[cli] add cli toggle so reference devices with platform udp can forwa…

…rd custom tmf messages from host Reference devices that are part of the Thread test harness construct CoAP packets sent on TMF port 61631 for certain tests, for example in the 5.9.x series where they have to force address errors (a/ae) for duplicate DUA or re-registration tests. These tests started to fail when reference device firmware was updated recently to a newer OpenThread stack that included the change in openthread#9437. Example: ``` udp send fd00:db9:0:0:0:ff:fe00:5000 61631 -x 4102d63697b16e02646eff0401010010fd007d037d037d0389c3a350cdcf36e0' Ip6-----------: Dropping TMF message from untrusted origin ``` For certification purposes, we are adding a cli toggle that can let reference devices (with platform udp enabled) send and forward these custom TMF messages from the host.
SiliconLabs · Apr 16, 2024 · fda005e · fda005e
1 parent 43cb7a0
commit fda005e
Show file tree

Hide file tree

Showing 7 changed files with 106 additions and 3 deletions.
diff --git a/include/openthread/instance.h b/include/openthread/instance.h
@@ -53,7 +53,7 @@ extern "C" {
  * @note This number versions both OpenThread platform and user APIs.
  *
  */
-#define OPENTHREAD_API_VERSION (404)
+#define OPENTHREAD_API_VERSION (405)
 
 /**
  * @addtogroup api-instance

diff --git a/include/openthread/thread_ftd.h b/include/openthread/thread_ftd.h
@@ -851,6 +851,24 @@ void otThreadSetCcmEnabled(otInstance *aInstance, bool aEnabled);
  */
 void otThreadSetThreadVersionCheckEnabled(otInstance *aInstance, bool aEnabled);
 
+/**
+ * Sets whether custom messages on the TMF port are allowed from the host.
+ *
+ * When `OPENTHREAD_CONFIG_PLATFORM_UDP_ENABLE` is enabled, messages sent on the TMF port are forwarded to the
+ * host stack and so they are only trusted when they originate from a trusted source, such as the Thread interface.
+ *
+ * When this check is disabled, custom messages sent on the TMF port that originate on the host or CLI will be
+ * trusted.
+ *
+ * @note This API requires `OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE` and `OPENTHREAD_CONFIG_PLATFORM_UDP_ENABLE`,
+ * and is only used by Thread Test Harness to test network behavior by sending custom TMF messages.
+ *
+ * @param[in]  aInstance  A pointer to an OpenThread instance.
+ * @param[in]  aEnabled   TRUE to enable trusted host check, FALSE otherwise.
+ *
+ */
+void otThreadSetTmfHostCheckEnabled(otInstance *aInstance, bool aEnabled);
+
 /**
  * Gets the range of router IDs that are allowed to assign to nodes within the thread network.
  *

diff --git a/src/cli/README.md b/src/cli/README.md
@@ -123,6 +123,7 @@ Done
 - [tcp](README_TCP.md)
 - [thread](#thread-start)
 - [timeinqueue](#timeinqueue)
+- [tmfhostcheck](#tmfhostcheck-enable)
 - [trel](#trel)
 - [tvcheck](#tvcheck-enable)
 - [txpower](#txpower)
@@ -3728,6 +3729,32 @@ Reset the TX queue time-in-queue statistics.
 Done
 ```
 
+### tmfhostcheck enable
+
+Enable TMF trusted host check when attempting to send custom messages on the TMF port from the host.
+
+Note: Trusted host check is enabled by default.
+
+`OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE` and `OPENTHREAD_CONFIG_PLATFORM_UDP_ENABLE` are required.
+
+```bash
+> tmfhostcheck enable
+Done
+```
+
+### tmfhostcheck disable
+
+Disable TMF trusted host check when attempting to send custom messages on the TMF port from the host.
+
+Note: Trusted host check is enabled by default.
+
+`OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE` and `OPENTHREAD_CONFIG_PLATFORM_UDP_ENABLE` are required.
+
+```bash
+> tmfhostcheck disable
+Done
+```
+
 ### trel
 
 Indicate whether TREL radio operation is enabled or not.
@@ -3821,7 +3848,7 @@ Done
 
 ### tvcheck disable
 
-Enable thread version check when upgrading to router or leader.
+Disable thread version check when upgrading to router or leader.
 
 Note: Thread version check is enabled by default.
 

diff --git a/src/cli/cli.cpp b/src/cli/cli.cpp
@@ -1251,6 +1251,31 @@ template <> otError Interpreter::Process<Cmd("ccm")>(Arg aArgs[])
     return ProcessEnableDisable(aArgs, otThreadSetCcmEnabled);
 }
 
+#if OPENTHREAD_CONFIG_PLATFORM_UDP_ENABLE
+/**
+ * @cli tmfhostcheck (enable,disable)
+ * @code
+ * tmfhostcheck enable
+ * Done
+ * @endcode
+ * @code
+ * tmfhostcheck disable
+ * Done
+ * @endcode
+ * @par
+ * Enables or disables the TMF trusted host check when attempting to send
+ * custom messages on the TMF port from the host.
+ * This check is enabled by default.
+ * @note `OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE` and `OPENTHREAD_CONFIG_PLATFORM_UDP_ENABLE`
+ * are required.
+ * @sa otThreadSetTmfHostCheckEnabled
+ */
+template <> otError Interpreter::Process<Cmd("tmfhostcheck")>(Arg aArgs[])
+{
+    return ProcessEnableDisable(aArgs, otThreadSetTmfHostCheckEnabled);
+}
+#endif
+
 /**
  * @cli tvcheck (enable,disable)
  * @code
@@ -8702,6 +8727,9 @@ otError Interpreter::ProcessCommand(Arg aArgs[])
 #if OPENTHREAD_CONFIG_TX_QUEUE_STATISTICS_ENABLE
         CmdEntry("timeinqueue"),
 #endif
+#if OPENTHREAD_FTD && OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE && OPENTHREAD_CONFIG_PLATFORM_UDP_ENABLE
+        CmdEntry("tmfhostcheck"),
+#endif
 #if OPENTHREAD_CONFIG_RADIO_LINK_TREL_ENABLE
         CmdEntry("trel"),
 #endif

diff --git a/src/core/api/thread_ftd_api.cpp b/src/core/api/thread_ftd_api.cpp
@@ -388,6 +388,13 @@ void otThreadSetThreadVersionCheckEnabled(otInstance *aInstance, bool aEnabled)
     AsCoreType(aInstance).Get<Mle::MleRouter>().SetThreadVersionCheckEnabled(aEnabled);
 }
 
+#if OPENTHREAD_CONFIG_PLATFORM_UDP_ENABLE
+void otThreadSetTmfHostCheckEnabled(otInstance *aInstance, bool aEnabled)
+{
+    AsCoreType(aInstance).Get<Ip6::Ip6>().SetTmfHostCheckEnabled(aEnabled);
+}
+#endif
+
 void otThreadGetRouterIdRange(otInstance *aInstance, uint8_t *aMinRouterId, uint8_t *aMaxRouterId)
 {
     AssertPointerIsNotNull(aMinRouterId);

diff --git a/src/core/net/ip6.cpp b/src/core/net/ip6.cpp
@@ -75,6 +75,9 @@ Ip6::Ip6(Instance &aInstance)
 #if OPENTHREAD_CONFIG_TCP_ENABLE
     , mTcp(aInstance)
 #endif
+#if OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE && OPENTHREAD_CONFIG_PLATFORM_UDP_ENABLE
+    , mTmfHostCheckEnabled(true)
+#endif
 {
 #if OPENTHREAD_CONFIG_IP6_BR_COUNTERS_ENABLE
     ResetBorderRoutingCounters();
@@ -1239,7 +1242,11 @@ Error Ip6::HandleDatagram(OwnedPtr<Message> aMessagePtr, bool aIsReassembled)
                 error = aMessagePtr->Read(aMessagePtr->GetOffset() + Udp::Header::kDestPortFieldOffset, destPort));
             destPort = BigEndian::HostSwap16(destPort);
 
-            if (destPort == Tmf::kUdpPort)
+            if (destPort == Tmf::kUdpPort
+#if OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE && OPENTHREAD_CONFIG_PLATFORM_UDP_ENABLE
+                && mTmfHostCheckEnabled
+#endif
+                )
             {
                 LogNote("Dropping TMF message from untrusted origin");
                 ExitNow(error = kErrorDrop);

diff --git a/src/core/net/ip6.hpp b/src/core/net/ip6.hpp
@@ -350,6 +350,18 @@ class Ip6 : public InstanceLocator, private NonCopyable
     void ResetBorderRoutingCounters(void) { ClearAllBytes(mBorderRoutingCounters); }
 #endif
 
+#if OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE && OPENTHREAD_CONFIG_PLATFORM_UDP_ENABLE
+
+    /**
+     * Sets whether custom messages on the TMF port are allowed from the host.
+     *
+     * @param[in]  aEnabled  TRUE to enable trusted host check, FALSE otherwise.
+     *
+     */
+    void SetTmfHostCheckEnabled(bool aEnabled) { mTmfHostCheckEnabled = aEnabled; }
+
+#endif // OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE && OPENTHREAD_CONFIG_PLATFORM_UDP_ENABLE
+
 private:
     static constexpr uint8_t kDefaultHopLimit      = OPENTHREAD_CONFIG_IP6_HOP_LIMIT_DEFAULT;
     static constexpr uint8_t kIp6ReassemblyTimeout = OPENTHREAD_CONFIG_IP6_REASSEMBLY_TIMEOUT;
@@ -419,6 +431,10 @@ class Ip6 : public InstanceLocator, private NonCopyable
     Tcp mTcp;
 #endif
 
+#if OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE && OPENTHREAD_CONFIG_PLATFORM_UDP_ENABLE
+    bool mTmfHostCheckEnabled : 1;
+#endif
+
 #if OPENTHREAD_CONFIG_IP6_FRAGMENTATION_ENABLE
     MessageQueue mReassemblyList;
 #endif