From: Fu Siyuan <siyuan.fu@intel.com>
To: edk2-devel@lists.01.org
Cc: Ye Ting <ting.ye@intel.com>, Zhang Lubo <lubo.zhang@intel.com>,
Wu Jiaxin <jiaxin.wu@intel.com>
Subject: [PATCH v2 3/3] NetworkPkg: Update IP4 stack drivers for classless address unicast check.
Date: Thu, 27 Oct 2016 18:51:39 +0800 [thread overview]
Message-ID: <1477565499-11764-4-git-send-email-siyuan.fu@intel.com> (raw)
In-Reply-To: <1477565499-11764-1-git-send-email-siyuan.fu@intel.com>
V2 update:
Keep the zero address and broadcast check if network mask is not available.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
---
NetworkPkg/IScsiDxe/IScsiConfig.c | 16 ++++++++++----
NetworkPkg/TcpDxe/TcpMain.c | 6 ++---
NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c | 40 +++++++++++++++++++++++-----------
NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c | 4 +++-
4 files changed, 45 insertions(+), 21 deletions(-)
diff --git a/NetworkPkg/IScsiDxe/IScsiConfig.c b/NetworkPkg/IScsiDxe/IScsiConfig.c
index 16a90a6..57571ad 100644
--- a/NetworkPkg/IScsiDxe/IScsiConfig.c
+++ b/NetworkPkg/IScsiDxe/IScsiConfig.c
@@ -164,7 +164,10 @@ IpIsUnicast (
)
{
if (IpMode == IP_MODE_IP4) {
- return NetIp4IsUnicast (NTOHL (Ip->Addr[0]), 0);
+ if (IP4_IS_UNSPECIFIED (NTOHL (Ip->Addr[0])) || IP4_IS_LOCAL_BROADCAST (NTOHL (Ip->Addr[0]))) {
+ return FALSE;
+ }
+ return TRUE;
} else if (IpMode == IP_MODE_IP6) {
return NetIp6IsValidUnicast (&Ip->v6);
} else {
@@ -2349,7 +2352,9 @@ IScsiFormCallback (
case KEY_LOCAL_IP:
Status = NetLibStrToIp4 (IfrNvData->LocalIp, &HostIp.v4);
- if (EFI_ERROR (Status) || !NetIp4IsUnicast (NTOHL (HostIp.Addr[0]), 0)) {
+ if (EFI_ERROR (Status) ||
+ ((Private->Current->SessionConfigData.SubnetMask.Addr[0] != 0) &&
+ !NetIp4IsUnicast (NTOHL (HostIp.Addr[0]), NTOHL(*(UINT32*)Private->Current->SessionConfigData.SubnetMask.Addr)))) {
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
@@ -2383,7 +2388,10 @@ IScsiFormCallback (
case KEY_GATE_WAY:
Status = NetLibStrToIp4 (IfrNvData->Gateway, &Gateway.v4);
- if (EFI_ERROR (Status) || ((Gateway.Addr[0] != 0) && !NetIp4IsUnicast (NTOHL (Gateway.Addr[0]), 0))) {
+ if (EFI_ERROR (Status) ||
+ ((Gateway.Addr[0] != 0) &&
+ (Private->Current->SessionConfigData.SubnetMask.Addr[0] != 0) &&
+ !NetIp4IsUnicast (NTOHL (Gateway.Addr[0]), NTOHL(*(UINT32*)Private->Current->SessionConfigData.SubnetMask.Addr)))) {
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
@@ -2400,7 +2408,7 @@ IScsiFormCallback (
case KEY_TARGET_IP:
UnicodeStrToAsciiStrS (IfrNvData->TargetIp, IpString, sizeof (IpString));
Status = IScsiAsciiStrToIp (IpString, IfrNvData->IpMode, &HostIp);
- if (EFI_ERROR (Status) || !IpIsUnicast (&HostIp, IfrNvData->IpMode)) {
+ if (EFI_ERROR (Status) || IP4_IS_LOCAL_BROADCAST (EFI_NTOHL(HostIp.v4)) || IP4_IS_UNSPECIFIED (EFI_NTOHL(HostIp.v4))) {
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
diff --git a/NetworkPkg/TcpDxe/TcpMain.c b/NetworkPkg/TcpDxe/TcpMain.c
index 96a295a..03942ee 100644
--- a/NetworkPkg/TcpDxe/TcpMain.c
+++ b/NetworkPkg/TcpDxe/TcpMain.c
@@ -147,10 +147,10 @@ Tcp4Configure (
if (NULL != TcpConfigData) {
CopyMem (&Ip, &TcpConfigData->AccessPoint.RemoteAddress, sizeof (IP4_ADDR));
- if ((Ip != 0) && !NetIp4IsUnicast (NTOHL (Ip), 0)) {
+ if (IP4_IS_LOCAL_BROADCAST (NTOHL (Ip))) {
return EFI_INVALID_PARAMETER;
}
-
+
if (TcpConfigData->AccessPoint.ActiveFlag && (0 == TcpConfigData->AccessPoint.RemotePort || (Ip == 0))) {
return EFI_INVALID_PARAMETER;
}
@@ -159,7 +159,7 @@ Tcp4Configure (
CopyMem (&Ip, &TcpConfigData->AccessPoint.StationAddress, sizeof (IP4_ADDR));
CopyMem (&SubnetMask, &TcpConfigData->AccessPoint.SubnetMask, sizeof (IP4_ADDR));
- if (!NetIp4IsUnicast (NTOHL (Ip), 0) || !IP4_IS_VALID_NETMASK (NTOHL (SubnetMask))) {
+ if (!IP4_IS_VALID_NETMASK (NTOHL (SubnetMask)) || !NetIp4IsUnicast (NTOHL (Ip), NTOHL (SubnetMask))) {
return EFI_INVALID_PARAMETER;
}
}
diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c b/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
index c7c5bd6..52095c5 100644
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
@@ -856,8 +856,7 @@ EfiPxeBcMtftp (
(BufferSize == NULL) ||
(ServerIp == NULL) ||
((BufferPtr == NULL) && DontUseBuffer) ||
- ((BlockSize != NULL) && (*BlockSize < PXE_MTFTP_DEFAULT_BLOCK_SIZE)) ||
- (!NetIp4IsUnicast (NTOHL (ServerIp->Addr[0]), 0) && !NetIp6IsValidUnicast (&ServerIp->v6))) {
+ ((BlockSize != NULL) && (*BlockSize < PXE_MTFTP_DEFAULT_BLOCK_SIZE))) {
return EFI_INVALID_PARAMETER;
}
@@ -867,6 +866,16 @@ EfiPxeBcMtftp (
Mode = Private->PxeBc.Mode;
if (Mode->UsingIpv6) {
+ if (!NetIp6IsValidUnicast (&ServerIp->v6)) {
+ return EFI_INVALID_PARAMETER;
+ }
+ } else {
+ if (IP4_IS_UNSPECIFIED (NTOHL (ServerIp->Addr[0])) || IP4_IS_LOCAL_BROADCAST (NTOHL (ServerIp->Addr[0]))) {
+ return EFI_INVALID_PARAMETER;
+ }
+ }
+
+ if (Mode->UsingIpv6) {
//
// Set configuration data for Mtftp6 instance.
//
@@ -1076,7 +1085,7 @@ EfiPxeBcUdpWrite (
DoNotFragment = TRUE;
}
- if (!Mode->UsingIpv6 && GatewayIp != NULL && !NetIp4IsUnicast (NTOHL (GatewayIp->Addr[0]), 0)) {
+ if (!Mode->UsingIpv6 && GatewayIp != NULL && !NetIp4IsUnicast (NTOHL (GatewayIp->Addr[0]), EFI_NTOHL(Mode->SubnetMask))) {
//
// Gateway is provided but it's not a unicast IPv4 address, while it will be ignored for IPv6.
//
@@ -1587,13 +1596,16 @@ EfiPxeBcSetIpFilter (
//
return EFI_INVALID_PARAMETER;
}
- if ((NewFilter->Filters & EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP) != 0 &&
- (NetIp4IsUnicast (EFI_IP4 (NewFilter->IpList[Index].v4), 0) ||
- NetIp6IsValidUnicast (&NewFilter->IpList[Index].v6))) {
- //
- // If EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP is set and IPv4/IPv6 address
- // is in IpList, promiscuous mode is needed.
- //
+ if (Mode->UsingIpv6) {
+ if ((NewFilter->Filters & EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP) != 0 &&
+ NetIp6IsValidUnicast (&NewFilter->IpList[Index].v6)) {
+ NeedPromiscuous = TRUE;
+ }
+ } else if ((EFI_NTOHL(Mode->StationIp) != 0) &&
+ (EFI_NTOHL(Mode->SubnetMask) != 0) &&
+ IP4_NET_EQUAL(EFI_NTOHL(Mode->StationIp), EFI_NTOHL(NewFilter->IpList[Index].v4), EFI_NTOHL(Mode->SubnetMask.v4)) &&
+ NetIp4IsUnicast (EFI_IP4 (NewFilter->IpList[Index].v4), EFI_NTOHL(Mode->SubnetMask)) &&
+ ((NewFilter->Filters & EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP) != 0)) {
NeedPromiscuous = TRUE;
}
}
@@ -1987,9 +1999,7 @@ EfiPxeBcSetStationIP (
return EFI_INVALID_PARAMETER;
}
- if (NewStationIp != NULL &&
- (!NetIp4IsUnicast (NTOHL (NewStationIp->Addr[0]), 0) &&
- !NetIp6IsValidUnicast (&NewStationIp->v6))) {
+ if (NewStationIp != NULL && !NetIp6IsValidUnicast (&NewStationIp->v6)) {
return EFI_INVALID_PARAMETER;
}
@@ -2003,6 +2013,10 @@ EfiPxeBcSetStationIP (
return EFI_INVALID_PARAMETER;
}
+ if (!Mode->UsingIpv6 && NewStationIp != NULL && !NetIp4IsUnicast (NTOHL (NewStationIp->Addr[0]), NTOHL (NewSubnetMask->Addr[0]))) {
+ return EFI_INVALID_PARAMETER;
+ }
+
if (!Mode->Started) {
return EFI_NOT_STARTED;
}
diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c b/NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c
index 3ea9518..00c652d 100644
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c
@@ -258,7 +258,9 @@ PxeBcIcmpErrorDpcHandle (
}
if (EFI_IP4 (RxData->Header->SourceAddress) != 0 &&
- !NetIp4IsUnicast (EFI_NTOHL (RxData->Header->SourceAddress), 0)) {
+ (NTOHL (Mode->SubnetMask.Addr[0]) != 0) &&
+ IP4_NET_EQUAL (NTOHL(Mode->StationIp.Addr[0]), EFI_NTOHL (RxData->Header->SourceAddress), NTOHL (Mode->SubnetMask.Addr[0])) &&
+ !NetIp4IsUnicast (EFI_NTOHL (RxData->Header->SourceAddress), NTOHL (Mode->SubnetMask.Addr[0]))) {
//
// The source address of the received packet should be a valid unicast address.
//
--
2.7.4.windows.1
next prev parent reply other threads:[~2016-10-27 10:51 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-27 10:51 [PATCH v2 0/3] classless address network unicast check Fu Siyuan
2016-10-27 10:51 ` [PATCH v2 1/3] MdeModulePkg: Update NetLib interface to support classless addressing Fu Siyuan
2016-10-28 2:52 ` Wu, Jiaxin
2016-10-27 10:51 ` [PATCH v2 2/3] MdeModulePkg: Update IP4 stack drivers for classless address unicast check Fu Siyuan
2016-10-28 2:52 ` Wu, Jiaxin
2016-10-27 10:51 ` Fu Siyuan [this message]
2016-10-28 2:52 ` [PATCH v2 3/3] NetworkPkg: " Wu, Jiaxin
2016-10-28 2:51 ` [PATCH v2 0/3] classless address network " Ye, Ting
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1477565499-11764-4-git-send-email-siyuan.fu@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox