| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
When bringing in the series 'arm: dts: am62-beagleplay: Fix Beagleplay
Ethernet"' I failed to notice that b4 noticed it was based on next and
so took that as the base commit and merged that part of next to master.
This reverts commit c8ffd1356d42223cbb8c86280a083cc3c93e6426, reversing
changes made to 2ee6f3a5f7550de3599faef9704e166e5dcace35.
Reported-by: Jonas Karlman <jonas@kwiboo.se>
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Remove <common.h> from all "net/" files and when needed add
missing include files directly.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
The NFS protocol uses file handles to refer to file or directory.
In NFSv2 file handles have a fixed size of 32 bytes.
In NFSv3 file handles have a variable length up to 64 bytes. This is
also true for the MOUNT protocol. [1]
When the NFSv3 server replies with a file handle length > 32 bytes, U-Boot
only copies 32 bytes of that file handle and the next LOOKUP Call fails:
BIOS> nfs ${loadaddr} 192.168.1.51:/nfsroot/opos93dev-br/boot/Image
Using ethernet@428a0000 device
File transfer via NFS from server 192.168.1.51; our IP address is 192.168.1.133
Filename '/nfsroot/opos93dev-br/boot/Image'.
Load address: 0x80400000
Loading: *** ERROR: File lookup fail
done
BIOS>
Looking at this transfer in Wireshark, we can see that the server
replies with the following file handle:
length: 36
[hash (CRC-32): 0x230ac67b]
FileHandle: 0100070101005e000000000091763911f87c449fa73c298552db19ba0c9f60002980cfd2
and U-Boot sends the following file handle in the next LOOKUP Call:
length: 32
[hash (CRC-32): 0x6314131b]
FileHandle: 000000240100070101005e000000000091763911f87c449fa73c298552db19ba
Fix this by using a variable length file handle for dirfh.
[1] https://www.rfc-editor.org/rfc/rfc1813.html#page-106
Fixes: b0baca982048 ("net: NFS: Add NFSv3 support")
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Tested-by: Andrew Davis <afd@ti.com>
|
|
NFSv1 support added by Christian Gmeiner, Thomas Rienoessl,
September 27, 2018. As of now, NFSv3 is the default choice.
if the server does not support NFSv3, we fall back to
versions 2 or 1.
Signed-off-by: Thomas RIENOESSL <thomas.rienoessl@bachmann.info>
|
|
Signed-off-by: Thomas RIENOESSL <thomas.rienoessl@bachmann.info>
|
|
Signed-off-by: Thomas RIENOESSL <thomas.rienoessl@bachmann.info>
|
|
Prep. work to support nfs v1.
Signed-off-by: Thomas RIENOESSL <thomas.rienoessl@bachmann.info>
|
|
Move this out of the common header and include it only where needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
A large number of files include <flash.h> as it used to be how various
SPI flash related functions were found, or for other reasons entirely.
In order to migrate some further CONFIG symbols to Kconfig we need to
not include flash.h in cases where we don't have a NOR flash of some
sort enabled. Furthermore, in cases where we are in common code and it
doesn't make sense to try and further refactor the code itself in to new
files we need to guard this inclusion.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
This patch mitigates the vulnerability identified via CVE-2019-14196.
The previous patch was bypassed/ineffective, and now the vulnerability
is identified via CVE-2022-30767. The patch removes the sanity check
introduced to mitigate CVE-2019-14196 since it's ineffective.
filefh3_length is changed to unsigned type integer, preventing negative
numbers from being used during comparison with positive values during
size sanity checks.
Signed-off-by: Andrea zi0Black Cappa <zi0Black@protonmail.com>
|
|
This converts the following to Kconfig:
CONFIG_NFS_TIMEOUT
Cc: Ramon Fried <rfried.dev@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Move this header out of the common header.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
These three globals relate to image handling. Move them to the image
header file.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
These global variables are quite short and generic. In fact the same name
is more often used locally for struct members and function arguments.
Add a image_ prefix to make them easier to distinguish.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This function belongs more in flash.h than common.h so move it.
Also remove the space before the bracket in some calls.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This function belongs in time.h so move it over and add a comment.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
|
|
rpc_pkt.u.call.data is an array of uint32_t. There is no need to convert
it to uint32_t *.
memcpy() expects void * as it 1st and 2nd argument. There is no point in
converting pointers to char * before passing them to memcpy().
In ntohl(data[1]) != 0 calling ntohl() is superfluous. If the value is
zero, does not depend on the byte order.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
nfs_lookup_reply
This patch adds a check to rpc_pkt.u.reply.data at nfs_lookup_reply.
Signed-off-by: Cheng Liu <liucheng32@huawei.com>
Reported-by: Fermín Serna <fermin@semmle.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
nfs_readlink_reply
This patch adds a check to rpc_pkt.u.reply.data at nfs_readlink_reply.
Signed-off-by: Cheng Liu <liucheng32@huawei.com>
Reported-by: Fermín Serna <fermin@semmle.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
length check at nfs_read_reply
This patch adds a check to rpc_pkt.u.reply.data at nfs_read_reply.
Signed-off-by: Cheng Liu <liucheng32@huawei.com>
Reported-by: Fermín Serna <fermin@semmle.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
functions
This patch adds a check to nfs_handler to fix buffer overflow for CVE-2019-14197,
CVE-2019-14200, CVE-2019-14201, CVE-2019-14202, CVE-2019-14203 and CVE-2019-14204.
Signed-off-by: Cheng Liu <liucheng32@huawei.com>
Reported-by: Fermín Serna <fermin@semmle.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
The same basic parsing was implemented in tftp and nfs, so add a helper
function to do the work once.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
nfs was only printing basic info about the transfer in the case of a
DEBUG build. Print the same level of detail as tftp always.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
The check for sending to the gateway was not using the correct variable
for comparison, so it was reporting that packets are sent to the gateway
when they were not.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
That can happen if duplicate UDP packet arrived, and that's not uncommon.
Anyway, we ignore packets with rpc_id lower than last we sent for other
requests, so it makes sense to do that for read request as well.
Signed-off-by: Vasily Khoruzhick <anarsoul@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
This reverts commit 998372b4798fd7ebb666f571950df925b8d80f69.
This caused a data abort on some platform.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Reported-by: Guillaume GARDET <guillaume.gardet@free.fr>
|
|
We use an empty hostname, so remove all the "processing" of the
known-to-be-empty hostname and just write 0's where needed.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
Instead of always allocating a huge temporary buffer on the stack and
then memcpy()ing the result into the transmit buffer, simply figure out
where in the transmit buffer the bytes will belong and write them there
directly as each message is built.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
Much of the information is verbose and derived directly from the
environment. Only output in debug mode. This also saves about 300 bytes
from the code size.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
Use the same name throughout the nfs code and use the same member of the
union to avoid casts.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
The buffer is of 32-bit elements, not bytes.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
Instead of repeating the same large snippet for dealing with attributes
it should be shared with a helper function.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
Fix complaints from checkpatch.pl.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
The v3 handles can be larger than v2, but that doesn't mean we need a
separate buffer. Reuse the same (larger) buffer for both.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
This patch enables NFSv3 support.
If NFSv2 is available use it as usual.
If NFSv2 is not available, but NFSv3 is available, use NFSv3.
If NFSv2 and NFSv3 are not available, print an error message since NFSv4 is not supported.
Tested on iMX6 sabrelite with 4 Linux NFS servers:
* NFSv2 + NFSv3 + NFSv4 server: use NFSv2 protocol
* NFSv2 + NFSv3 server: use NFSv2 protocol
* NFSv3 + NFSv4 server: use NFSv3 protocol
* NFSv3 server: use NFSv3 protocol
Signed-off-by: Guillaume GARDET <guillaume.gardet@free.fr>
Cc: Tom Rini <trini@konsulko.com>
Cc: joe.hershberger@ni.com
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
There is no reason to store the default filename in a separate buffer
only to immediately copy it to the main name buffer. Just write it there
directly and remove the other buffer.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
This patch fixes incorrect RPC packet layout caused by
'long' type size difference on 64 and 32-bit architectures.
Signed-off-by: Ralf Hubert <r.hubert@technisat.de>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
server
Signed-off-by: Guillaume GARDET <guillaume.gardet@free.fr>
Cc: joe.hershberger@ni.com
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
Finish eliminating CamelCase from net.c and other failures
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Acked-by: Simon Glass <sjg@chromium.org>
|
|
Make a thorough pass through all variables and function names contained
within nfs.c and remove CamelCase and improve naming.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Acked-by: Simon Glass <sjg@chromium.org>
|
|
This patch cleans up the names of internal packet buffer names that are
used within the network stack and the functions that use them.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
Use "_ethaddr" at the end of variables and drop CamelCase.
Make constant values actually 'const'.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Acked-by: Simon Glass <sjg@chromium.org>
|
|
The variables around the bootfile were inconsistent and used CamelCase.
Update them to make the code more readable.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Acked-by: Simon Glass <sjg@chromium.org>
|
|
This patch is simply clean-up to make the IPv4 type that is used match
what Linux uses. It also attempts to move all variables that are IP
addresses use good naming instead of CamelCase. No functional change.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Acked-by: Simon Glass <sjg@chromium.org>
|
|
Previously the net functions would access memory assuming physmem did
not need to be mapped. In sandbox, that's not the case.
Now we map the physmem specified by the user in loadaddr to the buffer
that represents that space.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
This patch tackles the time out problem which leads to break the
boot process, when loading file over nfs. The patch does two things.
First of all, we just ignore messages that arrive with a rpc_id smaller
then the client id. We just interpret this messages as answers to
formaly timed out messages.
Second, when a time out occurs we double the time to wait, so that we
do not stress the server resending the last message.
Signed-off-by: Matthias Brugger <matthias.bgg@gmail.com>
Tested-by: Enric Balletbo i Serra <eballetbo@gmail.com>
|
|
NFS_TIMEOUT is constant value defined in net/nfs.c. But sometimes it needs to adjust.
This patch enables to override NFS_TIMEOUT by defining CONFIG_NFS_TIMEOUT in a board specific config file.
Signed-off-by: Tetsuyuki Kobayashi <koba@kmckk.co.jp>
|
|
Call a built-in dummy if none is registered... don't require
protocols to register a handler (eliminating dummies)
NetConsole now uses the ARP handler when waiting on arp
(instead of needing a #define hack in arp.c)
Clear handlers at the end of net loop
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Acked-by: Simon Glass <sjg@chromium.org>
|
|
Changes to NetState now go through an accessor function called
net_set_state()
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
|
|
Rename IP header related things to IP_UDP. The existing definition
of IP_t includes UDP header, so name it to accurately describe the
structure.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
|
