net: sockets: Remove support for AF_PACKET/IPPROTO_RAW combination

IPPROTO_RAW is not a valid protocol type for AF_PACKET sockets, which
should only use IEEE 802.3 protocol numbers. Therefore remove support
for this type of sockets.

As an alternative, users can use AF_PACKET/SOCK_DGRAM or
AF_INET(6)/SOCK_RAW, depending on the actual use case.

Signed-off-by: Robert Lubos <[email protected]>

Author: rlubos

subsys/net/ip/connection.c

@@ -701,7 +701,7 @@ enum net_verdict net_conn_input(struct net_pkt *pkt,
 			return NET_DROP;
 		}
 	} else if (IS_ENABLED(CONFIG_NET_SOCKETS_PACKET) && pkt_family == AF_PACKET) {
-		if (proto != ETH_P_ALL && proto != IPPROTO_RAW) {
+		if (proto != ETH_P_ALL) {
 			return NET_DROP;
 		}
 	} else if (IS_ENABLED(CONFIG_NET_SOCKETS_CAN) && pkt_family == AF_CAN) {
@@ -790,12 +790,12 @@ enum net_verdict net_conn_input(struct net_pkt *pkt,
 		/* Is the candidate connection matching the packet's protocol within the family? */
 		if (conn->proto != proto) {
 			/* For packet socket data, the proto is set to ETH_P_ALL
-			 * or IPPROTO_RAW but the listener might have a specific
-			 * protocol set. This is ok and let the packet pass this
-			 * check in this case.
+			 * but the listener might have a specific protocol set.
+			 * This is ok and let the packet pass this check in this
+			 * case.
 			 */
 			if (IS_ENABLED(CONFIG_NET_SOCKETS_PACKET) && pkt_family == AF_PACKET) {
-				if (proto != ETH_P_ALL && proto != IPPROTO_RAW) {
+				if (proto != ETH_P_ALL) {
 					continue; /* wrong protocol */
 				}
 			} else if (IS_ENABLED(CONFIG_NET_SOCKETS_INET_RAW) && raw_ip_pkt) {
@@ -816,17 +816,15 @@ enum net_verdict net_conn_input(struct net_pkt *pkt,
 			 * targets AF_PACKET sockets.
 			 *
 			 * All AF_PACKET connections will receive the packet if
-			 * their socket type and - in case of IPPROTO - protocol
-			 * also matches.
+			 * their socket type and protocol also matches.
 			 */
-			if (proto == ETH_P_ALL) {
-				/* We shall continue with ETH_P_ALL to IPPROTO_RAW: */
+			if (IS_ENABLED(CONFIG_NET_SOCKETS_PACKET_DGRAM) &&
+			    (proto == ETH_P_ALL) && !net_pkt_is_l2_processed(pkt)) {
+				/* We shall continue with ETH_P_ALL to AF_PACKET/SOCK_DGRAM: */
 				raw_pkt_continue = true;
 			}
 
-			/* With IPPROTO_RAW deliver only if protocol match: */
-			if ((proto == ETH_P_ALL && conn->proto != IPPROTO_RAW) ||
-			    conn->proto == proto) {
+			if (proto == ETH_P_ALL) {
 				enum net_verdict ret = conn_raw_socket(pkt, conn, proto);
 
 				if (ret == NET_DROP) {

subsys/net/ip/net_context.c

@@ -2666,53 +2666,25 @@ static int context_sendto(struct net_context *context,
 
 		net_pkt_cursor_init(pkt);
 
-		if (net_context_get_proto(context) == IPPROTO_RAW) {
-			char type = (NET_IPV6_HDR(pkt)->vtc & 0xf0);
-			struct sockaddr_ll *ll_addr;
-
-			/* Set the family to pkt if detected */
-			switch (type) {
-			case 0x60:
-				net_pkt_set_family(pkt, AF_INET6);
-				net_pkt_set_ll_proto_type(pkt, NET_ETH_PTYPE_IPV6);
-				break;
-			case 0x40:
-				net_pkt_set_family(pkt, AF_INET);
-				net_pkt_set_ll_proto_type(pkt, NET_ETH_PTYPE_IP);
-				break;
-			default:
-				/* Not IP traffic, let it go forward as it is */
-				ll_addr = (struct sockaddr_ll *)dst_addr;
-
-				net_pkt_set_ll_proto_type(pkt,
-							  ntohs(ll_addr->sll_protocol));
-				break;
-			}
+		struct sockaddr_ll_ptr *ll_src_addr;
+		struct sockaddr_ll *ll_dst_addr;
 
-			/* Pass to L2: */
-			ret = net_try_send_data(pkt, timeout);
-		} else {
-			struct sockaddr_ll_ptr *ll_src_addr;
-			struct sockaddr_ll *ll_dst_addr;
-
-			/* The destination address is set in remote for this
-			 * socket type.
-			 */
-			ll_dst_addr = (struct sockaddr_ll *)&context->remote;
-			ll_src_addr = (struct sockaddr_ll_ptr *)&context->local;
+		/* The destination address is set in remote for this
+		 * socket type.
+		 */
+		ll_dst_addr = (struct sockaddr_ll *)&context->remote;
+		ll_src_addr = (struct sockaddr_ll_ptr *)&context->local;
 
-			(void)net_linkaddr_set(net_pkt_lladdr_dst(pkt),
-					       ll_dst_addr->sll_addr,
-					       sizeof(struct net_eth_addr));
-			(void)net_linkaddr_set(net_pkt_lladdr_src(pkt),
-					       ll_src_addr->sll_addr,
-					       sizeof(struct net_eth_addr));
+		(void)net_linkaddr_set(net_pkt_lladdr_dst(pkt),
+				       ll_dst_addr->sll_addr,
+				       sizeof(struct net_eth_addr));
+		(void)net_linkaddr_set(net_pkt_lladdr_src(pkt),
+				       ll_src_addr->sll_addr,
+				       sizeof(struct net_eth_addr));
 
-			net_pkt_set_ll_proto_type(pkt,
-						  ntohs(ll_dst_addr->sll_protocol));
+		net_pkt_set_ll_proto_type(pkt, ntohs(ll_dst_addr->sll_protocol));
 
-			net_if_try_queue_tx(net_pkt_iface(pkt), pkt, timeout);
-		}
+		net_if_try_queue_tx(net_pkt_iface(pkt), pkt, timeout);
 	} else if (IS_ENABLED(CONFIG_NET_SOCKETS_CAN) && family == AF_CAN &&
 		   net_context_get_proto(context) == CAN_RAW) {
 		ret = context_write_data(pkt, buf, len, msghdr);

subsys/net/ip/net_core.c

@@ -127,13 +127,6 @@ static inline enum net_verdict process_data(struct net_pkt *pkt,
 
 	if (IS_ENABLED(CONFIG_NET_IP) && (family == AF_INET || family == AF_INET6 ||
 					  family == AF_UNSPEC || family == AF_PACKET)) {
-		/* L2 processed, now we can pass IPPROTO_RAW to packet socket:
-		 */
-		ret = net_packet_socket_input(pkt, IPPROTO_RAW);
-		if (ret != NET_CONTINUE) {
-			return ret;
-		}
-
 		/* IP version and header length. */
 		uint8_t vtc_vhl = NET_IPV6_HDR(pkt)->vtc & 0xf0;
 

subsys/net/ip/net_if.c

@@ -505,13 +505,6 @@ enum net_verdict net_if_try_send_data(struct net_if *iface, struct net_pkt *pkt,
 	}
 #endif
 
-	/* Bypass the IP stack with SOCK_RAW/IPPROTO_RAW sockets */
-	if (IS_ENABLED(CONFIG_NET_SOCKETS_PACKET) &&
-	    context && net_context_get_type(context) == SOCK_RAW &&
-	    net_context_get_proto(context) == IPPROTO_RAW) {
-		goto done;
-	}
-
 	/* Bypass the IP stack with AF_INET(6)/SOCK_RAW */
 	if (context && net_context_get_type(context) == SOCK_RAW &&
 	    (net_context_get_family(context) == AF_INET ||

subsys/net/lib/sockets/sockets_packet.c

@@ -51,11 +51,7 @@ static int zpacket_socket(int family, int type, int proto)
 		return -1;
 	}
 
-	if (proto == 0) {
-		if (type == SOCK_RAW) {
-			proto = IPPROTO_RAW;
-		}
-	} else {
+	if (proto != 0) {
 		/* For example in Linux, the protocol parameter can be given
 		 * as htons(ETH_P_ALL) to receive all the network packets.
 		 * So convert the proto field back to host byte order so that
@@ -492,11 +488,10 @@ static bool packet_is_supported(int family, int type, int proto)
 		proto = ntohs(proto);
 		return proto == ETH_P_ALL
 		  || proto == ETH_P_ECAT
-		  || proto == ETH_P_IEEE802154
-		  || proto == IPPROTO_RAW;
+		  || proto == ETH_P_IEEE802154;
 
 	case SOCK_DGRAM:
-		return proto > 0;
+		return true;
 
 	default:
 		return false;