When using convert_frac to slow down a timer, the extension machinery is
used to prevent converting values that would be larger than, after
conversion, 2**32. In order to calculate the maximum value, UINT32_MAX
is converted.
Previously, this was mistakenly converted by multiplying with the
fraction used to scale up a value. E.g., when using convert_frac to
slow down a 1us timer to provide a 1ms timer, UINT32_MAX was multiplied
by 1000. As the result is used % UINT32_MAX, this lead to a wrong value
close to UINT32_MAX, as ((UINT32_MAX * N) % UINT32_MAX = (UINT32_MAX - N - 1)).
This PR fixes the calculation so max_value is determined by multiplying
with the fraction used to scale down a value.
Modelled GNRC_MAC_ENABLE_DUTYCYCLE_RECORD as bool. Introduced
CONFIG_GNRC_MAC_DISABLE_DUTYCYCLE_RECORD to invert the logic.
Tagged GNRC_MAC_ENABLE_DUTYCYCLE_RECORD for deprecation.
This changes the configuration macro to be the exponent of 2^n, as the
mbox buffer size needs to be always power of 2. The macro now has the
GNRC prefix.
Also a compile configuration documentation group is created.
This changes the configuration macro to be the exponent of 2^n, as the
mbox buffer size needs to be always power of 2.
Also a compile configuration documentation group is created.
This changes the configuration macro to be the exponent of 2^n, as the
message queue size needs to be always power of 2.
Also a compile configuration documentation group is created.
This changes the configuration macro to be the exponent of 2^n, as the
message queue size needs to be always power of 2.
Also a compile configuration documentation group is created.
Introduced 'GNRC_PKTDUMP_MSG_QUEUE_SIZE_EXP' to hold exponent
value and made GNRC_PKTDUMP_MSG_QUEUE_SIZE dependant on
GNRC_PKTDUMP_MSG_QUEUE_SIZE_EXP.
Moved 'GNRC_PKTDUMP_MSG_QUEUE_SIZE_EXP' to 'CONFIG_' namespace.
Exposed configurations to Kconfig
Co-authored-by: Martine Lenders <mail@martine-lenders.eu>
Co-authored-by: Leandro Lanzieri <leandro.lanzieri@haw-hamburg.de>
The 6Lo network interfaces can only support a max_frag_size of
SIXLOWPAN_FRAG_MAX_LEN (2047 bytes) as the length field is only 11-bits.
This limits the max_frag_size in the case that the L2-PDU is higher than
that.
Signed-off-by: Jean Pierre Dudey <jeandudey@hotmail.com>
For boards that have terminals in their shipped configurations it makes sense
to reuse those VID/PIDs when providing a terminal in RIOT as well.
That affects the builtin-peripherals IDs and not the custom specified ones.
Co-authored-by: chrysn <chrysn@fsfe.org>
802.15.4g devices have a 2047 byte PDU.
So the assertion `netif->ipv6.mtu == IPV6_MIN_MTU` is too strict here.
This is only enforced on init, so changing the modulation at run-time
did not catch this bug.
To test, use e.g. `at86rf215` with
CFLAGS += -DAT86RF215_DEFAULT_PHY_MODE=IEEE802154_PHY_MR_OQPSK
fixes#14164
Implemented a check in coap_parse() to verify if TKL value is within valid range as specified by RFC7252. The token length must be within 0-8 range, any other value should be considered as invalid and the packet should produce message format error.
A test case was added to tests-nanocoap.c to verify correct behavior in case of TKL in range and out of range.
Update sys/net/application_layer/nanocoap/nanocoap.c
Prefixed debug message with module name and abbreviations expanded.
Co-authored-by: Martine Lenders <mail@martine-lenders.eu>
Update sys/net/application_layer/nanocoap/nanocoap.c
Prefixed debug message with module name and abbreviations expanded.
Co-authored-by: Martine Lenders <mail@martine-lenders.eu>
If token length in the header was longer than actually provided in the following payload, read out of the input buffer bounds or processing of data beyond the actual input packet bound could happen. In order to remove the risk, the options loop condition was modified to early detect the condition and abort packet processing if a malformed packet is detected.
nanocoap: Added pointer range check after token length parsing.
Added a check to verify if the current packet parsing pointer is still within the packet boundaries after incrementing by the token length declared in the header. If packet is malformed an error code is returned.
nanocoap: Combined packet length checks
Combined packet length checks after reading token length and processing options into a single packet length validation after the options parsing loop. The entry to the options parsing loop is safe as the while loop condition protects against entering the loop if the token length was invalid.
saul_reg_rm can not be used safely unless in tight coordination with the
application. This points out the issue, puts the onus of making sure
nobody calls vanishing registrations on the device driver and deprecates
the call (as the requirements for correct usage are practically
impossible to fulfull for a generic driver).
Add a message bus where threads can listen for nib events.
Currently only the GNRC_IPV6_NIB_EVENT_ADDR_VALID event is
implemented which informs subscribers that an address got
valid.
The tokenizer (the code that breaks up the line given to the shell into
strings to create argv) was quite a messy piece of code. This commit
refactors it into a more traditional state-machine based parser.
This fixes the issues with quote handling exposed by the recently
introduced test.
Co-authored-by: Juan Carrano <j.carrano@fu-berlin.de>
This does two things:
The documentation of `luid_get()` is wrong, or at least confusing.
It talks about
> an 8-bit incrementing counter value into the most significant byte
while the implementation does
((uint8_t *)buf)[0] ^= lastused++; // 0 is LSB!
Now it could be argued that the intention was that the ID is supposed
to be used in Big Endian contexts and that was an omission, however
to keep everyone's sanity, let's keep it simple and just state that this
actually changes the LSB.
Also add a `luid_get_lb()` function that does the same, but modifies the
most significant byte - or the last byte if looking at the index.
This can then be used directly by e.g. #13743
ztimer_clock are meant to be chained. At the end of the chaine
there is always a timer device object (periph_rtt/rtc/timer).
Since ZTIMER_MSEC and ZTIMER_USEC can be the scaled/shifted with
respect to the base periph_rtt/rtc/timer it makes sense to chain
other ZTIMER_XXX on top of the base rtc/timer/rtt in order to avoid
chained convertions.
`od_hex_dump()` is called if `hdr_len < pkt->size` to print the rest
after `hdr_len` of `pkt`. So if we just leave `hdr_len = 0` instead of
calling `od_hex_dump()` for every other NETTYPE, we achieve the same
effect.
As it is more effective (and already done in some cases) to re-set
`hdr_len` when the header was printed, we initialize `hdr_len` first
with 0 now.
Instead of making a NETTYPE definition dependent on an implementation
module, this change makes it dependent on a pseudo-module for each
specific NETTYPE and makes the respective implementation modules
dependent on it.
This has two advantages:
- one does not need include the whole implementation module to
subscribe to a NETTYPE for testing or to provide an alternative
implementation
- A lot of circular dependencies related to GNRC could be untangled.
E.g. the only reason `gnrc_icmpv6` needs the `gnrc_ipv6` is because it
uses `GNRC_NETTYPE_IPV6` to search for the IPv6 header in an ICMPv6
when demultiplexing an ICMPv6 header.
This change does not resolve these dependencies or include usages where
needed. The only dependency change is the addition of the
pseudo-modules to the implementation modules.
This adds two functions `coap_payload_add()` and `coap_payload_advance()`.
- `coap_payload_add()` will add n bytes to the payload buffer and advance
payload pointer accordingly.
const char hello[] = "Hello CoAP!";
coap_payload_add(pkt, hello, sizeof(hello));
- `coap_payload_advance()` will advance the payload buffer after data
has been added to it.
int len = snprintf(pkt->payload, pkt->payload_len, "%s %s!", "Hello", "CoAP");
coap_payload_advance(pkt, len);
I considered adding an additional parameter to keep track of the total request size
(returned size from coap_opt_finish() incremented by each added payload fragment),
but decided against it to keep consistency with the existing API.
- pm_off() should prevent other threads from getting executed after it is
called, as it should turn off the MCU completely according to its doc
- Previously, the fallback implementation would still allow other threads
to continue working
- Simply disabling IRQs and never enabling them again should make sure
the MCU behaves like it would be completely off
- pm_off() should reduce the power consumption as much as possible
- Previously, when IRQs came after the call to pm_set_lowest() in the
fallback implementation of pm_off(), `while(1) {}` got executed at full
power consumption
- Just calling `pm_set(0);` in a loop while make sure that lowest power mode
is restored if the MCU wakes up again.
- The check if the lowest power mode is available is skipped, as no code
gets executed afterwards anyway
With multiple 6LoWPAN interfaces the router for the given interface
—the one the triggering RA came over—should be used to register the
address with.
Co-Authored-By: Benjamin Valentin <benpicco@googlemail.com>
The macros US_PER_MS and friends are assumed to be 32 bit unsigned integers
by users. However, e.g. on AVR a `1000U` is only 16 bit long. Thus, e.g.
`xtimer_usleep(100 * US_PER_MS)` will wrap around and only sleep for ~34ms.
This commit declares them as unsigned long, which is on all currently supported
platforms 32 bit wide.
Previously, ztimer would happily set an absolute RTT alarm value that exceeds
RTT's maximum value (though not a longer interval), as the `val` was
simply added to `rtt_get_counter()`.
This commit ensures that the target value wraps around RTT_MAX_VALUE.
Fixes#13920.
Enabled by the gnrc_netif_events pseudo module. Using an internal event
loop within the gnrc_netif thread eliminates the risk of lost interrupts
and lets ISR events always be handled before any send/receive requests
from other threads are processed.
The events in the event loop is also a potential hook for MAC layers and
other link layer modules which may need to inject and process events
before any external IPC messages are handled.
Co-Authored-By: Koen Zandberg <koen@bergzand.net>
With #10970 only existing *.c files will be added to SRC when using
the SUBMODULES mechanism, so SUBMODULES_NOFORCE (used to filter out
non existing source files) is now redundant so remove the usage.
This makes the code of `readline()` clearer and shorter. It also fixes a
minor artifact of the long line handling.
Previously it was not possible to recover from a long line. That is, if too
many characters were sent, the line would be invalidated and pressing backspace
would not fix it- the only option was to discard the line. It is now possible
to bring the line back to size. Note that visual effects when deleting characters
will still depend on the host's terminal.
The new code is written in a way that all writes to memory are guarded by
bounds check, so an assertion was removed.
Co-authored-by: Juan Carrano <j.carrano@fu-berlin.de>
There was some code added to "prevent putchar from being inlined", which
supposedly enlarged the code size.
Co-authored-by: Juan Carrano <j.carrano@fu-berlin.de>
This fixes `xtimer` to use `xtimer_now64()` instead of `xtimer_now()`
for updating the `*now` variable during the iteration in
`_update_short_timers()` function. The same function is used to
initialize `*now` in `_timer_callback()` below.
While using `xtimer_now()` in this iteration step does not hinder the
proper execution of all timers in the short term timers (for those the
`xtimer` module only looks at the `start_time` member, not the
`long_start_time` member) at least for the current long term time window
(I did not test higher cases), it sets the `long_start_time` member to 0
for all timers following in the list of timers after this iteration
step. However, external modules that rely on this to be correct,
e.g. evtimer [1], fail their calculations when trying to compare to
the current value to `xtimer_now64()`.
[1] https://github.com/RIOT-OS/RIOT/blob/11f3d68/sys/evtimer/evtimer.c#L118-L121
Co-Authored-By: Cenk Gündoğan <mail+dev@gundogan.net>
The termination condition implemented in gnrc_pktbuf_malloc does not
work when using the sock interface as sock copies packet data to a local
buffer and frees the packet afterwards. As such, the fuzzing application
would exit before performing any input processing.
For this reason, the termination condition in gnrc_pktbuf_malloc is
disabled when using sock. Instead, the application terminates if
gnrc_sock_recv previously returned the fuzzing packet. The underlying
assumption of this implementation is that gnrc_sock_recv is called in a
loop.
Since RIOT is an operating system the native binary will never terminate
[0]. The termination condition for fuzzing GNRC is that the packet was
handled by the network stack and therefore freed. If it is never freed
we will deadlock meaning a memory leak was found, afl should be able to
detect this through timeouts.
This is currently only supported for gnrc_pktbuf_malloc since this is
the pktbuf implementation I used for fuzzing. Implementing this in
pktbuf.h is not possible.
[0]: Except NATIVE_AUTO_EXIT is defined, however, even with that define
set RIOT will only terminate when all threads terminated. Unfortunately,
gnrc_udp and other network threads will never terminate.
This adds a utility module which is used to write applications for
fuzzing RIOT network modules. The module provides a dummy network
interface which is configured with a static IPv6 addresses for modules
which perform operations on the underlying network interface. Besides,
it contains a utility function for transforming data received on
standard input into a `gnrc_pktsnip_t`.
There were two subtle bugs that prevented the DHCPv6 client to request
multiple prefixes for different interfaces.
- `dhcpv6_client_req_ia_pd()` would fill up *all* leases with the same interface
- `_parse_reply()` would return after parsing the first answer
With this patch, `gnrc_border_router` gets a prefix on both interfaces of the at86rf215.
