When source address selection is done, both RFC and comments in the code
state, that a longest prefix match should *only* be used as a
tie-breaker between more than one viable candidate. If there is only one
address, there is
a) no need for a tie-breaker
b) in the case of either the destination address or the single remaining
address being ULAs ([which are considered to be of global scope]
[RFC4193]) possibly not matching, as `fd00::/7` and e.g. `2001::/8`
do not have a common prefix.
(b) in fact causes the match function to return -1, causing the source
address selection to return -1, causing the outer function to return the
first address it found (which most often is the link-local address),
causing e.g. a ping to an ULA to fail, even is there is a global
address.
[RFC4193]: https://tools.ietf.org/html/rfc4193
Different platforms evaluate `printf()` for NULL pointers differently,
resulting tests checking for a certain output to fail. This unifies that
(debug) output for the static packet buffer statistics.
Similar as with #12513, when the NIB is compiled in 6LN mode (but not
6LR mode), the address-resolution state-machine (ARSM) functionality is
disabled in favor of the more simpler address resolution proposed in RFC
6775.
However, if a non-6LN interface is also compiled in (without making it
a router or border router) it will never join the solicited-nodes
multicast address of addresses added to it, resulting in address
resolution to that interface to fail.
If the interface is not a 6LN (which in case 6LN mode is disabled is
always false), a warning is now printed, encouraging the user to
activate the ARSM functionality if needed.
When the NIB is compiled for 6LN mode (but not a 6LBR), the Stateless
Address Autoconfiguration (SLAAC) functionality is disabled, as it is
typically not required; see `sys/include/net/gnrc/ipv6/nib/conf.h`, ll.
46 and 55. However, if a non-6LN interface is also compiled in (still
without making the node a border router) an auto-configured address will
be assigned in accordance with [RFC 6775] to the interface, just
assuming the interface is a 6LN interface. As it then only performs
duplicate address detection RFC-6775-style then, the address then never
becomes valid, as the duplicate address detection according to [RFC
4862] (part of the SLAAC functionality) is never performed.
As auto-configuring an address without SLAAC doesn't make sense, this
fix makes the interface skip it completely, but provides a warning to
the user, so they know what to do.
[RFC 6775]: https://tools.ietf.org/html/rfc6775#section-5.2
[RFC 4862]: https://tools.ietf.org/html/rfc4862#section-5.4
The functions now are semantic distinct:
- gnrc_netif_is_6lo(): the interface is a 6Lo interface
- gnrc_netif_is_6ln(): the interface is using Neighbor Discovery
according to RFC 6775
We want to check if the interface is an interface requiring the 6Lo
adaptation layer, not if it is a 6LN according to RFC 6775 [[1]].
[1]: https://tools.ietf.org/html/rfc6775#section-2
When writing to the IPv6 header the implementation currently doesn't
take the packet with the (potentially) duplicated header, but the
packet with the original one, which leads to the packet sent and then
released in `gnrc_netif_ethernet.c` first and then accessed again in
further iterations of the "writing to the IPv6 header" loop, which
causes access to an invalid pointer, causing a crash.
Fixes#11980
While 485dbd1fda (from #12175) was right
in assuming that the for most ICMPv6 error messages the originating
packet's destination address must not be a multicast, this is not the
case for _all_ ICMPv6 error messages (see [RFC 4443], section 2.4(e.3)).
Additionally, 485dbd1fda removed the
check for the source address ([RFC 4443], section 2.4(e.6)), which this
PR re-adds.
[RFC 4443]: https://tools.ietf.org/html/rfc4443#section-2.4
Rather than dispatching the packet automatically once it is complete,
`gnrc_sixlowpan_frag_rb_add()` now only returns success, and leaves it
to the caller to dispatch the packet.
While it is correct to not use an invalid address as a source address,
it is incorrect to assume that addresses not assigned to the interface
(`idx == -1` in the respective piece of code) are invalid: Other than
classic forwarding via a FIB, forwarded packets utilizing a IPv6
routing header will pass this check, like any other packet sent by this
node. The source address for these is not on the given node, so e.g.
source routing is not possible at the moment.
The IPv6 (extension) headers of the first fragment received are re-used
for the reassembled packet, so when receiving a subsequent packet we
need to distinguish, if we just want to release the payload or all of
the packet after the packet data was added to the reassembly buffer.
Without this change an attacker would be able to stop the emcute server
by sending a crafted packet triggering this branch. The solution is
using `continue` instead of `return`.
Due to some changes to the minimal forwarding draft and in preparation
for Selective Fragment Recovery some changes to the VRB API were
needed. Now the index of a VRB entry is only (L2 src, tag) not as
before (L2 src, L2 dst, length, tag).
I know that the current `rbuf_base` causes waste, as all the fields not
used by the new index are effectively not used by the VRB. I'd like to
fix that however in a later change, since that also requires some
modifications of the classic reassembly buffer, and thus would
complicate the review and testing of the change.
Sources for the index change:
- https://tools.ietf.org/html/draft-ietf-6lo-minimal-fragment-04#section-1
- https://mailarchive.ietf.org/arch/browse/6lo/?gbt=1&index=DLCTxC2X4bRNtYPHhtEkavMWlz4
This fixes a denial of service where an attacker would be able to cause
a NULL pointer dereference by sending a spoofed packet. This attack only
requires knowledge about pending message ids.
TCP options have up to three fields (kind, length, value). The
current code only checks for the presence of the first field. Before
accessing the second field (length) the code must ensure that a length
field is even present.
A received packet is outputted in DEBUG _after_ it was already parsed,
but with a reference to the already parsed header. The result is that
there can be some garbage in the output and the packet is not dumped in
total. As without parsing we do not have access to the header yet, we
use the `gnrc_netif_addr_to_str()` helper function instead of parsing
the destination address by hand.
before this commit the src address was checked for multicast, but the dst address should be checked. Therefore udp multicast packets would be flooded back to the src as ICMPv6 error, as not all nodes had a UDP receiver registered.
When a keepalive timeout occurs keepalive_retry_cnt remains zero,
so when the connection is re-established _on_keepalive_evt will
immediately disconnect instead of actually sending a keepalive ping.
The sequence looks like:
1. _on_connack: start con->keepalive_timer
2. Server does not respond to keepalive pings
3. _on_keepalive_evt: con->keepalive_retry_cnt reaches zero
4. Connection torn down and ASYMCUTE_DISCONNECTED sent to application
5. Application starts reconnection
6. _on_connack: start con->keepalive_timer again
7. First _on_keepalive_evt: con->keepalive_retry_cnt is still zero
8. Repeat from 4.
So this simply resets keepalive_retry_cnt in _on_connack when
the keepalive timer is restarted. It's a new connection, so
resetting the keepalive retry counter make senses regardless.
Signed-off-by: Derek Hageman <hageman@inthat.cloud>
From the gnrc_pktbuf_mark documentation:
It's not guaranteed that `result->data` points to the
same address as the original `pkt->data.
Thus it should be necessary to update the `hdr` pointer.
If an address was pre-configured by the upper layer its validity is
currently ignored. It is neither checked if the address is on the
interface at all nor is it checked if it is valid.
This change provides a fix for that by checking both facts.
The length field in an MQTT packet carries the _total_ length of the
packet. If it is below 256 (i.e. fits in one byte) only one byte is
used for the length field. If it is larger than that 3 bytes are used,
with the first byte having the value `0x01` and the remaining bytes
representing the length in as a 2 byte unsigned integer in network byte
order. Resulting from that it can be assessed that the check in
`emcutes`'s `set_len()` function is wrong as it needs to be checked if
`len` is lesser or equal to `0xff - 1`. `len <= (0xff - 1)` can be
simplified to `len < 0xff`. For some larger packages this safes 2 bytes
of wasted packet space.
`len` is used with the `memcpy()` to copy the payload to `tbuf`. With a
payload provided that is just long enough to fill `tbuf`, `len += 6`
leads to the `memcpy()` overriding data after `tbuf` (e.g. the
`mutex` that is unlocked right after) and thus resulting in potential
segmentation faults.
Additionally `+ 6` can only be applied if the total packet length is
below 256 (see spec), so `len + pos` is what needs to be provided to the
corresponding send functions instead (`pos` adapts to the header length
of the PUBLISH message).
When reworking the reception of IPv6 packets I reset a previously set
`ipv6` snip as follows when the IPv6 extension handler returns a
packet (see first hunk of this commit):
```C
ipv6 = pkt->next->next
```
With `gnrc_ipv6_ext` this makes *somewhat* sense, `pkt->next` was
previously equal to `ipv6` and after the function call `pkt->next`
is the marked extension header, while `pkt->next->next` is the IPv6
header. However, since `ipv6` is already write-protected i.e.
`ipv6->users == 1` (see ll. 665-675), any additional call of
`gnrc_pktbuf_start_write()` [won't][start-write-doc] duplicate the
packet. In fact, the only `gnrc_pktbuf_start_write()` in
`gnrc_ipv6_ext` is used to send the *result* to the subscribers of that
extension header type, leaving the original packet unchanged for the
caller. As such `ipv6` remains the pointer to the IPv6 header whether
we set it in the line above or not. So we actually don't need that
line.
However, the extension header handling also returns a packet when
`gnrc_ipv6_ext` is not compiled in. In that case it is just a dummy
define that returns the packet you give provide it which means that
this still holds true: `pkt->next == ipv6`.
So setting `ipv6` in this case is actually harmful, as `ipv6` now
points to the NETIF header [following the IPv6 header][pkt-structure]
in the packet and this causes the `user` counter of that NETIF header
`hdr` to be decremented if `hdr->users > 1` in the write-protection I
removed in hunk 2 of this commit:
```C
/* pkt might not be writable yet, if header was given above */
ipv6 = gnrc_pktbuf_start_write(ipv6);
if (ipv6 == NULL) {
DEBUG("ipv6: unable to get write access to packet: dropping it\n");
gnrc_pktbuf_release(pkt);
return;
}
```
But as we already established, `ipv6->users` is already 1, so we don't
actually need the write protection here either.
Since the packet stays unchanged after the `ipv6` snip, we also don't
need to re-search for `netif_hdr` after the other two lines are
removed.
[start-write-doc]: https://doc.riot-os.org/group__net__gnrc__pktbuf.html#ga640418467294ae3d408c109ab27bd617
[pkt-structure]: https://doc.riot-os.org/group__net__gnrc__pkt.html#ga278e783e56a5ee6f1bd7b81077ed82a7
The `addr` parameter of the NIB's `_handle_dad()` function can come
from anywhere (e.g. in the fallback to classic SLAAC the destination
address of the IP header is used), so putting that pointer in a timer
is not a good idea. Instead we use the version of the address that is
stored within the interface.
`_demux()` might change `pkt->data` in all kind of ways (moving it due
to `gnrc_pktbuf_mark()`, though unlikely; releasing it, because e.g. it
starts with a fragment header that marks a fragmented packet containing
only one fragment, etc.) so accessing the pointer *after* calling
`_demux()` is somewhat playing with fire. This change avoids this by
storing the value of `ext_hdr->nh` (all we are interested in here) in a
temporary variable that then is used to set the out-parameter `nh`.
`protnum` needs to be unchanged before the call to `_demux()` as it was
set by the previous iteration and determines what extension header
actually is handled.
If the interface's link-layer doesn't use link-layer addresses it
obviously doesn't make sense to auto-configure an IPv6 address from it.
Moreover, I think the address `fe80::` is actual illegal, but I
couldn't find any references for it.
This option complements the existing coap_opt_add_{uint,string} and even
more special-purpose functions; its implementation is trivial given the
existing static _add_opt_pkt function.
The method is useful when working with ETags (ETag, If-Match options).
The following functions can now be wrapped around the more generalized
approach:
- gnrc_netif_ipv6_iid_from_addr()
- gnrc_netif_ipv6_iid_to_addr()
- gnrc_netif_ndp_addr_len_from_l2ao()
- gnrc_netif_eui64_from_addr()
According to the documentation of `gnrc_ipv6_nib_get_next_hop_l2addr()`
`pkt` may be `NULL`. However, whenever that function sends an error
message (the methods for that require `orig_pkt` not to be NULL) `pkt`
is not checked, which may lead to failed assertions.
Not only does this leave open a risk to crash the node for the check
in `_compressible()` but also is the `tmp` check below getting confused
when `ptr` is `NULL`, since `gnrc_pktbuf_start_write()` returns `NULL`
in that case.
Size 0 snips are legal packet snips (empty payload e.g.) so it doesn't
make sense to issue an error in the write-protection in that case.
API documentation doesn't mention it either and the tests still pass
with the check removed.
Size 0 snips are legal packet snips (empty payload e.g.) so it doesn't
make sense to issue an error in the write-protection in that case.
API documentation doesn't mention it either and the tests still pass
with the check removed.
With newlib nano-specs the debug output without this change will be
6lo: dispatch 0hx ... is not supported
With this PR this will provide a correct output, e.g.
6lo: dispatch 0x3f ... is not supported
With `DEVELHELP` activated all required options required by GNRC are
now checked at interface initialization, so that developers of new
link-layer protocols or device drivers notice as soon as possible that
something is missing.
Currently the constructed NA for a delayed NA case is neither used nor
released nor does it get an IPv6 header to be used properly. This fixes
that case.
When working on the previous commit I was unsure if a
garbage-collectible entry should remain in the list, so I added this
comment so I don't have to wonder about this in the future ;-).
Fragment size calculation previously failed for devices that are able to
transmit bigger layer 2 PDUs that 802.15.4 devices. This commit fixes the issue.
The `_next_removable` list manages the cache-out of the neighbor cache.
However, when a neighbor cache entry is removed, it is not removed
from that list, which may lead to a segmentation fault when that list is
accessed, since the whole entry (including its list pointer) is zeroed
after removal.
With this change the entry is removed from that list accordingly before
the zeroing happens.
When either `gnrc_sixlowpan_iphc_nhc` or `gnrc_udp` is not compiled
in `_compressible()` never returns `true`. This causes the
`dispatch` snip in `gnrc_sixlowpan_iphc_send()` to be of length 0,
meaning `dispatch->data` is `NULL`, causing possible crashes when
trying to send IPv6 packets over 6LoWPAN without NHC or UDP.
This the first step in moving the collection of layer 2 netstats from
the low level driver to a central location, ie. gnrc_netif, to avoid
code duplication.
`gnrc_networking` is unusable when compiled for boards that do not have
any network devices on-board due to an assertion in RPL's auto-init. I
think this is pretty harsh. A friendly info message is enough, as it
might not even be an error. Also, if one expects RPL to work without
network interfaces they are a fool ;-).
Once the packet buffer is full on heavy network load, gnrc_netif_hdr_build may return NULL. In that case, the following unchecked access to hdr->data leads to a crash.
`gnrc_sixlowpan_frag` internally derives the offset value directly
from the fragment header, so for normal usage within GNRC this
assertion is redundant, but to make the tests of `rbuf_add` 100%
water-tide I added it.
Currently the loop just continues to run after a viable type is found.
In #10851 this lead to a crash of the tests, when the dependency of
`gnrc_sixlowpan` to `gnrc_ipv6` was removed.
When a new queue entry is tried to be allocated for a neighbor who's
address is currently tried to be resolved there was no error case
before. The packet that was tried to be put in the queue was thus not
released and stayed in the packet buffer for ever.
This is just a compatibility issue waiting to happen as soon as there
is support for a more standard-compliant implementation of BLE (like
e.g. NimBLE ;-)).
The function to infer the link-layer address length from the length of
a S/TLLAO is very dependent on the IPv6 over X specification and thus
should be grouped with the other IP over X functions.
Use the `gnrc_netif_t::pid` member instead of the pid of the current thread when generating the the `gnrc_netif_hdr` in `gnrc_netif_ieee802154::_recv` function.
Use the `gnrc_netif_t::pid` member instead of the pid of the current thread when generating the the `gnrc_netif_hdr` in `gnrc_netif_ethernet::_recv` function.
While the recursion in `gnrc_sixlowpan_frag` shouldn't be infinite we
still should avoid using recursions in general (also to be able to
statically analyze stack usage). This unrolls the recursion.
When having a non-6LN interface and a 6LN interface (e.g. on a border
router) the assertion can hit when a Router Advertisement is received.
This makes the check an `if` statement rather than an assertion, to
account for that case.
Co-authored-by: Gunar Schorcht <gunar@schorcht.net>
When issueing the sending of the next fragment the current version of
`gnrc_sixlowpan_frag` doesn't check if the queue is full. This leads to
leakage of the packet buffer, since when it is full, the package never
gets released.
This change adds a checks and error exits in case the queue is full.
Since the recursion into `gnrc_ipv6_demux()` was removed in
`gnrc_ipv6_ext`, `gnrc_ipv6.c` is the only user of this function,
so it can be made private. It was only made public so it can be used
from `gnrc_ipv6_ext`.
As `pkt` isn't pre-parsed the write-protection of *the whole* packet
(except the netif-header) comes for free, when this was done in the
receive routine of IPv6.
Since with #10233 we now assume IPv6 packets always to not be
pre-parsed, we can iterate over the extension headers by gradually
"eating" them away. This allows us to move the iteration over them
out of `gnrc_ipv6_ext_demux()` and into `gnrc_ipv6_demux()`.
By moving the iteration over all extension headers out of
`gnrc_ipv6_ext_demux()` we also can
1. simplify the extension header handling a lot, as it now
just a loop inside `gnrc_ipv6_demux()`,
2. remove the recursion to `gnrc_ipv6_demux()` within
`gnrc_ipv6_ext_demux()`.
Since the packet is now guaranteed to be preparsed, the currently
handled IPv6 header will always be in the first snip. Because of this
the packet parser can't get confused anymore which IPv6 header is the
one to be handled so we don't need to remove the more outer ones.
Because of this we can just use the normal packet dispatching (which is
already used by other `GNRC_NETTYPE_*`-known protocol numbers such as
UDP).
This also reverts d54ac38f84.
Though this change might seem more complicated, it has the benefit, that
after #9484 we don't have to assume that a received packet within IPv6's
receive function can be handed to the function pre-parsed, making that
function far less complicated (will be provided in a future PR).
Also this might give the forwarding via routing header a little
performance boost, as we now don't *receive* the packet first only to
forward it later-on.
The inclusion of `net/gnrc.h` in `net/gnrc/mac/types.h` header makes it
impossible to include the `net/gnrc/netif.h` header within
`net/gnrc/netif/hdr.h`, due to `net/gnrc/mac/types.h` being included
with `net/gnrc/netif/mac.h` (which is included in `net/gnrc/netif.h`)
While it is an edge case in our configuration it is technically
possible for a (6Lo) router not to maintain an address resolution state
machine. This fix allows for that with the `gnrc_ndp` module.
Check for:
- if it exists (critical error condition -- non-IPv6 headers should
not trigger these functions) => assert
- if it has a multicast source (that shouldn't really happen but
people might try weird stuff ;-)
- if it has an unspecified source (can't determine receiver of error
message => don't send it, don't build it)
sock_[udp|ip]_recv returns `pkt->size` after pkt was released via `gnrc_pktbuf_release(pkt)`.
This can result in wrong values returned by this functions and thus is not according to its sepecification.
Storing this values before releasing pkt returning the stored values should fix this.
Without this the first packet to a new link-local address will not be
delivered in non-6Lo environments, since the interface is not provided.
With this change, if an internet was provided to the address resolver it
will be stored within an allocated `gnrc_netif_hdr_t`.
At this point [IPv6 already striped](netif strip) the packet of its
netif header, so there is no risk that there will be to, in case it was
provided and the `netif` came from its existence.
`_decapsulate()` is called by callees of `_receive()` so the call to
the latter function within the first creates a recursion we don't want.
Using `gnrc_netapi` instead removes that and provides the added benefit
that other subscribers to IPv6 are also informed.
Adds a gnrc_netif specific rawmode flag to indicate that the netdev
device is configured in raw mode. This flag is kept in sync with a
possible flag in the netdev device and should only be modified via the
setter call.
gnrc_sock_recv used to duplicate functionality of gnrc_ipv6_get_header,
but additionally checked whether the IPv6 snip is large enough.
All checks are now included in gnrc_ipv6_get_header, but as most of them
stem from programming / user errors, they were moved into asserts; this
constitutes an API change.
For CoAP, there is actually a difference between
`/some/path` and `/some/path/`. This needs to be reflected
when parsing the URI and location path options from a given
string.
Our `gnrc_minimal` example configures the link-local address from the
IEEE 802.15.4 short address since it does not include 6Lo-ND.
This causes the application to be incompatible with our other GNRC
application that do include 6Lo-ND, since it [assumes][1] the link-local
address to be based on the EUI-64 for address resolution.
This enforces long addresses (aka EUI-64) for all IEEE 802.15.4 devices
when IPv6 is compiled in so `gnrc_minimal` is compatible again to the
rest.
Fixes#9910
[1]: https://tools.ietf.org/html/rfc6775#section-5.2
- add generic string put and get functions
- add location path and location query options
- add dedicated functions for getting and setting
URI query, URI path, location query, and location path
options
Currently the length of the full ICMPv6 packet is passed to the
validator function causing validation failures on valid packets. This
fixes that by passing the length of remaining RPL options of the packet.
The code originally assumed that the location of DIS struct is directly
after the ICMPv6 struct. This is not necessarily true when both structs
are individually allocated by pktbuf. This commit fixes this issue by
directly accessing the location of the DIS struct.
Linux doesn't have ARO support at the moment so this is a workaround to
try to speak 6Lo-ND while still being able to do DAD with a border
router that doesn't.
UDP port 0 is reserved for system usage, e.g., to tell the OS to
set a random source port. Hence, neither source nor destination
port should be 0 when transmitting. This PR adds proper asserts.
While `tmp` in the loop for write-protection for the check-sum
calculation is used to check the return value of
`gnrc_pktbuf_start_write()`, it was never overwriting `payload` causing
the original snip to be used in the following iteration `prev` when
duplicated, and destroying the sanity of `ipv6`.
A CoAP resource is a primary object between the application
and CoAP library. The Library needs the paths, methods,
and handlers from it, so that it can call the right handler.
However, it never needs to change any of them.
The application also needs the resources. The application
may want to declare the resources as const, since it may
want to store them in flash.
This refactors reception/decoding part of `gnrc_sixlowpan_iphc` to the
more layered approach modeled in #8511. Since the reception part is
already complicated enough I decided to divide send and receive up into
separate changes.
This refactors sending/encoding part of `gnrc_sixlowpan_iphc` to the
more layered approach modeled in #8511. Since the reception part is
already was pretty complicated to refactor, I decided to divide send
and receive up into separate changes.
This will be used in the IPHC refactoring to control the reassembly
buffer as a context.
I also adapted the name of `gnrc_sixlowpan_frag_gc_rbuf()` to be in
line with the rest of the newer functions.
Add additional checks to the port number parsing in str2ep to validate
the port number supplied in the string. This only verifies that the port
number is no longer than 5 chars and the resulting number fits in a
uint16_t.
It is still possible to supply up to 5 random chars.
URLs without a path were treated as invalid, while according to the URL
specification they are valid
Also fixes a missing null terminator in the returned path
On a NETOPT_STATE set call with NETOPT_STATE_RESET the netdev device
resets the callback event flags. This requires that after the netdev
device resets, the network stack also reapplies these callback event
flags
This change is a gnrc_ipv6_nib/gnrc_netif(2)-based rework of #7210.
Packet duplication
==================
Its main optimization is that it restructures `gnrc_ipv6` handling of
sent packets so that duplication for write-protection happens at the
latest possible step:
* potential `gnrc_netif` headers added by upper layers are
write-protected before their removal
* This unifies the duplication of the IPv6 header directly after
that
* Extension headers in-between the IPv6 header and the payload header
are duplicated just before the check sum is duplicated
Especially the last point allows for only handing a single packet snip
to all lower functions instead of an already searched IPv6 header
(which now is always the first until it is handed to the interface) +
payload header.
Further clean-ups
=================
* Next-hop link-layer address determination was moved to the
`_send_unicast` function, greatly simplifying the unicast case in the
`_send` function
* Code for loopback case was added to a new function `_send_to_self`
* Removed some code duplication
While refactoring IPHC I noticed that the page actually can already be
used for fragmentation: Given @cgundogan's work on [ICN LoWPAN] we can
already assume, that the page context may (among other thing) determine
the type of the reassembled packet. This PR provides the basis for
that.
[ICN LoWPAN]: https://tools.ietf.org/html/draft-gundogan-icnrg-ccnlowpan-01
While the current approach for garbage collection in the 6Lo reassembly
buffer is good for best-effort handling of
*fragmented* packets and nicely RAM saving, it has the problem that
incomplete, huge datagrams can basically DoS a node, if no further
fragmented datagram is received for a while (since the packet buffer is
full and GC is not triggered).
This change adds a asynchronous GC (utilizing the existing
functionality) to the reassembly buffer, so that even if there is no new
fragmented packet received, fragments older than `RBUF_TIMEOUT` will be
removed from the reassembly buffer, freeing up the otherwise wasted
packet buffer space.
Since IPHC also manipulates the total number of bytes of a received
datagram (by decompressing it), this also needs to be exposed. I guess
I was too focused on introducing a *generic* packet buffer for a future
virtual reassembly buffer (where it isn't needed, but so isn't `pkt` to
be honest), that I totally forgot about it in #9352.
This fixes an alignment issue I encountered in the static version of
the packet buffer.
The bug is caused by a race-condition where a certain order of
operations leads to a chunk being released according to the
byte-alignment of the platform, but overlapping potential space for
a future `_unused_t` struct e.g. (x mark allocated regions):
Future leak of size sizeof(_unused_t) Time
v |
+------------+-----+--------------------+ |
|xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx| +
+------------+-----+--------------------+ |
|
+------------+--+--+--------------------+ |
| |xxxxxxxxxxxxxxxxxxxxxxx| +
+------------+--+--+--------------------+ |
|
+-----+------+--+--+--------------------+ |
|xxxxx| |xxxxxxxxxxxxxxxxxxxxxxx| +
+-----+------+--+--+--------------------+ |
|
+-----+------+-----+---------+----------+ |
|xxxxx| |xxxxxxxxxx| +
+-----+------+-----+---------+----------+ |
|
+-----+------+-----+--------------------+ |
|xxxxx| |xxxxxxxxxxxxxxxxxxxxxxxxxx| +
+-----+------+-----+--------------------+ |
|
+------------+-----+--------------------+ |
|xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx| +
+------------+-----+--------------------+ |
|
+------------+-----+--------------------+ |
|xxxxxxxxxxxxxxxxxx| | +
+------------+-----+--------------------+ |
|
+------------+-----+--------------------+ |
| |xxxxx| | +
+------------+-----+--------------------+ |
v
Sadly, I wasn't able to create a reproducable unittest that show-cases
this corner-case, since I don't understand the order of operations that
cause this one 100%, but the bug is reproducable (but also not
reliably) by sending large (i.e. fragmented) packets to a 6Lo-enabled
host from more than 1 host simultaneously (use `gnrc_pktbuf_cmd` to
check).
By making the size of `_unused_t` the only condition for alignment,
this bug is fixed.
This refactors the `gnrc_sixlowpan_frag` module for the API proposed
in #8511.
The `ctx` for `gnrc_sixlowpan_frag_send()` is required to be a
`gnrc_sixlowpan_msg_frag_t` object, so IPHC can later on use it to
provide the *original* datagram size (otherwise, we would need to adapt
the API just for that, which seems to me as convoluted as this
proposal).
I also provide an expose function with a future possibility to provide
more than just one `gnrc_sixlowpan_msg_frag_t` object later on (plus
having cleaner module separation in general).
While working on #9352 I noticed that the order of members in the
`gnrc_sixlowpan_msg_frag_t` struct costs us 4 bytes in RAM due to byte
alignment. This PR fixes the order of members, so they are the most
packed.
This exposes the parts of the reassembly buffer to be usable as context
as proposed in #8511.
I only exposed *parts of* for two reasons:
1. I don't need to expose further types (like `rbuf_int_t`), that are
not of interest outside of fragmentation.
2. This allows for an easy future extension for the virtual reassembly
buffer as proposed in [[1]].
This makes this change a little bit more involved, because instead of
just renaming the type, I also need to add the usage of the `super`
member, but I think in the end this little preparation work will be
beneficial in the future.
[1]: https://tools.ietf.org/html/draft-watteyne-6lo-minimal-fragment-01#section-3
Fix re-register when using the same token.
Handle edge cases when change token for a resource.
Only set observer and resource on initial registration.
Discuss re-registration in documentation.