From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-co1nam03on0712.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe48::712]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 690B3803FB for ; Wed, 15 Mar 2017 21:39:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=HPEnterprise.onmicrosoft.com; s=selector1-hpe-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=z+150p2Q6ORt1+wecJLQd3DPeY3A8nU2OENBsu97POg=; b=gbjIZoTiK7P+d2493GPHF5q28gqKoPtWbLnrlHVTQsowpzVvA6WpEtAbTyprSqo8MoLmceRtfx/KE/Vw6eqZoIsSczksCACetwnIT+6fyEeharqHeQ34kBQk0bNhY7D/xCIK9ZBvXgONEuC9HcqhBxZtvGLkMwIYuu1OyRqJwaE= Received: from CS1PR84MB0037.NAMPRD84.PROD.OUTLOOK.COM (10.162.189.143) by CS1PR84MB0038.NAMPRD84.PROD.OUTLOOK.COM (10.162.189.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.961.17; Thu, 16 Mar 2017 04:39:33 +0000 Received: from CS1PR84MB0037.NAMPRD84.PROD.OUTLOOK.COM ([10.162.189.143]) by CS1PR84MB0037.NAMPRD84.PROD.OUTLOOK.COM ([10.162.189.143]) with mapi id 15.01.0961.022; Thu, 16 Mar 2017 04:39:33 +0000 From: "Hegde, Nagaraj P" To: Jiaxin Wu , "edk2-devel@lists.01.org" CC: Ye Ting , Fu Siyuan Thread-Topic: [Patch] MdeModulePkg/Ip4Dxe: Add Ip/Netmask pair check for Ip4Config2 Thread-Index: AQHSnfZ0/2pUJVwnaEeKEXdAr1RfraGWyEDwgAAWloA= Date: Thu, 16 Mar 2017 04:39:33 +0000 Message-ID: References: <1489628458-16580-1-git-send-email-jiaxin.wu@intel.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=hpe.com; x-originating-ip: [15.219.195.10] x-microsoft-exchange-diagnostics: 1; CS1PR84MB0038; 7:QBtc0dIJUXJYRU5a2Ge6xAbIzp2TKK5jsubIP++KLZAEXaWvsUtJi2FX0QsDftK/i5wnIKBZR98wQC+dZy/ocILO/5APShttZcVbMIVv2GwMHPQ7Z7AlKq0pURRgnnzOB+gTeteG82I2hEyLrbLYnFCYSXqz5fUPGsm/qVkWyz9PCcNFuwJyucQuCTCNVSHuRgRaysDupUUrXQGWFaezxTm2JHp9F2+ULaVG8G+1Y+zza4j6IVTwCZJM9Ng+95tgaFM3+haBngS2yaTMDCylWwjFOOS/XiF65oNWMayCXNHlkFY/5nfRCZjHflLx4MffV46F+AcIyy/3VzrhDspdgg== x-ms-office365-filtering-correlation-id: e91d2b40-50a6-4c83-3c46-08d46c2671b0 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081); SRVR:CS1PR84MB0038; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(227479698468861)(158342451672863)(200054503718035)(162533806227266)(228905959029699); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026)(6041248)(20161123564025)(20161123560025)(20161123558025)(20161123562025)(20161123555025)(6072148); SRVR:CS1PR84MB0038; BCL:0; PCL:0; RULEID:; SRVR:CS1PR84MB0038; x-forefront-prvs: 024847EE92 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39860400002)(39410400002)(39450400003)(39850400002)(39840400002)(13464003)(377454003)(6116002)(50986999)(54356999)(3846002)(102836003)(2950100002)(8676002)(9686003)(76176999)(8936002)(81166006)(5660300001)(6246003)(16799955002)(55016002)(54906002)(53376002)(38730400002)(15188155005)(74316002)(6306002)(33656002)(966004)(2900100001)(4326008)(7696004)(122556002)(2906002)(189998001)(6506006)(305945005)(2501003)(7736002)(66066001)(77096006)(3280700002)(53936002)(6436002)(3660700001)(229853002)(53546007)(86362001)(19627235001); DIR:OUT; SFP:1102; SCL:1; SRVR:CS1PR84MB0038; H:CS1PR84MB0037.NAMPRD84.PROD.OUTLOOK.COM; FPR:; SPF:None; MLV:sfv; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: hpe.com X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Mar 2017 04:39:33.6764 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 105b2061-b669-4b31-92ac-24d304d195dc X-MS-Exchange-Transport-CrossTenantHeadersStamped: CS1PR84MB0038 Subject: Re: [Patch] MdeModulePkg/Ip4Dxe: Add Ip/Netmask pair check for Ip4Config2 X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Mar 2017 04:39:35 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable We need to handle the case of DHCP server serving with a subnet of 0.0.0.0= . When we set the Policy to Dhcp, we enter into Ip4Config2OnPolicyChanged, = which calls Ip4StartAutoConfig. Here we configure DHCP and we queue up Ip4C= onfig2OnDhcp4Complete to be called once DHCP is complete. In Ip4Config2OnDh= cp4Complete, we call Ip4Config2SetDefaultIf, which calls Ip4Config2SetDefau= ltAddr, where we call Ip4SetAddress. Ip4SetAddress has a similar check as I= p4Config2SetMaunualAddress: Len =3D NetGetMaskLength (SubnetMask); if (Len =3D=3D IP4_MASK_NUM) { return EFI_INVALID_PARAMETER; } Shouldn't this also be updated?=20 Regards, Nagaraj. -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Hegd= e, Nagaraj P Sent: Thursday, March 16, 2017 8:43 AM To: Jiaxin Wu ; edk2-devel@lists.01.org Cc: Ye Ting ; Fu Siyuan Subject: Re: [edk2] [Patch] MdeModulePkg/Ip4Dxe: Add Ip/Netmask pair check = for Ip4Config2 Reviewed-by: Hegde, Nagaraj P -----Original Message----- From: Jiaxin Wu [mailto:jiaxin.wu@intel.com] Sent: Thursday, March 16, 2017 7:11 AM To: edk2-devel@lists.01.org Cc: Hegde, Nagaraj P ; Subramanian, Sriram ; Ye Ting ; Fu Siyuan ; = Wu Jiaxin Subject: [Patch] MdeModulePkg/Ip4Dxe: Add Ip/Netmask pair check for Ip4Conf= ig2 Ip4config2 manual address setting doesn't check the validity of Ip/Netmask = pair, which leads to the invalid combination of Ip and Netmask setting. Thi= s patch is to resolve this issue. Cc: Hegde Nagaraj P Cc: Subramanian Sriram Cc: Ye Ting Cc: Fu Siyuan Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Wu Jiaxin --- MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Common.c | 62 ++++++++++++++++++= +++- MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Common.h | 21 +++++++- .../Universal/Network/Ip4Dxe/Ip4Config2Impl.c | 5 +- MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c | 62 +-----------------= ---- 4 files changed, 86 insertions(+), 64 deletions(-) diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Common.c b/MdeModuleP= kg/Universal/Network/Ip4Dxe/Ip4Common.c index 004a8bc..7c7d182 100644 --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Common.c +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Common.c @@ -1,8 +1,8 @@ /** @file =20 -Copyright (c) 2005 - 2014, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2017, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made availab= le under the terms and conditions of the BSD License which accompanies thi= s distribution. The full text of the license may be found at http://opens= ource.org/licenses/bsd-license.php =20 @@ -265,5 +265,65 @@ Ip4NtohHead ( Head->Src =3D NTOHL (Head->Src); Head->Dst =3D NTOHL (Head->Dst); =20 return Head; } + + +/** + Validate that Ip/Netmask pair is OK to be used as station + address. Only continuous netmasks are supported. and check + that StationAddress is a unicast address on the newtwork. + + @param[in] Ip The IP address to validate. + @param[in] Netmask The netmaks of the IP. + + @retval TRUE The Ip/Netmask pair is valid. + @retval FALSE The Ip/Netmask pair is invalid. + +**/ +BOOLEAN +Ip4StationAddressValid ( + IN IP4_ADDR Ip, + IN IP4_ADDR Netmask + ) +{ + IP4_ADDR NetBrdcastMask; + INTN Len; + INTN Type; + + // + // Only support the station address with 0.0.0.0/0 to enable DHCP client= . + // + if (Netmask =3D=3D IP4_ALLZERO_ADDRESS) { + return (BOOLEAN) (Ip =3D=3D IP4_ALLZERO_ADDRESS); } + + // + // Only support the continuous net masks // if ((Len =3D=20 + NetGetMaskLength (Netmask)) =3D=3D (IP4_MASK_MAX + 1)) { + return FALSE; + } + + // + // Station address can't be class D or class E address // if ((Type=20 + =3D NetGetIpClass (Ip)) > IP4_ADDR_CLASSC) { + return FALSE; + } + + // + // Station address can't be subnet broadcast/net broadcast address // =20 + if ((Ip =3D=3D (Ip & Netmask)) || (Ip =3D=3D (Ip | ~Netmask))) { + return FALSE; + } + + NetBrdcastMask =3D gIp4AllMasks[MIN (Len, Type << 3)]; + + if (Ip =3D=3D (Ip | ~NetBrdcastMask)) { + return FALSE; + } + + return TRUE; +} \ No newline at end of file diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Common.h b/MdeModuleP= kg/Universal/Network/Ip4Dxe/Ip4Common.h index d38857c..9689f37 100644 --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Common.h +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Common.h @@ -1,9 +1,9 @@ /** @file Common definition for IP4. =20 -Copyright (c) 2005 - 2014, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2017, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made availab= le under the terms and conditions of the BSD License which accompanies thi= s distribution. The full text of the license may be found at http://opens= ource.org/licenses/bsd-license.php =20 @@ -199,6 +199,25 @@ Ip4GetMulticastMac ( IP4_HEAD * Ip4NtohHead ( IN IP4_HEAD *Head ); =20 + +/** + Validate that Ip/Netmask pair is OK to be used as station + address. Only continuous netmasks are supported. and check + that StationAddress is a unicast address on the newtwork. + + @param[in] Ip The IP address to validate. + @param[in] Netmask The netmaks of the IP. + + @retval TRUE The Ip/Netmask pair is valid. + @retval FALSE The Ip/Netmask pair is invalid. + +**/ +BOOLEAN +Ip4StationAddressValid ( + IN IP4_ADDR Ip, + IN IP4_ADDR Netmask + ); + #endif diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c b/MdeMo= dulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c index 6c7ac68..a5191d1 100644 --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c @@ -1250,11 +1250,14 @@ Ip4Config2SetMaunualAddress ( NewAddress =3D *((EFI_IP4_CONFIG2_MANUAL_ADDRESS *) Data); =20 StationAddress =3D EFI_NTOHL (NewAddress.Address); SubnetMask =3D EFI_NTOHL (NewAddress.SubnetMask); =20 - if (NetGetMaskLength (SubnetMask) =3D=3D IP4_MASK_NUM) { + // + // Check whether the StationAddress/SubnetMask pair is valid. + // + if (!Ip4StationAddressValid (StationAddress, SubnetMask)) { return EFI_INVALID_PARAMETER; } =20 // // Store the new data, and init the DataItem status to EFI_NOT_READY bec= ause diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c b/MdeModu= lePkg/Universal/Network/Ip4Dxe/Ip4Impl.c index 91f1a67..5aa3ea1 100644 --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c @@ -1,8 +1,8 @@ /** @file =20 -Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2017, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made availab= le under the terms and conditions of the BSD License which accompanies thi= s distribution. The full text of the license may be found at http://opens= ource.org/licenses/bsd-license.php =20 @@ -808,70 +808,10 @@ Ip4CleanProtocol ( return EFI_SUCCESS; } =20 =20 /** - Validate that Ip/Netmask pair is OK to be used as station - address. Only continuous netmasks are supported. and check - that StationAddress is a unicast address on the newtwork. - - @param[in] Ip The IP address to validate. - @param[in] Netmask The netmaks of the IP. - - @retval TRUE The Ip/Netmask pair is valid. - @retval FALSE The Ip/Netmask pair is invalid. - -**/ -BOOLEAN -Ip4StationAddressValid ( - IN IP4_ADDR Ip, - IN IP4_ADDR Netmask - ) -{ - IP4_ADDR NetBrdcastMask; - INTN Len; - INTN Type; - - // - // Only support the station address with 0.0.0.0/0 to enable DHCP client= . - // - if (Netmask =3D=3D IP4_ALLZERO_ADDRESS) { - return (BOOLEAN) (Ip =3D=3D IP4_ALLZERO_ADDRESS); - } - - // - // Only support the continuous net masks - // - if ((Len =3D NetGetMaskLength (Netmask)) =3D=3D (IP4_MASK_MAX + 1)) { - return FALSE; - } - - // - // Station address can't be class D or class E address - // - if ((Type =3D NetGetIpClass (Ip)) > IP4_ADDR_CLASSC) { - return FALSE; - } - - // - // Station address can't be subnet broadcast/net broadcast address - // - if ((Ip =3D=3D (Ip & Netmask)) || (Ip =3D=3D (Ip | ~Netmask))) { - return FALSE; - } - - NetBrdcastMask =3D gIp4AllMasks[MIN (Len, Type << 3)]; - - if (Ip =3D=3D (Ip | ~NetBrdcastMask)) { - return FALSE; - } - - return TRUE; -} - - -/** Assigns an IPv4 address and subnet mask to this EFI IPv4 Protocol driver= instance. =20 The Configure() function is used to set, change, or reset the operationa= l parameters and filter settings for this EFI IPv4 Protocol instance. Unti= l these parameters have been set, no network traffic can be sent or received by = this -- 1.9.5.msysgit.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel