added uipbuf attributes for llsec level and key and added payloadlen in mac

2018-10-20 22:25:55 +02:00 · 2018-10-20 22:25:55 +02:00 · c42fae82da
parent df130952c7
commit c42fae82da
14 changed files with 200 additions and 34 deletions
--- a/arch/cpu/nrf52832/ble/ble-mac.c
+++ b/arch/cpu/nrf52832/ble/ble-mac.c
@ -347,6 +347,12 @@ off(void)
  return 1;
 }
 /*---------------------------------------------------------------------------*/
 static int
 max_payload(void)
 {
  return PACKETBUF_SIZE;
 }
 /*---------------------------------------------------------------------------*/
 static void
 init(void)
 {
@ -371,7 +377,8 @@ const struct mac_driver ble_ipsp_mac_driver = {
  send_packet,
  NULL,
  on,
-  off
+  off,
  max_payload
 };
 /*---------------------------------------------------------------------------*/
 /**
--- a/os/net/ipv6/sicslowpan.c
+++ b/os/net/ipv6/sicslowpan.c
@ -74,10 +74,6 @@
 #include "net/packetbuf.h"
 #include "net/queuebuf.h"
 #if MAC_CONF_WITH_CSMA && LLSEC802154_CONF_ENABLED
 #include "net/mac/csma/csma-security.h"
 #endif /* MAC_CONF_WITH_CSMA && LLSEC802154_CONF_ENABLED */
 #include "net/routing/routing.h"
 /* Log configuration */
@ -1618,23 +1614,26 @@ output(const linkaddr_t *localdest)
    return 0;
  }
 #endif /* SICSLOWPAN_COMPRESSION >= SICSLOWPAN_COMPRESSION_IPHC */
-
+#if LLSEC802154_USES_AUX_HEADER
-#if MAC_CONF_WITH_CSMA && LLSEC802154_CONF_ENABLED
+  /* copy LLSEC level */
-    packetbuf_set_attr(PACKETBUF_ATTR_SECURITY_LEVEL,
+  packetbuf_set_attr(PACKETBUF_ATTR_SECURITY_LEVEL,
-                       FRAME802154_SECURITY_LEVEL_NONE != CSMA_LLSEC_SECURITY_LEVEL);
+    uipbuf_get_attr(UIPBUF_ATTR_LLSEC_LEVEL));
-#endif /* MAC_CONF_WITH_CSMA && LLSEC802154_CONF_ENABLED */
+#if LLSEC802154_USES_EXPLICIT_KEYS
-
+  packetbuf_set_attr(PACKETBUF_ATTR_KEY_INDEX,
    uipbuf_get_attr(UIPBUF_ATTR_LLSEC_KEY_ID));
 #endif /* LLSEC802154_USES_EXPLICIT_KEYS */
 #endif /*  LLSEC802154_USES_AUX_HEADER */
  /* Calculate NETSTACK_FRAMER's header length, that will be added in the NETSTACK_MAC.
   * We calculate it here only to make a better decision of whether the outgoing packet
   * needs to be fragmented or not. */
  packetbuf_set_addr(PACKETBUF_ADDR_RECEIVER, &dest);
-  framer_hdrlen = NETSTACK_FRAMER.length();
+  max_payload = NETSTACK_MAC.max_payload();
-  if(framer_hdrlen < 0) {
+  if(max_payload <= 0) {
-    /* Framing failed, we assume the maximum header length */
+  /* Framing failed, drop packet */
-    framer_hdrlen = MAC_MAX_HEADER;
+    LOG_WARN("output: failed to calculate payload size - dropping packet\n");
    return 0;
  }
  max_payload = MAC_MAX_PAYLOAD - framer_hdrlen;
  frag_needed = (int)uip_len - (int)uncomp_hdr_len + (int)packetbuf_hdr_len > max_payload;
  LOG_INFO("output: header len %d -> %d, total len %d -> %d, MAC max payload %d, frag_needed %d\n",
            uncomp_hdr_len, packetbuf_hdr_len,
--- a/os/net/ipv6/uip6.c
+++ b/os/net/ipv6/uip6.c
@ -409,6 +409,7 @@ uip_init(void)
 {
  int c;
  uipbuf_init();
  uip_ds6_init();
  uip_icmp6_init();
  uip_nd6_init();
--- a/os/net/ipv6/uipbuf.c
+++ b/os/net/ipv6/uipbuf.c
@ -37,6 +37,7 @@
 /*---------------------------------------------------------------------------*/
 static uint16_t uipbuf_attrs[UIPBUF_ATTR_MAX];
 static uint16_t uipbuf_default_attrs[UIPBUF_ATTR_MAX];
 /*---------------------------------------------------------------------------*/
 /* Get the next header given the buffer - start indicates that this is
@ -101,15 +102,21 @@ uipbuf_set_attr(uint8_t type, uint16_t value)
  return 0;
 }
 /*---------------------------------------------------------------------------*/
 int
 uipbuf_set_default_attr(uint8_t type, uint16_t value)
 {
  if(type < UIPBUF_ATTR_MAX) {
    uipbuf_default_attrs[type] = value;
    return 1;
  }
  return 0;
 }
 /*---------------------------------------------------------------------------*/
 void
 uipbuf_clear_attr(void)
 {
-  /* set everything to "zero" */
+  /* set everything to "defaults" */
-  memset(uipbuf_attrs, 0, sizeof(uipbuf_attrs));
+  memcpy(uipbuf_attrs, uipbuf_default_attrs, sizeof(uipbuf_attrs));
  /* And initialize anything that should be initialized */
  uipbuf_set_attr(UIPBUF_ATTR_MAX_MAC_TRANSMISSIONS,
                  UIP_MAX_MAC_TRANSMISSIONS_UNDEFINED);
 }
 /*---------------------------------------------------------------------------*/
 void
@ -131,3 +138,15 @@ uipbuf_is_attr_flag(uint16_t flag)
  return (uipbuf_attrs[UIPBUF_ATTR_FLAGS] & flag) == flag;
 }
 /*---------------------------------------------------------------------------*/
 void
 uipbuf_init(void)
 {
  /* And initialize anything that should be initialized */
  uipbuf_set_attr(UIPBUF_ATTR_MAX_MAC_TRANSMISSIONS,
                  UIP_MAX_MAC_TRANSMISSIONS_UNDEFINED);
  /* set the not-set default value - this will cause the MAC layer to
     configure its default */
  uipbuf_set_attr(UIPBUF_ATTR_LLSEC_LEVEL, UIPBUF_ATTR_LLSEC_LEVEL_MAC_DEFAULT);
 }
 /*---------------------------------------------------------------------------*/
--- a/os/net/ipv6/uipbuf.h
+++ b/os/net/ipv6/uipbuf.h
@ -81,6 +81,17 @@ uint16_t uipbuf_get_attr(uint8_t type);
 */
 int uipbuf_set_attr(uint8_t type, uint16_t value);
 /**
 * \brief          Set the default value of the attribute
 * \param type     The attribute to set the default value of
 * \param value    The value to set
 * \retval         0 - indicates failure of setting the value
 * \retval         1 - indicates success of setting the value
 *
 *                 This function sets the default value of a uipbuf attribute.
 */
 int uipbuf_set_default_attr(uint8_t type, uint16_t value);
 /**
 * \brief          Set bits in the uipbuf attribute flags.
 * \param flag_bits The bits to set in the flag.
@ -115,6 +126,14 @@ uint16_t uipbuf_is_attr_flag(uint16_t flag_bits);
 */
 void uipbuf_clear_attr(void);
 /**
 * \brief          Initialize uipbuf attributes.
 *
 *                 This function initialize all attributes in the uipbuf
 *                 attributes including all flags.
 */
 void uipbuf_init(void);
 /**
 * \brief The bits defined for uipbuf attributes flag.
 *
@ -124,6 +143,9 @@ void uipbuf_clear_attr(void);
 /* Avoid using prefix compression on the packet (6LoWPAN) */
 #define UIPBUF_ATTR_FLAGS_6LOWPAN_NO_PREFIX_COMPRESSION   0x02
 /* MAC will set the default for this packet */
 #define UIPBUF_ATTR_LLSEC_LEVEL_MAC_DEFAULT               0xffff
 /**
 * \brief The attributes defined for uipbuf attributes function.
 *
--- a/os/net/mac/ble/ble-l2cap.c
+++ b/os/net/mac/ble/ble-l2cap.c
@ -505,6 +505,12 @@ off(void)
  return 0;
 }
 /*---------------------------------------------------------------------------*/
 static int
 max_payload(void)
 {
  return BLE_L2CAP_NODE_MTU;
 }
 /*---------------------------------------------------------------------------*/
 const struct mac_driver ble_l2cap_driver = {
  "ble-l2cap",
  init,
@ -512,6 +518,7 @@ const struct mac_driver ble_l2cap_driver = {
  input,
  on,
  off,
  max_payload,
 };
 /*---------------------------------------------------------------------------*/
 PROCESS_THREAD(ble_l2cap_tx_process, ev, data)
--- a/os/net/mac/csma/csma-security.c
+++ b/os/net/mac/csma/csma-security.c
@ -61,9 +61,11 @@
 #define LOG_MODULE "CSMA"
 #define LOG_LEVEL LOG_LEVEL_MAC
 static const char * HEX = "0123456789ABCDEF";
 #if LLSEC802154_USES_AUX_HEADER && LLSEC802154_USES_FRAME_COUNTER
-#define MIC_LEN LLSEC802154_MIC_LEN(CSMA_LLSEC_SECURITY_LEVEL)
+#define MIC_LEN(level) LLSEC802154_MIC_LEN(level)
 #if LLSEC802154_USES_EXPLICIT_KEYS
 #define LLSEC_KEY_INDEX (FRAME802154_IMPLICIT_KEY == packetbuf_attr(PACKETBUF_ATTR_KEY_ID_MODE) \
@ -104,7 +106,8 @@ aead(uint8_t hdrlen, int forward)
  uint8_t *a;
  uint8_t a_len;
  uint8_t *result;
-  uint8_t generated_mic[MIC_LEN];
+  /* Allocate for MAX level */
  uint8_t generated_mic[MIC_LEN(7)];
  uint8_t *mic;
  uint8_t key_index;
  aes_key_t *key;
@ -142,14 +145,14 @@ aead(uint8_t hdrlen, int forward)
  CCM_STAR.aead(nonce,
      m, m_len,
      a, a_len,
-      result, MIC_LEN,
+      result, MIC_LEN(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) & 0x07),
      forward);
  if(forward) {
-    packetbuf_set_datalen(packetbuf_datalen() + MIC_LEN);
+    packetbuf_set_datalen(packetbuf_datalen() + MIC_LEN(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) & 0x07));
    return 1;
  } else {
-    return (memcmp(generated_mic, mic, MIC_LEN) == 0);
+    return (memcmp(generated_mic, mic, MIC_LEN(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) & 0x07)) == 0);
  }
 }
@ -171,6 +174,15 @@ csma_security_create_frame(void)
  }
  if(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) > 0) {
    int i = 0;
    uint8_t *p;
    LOG_DBG("  Payload before (%d):", packetbuf_totlen());
    p = packetbuf_hdrptr();
    for(i = 0; i < packetbuf_totlen(); i++) {
      LOG_DBG_("%c%c", HEX[(p[i] >> 4) & 0x0f], HEX[p[i] & 0x0f]);
    }
    LOG_DBG("\n");
    if(!aead(hdr_len, 1)) {
      LOG_ERR("failed to encrypt packet to ");
      LOG_ERR_LLADDR(packetbuf_addr(PACKETBUF_ADDR_RECEIVER));
@ -183,6 +195,14 @@ csma_security_create_frame(void)
    LOG_INFO_LLADDR(packetbuf_addr(PACKETBUF_ADDR_RECEIVER));
    LOG_INFO_(" %u (%u) KEY:0x%02x\n", packetbuf_datalen(), packetbuf_totlen(),
              LLSEC_KEY_INDEX);
    LOG_DBG("  Payload after: (%d)", packetbuf_totlen());
    p = packetbuf_hdrptr();
    for(i = 0; i < packetbuf_totlen(); i++) {
      LOG_DBG_("%c%c", HEX[(p[i] >> 4) & 0x0f], HEX[p[i] & 0x0f]);
    }
    LOG_DBG_("\n");
  }
  return hdr_len;
 }
@ -193,7 +213,8 @@ csma_security_frame_len(void)
 {
  if(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) > 0 &&
     LLSEC_KEY_INDEX != 0xffff) {
-    return NETSTACK_FRAMER.length() + MIC_LEN;
+    return NETSTACK_FRAMER.length() +
      MIC_LEN(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) & 0x07);
  }
  return NETSTACK_FRAMER.length();
 }
@ -242,12 +263,12 @@ csma_security_parse_frame(void)
    return FRAMER_FAILED;
  }
-  if(packetbuf_datalen() <= MIC_LEN) {
+  if(packetbuf_datalen() <= MIC_LEN(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) & 0x07)) {
    LOG_ERR("MIC error - too little data in frame!\n");
    return FRAMER_FAILED;
  }
-  packetbuf_set_datalen(packetbuf_datalen() - MIC_LEN);
+  packetbuf_set_datalen(packetbuf_datalen() - MIC_LEN(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) & 0x07));
  if(!aead(hdr_len, 0)) {
    LOG_INFO("received unauthentic frame %u from ",
             (unsigned int) anti_replay_get_counter());
--- a/os/net/mac/csma/csma.c
+++ b/os/net/mac/csma/csma.c
@ -49,10 +49,25 @@
 #define LOG_MODULE "CSMA"
 #define LOG_LEVEL LOG_LEVEL_MAC
 static void
 init_sec(void)
 {
 #if LLSEC802154_USES_AUX_HEADER
  if(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) ==
     PACKETBUF_ATTR_SECURITY_LEVEL_DEFAULT) {
    packetbuf_set_attr(PACKETBUF_ATTR_SECURITY_LEVEL,
                       CSMA_LLSEC_SECURITY_LEVEL);
  }
 #endif
 }
 /*---------------------------------------------------------------------------*/
 static void
 send_packet(mac_callback_t sent, void *ptr)
 {
  init_sec();
  csma_output_packet(sent, ptr);
 }
 /*---------------------------------------------------------------------------*/
@ -141,12 +156,30 @@ init(void)
  on();
 }
 /*---------------------------------------------------------------------------*/
 static int
 max_payload(void)
 {
  int framer_hdrlen;
  init_sec();
  framer_hdrlen = NETSTACK_FRAMER.length();
  if(framer_hdrlen < 0) {
    /* Framing failed, we assume the maximum header length */
    framer_hdrlen = CSMA_MAC_MAX_HEADER;
  }
  return CSMA_MAC_LEN - framer_hdrlen;
 }
 /*---------------------------------------------------------------------------*/
 const struct mac_driver csma_driver = {
  "CSMA",
  init,
  send_packet,
  input_packet,
  on,
-  off
+  off,
  max_payload,
 };
 /*---------------------------------------------------------------------------*/
--- a/os/net/mac/csma/csma.h
+++ b/os/net/mac/csma/csma.h
@ -65,6 +65,17 @@
 #define CSMA_ACK_LEN 3
 /* Default MAC len for 802.15.4 classic */
 #ifdef  CSMA_MAC_CONF_LEN
 #define CSMA_MAC_LEN CSMA_MAC_CONF_LEN
 #else
 #define CSMA_MAC_LEN 127
 #endif
 /* just a default - with LLSEC, etc */
 #define CSMA_MAC_MAX_HEADER 21
 extern const struct mac_driver csma_driver;
 /* CSMA security framer functions */
--- a/os/net/mac/mac.h
+++ b/os/net/mac/mac.h
@ -76,6 +76,9 @@ struct mac_driver {
  /** Turn the MAC layer off. */
  int (* off)(void);
  /** Read out estimated max payload size based on payload in packetbuf */
  int (* max_payload)(void);
 };
 /* Generic MAC return values. */
--- a/os/net/mac/nullmac/nullmac.c
+++ b/os/net/mac/nullmac/nullmac.c
@ -67,6 +67,12 @@ off(void)
  return 0;
 }
 /*---------------------------------------------------------------------------*/
 static int
 max_payload(void)
 {
  return 0;
 }
 /*---------------------------------------------------------------------------*/
 static void
 init(void)
 {
@ -78,6 +84,7 @@ const struct mac_driver nullmac_driver = {
  send_packet,
  packet_input,
  on,
-  off
+  off,
  max_payload,
 };
 /*---------------------------------------------------------------------------*/
--- a/os/net/mac/tsch/tsch.c
+++ b/os/net/mac/tsch/tsch.c
@ -62,6 +62,9 @@
 #include "net/mac/tsch/sixtop/sixtop.h"
 #endif
 /* Needed to estimate the MAC lenght */
 #define TSCH_MAC_MAX_LEN 127
 #if FRAME802154_VERSION < FRAME802154_IEEE802154_2015
 #error TSCH: FRAME802154_VERSION must be at least FRAME802154_IEEE802154_2015
 #endif
@ -1128,13 +1131,21 @@ turn_off(void)
  return 1;
 }
 /*---------------------------------------------------------------------------*/
 static int
 max_payload(void)
 {
  /* Setup security... before. */
  return TSCH_MAC_MAX_LEN -  NETSTACK_FRAMER.length();
 }
 /*---------------------------------------------------------------------------*/
 const struct mac_driver tschmac_driver = {
  "TSCH",
  tsch_init,
  send_packet,
  packet_input,
  turn_on,
-  turn_off
+  turn_off,
  max_payload,
 };
 /*---------------------------------------------------------------------------*/
 /** @} */
--- a/os/net/packetbuf.h
+++ b/os/net/packetbuf.h
@ -55,6 +55,7 @@
 #include "contiki.h"
 #include "net/linkaddr.h"
 #include "net/mac/llsec802154.h"
 #include "net/mac/csma/csma-security.h"
 #include "net/mac/tsch/tsch-conf.h"
 /**
@ -282,6 +283,8 @@ void              packetbuf_attr_copyfrom(struct packetbuf_attr *attrs,
 #define PACKETBUF_ATTR_BYTE 8
 #define PACKETBUF_ADDRSIZE (LINKADDR_SIZE * PACKETBUF_ATTR_BYTE)
 #define PACKETBUF_ATTR_SECURITY_LEVEL_DEFAULT 0xffff
 struct packetbuf_attrlist {
  uint8_t type;
  uint8_t len;
--- a/os/services/rpl-border-router/native/border-router-mac.c
+++ b/os/services/rpl-border-router/native/border-router-mac.c
@ -42,6 +42,7 @@
 #include "net/netstack.h"
 #include "packetutils.h"
 #include "border-router.h"
 #include "net/mac/csma-security.h"
 #include <string.h>
 /*---------------------------------------------------------------------------*/
@ -64,6 +65,19 @@ struct tx_callback {
 /*---------------------------------------------------------------------------*/
 static struct tx_callback callbacks[MAX_CALLBACKS];
 /*---------------------------------------------------------------------------*/
 init_sec(void)
 {
  /* use the CSMA LLSEC config parameter */
 #if LLSEC802154_USES_AUX_HEADER
  if(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) ==
     PACKETBUF_ATTR_SECURITY_LEVEL_DEFAULT) {
    packetbuf_set_attr(PACKETBUF_ATTR_SECURITY_LEVEL,
                       CSMA_LLSEC_SECURITY_LEVEL);
  }
 #endif
 }
 /*---------------------------------------------------------------------------*/
 void
 packet_sent(uint8_t sessionid, uint8_t status, uint8_t tx)
 {
@ -164,6 +178,13 @@ off()
  return 1;
 }
 /*---------------------------------------------------------------------------*/
 static int
 max_payload()
 {
  init_sec();
  return 127 - NETSTACK_FRAMER.length();
 }
 /*---------------------------------------------------------------------------*/
 static void
 init(void)
 {
@ -176,6 +197,7 @@ const struct mac_driver border_router_mac_driver = {
  send_packet,
  packet_input,
  on,
-  off
+  off,
  max_payload,
 };
 /*---------------------------------------------------------------------------*/