new function, while currently not used internally, allows external
code to clear the ND destination cache in the case that it may have
become inconsistent with the current situation, for example as the
result of a change of locally assigned addresses, or a change in
routing tables implemented through the LWIP_HOOK_ND6_GET_GW hook.
On failure, nd6_get_next_hop_entry() returns an ERR_ type negative
error code. ethip6_output() erroneously assumed that that error would
always be ERR_MEM, even though it may also be ERR_RTE in practice.
With this patch, ethip6_output() simply forwards the returned error.
Generally speaking, packets with a loopback destination address -
127.0.0.1 for IPv4 and ::1 for IPv6 - should not be accepted on
non-loopback interfaces. For IPv4, this is implied by RFC 1122
Sec. 3.2.1.3. For IPv6, it is mandated by RFC 4291 Sec. 2.5.3.
Failure to perform this filtering may have security implications, as
applications that bind sockets to loopback addresses may not expect
that nodes on the local external network be able to produce traffic
that will arrive at such sockets.
With this patch, lwIP drops packets that are sent to a loopback
address but do not originate from the interface that has the loopback
address assigned to it. This approach works regardless of whether it
is lwIP or the system using it that implements a loopback netif. The
only exception that must be made is for configurations that enable
netif packet loopback but disable the lwIP loopback netif: in that
case, loopback packets are routed across non-loopback netifs and would
thus be lost by the new filter as well.
For IPv6, loopback-destined packets are also no longer forwarded; the
IPv4 forwarding code already had a check for that.
As a small performance improvement, the IPv6 link-local/loopback
address check is now performed only once per packet rather than
repeatedly for every candidate netif.
In general, netif_default may be NULL, and various places in the code
already check for this case before attempting to dereference the
netif_default pointer. Some places do not perform this check though,
and may cause null pointer dereferences if netif_default is not set.
This patch adds NULL checks to those places as well.
The mld_group structure no longer has a 'netif' field, as such
structures are now linked from the corresponding netif structure.
For conditional checksumming, use the calling function's netif
reference instead.
Let lwip use functions/macros prefixed by lwip_ internally to avoid naming clashes with external #includes.
Remove over-complicated #define handling in def.h
Make functions easier to override in cc.h. The following is sufficient now (no more LWIP_PLATFORM_BYTESWAP):
#define lwip_htons(x) <your_htons>
#define lwip_htonl(x) <your_htonl>
delay_time and stale_time are ticks now.
reachable_time and invalidation_timer are untouched since they may originate from telegram values -> not converting them to ticks avoids an integer division
Reasoning:
- Makes code in single-netif case perform better and smaller
- IGMP / MLD6 code is a little bit easier to read and understand
- Easier to get multicast groups per netif when implementing drivers
Downside: In multi-netif mode, there are two more pointers on each netif, even if IGMP/MLD6 is not used on it. But these systems should not be so memory-constrained that this will matter.
When leaving a multicast group, remove the group from the list
before invoking the MAC filter callback. This avoids the need
for the callee to skip over the group that is about to be deleted.