[PATCH v2 0/3] classless address network unicast check

[PATCH v2 0/3] classless address network unicast check

[Fu Siyuan]

V2 update:
Keep the zero address and broadcast check if network mask is not available.

The classful addressing (IP class A/B/C) has been deprecated according to
RFC4632. This patch updates the NetLib and network drivers for the unicast
check in classless network.

Fu Siyuan (3):
  MdeModulePkg: Update NetLib interface to support classless addressing.
  MdeModulePkg: Update IP4 stack drivers for classless address unicast
    check.
  NetworkPkg: Update IP4 stack drivers for classless address unicast
    check.

 MdeModulePkg/Include/Library/IpIoLib.h             |  4 ++-
 MdeModulePkg/Include/Library/NetLib.h              | 23 ++++++++-----
 MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.c       |  9 ++++-
 MdeModulePkg/Library/DxeNetLib/DxeNetLib.c         | 26 +++++++-------
 MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c    |  4 +--
 .../Universal/Network/Dhcp4Dxe/Dhcp4Impl.c         | 28 ++-------------
 MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Io.c  |  6 +---
 .../Universal/Network/IScsiDxe/IScsiConfig.c       | 15 +++++---
 .../Universal/Network/Ip4Dxe/Ip4Config2Impl.c      |  9 +++--
 .../Universal/Network/Ip4Dxe/Ip4Config2Nv.c        | 24 ++++++-------
 MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c      |  7 +---
 .../Universal/Network/Mtftp4Dxe/Mtftp4Impl.c       |  8 ++---
 MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Main.c  |  6 ++--
 MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Impl.c  |  9 +++--
 MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Main.c  |  8 ++---
 .../Universal/Network/UefiPxeBcDxe/PxeBcImpl.c     | 24 ++++++++-----
 NetworkPkg/IScsiDxe/IScsiConfig.c                  | 16 ++++++---
 NetworkPkg/TcpDxe/TcpMain.c                        |  6 ++--
 NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c                | 40 +++++++++++++++-------
 NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c             |  4 ++-
 20 files changed, 146 insertions(+), 130 deletions(-)

-- 
2.7.4.windows.1

[PATCH v2 1/3] MdeModulePkg: Update NetLib interface to support classless addressing.

[Fu Siyuan]

V2:
Add macro IP4_IS_UNSPECIFIED.

The classful addressing (IP class A/B/C) has been deprecated according to
RFC4632. This patch updates the NetLib NetGetIpClass() and NetIp4IsUnicast()
accordingly.

NetGetIpClass()
The function is kept for compatibility, while the caller of this function
could only check the returned value against with IP4_ADDR_CLASSD (multicast)
or IP4_ADDR_CLASSE (reserved) now. The function has been updated to note this.

NetIp4IsUnicast()
The NetMask becomes a required parameter to check the unicast address.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
---
 MdeModulePkg/Include/Library/NetLib.h      | 23 ++++++++++++++---------
 MdeModulePkg/Library/DxeNetLib/DxeNetLib.c | 26 ++++++++++++--------------
 2 files changed, 26 insertions(+), 23 deletions(-)

diff --git a/MdeModulePkg/Include/Library/NetLib.h b/MdeModulePkg/Include/Library/NetLib.h
index c5c0fc2..26709af 100644
--- a/MdeModulePkg/Include/Library/NetLib.h
+++ b/MdeModulePkg/Include/Library/NetLib.h
@@ -43,9 +43,9 @@ typedef UINT16          TCP_PORTNO;
 //
 // The address classification
 //
-#define  IP4_ADDR_CLASSA       1
-#define  IP4_ADDR_CLASSB       2
-#define  IP4_ADDR_CLASSC       3
+#define  IP4_ADDR_CLASSA       1     // Deprecated
+#define  IP4_ADDR_CLASSB       2     // Deprecated
+#define  IP4_ADDR_CLASSC       3     // Deprecated
 #define  IP4_ADDR_CLASSD       4
 #define  IP4_ADDR_CLASSE       5
 
@@ -231,6 +231,7 @@ typedef struct {
 // Test the IP's attribute, All the IPs are in host byte order.
 //
 #define IP4_IS_MULTICAST(Ip)              (((Ip) & 0xF0000000) == 0xE0000000)
+#define IP4_IS_UNSPECIFIED(Ip)            ((Ip) == 0)
 #define IP4_IS_LOCAL_BROADCAST(Ip)        ((Ip) == 0xFFFFFFFF)
 #define IP4_NET_EQUAL(Ip1, Ip2, NetMask)  (((Ip1) & (NetMask)) == ((Ip2) & (NetMask)))
 #define IP4_IS_VALID_NETMASK(Ip)          (NetGetMaskLength (Ip) != (IP4_MASK_MAX + 1))
@@ -379,6 +380,11 @@ NetGetMaskLength (
   Return the class of the IP address, such as class A, B, C.
   Addr is in host byte order.
 
+  [ATTENTION]
+  Classful addressing (IP class A/B/C) has been deprecated according to RFC4632.
+  Caller of this function could only check the returned value against
+  IP4_ADDR_CLASSD (multicast) or IP4_ADDR_CLASSE (reserved) now.
+
   The address of class A  starts with 0.
   If the address belong to class A, return IP4_ADDR_CLASSA.
   The address of class B  starts with 10.
@@ -404,17 +410,16 @@ NetGetIpClass (
 
 /**
   Check whether the IP is a valid unicast address according to
-  the netmask. If NetMask is zero, use the IP address's class to get the default mask.
+  the netmask. 
 
-  If Ip is 0, IP is not a valid unicast address.
-  Class D address is used for multicasting and class E address is reserved for future. If Ip
-  belongs to class D or class E, Ip is not a valid unicast address.
-  If all bits of the host address of Ip are 0 or 1, Ip is not a valid unicast address.
+  ASSERT if NetMask is zero.
+  
+  If all bits of the host address of IP are 0 or 1, IP is also not a valid unicast address.
 
   @param[in]  Ip                    The IP to check against.
   @param[in]  NetMask               The mask of the IP.
 
-  @return TRUE if Ip is a valid unicast address on the network, otherwise FALSE.
+  @return TRUE if IP is a valid unicast address on the network, otherwise FALSE.
 
 **/
 BOOLEAN
diff --git a/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c b/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
index 148bebf..f520845 100644
--- a/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
+++ b/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
@@ -580,6 +580,11 @@ NetGetMaskLength (
   Return the class of the IP address, such as class A, B, C.
   Addr is in host byte order.
 
+  [ATTENTION]
+  Classful addressing (IP class A/B/C) has been deprecated according to RFC4632.
+  Caller of this function could only check the returned value against
+  IP4_ADDR_CLASSD (multicast) or IP4_ADDR_CLASSE (reserved) now.
+
   The address of class A  starts with 0.
   If the address belong to class A, return IP4_ADDR_CLASSA.
   The address of class B  starts with 10.
@@ -628,11 +633,10 @@ NetGetIpClass (
 
 /**
   Check whether the IP is a valid unicast address according to
-  the netmask. If NetMask is zero, use the IP address's class to get the default mask.
+  the netmask. 
 
-  If Ip is 0, IP is not a valid unicast address.
-  Class D address is used for multicasting and class E address is reserved for future. If Ip
-  belongs to class D or class E, IP is not a valid unicast address.
+  ASSERT if NetMask is zero.
+  
   If all bits of the host address of IP are 0 or 1, IP is also not a valid unicast address.
 
   @param[in]  Ip                    The IP to check against.
@@ -648,18 +652,12 @@ NetIp4IsUnicast (
   IN IP4_ADDR               NetMask
   )
 {
-  INTN                      Class;
-
-  Class = NetGetIpClass (Ip);
-
-  if ((Ip == 0) || (Class >= IP4_ADDR_CLASSD)) {
+  ASSERT (NetMask != 0);
+  
+  if (Ip == 0) {
     return FALSE;
   }
-
-  if (NetMask == 0) {
-    NetMask = gIp4AllMasks[Class << 3];
-  }
-
+  
   if (((Ip &~NetMask) == ~NetMask) || ((Ip &~NetMask) == 0)) {
     return FALSE;
   }
-- 
2.7.4.windows.1

Re: [PATCH v2 1/3] MdeModulePkg: Update NetLib interface to support classless addressing.

[Wu, Jiaxin]

Siyuan,

One comment for the NetIp4IsUnicast(), we should add more check for BROADCAST IP since the it's also not a valid unicast address.

  if (Ip == 0 || IP4_IS_LOCAL_BROADCAST (Ip)) {
    return FALSE;
  }

Others is good to me.

Reviewed-By: Wu Jiaxin <jiaxin.wu@intel.com>

Best Regards!
Jiaxin

> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Fu
> Siyuan
> Sent: Thursday, October 27, 2016 6:52 PM
> To: edk2-devel@lists.01.org
> Cc: Ye, Ting <ting.ye@intel.com>; Zhang, Lubo <lubo.zhang@intel.com>; Wu,
> Jiaxin <jiaxin.wu@intel.com>
> Subject: [edk2] [PATCH v2 1/3] MdeModulePkg: Update NetLib interface to
> support classless addressing.
> 
> V2:
> Add macro IP4_IS_UNSPECIFIED.
> 
> The classful addressing (IP class A/B/C) has been deprecated according to
> RFC4632. This patch updates the NetLib NetGetIpClass() and NetIp4IsUnicast()
> accordingly.
> 
> NetGetIpClass()
> The function is kept for compatibility, while the caller of this function could only
> check the returned value against with IP4_ADDR_CLASSD (multicast) or
> IP4_ADDR_CLASSE (reserved) now. The function has been updated to note this.
> 
> NetIp4IsUnicast()
> The NetMask becomes a required parameter to check the unicast address.
> 
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
> Cc: Ye Ting <ting.ye@intel.com>
> Cc: Zhang Lubo <lubo.zhang@intel.com>
> Cc: Wu Jiaxin <jiaxin.wu@intel.com>
> ---
>  MdeModulePkg/Include/Library/NetLib.h      | 23 ++++++++++++++---------
>  MdeModulePkg/Library/DxeNetLib/DxeNetLib.c | 26 ++++++++++++--------------
>  2 files changed, 26 insertions(+), 23 deletions(-)
> 
> diff --git a/MdeModulePkg/Include/Library/NetLib.h
> b/MdeModulePkg/Include/Library/NetLib.h
> index c5c0fc2..26709af 100644
> --- a/MdeModulePkg/Include/Library/NetLib.h
> +++ b/MdeModulePkg/Include/Library/NetLib.h
> @@ -43,9 +43,9 @@ typedef UINT16          TCP_PORTNO;
>  //
>  // The address classification
>  //
> -#define  IP4_ADDR_CLASSA       1
> -#define  IP4_ADDR_CLASSB       2
> -#define  IP4_ADDR_CLASSC       3
> +#define  IP4_ADDR_CLASSA       1     // Deprecated
> +#define  IP4_ADDR_CLASSB       2     // Deprecated
> +#define  IP4_ADDR_CLASSC       3     // Deprecated
>  #define  IP4_ADDR_CLASSD       4
>  #define  IP4_ADDR_CLASSE       5
> 
> @@ -231,6 +231,7 @@ typedef struct {
>  // Test the IP's attribute, All the IPs are in host byte order.
>  //
>  #define IP4_IS_MULTICAST(Ip)              (((Ip) & 0xF0000000) == 0xE0000000)
> +#define IP4_IS_UNSPECIFIED(Ip)            ((Ip) == 0)
>  #define IP4_IS_LOCAL_BROADCAST(Ip)        ((Ip) == 0xFFFFFFFF)
>  #define IP4_NET_EQUAL(Ip1, Ip2, NetMask)  (((Ip1) & (NetMask)) == ((Ip2) &
> (NetMask)))
>  #define IP4_IS_VALID_NETMASK(Ip)          (NetGetMaskLength (Ip) !=
> (IP4_MASK_MAX + 1))
> @@ -379,6 +380,11 @@ NetGetMaskLength (
>    Return the class of the IP address, such as class A, B, C.
>    Addr is in host byte order.
> 
> +  [ATTENTION]
> +  Classful addressing (IP class A/B/C) has been deprecated according to
> RFC4632.
> +  Caller of this function could only check the returned value against
> + IP4_ADDR_CLASSD (multicast) or IP4_ADDR_CLASSE (reserved) now.
> +
>    The address of class A  starts with 0.
>    If the address belong to class A, return IP4_ADDR_CLASSA.
>    The address of class B  starts with 10.
> @@ -404,17 +410,16 @@ NetGetIpClass (
> 
>  /**
>    Check whether the IP is a valid unicast address according to
> -  the netmask. If NetMask is zero, use the IP address's class to get the default
> mask.
> +  the netmask.
> 
> -  If Ip is 0, IP is not a valid unicast address.
> -  Class D address is used for multicasting and class E address is reserved for
> future. If Ip
> -  belongs to class D or class E, Ip is not a valid unicast address.
> -  If all bits of the host address of Ip are 0 or 1, Ip is not a valid unicast address.
> +  ASSERT if NetMask is zero.
> +
> +  If all bits of the host address of IP are 0 or 1, IP is also not a valid unicast
> address.
> 
>    @param[in]  Ip                    The IP to check against.
>    @param[in]  NetMask               The mask of the IP.
> 
> -  @return TRUE if Ip is a valid unicast address on the network, otherwise FALSE.
> +  @return TRUE if IP is a valid unicast address on the network, otherwise
> FALSE.
> 
>  **/
>  BOOLEAN
> diff --git a/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
> b/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
> index 148bebf..f520845 100644
> --- a/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
> +++ b/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
> @@ -580,6 +580,11 @@ NetGetMaskLength (
>    Return the class of the IP address, such as class A, B, C.
>    Addr is in host byte order.
> 
> +  [ATTENTION]
> +  Classful addressing (IP class A/B/C) has been deprecated according to
> RFC4632.
> +  Caller of this function could only check the returned value against
> + IP4_ADDR_CLASSD (multicast) or IP4_ADDR_CLASSE (reserved) now.
> +
>    The address of class A  starts with 0.
>    If the address belong to class A, return IP4_ADDR_CLASSA.
>    The address of class B  starts with 10.
> @@ -628,11 +633,10 @@ NetGetIpClass (
> 
>  /**
>    Check whether the IP is a valid unicast address according to
> -  the netmask. If NetMask is zero, use the IP address's class to get the default
> mask.
> +  the netmask.
> 
> -  If Ip is 0, IP is not a valid unicast address.
> -  Class D address is used for multicasting and class E address is reserved for
> future. If Ip
> -  belongs to class D or class E, IP is not a valid unicast address.
> +  ASSERT if NetMask is zero.
> +
>    If all bits of the host address of IP are 0 or 1, IP is also not a valid unicast
> address.
> 
>    @param[in]  Ip                    The IP to check against.
> @@ -648,18 +652,12 @@ NetIp4IsUnicast (
>    IN IP4_ADDR               NetMask
>    )
>  {
> -  INTN                      Class;
> -
> -  Class = NetGetIpClass (Ip);
> -
> -  if ((Ip == 0) || (Class >= IP4_ADDR_CLASSD)) {
> +  ASSERT (NetMask != 0);
> +
> +  if (Ip == 0) {
>      return FALSE;
>    }
> -
> -  if (NetMask == 0) {
> -    NetMask = gIp4AllMasks[Class << 3];
> -  }
> -
> +
>    if (((Ip &~NetMask) == ~NetMask) || ((Ip &~NetMask) == 0)) {
>      return FALSE;
>    }
> --
> 2.7.4.windows.1
> 
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel

[PATCH v2 2/3] MdeModulePkg: Update IP4 stack drivers for classless address unicast check.

[Fu Siyuan]

V2 update:
Keep the zero address and broadcast check if network mask is not available.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
---
 MdeModulePkg/Include/Library/IpIoLib.h             |  4 +++-
 MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.c       |  9 ++++++-
 MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c    |  4 ++--
 .../Universal/Network/Dhcp4Dxe/Dhcp4Impl.c         | 28 +++-------------------
 MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Io.c  |  6 +----
 .../Universal/Network/IScsiDxe/IScsiConfig.c       | 15 ++++++++----
 .../Universal/Network/Ip4Dxe/Ip4Config2Impl.c      |  9 ++++---
 .../Universal/Network/Ip4Dxe/Ip4Config2Nv.c        | 24 +++++++++----------
 MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c      |  7 +-----
 .../Universal/Network/Mtftp4Dxe/Mtftp4Impl.c       |  8 ++-----
 MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Main.c  |  6 ++---
 MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Impl.c  |  9 +++++--
 MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Main.c  |  8 +++----
 .../Universal/Network/UefiPxeBcDxe/PxeBcImpl.c     | 24 ++++++++++++-------
 14 files changed, 75 insertions(+), 86 deletions(-)

diff --git a/MdeModulePkg/Include/Library/IpIoLib.h b/MdeModulePkg/Include/Library/IpIoLib.h
index 37cba07..aab0c68 100644
--- a/MdeModulePkg/Include/Library/IpIoLib.h
+++ b/MdeModulePkg/Include/Library/IpIoLib.h
@@ -2,7 +2,7 @@
   This library is only intended to be used by UEFI network stack modules.
   It provides the combined IpIo layer on the EFI IP4 Protocol and EFI IP6 protocol.
 
-Copyright (c) 2005 - 2010, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials are licensed and made available under 
 the terms and conditions of the BSD License that accompanies this distribution.  
 The full text of the license may be found at
@@ -261,6 +261,8 @@ typedef struct _IP_IO {
   PKT_RCVD_NOTIFY               PktRcvdNotify;   ///< See IP_IO_OPEN_DATA::PktRcvdNotify.
   PKT_SENT_NOTIFY               PktSentNotify;   ///< See IP_IO_OPEN_DATA::PktSentNotify.
   UINT8                         IpVersion;
+  IP4_ADDR                      StationIp;
+  IP4_ADDR                      SubnetMask;
 } IP_IO;
 
 ///
diff --git a/MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.c b/MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.c
index 27fef71..9a70e90 100644
--- a/MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.c
+++ b/MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.c
@@ -1029,7 +1029,9 @@ IpIoListenHandlerDpc (
 
   if (IpIo->IpVersion == IP_VERSION_4) {
     if ((EFI_IP4 (RxData->Ip4RxData.Header->SourceAddress) != 0) &&
-        !NetIp4IsUnicast (EFI_NTOHL (((EFI_IP4_RECEIVE_DATA *) RxData)->Header->SourceAddress), 0)) {
+        (IpIo->SubnetMask != 0) &&
+        IP4_NET_EQUAL (IpIo->StationIp, EFI_NTOHL (((EFI_IP4_RECEIVE_DATA *) RxData)->Header->SourceAddress), IpIo->SubnetMask) &&
+        !NetIp4IsUnicast (EFI_NTOHL (((EFI_IP4_RECEIVE_DATA *) RxData)->Header->SourceAddress), IpIo->SubnetMask)) {
       //
       // The source address is not zero and it's not a unicast IP address, discard it.
       //
@@ -1300,6 +1302,11 @@ IpIoOpen (
     if (OpenData->IpConfigData.Ip4CfgData.RawData) {
       return EFI_UNSUPPORTED;
     }
+
+    if (!OpenData->IpConfigData.Ip4CfgData.UseDefaultAddress) {
+      IpIo->StationIp = EFI_NTOHL (OpenData->IpConfigData.Ip4CfgData.StationAddress);
+      IpIo->SubnetMask = EFI_NTOHL (OpenData->IpConfigData.Ip4CfgData.SubnetMask);
+    }
     
     Status = IpIo->Ip.Ip4->Configure (
                              IpIo->Ip.Ip4,
diff --git a/MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c b/MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c
index afe4929..a02de20 100644
--- a/MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c
+++ b/MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c
@@ -943,9 +943,9 @@ ArpConfigureInstance (
       if (ConfigData->SwAddressType == IPV4_ETHER_PROTO_TYPE) {
         CopyMem (&Ip, ConfigData->StationAddress, sizeof (IP4_ADDR));
 
-        if (!NetIp4IsUnicast (NTOHL (Ip), 0)) {
+        if (IP4_IS_UNSPECIFIED (Ip) || IP4_IS_LOCAL_BROADCAST (Ip)) {
           //
-          // The station address is not a valid IPv4 unicast address.
+          // The station address should not be zero or broadcast address.
           //
           return EFI_INVALID_PARAMETER;
         }
diff --git a/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Impl.c b/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Impl.c
index 79f7cde..11a536d 100644
--- a/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Impl.c
+++ b/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Impl.c
@@ -660,9 +660,7 @@ EfiDhcp4Configure (
     }
 
     CopyMem (&Ip, &Dhcp4CfgData->ClientAddress, sizeof (IP4_ADDR));
-
-    if ((Ip != 0) && !NetIp4IsUnicast (NTOHL (Ip), 0)) {
-
+    if (IP4_IS_LOCAL_BROADCAST(NTOHL (Ip))) {
       return EFI_INVALID_PARAMETER;
     }
   }
@@ -1193,8 +1191,6 @@ Dhcp4InstanceConfigUdpIo (
   EFI_UDP4_CONFIG_DATA              UdpConfigData;
   IP4_ADDR                          ClientAddr;
   IP4_ADDR                          Ip;   
-  INTN                              Class; 
-  IP4_ADDR                          SubnetMask;
 
   Instance = (DHCP_PROTOCOL *) Context;
   DhcpSb   = Instance->Service;
@@ -1211,15 +1207,7 @@ Dhcp4InstanceConfigUdpIo (
   Ip = HTONL (ClientAddr);
   CopyMem (&UdpConfigData.StationAddress, &Ip, sizeof (EFI_IPv4_ADDRESS));
 
-  if (DhcpSb->Netmask == 0) {
-    Class = NetGetIpClass (ClientAddr);
-    ASSERT (Class < IP4_ADDR_CLASSE);
-    SubnetMask = gIp4AllMasks[Class << 3];
-  } else {
-    SubnetMask = DhcpSb->Netmask;
-  }
-
-  Ip = HTONL (SubnetMask);
+  Ip = HTONL (DhcpSb->Netmask);
   CopyMem (&UdpConfigData.SubnetMask, &Ip, sizeof (EFI_IPv4_ADDRESS));
 
   if ((Token->ListenPointCount == 0) || (Token->ListenPoints[0].ListenPort == 0)) {
@@ -1492,8 +1480,6 @@ EfiDhcp4TransmitReceive (
   DHCP_SERVICE   *DhcpSb;
   EFI_IP_ADDRESS Gateway;
   IP4_ADDR       ClientAddr;
-  INTN           Class;
-  IP4_ADDR       SubnetMask;
 
   if ((This == NULL) || (Token == NULL) || (Token->Packet == NULL)) {
     return EFI_INVALID_PARAMETER;
@@ -1583,19 +1569,11 @@ EfiDhcp4TransmitReceive (
     EndPoint.RemotePort = Token->RemotePort;
   }
 
-  if (DhcpSb->Netmask == 0) {
-    Class = NetGetIpClass (ClientAddr);
-    ASSERT (Class < IP4_ADDR_CLASSE);
-    SubnetMask = gIp4AllMasks[Class << 3];
-  } else {
-    SubnetMask = DhcpSb->Netmask;
-  }
-  
   //
   // Get the gateway.
   //
   ZeroMem (&Gateway, sizeof (Gateway));
-  if (!IP4_NET_EQUAL (ClientAddr, EndPoint.RemoteAddr.Addr[0], SubnetMask)) {
+  if (!IP4_NET_EQUAL (ClientAddr, EndPoint.RemoteAddr.Addr[0], DhcpSb->Netmask)) {
     CopyMem (&Gateway.v4, &Token->GatewayAddress, sizeof (EFI_IPv4_ADDRESS));
     Gateway.Addr[0] = NTOHL (Gateway.Addr[0]);
   }
diff --git a/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Io.c b/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Io.c
index 037d1cc..3898223 100644
--- a/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Io.c
+++ b/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Io.c
@@ -393,8 +393,6 @@ DhcpLeaseAcquired (
   IN OUT DHCP_SERVICE           *DhcpSb
   )
 {
-  INTN                      Class;
-
   DhcpSb->ClientAddr = EFI_NTOHL (DhcpSb->Selected->Dhcp4.Header.YourAddr);
 
   if (DhcpSb->Para != NULL) {
@@ -403,9 +401,7 @@ DhcpLeaseAcquired (
   }
 
   if (DhcpSb->Netmask == 0) {
-    Class           = NetGetIpClass (DhcpSb->ClientAddr);
-    ASSERT (Class < IP4_ADDR_CLASSE);
-    DhcpSb->Netmask = gIp4AllMasks[Class << 3];
+    return EFI_ABORTED;
   }
 
   if (DhcpSb->LeaseIoPort != NULL) {
diff --git a/MdeModulePkg/Universal/Network/IScsiDxe/IScsiConfig.c b/MdeModulePkg/Universal/Network/IScsiDxe/IScsiConfig.c
index ca53fd5..77ccd67 100644
--- a/MdeModulePkg/Universal/Network/IScsiDxe/IScsiConfig.c
+++ b/MdeModulePkg/Universal/Network/IScsiDxe/IScsiConfig.c
@@ -1,7 +1,7 @@
 /** @file
   Helper functions for configuring or getting the parameters relating to iSCSI.
 
-Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -727,7 +727,9 @@ IScsiFormCallback (
     case KEY_LOCAL_IP:
       IScsiUnicodeStrToAsciiStr (IfrNvData->LocalIp, Ip4String);
       Status = IScsiAsciiStrToIp (Ip4String, &HostIp.v4);
-      if (EFI_ERROR (Status) || !NetIp4IsUnicast (NTOHL (HostIp.Addr[0]), 0)) {
+      if (EFI_ERROR (Status) || 
+          ((Private->Current->SessionConfigData.SubnetMask.Addr[0] != 0) && 
+           !NetIp4IsUnicast (NTOHL (HostIp.Addr[0]), NTOHL(*(UINT32*)Private->Current->SessionConfigData.SubnetMask.Addr)))) {
         CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid IP address!", NULL);
         Status = EFI_INVALID_PARAMETER;
       } else {
@@ -751,7 +753,10 @@ IScsiFormCallback (
     case KEY_GATE_WAY:
       IScsiUnicodeStrToAsciiStr (IfrNvData->Gateway, Ip4String);
       Status = IScsiAsciiStrToIp (Ip4String, &Gateway.v4);
-      if (EFI_ERROR (Status) || ((Gateway.Addr[0] != 0) && !NetIp4IsUnicast (NTOHL (Gateway.Addr[0]), 0))) {
+      if (EFI_ERROR (Status) || 
+          ((Gateway.Addr[0] != 0) && 
+           (Private->Current->SessionConfigData.SubnetMask.Addr[0] != 0) && 
+           !NetIp4IsUnicast (NTOHL (Gateway.Addr[0]), NTOHL(*(UINT32*)Private->Current->SessionConfigData.SubnetMask.Addr)))) {
         CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid Gateway!", NULL);
         Status = EFI_INVALID_PARAMETER;
       } else {
@@ -763,7 +768,7 @@ IScsiFormCallback (
     case KEY_TARGET_IP:
       IScsiUnicodeStrToAsciiStr (IfrNvData->TargetIp, Ip4String);
       Status = IScsiAsciiStrToIp (Ip4String, &HostIp.v4);
-      if (EFI_ERROR (Status) || !NetIp4IsUnicast (NTOHL (HostIp.Addr[0]), 0)) {
+      if (EFI_ERROR (Status) || IP4_IS_LOCAL_BROADCAST (EFI_NTOHL(HostIp.v4)) || IP4_IS_UNSPECIFIED (EFI_NTOHL(HostIp.v4))) {
         CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid IP address!", NULL);
         Status = EFI_INVALID_PARAMETER;
       } else {
@@ -867,7 +872,7 @@ IScsiFormCallback (
         //
         if (!Private->Current->SessionConfigData.TargetInfoFromDhcp) {
           CopyMem (&HostIp.v4, &Private->Current->SessionConfigData.TargetIp, sizeof (HostIp.v4));
-          if (!NetIp4IsUnicast (NTOHL (HostIp.Addr[0]), 0)) {
+          if (IP4_IS_UNSPECIFIED (NTOHL (HostIp.Addr[0])) || IP4_IS_LOCAL_BROADCAST (NTOHL (HostIp.Addr[0]))) {
             CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Target IP is invalid!", NULL);
             Status = EFI_INVALID_PARAMETER;
             break;
diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
index d868957..a931bb3 100644
--- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
+++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
@@ -737,8 +737,7 @@ Ip4Config2SetDnsServerWorker (
 
   for (NewIndex = 0; NewIndex < NewDnsCount; NewIndex++) {
     CopyMem (&DnsAddress, NewDns + NewIndex, sizeof (IP4_ADDR));
-
-    if (!NetIp4IsUnicast (NTOHL (DnsAddress), 0)) {
+    if (IP4_IS_UNSPECIFIED (NTOHL (DnsAddress)) || IP4_IS_LOCAL_BROADCAST (NTOHL (DnsAddress))) {
       //
       // The dns server address must be unicast.
       //
@@ -1347,14 +1346,15 @@ Ip4Config2SetGateway (
     return EFI_WRITE_PROTECTED;
   }
 
+  IpSb = IP4_SERVICE_FROM_IP4_CONFIG2_INSTANCE (Instance);
 
   NewGateway      = (EFI_IPv4_ADDRESS *) Data;
   NewGatewayCount = DataSize / sizeof (EFI_IPv4_ADDRESS);
   for (Index1 = 0; Index1 < NewGatewayCount; Index1++) {
     CopyMem (&Gateway, NewGateway + Index1, sizeof (IP4_ADDR));
-    
-    if (!NetIp4IsUnicast (NTOHL (Gateway), 0)) {
 
+    if ((IpSb->DefaultInterface->SubnetMask != 0) && 
+        !NetIp4IsUnicast (NTOHL (Gateway), IpSb->DefaultInterface->SubnetMask)) {
       return EFI_INVALID_PARAMETER;
     }
 
@@ -1365,7 +1365,6 @@ Ip4Config2SetGateway (
     }
   }
  
-  IpSb = IP4_SERVICE_FROM_IP4_CONFIG2_INSTANCE (Instance);
   DataItem = &Instance->DataItem[Ip4Config2DataTypeGateway];
   OldGateway      = DataItem->Data.Gateway;
   OldGatewayCount = DataItem->DataSize / sizeof (EFI_IPv4_ADDRESS);
diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Nv.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Nv.c
index ee771e3..8eea887 100644
--- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Nv.c
+++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Nv.c
@@ -1,7 +1,7 @@
 /** @file
   Helper functions for configuring or getting the parameters relating to Ip4.
 
-Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -608,20 +608,20 @@ Ip4Config2ConvertIfrNvDataToConfigNvData (
     //
     Ip4NvData->Policy = Ip4Config2PolicyStatic;
 
-    Status = Ip4Config2StrToIp (IfrFormNvData->StationAddress, &StationAddress.v4);
-    if (EFI_ERROR (Status) || !NetIp4IsUnicast (NTOHL (StationAddress.Addr[0]), 0)) {
-      CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid IP address!", NULL);
-      return EFI_INVALID_PARAMETER;
-    }
-    
     Status = Ip4Config2StrToIp (IfrFormNvData->SubnetMask, &SubnetMask.v4);
     if (EFI_ERROR (Status) || ((SubnetMask.Addr[0] != 0) && (GetSubnetMaskPrefixLength (&SubnetMask.v4) == 0))) {
       CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid Subnet Mask!", NULL);
       return EFI_INVALID_PARAMETER;
     }
+
+    Status = Ip4Config2StrToIp (IfrFormNvData->StationAddress, &StationAddress.v4);
+    if (EFI_ERROR (Status) || !NetIp4IsUnicast (NTOHL (StationAddress.Addr[0]), NTOHL (SubnetMask.Addr[0]))) {
+      CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid IP address!", NULL);
+      return EFI_INVALID_PARAMETER;
+    }
     
     Status = Ip4Config2StrToIp (IfrFormNvData->GatewayAddress, &Gateway.v4);
-    if (EFI_ERROR (Status) || ((Gateway.Addr[0] != 0) && !NetIp4IsUnicast (NTOHL (Gateway.Addr[0]), 0))) {
+    if (EFI_ERROR (Status) || ((Gateway.Addr[0] != 0) && !NetIp4IsUnicast (NTOHL (Gateway.Addr[0]), NTOHL (SubnetMask.Addr[0])))) {
       CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid Gateway!", NULL);
       return EFI_INVALID_PARAMETER;
     }
@@ -630,7 +630,7 @@ Ip4Config2ConvertIfrNvDataToConfigNvData (
     if (!EFI_ERROR (Status) && DnsCount > 0) {
       for (Index = 0; Index < DnsCount; Index ++) {
         CopyMem (&Ip, &DnsAddress[Index], sizeof (IP4_ADDR));
-        if (!NetIp4IsUnicast (NTOHL (Ip), 0)) {
+        if (IP4_IS_UNSPECIFIED (NTOHL (Ip)) || IP4_IS_LOCAL_BROADCAST (NTOHL (Ip))) {
           CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid Dns Server!", NULL);
           FreePool(DnsAddress);
           return EFI_INVALID_PARAMETER;
@@ -1146,7 +1146,7 @@ Ip4FormCallback (
     switch (QuestionId) {
     case KEY_LOCAL_IP:
       Status = Ip4Config2StrToIp (IfrFormNvData->StationAddress, &StationAddress.v4);
-      if (EFI_ERROR (Status) || !NetIp4IsUnicast (NTOHL (StationAddress.Addr[0]), 0)) {
+      if (EFI_ERROR (Status) || IP4_IS_UNSPECIFIED (NTOHL (StationAddress.Addr[0])) || IP4_IS_LOCAL_BROADCAST (NTOHL (StationAddress.Addr[0]))) {
         CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid IP address!", NULL);
         Status = EFI_INVALID_PARAMETER;
       }
@@ -1162,7 +1162,7 @@ Ip4FormCallback (
 
     case KEY_GATE_WAY:
       Status = Ip4Config2StrToIp (IfrFormNvData->GatewayAddress, &Gateway.v4);
-      if (EFI_ERROR (Status) || ((Gateway.Addr[0] != 0) && !NetIp4IsUnicast (NTOHL (Gateway.Addr[0]), 0))) {
+      if (EFI_ERROR (Status) || IP4_IS_LOCAL_BROADCAST(NTOHL(Gateway.Addr[0]))) {
         CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid Gateway!", NULL);
         Status = EFI_INVALID_PARAMETER;
       }
@@ -1173,7 +1173,7 @@ Ip4FormCallback (
       if (!EFI_ERROR (Status) && DnsCount > 0) {
         for (Index = 0; Index < DnsCount; Index ++) {
           CopyMem (&Ip, &DnsAddress[Index], sizeof (IP4_ADDR));
-          if (!NetIp4IsUnicast (NTOHL (Ip), 0)) {
+          if (IP4_IS_UNSPECIFIED (NTOHL (Ip)) || IP4_IS_LOCAL_BROADCAST (NTOHL (Ip))) {
             CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid Dns Server!", NULL);
             Status = EFI_INVALID_PARAMETER;
             break;
diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
index e457276..9cd5dd5 100644
--- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
+++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
@@ -560,9 +560,7 @@ Ip4SetAddress (
 {
   EFI_ARP_CONFIG_DATA       ArpConfig;
   EFI_STATUS                Status;
-  INTN                      Type;
   INTN                      Len;
-  IP4_ADDR                  Netmask;
 
   NET_CHECK_SIGNATURE (Interface, IP4_INTERFACE_SIGNATURE);
 
@@ -578,12 +576,9 @@ Ip4SetAddress (
   Interface->SubnetMask     = SubnetMask;
   Interface->SubnetBrdcast  = (IpAddr | ~SubnetMask);
 
-  Type                      = NetGetIpClass (IpAddr);
-  ASSERT (Type <= IP4_ADDR_CLASSC);
   Len                       = NetGetMaskLength (SubnetMask);
   ASSERT (Len <= IP4_MASK_MAX);
-  Netmask                   = gIp4AllMasks[MIN (Len, Type << 3)];
-  Interface->NetBrdcast     = (IpAddr | ~Netmask);
+  Interface->NetBrdcast     = (IpAddr | ~SubnetMask);
 
   //
   // Do clean up for Arp child
diff --git a/MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Impl.c b/MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Impl.c
index 7ed2e52..6223895 100644
--- a/MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Impl.c
+++ b/MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Impl.c
@@ -2,7 +2,7 @@
   Interface routine for Mtftp4.
   
 (C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR>
-Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -192,7 +192,7 @@ Mtftp4OverrideValid (
   IP4_ADDR                  Gateway;
 
   CopyMem (&Ip, &Override->ServerIp, sizeof (IP4_ADDR));
-  if (!NetIp4IsUnicast (NTOHL (Ip), 0)) {
+  if (IP4_IS_UNSPECIFIED (NTOHL (Ip)) || IP4_IS_LOCAL_BROADCAST (NTOHL (Ip))) {
     return FALSE;
   }
 
@@ -667,10 +667,6 @@ EfiMtftp4Configure (
     Gateway  = NTOHL (Gateway);
     ServerIp = NTOHL (ServerIp);
 
-    if (!NetIp4IsUnicast (ServerIp, 0)) {
-      return EFI_INVALID_PARAMETER;
-    }
-
     if (!ConfigData->UseDefaultSetting &&
        ((!IP4_IS_VALID_NETMASK (Netmask) || !NetIp4IsUnicast (Ip, Netmask)))) {
 
diff --git a/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Main.c b/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Main.c
index c7d3d32..8e70e01 100644
--- a/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Main.c
+++ b/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Main.c
@@ -1,7 +1,7 @@
 /** @file
   Implementation of TCP4 protocol services.
 
-Copyright (c) 2005 - 2011, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -170,7 +170,7 @@ Tcp4Configure (
   if (NULL != TcpConfigData) {
 
     CopyMem (&Ip, &TcpConfigData->AccessPoint.RemoteAddress, sizeof (IP4_ADDR));
-    if ((Ip != 0) && !NetIp4IsUnicast (NTOHL (Ip), 0)) {
+    if (IP4_IS_LOCAL_BROADCAST (NTOHL (Ip))) {
       return EFI_INVALID_PARAMETER;
     }
 
@@ -183,7 +183,7 @@ Tcp4Configure (
 
       CopyMem (&Ip, &TcpConfigData->AccessPoint.StationAddress, sizeof (IP4_ADDR));
       CopyMem (&SubnetMask, &TcpConfigData->AccessPoint.SubnetMask, sizeof (IP4_ADDR));
-      if (!NetIp4IsUnicast (NTOHL (Ip), 0) || !IP4_IS_VALID_NETMASK (NTOHL (SubnetMask))) {
+      if (!IP4_IS_VALID_NETMASK (NTOHL (SubnetMask)) || !NetIp4IsUnicast (NTOHL (Ip), NTOHL (SubnetMask))) {
         return EFI_INVALID_PARAMETER;
       }
     }
diff --git a/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Impl.c b/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Impl.c
index 20dbeff..df41433 100644
--- a/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Impl.c
+++ b/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Impl.c
@@ -827,7 +827,9 @@ Udp4ValidateTxToken (
   if (TxData->GatewayAddress != NULL) {
     CopyMem (&GatewayAddress, TxData->GatewayAddress, sizeof (IP4_ADDR));
 
-    if (!NetIp4IsUnicast (NTOHL (GatewayAddress), 0)) {
+    if (!Instance->ConfigData.UseDefaultAddress &&
+        (EFI_NTOHL(Instance->ConfigData.SubnetMask) != 0) &&
+        !NetIp4IsUnicast (NTOHL (GatewayAddress), EFI_NTOHL(Instance->ConfigData.SubnetMask))) {
       //
       // The specified GatewayAddress is not a unicast IPv4 address while it's not 0.
       //
@@ -842,7 +844,10 @@ Udp4ValidateTxToken (
 
     CopyMem (&SourceAddress, &UdpSessionData->SourceAddress, sizeof (IP4_ADDR));
 
-    if ((SourceAddress != 0) && !NetIp4IsUnicast (HTONL (SourceAddress), 0)) {
+    if ((SourceAddress != 0) && 
+        !Instance->ConfigData.UseDefaultAddress &&
+        (EFI_NTOHL(Instance->ConfigData.SubnetMask) != 0) &&
+        !NetIp4IsUnicast (HTONL (SourceAddress), EFI_NTOHL(Instance->ConfigData.SubnetMask))) {
       //
       // Check whether SourceAddress is a valid IPv4 address in case it's not zero.
       // The configured station address is used if SourceAddress is zero.
diff --git a/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Main.c b/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Main.c
index 5ea22ac..bdb79b3 100644
--- a/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Main.c
+++ b/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Main.c
@@ -1,7 +1,7 @@
 /** @file
 
 (C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR>
-Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -171,9 +171,9 @@ Udp4Configure (
 
 
     if (!UdpConfigData->UseDefaultAddress &&
-      (!IP4_IS_VALID_NETMASK (SubnetMask) ||
-      !((StationAddress == 0) || NetIp4IsUnicast (StationAddress, SubnetMask)) ||
-      !((RemoteAddress  == 0) || NetIp4IsUnicast (RemoteAddress, 0)))) {
+        (!IP4_IS_VALID_NETMASK (SubnetMask) ||
+         !((StationAddress == 0) || NetIp4IsUnicast (StationAddress, SubnetMask)) ||
+         IP4_IS_LOCAL_BROADCAST (RemoteAddress))) {
       //
       // Don't use default address, and subnet mask is invalid or StationAddress is not
       // a valid unicast IPv4 address or RemoteAddress is not a valid unicast IPv4 address
diff --git a/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c b/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
index cf7b7b5..4746256 100644
--- a/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
+++ b/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
@@ -176,7 +176,9 @@ IcmpErrorListenHandlerDpc (
   }
 
   if (EFI_IP4 (RxData->Header->SourceAddress) != 0 &&
-      !NetIp4IsUnicast (EFI_NTOHL (RxData->Header->SourceAddress), 0)) {
+      (NTOHL (Mode->SubnetMask.Addr[0]) != 0) &&
+      IP4_NET_EQUAL (NTOHL(Mode->StationIp.Addr[0]), EFI_NTOHL (RxData->Header->SourceAddress), NTOHL (Mode->SubnetMask.Addr[0])) &&
+      !NetIp4IsUnicast (EFI_NTOHL (RxData->Header->SourceAddress), NTOHL (Mode->SubnetMask.Addr[0]))) {
     //
     // The source address is not zero and it's not a unicast IP address, discard it.
     //
@@ -1163,7 +1165,9 @@ EfiPxeBcMtftp (
   if ((This == NULL)                                                          ||
       (Filename == NULL)                                                      ||
       (BufferSize == NULL)                                                    ||
-      ((ServerIp == NULL) || !NetIp4IsUnicast (NTOHL (ServerIp->Addr[0]), 0)) ||
+      ((ServerIp == NULL) || 
+       (IP4_IS_UNSPECIFIED (NTOHL (ServerIp->Addr[0])) || 
+        IP4_IS_LOCAL_BROADCAST (NTOHL (ServerIp->Addr[0]))))                  ||
       ((BufferPtr == NULL) && DontUseBuffer)                                  ||
       ((BlockSize != NULL) && (*BlockSize < 512))) {
 
@@ -1378,7 +1382,7 @@ EfiPxeBcUdpWrite (
     return EFI_INVALID_PARAMETER;
   }
 
-  if ((GatewayIp != NULL) && !NetIp4IsUnicast (NTOHL (GatewayIp->Addr[0]), 0)) {
+  if ((GatewayIp != NULL) && (IP4_IS_UNSPECIFIED (NTOHL (GatewayIp->Addr[0])) || IP4_IS_LOCAL_BROADCAST (NTOHL (GatewayIp->Addr[0])))) {
     //
     // Gateway is provided but it's not a unicast IP address.
     //
@@ -1964,9 +1968,11 @@ EfiPxeBcSetIpFilter (
       DEBUG ((EFI_D_ERROR, "There is broadcast address in NewFilter.\n"));
       return EFI_INVALID_PARAMETER;
     }
-    if (NetIp4IsUnicast (EFI_IP4 (NewFilter->IpList[Index].v4), 0) &&
-        ((NewFilter->Filters & EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP) != 0)
-       ) {
+    if ((EFI_NTOHL(Mode->StationIp) != 0) &&
+        (EFI_NTOHL(Mode->SubnetMask) != 0) &&
+        IP4_NET_EQUAL(EFI_NTOHL(Mode->StationIp), EFI_NTOHL(NewFilter->IpList[Index].v4), EFI_NTOHL(Mode->SubnetMask)) &&
+        NetIp4IsUnicast (EFI_IP4 (NewFilter->IpList[Index].v4), EFI_NTOHL(Mode->SubnetMask)) &&
+        ((NewFilter->Filters & EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP) != 0)) {
       //
       // If EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP is set and IP4 address is in IpList,
       // promiscuous mode is needed.
@@ -2308,11 +2314,11 @@ EfiPxeBcSetStationIP (
     return EFI_INVALID_PARAMETER;
   }
 
-  if (NewStationIp != NULL && !NetIp4IsUnicast (NTOHL (NewStationIp->Addr[0]), 0)) {
+  if (NewSubnetMask != NULL && !IP4_IS_VALID_NETMASK (NTOHL (NewSubnetMask->Addr[0]))) {
     return EFI_INVALID_PARAMETER;
   }
-
-  if (NewSubnetMask != NULL && !IP4_IS_VALID_NETMASK (NTOHL (NewSubnetMask->Addr[0]))) {
+  
+  if (NewStationIp != NULL && !NetIp4IsUnicast (NTOHL (NewStationIp->Addr[0]), NTOHL (NewSubnetMask->Addr[0]))) {
     return EFI_INVALID_PARAMETER;
   }
 
-- 
2.7.4.windows.1

Re: [PATCH v2 2/3] MdeModulePkg: Update IP4 stack drivers for classless address unicast check.

[Wu, Jiaxin]

Siyuan,

For DHCP part, I noticed you made the below code change in EfiDhcp4TransmitReceive() and Dhcp4InstanceConfigUdpIo():

> -  if (DhcpSb->Netmask == 0) {
> -    Class = NetGetIpClass (ClientAddr);
> -    ASSERT (Class < IP4_ADDR_CLASSE);
> -    SubnetMask = gIp4AllMasks[Class << 3];
> -  } else {
> -    SubnetMask = DhcpSb->Netmask;
> -  }
> -
> -  Ip = HTONL (SubnetMask);
> +  Ip = HTONL (DhcpSb->Netmask);

since the UEFI Spec declaims the TransmitReceive() function can be used at any time. If D.O.R.A is not performed, DhcpSb->Netmask will be zero, if so, TransmitReceive() function will be always in failure status. I suggest to keep the original code logical and we can add some description in TransmitReceive() function to note that.

Thanks,
Jiaxin

> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Fu
> Siyuan
> Sent: Thursday, October 27, 2016 6:52 PM
> To: edk2-devel@lists.01.org
> Cc: Ye, Ting <ting.ye@intel.com>; Zhang, Lubo <lubo.zhang@intel.com>; Wu,
> Jiaxin <jiaxin.wu@intel.com>
> Subject: [edk2] [PATCH v2 2/3] MdeModulePkg: Update IP4 stack drivers for
> classless address unicast check.
> 
> V2 update:
> Keep the zero address and broadcast check if network mask is not available.
> 
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
> Cc: Ye Ting <ting.ye@intel.com>
> Cc: Zhang Lubo <lubo.zhang@intel.com>
> Cc: Wu Jiaxin <jiaxin.wu@intel.com>
> ---
>  MdeModulePkg/Include/Library/IpIoLib.h             |  4 +++-
>  MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.c       |  9 ++++++-
>  MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c    |  4 ++--
>  .../Universal/Network/Dhcp4Dxe/Dhcp4Impl.c         | 28 +++-------------------
>  MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Io.c  |  6 +----
>  .../Universal/Network/IScsiDxe/IScsiConfig.c       | 15 ++++++++----
>  .../Universal/Network/Ip4Dxe/Ip4Config2Impl.c      |  9 ++++---
>  .../Universal/Network/Ip4Dxe/Ip4Config2Nv.c        | 24 +++++++++----------
>  MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c      |  7 +-----
>  .../Universal/Network/Mtftp4Dxe/Mtftp4Impl.c       |  8 ++-----
>  MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Main.c  |  6 ++---
> MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Impl.c  |  9 +++++--
> MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Main.c  |  8 +++----
>  .../Universal/Network/UefiPxeBcDxe/PxeBcImpl.c     | 24 ++++++++++++-------
>  14 files changed, 75 insertions(+), 86 deletions(-)
> 
> diff --git a/MdeModulePkg/Include/Library/IpIoLib.h
> b/MdeModulePkg/Include/Library/IpIoLib.h
> index 37cba07..aab0c68 100644
> --- a/MdeModulePkg/Include/Library/IpIoLib.h
> +++ b/MdeModulePkg/Include/Library/IpIoLib.h
> @@ -2,7 +2,7 @@
>    This library is only intended to be used by UEFI network stack modules.
>    It provides the combined IpIo layer on the EFI IP4 Protocol and EFI IP6
> protocol.
> 
> -Copyright (c) 2005 - 2010, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.<BR>
>  This program and the accompanying materials are licensed and made
> available under  the terms and conditions of the BSD License that accompanies
> this distribution.
>  The full text of the license may be found at @@ -261,6 +261,8 @@ typedef
> struct _IP_IO {
>    PKT_RCVD_NOTIFY               PktRcvdNotify;   ///< See
> IP_IO_OPEN_DATA::PktRcvdNotify.
>    PKT_SENT_NOTIFY               PktSentNotify;   ///< See
> IP_IO_OPEN_DATA::PktSentNotify.
>    UINT8                         IpVersion;
> +  IP4_ADDR                      StationIp;
> +  IP4_ADDR                      SubnetMask;
>  } IP_IO;
> 
>  ///
> diff --git a/MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.c
> b/MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.c
> index 27fef71..9a70e90 100644
> --- a/MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.c
> +++ b/MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.c
> @@ -1029,7 +1029,9 @@ IpIoListenHandlerDpc (
> 
>    if (IpIo->IpVersion == IP_VERSION_4) {
>      if ((EFI_IP4 (RxData->Ip4RxData.Header->SourceAddress) != 0) &&
> -        !NetIp4IsUnicast (EFI_NTOHL (((EFI_IP4_RECEIVE_DATA *) RxData)-
> >Header->SourceAddress), 0)) {
> +        (IpIo->SubnetMask != 0) &&
> +        IP4_NET_EQUAL (IpIo->StationIp, EFI_NTOHL (((EFI_IP4_RECEIVE_DATA *)
> RxData)->Header->SourceAddress), IpIo->SubnetMask) &&
> +        !NetIp4IsUnicast (EFI_NTOHL (((EFI_IP4_RECEIVE_DATA *)
> + RxData)->Header->SourceAddress), IpIo->SubnetMask)) {
>        //
>        // The source address is not zero and it's not a unicast IP address, discard it.
>        //
> @@ -1300,6 +1302,11 @@ IpIoOpen (
>      if (OpenData->IpConfigData.Ip4CfgData.RawData) {
>        return EFI_UNSUPPORTED;
>      }
> +
> +    if (!OpenData->IpConfigData.Ip4CfgData.UseDefaultAddress) {
> +      IpIo->StationIp = EFI_NTOHL (OpenData-
> >IpConfigData.Ip4CfgData.StationAddress);
> +      IpIo->SubnetMask = EFI_NTOHL (OpenData-
> >IpConfigData.Ip4CfgData.SubnetMask);
> +    }
> 
>      Status = IpIo->Ip.Ip4->Configure (
>                               IpIo->Ip.Ip4, diff --git
> a/MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c
> b/MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c
> index afe4929..a02de20 100644
> --- a/MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c
> +++ b/MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c
> @@ -943,9 +943,9 @@ ArpConfigureInstance (
>        if (ConfigData->SwAddressType == IPV4_ETHER_PROTO_TYPE) {
>          CopyMem (&Ip, ConfigData->StationAddress, sizeof (IP4_ADDR));
> 
> -        if (!NetIp4IsUnicast (NTOHL (Ip), 0)) {
> +        if (IP4_IS_UNSPECIFIED (Ip) || IP4_IS_LOCAL_BROADCAST (Ip)) {
>            //
> -          // The station address is not a valid IPv4 unicast address.
> +          // The station address should not be zero or broadcast address.
>            //
>            return EFI_INVALID_PARAMETER;
>          }
> diff --git a/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Impl.c
> b/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Impl.c
> index 79f7cde..11a536d 100644
> --- a/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Impl.c
> +++ b/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Impl.c
> @@ -660,9 +660,7 @@ EfiDhcp4Configure (
>      }
> 
>      CopyMem (&Ip, &Dhcp4CfgData->ClientAddress, sizeof (IP4_ADDR));
> -
> -    if ((Ip != 0) && !NetIp4IsUnicast (NTOHL (Ip), 0)) {
> -
> +    if (IP4_IS_LOCAL_BROADCAST(NTOHL (Ip))) {
>        return EFI_INVALID_PARAMETER;
>      }
>    }
> @@ -1193,8 +1191,6 @@ Dhcp4InstanceConfigUdpIo (
>    EFI_UDP4_CONFIG_DATA              UdpConfigData;
>    IP4_ADDR                          ClientAddr;
>    IP4_ADDR                          Ip;
> -  INTN                              Class;
> -  IP4_ADDR                          SubnetMask;
> 
>    Instance = (DHCP_PROTOCOL *) Context;
>    DhcpSb   = Instance->Service;
> @@ -1211,15 +1207,7 @@ Dhcp4InstanceConfigUdpIo (
>    Ip = HTONL (ClientAddr);
>    CopyMem (&UdpConfigData.StationAddress, &Ip, sizeof (EFI_IPv4_ADDRESS));
> 
> -  if (DhcpSb->Netmask == 0) {
> -    Class = NetGetIpClass (ClientAddr);
> -    ASSERT (Class < IP4_ADDR_CLASSE);
> -    SubnetMask = gIp4AllMasks[Class << 3];
> -  } else {
> -    SubnetMask = DhcpSb->Netmask;
> -  }
> -
> -  Ip = HTONL (SubnetMask);
> +  Ip = HTONL (DhcpSb->Netmask);
>    CopyMem (&UdpConfigData.SubnetMask, &Ip, sizeof (EFI_IPv4_ADDRESS));
> 
>    if ((Token->ListenPointCount == 0) || (Token->ListenPoints[0].ListenPort == 0))
> { @@ -1492,8 +1480,6 @@ EfiDhcp4TransmitReceive (
>    DHCP_SERVICE   *DhcpSb;
>    EFI_IP_ADDRESS Gateway;
>    IP4_ADDR       ClientAddr;
> -  INTN           Class;
> -  IP4_ADDR       SubnetMask;
> 
>    if ((This == NULL) || (Token == NULL) || (Token->Packet == NULL)) {
>      return EFI_INVALID_PARAMETER;
> @@ -1583,19 +1569,11 @@ EfiDhcp4TransmitReceive (
>      EndPoint.RemotePort = Token->RemotePort;
>    }
> 
> -  if (DhcpSb->Netmask == 0) {
> -    Class = NetGetIpClass (ClientAddr);
> -    ASSERT (Class < IP4_ADDR_CLASSE);
> -    SubnetMask = gIp4AllMasks[Class << 3];
> -  } else {
> -    SubnetMask = DhcpSb->Netmask;
> -  }
> -
>    //
>    // Get the gateway.
>    //
>    ZeroMem (&Gateway, sizeof (Gateway));
> -  if (!IP4_NET_EQUAL (ClientAddr, EndPoint.RemoteAddr.Addr[0], SubnetMask))
> {
> +  if (!IP4_NET_EQUAL (ClientAddr, EndPoint.RemoteAddr.Addr[0],
> + DhcpSb->Netmask)) {
>      CopyMem (&Gateway.v4, &Token->GatewayAddress, sizeof
> (EFI_IPv4_ADDRESS));
>      Gateway.Addr[0] = NTOHL (Gateway.Addr[0]);
>    }
> diff --git a/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Io.c
> b/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Io.c
> index 037d1cc..3898223 100644
> --- a/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Io.c
> +++ b/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Io.c
> @@ -393,8 +393,6 @@ DhcpLeaseAcquired (
>    IN OUT DHCP_SERVICE           *DhcpSb
>    )
>  {
> -  INTN                      Class;
> -
>    DhcpSb->ClientAddr = EFI_NTOHL (DhcpSb->Selected-
> >Dhcp4.Header.YourAddr);
> 
>    if (DhcpSb->Para != NULL) {
> @@ -403,9 +401,7 @@ DhcpLeaseAcquired (
>    }
> 
>    if (DhcpSb->Netmask == 0) {
> -    Class           = NetGetIpClass (DhcpSb->ClientAddr);
> -    ASSERT (Class < IP4_ADDR_CLASSE);
> -    DhcpSb->Netmask = gIp4AllMasks[Class << 3];
> +    return EFI_ABORTED;
>    }
> 
>    if (DhcpSb->LeaseIoPort != NULL) {
> diff --git a/MdeModulePkg/Universal/Network/IScsiDxe/IScsiConfig.c
> b/MdeModulePkg/Universal/Network/IScsiDxe/IScsiConfig.c
> index ca53fd5..77ccd67 100644
> --- a/MdeModulePkg/Universal/Network/IScsiDxe/IScsiConfig.c
> +++ b/MdeModulePkg/Universal/Network/IScsiDxe/IScsiConfig.c
> @@ -1,7 +1,7 @@
>  /** @file
>    Helper functions for configuring or getting the parameters relating to iSCSI.
> 
> -Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved.<BR>
>  This program and the accompanying materials  are licensed and made
> available under the terms and conditions of the BSD License  which
> accompanies this distribution.  The full text of the license may be found at @@
> -727,7 +727,9 @@ IScsiFormCallback (
>      case KEY_LOCAL_IP:
>        IScsiUnicodeStrToAsciiStr (IfrNvData->LocalIp, Ip4String);
>        Status = IScsiAsciiStrToIp (Ip4String, &HostIp.v4);
> -      if (EFI_ERROR (Status) || !NetIp4IsUnicast (NTOHL (HostIp.Addr[0]), 0)) {
> +      if (EFI_ERROR (Status) ||
> +          ((Private->Current->SessionConfigData.SubnetMask.Addr[0] != 0) &&
> +           !NetIp4IsUnicast (NTOHL (HostIp.Addr[0]),
> + NTOHL(*(UINT32*)Private->Current->SessionConfigData.SubnetMask.Addr)))
> + ) {
>          CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid
> IP address!", NULL);
>          Status = EFI_INVALID_PARAMETER;
>        } else {
> @@ -751,7 +753,10 @@ IScsiFormCallback (
>      case KEY_GATE_WAY:
>        IScsiUnicodeStrToAsciiStr (IfrNvData->Gateway, Ip4String);
>        Status = IScsiAsciiStrToIp (Ip4String, &Gateway.v4);
> -      if (EFI_ERROR (Status) || ((Gateway.Addr[0] != 0) && !NetIp4IsUnicast
> (NTOHL (Gateway.Addr[0]), 0))) {
> +      if (EFI_ERROR (Status) ||
> +          ((Gateway.Addr[0] != 0) &&
> +           (Private->Current->SessionConfigData.SubnetMask.Addr[0] != 0) &&
> +           !NetIp4IsUnicast (NTOHL (Gateway.Addr[0]),
> + NTOHL(*(UINT32*)Private->Current->SessionConfigData.SubnetMask.Addr)))
> + ) {
>          CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid
> Gateway!", NULL);
>          Status = EFI_INVALID_PARAMETER;
>        } else {
> @@ -763,7 +768,7 @@ IScsiFormCallback (
>      case KEY_TARGET_IP:
>        IScsiUnicodeStrToAsciiStr (IfrNvData->TargetIp, Ip4String);
>        Status = IScsiAsciiStrToIp (Ip4String, &HostIp.v4);
> -      if (EFI_ERROR (Status) || !NetIp4IsUnicast (NTOHL (HostIp.Addr[0]), 0)) {
> +      if (EFI_ERROR (Status) || IP4_IS_LOCAL_BROADCAST
> + (EFI_NTOHL(HostIp.v4)) || IP4_IS_UNSPECIFIED (EFI_NTOHL(HostIp.v4))) {
>          CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid
> IP address!", NULL);
>          Status = EFI_INVALID_PARAMETER;
>        } else {
> @@ -867,7 +872,7 @@ IScsiFormCallback (
>          //
>          if (!Private->Current->SessionConfigData.TargetInfoFromDhcp) {
>            CopyMem (&HostIp.v4, &Private->Current->SessionConfigData.TargetIp,
> sizeof (HostIp.v4));
> -          if (!NetIp4IsUnicast (NTOHL (HostIp.Addr[0]), 0)) {
> +          if (IP4_IS_UNSPECIFIED (NTOHL (HostIp.Addr[0])) ||
> + IP4_IS_LOCAL_BROADCAST (NTOHL (HostIp.Addr[0]))) {
>              CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key,
> L"Target IP is invalid!", NULL);
>              Status = EFI_INVALID_PARAMETER;
>              break;
> diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
> b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
> index d868957..a931bb3 100644
> --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
> +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
> @@ -737,8 +737,7 @@ Ip4Config2SetDnsServerWorker (
> 
>    for (NewIndex = 0; NewIndex < NewDnsCount; NewIndex++) {
>      CopyMem (&DnsAddress, NewDns + NewIndex, sizeof (IP4_ADDR));
> -
> -    if (!NetIp4IsUnicast (NTOHL (DnsAddress), 0)) {
> +    if (IP4_IS_UNSPECIFIED (NTOHL (DnsAddress)) ||
> + IP4_IS_LOCAL_BROADCAST (NTOHL (DnsAddress))) {
>        //
>        // The dns server address must be unicast.
>        //
> @@ -1347,14 +1346,15 @@ Ip4Config2SetGateway (
>      return EFI_WRITE_PROTECTED;
>    }
> 
> +  IpSb = IP4_SERVICE_FROM_IP4_CONFIG2_INSTANCE (Instance);
> 
>    NewGateway      = (EFI_IPv4_ADDRESS *) Data;
>    NewGatewayCount = DataSize / sizeof (EFI_IPv4_ADDRESS);
>    for (Index1 = 0; Index1 < NewGatewayCount; Index1++) {
>      CopyMem (&Gateway, NewGateway + Index1, sizeof (IP4_ADDR));
> -
> -    if (!NetIp4IsUnicast (NTOHL (Gateway), 0)) {
> 
> +    if ((IpSb->DefaultInterface->SubnetMask != 0) &&
> +        !NetIp4IsUnicast (NTOHL (Gateway),
> + IpSb->DefaultInterface->SubnetMask)) {
>        return EFI_INVALID_PARAMETER;
>      }
> 
> @@ -1365,7 +1365,6 @@ Ip4Config2SetGateway (
>      }
>    }
> 
> -  IpSb = IP4_SERVICE_FROM_IP4_CONFIG2_INSTANCE (Instance);
>    DataItem = &Instance->DataItem[Ip4Config2DataTypeGateway];
>    OldGateway      = DataItem->Data.Gateway;
>    OldGatewayCount = DataItem->DataSize / sizeof (EFI_IPv4_ADDRESS); diff --
> git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Nv.c
> b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Nv.c
> index ee771e3..8eea887 100644
> --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Nv.c
> +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Nv.c
> @@ -1,7 +1,7 @@
>  /** @file
>    Helper functions for configuring or getting the parameters relating to Ip4.
> 
> -Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
>  This program and the accompanying materials  are licensed and made
> available under the terms and conditions of the BSD License  which
> accompanies this distribution.  The full text of the license may be found at @@
> -608,20 +608,20 @@ Ip4Config2ConvertIfrNvDataToConfigNvData (
>      //
>      Ip4NvData->Policy = Ip4Config2PolicyStatic;
> 
> -    Status = Ip4Config2StrToIp (IfrFormNvData->StationAddress,
> &StationAddress.v4);
> -    if (EFI_ERROR (Status) || !NetIp4IsUnicast (NTOHL (StationAddress.Addr[0]),
> 0)) {
> -      CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid
> IP address!", NULL);
> -      return EFI_INVALID_PARAMETER;
> -    }
> -
>      Status = Ip4Config2StrToIp (IfrFormNvData->SubnetMask, &SubnetMask.v4);
>      if (EFI_ERROR (Status) || ((SubnetMask.Addr[0] != 0) &&
> (GetSubnetMaskPrefixLength (&SubnetMask.v4) == 0))) {
>        CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid
> Subnet Mask!", NULL);
>        return EFI_INVALID_PARAMETER;
>      }
> +
> +    Status = Ip4Config2StrToIp (IfrFormNvData->StationAddress,
> &StationAddress.v4);
> +    if (EFI_ERROR (Status) || !NetIp4IsUnicast (NTOHL (StationAddress.Addr[0]),
> NTOHL (SubnetMask.Addr[0]))) {
> +      CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid
> IP address!", NULL);
> +      return EFI_INVALID_PARAMETER;
> +    }
> 
>      Status = Ip4Config2StrToIp (IfrFormNvData->GatewayAddress, &Gateway.v4);
> -    if (EFI_ERROR (Status) || ((Gateway.Addr[0] != 0) && !NetIp4IsUnicast
> (NTOHL (Gateway.Addr[0]), 0))) {
> +    if (EFI_ERROR (Status) || ((Gateway.Addr[0] != 0) &&
> + !NetIp4IsUnicast (NTOHL (Gateway.Addr[0]), NTOHL
> + (SubnetMask.Addr[0])))) {
>        CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid
> Gateway!", NULL);
>        return EFI_INVALID_PARAMETER;
>      }
> @@ -630,7 +630,7 @@ Ip4Config2ConvertIfrNvDataToConfigNvData (
>      if (!EFI_ERROR (Status) && DnsCount > 0) {
>        for (Index = 0; Index < DnsCount; Index ++) {
>          CopyMem (&Ip, &DnsAddress[Index], sizeof (IP4_ADDR));
> -        if (!NetIp4IsUnicast (NTOHL (Ip), 0)) {
> +        if (IP4_IS_UNSPECIFIED (NTOHL (Ip)) || IP4_IS_LOCAL_BROADCAST
> + (NTOHL (Ip))) {
>            CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key,
> L"Invalid Dns Server!", NULL);
>            FreePool(DnsAddress);
>            return EFI_INVALID_PARAMETER; @@ -1146,7 +1146,7 @@
> Ip4FormCallback (
>      switch (QuestionId) {
>      case KEY_LOCAL_IP:
>        Status = Ip4Config2StrToIp (IfrFormNvData->StationAddress,
> &StationAddress.v4);
> -      if (EFI_ERROR (Status) || !NetIp4IsUnicast (NTOHL (StationAddress.Addr[0]),
> 0)) {
> +      if (EFI_ERROR (Status) || IP4_IS_UNSPECIFIED (NTOHL
> + (StationAddress.Addr[0])) || IP4_IS_LOCAL_BROADCAST (NTOHL
> + (StationAddress.Addr[0]))) {
>          CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid
> IP address!", NULL);
>          Status = EFI_INVALID_PARAMETER;
>        }
> @@ -1162,7 +1162,7 @@ Ip4FormCallback (
> 
>      case KEY_GATE_WAY:
>        Status = Ip4Config2StrToIp (IfrFormNvData->GatewayAddress,
> &Gateway.v4);
> -      if (EFI_ERROR (Status) || ((Gateway.Addr[0] != 0) && !NetIp4IsUnicast
> (NTOHL (Gateway.Addr[0]), 0))) {
> +      if (EFI_ERROR (Status) ||
> + IP4_IS_LOCAL_BROADCAST(NTOHL(Gateway.Addr[0]))) {
>          CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Invalid
> Gateway!", NULL);
>          Status = EFI_INVALID_PARAMETER;
>        }
> @@ -1173,7 +1173,7 @@ Ip4FormCallback (
>        if (!EFI_ERROR (Status) && DnsCount > 0) {
>          for (Index = 0; Index < DnsCount; Index ++) {
>            CopyMem (&Ip, &DnsAddress[Index], sizeof (IP4_ADDR));
> -          if (!NetIp4IsUnicast (NTOHL (Ip), 0)) {
> +          if (IP4_IS_UNSPECIFIED (NTOHL (Ip)) || IP4_IS_LOCAL_BROADCAST
> + (NTOHL (Ip))) {
>              CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key,
> L"Invalid Dns Server!", NULL);
>              Status = EFI_INVALID_PARAMETER;
>              break;
> diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
> b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
> index e457276..9cd5dd5 100644
> --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
> +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
> @@ -560,9 +560,7 @@ Ip4SetAddress (
>  {
>    EFI_ARP_CONFIG_DATA       ArpConfig;
>    EFI_STATUS                Status;
> -  INTN                      Type;
>    INTN                      Len;
> -  IP4_ADDR                  Netmask;
> 
>    NET_CHECK_SIGNATURE (Interface, IP4_INTERFACE_SIGNATURE);
> 
> @@ -578,12 +576,9 @@ Ip4SetAddress (
>    Interface->SubnetMask     = SubnetMask;
>    Interface->SubnetBrdcast  = (IpAddr | ~SubnetMask);
> 
> -  Type                      = NetGetIpClass (IpAddr);
> -  ASSERT (Type <= IP4_ADDR_CLASSC);
>    Len                       = NetGetMaskLength (SubnetMask);
>    ASSERT (Len <= IP4_MASK_MAX);
> -  Netmask                   = gIp4AllMasks[MIN (Len, Type << 3)];
> -  Interface->NetBrdcast     = (IpAddr | ~Netmask);
> +  Interface->NetBrdcast     = (IpAddr | ~SubnetMask);
> 
>    //
>    // Do clean up for Arp child
> diff --git a/MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Impl.c
> b/MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Impl.c
> index 7ed2e52..6223895 100644
> --- a/MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Impl.c
> +++ b/MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Impl.c
> @@ -2,7 +2,7 @@
>    Interface routine for Mtftp4.
> 
>  (C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR> -
> Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
>  This program and the accompanying materials  are licensed and made
> available under the terms and conditions of the BSD License  which
> accompanies this distribution.  The full text of the license may be found at @@
> -192,7 +192,7 @@ Mtftp4OverrideValid (
>    IP4_ADDR                  Gateway;
> 
>    CopyMem (&Ip, &Override->ServerIp, sizeof (IP4_ADDR));
> -  if (!NetIp4IsUnicast (NTOHL (Ip), 0)) {
> +  if (IP4_IS_UNSPECIFIED (NTOHL (Ip)) || IP4_IS_LOCAL_BROADCAST (NTOHL
> + (Ip))) {
>      return FALSE;
>    }
> 
> @@ -667,10 +667,6 @@ EfiMtftp4Configure (
>      Gateway  = NTOHL (Gateway);
>      ServerIp = NTOHL (ServerIp);
> 
> -    if (!NetIp4IsUnicast (ServerIp, 0)) {
> -      return EFI_INVALID_PARAMETER;
> -    }
> -
>      if (!ConfigData->UseDefaultSetting &&
>         ((!IP4_IS_VALID_NETMASK (Netmask) || !NetIp4IsUnicast (Ip, Netmask)))) {
> 
> diff --git a/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Main.c
> b/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Main.c
> index c7d3d32..8e70e01 100644
> --- a/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Main.c
> +++ b/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Main.c
> @@ -1,7 +1,7 @@
>  /** @file
>    Implementation of TCP4 protocol services.
> 
> -Copyright (c) 2005 - 2011, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.<BR>
>  This program and the accompanying materials  are licensed and made
> available under the terms and conditions of the BSD License  which
> accompanies this distribution.  The full text of the license may be found at @@
> -170,7 +170,7 @@ Tcp4Configure (
>    if (NULL != TcpConfigData) {
> 
>      CopyMem (&Ip, &TcpConfigData->AccessPoint.RemoteAddress, sizeof
> (IP4_ADDR));
> -    if ((Ip != 0) && !NetIp4IsUnicast (NTOHL (Ip), 0)) {
> +    if (IP4_IS_LOCAL_BROADCAST (NTOHL (Ip))) {
>        return EFI_INVALID_PARAMETER;
>      }
> 
> @@ -183,7 +183,7 @@ Tcp4Configure (
> 
>        CopyMem (&Ip, &TcpConfigData->AccessPoint.StationAddress, sizeof
> (IP4_ADDR));
>        CopyMem (&SubnetMask, &TcpConfigData->AccessPoint.SubnetMask,
> sizeof (IP4_ADDR));
> -      if (!NetIp4IsUnicast (NTOHL (Ip), 0) || !IP4_IS_VALID_NETMASK (NTOHL
> (SubnetMask))) {
> +      if (!IP4_IS_VALID_NETMASK (NTOHL (SubnetMask)) ||
> + !NetIp4IsUnicast (NTOHL (Ip), NTOHL (SubnetMask))) {
>          return EFI_INVALID_PARAMETER;
>        }
>      }
> diff --git a/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Impl.c
> b/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Impl.c
> index 20dbeff..df41433 100644
> --- a/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Impl.c
> +++ b/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Impl.c
> @@ -827,7 +827,9 @@ Udp4ValidateTxToken (
>    if (TxData->GatewayAddress != NULL) {
>      CopyMem (&GatewayAddress, TxData->GatewayAddress, sizeof
> (IP4_ADDR));
> 
> -    if (!NetIp4IsUnicast (NTOHL (GatewayAddress), 0)) {
> +    if (!Instance->ConfigData.UseDefaultAddress &&
> +        (EFI_NTOHL(Instance->ConfigData.SubnetMask) != 0) &&
> +        !NetIp4IsUnicast (NTOHL (GatewayAddress),
> + EFI_NTOHL(Instance->ConfigData.SubnetMask))) {
>        //
>        // The specified GatewayAddress is not a unicast IPv4 address while it's not
> 0.
>        //
> @@ -842,7 +844,10 @@ Udp4ValidateTxToken (
> 
>      CopyMem (&SourceAddress, &UdpSessionData->SourceAddress, sizeof
> (IP4_ADDR));
> 
> -    if ((SourceAddress != 0) && !NetIp4IsUnicast (HTONL (SourceAddress), 0)) {
> +    if ((SourceAddress != 0) &&
> +        !Instance->ConfigData.UseDefaultAddress &&
> +        (EFI_NTOHL(Instance->ConfigData.SubnetMask) != 0) &&
> +        !NetIp4IsUnicast (HTONL (SourceAddress),
> + EFI_NTOHL(Instance->ConfigData.SubnetMask))) {
>        //
>        // Check whether SourceAddress is a valid IPv4 address in case it's not zero.
>        // The configured station address is used if SourceAddress is zero.
> diff --git a/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Main.c
> b/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Main.c
> index 5ea22ac..bdb79b3 100644
> --- a/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Main.c
> +++ b/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Main.c
> @@ -1,7 +1,7 @@
>  /** @file
> 
>  (C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR> -
> Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
>  This program and the accompanying materials  are licensed and made
> available under the terms and conditions of the BSD License  which
> accompanies this distribution.  The full text of the license may be found at @@
> -171,9 +171,9 @@ Udp4Configure (
> 
> 
>      if (!UdpConfigData->UseDefaultAddress &&
> -      (!IP4_IS_VALID_NETMASK (SubnetMask) ||
> -      !((StationAddress == 0) || NetIp4IsUnicast (StationAddress, SubnetMask))
> ||
> -      !((RemoteAddress  == 0) || NetIp4IsUnicast (RemoteAddress, 0)))) {
> +        (!IP4_IS_VALID_NETMASK (SubnetMask) ||
> +         !((StationAddress == 0) || NetIp4IsUnicast (StationAddress, SubnetMask))
> ||
> +         IP4_IS_LOCAL_BROADCAST (RemoteAddress))) {
>        //
>        // Don't use default address, and subnet mask is invalid or StationAddress is
> not
>        // a valid unicast IPv4 address or RemoteAddress is not a valid unicast IPv4
> address diff --git
> a/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
> b/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
> index cf7b7b5..4746256 100644
> --- a/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
> +++ b/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
> @@ -176,7 +176,9 @@ IcmpErrorListenHandlerDpc (
>    }
> 
>    if (EFI_IP4 (RxData->Header->SourceAddress) != 0 &&
> -      !NetIp4IsUnicast (EFI_NTOHL (RxData->Header->SourceAddress), 0)) {
> +      (NTOHL (Mode->SubnetMask.Addr[0]) != 0) &&
> +      IP4_NET_EQUAL (NTOHL(Mode->StationIp.Addr[0]), EFI_NTOHL (RxData-
> >Header->SourceAddress), NTOHL (Mode->SubnetMask.Addr[0])) &&
> +      !NetIp4IsUnicast (EFI_NTOHL (RxData->Header->SourceAddress),
> + NTOHL (Mode->SubnetMask.Addr[0]))) {
>      //
>      // The source address is not zero and it's not a unicast IP address, discard it.
>      //
> @@ -1163,7 +1165,9 @@ EfiPxeBcMtftp (
>    if ((This == NULL)                                                          ||
>        (Filename == NULL)                                                      ||
>        (BufferSize == NULL)                                                    ||
> -      ((ServerIp == NULL) || !NetIp4IsUnicast (NTOHL (ServerIp->Addr[0]), 0)) ||
> +      ((ServerIp == NULL) ||
> +       (IP4_IS_UNSPECIFIED (NTOHL (ServerIp->Addr[0])) ||
> +        IP4_IS_LOCAL_BROADCAST (NTOHL (ServerIp->Addr[0]))))                  ||
>        ((BufferPtr == NULL) && DontUseBuffer)                                  ||
>        ((BlockSize != NULL) && (*BlockSize < 512))) {
> 
> @@ -1378,7 +1382,7 @@ EfiPxeBcUdpWrite (
>      return EFI_INVALID_PARAMETER;
>    }
> 
> -  if ((GatewayIp != NULL) && !NetIp4IsUnicast (NTOHL (GatewayIp->Addr[0]),
> 0)) {
> +  if ((GatewayIp != NULL) && (IP4_IS_UNSPECIFIED (NTOHL
> + (GatewayIp->Addr[0])) || IP4_IS_LOCAL_BROADCAST (NTOHL
> + (GatewayIp->Addr[0])))) {
>      //
>      // Gateway is provided but it's not a unicast IP address.
>      //
> @@ -1964,9 +1968,11 @@ EfiPxeBcSetIpFilter (
>        DEBUG ((EFI_D_ERROR, "There is broadcast address in NewFilter.\n"));
>        return EFI_INVALID_PARAMETER;
>      }
> -    if (NetIp4IsUnicast (EFI_IP4 (NewFilter->IpList[Index].v4), 0) &&
> -        ((NewFilter->Filters & EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP) != 0)
> -       ) {
> +    if ((EFI_NTOHL(Mode->StationIp) != 0) &&
> +        (EFI_NTOHL(Mode->SubnetMask) != 0) &&
> +        IP4_NET_EQUAL(EFI_NTOHL(Mode->StationIp), EFI_NTOHL(NewFilter-
> >IpList[Index].v4), EFI_NTOHL(Mode->SubnetMask)) &&
> +        NetIp4IsUnicast (EFI_IP4 (NewFilter->IpList[Index].v4), EFI_NTOHL(Mode-
> >SubnetMask)) &&
> +        ((NewFilter->Filters & EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP)
> + != 0)) {
>        //
>        // If EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP is set and IP4 address is
> in IpList,
>        // promiscuous mode is needed.
> @@ -2308,11 +2314,11 @@ EfiPxeBcSetStationIP (
>      return EFI_INVALID_PARAMETER;
>    }
> 
> -  if (NewStationIp != NULL && !NetIp4IsUnicast (NTOHL (NewStationIp-
> >Addr[0]), 0)) {
> +  if (NewSubnetMask != NULL && !IP4_IS_VALID_NETMASK (NTOHL
> + (NewSubnetMask->Addr[0]))) {
>      return EFI_INVALID_PARAMETER;
>    }
> -
> -  if (NewSubnetMask != NULL && !IP4_IS_VALID_NETMASK (NTOHL
> (NewSubnetMask->Addr[0]))) {
> +
> +  if (NewStationIp != NULL && !NetIp4IsUnicast (NTOHL
> + (NewStationIp->Addr[0]), NTOHL (NewSubnetMask->Addr[0]))) {
>      return EFI_INVALID_PARAMETER;
>    }
> 
> --
> 2.7.4.windows.1
> 
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel

[PATCH v2 3/3] NetworkPkg: Update IP4 stack drivers for classless address unicast check.

[Fu Siyuan]

V2 update:
Keep the zero address and broadcast check if network mask is not available.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
---
 NetworkPkg/IScsiDxe/IScsiConfig.c      | 16 ++++++++++----
 NetworkPkg/TcpDxe/TcpMain.c            |  6 ++---
 NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c    | 40 +++++++++++++++++++++++-----------
 NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c |  4 +++-
 4 files changed, 45 insertions(+), 21 deletions(-)

diff --git a/NetworkPkg/IScsiDxe/IScsiConfig.c b/NetworkPkg/IScsiDxe/IScsiConfig.c
index 16a90a6..57571ad 100644
--- a/NetworkPkg/IScsiDxe/IScsiConfig.c
+++ b/NetworkPkg/IScsiDxe/IScsiConfig.c
@@ -164,7 +164,10 @@ IpIsUnicast (
   )
 {
   if (IpMode == IP_MODE_IP4) {
-    return NetIp4IsUnicast (NTOHL (Ip->Addr[0]), 0);
+    if (IP4_IS_UNSPECIFIED (NTOHL (Ip->Addr[0])) || IP4_IS_LOCAL_BROADCAST (NTOHL (Ip->Addr[0])))   {
+      return FALSE;
+    }
+    return TRUE;
   } else if (IpMode == IP_MODE_IP6) {
     return NetIp6IsValidUnicast (&Ip->v6);
   } else {
@@ -2349,7 +2352,9 @@ IScsiFormCallback (
 
     case KEY_LOCAL_IP:
       Status = NetLibStrToIp4 (IfrNvData->LocalIp, &HostIp.v4);
-      if (EFI_ERROR (Status) || !NetIp4IsUnicast (NTOHL (HostIp.Addr[0]), 0)) {
+      if (EFI_ERROR (Status) || 
+          ((Private->Current->SessionConfigData.SubnetMask.Addr[0] != 0) && 
+           !NetIp4IsUnicast (NTOHL (HostIp.Addr[0]), NTOHL(*(UINT32*)Private->Current->SessionConfigData.SubnetMask.Addr)))) {
         CreatePopUp (
           EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
           &Key,
@@ -2383,7 +2388,10 @@ IScsiFormCallback (
 
     case KEY_GATE_WAY:
       Status = NetLibStrToIp4 (IfrNvData->Gateway, &Gateway.v4);
-      if (EFI_ERROR (Status) || ((Gateway.Addr[0] != 0) && !NetIp4IsUnicast (NTOHL (Gateway.Addr[0]), 0))) {
+      if (EFI_ERROR (Status) || 
+          ((Gateway.Addr[0] != 0) && 
+           (Private->Current->SessionConfigData.SubnetMask.Addr[0] != 0) && 
+           !NetIp4IsUnicast (NTOHL (Gateway.Addr[0]), NTOHL(*(UINT32*)Private->Current->SessionConfigData.SubnetMask.Addr)))) {
         CreatePopUp (
           EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
           &Key,
@@ -2400,7 +2408,7 @@ IScsiFormCallback (
     case KEY_TARGET_IP:
       UnicodeStrToAsciiStrS (IfrNvData->TargetIp, IpString, sizeof (IpString));
       Status = IScsiAsciiStrToIp (IpString, IfrNvData->IpMode, &HostIp);
-      if (EFI_ERROR (Status) || !IpIsUnicast (&HostIp, IfrNvData->IpMode)) {
+      if (EFI_ERROR (Status) || IP4_IS_LOCAL_BROADCAST (EFI_NTOHL(HostIp.v4)) || IP4_IS_UNSPECIFIED (EFI_NTOHL(HostIp.v4))) {
         CreatePopUp (
           EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
           &Key,
diff --git a/NetworkPkg/TcpDxe/TcpMain.c b/NetworkPkg/TcpDxe/TcpMain.c
index 96a295a..03942ee 100644
--- a/NetworkPkg/TcpDxe/TcpMain.c
+++ b/NetworkPkg/TcpDxe/TcpMain.c
@@ -147,10 +147,10 @@ Tcp4Configure (
   if (NULL != TcpConfigData) {
 
     CopyMem (&Ip, &TcpConfigData->AccessPoint.RemoteAddress, sizeof (IP4_ADDR));
-    if ((Ip != 0) && !NetIp4IsUnicast (NTOHL (Ip), 0)) {
+    if (IP4_IS_LOCAL_BROADCAST (NTOHL (Ip))) {
       return EFI_INVALID_PARAMETER;
     }
-
+    
     if (TcpConfigData->AccessPoint.ActiveFlag && (0 == TcpConfigData->AccessPoint.RemotePort || (Ip == 0))) {
       return EFI_INVALID_PARAMETER;
     }
@@ -159,7 +159,7 @@ Tcp4Configure (
 
       CopyMem (&Ip, &TcpConfigData->AccessPoint.StationAddress, sizeof (IP4_ADDR));
       CopyMem (&SubnetMask, &TcpConfigData->AccessPoint.SubnetMask, sizeof (IP4_ADDR));
-      if (!NetIp4IsUnicast (NTOHL (Ip), 0) || !IP4_IS_VALID_NETMASK (NTOHL (SubnetMask))) {
+      if (!IP4_IS_VALID_NETMASK (NTOHL (SubnetMask)) || !NetIp4IsUnicast (NTOHL (Ip), NTOHL (SubnetMask))) {
         return EFI_INVALID_PARAMETER;
       }
     }
diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c b/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
index c7c5bd6..52095c5 100644
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
@@ -856,8 +856,7 @@ EfiPxeBcMtftp (
       (BufferSize == NULL) ||
       (ServerIp == NULL) ||
       ((BufferPtr == NULL) && DontUseBuffer) ||
-      ((BlockSize != NULL) && (*BlockSize < PXE_MTFTP_DEFAULT_BLOCK_SIZE)) ||
-      (!NetIp4IsUnicast (NTOHL (ServerIp->Addr[0]), 0) && !NetIp6IsValidUnicast (&ServerIp->v6))) {
+      ((BlockSize != NULL) && (*BlockSize < PXE_MTFTP_DEFAULT_BLOCK_SIZE))) {
     return EFI_INVALID_PARAMETER;
   }
 
@@ -867,6 +866,16 @@ EfiPxeBcMtftp (
   Mode      = Private->PxeBc.Mode;
 
   if (Mode->UsingIpv6) {
+    if (!NetIp6IsValidUnicast (&ServerIp->v6)) {
+      return EFI_INVALID_PARAMETER;
+    }
+  } else {
+    if (IP4_IS_UNSPECIFIED (NTOHL (ServerIp->Addr[0])) || IP4_IS_LOCAL_BROADCAST (NTOHL (ServerIp->Addr[0])))   {
+      return EFI_INVALID_PARAMETER;
+    }
+  }
+
+  if (Mode->UsingIpv6) {
     //
     // Set configuration data for Mtftp6 instance.
     //
@@ -1076,7 +1085,7 @@ EfiPxeBcUdpWrite (
     DoNotFragment = TRUE;
   }
 
-  if (!Mode->UsingIpv6 && GatewayIp != NULL && !NetIp4IsUnicast (NTOHL (GatewayIp->Addr[0]), 0)) {
+  if (!Mode->UsingIpv6 && GatewayIp != NULL && !NetIp4IsUnicast (NTOHL (GatewayIp->Addr[0]), EFI_NTOHL(Mode->SubnetMask))) {
     //
     // Gateway is provided but it's not a unicast IPv4 address, while it will be ignored for IPv6.
     //
@@ -1587,13 +1596,16 @@ EfiPxeBcSetIpFilter (
       //
       return EFI_INVALID_PARAMETER;
     }
-    if ((NewFilter->Filters & EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP) != 0 &&
-        (NetIp4IsUnicast (EFI_IP4 (NewFilter->IpList[Index].v4), 0) ||
-         NetIp6IsValidUnicast (&NewFilter->IpList[Index].v6))) {
-      //
-      // If EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP is set and IPv4/IPv6 address
-      // is in IpList, promiscuous mode is needed.
-      //
+    if (Mode->UsingIpv6) {
+      if ((NewFilter->Filters & EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP) != 0 &&
+          NetIp6IsValidUnicast (&NewFilter->IpList[Index].v6)) {
+        NeedPromiscuous = TRUE;
+      }
+    } else if ((EFI_NTOHL(Mode->StationIp) != 0) &&
+               (EFI_NTOHL(Mode->SubnetMask) != 0) &&
+               IP4_NET_EQUAL(EFI_NTOHL(Mode->StationIp), EFI_NTOHL(NewFilter->IpList[Index].v4), EFI_NTOHL(Mode->SubnetMask.v4)) &&
+               NetIp4IsUnicast (EFI_IP4 (NewFilter->IpList[Index].v4), EFI_NTOHL(Mode->SubnetMask)) &&
+               ((NewFilter->Filters & EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP) != 0)) {
       NeedPromiscuous = TRUE;
     }
   }
@@ -1987,9 +1999,7 @@ EfiPxeBcSetStationIP (
     return EFI_INVALID_PARAMETER;
   }
 
-  if (NewStationIp != NULL &&
-      (!NetIp4IsUnicast (NTOHL (NewStationIp->Addr[0]), 0) &&
-       !NetIp6IsValidUnicast (&NewStationIp->v6))) {
+  if (NewStationIp != NULL && !NetIp6IsValidUnicast (&NewStationIp->v6)) {
     return EFI_INVALID_PARAMETER;
   }
 
@@ -2003,6 +2013,10 @@ EfiPxeBcSetStationIP (
     return EFI_INVALID_PARAMETER;
   }
 
+  if (!Mode->UsingIpv6 && NewStationIp != NULL && !NetIp4IsUnicast (NTOHL (NewStationIp->Addr[0]), NTOHL (NewSubnetMask->Addr[0]))) {
+    return EFI_INVALID_PARAMETER;
+  }
+
   if (!Mode->Started) {
     return EFI_NOT_STARTED;
   }
diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c b/NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c
index 3ea9518..00c652d 100644
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c
@@ -258,7 +258,9 @@ PxeBcIcmpErrorDpcHandle (
   }
 
   if (EFI_IP4 (RxData->Header->SourceAddress) != 0 &&
-      !NetIp4IsUnicast (EFI_NTOHL (RxData->Header->SourceAddress), 0)) {
+      (NTOHL (Mode->SubnetMask.Addr[0]) != 0) &&
+      IP4_NET_EQUAL (NTOHL(Mode->StationIp.Addr[0]), EFI_NTOHL (RxData->Header->SourceAddress), NTOHL (Mode->SubnetMask.Addr[0])) &&
+      !NetIp4IsUnicast (EFI_NTOHL (RxData->Header->SourceAddress), NTOHL (Mode->SubnetMask.Addr[0]))) {
     //
     // The source address of the received packet should be a valid unicast address.
     //
-- 
2.7.4.windows.1

Re: [PATCH v2 3/3] NetworkPkg: Update IP4 stack drivers for classless address unicast check.

[Wu, Jiaxin]

Reviewed-By: Wu Jiaxin <jiaxin.wu@intel.com>

Best Regards!
Jiaxin

> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Fu
> Siyuan
> Sent: Thursday, October 27, 2016 6:52 PM
> To: edk2-devel@lists.01.org
> Cc: Ye, Ting <ting.ye@intel.com>; Zhang, Lubo <lubo.zhang@intel.com>; Wu,
> Jiaxin <jiaxin.wu@intel.com>
> Subject: [edk2] [PATCH v2 3/3] NetworkPkg: Update IP4 stack drivers for
> classless address unicast check.
> 
> V2 update:
> Keep the zero address and broadcast check if network mask is not available.
> 
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
> Cc: Ye Ting <ting.ye@intel.com>
> Cc: Zhang Lubo <lubo.zhang@intel.com>
> Cc: Wu Jiaxin <jiaxin.wu@intel.com>
> ---
>  NetworkPkg/IScsiDxe/IScsiConfig.c      | 16 ++++++++++----
>  NetworkPkg/TcpDxe/TcpMain.c            |  6 ++---
>  NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c    | 40 +++++++++++++++++++++++----
> -------
>  NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c |  4 +++-
>  4 files changed, 45 insertions(+), 21 deletions(-)
> 
> diff --git a/NetworkPkg/IScsiDxe/IScsiConfig.c
> b/NetworkPkg/IScsiDxe/IScsiConfig.c
> index 16a90a6..57571ad 100644
> --- a/NetworkPkg/IScsiDxe/IScsiConfig.c
> +++ b/NetworkPkg/IScsiDxe/IScsiConfig.c
> @@ -164,7 +164,10 @@ IpIsUnicast (
>    )
>  {
>    if (IpMode == IP_MODE_IP4) {
> -    return NetIp4IsUnicast (NTOHL (Ip->Addr[0]), 0);
> +    if (IP4_IS_UNSPECIFIED (NTOHL (Ip->Addr[0])) ||
> IP4_IS_LOCAL_BROADCAST (NTOHL (Ip->Addr[0])))   {
> +      return FALSE;
> +    }
> +    return TRUE;
>    } else if (IpMode == IP_MODE_IP6) {
>      return NetIp6IsValidUnicast (&Ip->v6);
>    } else {
> @@ -2349,7 +2352,9 @@ IScsiFormCallback (
> 
>      case KEY_LOCAL_IP:
>        Status = NetLibStrToIp4 (IfrNvData->LocalIp, &HostIp.v4);
> -      if (EFI_ERROR (Status) || !NetIp4IsUnicast (NTOHL (HostIp.Addr[0]), 0)) {
> +      if (EFI_ERROR (Status) ||
> +          ((Private->Current->SessionConfigData.SubnetMask.Addr[0] != 0) &&
> +           !NetIp4IsUnicast (NTOHL (HostIp.Addr[0]),
> + NTOHL(*(UINT32*)Private->Current->SessionConfigData.SubnetMask.Addr)))
> + ) {
>          CreatePopUp (
>            EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>            &Key,
> @@ -2383,7 +2388,10 @@ IScsiFormCallback (
> 
>      case KEY_GATE_WAY:
>        Status = NetLibStrToIp4 (IfrNvData->Gateway, &Gateway.v4);
> -      if (EFI_ERROR (Status) || ((Gateway.Addr[0] != 0) && !NetIp4IsUnicast
> (NTOHL (Gateway.Addr[0]), 0))) {
> +      if (EFI_ERROR (Status) ||
> +          ((Gateway.Addr[0] != 0) &&
> +           (Private->Current->SessionConfigData.SubnetMask.Addr[0] != 0) &&
> +           !NetIp4IsUnicast (NTOHL (Gateway.Addr[0]),
> + NTOHL(*(UINT32*)Private->Current->SessionConfigData.SubnetMask.Addr)))
> + ) {
>          CreatePopUp (
>            EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>            &Key,
> @@ -2400,7 +2408,7 @@ IScsiFormCallback (
>      case KEY_TARGET_IP:
>        UnicodeStrToAsciiStrS (IfrNvData->TargetIp, IpString, sizeof (IpString));
>        Status = IScsiAsciiStrToIp (IpString, IfrNvData->IpMode, &HostIp);
> -      if (EFI_ERROR (Status) || !IpIsUnicast (&HostIp, IfrNvData->IpMode)) {
> +      if (EFI_ERROR (Status) || IP4_IS_LOCAL_BROADCAST
> + (EFI_NTOHL(HostIp.v4)) || IP4_IS_UNSPECIFIED (EFI_NTOHL(HostIp.v4))) {
>          CreatePopUp (
>            EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>            &Key,
> diff --git a/NetworkPkg/TcpDxe/TcpMain.c b/NetworkPkg/TcpDxe/TcpMain.c
> index 96a295a..03942ee 100644
> --- a/NetworkPkg/TcpDxe/TcpMain.c
> +++ b/NetworkPkg/TcpDxe/TcpMain.c
> @@ -147,10 +147,10 @@ Tcp4Configure (
>    if (NULL != TcpConfigData) {
> 
>      CopyMem (&Ip, &TcpConfigData->AccessPoint.RemoteAddress, sizeof
> (IP4_ADDR));
> -    if ((Ip != 0) && !NetIp4IsUnicast (NTOHL (Ip), 0)) {
> +    if (IP4_IS_LOCAL_BROADCAST (NTOHL (Ip))) {
>        return EFI_INVALID_PARAMETER;
>      }
> -
> +
>      if (TcpConfigData->AccessPoint.ActiveFlag && (0 == TcpConfigData-
> >AccessPoint.RemotePort || (Ip == 0))) {
>        return EFI_INVALID_PARAMETER;
>      }
> @@ -159,7 +159,7 @@ Tcp4Configure (
> 
>        CopyMem (&Ip, &TcpConfigData->AccessPoint.StationAddress, sizeof
> (IP4_ADDR));
>        CopyMem (&SubnetMask, &TcpConfigData->AccessPoint.SubnetMask,
> sizeof (IP4_ADDR));
> -      if (!NetIp4IsUnicast (NTOHL (Ip), 0) || !IP4_IS_VALID_NETMASK (NTOHL
> (SubnetMask))) {
> +      if (!IP4_IS_VALID_NETMASK (NTOHL (SubnetMask)) ||
> + !NetIp4IsUnicast (NTOHL (Ip), NTOHL (SubnetMask))) {
>          return EFI_INVALID_PARAMETER;
>        }
>      }
> diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
> b/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
> index c7c5bd6..52095c5 100644
> --- a/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
> +++ b/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
> @@ -856,8 +856,7 @@ EfiPxeBcMtftp (
>        (BufferSize == NULL) ||
>        (ServerIp == NULL) ||
>        ((BufferPtr == NULL) && DontUseBuffer) ||
> -      ((BlockSize != NULL) && (*BlockSize < PXE_MTFTP_DEFAULT_BLOCK_SIZE))
> ||
> -      (!NetIp4IsUnicast (NTOHL (ServerIp->Addr[0]), 0) && !NetIp6IsValidUnicast
> (&ServerIp->v6))) {
> +      ((BlockSize != NULL) && (*BlockSize <
> + PXE_MTFTP_DEFAULT_BLOCK_SIZE))) {
>      return EFI_INVALID_PARAMETER;
>    }
> 
> @@ -867,6 +866,16 @@ EfiPxeBcMtftp (
>    Mode      = Private->PxeBc.Mode;
> 
>    if (Mode->UsingIpv6) {
> +    if (!NetIp6IsValidUnicast (&ServerIp->v6)) {
> +      return EFI_INVALID_PARAMETER;
> +    }
> +  } else {
> +    if (IP4_IS_UNSPECIFIED (NTOHL (ServerIp->Addr[0])) ||
> IP4_IS_LOCAL_BROADCAST (NTOHL (ServerIp->Addr[0])))   {
> +      return EFI_INVALID_PARAMETER;
> +    }
> +  }
> +
> +  if (Mode->UsingIpv6) {
>      //
>      // Set configuration data for Mtftp6 instance.
>      //
> @@ -1076,7 +1085,7 @@ EfiPxeBcUdpWrite (
>      DoNotFragment = TRUE;
>    }
> 
> -  if (!Mode->UsingIpv6 && GatewayIp != NULL && !NetIp4IsUnicast (NTOHL
> (GatewayIp->Addr[0]), 0)) {
> +  if (!Mode->UsingIpv6 && GatewayIp != NULL && !NetIp4IsUnicast (NTOHL
> + (GatewayIp->Addr[0]), EFI_NTOHL(Mode->SubnetMask))) {
>      //
>      // Gateway is provided but it's not a unicast IPv4 address, while it will be
> ignored for IPv6.
>      //
> @@ -1587,13 +1596,16 @@ EfiPxeBcSetIpFilter (
>        //
>        return EFI_INVALID_PARAMETER;
>      }
> -    if ((NewFilter->Filters & EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP) != 0
> &&
> -        (NetIp4IsUnicast (EFI_IP4 (NewFilter->IpList[Index].v4), 0) ||
> -         NetIp6IsValidUnicast (&NewFilter->IpList[Index].v6))) {
> -      //
> -      // If EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP is set and IPv4/IPv6
> address
> -      // is in IpList, promiscuous mode is needed.
> -      //
> +    if (Mode->UsingIpv6) {
> +      if ((NewFilter->Filters & EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP) != 0
> &&
> +          NetIp6IsValidUnicast (&NewFilter->IpList[Index].v6)) {
> +        NeedPromiscuous = TRUE;
> +      }
> +    } else if ((EFI_NTOHL(Mode->StationIp) != 0) &&
> +               (EFI_NTOHL(Mode->SubnetMask) != 0) &&
> +               IP4_NET_EQUAL(EFI_NTOHL(Mode->StationIp),
> EFI_NTOHL(NewFilter->IpList[Index].v4), EFI_NTOHL(Mode->SubnetMask.v4))
> &&
> +               NetIp4IsUnicast (EFI_IP4 (NewFilter->IpList[Index].v4),
> EFI_NTOHL(Mode->SubnetMask)) &&
> +               ((NewFilter->Filters &
> + EFI_PXE_BASE_CODE_IP_FILTER_STATION_IP) != 0)) {
>        NeedPromiscuous = TRUE;
>      }
>    }
> @@ -1987,9 +1999,7 @@ EfiPxeBcSetStationIP (
>      return EFI_INVALID_PARAMETER;
>    }
> 
> -  if (NewStationIp != NULL &&
> -      (!NetIp4IsUnicast (NTOHL (NewStationIp->Addr[0]), 0) &&
> -       !NetIp6IsValidUnicast (&NewStationIp->v6))) {
> +  if (NewStationIp != NULL && !NetIp6IsValidUnicast
> + (&NewStationIp->v6)) {
>      return EFI_INVALID_PARAMETER;
>    }
> 
> @@ -2003,6 +2013,10 @@ EfiPxeBcSetStationIP (
>      return EFI_INVALID_PARAMETER;
>    }
> 
> +  if (!Mode->UsingIpv6 && NewStationIp != NULL && !NetIp4IsUnicast (NTOHL
> (NewStationIp->Addr[0]), NTOHL (NewSubnetMask->Addr[0]))) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
>    if (!Mode->Started) {
>      return EFI_NOT_STARTED;
>    }
> diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c
> b/NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c
> index 3ea9518..00c652d 100644
> --- a/NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c
> +++ b/NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c
> @@ -258,7 +258,9 @@ PxeBcIcmpErrorDpcHandle (
>    }
> 
>    if (EFI_IP4 (RxData->Header->SourceAddress) != 0 &&
> -      !NetIp4IsUnicast (EFI_NTOHL (RxData->Header->SourceAddress), 0)) {
> +      (NTOHL (Mode->SubnetMask.Addr[0]) != 0) &&
> +      IP4_NET_EQUAL (NTOHL(Mode->StationIp.Addr[0]), EFI_NTOHL (RxData-
> >Header->SourceAddress), NTOHL (Mode->SubnetMask.Addr[0])) &&
> +      !NetIp4IsUnicast (EFI_NTOHL (RxData->Header->SourceAddress),
> + NTOHL (Mode->SubnetMask.Addr[0]))) {
>      //
>      // The source address of the received packet should be a valid unicast
> address.
>      //
> --
> 2.7.4.windows.1
> 
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel

Re: [PATCH v2 0/3] classless address network unicast check

[Ye, Ting]

Series Reviewed-by: Ye Ting <ting.ye@intel.com>

-----Original Message-----
From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Fu Siyuan
Sent: Thursday, October 27, 2016 6:52 PM
To: edk2-devel@lists.01.org
Subject: [edk2] [PATCH v2 0/3] classless address network unicast check

V2 update:
Keep the zero address and broadcast check if network mask is not available.

The classful addressing (IP class A/B/C) has been deprecated according to RFC4632. This patch updates the NetLib and network drivers for the unicast check in classless network.

Fu Siyuan (3):
  MdeModulePkg: Update NetLib interface to support classless addressing.
  MdeModulePkg: Update IP4 stack drivers for classless address unicast
    check.
  NetworkPkg: Update IP4 stack drivers for classless address unicast
    check.

 MdeModulePkg/Include/Library/IpIoLib.h             |  4 ++-
 MdeModulePkg/Include/Library/NetLib.h              | 23 ++++++++-----
 MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.c       |  9 ++++-
 MdeModulePkg/Library/DxeNetLib/DxeNetLib.c         | 26 +++++++-------
 MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c    |  4 +--
 .../Universal/Network/Dhcp4Dxe/Dhcp4Impl.c         | 28 ++-------------
 MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Io.c  |  6 +---
 .../Universal/Network/IScsiDxe/IScsiConfig.c       | 15 +++++---
 .../Universal/Network/Ip4Dxe/Ip4Config2Impl.c      |  9 +++--
 .../Universal/Network/Ip4Dxe/Ip4Config2Nv.c        | 24 ++++++-------
 MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c      |  7 +---
 .../Universal/Network/Mtftp4Dxe/Mtftp4Impl.c       |  8 ++---
 MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Main.c  |  6 ++--  MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Impl.c  |  9 +++--  MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Main.c  |  8 ++---
 .../Universal/Network/UefiPxeBcDxe/PxeBcImpl.c     | 24 ++++++++-----
 NetworkPkg/IScsiDxe/IScsiConfig.c                  | 16 ++++++---
 NetworkPkg/TcpDxe/TcpMain.c                        |  6 ++--
 NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c                | 40 +++++++++++++++-------
 NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c             |  4 ++-
 20 files changed, 146 insertions(+), 130 deletions(-)

--
2.7.4.windows.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel