[ip6] deliver multicast to host if not from there

[bukepo]

This commit filter out multicast traffic to host if they came from there, so
that a multicast packet will not be processed twice on host.

[size-report]

Size Report of OpenThread

Merging #9817 into main(9d6321b).

name	branch	text	data	bss	total
ot-cli-ftd	main	466848	760	66356	533964
	#9817	466864	760	66356	533980
	+/-	+16	0	0	+16
ot-ncp-ftd	main	436164	760	61568	498492
	#9817	436196	760	61568	498524
	+/-	+32	0	0	+32
libopenthread-ftd.a	main	235881	0	40302	276183
	#9817	235901	0	40302	276203
	+/-	+20	0	0	+20
libopenthread-cli-ftd.a	main	57342	0	8075	65417
	#9817	57342	0	8075	65417
	+/-	0	0	0	0
libopenthread-ncp-ftd.a	main	31857	0	5916	37773
	#9817	31857	0	5916	37773
	+/-	0	0	0	0
ot-cli-mtd	main	364808	760	51220	416788
	#9817	364824	760	51220	416804
	+/-	+16	0	0	+16
ot-ncp-mtd	main	347372	760	46448	394580
	#9817	347388	760	46448	394596
	+/-	+16	0	0	+16
libopenthread-mtd.a	main	158395	0	25182	183577
	#9817	158411	0	25182	183593
	+/-	+16	0	0	+16
libopenthread-cli-mtd.a	main	39775	0	8059	47834
	#9817	39775	0	8059	47834
	+/-	0	0	0	0
libopenthread-ncp-mtd.a	main	24737	0	5916	30653
	#9817	24737	0	5916	30653
	+/-	0	0	0	0
ot-cli-ftd-br	main	535864	768	130900	667532
	#9817	535880	768	130900	667548
	+/-	+16	0	0	+16
libopenthread-ftd-br.a	main	299372	5	104822	404199
	#9817	299388	5	104822	404215
	+/-	+16	0	0	+16
libopenthread-cli-ftd-br.a	main	70975	0	8099	79074
	#9817	70975	0	8099	79074
	+/-	0	0	0	0
ot-rcp	main	62248	564	20604	83416
	#9817	62248	564	20604	83416
	+/-	0	0	0	0
libopenthread-rcp.a	main	9542	0	5052	14594
	#9817	9542	0	5052	14594
	+/-	0	0	0	0
libopenthread-radio.a	main	18821	0	214	19035
	#9817	18821	0	214	19035
	+/-	0	0	0	0

[abtink]

The existing code would not apply any check on origin. So we would have forwarded a message originating from host back to host when GetDestination().IsMulticastLargerThanRealmLocal() and now we wont? Should we keep this behavior unchanged?

I think the main change we want is to allow all multicast traffic to be passed to host (not just IsMulticastLargerThanRealmLocal()), so how about this?

Suggested change

	forwardHost = !aMessagePtr->IsOriginHostUntrusted();
	forwardHost = true;

[bukepo]

@librasungirl I'm afraid passing a packet originated from host back to host would cause infinite loop or duplicate packets being forwarded. Do we have a known use case for delivering packets back to the host?

[abtink]

We have APIs that allow caller to specify the "multicast loop" desired behavior (per messages) -> otMessageSetLoopbackToHostAllowed().

Do we have a known use case for delivering packets back to the host?

I don't know about exact use-cases but I expect there may be some.

• There were some discussions on this specific behavior here -> Potential incorrect handling of outgoing multicast packets #9489
• So I suggest not changing existing behavior, in particular regarding how the "larger than realm local" multicast msg from host are handled. Today, we allow them to be passed back to host (assuming otMessageSetLoopbackToHostAllowed is set).

[bukepo]

For multicast loop, I think the host stack should handle it by enabling the IPV6_MULTICAST_LOOP on the socket that desires the behavior. We don't need to pass back a packet to the host again, as it may conflict with the host stack configuration. Thoughts?

[bukepo]

I checked otMessageSetLoopbackToHostAllowed() is currently used in src/posix/platform/netif.cpp. @superwhd @librasungirl @wgtdkp is this necessary? Actually I suspect this would result in duplicate messages (scope larger than realm local) being processed by sockets in the host.

[abtink]

For multicast loop, I think the host stack should handle it by enabling the IPV6_MULTICAST_LOOP on the socket that desires the behavior.

I guess this can work for posix, but OT may be used with other OS/stacks. The #9489 talks about Zephyr and multicast use. I suggested a similar suggestion to what you have in mind here in this comment #9489 (comment) but the API is added now to support this.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 81.97%. Comparing base (9d6321b) to head (70b4c85).

❗ Current head 70b4c85 differs from pull request most recent head 8836d1b. Consider uploading reports for the commit 8836d1b to get more accurate results

Additional details and impacted files

@@             Coverage Diff             @@
##             main    #9817       +/-   ##
===========================================
+ Coverage   67.32%   81.97%   +14.64%     
===========================================
  Files         485      524       +39     
  Lines       58556    66160     +7604     
===========================================
+ Hits        39423    54232    +14809     
+ Misses      19133    11928     -7205     

Files	Coverage Δ
src/core/net/ip6.cpp	75.69% <100.00%> (+17.38%)	⬆️

... and 484 files with indirect coverage changes

[abtink]

@bukepo an idea/suggestion on this:

I think this PR is doing two conceptual changes at the same time (they are actually part of the same line of code 😃):

1. We want to allow received link-local/mesh-local multicast traffic to be passed to host.
2. It is also adding the !aMessagePtr->IsOriginHostUntrusted(); to not allow multicast messages originating from host to be passed back to host.

How about breaking this into two separate PRs?

I feel first one change is perfectly fine (it is added/new function/behavior ) but the second one may require more consideration (may conflict with otMessageSetLoopbackToHostAllowed and cause backward compatibility).

[bukepo]

@bukepo an idea/suggestion on this:

I think this PR is doing two conceptual changes at the same time (they are actually part of the same line of code 😃):

1. We want to allow received link-local/mesh-local multicast traffic to be passed to host.
2. It is also adding the !aMessagePtr->IsOriginHostUntrusted(); to not allow multicast messages originating from host to be passed back to host.

How about breaking this into two separate PRs?

I feel first one change is perfectly fine (it is added/new function/behavior ) but the second one may require more consideration (may conflict with otMessageSetLoopbackToHostAllowed and cause backward compatibility).

Sounds good! Created #9824 as a temporary fix to the original issue in connectedhomeip. We can continue the discussion here.