[edk2] [Patch] MdeModulePkg: Fix IPv4 stack potential disappeared issue
IP4_CONFIG2_INSTANCE->DataItem is used to save the configuration data to NV variable. When the policy is changed from static to DHCP, DnsServers info will be cleaned from DataItem first (See Ip4Config2SetPolicy), it's correct because DnsServers info should not be saved to NV variable. But if there is any DnsServers info received from DHCP message, it will be reset to DataItem again (See Ip4Config2SetDnsServerWorker), which may cause the NV variable contain the DnsServers info while the policy is DHCP (See Ip4Config2WriteConfigData). Then, while the platform is reset, the issue happened. Because Ip4Config2DataTypeDnsServer is set under DHCP policy, which is not allowed by UEFI Spec and error returned. This patch is used to resolve this potential issue. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c | 12 +++- MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.h | 1 + MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c | 4 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c index 028c61d..f91a935 100644 --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c @@ -1058,11 +1058,10 @@ Ip4Config2GetIfInfo ( IN IP4_CONFIG2_INSTANCE *Instance, IN OUT UINTN*DataSize, IN VOID *Data OPTIONAL ) { - IP4_SERVICE*IpSb; UINTN Length; IP4_CONFIG2_DATA_ITEM *Item; EFI_IP4_CONFIG2_INTERFACE_INFO *IfInfo; IP4_ADDR Address; @@ -1177,10 +1176,11 @@ Ip4Config2SetPolicy ( FreePool (DataItem->Data.Ptr); } DataItem->Data.Ptr = NULL; DataItem->DataSize = 0; DataItem->Status = EFI_NOT_FOUND; + SET_DATA_ATTRIB (DataItem->Attribute, DATA_ATTRIB_VOLATILE); NetMapIterate (>EventMap, Ip4Config2SignalEvent, NULL); } else { // // The policy is changed from dhcp to static. Stop the DHCPv4 process // and destroy the DHCPv4 child. @@ -1457,14 +1457,24 @@ Ip4Config2SetDnsServer ( IN IP4_CONFIG2_INSTANCE *Instance, IN UINTNDataSize, IN VOID *Data ) { + IP4_CONFIG2_DATA_ITEM *Item; + + Item = NULL; + if (Instance->Policy != Ip4Config2PolicyStatic) { return EFI_WRITE_PROTECTED; } + Item = >DataItem[Ip4Config2DataTypeDnsServer]; + + if (DATA_ATTRIB_SET (Item->Attribute, DATA_ATTRIB_VOLATILE)) { +REMOVE_DATA_ATTRIB (Item->Attribute, DATA_ATTRIB_VOLATILE); + } + return Ip4Config2SetDnsServerWorker (Instance, DataSize, Data); } /** Generate the operational state of the interface this IP4 config2 instance manages diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.h b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.h index b2665bd..b6da11f 100644 --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.h +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.h @@ -25,10 +25,11 @@ #define DATA_ATTRIB_SIZE_FIXED 0x1 #define DATA_ATTRIB_VOLATILE0x2 #define DATA_ATTRIB_SET(Attrib, Bits) (BOOLEAN)((Attrib) & (Bits)) #define SET_DATA_ATTRIB(Attrib, Bits) ((Attrib) |= (Bits)) +#define REMOVE_DATA_ATTRIB(Attrib, Bits)((Attrib) &= (~Bits)) typedef struct _IP4_CONFIG2_INSTANCE IP4_CONFIG2_INSTANCE; #define IP4_CONFIG2_INSTANCE_FROM_PROTOCOL(Proto) \ CR ((Proto), \ diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c index fcd3ccb..20bc21f 100644 --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c @@ -596,10 +596,14 @@ Ip4DriverBindingStart ( DataItem->Data.Ptr ); if (EFI_ERROR(Status)) { goto UNINSTALL_PROTOCOL; } + + if (Index == Ip4Config2DataTypePolicy && (*(DataItem->Data.Policy) == Ip4Config2PolicyDhcp)) { +break; + } } } // // Ready to go: start the receiving and timer. -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] NetworkPkg: Avoid potential NULL pointer dereference
The commit of 6b16c9e7 removes ASSERT and use error handling in IpSecDxe driver, but may cause the potential NULL pointer dereference. So, this patch is used to avoid NULL pointer dereference. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/IpSecDxe/IkePacket.c | 6 +- NetworkPkg/IpSecDxe/Ikev2/ChildSa.c | 19 ++-- NetworkPkg/IpSecDxe/Ikev2/Exchange.c | 10 ++- NetworkPkg/IpSecDxe/Ikev2/Payload.c | 3 + NetworkPkg/IpSecDxe/Ikev2/Sa.c | 163 ++- 5 files changed, 188 insertions(+), 13 deletions(-) diff --git a/NetworkPkg/IpSecDxe/IkePacket.c b/NetworkPkg/IpSecDxe/IkePacket.c index 8fd395d..d5a938e 100644 --- a/NetworkPkg/IpSecDxe/IkePacket.c +++ b/NetworkPkg/IpSecDxe/IkePacket.c @@ -1,9 +1,9 @@ /** @file IKE Packet related operation. - Copyright (c) 2010, Intel Corporation. All rights reserved. + Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -201,11 +201,13 @@ IkeNetbufFromPacket ( // // Convert Host order to Network order for IKE_PACKET header and payloads // Encryption payloads if needed // if (((IKEV2_SESSION_COMMON *) SessionCommon)->IkeVer == 2) { - Ikev2EncodePacket ((IKEV2_SESSION_COMMON *) SessionCommon, IkePacket, IkeType); + if (EFI_ERROR (Ikev2EncodePacket ((IKEV2_SESSION_COMMON *) SessionCommon, IkePacket, IkeType))) { +return NULL; + } } else { // //If IKEv1 support, check it here. // return NULL; diff --git a/NetworkPkg/IpSecDxe/Ikev2/ChildSa.c b/NetworkPkg/IpSecDxe/Ikev2/ChildSa.c index d3859e2..1f0199b 100644 --- a/NetworkPkg/IpSecDxe/Ikev2/ChildSa.c +++ b/NetworkPkg/IpSecDxe/Ikev2/ChildSa.c @@ -1,9 +1,9 @@ /** @file The operations for Child SA. - Copyright (c) 2010, Intel Corporation. All rights reserved. + Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -37,22 +37,25 @@ Ikev2CreateChildGenerator ( IKEV2_CHILD_SA_SESSION *ChildSaSession; IKEV2_SA_SESSION*IkeSaSession; IKE_PACKET *IkePacket; IKE_PAYLOAD *NotifyPayload; UINT32 *MessageId; + + NotifyPayload = NULL; + MessageId = NULL; ChildSaSession = (IKEV2_CHILD_SA_SESSION *) SaSession; - IkePacket = IkePacketAlloc(); - MessageId = NULL; - - if (IkePacket == NULL) { + if (ChildSaSession == NULL) { return NULL; } - if (ChildSaSession == NULL) { + + IkePacket = IkePacketAlloc(); + if (IkePacket == NULL) { return NULL; } + if (Context != NULL) { MessageId = (UINT32 *) Context; } IkePacket->Header->Version = (UINT8) (2 << 4); @@ -111,10 +114,14 @@ Ikev2CreateChildGenerator ( IKEV2_NOTIFICATION_NO_ADDITIONAL_SAS, NULL, NULL, 0 ); + if (NotifyPayload == NULL) { +IkePacketFree (IkePacket); +return NULL; + } IKE_PACKET_APPEND_PAYLOAD (IkePacket, NotifyPayload); // // TODO: Support the CREATE_CHILD_SA exchange. // diff --git a/NetworkPkg/IpSecDxe/Ikev2/Exchange.c b/NetworkPkg/IpSecDxe/Ikev2/Exchange.c index 9d58ab0a..1eddbfb 100644 --- a/NetworkPkg/IpSecDxe/Ikev2/Exchange.c +++ b/NetworkPkg/IpSecDxe/Ikev2/Exchange.c @@ -1,9 +1,9 @@ /** @file The general interfaces of the IKEv2. - Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved. + Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -493,10 +493,14 @@ Ikev2HandleSa ( // ASSERT (IsListEmpty (>ChildSaSessionList) && IsListEmpty (>ChildSaEstablishSessionList)); ChildSaSession = Ikev2ChildSaSessionCreate (IkeSaSession, UdpService); +if (ChildSaSession == NULL) { + goto ON_ERROR; +} + ChildSaCommon = >SessionCommon; } // // Parse the IKE request packet according t
[edk2] [Patch] MdeModulePkg: Fix the wrong IpSb->State update
This patch is used to fix the wrong IpSb->State update issue. Issue reproduce steps: 1 .First PXE boot, then boot to shell; 2. ifconfig -s eth0 dhcp (Success); 3. Reboot and do PXE, then boot to shell; 4. ifconfig -s eth0 dhcp (Platform failed to get IP address no matter how many times retried.) Root cause: On step3 reboot, policy is DHCP (Changed by step2). So, Ip4Dxe driver will try to get one IP address from DHCP server automatically. Before it get the IP address successfully, the IpSb->State will be always in IP4_SERVICE_STARTED status until the Instance->Dhcp4Event is triggered, then it can be changed to IP4_SERVICE_CONFIGED. But the DHCP process will be interrupted by PXE boot, which will change the policy to static, and the Instance->Dhcp4Event will be also closed directly. However, current implementation doesn't update the IpSb->State to IP4_SERVICE_UNSTARTED status in such case. So, failure happened. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Ryan Harkin <ryan.har...@linaro.org> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c index d0fa132..10d7181 100644 --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c @@ -140,11 +140,11 @@ Ip4Config2OnPolicyChanged ( IpSb->DefaultInterface = IpIf; InsertHeadList (>Interfaces, >Link); IpSb->DefaultRouteTable = RouteTable; Ip4ReceiveFrame (IpIf, NULL, Ip4AccpetFrame, IpSb); - if (IpSb->State == IP4_SERVICE_CONFIGED) { + if (IpSb->State == IP4_SERVICE_CONFIGED || IpSb->State == IP4_SERVICE_STARTED) { IpSb->State = IP4_SERVICE_UNSTARTED; } // // Start the dhcp configuration. -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [PATCH v2] NetworkPkg: Replace ASSERT with error handling in DnsDxe
v2: *Use goto to simplify code logic. This patch is used to replace ASSERT with error handling in DnsDxe driver. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/DnsDxe/DnsProtocol.c | 56 - 1 file changed, 38 insertions(+), 18 deletions(-) diff --git a/NetworkPkg/DnsDxe/DnsProtocol.c b/NetworkPkg/DnsDxe/DnsProtocol.c index e9101d6..64fca6a 100644 --- a/NetworkPkg/DnsDxe/DnsProtocol.c +++ b/NetworkPkg/DnsDxe/DnsProtocol.c @@ -86,23 +86,22 @@ Dns4GetModeData ( OldTpl = gBS->RaiseTPL (TPL_CALLBACK); Instance = DNS_INSTANCE_FROM_THIS_PROTOCOL4 (This); if (Instance->State == DNS_STATE_UNCONFIGED) { -gBS->RestoreTPL (OldTpl); -return EFI_NOT_STARTED; +Status = EFI_NOT_STARTED; +goto ON_EXIT; } ZeroMem (DnsModeData, sizeof (EFI_DNS4_MODE_DATA)); // // Get the current configuration data of this instance. // Status = Dns4CopyConfigure (>DnsConfigData, >Dns4CfgData); if (EFI_ERROR (Status)) { -gBS->RestoreTPL (OldTpl); -return Status; +goto ON_EXIT; } // // Get the DnsServerCount and DnsServerList // @@ -110,11 +109,16 @@ Dns4GetModeData ( NET_LIST_FOR_EACH_SAFE (Entry, Next, >Dns4ServerList) { Index++; } DnsModeData->DnsServerCount = (UINT32) Index; ServerList = AllocatePool (sizeof (EFI_IPv4_ADDRESS) * DnsModeData->DnsServerCount); - ASSERT (ServerList != NULL); + if (ServerList == NULL) { +Status = EFI_OUT_OF_RESOURCES; +Dns4CleanConfigure (>DnsConfigData); +goto ON_EXIT; + } + Index = 0; NET_LIST_FOR_EACH_SAFE (Entry, Next, >Dns4ServerList) { ServerItem = NET_LIST_USER_STRUCT (Entry, DNS4_SERVER_IP, AllServerLink); CopyMem (ServerList + Index, >Dns4ServerIp, sizeof (EFI_IPv4_ADDRESS)); Index++; @@ -128,22 +132,28 @@ Dns4GetModeData ( NET_LIST_FOR_EACH_SAFE (Entry, Next, >Dns4CacheList) { Index++; } DnsModeData->DnsCacheCount = (UINT32) Index; CacheList = AllocatePool (sizeof (EFI_DNS4_CACHE_ENTRY) * DnsModeData->DnsCacheCount); - ASSERT (CacheList != NULL); + if (CacheList == NULL) { +Status = EFI_OUT_OF_RESOURCES; +Dns4CleanConfigure (>DnsConfigData); +FreePool (ServerList); +goto ON_EXIT; + } + Index =0; NET_LIST_FOR_EACH_SAFE (Entry, Next, >Dns4CacheList) { CacheItem = NET_LIST_USER_STRUCT (Entry, DNS4_CACHE, AllCacheLink); CopyMem (CacheList + Index, >DnsCache, sizeof (EFI_DNS4_CACHE_ENTRY)); Index++; } DnsModeData->DnsCacheList = CacheList; +ON_EXIT: gBS->RestoreTPL (OldTpl); - - return EFI_SUCCESS; + return Status; } /** Configure this DNS instance. @@ -907,23 +917,22 @@ Dns6GetModeData ( OldTpl = gBS->RaiseTPL (TPL_CALLBACK); Instance = DNS_INSTANCE_FROM_THIS_PROTOCOL6 (This); if (Instance->State == DNS_STATE_UNCONFIGED) { -gBS->RestoreTPL (OldTpl); -return EFI_NOT_STARTED; +Status = EFI_NOT_STARTED; +goto ON_EXIT; } ZeroMem (DnsModeData, sizeof (EFI_DNS6_MODE_DATA)); // // Get the current configuration data of this instance. // - Status = Dns6CopyConfigure(>DnsConfigData, >Dns6CfgData); + Status = Dns6CopyConfigure (>DnsConfigData, >Dns6CfgData); if (EFI_ERROR (Status)) { -gBS->RestoreTPL (OldTpl); -return Status; +goto ON_EXIT; } // // Get the DnsServerCount and DnsServerList // @@ -931,11 +940,16 @@ Dns6GetModeData ( NET_LIST_FOR_EACH_SAFE (Entry, Next, >Dns6ServerList) { Index++; } DnsModeData->DnsServerCount = (UINT32) Index; ServerList = AllocatePool (sizeof(EFI_IPv6_ADDRESS) * DnsModeData->DnsServerCount); - ASSERT (ServerList != NULL); + if (ServerList == NULL) { +Status = EFI_OUT_OF_RESOURCES; +Dns6CleanConfigure (>DnsConfigData); +goto ON_EXIT; + } + Index = 0; NET_LIST_FOR_EACH_SAFE (Entry, Next, >Dns6ServerList) { ServerItem = NET_LIST_USER_STRUCT (Entry, DNS6_SERVER_IP, AllServerLink); CopyMem (ServerList + Index, >Dns6ServerIp, sizeof (EFI_IPv6_ADDRESS)); Index++; @@ -949,22 +963,28 @@ Dns6GetModeData ( NET_LIST_FOR_EACH_SAFE (Entry, Next, >Dns6CacheList) { Index++; } DnsModeData->DnsCacheCount = (UINT32) Index; CacheList = AllocatePool (sizeof(EFI_DNS6_CACHE_ENTRY) * DnsModeData->DnsCacheCount); - ASSERT (CacheList != NULL); + if (CacheList == NULL) { +Status = EFI_OUT_OF_RESOURCES; +Dns6CleanConfigure (>DnsConfigData); +FreePool (ServerList); +goto ON_EXIT; + } + Index =0; NET_LIST_FOR_EACH_SAFE (Entry, Next, >Dns6CacheList) { CacheItem = NET_LIST_USER_STRUCT (Entry, DNS6_CACHE, AllCacheLink); CopyMem (Cac
[edk2] [Patch] NetworkPkg: Replace ASSERT with error handling in DnsDxe
This patch is used to replace ASSERT with error handling in DnsDxe driver. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/DnsDxe/DnsProtocol.c | 34 ++ 1 file changed, 30 insertions(+), 4 deletions(-) diff --git a/NetworkPkg/DnsDxe/DnsProtocol.c b/NetworkPkg/DnsDxe/DnsProtocol.c index e9101d6..1102fab 100644 --- a/NetworkPkg/DnsDxe/DnsProtocol.c +++ b/NetworkPkg/DnsDxe/DnsProtocol.c @@ -110,11 +110,17 @@ Dns4GetModeData ( NET_LIST_FOR_EACH_SAFE (Entry, Next, >Dns4ServerList) { Index++; } DnsModeData->DnsServerCount = (UINT32) Index; ServerList = AllocatePool (sizeof (EFI_IPv4_ADDRESS) * DnsModeData->DnsServerCount); - ASSERT (ServerList != NULL); + if (ServerList == NULL) { +Status = EFI_OUT_OF_RESOURCES; +Dns4CleanConfigure (>DnsConfigData); +gBS->RestoreTPL (OldTpl); +return Status; + } + Index = 0; NET_LIST_FOR_EACH_SAFE (Entry, Next, >Dns4ServerList) { ServerItem = NET_LIST_USER_STRUCT (Entry, DNS4_SERVER_IP, AllServerLink); CopyMem (ServerList + Index, >Dns4ServerIp, sizeof (EFI_IPv4_ADDRESS)); Index++; @@ -128,11 +134,18 @@ Dns4GetModeData ( NET_LIST_FOR_EACH_SAFE (Entry, Next, >Dns4CacheList) { Index++; } DnsModeData->DnsCacheCount = (UINT32) Index; CacheList = AllocatePool (sizeof (EFI_DNS4_CACHE_ENTRY) * DnsModeData->DnsCacheCount); - ASSERT (CacheList != NULL); + if (CacheList == NULL) { +Status = EFI_OUT_OF_RESOURCES; +Dns4CleanConfigure (>DnsConfigData); +FreePool (ServerList); +gBS->RestoreTPL (OldTpl); +return Status; + } + Index =0; NET_LIST_FOR_EACH_SAFE (Entry, Next, >Dns4CacheList) { CacheItem = NET_LIST_USER_STRUCT (Entry, DNS4_CACHE, AllCacheLink); CopyMem (CacheList + Index, >DnsCache, sizeof (EFI_DNS4_CACHE_ENTRY)); Index++; @@ -931,11 +944,17 @@ Dns6GetModeData ( NET_LIST_FOR_EACH_SAFE (Entry, Next, >Dns6ServerList) { Index++; } DnsModeData->DnsServerCount = (UINT32) Index; ServerList = AllocatePool (sizeof(EFI_IPv6_ADDRESS) * DnsModeData->DnsServerCount); - ASSERT (ServerList != NULL); + if (ServerList == NULL) { +Status = EFI_OUT_OF_RESOURCES; +Dns6CleanConfigure (>DnsConfigData); +gBS->RestoreTPL (OldTpl); +return Status; + } + Index = 0; NET_LIST_FOR_EACH_SAFE (Entry, Next, >Dns6ServerList) { ServerItem = NET_LIST_USER_STRUCT (Entry, DNS6_SERVER_IP, AllServerLink); CopyMem (ServerList + Index, >Dns6ServerIp, sizeof (EFI_IPv6_ADDRESS)); Index++; @@ -949,11 +968,18 @@ Dns6GetModeData ( NET_LIST_FOR_EACH_SAFE (Entry, Next, >Dns6CacheList) { Index++; } DnsModeData->DnsCacheCount = (UINT32) Index; CacheList = AllocatePool (sizeof(EFI_DNS6_CACHE_ENTRY) * DnsModeData->DnsCacheCount); - ASSERT (CacheList != NULL); + if (CacheList == NULL) { +Status = EFI_OUT_OF_RESOURCES; +Dns6CleanConfigure (>DnsConfigData); +FreePool (ServerList); +gBS->RestoreTPL (OldTpl); +return Status; + } + Index =0; NET_LIST_FOR_EACH_SAFE (Entry, Next, >Dns6CacheList) { CacheItem = NET_LIST_USER_STRUCT (Entry, DNS6_CACHE, AllCacheLink); CopyMem (CacheList + Index, >DnsCache, sizeof (EFI_DNS6_CACHE_ENTRY)); Index++; -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] NetworkPkg: Fix unspecified address use case in IpsecConfig
This patch is used to fix unspecified address use case in ConstructSpdIndexer() function. Indexer->Name for ConstructSpdIndexer is unspecified, that will be a problem for UnicodeStrToAsciiStr. This patch also refine the code by removing ASSERT and user error handling. Cc: Fu Siyuan <siyuan...@intel.com> Cc: Ye Ting <ting...@intel.com> Cc: Zeng Star <star.z...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/Application/IpsecConfig/Indexer.c | 26 -- NetworkPkg/Application/IpsecConfig/Indexer.h | 4 ++-- NetworkPkg/Application/IpsecConfig/Match.c | 4 ++-- 3 files changed, 20 insertions(+), 14 deletions(-) diff --git a/NetworkPkg/Application/IpsecConfig/Indexer.c b/NetworkPkg/Application/IpsecConfig/Indexer.c index 83ceda4..353b22e 100644 --- a/NetworkPkg/Application/IpsecConfig/Indexer.c +++ b/NetworkPkg/Application/IpsecConfig/Indexer.c @@ -1,9 +1,9 @@ /** @file The implementation of construct ENTRY_INDEXER in IpSecConfig application. - Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved. + Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -42,21 +42,23 @@ ConstructSpdIndexer ( } else if (ShellCommandLineGetFlag (ParamPackage, L"-d")) { ValueStr = ShellCommandLineGetValue (ParamPackage, L"-d"); } else if (ShellCommandLineGetFlag (ParamPackage, L"-e")) { ValueStr = ShellCommandLineGetValue (ParamPackage, L"-e"); } else { -ASSERT (FALSE); +return EFI_INVALID_PARAMETER; } - ASSERT (ValueStr != NULL); - + if (ValueStr == NULL) { +return EFI_INVALID_PARAMETER; + } + Value64 = StrToUInteger (ValueStr, ); if (!EFI_ERROR (Status)) { Indexer->Index = (UINTN) Value64; -Indexer->Name = NULL; +ZeroMem (Indexer->Name, MAX_PEERID_LEN); } else { -UnicodeStrToAsciiStr (ValueStr, (CHAR8 *) Indexer->Name); +UnicodeStrToAsciiStrS (ValueStr, (CHAR8 *) Indexer->Name, MAX_PEERID_LEN); } return EFI_SUCCESS; } @@ -87,14 +89,16 @@ ConstructSadIndexer ( } else if (ShellCommandLineGetFlag (ParamPackage, L"-d")) { ValueStr = ShellCommandLineGetValue (ParamPackage, L"-d"); } else if (ShellCommandLineGetFlag (ParamPackage, L"-e")) { ValueStr = ShellCommandLineGetValue (ParamPackage, L"-e"); } else { -ASSERT (FALSE); +return EFI_INVALID_PARAMETER; } - ASSERT (ValueStr != NULL); + if (ValueStr == NULL) { +return EFI_INVALID_PARAMETER; + } Value64 = StrToUInteger (ValueStr, ); if (!EFI_ERROR (Status)) { Indexer->Index = (UINTN) Value64; ZeroMem (>SaId, sizeof (EFI_IPSEC_SA_ID)); @@ -185,14 +189,16 @@ ConstructPadIndexer ( } else if (ShellCommandLineGetFlag (ParamPackage, L"-d")) { ValueStr = ShellCommandLineGetValue (ParamPackage, L"-d"); } else if (ShellCommandLineGetFlag (ParamPackage, L"-e")) { ValueStr = ShellCommandLineGetValue (ParamPackage, L"-e"); } else { -ASSERT (FALSE); +return EFI_INVALID_PARAMETER; } - ASSERT (ValueStr != NULL); + if (ValueStr == NULL) { +return EFI_INVALID_PARAMETER; + } Value64 = StrToUInteger (ValueStr, ); if (!EFI_ERROR (Status)) { Indexer->Index = (UINTN) Value64; diff --git a/NetworkPkg/Application/IpsecConfig/Indexer.h b/NetworkPkg/Application/IpsecConfig/Indexer.h index 078f38a..b0e62fb 100644 --- a/NetworkPkg/Application/IpsecConfig/Indexer.h +++ b/NetworkPkg/Application/IpsecConfig/Indexer.h @@ -1,10 +1,10 @@ /** @file The internal structure and function declaration to construct ENTRY_INDEXER in IpSecConfig application. - Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved. + Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -16,11 +16,11 @@ #ifndef _INDEXER_H_ #define _INDEXER_H_ typedef struct { - UINT8*Name; + UINT8Name[MAX_PEERID_LEN]; UINTNIndex;// Used only if Name is NULL. } SPD_ENTRY_INDEXER; typedef struct { EFI_IPSEC_SA_IDSaId; diff --git a/NetworkPkg/Application/IpsecConfig/Match.c b/NetworkPkg/Application/IpsecConfig/Match.c index d283f5b..2ee763e 100644 --- a/NetworkPkg/Application/IpsecConfig/Match.c +++ b/NetworkPkg/Application/IpsecConfig/Match.
[edk2] [Patch] NetworkPkg/TcpDxe: Fix GCC build failure
Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/TcpDxe/SockImpl.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/NetworkPkg/TcpDxe/SockImpl.c b/NetworkPkg/TcpDxe/SockImpl.c index 35e0f6a..5addbd1 100644 --- a/NetworkPkg/TcpDxe/SockImpl.c +++ b/NetworkPkg/TcpDxe/SockImpl.c @@ -591,16 +591,14 @@ SockCancelToken ( IN OUT LIST_ENTRY *SpecifiedTokenList ) { EFI_STATUS Status; LIST_ENTRY *Entry; - LIST_ENTRY *Next; SOCK_TOKEN *SockToken; Status= EFI_SUCCESS; Entry = NULL; - Next = NULL; SockToken = NULL; if (IsListEmpty (SpecifiedTokenList) && Token != NULL) { return EFI_NOT_FOUND; } -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] MdeModulePkg: Fix IPv4 UseDefaultAddress failure case.
This patch is used to update IP4->Configure() to allow the upper layer modules to obtain a default address by setting UseDefaultAddress to TRUE when default address is not available yet. Cc: Ye Ting <ting...@intel.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Cc: Subramanian Sriram <srira...@hpe.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c | 7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c index e733816..91f1a67 100644 --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c @@ -674,12 +674,15 @@ Ip4ConfigProtocol ( } else { // // Use the default address. Check the state. // if (IpSb->State == IP4_SERVICE_UNSTARTED) { - Status = EFI_NO_MAPPING; - goto ON_ERROR; + Status = Ip4StartAutoConfig (>Ip4Config2Instance); + + if (EFI_ERROR (Status)) { +goto ON_ERROR; + } } IpIf = IpSb->DefaultInterface; NET_GET_REF (IpSb->DefaultInterface); -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] NetworkPkg: Remove TokenEntry from Token list before freed
TokenEntry should be removed from Token list before freed. Otherwise, invalid TokenEntry will be existed in Token list. Cc: Ye Ting <ting...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/DnsDxe/DnsProtocol.c | 8 1 file changed, 8 insertions(+) diff --git a/NetworkPkg/DnsDxe/DnsProtocol.c b/NetworkPkg/DnsDxe/DnsProtocol.c index 11009fd..e9101d6 100644 --- a/NetworkPkg/DnsDxe/DnsProtocol.c +++ b/NetworkPkg/DnsDxe/DnsProtocol.c @@ -491,10 +491,12 @@ Dns4HostNameToIp ( // // Dns Query Ip // Status = DoDnsQuery (Instance, Packet); if (EFI_ERROR (Status)) { +Dns4RemoveTokenEntry (>Dns4TxTokens, TokenEntry); + if (TokenEntry != NULL) { FreePool (TokenEntry); } NetbufFree (Packet); @@ -673,10 +675,12 @@ Dns4GeneralLookUp ( // // Dns Query Ip // Status = DoDnsQuery (Instance, Packet); if (EFI_ERROR (Status)) { +Dns4RemoveTokenEntry (>Dns4TxTokens, TokenEntry); + if (TokenEntry != NULL) { FreePool (TokenEntry); } NetbufFree (Packet); @@ -1301,10 +1305,12 @@ Dns6HostNameToIp ( // // Dns Query Ip // Status = DoDnsQuery (Instance, Packet); if (EFI_ERROR (Status)) { +Dns6RemoveTokenEntry (>Dns6TxTokens, TokenEntry); + if (TokenEntry != NULL) { FreePool (TokenEntry); } NetbufFree (Packet); @@ -1486,10 +1492,12 @@ Dns6GeneralLookUp ( // // Dns Query Ip // Status = DoDnsQuery (Instance, Packet); if (EFI_ERROR (Status)) { +Dns6RemoveTokenEntry (>Dns6TxTokens, TokenEntry); + if (TokenEntry != NULL) { FreePool (TokenEntry); } NetbufFree (Packet); -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] NetworkPkg: Fix IPv6 boot failure in diff net segment issue
This patch is used to fix HTTP IPv6 boot failure in diff net segment issue. IPv6 gateway address should be registered before DNS query, otherwise, DNS query will fail. Cc: Ye Ting <ting...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/HttpBootDxe/HttpBootClient.c | 18 +- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/NetworkPkg/HttpBootDxe/HttpBootClient.c b/NetworkPkg/HttpBootDxe/HttpBootClient.c index 46cf9ca..0d4061d 100644 --- a/NetworkPkg/HttpBootDxe/HttpBootClient.c +++ b/NetworkPkg/HttpBootDxe/HttpBootClient.c @@ -298,10 +298,18 @@ HttpBootDhcp6ExtractUriInfo ( // Status = HttpBootSetIp6Address (Private); if (EFI_ERROR (Status)) { return Status; } + + // + // Register the IPv6 gateway address to the network device. + // + Status = HttpBootSetIp6Gateway (Private); + if (EFI_ERROR (Status)) { +return Status; + } // // Configure the default DNS server if server assigned. // if ((SelectOffer->OfferType == HttpOfferTypeDhcpNameUriDns) || @@ -354,19 +362,11 @@ HttpBootDhcp6ExtractUriInfo ( if (EFI_ERROR (Status)) { goto Error; } } - CopyMem (>ServerIp.v6, , sizeof (EFI_IPv6_ADDRESS)); - - // - // register the IPv6 gateway address to the network device. - // - Status = HttpBootSetIp6Gateway (Private); - if (EFI_ERROR (Status)) { -return Status; - } + CopyMem (>ServerIp.v6, , sizeof (EFI_IPv6_ADDRESS)); // // Extract the port from URL, and use default HTTP port 80 if not provided. // Status = HttpUrlGetPort ( -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch 3/3] NetworkPkg: Handling timeout case in httpboot driver
This patch is used to handle timeout case when downloading the message. The Status in the token should also be checked to handle any response error case including timeout case. Cc: Fu Siyuan <siyuan...@intel.com> Cc: Ye Ting <ting...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Cc: Hegde Nagaraj P <nagaraj-p.he...@hpe.com> Cc: Gary Lin <g...@suse.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/HttpBootDxe/HttpBootClient.c | 10 +- NetworkPkg/HttpBootDxe/HttpBootClient.h |1 + NetworkPkg/HttpBootDxe/HttpBootSupport.c | 2346 +++--- NetworkPkg/HttpBootDxe/HttpBootSupport.h |2 + 4 files changed, 1206 insertions(+), 1153 deletions(-) diff --git a/NetworkPkg/HttpBootDxe/HttpBootClient.c b/NetworkPkg/HttpBootDxe/HttpBootClient.c index 46cf9ca..378bf02 100644 --- a/NetworkPkg/HttpBootDxe/HttpBootClient.c +++ b/NetworkPkg/HttpBootDxe/HttpBootClient.c @@ -1006,11 +1006,14 @@ HttpBootGetBootFile ( Status = HttpIoRecvResponse ( >HttpIo, FALSE, ); -if (EFI_ERROR (Status)) { +if (EFI_ERROR (Status) || EFI_ERROR (ResponseBody.Status)) { + if (EFI_ERROR (ResponseBody.Status)) { +Status = ResponseBody.Status; + } goto ERROR_6; } ReceivedSize += ResponseBody.BodyLength; } } else { @@ -1043,11 +1046,14 @@ HttpBootGetBootFile ( Status = HttpIoRecvResponse ( >HttpIo, FALSE, ); -if (EFI_ERROR (Status)) { +if (EFI_ERROR (Status) || EFI_ERROR (ResponseBody.Status)) { + if (EFI_ERROR (ResponseBody.Status)) { +Status = ResponseBody.Status; + } goto ERROR_6; } // // Parse the new received block of the message-body, the block will be saved in cache. diff --git a/NetworkPkg/HttpBootDxe/HttpBootClient.h b/NetworkPkg/HttpBootDxe/HttpBootClient.h index 2fd7dfc..2c32341 100644 --- a/NetworkPkg/HttpBootDxe/HttpBootClient.h +++ b/NetworkPkg/HttpBootDxe/HttpBootClient.h @@ -15,10 +15,11 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #ifndef __EFI_HTTP_BOOT_HTTP_H__ #define __EFI_HTTP_BOOT_HTTP_H__ #define HTTP_BOOT_REQUEST_TIMEOUT5000 // 5 seconds in uints of millisecond. +#define HTTP_BOOT_RESPONSE_TIMEOUT 5000 // 5 seconds in uints of millisecond. #define HTTP_BOOT_BLOCK_SIZE 1500 #define HTTP_USER_AGENT_EFI_HTTP_BOOT"UefiHttpBoot/1.0" diff --git a/NetworkPkg/HttpBootDxe/HttpBootSupport.c b/NetworkPkg/HttpBootDxe/HttpBootSupport.c index 66eca78..617a43b 100644 --- a/NetworkPkg/HttpBootDxe/HttpBootSupport.c +++ b/NetworkPkg/HttpBootDxe/HttpBootSupport.c @@ -1,1151 +1,1195 @@ -/** @file - Support functions implementation for UEFI HTTP boot driver. - -Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. -(C) Copyright 2016 Hewlett Packard Enterprise Development LP -This program and the accompanying materials are licensed and made available under -the terms and conditions of the BSD License that accompanies this distribution. -The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php. - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#include "HttpBootDxe.h" - - -/** - Get the Nic handle using any child handle in the IPv4 stack. - - @param[in] ControllerHandlePointer to child handle over IPv4. - - @return NicHandle The pointer to the Nic handle. - @return NULLCan't find the Nic handle. - -**/ -EFI_HANDLE -HttpBootGetNicByIp4Children ( - IN EFI_HANDLE ControllerHandle - ) -{ - EFI_HANDLENicHandle; - - NicHandle = NetLibGetNicHandle (ControllerHandle, ); - if (NicHandle == NULL) { -NicHandle = NetLibGetNicHandle (ControllerHandle, ); -if (NicHandle == NULL) { - return NULL; -} - } - - return NicHandle; -} - -/** - Get the Nic handle using any child handle in the IPv6 stack. - - @param[in] ControllerHandlePointer to child handle over IPv6. - - @return NicHandle The pointer to the Nic handle. - @return NULLCan't find the Nic handle. - -**/ -EFI_HANDLE -HttpBootGetNicByIp6Children ( - IN EFI_HANDLE ControllerHandle - ) -{ - EFI_HANDLENicHandle; - NicHandle = NetLibGetNicHandle (ControllerHandle, ); - if (NicHandle == NULL) { -NicHandle = NetLibGetNicHandle (ControllerHandle, ); -
[edk2] [Patch 0/3] NetworkPkg: Support TCP Cancel function and move timeout handling to HttpBootDxe
Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Cc: Hegde Nagaraj P <nagaraj-p.he...@hpe.com> Cc: Gary Lin <g...@suse.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> Jiaxin Wu (3): NetworkPkg: Support TCP Cancel function NetworkPkg: HttpDxe response/cancel issue fix NetworkPkg: Handling timeout case in httpboot driver NetworkPkg/HttpBootDxe/HttpBootClient.c | 10 +- NetworkPkg/HttpBootDxe/HttpBootClient.h |1 + NetworkPkg/HttpBootDxe/HttpBootSupport.c | 2346 ++- NetworkPkg/HttpBootDxe/HttpBootSupport.h |2 + NetworkPkg/HttpDxe/HttpImpl.c| 2918 --- NetworkPkg/HttpDxe/HttpProto.c | 3770 +++--- NetworkPkg/HttpDxe/HttpProto.h |4 +- NetworkPkg/TcpDxe/SockImpl.c | 2525 ++-- NetworkPkg/TcpDxe/SockImpl.h | 223 +- NetworkPkg/TcpDxe/SockInterface.c| 2080 + NetworkPkg/TcpDxe/Socket.h | 1866 +++ NetworkPkg/TcpDxe/TcpMain.c | 2183 - NetworkPkg/TcpDxe/TcpMain.h | 1549 ++-- 13 files changed, 9872 insertions(+), 9605 deletions(-) -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [PATCH v2] MdeModulePkg: Fix SNP.Initialize() spec conformance issue
v2: *Refine the coding style according edk2 community's feedback. Current SNP UNDI Initialize command does not follow the UEFI Spec to update the SNP MediaPresent field. The result for the Initialize command execution check should be: StatFlags: (1) Monitor the upper two bits (14 & 15) in the field to know whether the command has been executed by the UNDI (Not started, Queued, Error, Complete). (2) Check the other field to see if there is an active connection to this network device (used to update MediaPresent). StatCode: After command execution completes, either successfully or not, this field contains the result of the command execution (success or failure). This patch is used to fix it. NOTE: If any UNDI driver does not follow the UEFI Spec for the media status update, it may meet failure with this more conditions check (StatFlags). Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- MdeModulePkg/Universal/Network/SnpDxe/Initialize.c | 33 ++ 1 file changed, 27 insertions(+), 6 deletions(-) diff --git a/MdeModulePkg/Universal/Network/SnpDxe/Initialize.c b/MdeModulePkg/Universal/Network/SnpDxe/Initialize.c index 2151375..63bdf92 100644 --- a/MdeModulePkg/Universal/Network/SnpDxe/Initialize.c +++ b/MdeModulePkg/Universal/Network/SnpDxe/Initialize.c @@ -1,9 +1,9 @@ /** @file Implementation of initializing a network adapter. -Copyright (c) 2004 - 2008, Intel Corporation. All rights reserved. +Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -35,10 +35,12 @@ PxeInit ( { PXE_CPB_INITIALIZE *Cpb; VOID*Addr; EFI_STATUS Status; + Status = EFI_SUCCESS; + Cpb = Snp->Cpb; if (Snp->TxRxBufferSize != 0) { Status = Snp->PciIo->AllocateBuffer ( Snp->PciIo, AllocateAnyPages, @@ -97,14 +99,34 @@ PxeInit ( DEBUG ((EFI_D_NET, "\nSnp->undi.initialize() ")); (*Snp->IssueUndi32Command) ((UINT64)(UINTN) >Cdb); - if (Snp->Cdb.StatCode == PXE_STATCODE_SUCCESS) { -Snp->Mode.State = EfiSimpleNetworkInitialized; - -Status = EFI_SUCCESS; + // + // There are two fields need to be checked here: + // First is the upper two bits (14 & 15) in the CDB.StatFlags field. Until these bits change to report + // PXE_STATFLAGS_COMMAND_COMPLETE or PXE_STATFLAGS_COMMAND_FAILED, the command has not been executed by the UNDI. + // Second is the CDB.StatCode field. After command execution completes, either successfully or not, + // the CDB.StatCode field contains the result of the command execution. + // + if Snp->Cdb.StatFlags) & PXE_STATFLAGS_STATUS_MASK) == PXE_STATFLAGS_COMMAND_COMPLETE) && + (Snp->Cdb.StatCode == PXE_STATCODE_SUCCESS)) { +// +// If cable detect feature is enabled in CDB.OpFlags, check the CDB.StatFlags to see if there is an +// active connection to this network device. If the no media StatFlag is set, the UNDI and network +// device are still initialized. +// +if (CableDetectFlag == PXE_OPFLAGS_INITIALIZE_DETECT_CABLE) { + if(((Snp->Cdb.StatFlags) & PXE_STATFLAGS_INITIALIZED_NO_MEDIA) != PXE_STATFLAGS_INITIALIZED_NO_MEDIA) { +Snp->Mode.MediaPresent = TRUE; + } else { +Snp->Mode.MediaPresent = FALSE; + } +} + +Snp->Mode.State = EfiSimpleNetworkInitialized; +Status= EFI_SUCCESS; } else { DEBUG ( (EFI_D_WARN, "\nSnp->undi.initialize() %xh:%xh\n", Snp->Cdb.StatFlags, @@ -232,11 +254,10 @@ SnpUndi32Initialize ( // // If UNDI support cable detect for INITIALIZE command, try it first. // if (Snp->CableDetectSupported) { if (PxeInit (Snp, PXE_OPFLAGS_INITIALIZE_DETECT_CABLE) == EFI_SUCCESS) { - Snp->Mode.MediaPresent = TRUE; goto ON_EXIT; } } Snp->Mode.MediaPresent = FALSE; -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] MdeModulePkg: Fix SNP.Initialize() spec conformance issue
Current SNP UNDI Initialize command does not follow the UEFI Spec to update the SNP MediaPresent field. The result for the Initialize command execution check should be: StatFlags: (1) Monitor the upper two bits (14 & 15) in the field to know whether the command has been executed by the UNDI (Not started, Queued, Error, Complete). (2) Check the other field to see if there is an active connection to this network device (used to update MediaPresent). StatCode: After command execution completes, either successfully or not, this field contains the result of the command execution (success or failure). This patch is used to fix it. NOTE: If any UNDI driver does not follow the UEFI Spec for the media status update, it may meet failure with this more conditions check (StatFlags). Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- MdeModulePkg/Universal/Network/SnpDxe/Initialize.c | 37 ++ 1 file changed, 31 insertions(+), 6 deletions(-) diff --git a/MdeModulePkg/Universal/Network/SnpDxe/Initialize.c b/MdeModulePkg/Universal/Network/SnpDxe/Initialize.c index 2151375..0c292a5 100644 --- a/MdeModulePkg/Universal/Network/SnpDxe/Initialize.c +++ b/MdeModulePkg/Universal/Network/SnpDxe/Initialize.c @@ -1,9 +1,9 @@ /** @file Implementation of initializing a network adapter. -Copyright (c) 2004 - 2008, Intel Corporation. All rights reserved. +Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -35,10 +35,12 @@ PxeInit ( { PXE_CPB_INITIALIZE *Cpb; VOID*Addr; EFI_STATUS Status; + Status = EFI_SUCCESS; + Cpb = Snp->Cpb; if (Snp->TxRxBufferSize != 0) { Status = Snp->PciIo->AllocateBuffer ( Snp->PciIo, AllocateAnyPages, @@ -97,14 +99,38 @@ PxeInit ( DEBUG ((EFI_D_NET, "\nSnp->undi.initialize() ")); (*Snp->IssueUndi32Command) ((UINT64)(UINTN) >Cdb); - if (Snp->Cdb.StatCode == PXE_STATCODE_SUCCESS) { -Snp->Mode.State = EfiSimpleNetworkInitialized; - -Status = EFI_SUCCESS; + // + // There are two fields need to be checked here: + // First is the upper two bits (14 & 15) in the CDB.StatFlags field. Until these bits change to report + // PXE_STATFLAGS_COMMAND_COMPLETE or PXE_STATFLAGS_COMMAND_FAILED, the command has not been executed by the UNDI. + // Second is the CDB.StatCode field. After command execution completes, either successfully or not, + // the CDB.StatCode field contains the result of the command execution. + // + if Snp->Cdb.StatFlags) & PXE_STATFLAGS_STATUS_MASK) == PXE_STATFLAGS_COMMAND_COMPLETE) && + (Snp->Cdb.StatCode == PXE_STATCODE_SUCCESS)) { +// +// If cable detect feature is enabled in CDB.OpFlags, check the CDB.StatFlags to see if there is an +// active connection to this network device. If the no media StatFlag is set, the UNDI and network +// device are still initialized. +// +if (CableDetectFlag == PXE_OPFLAGS_INITIALIZE_DETECT_CABLE) { + if(((Snp->Cdb.StatFlags) & PXE_STATFLAGS_INITIALIZED_NO_MEDIA) != PXE_STATFLAGS_INITIALIZED_NO_MEDIA) { +Snp->Mode.MediaPresent = TRUE; +Snp->Mode.State = EfiSimpleNetworkInitialized; +Status = EFI_SUCCESS; + } else { +Snp->Mode.MediaPresent = FALSE; +Snp->Mode.State = EfiSimpleNetworkInitialized; +Status = EFI_SUCCESS; + } +} else { + Snp->Mode.State = EfiSimpleNetworkInitialized; + Status= EFI_SUCCESS; +} } else { DEBUG ( (EFI_D_WARN, "\nSnp->undi.initialize() %xh:%xh\n", Snp->Cdb.StatFlags, @@ -232,11 +258,10 @@ SnpUndi32Initialize ( // // If UNDI support cable detect for INITIALIZE command, try it first. // if (Snp->CableDetectSupported) { if (PxeInit (Snp, PXE_OPFLAGS_INITIALIZE_DETECT_CABLE) == EFI_SUCCESS) { - Snp->Mode.MediaPresent = TRUE; goto ON_EXIT; } } Snp->Mode.MediaPresent = FALSE; -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch 0/2] Correct HttpConfigure parameter check
Jiaxin Wu (2): MdePkg: Correct EFI_HTTP_CONFIGURE return status value NetworkPkg: Correct HttpConfigure parameter check MdePkg/Include/Protocol/Http.h | 1 - NetworkPkg/HttpDxe/HttpImpl.c | 9 + NetworkPkg/HttpDxe/HttpImpl.h | 1 - 3 files changed, 5 insertions(+), 6 deletions(-) -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch 1/2] MdePkg: Correct EFI_HTTP_CONFIGURE return status value
Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- MdePkg/Include/Protocol/Http.h | 1 - 1 file changed, 1 deletion(-) diff --git a/MdePkg/Include/Protocol/Http.h b/MdePkg/Include/Protocol/Http.h index 22201b4..269416c 100644 --- a/MdePkg/Include/Protocol/Http.h +++ b/MdePkg/Include/Protocol/Http.h @@ -339,11 +339,10 @@ EFI_STATUS @param[in] HttpConfigData Pointer to the configure data to configure the instance. @retval EFI_SUCCESS Operation succeeded. @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: This is NULL. - HttpConfigData is NULL. HttpConfigData->LocalAddressIsIPv6 is FALSE and HttpConfigData->IPv4Node is NULL. HttpConfigData->LocalAddressIsIPv6 is TRUE and HttpConfigData->IPv6Node is NULL. @retval EFI_ALREADY_STARTED Reinitialize this HTTP instance without calling -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch 2/2] NetworkPkg: Correct HttpConfigure parameter check
When HttpConfigData is NULL, HttpConfigure should not return EFI_INVALID_PARAMETER. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/HttpDxe/HttpImpl.c | 9 + NetworkPkg/HttpDxe/HttpImpl.h | 1 - 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/NetworkPkg/HttpDxe/HttpImpl.c b/NetworkPkg/HttpDxe/HttpImpl.c index 7ee6613..12f22db 100644 --- a/NetworkPkg/HttpDxe/HttpImpl.c +++ b/NetworkPkg/HttpDxe/HttpImpl.c @@ -112,11 +112,10 @@ EfiHttpGetModeData ( @param[in] HttpConfigData Pointer to the configure data to configure the instance. @retval EFI_SUCCESS Operation succeeded. @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: This is NULL. - HttpConfigData is NULL. HttpConfigData->LocalAddressIsIPv6 is FALSE and HttpConfigData->IPv4Node is NULL. HttpConfigData->LocalAddressIsIPv6 is TRUE and HttpConfigData->IPv6Node is NULL. @retval EFI_ALREADY_STARTED Reinitialize this HTTP instance without calling @@ -139,13 +138,13 @@ EfiHttpConfigure ( // // Check input parameters. // if (This == NULL || - HttpConfigData == NULL || - ((HttpConfigData->LocalAddressIsIPv6 && HttpConfigData->AccessPoint.IPv6Node == NULL) || - (!HttpConfigData->LocalAddressIsIPv6 && HttpConfigData->AccessPoint.IPv4Node == NULL))) { + (HttpConfigData != NULL && + ((HttpConfigData->LocalAddressIsIPv6 && HttpConfigData->AccessPoint.IPv6Node == NULL) || +(!HttpConfigData->LocalAddressIsIPv6 && HttpConfigData->AccessPoint.IPv4Node == NULL { return EFI_INVALID_PARAMETER; } HttpInstance = HTTP_INSTANCE_FROM_PROTOCOL (This); ASSERT (HttpInstance != NULL && HttpInstance->Service != NULL); @@ -252,10 +251,11 @@ EfiHttpRequest ( // // Initializations // Url = NULL; UrlParser = NULL; + RemotePort = 0; HostName = NULL; RequestMsg = NULL; HostNameStr = NULL; Wrap = NULL; FileUrl = NULL; @@ -906,10 +906,11 @@ HttpResponseWorker ( HttpMsg->Headers = NULL; HttpHeaders = NULL; SizeofHeaders = 0; BufferSize= 0; EndofHeader = NULL; + ValueInItem = NULL; if (HttpMsg->Data.Response != NULL) { // // Need receive the HTTP headers, prepare buffer. // diff --git a/NetworkPkg/HttpDxe/HttpImpl.h b/NetworkPkg/HttpDxe/HttpImpl.h index 415b5e5..40b2504 100644 --- a/NetworkPkg/HttpDxe/HttpImpl.h +++ b/NetworkPkg/HttpDxe/HttpImpl.h @@ -70,11 +70,10 @@ EfiHttpGetModeData ( @param[in] HttpConfigData Pointer to the configure data to configure the instance. @retval EFI_SUCCESS Operation succeeded. @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: This is NULL. - HttpConfigData is NULL. HttpConfigData->LocalAddressIsIPv6 is FALSE and HttpConfigData->IPv4Node is NULL. HttpConfigData->LocalAddressIsIPv6 is TRUE and HttpConfigData->IPv6Node is NULL. @retval EFI_ALREADY_STARTED Reinitialize this HTTP instance without calling -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] MdeModulePkg: Fix incorrect status check for SockProcessRcvToken
This patch is used to remove the status check for SockProcessRcvToken. It's not return EFI_STATUS. Cc: Fu Siyuan <siyuan...@intel.com> Cc: Ye Ting <ting...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- MdeModulePkg/Universal/Network/Tcp4Dxe/SockInterface.c | 8 ++-- 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/MdeModulePkg/Universal/Network/Tcp4Dxe/SockInterface.c b/MdeModulePkg/Universal/Network/Tcp4Dxe/SockInterface.c index feed86c..c14fcd7 100644 --- a/MdeModulePkg/Universal/Network/Tcp4Dxe/SockInterface.c +++ b/MdeModulePkg/Universal/Network/Tcp4Dxe/SockInterface.c @@ -1,9 +1,9 @@ /** @file Interface function of the Socket. -Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved. +Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -695,15 +695,11 @@ SockRcv ( Status = EFI_CONNECTION_FIN; goto Exit; } if (RcvdBytes != 0) { -Status = SockProcessRcvToken (Sock, RcvToken); - -if (EFI_ERROR (Status)) { - goto Exit; -} +SockProcessRcvToken (Sock, RcvToken); Status = Sock->ProtoHandler (Sock, SOCK_CONSUMED, NULL); } else { if (NULL == SockBufferToken (Sock, >RcvTokenList, RcvToken, 0)) { -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] NetworkPkg: Need update Http token status while timeout happened
Http token status should be updated to EFI_TIMEOUT while timeout happened by any abruptly interrupted (e.g. network disconnection, cable plug/unplug...). Otherwise, HttpBootDxe driver will continue treat it as no error happened, and its ReceivedSize will be updated to ContentLength directly. Moreover, If download image type is RAM Disk, the corresponding info will be registered to system. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Gary Lin <g...@suse.com> Cc: Samer El-Haj-Mahmoud <el...@hpe.com> Cc: Hegde Nagaraj P <nagaraj-p.he...@hpe.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/HttpDxe/HttpImpl.c | 3 +++ NetworkPkg/HttpDxe/HttpProto.c | 16 +++- 2 files changed, 14 insertions(+), 5 deletions(-) diff --git a/NetworkPkg/HttpDxe/HttpImpl.c b/NetworkPkg/HttpDxe/HttpImpl.c index f4ae28a..05a96e9 100644 --- a/NetworkPkg/HttpDxe/HttpImpl.c +++ b/NetworkPkg/HttpDxe/HttpImpl.c @@ -1259,10 +1259,13 @@ Exit: Error2: NetMapInsertHead (>TxTokens, ValueInItem->HttpToken, ValueInItem); Error: + + HttpCloseConnection (HttpInstance); + HttpTcpTokenCleanup (Wrap); if (HttpHeaders != NULL) { FreePool (HttpHeaders); } diff --git a/NetworkPkg/HttpDxe/HttpProto.c b/NetworkPkg/HttpDxe/HttpProto.c index afa7fe4..c3608c0 100644 --- a/NetworkPkg/HttpDxe/HttpProto.c +++ b/NetworkPkg/HttpDxe/HttpProto.c @@ -1,9 +1,9 @@ /** @file Miscellaneous routines for HttpDxe driver. -Copyright (c) 2015, Intel Corporation. All rights reserved. +Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. (C) Copyright 2016 Hewlett Packard Enterprise Development LP This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -1605,10 +1605,11 @@ HttpTcpReceiveHeader ( while (!HttpInstance->IsRxDone && ((Timeout == NULL) || EFI_ERROR (gBS->CheckEvent (Timeout { Tcp4->Poll (Tcp4); } if (!HttpInstance->IsRxDone) { +Tcp4->Cancel (Tcp4, >CompletionToken); gBS->CloseEvent (Rx4Token->CompletionToken.Event); Rx4Token->CompletionToken.Status = EFI_TIMEOUT; } Status = Rx4Token->CompletionToken.Status; @@ -1671,10 +1672,11 @@ HttpTcpReceiveHeader ( while (!HttpInstance->IsRxDone && ((Timeout == NULL) || EFI_ERROR (gBS->CheckEvent (Timeout { Tcp6->Poll (Tcp6); } if (!HttpInstance->IsRxDone) { +Tcp6->Cancel (Tcp6, >CompletionToken); gBS->CloseEvent (Rx6Token->CompletionToken.Event); Rx6Token->CompletionToken.Status = EFI_TIMEOUT; } Status = Rx6Token->CompletionToken.Status; @@ -1745,11 +1747,12 @@ HttpTcpReceiveBody ( HTTP_PROTOCOL *HttpInstance; EFI_TCP6_PROTOCOL *Tcp6; EFI_TCP6_IO_TOKEN *Rx6Token; EFI_TCP4_PROTOCOL *Tcp4; EFI_TCP4_IO_TOKEN *Rx4Token; - + + Status = EFI_SUCCESS; HttpInstance = Wrap->HttpInstance; Tcp4 = HttpInstance->Tcp4; Tcp6 = HttpInstance->Tcp6; Rx4Token = NULL; Rx6Token = NULL; @@ -1776,14 +1779,15 @@ HttpTcpReceiveBody ( while (!Wrap->TcpWrap.IsRxDone && ((Timeout == NULL) || EFI_ERROR (gBS->CheckEvent (Timeout { Tcp6->Poll (Tcp6); } if (!Wrap->TcpWrap.IsRxDone) { + Tcp6->Cancel (Tcp6, >CompletionToken); gBS->CloseEvent (Rx6Token->CompletionToken.Event); + Rx6Token->CompletionToken.Event = NULL; Rx6Token->CompletionToken.Status = EFI_TIMEOUT; Wrap->HttpToken->Status = Rx6Token->CompletionToken.Status; - gBS->SignalEvent (Wrap->HttpToken->Event); } } else { Rx4Token = >TcpWrap.Rx4Token; Rx4Token->Packet.RxData->DataLength = (UINT32) HttpMsg->BodyLength; Rx4Token->Packet.RxData->FragmentTable[0].FragmentLength = (UINT32) HttpMsg->BodyLength; @@ -1799,19 +1803,21 @@ HttpTcpReceiveBody ( while (!Wrap->TcpWrap.IsRxDone && ((Timeout == NULL) || EFI_ERROR (gBS->CheckEvent (Timeout { Tcp4->Poll (Tcp4); } if (!Wrap->TcpWrap.IsRxDone) { + Tcp4->Cancel (Tcp4, >CompletionToken); gBS->CloseEvent (Rx4Token->CompletionToken.Event); + Rx4Token->CompletionToken.Event = NULL; Rx4Token->CompletionToken.Status = EFI_TIMEOUT; Wrap->HttpToken->Status = Rx4Token->CompletionToken.Status; - gBS->SignalEvent (Wrap->HttpToken->Event); } } - return EFI_SUCCESS; + Status = Wrap->HttpToken->Status; + return Status; } /** Clean up Tcp Tokens while the Tcp transmission error occurs. -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] MdeModulePkg: Refine the code for DxeHttpLib
Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c | 12 +++- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c index 46f035a..727cc42 100644 --- a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c +++ b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c @@ -1671,15 +1671,17 @@ HttpGenRequestMessage ( EFI_HTTP_UTILITIES_PROTOCOL *HttpUtilitiesProtocol; ASSERT (Message != NULL); - *RequestMsg = NULL; - MsgSize = 0; - Success = FALSE; - HttpHdr = NULL; - AppendList = NULL; + *RequestMsg = NULL; + Status= EFI_SUCCESS; + HttpHdrSize = 0; + MsgSize = 0; + Success = FALSE; + HttpHdr = NULL; + AppendList= NULL; HttpUtilitiesProtocol = NULL; // // 1. If we have a Request, we cannot have a NULL Url // 2. If we have a Request, HeaderCount can not be non-zero -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [staging/HTTPS-TLS][PATCH] NetworkPkg: Fix unclosed TCP connection case if TLS session failed
This patch is used to fix unclosed TCP connection case if TLS session build failed. Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/HttpDxe/HttpImpl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/NetworkPkg/HttpDxe/HttpImpl.c b/NetworkPkg/HttpDxe/HttpImpl.c index cf58b13..d380d6a 100644 --- a/NetworkPkg/HttpDxe/HttpImpl.c +++ b/NetworkPkg/HttpDxe/HttpImpl.c @@ -594,14 +594,14 @@ Error4: Error3: if (HttpInstance->UseHttps) { TlsCloseSession (HttpInstance); TlsCloseTxRxEvent (HttpInstance); } - - HttpCloseConnection (HttpInstance); Error2: + HttpCloseConnection (HttpInstance); + HttpCloseTcpConnCloseEvent (HttpInstance); if (NULL != Wrap->TcpWrap.Tx4Token.CompletionToken.Event) { gBS->CloseEvent (Wrap->TcpWrap.Tx4Token.CompletionToken.Event); Wrap->TcpWrap.Tx4Token.CompletionToken.Event = NULL; } -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] SecurityPkg: Cleanup unused structure definition
This patch is used to cleanup unused structure definition. Cc: Zhang Chao B <chao.b.zh...@intel.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- .../SecureBootConfigDxe/SecureBootConfigImpl.h | 37 -- 1 file changed, 37 deletions(-) diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.h b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.h index 1ee9580..0a09ab4 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.h +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.h @@ -100,47 +100,10 @@ extern EFI_IFR_GUID_LABEL *mEndLabel; #define HASHALG_SHA512 0x0004 #define HASHALG_RAW0x0005 #define HASHALG_MAX0x0005 -#define SECUREBOOT_MENU_OPTION_SIGNATURE SIGNATURE_32 ('S', 'b', 'M', 'u') -#define SECUREBOOT_MENU_ENTRY_SIGNATURESIGNATURE_32 ('S', 'b', 'M', 'r') - -typedef struct { - EFI_DEVICE_PATH_PROTOCOL Header; - EFI_GUID Guid; - UINT8 VendorDefinedData[1]; -} VENDOR_DEVICE_PATH_WITH_DATA; - -typedef struct { - EFI_DEVICE_PATH_PROTOCOL Header; - UINT16NetworkProtocol; - UINT16LoginOption; - UINT64Lun; - UINT16TargetPortalGroupTag; - CHAR16TargetName[1]; -} ISCSI_DEVICE_PATH_WITH_NAME; - -typedef struct { - CHAR16 *Str; - UINTN Len; - UINTN Maxlen; -} POOL_PRINT; - -typedef -VOID -(*DEV_PATH_FUNCTION) ( - IN OUT POOL_PRINT *Str, - IN VOID *DevPath - ); - -typedef struct { - UINT8 Type; - UINT8 SubType; - DEV_PATH_FUNCTION Function; -} DEVICE_PATH_STRING_TABLE; - typedef struct { UINTN Signature; LIST_ENTRYHead; UINTN MenuNumber; } SECUREBOOT_MENU_OPTION; -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [staging/HTTPS-TLS][PATCH] NetworkPkg: Handle HTTPS indefinite poll case
This patch is used to handle handle HTTPS indefinite poll case. Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Long Qin <qin.l...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/HttpDxe/HttpImpl.c | 55 ++ NetworkPkg/HttpDxe/HttpProto.c | 68 ++ 2 files changed, 93 insertions(+), 30 deletions(-) diff --git a/NetworkPkg/HttpDxe/HttpImpl.c b/NetworkPkg/HttpDxe/HttpImpl.c index cf58b13..cd8fe05 100644 --- a/NetworkPkg/HttpDxe/HttpImpl.c +++ b/NetworkPkg/HttpDxe/HttpImpl.c @@ -1179,47 +1179,50 @@ HttpResponseWorker ( } } ASSERT (HttpInstance->MsgParser != NULL); - // - // We still need receive more data when there is no cache data and MsgParser is not NULL; - // - if (!HttpInstance->UseHttps) { -if (HttpInstance->TimeoutEvent == NULL) { - // - // Create TimeoutEvent for response - // - Status = gBS->CreateEvent ( - EVT_TIMER, - TPL_CALLBACK, - NULL, - NULL, - >TimeoutEvent - ); - if (EFI_ERROR (Status)) { -goto Error; - } -} - + if (HttpInstance->TimeoutEvent == NULL) { // -// Start the timer, and wait Timeout seconds to receive the body packet. +// Create TimeoutEvent for response // -Status = gBS->SetTimer (HttpInstance->TimeoutEvent, TimerRelative, HTTP_RESPONSE_TIMEOUT * TICKS_PER_SECOND); +Status = gBS->CreateEvent ( +EVT_TIMER, +TPL_CALLBACK, +NULL, +NULL, +>TimeoutEvent +); if (EFI_ERROR (Status)) { goto Error; } - + } + + // + // Start the timer, and wait Timeout seconds to receive the body packet. + // + Status = gBS->SetTimer (HttpInstance->TimeoutEvent, TimerRelative, HTTP_RESPONSE_TIMEOUT * TICKS_PER_SECOND); + if (EFI_ERROR (Status)) { +goto Error; + } + + // + // We still need receive more data when there is no cache data and MsgParser is not NULL; + // + if (!HttpInstance->UseHttps) { Status = HttpTcpReceiveBody (Wrap, HttpMsg, HttpInstance->TimeoutEvent); gBS->SetTimer (HttpInstance->TimeoutEvent, TimerCancel, 0); if (EFI_ERROR (Status)) { goto Error; } } else { -Status = HttpsReceive (HttpInstance, , NULL); +Status = HttpsReceive (HttpInstance, , HttpInstance->TimeoutEvent); + +gBS->SetTimer (HttpInstance->TimeoutEvent, TimerCancel, 0); + if (EFI_ERROR (Status)) { goto Error; } // @@ -1315,11 +1318,13 @@ Exit: Error2: NetMapInsertHead (>TxTokens, ValueInItem->HttpToken, ValueInItem); Error: - HttpTcpTokenCleanup (Wrap); + if (!HttpInstance->UseHttps) { +HttpTcpTokenCleanup (Wrap); + } if (HttpHeaders != NULL) { FreePool (HttpHeaders); HttpHeaders = NULL; } diff --git a/NetworkPkg/HttpDxe/HttpProto.c b/NetworkPkg/HttpDxe/HttpProto.c index 965a49f..ebb9dd9 100644 --- a/NetworkPkg/HttpDxe/HttpProto.c +++ b/NetworkPkg/HttpDxe/HttpProto.c @@ -1230,11 +1230,40 @@ HttpConnectTcp4 ( // // Tls session connection. // if (HttpInstance->UseHttps) { -Status = TlsConnectSession (HttpInstance, NULL); +if (HttpInstance->TimeoutEvent == NULL) { + // + // Create TimeoutEvent for TLS connection. + // + Status = gBS->CreateEvent ( + EVT_TIMER, + TPL_CALLBACK, + NULL, + NULL, + >TimeoutEvent + ); + if (EFI_ERROR (Status)) { +TlsCloseTxRxEvent (HttpInstance); +return Status; + } +} + +// +// Start the timer, and wait Timeout seconds for connection. +// +Status = gBS->SetTimer (HttpInstance->TimeoutEvent, TimerRelative, HTTP_CONNECTION_TIMEOUT * TICKS_PER_SECOND); +if (EFI_ERROR (Status)) { + TlsCloseTxRxEvent (HttpInstance); + return Status; +} + +Status = TlsConnectSession (HttpInstance, HttpInstance->TimeoutEvent); + +gBS->SetTimer (HttpInstance->TimeoutEvent, TimerCancel, 0); + if (EFI_ERROR (Status)) { TlsCloseTxRxEvent (HttpInstance); return Status; } } @@ -1293,11 +1322,40 @@ HttpConnectTcp6 ( // // Tls session connection. // if (HttpInstance->UseHttps) { -Status = TlsConnectSession (HttpInstance, NULL); +if (HttpInstance->TimeoutEvent == NULL) { + // + // Create TimeoutEvent for TLS connection. + // + Status = gBS->CreateEve
[edk2] [staging/HTTPS-TLS][PATCH] CryptoPkg: Fix ssl build error.
This patch is used to fix ssl unresolved external build error. Cc: Samer El-Haj-Mahmoud <el...@hpe.com> Cc: Thomas Palmer <thomas.pal...@hpe.com> Cc: Long Qin <qin.l...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c | 10 ++ 1 file changed, 10 insertions(+) diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c index c0ccc0e..a2386bc 100644 --- a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c @@ -382,10 +382,15 @@ FILE *fopen (const char *c, const char *m) size_t fread (void *b, size_t c, size_t i, FILE *f) { return 0; } +int fputs (const char *s, FILE *f) +{ + return 0; +} + int fprintf (FILE *f, const char *s, ...) { return 0; } @@ -446,5 +451,10 @@ void syslog (int a, const char *c, ...) ssize_t write (int f, const void *b, size_t l) { return 0; } + +int printf (char const *fmt, ...) +{ + return 0; +} -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [PATCH v2] ShellPkg: Enhance ping6 to select the interface automatically
v2: * Refine the code to make it more readable. This patch is used to support no source IP specified case while multiple NICs existed in the platform. The command will select the first both connected and configured interface automatically. Note: Source address is always required when pinging a link-local address. Cc: Bhupesh Sharma <bhupesh.sha...@nxp.com> Cc: Jaben Carsey <jaben.car...@intel.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- .../Library/UefiShellNetwork2CommandsLib/Ping6.c | 166 - 1 file changed, 95 insertions(+), 71 deletions(-) diff --git a/ShellPkg/Library/UefiShellNetwork2CommandsLib/Ping6.c b/ShellPkg/Library/UefiShellNetwork2CommandsLib/Ping6.c index af7d08f..e4ae977 100644 --- a/ShellPkg/Library/UefiShellNetwork2CommandsLib/Ping6.c +++ b/ShellPkg/Library/UefiShellNetwork2CommandsLib/Ping6.c @@ -661,22 +661,26 @@ Ping6CreateIpInstance ( { EFI_STATUS Status; UINTNHandleIndex; UINTNHandleNum; EFI_HANDLE *HandleBuffer; + BOOLEAN UnspecifiedSrc; + BOOLEAN MediaPresent; EFI_SERVICE_BINDING_PROTOCOL *Ip6Sb; EFI_IP6_CONFIG_PROTOCOL *Ip6Cfg; EFI_IP6_CONFIG_DATA Ip6Config; EFI_IP6_CONFIG_INTERFACE_INFO*IfInfo; UINTNIfInfoSize; EFI_IPv6_ADDRESS *Addr; UINTNAddrIndex; - HandleBuffer = NULL; - Ip6Sb= NULL; - IfInfo = NULL; - IfInfoSize = 0; + HandleBuffer = NULL; + UnspecifiedSrc= FALSE; + MediaPresent = TRUE; + Ip6Sb = NULL; + IfInfo= NULL; + IfInfoSize= 0; // // Locate all the handles with ip6 service binding protocol. // Status = gBS->LocateHandleBuffer ( @@ -687,113 +691,133 @@ Ping6CreateIpInstance ( ); if (EFI_ERROR (Status) || (HandleNum == 0)) { return EFI_ABORTED; } + + if (NetIp6IsUnspecifiedAddr (>SrcAddress)) { +// +// SrcAddress is unspecified. So, both connected and configured interface will be automatic selected. +// +UnspecifiedSrc = TRUE; + } + // - // Source address is required when pinging a link-local address on multi- - // interfaces host. + // Source address is required when pinging a link-local address. // - if (NetIp6IsLinkLocalAddr (>DstAddress) && - NetIp6IsUnspecifiedAddr (>SrcAddress) && - (HandleNum > 1)) { + if (NetIp6IsLinkLocalAddr (>DstAddress) && UnspecifiedSrc) { ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_PING6_INVALID_SOURCE), gShellNetwork2HiiHandle); Status = EFI_INVALID_PARAMETER; goto ON_ERROR; } + // // For each ip6 protocol, check interface addresses list. // for (HandleIndex = 0; HandleIndex < HandleNum; HandleIndex++) { Ip6Sb = NULL; IfInfo = NULL; IfInfoSize = 0; +if (UnspecifiedSrc) { + // + // Check media. + // + NetLibDetectMedia (HandleBuffer[HandleIndex], ); + if (!MediaPresent) { +// +// Skip this one. +// +continue; + } +} + Status = gBS->HandleProtocol ( HandleBuffer[HandleIndex], , (VOID **) ); if (EFI_ERROR (Status)) { goto ON_ERROR; } -if (NetIp6IsUnspecifiedAddr (>SrcAddress)) { - // - // No need to match interface address. - // - break; -} else { - // - // Ip6config protocol and ip6 service binding protocol are installed - // on the same handle. - // - Status = gBS->HandleProtocol ( - HandleBuffer[HandleIndex], - , - (VOID **) - ); +// +// Ip6config protocol and ip6 service binding protocol are installed +// on the same handle. +// +Status = gBS->HandleProtocol ( +HandleBuffer[HandleIndex], +, +(VOID **) +); - if (EFI_ERROR (Status)) { -goto ON_ERROR; - } - // - // Get the interface information size. - // - Status = Ip6Cfg->GetData ( - Ip6Cfg, - Ip6ConfigDataTypeInterfaceInfo, - , - NULL - ); - - if (Status != EFI_BUFFER_TOO_SMALL) { -ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_PING6_IP6CFG_GETDATA), gShellNetwork2HiiHandle, Status); -goto ON_ERROR; - } +if (EFI_ER
[edk2] [PATCH v2] ShellPkg: Enhance ping to select the interface automatically
v2: * A. Refine the code to make it more readable. * B. Add hint message for link local address case. This patch is used to support no source IP specified case while multiple NICs existed in the platform. The command will select the first both connected and configured interface automatically. Note: Source address is always required when pinging a link-local address. Cc: David Van Arnem <dvanar...@cmlab.biz> Cc: Bhupesh Sharma <bhupesh.sha...@nxp.com> Cc: Jaben Carsey <jaben.car...@intel.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- .../Library/UefiShellNetwork1CommandsLib/Ping.c| 229 - .../UefiShellNetwork1CommandsLib.uni | 1 + 2 files changed, 129 insertions(+), 101 deletions(-) diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c index 13bcdde..abd2f6b 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c @@ -874,20 +874,24 @@ PingCreateIpInstance ( { EFI_STATUS Status; UINTNHandleIndex; UINTNHandleNum; EFI_HANDLE *HandleBuffer; + BOOLEAN UnspecifiedSrc; + BOOLEAN MediaPresent; EFI_SERVICE_BINDING_PROTOCOL *EfiSb; VOID *IpXCfg; EFI_IP6_CONFIG_DATA Ip6Config; EFI_IP4_CONFIG_DATA Ip4Config; VOID *IpXInterfaceInfo; UINTNIfInfoSize; EFI_IPv6_ADDRESS *Addr; UINTNAddrIndex; HandleBuffer = NULL; + UnspecifiedSrc= FALSE; + MediaPresent = TRUE; EfiSb = NULL; IpXInterfaceInfo = NULL; IfInfoSize= 0; // @@ -901,160 +905,183 @@ PingCreateIpInstance ( ); if (EFI_ERROR (Status) || (HandleNum == 0) || (HandleBuffer == NULL)) { return EFI_ABORTED; } + + if (Private->IpChoice == PING_IP_CHOICE_IP6 ? NetIp6IsUnspecifiedAddr ((EFI_IPv6_ADDRESS*)>SrcAddress) : \ + PingNetIp4IsUnspecifiedAddr ((EFI_IPv4_ADDRESS*)>SrcAddress)) { +// +// SrcAddress is unspecified. So, both connected and configured interface will be automatic selected. +// +UnspecifiedSrc = TRUE; + } + // - // Source address is required when pinging a link-local address on multi- - // interfaces host. + // Source address is required when pinging a link-local address. // if (Private->IpChoice == PING_IP_CHOICE_IP6) { -if (NetIp6IsLinkLocalAddr ((EFI_IPv6_ADDRESS*)>DstAddress) && -NetIp6IsUnspecifiedAddr ((EFI_IPv6_ADDRESS*)>SrcAddress) && -(HandleNum > 1)) { - ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_PARAM_INV), gShellNetwork1HiiHandle, L"ping", mSrcString); +if (NetIp6IsLinkLocalAddr ((EFI_IPv6_ADDRESS*)>DstAddress) && UnspecifiedSrc) { + ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_PING_INVALID_SOURCE), gShellNetwork1HiiHandle); Status = EFI_INVALID_PARAMETER; goto ON_ERROR; } } else { ASSERT(Private->IpChoice == PING_IP_CHOICE_IP4); -if (PingNetIp4IsLinkLocalAddr ((EFI_IPv4_ADDRESS*)>DstAddress) && -PingNetIp4IsUnspecifiedAddr ((EFI_IPv4_ADDRESS*)>SrcAddress) && -(HandleNum > 1)) { - ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_PARAM_INV), gShellNetwork1HiiHandle, L"ping", mSrcString); +if (PingNetIp4IsLinkLocalAddr ((EFI_IPv4_ADDRESS*)>DstAddress) && UnspecifiedSrc) { + ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_PING_INVALID_SOURCE), gShellNetwork1HiiHandle); Status = EFI_INVALID_PARAMETER; goto ON_ERROR; } } + // // For each ip6 protocol, check interface addresses list. // for (HandleIndex = 0; HandleIndex < HandleNum; HandleIndex++) { - EfiSb = NULL; IpXInterfaceInfo = NULL; IfInfoSize= 0; +if (UnspecifiedSrc) { + // + // Check media. + // + NetLibDetectMedia (HandleBuffer[HandleIndex], ); + if (!MediaPresent) { +// +// Skip this one. +// +continue; + } +} + Status = gBS->HandleProtocol ( HandleBuffer[HandleIndex], Private->IpChoice == PING_IP_CHOICE_IP6?:, (VOID **) ); if (EFI_ERROR (Status)) { goto ON_ERROR; } -if (Private->IpChoice == PING_IP_CHOICE_IP6?NetIp6IsUnspecifiedAddr ((EFI_IPv6_ADDRESS*)>SrcAddress
[edk2] [Patch] NetworkPkg: Fix incorrect buffer free in HttpDxe
FragmentBuffer of each TcpWrap in HttpDxe should not be freed in HttpTcpTokenCleanup(). This buffer points to HttpMsg body actually, which is the responsibility of the caller to allocate a buffer for Body. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/HttpDxe/HttpProto.c | 44 +- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/NetworkPkg/HttpDxe/HttpProto.c b/NetworkPkg/HttpDxe/HttpProto.c index 9b3c774..bd95c0d 100644 --- a/NetworkPkg/HttpDxe/HttpProto.c +++ b/NetworkPkg/HttpDxe/HttpProto.c @@ -1796,49 +1796,49 @@ HttpTcpTokenCleanup ( HttpInstance = Wrap->HttpInstance; Rx4Token = NULL; Rx6Token = NULL; if (HttpInstance->LocalAddressIsIPv6) { -if (Wrap->TcpWrap.Rx6Token.CompletionToken.Event != NULL) { - gBS->CloseEvent (Wrap->TcpWrap.Rx6Token.CompletionToken.Event); -} - Rx6Token = >TcpWrap.Rx6Token; -if (Rx6Token->Packet.RxData->FragmentTable[0].FragmentBuffer != NULL) { - FreePool (Rx6Token->Packet.RxData->FragmentTable[0].FragmentBuffer); - Rx6Token->Packet.RxData->FragmentTable[0].FragmentBuffer = NULL; + +if (Rx6Token->CompletionToken.Event != NULL) { + gBS->CloseEvent (Rx6Token->CompletionToken.Event); + Rx6Token->CompletionToken.Event = NULL; } -FreePool (Wrap); -if (HttpInstance->Rx6Token.CompletionToken.Event != NULL) { - gBS->CloseEvent (HttpInstance->Rx6Token.CompletionToken.Event); - HttpInstance->Rx6Token.CompletionToken.Event = NULL; -} +FreePool (Wrap); Rx6Token = >Rx6Token; + +if (Rx6Token->CompletionToken.Event != NULL) { + gBS->CloseEvent (Rx6Token->CompletionToken.Event); + Rx6Token->CompletionToken.Event = NULL; +} + if (Rx6Token->Packet.RxData->FragmentTable[0].FragmentBuffer != NULL) { FreePool (Rx6Token->Packet.RxData->FragmentTable[0].FragmentBuffer); Rx6Token->Packet.RxData->FragmentTable[0].FragmentBuffer = NULL; } } else { -if (Wrap->TcpWrap.Rx4Token.CompletionToken.Event != NULL) { - gBS->CloseEvent (Wrap->TcpWrap.Rx4Token.CompletionToken.Event); -} Rx4Token = >TcpWrap.Rx4Token; -if (Rx4Token->Packet.RxData->FragmentTable[0].FragmentBuffer != NULL) { - FreePool (Rx4Token->Packet.RxData->FragmentTable[0].FragmentBuffer); - Rx4Token->Packet.RxData->FragmentTable[0].FragmentBuffer = NULL; + +if (Rx4Token->CompletionToken.Event != NULL) { + gBS->CloseEvent (Rx4Token->CompletionToken.Event); + Rx4Token->CompletionToken.Event = NULL; } + FreePool (Wrap); -if (HttpInstance->Rx4Token.CompletionToken.Event != NULL) { - gBS->CloseEvent (HttpInstance->Rx4Token.CompletionToken.Event); - HttpInstance->Rx4Token.CompletionToken.Event = NULL; +Rx4Token = >Rx4Token; + +if (Rx4Token->CompletionToken.Event != NULL) { + gBS->CloseEvent (Rx4Token->CompletionToken.Event); + Rx4Token->CompletionToken.Event = NULL; } -Rx4Token = >Rx4Token; + if (Rx4Token->Packet.RxData->FragmentTable[0].FragmentBuffer != NULL) { FreePool (Rx4Token->Packet.RxData->FragmentTable[0].FragmentBuffer); Rx4Token->Packet.RxData->FragmentTable[0].FragmentBuffer = NULL; } } -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] NetworkPkg: Avoid the indefinite wait case in HttpDxe
Need the timer check to avoid the indefinite wait case in HttpDxe driver A.HTTP receive Header process in HttpTcpReceiveHeader(); B.HTTP receive Body process in HttpTcpReceiveBody(); Cc: Hegde Nagaraj P <nagaraj-p.he...@hpe.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/HttpDxe/HttpImpl.c | 60 -- NetworkPkg/HttpDxe/HttpProto.c | 59 ++--- NetworkPkg/HttpDxe/HttpProto.h | 15 +++ 3 files changed, 117 insertions(+), 17 deletions(-) diff --git a/NetworkPkg/HttpDxe/HttpImpl.c b/NetworkPkg/HttpDxe/HttpImpl.c index 63b683e..fe2acbc 100644 --- a/NetworkPkg/HttpDxe/HttpImpl.c +++ b/NetworkPkg/HttpDxe/HttpImpl.c @@ -174,10 +174,11 @@ EfiHttpConfigure ( >IPv4Node, HttpConfigData->AccessPoint.IPv4Node, sizeof (HttpInstance->IPv4Node) ); } + // // Creat Tcp child // Status = HttpInitProtocol (HttpInstance, HttpInstance->LocalAddressIsIPv6); if (EFI_ERROR (Status)) { @@ -894,11 +895,39 @@ HttpResponseWorker ( } HttpInstance->EndofHeader = HttpInstance->HttpHeaders = -Status = HttpTcpReceiveHeader (HttpInstance, , ); + +if (HttpInstance->TimeoutEvent == NULL) { + // + // Create TimeoutEvent for response + // + Status = gBS->CreateEvent ( + EVT_TIMER, + TPL_CALLBACK, + NULL, + NULL, + >TimeoutEvent + ); + if (EFI_ERROR (Status)) { +goto Error; + } +} + +// +// Start the timer, and wait Timeout seconds to receive the header packet. +// +Status = gBS->SetTimer (HttpInstance->TimeoutEvent, TimerRelative, HTTP_RESPONSE_TIMEOUT * TICKS_PER_SECOND); +if (EFI_ERROR (Status)) { + goto Error; +} + +Status = HttpTcpReceiveHeader (HttpInstance, , , HttpInstance->TimeoutEvent); + +gBS->SetTimer (HttpInstance->TimeoutEvent, TimerCancel, 0); + if (EFI_ERROR (Status)) { goto Error; } ASSERT (HttpHeaders != NULL); @@ -1095,14 +1124,41 @@ HttpResponseWorker ( } } ASSERT (HttpInstance->MsgParser != NULL); + if (HttpInstance->TimeoutEvent == NULL) { +// +// Create TimeoutEvent for response +// +Status = gBS->CreateEvent ( +EVT_TIMER, +TPL_CALLBACK, +NULL, +NULL, +>TimeoutEvent +); +if (EFI_ERROR (Status)) { + goto Error; +} + } + + // + // Start the timer, and wait Timeout seconds to receive the body packet. + // + Status = gBS->SetTimer (HttpInstance->TimeoutEvent, TimerRelative, HTTP_RESPONSE_TIMEOUT * TICKS_PER_SECOND); + if (EFI_ERROR (Status)) { +goto Error; + } + // // We still need receive more data when there is no cache data and MsgParser is not NULL; // - Status = HttpTcpReceiveBody (Wrap, HttpMsg); + Status = HttpTcpReceiveBody (Wrap, HttpMsg, HttpInstance->TimeoutEvent); + + gBS->SetTimer (HttpInstance->TimeoutEvent, TimerCancel, 0); + if (EFI_ERROR (Status)) { goto Error; } return Status; diff --git a/NetworkPkg/HttpDxe/HttpProto.c b/NetworkPkg/HttpDxe/HttpProto.c index 156f138..eb2af7f 100644 --- a/NetworkPkg/HttpDxe/HttpProto.c +++ b/NetworkPkg/HttpDxe/HttpProto.c @@ -813,10 +813,15 @@ HttpCleanProtocol ( { HttpCloseConnection (HttpInstance); HttpCloseTcpConnCloseEvent (HttpInstance); + if (HttpInstance->TimeoutEvent != NULL) { +gBS->CloseEvent (HttpInstance->TimeoutEvent); +HttpInstance->TimeoutEvent = NULL; + } + if (HttpInstance->CacheBody != NULL) { FreePool (HttpInstance->CacheBody); HttpInstance->CacheBody = NULL; HttpInstance->NextMsg = NULL; } @@ -1537,20 +1542,22 @@ HttpTcpReceive ( Receive the HTTP header by processing the associated HTTP token. @param[in] HttpInstance The HTTP instance private data. @param[in, out] SizeofHeadersThe HTTP header length. @param[in, out] BufferSize The size of buffer to cacahe the header message. + @param[in] Timeout The time to wait for receiving the header packet. @retval EFI_SUCCESS The HTTP header is received. @retval OthersOther errors as indicated. **/ EFI_STATUS HttpTcpReceiveHeader ( IN HTTP_PROTOCOL *HttpInstance, IN OUT UINTN *SizeofHeaders, - IN OUT UINTN *BufferSi
[edk2] [Patch] ShellPkg: Enhance ping6 to select the interface automatically
This patch is used to support no source IP specified case while multiple NICs existed in the platform. The command will select the first both connected and configured interface automatically. Cc: Bhupesh Sharma <bhupesh.sha...@nxp.com> Cc: Jaben Carsey <jaben.car...@intel.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- .../Library/UefiShellNetwork2CommandsLib/Ping6.c | 166 - 1 file changed, 95 insertions(+), 71 deletions(-) diff --git a/ShellPkg/Library/UefiShellNetwork2CommandsLib/Ping6.c b/ShellPkg/Library/UefiShellNetwork2CommandsLib/Ping6.c index af7d08f..f129612 100644 --- a/ShellPkg/Library/UefiShellNetwork2CommandsLib/Ping6.c +++ b/ShellPkg/Library/UefiShellNetwork2CommandsLib/Ping6.c @@ -661,22 +661,26 @@ Ping6CreateIpInstance ( { EFI_STATUS Status; UINTNHandleIndex; UINTNHandleNum; EFI_HANDLE *HandleBuffer; + BOOLEAN UnspecifiedSrc; + BOOLEAN MediaPresent; EFI_SERVICE_BINDING_PROTOCOL *Ip6Sb; EFI_IP6_CONFIG_PROTOCOL *Ip6Cfg; EFI_IP6_CONFIG_DATA Ip6Config; EFI_IP6_CONFIG_INTERFACE_INFO*IfInfo; UINTNIfInfoSize; EFI_IPv6_ADDRESS *Addr; UINTNAddrIndex; - HandleBuffer = NULL; - Ip6Sb= NULL; - IfInfo = NULL; - IfInfoSize = 0; + HandleBuffer = NULL; + UnspecifiedSrc= FALSE; + MediaPresent = TRUE; + Ip6Sb = NULL; + IfInfo= NULL; + IfInfoSize= 0; // // Locate all the handles with ip6 service binding protocol. // Status = gBS->LocateHandleBuffer ( @@ -687,115 +691,135 @@ Ping6CreateIpInstance ( ); if (EFI_ERROR (Status) || (HandleNum == 0)) { return EFI_ABORTED; } + + if (NetIp6IsUnspecifiedAddr (>SrcAddress)) { +// +// SrcAddress is unspecified. So, both connected and configured interface will be automatic selected. +// +UnspecifiedSrc = TRUE; + } + // // Source address is required when pinging a link-local address on multi- // interfaces host. // if (NetIp6IsLinkLocalAddr (>DstAddress) && - NetIp6IsUnspecifiedAddr (>SrcAddress) && - (HandleNum > 1)) { + UnspecifiedSrc && (HandleNum > 1)) { ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_PING6_INVALID_SOURCE), gShellNetwork2HiiHandle); Status = EFI_INVALID_PARAMETER; goto ON_ERROR; } + // // For each ip6 protocol, check interface addresses list. // for (HandleIndex = 0; HandleIndex < HandleNum; HandleIndex++) { Ip6Sb = NULL; IfInfo = NULL; IfInfoSize = 0; +if (UnspecifiedSrc) { + // + // Check media. + // + NetLibDetectMedia (HandleBuffer[HandleIndex], ); + if (!MediaPresent) { +// +// Skip this one. +// +continue; + } +} + Status = gBS->HandleProtocol ( HandleBuffer[HandleIndex], , (VOID **) ); if (EFI_ERROR (Status)) { goto ON_ERROR; } -if (NetIp6IsUnspecifiedAddr (>SrcAddress)) { - // - // No need to match interface address. - // - break; -} else { - // - // Ip6config protocol and ip6 service binding protocol are installed - // on the same handle. - // - Status = gBS->HandleProtocol ( - HandleBuffer[HandleIndex], - , - (VOID **) - ); +// +// Ip6config protocol and ip6 service binding protocol are installed +// on the same handle. +// +Status = gBS->HandleProtocol ( +HandleBuffer[HandleIndex], +, +(VOID **) +); - if (EFI_ERROR (Status)) { -goto ON_ERROR; - } - // - // Get the interface information size. - // - Status = Ip6Cfg->GetData ( - Ip6Cfg, - Ip6ConfigDataTypeInterfaceInfo, - , - NULL - ); - - if (Status != EFI_BUFFER_TOO_SMALL) { -ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_PING6_IP6CFG_GETDATA), gShellNetwork2HiiHandle, Status); -goto ON_ERROR; - } +if (EFI_ERROR (Status)) { + goto ON_ERROR; +} +// +// Get the interface information size. +// +Status = Ip6Cfg->GetData ( + Ip6Cfg, +
[edk2] [staging/HTTPS-TLS][PATCH 0/3] Provide an UI to support TLS authentication
Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Long Qin <qin.l...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> Jiaxin Wu (3): NetworkPkg: Provide an UI to support tls authentication. Nt32Pkg: Add TlsAuthConfigDxe module Readme.MD: Add content for TlsAuthConfigDxe NetworkPkg/Include/Guid/TlsAuthConfigHii.h | 25 + NetworkPkg/NetworkPkg.dec |4 + NetworkPkg/NetworkPkg.dsc |2 + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.c | 135 ++ NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf | 72 + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.uni | 21 + .../TlsAuthConfigDxe/TlsAuthConfigDxeExtra.uni | 19 + .../TlsAuthConfigDxe/TlsAuthConfigDxeStrings.uni | 39 + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c| 1843 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.h| 288 +++ NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigNvData.h | 49 + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigVfr.vfr | 152 ++ Nt32Pkg/Nt32Pkg.dsc|1 + Nt32Pkg/Nt32Pkg.fdf|1 + Readme.MD |2 + 15 files changed, 2653 insertions(+) create mode 100644 NetworkPkg/Include/Guid/TlsAuthConfigHii.h create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.c create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.uni create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxeExtra.uni create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxeStrings.uni create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.h create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigNvData.h create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigVfr.vfr -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [staging/HTTPS-TLS][PATCH 2/3] Nt32Pkg: Add TlsAuthConfigDxe module
This patch is used to add TlsAuthConfigDxe module. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Long Qin <qin.l...@intel.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- Nt32Pkg/Nt32Pkg.dsc | 1 + Nt32Pkg/Nt32Pkg.fdf | 1 + 2 files changed, 2 insertions(+) diff --git a/Nt32Pkg/Nt32Pkg.dsc b/Nt32Pkg/Nt32Pkg.dsc index 9259333..aa58a80 100644 --- a/Nt32Pkg/Nt32Pkg.dsc +++ b/Nt32Pkg/Nt32Pkg.dsc @@ -450,10 +450,11 @@ NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf !if $(HTTPS_BOOT_ENABLE) == TRUE NetworkPkg/TlsDxe/TlsDxe.inf + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf !endif MdeModulePkg/Universal/BdsDxe/BdsDxe.inf { NULL|MdeModulePkg/Library/BmpImageDecoderLib/BmpImageDecoderLib.inf diff --git a/Nt32Pkg/Nt32Pkg.fdf b/Nt32Pkg/Nt32Pkg.fdf index 55dd69e..5313cff 100644 --- a/Nt32Pkg/Nt32Pkg.fdf +++ b/Nt32Pkg/Nt32Pkg.fdf @@ -262,10 +262,11 @@ INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf INF NetworkPkg/DnsDxe/DnsDxe.inf INF NetworkPkg/HttpDxe/HttpDxe.inf INF NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf !if $(HTTPS_BOOT_ENABLE) == TRUE INF NetworkPkg/TlsDxe/TlsDxe.inf +INF NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf !endif # # FILE statements are provided so that a platform integrator can include -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [staging/HTTPS-TLS][PATCH 1/3] NetworkPkg: Provide an UI to support TLS authentication
This patch provides an UI to support TLS authentication. EFI_SIGNATURE_LIST format is used for 'TlsCaCertificate' variable. So, TLS supports multiple certificate configuration. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Long Qin <qin.l...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/Include/Guid/TlsAuthConfigHii.h | 25 + NetworkPkg/NetworkPkg.dec |4 + NetworkPkg/NetworkPkg.dsc |2 + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.c | 135 ++ NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf | 72 + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.uni | 21 + .../TlsAuthConfigDxe/TlsAuthConfigDxeExtra.uni | 19 + .../TlsAuthConfigDxe/TlsAuthConfigDxeStrings.uni | 39 + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c| 1843 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.h| 288 +++ NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigNvData.h | 49 + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigVfr.vfr | 152 ++ 12 files changed, 2649 insertions(+) create mode 100644 NetworkPkg/Include/Guid/TlsAuthConfigHii.h create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.c create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.uni create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxeExtra.uni create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxeStrings.uni create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.h create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigNvData.h create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigVfr.vfr diff --git a/NetworkPkg/Include/Guid/TlsAuthConfigHii.h b/NetworkPkg/Include/Guid/TlsAuthConfigHii.h new file mode 100644 index 000..9d21426 --- /dev/null +++ b/NetworkPkg/Include/Guid/TlsAuthConfigHii.h @@ -0,0 +1,25 @@ +/** @file + GUIDs used as HII FormSet and HII Package list GUID in TlsAuthConfigDxe driver. + +Copyright (c) 2016, Intel Corporation. All rights reserved. +This program and the accompanying materials are licensed and made available under +the terms and conditions of the BSD License that accompanies this distribution. +The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php. + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#ifndef __TLS_AUTH_CONFIG_HII_GUID_H__ +#define __TLS_AUTH_CONFIG_HII_GUID_H__ + +#define TLS_AUTH_CONFIG_GUID \ + { \ +0xb0eae4f8, 0x9a04, 0x4c6d, { 0xa7, 0x48, 0x79, 0x3d, 0xaa, 0xf, 0x65, 0xdf } \ + } + +extern EFI_GUID gTlsAuthConfigGuid; + +#endif diff --git a/NetworkPkg/NetworkPkg.dec b/NetworkPkg/NetworkPkg.dec index 268188a..065b603 100644 --- a/NetworkPkg/NetworkPkg.dec +++ b/NetworkPkg/NetworkPkg.dec @@ -38,10 +38,14 @@ gIScsiConfigGuid = { 0x4b47d616, 0xa8d6, 0x4552, { 0x9d, 0x44, 0xcc, 0xad, 0x2e, 0xf, 0x4c, 0xf9}} # Include/Guid/HttpBootConfigHii.h gHttpBootConfigGuid = { 0x4d20583a, 0x7765, 0x4e7a, { 0x8a, 0x67, 0xdc, 0xde, 0x74, 0xee, 0x3e, 0xc5 }} + # Include/Guid/TlsAuthConfigHii.h + gTlsAuthConfigGuid = { 0xb0eae4f8, 0x9a04, 0x4c6d, { 0xa7, 0x48, 0x79, 0x3d, 0xaa, 0xf, 0x65, 0xdf }} + + [PcdsFeatureFlag] ## Indicates if the IPsec IKEv2 Certificate Authentication feature is enabled or not. # TRUE - Certificate Authentication feature is enabled. # FALSE - Does not support Certificate Authentication. # @Prompt Enable IPsec IKEv2 Certificate Authentication. diff --git a/NetworkPkg/NetworkPkg.dsc b/NetworkPkg/NetworkPkg.dsc index 2712a6a..5d693b9 100644 --- a/NetworkPkg/NetworkPkg.dsc +++ b/NetworkPkg/NetworkPkg.dsc @@ -51,10 +51,11 @@ IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf OpensslTlsLib|CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf + FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf [LibraryClasses.common.UEFI_DRIVER] DebugLib|MdePkg/Library/UefiDebugLibConOut/UefiDebugLibConOut.inf @@ -106,10 +107,11 @@ NetworkPkg/DnsDxe/DnsDxe.inf NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf NetworkPkg/HttpBootDxe/HttpBootDxe.inf NetworkPkg/TlsDxe/TlsDxe.inf + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigD
[edk2] [staging/HTTPS-TLS][PATCH 3/3] Readme.MD: Add content for TlsAuthConfigDxe
Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Long Qin <qin.l...@intel.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- Readme.MD | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Readme.MD b/Readme.MD index 573593e..64c696d 100644 --- a/Readme.MD +++ b/Readme.MD @@ -28,10 +28,11 @@ NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf CryptoPkg/Library/OpensslLib/OpensslLib.inf CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CryptoPkg/Library/TlsLib/TlsLib.inf NetworkPkg/TlsDxe/TlsDxe.inf +NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf ``` HTTPS Authentication Currently, HTTPS boot feature only support server authentication with an unauthenticated client mode [RFC5246](https://tools.ietf.org/html/rfc5246). To support this mode, server CA certificate is required by Client. Private variable is used to configure this CA certificate. **EFI_SIGNATURE_LIST** format is used for this variable. In sum, the Server CA certificate must be configured first to enable HTTPS boot feature. The variable name and GUID are defined as below. ``` @@ -40,5 +41,6 @@ Currently, HTTPS boot feature only support server authentication with an unauthe 0xfd2340D0, 0x3dab, 0x4349, { 0xa6, 0xc7, 0x3b, 0x4f, 0x12, 0xb4, 0x8e, 0xae } \ } #define EFI_TLS_CA_CERTIFICATE_VARIABLE L"TlsCaCertificate" ``` +**TlsAuthConfigDxe** is a temporary driver to provide an UI to support the required certificate configuration. -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [staging/HTTPS-TLS][PATCH] Readme.MD: Add Readme for HTTPS-TLS branch
Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Long Qin <qin.l...@intel.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- Readme.MD | 44 1 file changed, 44 insertions(+) create mode 100644 Readme.MD diff --git a/Readme.MD b/Readme.MD new file mode 100644 index 000..573593e --- /dev/null +++ b/Readme.MD @@ -0,0 +1,44 @@ +This branch is used to develop the HTTPS boot feature including TLS and related libraries. + +The branch owner: +Jiaxin Wu < jiaxin...@intel.com > + +## Feature Introduction +The security of HTTPS boot is that of the underlying TLS. In simple terms, HTTPS boot refers to the use of HTTP boot over TLS session. **TlsDxe** driver takes advantage of OpenSLL library, including **BaseCryptLib** and new wrapped **TlsLib**, And also, **OpensslTlsLib** module is required to enable 'openssl/ssl' function. **HttpDxe** driver in this branch consumes TlsDxe driver to support HTTPS feature. The HTTP instance can be able to determine whether to use HTTP or HTTPS feature by according to the different schemes ("http://; or "https://;) in the boot file URI. + + + Related Protocols +The following protocols are related to HTTPS boot: +``` +HTTP Service Binding Protocol +HTTP Protocol +HTTP Utilities Protocol +TLS Service Binding Protocol +TLS Protocol +TLS Configuration Protocol +``` + + Related Modules +The following modules are related to HTTPS boot: +``` +MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf +NetworkPkg/HttpBootDxe/HttpBootDxe.inf +NetworkPkg/HttpDxe/HttpDxe.inf +NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf +CryptoPkg/Library/OpensslLib/OpensslLib.inf +CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf +CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +CryptoPkg/Library/TlsLib/TlsLib.inf +NetworkPkg/TlsDxe/TlsDxe.inf +``` + + HTTPS Authentication +Currently, HTTPS boot feature only support server authentication with an unauthenticated client mode [RFC5246](https://tools.ietf.org/html/rfc5246). To support this mode, server CA certificate is required by Client. Private variable is used to configure this CA certificate. **EFI_SIGNATURE_LIST** format is used for this variable. In sum, the Server CA certificate must be configured first to enable HTTPS boot feature. The variable name and GUID are defined as below. +``` +#define EFI_TLS_CA_CERTIFICATE_GUID \ + { \ +0xfd2340D0, 0x3dab, 0x4349, { 0xa6, 0xc7, 0x3b, 0x4f, 0x12, 0xb4, 0x8e, 0xae } \ + } + +#define EFI_TLS_CA_CERTIFICATE_VARIABLE L"TlsCaCertificate" +``` -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [PATCH v2 2/6] CryptoPkg: Add OpensslTlsLib module to enable 'openssl\ssl'
v2: * The latest version commit in CryptoPkg is in conflict with this fix. So, this update resolve the conflict issue. * Remove NULL 'time' parameter fix and make it as a standalone commit. * Update OpensslTlsLib implementation. * convert OpensslTlsLib.uni from UTF-16 to UTF-8. This patch is used to add OpensslTlsLib module to enable 'openssl\ssl' function. Cc: Long Qin <qin.l...@intel.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- CryptoPkg/CryptoPkg.dsc| 1 + CryptoPkg/Include/OpenSslSupport.h | 11 ++- CryptoPkg/Library/OpensslLib/Install.cmd | 1 + CryptoPkg/Library/OpensslLib/Install.sh| 1 + CryptoPkg/Library/OpensslLib/OpensslLib.inf| 1 + CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf | 110 + CryptoPkg/Library/OpensslLib/OpensslTlsLib.uni | 21 + 7 files changed, 145 insertions(+), 1 deletion(-) create mode 100644 CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf create mode 100644 CryptoPkg/Library/OpensslLib/OpensslTlsLib.uni diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc index 5ae0e67..bb7f082 100644 --- a/CryptoPkg/CryptoPkg.dsc +++ b/CryptoPkg/CryptoPkg.dsc @@ -48,10 +48,11 @@ UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + OpensslTlsLib|CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf [LibraryClasses.ARM, LibraryClasses.AARCH64] # # It is not possible to prevent the ARM compiler for generic intrinsic functions. # This library provides the instrinsic functions generate by a given compiler. diff --git a/CryptoPkg/Include/OpenSslSupport.h b/CryptoPkg/Include/OpenSslSupport.h index 239ae8b..13c73b5 100644 --- a/CryptoPkg/Include/OpenSslSupport.h +++ b/CryptoPkg/Include/OpenSslSupport.h @@ -1,9 +1,9 @@ /** @file Root include file to support building OpenSSL Crypto Library. -Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved. +Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -116,10 +116,12 @@ typedef UINT32 ino_t; typedef UINT32 dev_t; typedef UINT16 nlink_t; typedef intpid_t; typedef void *DIR; typedef void __sighandler_t (int); +typedef UINT8 __uint8_t; +typedef UINT8 sa_family_t; // // Structures from EFI Application Toolkit required to buiild Open SSL // struct tm { @@ -170,10 +172,16 @@ struct stat { UINT32 st_gen; /* file generation number */ INT32st_lspare; INT64st_qspare[2]; }; +struct sockaddr { + __uint8_t sa_len; /* total length */ + sa_family_t sa_family;/* address family */ + charsa_data[14]; /* actually longer; address value */ +}; + // // Externs from EFI Application Toolkit required to buiild Open SSL // extern int errno; @@ -270,8 +278,9 @@ extern FILE *stdout; #define strchr(str,ch)ScanMem8((VOID *)(str),AsciiStrSize(str),(UINT8)ch) #define abort() ASSERT (FALSE) #define assert(expression) #define localtime(timer) NULL #define gmtime_r(timer,result)(result = NULL) +#define gettimeofday(tvp,tz) do { (tvp)->tv_sec = time(NULL); (tvp)->tv_usec = 0; } while (0) #define atoi(nptr)AsciiStrDecimalToUintn(nptr) #endif diff --git a/CryptoPkg/Library/OpensslLib/Install.cmd b/CryptoPkg/Library/OpensslLib/Install.cmd index 51e5414..e5a5f0d 100755 --- a/CryptoPkg/Library/OpensslLib/Install.cmd +++ b/CryptoPkg/Library/OpensslLib/Install.cmd @@ -6,10 +6,11 @@ copy crypto\crypto.hinclude\openssl copy crypto\opensslv.h include\openssl copy crypto\opensslconf.h include\openssl copy crypto\ebcdic.hinclude\openssl copy crypto\symhacks.h include\openssl copy crypto\ossl_typ.h include\openssl +copy crypto\o_dir.h include copy crypto\objects\objects.h include\openssl copy crypto\objects\obj_mac.h include\openssl copy crypto\md4\md4.h include\openssl copy crypto\md5\md5.h include\openssl copy crypto\sha\sha.h include\openssl diff --git a/CryptoPkg/Library/OpensslLib/Install.sh b/CryptoPkg/Library/OpensslLib/Install.sh index 06f1dcd..4ff1d39 100755 --- a/CryptoPkg/Library/Openssl
[edk2] [Patch] ShellPkg: Enhance ping to select the interface automatically
This patch is used to support no source IP specified case while multiple NICs existed in the platform. The command will select the first both connected and configured interface automatically. Cc: David Van Arnem <dvanar...@cmlab.biz> Cc: Bhupesh Sharma <bhupesh.sha...@nxp.com> Cc: Jaben Carsey <jaben.car...@intel.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- .../Library/UefiShellNetwork1CommandsLib/Ping.c| 224 - 1 file changed, 127 insertions(+), 97 deletions(-) diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c index 13bcdde..6b05884 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c @@ -874,20 +874,24 @@ PingCreateIpInstance ( { EFI_STATUS Status; UINTNHandleIndex; UINTNHandleNum; EFI_HANDLE *HandleBuffer; + BOOLEAN UnspecifiedSrc; + BOOLEAN MediaPresent; EFI_SERVICE_BINDING_PROTOCOL *EfiSb; VOID *IpXCfg; EFI_IP6_CONFIG_DATA Ip6Config; EFI_IP4_CONFIG_DATA Ip4Config; VOID *IpXInterfaceInfo; UINTNIfInfoSize; EFI_IPv6_ADDRESS *Addr; UINTNAddrIndex; HandleBuffer = NULL; + UnspecifiedSrc= FALSE; + MediaPresent = TRUE; EfiSb = NULL; IpXInterfaceInfo = NULL; IfInfoSize= 0; // @@ -923,139 +927,165 @@ PingCreateIpInstance ( ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_PARAM_INV), gShellNetwork1HiiHandle, L"ping", mSrcString); Status = EFI_INVALID_PARAMETER; goto ON_ERROR; } } + + if (Private->IpChoice == PING_IP_CHOICE_IP6 ? NetIp6IsUnspecifiedAddr ((EFI_IPv6_ADDRESS*)>SrcAddress) : \ + PingNetIp4IsUnspecifiedAddr ((EFI_IPv4_ADDRESS*)>SrcAddress)) { +// +// SrcAddress is unspecified. So, both connected and configured interface will be automatic selected. +// +UnspecifiedSrc = TRUE; + } + // // For each ip6 protocol, check interface addresses list. // for (HandleIndex = 0; HandleIndex < HandleNum; HandleIndex++) { - EfiSb = NULL; IpXInterfaceInfo = NULL; IfInfoSize= 0; +if (UnspecifiedSrc) { + // + // Check media. + // + NetLibDetectMedia (HandleBuffer[HandleIndex], ); + if (!MediaPresent) { +// +// Skip this one. +// +continue; + } +} + Status = gBS->HandleProtocol ( HandleBuffer[HandleIndex], Private->IpChoice == PING_IP_CHOICE_IP6?:, (VOID **) ); if (EFI_ERROR (Status)) { goto ON_ERROR; } -if (Private->IpChoice == PING_IP_CHOICE_IP6?NetIp6IsUnspecifiedAddr ((EFI_IPv6_ADDRESS*)>SrcAddress):PingNetIp4IsUnspecifiedAddr ((EFI_IPv4_ADDRESS*)>SrcAddress)) { - // - // No need to match interface address. - // - break; +// +// Ip6config protocol and ip6 service binding protocol are installed +// on the same handle. +// +Status = gBS->HandleProtocol ( +HandleBuffer[HandleIndex], +Private->IpChoice == PING_IP_CHOICE_IP6?:, +(VOID **) +); + +if (EFI_ERROR (Status)) { + goto ON_ERROR; +} +// +// Get the interface information size. +// +if (Private->IpChoice == PING_IP_CHOICE_IP6) { + Status = ((EFI_IP6_CONFIG_PROTOCOL*)IpXCfg)->GetData ( + IpXCfg, + Ip6ConfigDataTypeInterfaceInfo, + , + NULL + ); } else { - // - // Ip6config protocol and ip6 service binding protocol are installed - // on the same handle. - // - Status = gBS->HandleProtocol ( - HandleBuffer[HandleIndex], - Private->IpChoice == PING_IP_CHOICE_IP6?:, - (VOID **) - ); + Status = ((EFI_IP4_CONFIG2_PROTOCOL*)IpXCfg)->GetData ( + IpXCfg, + Ip4Config2DataTypeInterfaceInfo, + , + NULL + ); +} + +// +// Skip the ones not in current use. +// +if (Status == EFI_NOT_STARTED) { + continue; +} - if (EFI_ERROR (Stat
[edk2] [Patch] ShellPkg: Update ping command options to sync with Spec
This patch is used to update ping command options to sync with shell2.2 Spec. Considering the backward compatible issue, the patch keeps ‘-_s’ command option unchanged, only add the new option '-s' and make the old option '-_s' function same as new one. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Jaben Carsey <jaben.car...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- .../Library/UefiShellNetwork1CommandsLib/Ping.c| 12 ++-- .../UefiShellNetwork1CommandsLib.uni | 22 +- 2 files changed, 19 insertions(+), 15 deletions(-) diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c index dbee764..13bcdde 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c @@ -1,10 +1,10 @@ /** @file The implementation for Ping shell command. (C) Copyright 2015 Hewlett-Packard Development Company, L.P. - Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved. + Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -196,10 +196,14 @@ STATIC CONST SHELL_PARAM_ITEMPingParamList[] = { { L"-n", TypeValue }, { +L"-s", +TypeValue + }, + { L"-_s", TypeValue }, { L"-_ip6", @@ -1510,11 +1514,15 @@ ShellCommandRunPing ( ZeroMem (, sizeof (EFI_IPv6_ADDRESS)); // // Parse the paramter of source ip address. // - ValueStr = ShellCommandLineGetValue (ParamPackage, L"-_s"); + ValueStr = ShellCommandLineGetValue (ParamPackage, L"-s"); + if (ValueStr == NULL) { +ValueStr = ShellCommandLineGetValue (ParamPackage, L"-_s"); + } + if (ValueStr != NULL) { mSrcString = ValueStr; if (IpChoice == PING_IP_CHOICE_IP6) { Status = NetLibStrToIp6 (ValueStr, ); } else { diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/UefiShellNetwork1CommandsLib.uni b/ShellPkg/Library/UefiShellNetwork1CommandsLib/UefiShellNetwork1CommandsLib.uni index bc6acac..7d6f2da 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/UefiShellNetwork1CommandsLib.uni +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/UefiShellNetwork1CommandsLib.uni @@ -1,9 +1,9 @@ // /** // // (C) Copyright 2013-2015 Hewlett-Packard Development Company, L.P. -// Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved. +// Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved. // This program and the accompanying materials // are licensed and made available under the terms and conditions of the BSD License // which accompanies this distribution. The full text of the license may be found at // http://opensource.org/licenses/bsd-license.php // @@ -86,28 +86,27 @@ #string STR_IFCONFIG_INFO_GATEWAY_HEAD#language en-US"\n%Hdefault gateway: %N" #string STR_IFCONFIG_INFO_DNS_ADDR_HEAD #language en-US"\n%HDNS server : %N\n" #string STR_IFCONFIG_INFO_IP_ADDR_BODY#language en-US "%d.%d.%d.%d\n" #string STR_GET_HELP_PING #language en-US "" -".TH ping 0 "Pings the target host with an IPv4 or IPv6 stack."\r\n" +".TH ping 0 "Ping the target host with an IPv4 stack."\r\n" ".SH NAME\r\n" -"Pings the target host with an IPv4 or IPv6 stack.\r\n" +"Ping the target host with an IPv4 stack.\r\n" ".SH SYNOPSIS\r\n" " \r\n" -"PING [-_ip6] [-_s SourceIp] [-n count] [-l size] TargetIp\r\n" +"PING [-n count] [-l size] [-s SourceIp] TargetIp\r\n" ".SH OPTIONS\r\n" " \r\n" " -n - Specifies the number of echo request datagrams to be sent.\r\n" " -l - Specifies the size of the data buffer in the echo request datagram.\r\n" -" -_ip6- Specifies the IPv6 stack usage mode (Default is IPv4 stack).\r\n" -" -_s - Specifies the source adapter as IPv4 or IPv6 address.\r\n" -" SourceIp - Specifies the IPv4 or IPv6 address of the source machine.\r\n" -" TargetIp - Specifies the IPv4 or IPv6 address of the target machine.\r\n" +" -s - Specifies the source adapter as IPv4 address.\r\n" +" SourceIp - Specifies the IPv4 address of the source machine.\r\n" +" TargetIp - Specifies the IPv4 address of the target machine.\r\n" ".SH DESCRIPTION\r\n" &q
[edk2] [Patch] NetworkPkg: Fix issue in Ip6Dxe SetData
EFI_NOT_READY should not be treated as an error status returned from SetData for Ip6ConfigDataTypeManualAddress since there is an asynchronous operation for DAD process. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Hegde Nagaraj P <nagaraj-p.he...@hpe.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/Ip6Dxe/Ip6Driver.c | 72 +-- 1 file changed, 35 insertions(+), 37 deletions(-) diff --git a/NetworkPkg/Ip6Dxe/Ip6Driver.c b/NetworkPkg/Ip6Dxe/Ip6Driver.c index ba70290..16617c1 100644 --- a/NetworkPkg/Ip6Dxe/Ip6Driver.c +++ b/NetworkPkg/Ip6Dxe/Ip6Driver.c @@ -576,11 +576,11 @@ Ip6DriverBindingStart ( Ip6Cfg, Ip6ConfigDataTypeManualAddress, DataItem->DataSize, DataItem->Data.Ptr ); -if (EFI_ERROR(Status)) { +if (EFI_ERROR(Status) && Status != EFI_NOT_READY) { goto ON_ERROR; } } // @@ -597,50 +597,48 @@ Ip6DriverBindingStart ( if (EFI_ERROR(Status)) { goto ON_ERROR; } } - if (!EFI_ERROR (Status)) { -// -// ready to go: start the receiving and timer -// -Status = Ip6ReceiveFrame (Ip6AcceptFrame, IpSb); -if (EFI_ERROR (Status)) { - goto ON_ERROR; -} + // + // ready to go: start the receiving and timer + // + Status = Ip6ReceiveFrame (Ip6AcceptFrame, IpSb); + if (EFI_ERROR (Status)) { +goto ON_ERROR; + } -// -// The timer expires every 100 (IP6_TIMER_INTERVAL_IN_MS) milliseconds. -// -Status = gBS->SetTimer ( -IpSb->FasterTimer, -TimerPeriodic, -TICKS_PER_MS * IP6_TIMER_INTERVAL_IN_MS -); -if (EFI_ERROR (Status)) { - goto ON_ERROR; -} + // + // The timer expires every 100 (IP6_TIMER_INTERVAL_IN_MS) milliseconds. + // + Status = gBS->SetTimer ( + IpSb->FasterTimer, + TimerPeriodic, + TICKS_PER_MS * IP6_TIMER_INTERVAL_IN_MS + ); + if (EFI_ERROR (Status)) { +goto ON_ERROR; + } -// -// The timer expires every 1000 (IP6_ONE_SECOND_IN_MS) milliseconds. -// -Status = gBS->SetTimer ( -IpSb->Timer, -TimerPeriodic, -TICKS_PER_MS * IP6_ONE_SECOND_IN_MS -); -if (EFI_ERROR (Status)) { - goto ON_ERROR; -} + // + // The timer expires every 1000 (IP6_ONE_SECOND_IN_MS) milliseconds. + // + Status = gBS->SetTimer ( + IpSb->Timer, + TimerPeriodic, + TICKS_PER_MS * IP6_ONE_SECOND_IN_MS + ); + if (EFI_ERROR (Status)) { +goto ON_ERROR; + } -// -// Initialize the IP6 ID -// -mIp6Id = NET_RANDOM (NetRandomInitSeed ()); + // + // Initialize the IP6 ID + // + mIp6Id = NET_RANDOM (NetRandomInitSeed ()); -return EFI_SUCCESS; - } + return EFI_SUCCESS; ON_ERROR: Ip6CleanService (IpSb); FreePool (IpSb); return Status; -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4 and IPv6
v2: To support the multiple certificate configuration, EFI_SIGNATURE_LIST format is used for the variable 'TlsCaCertificate'. This patch is used to enable HTTPS feature. HttpDxe driver will consume TlsDxe driver. It can both support http and https feature, it’s depended on the information in URL, the HTTP instance can be able to determine whether to use http or https. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Long Qin <qin.l...@intel.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/HttpDxe/HttpDriver.h |8 +- NetworkPkg/HttpDxe/HttpDxe.inf|8 +- NetworkPkg/HttpDxe/HttpImpl.c | 188 +++- NetworkPkg/HttpDxe/HttpProto.c| 395 ++--- NetworkPkg/HttpDxe/HttpProto.h| 65 +- NetworkPkg/HttpDxe/HttpsSupport.c | 1701 + NetworkPkg/HttpDxe/HttpsSupport.h | 314 +++ 7 files changed, 2542 insertions(+), 137 deletions(-) create mode 100644 NetworkPkg/HttpDxe/HttpsSupport.c create mode 100644 NetworkPkg/HttpDxe/HttpsSupport.h diff --git a/NetworkPkg/HttpDxe/HttpDriver.h b/NetworkPkg/HttpDxe/HttpDriver.h index 9c0002a..3c30c12 100644 --- a/NetworkPkg/HttpDxe/HttpDriver.h +++ b/NetworkPkg/HttpDxe/HttpDriver.h @@ -1,9 +1,9 @@ /** @file The header files of the driver binding and service binding protocol for HttpDxe driver. - Copyright (c) 2015, Intel Corporation. All rights reserved. + Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. (C) Copyright 2016 Hewlett Packard Enterprise Development LP This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -22,10 +22,11 @@ // // Libraries // #include +#include #include #include #include #include #include @@ -48,12 +49,14 @@ #include #include #include #include #include +#include +#include - +#include // // Produced Protocols // #include @@ -77,10 +80,11 @@ extern EFI_HTTP_UTILITIES_PROTOCOL *mHttpUtilities; // Include files with function prototypes // #include "ComponentName.h" #include "HttpImpl.h" #include "HttpProto.h" +#include "HttpsSupport.h" #include "HttpDns.h" typedef struct { EFI_SERVICE_BINDING_PROTOCOL *ServiceBinding; UINTN NumberOfChildren; diff --git a/NetworkPkg/HttpDxe/HttpDxe.inf b/NetworkPkg/HttpDxe/HttpDxe.inf index bf2cbee..a228c3d 100644 --- a/NetworkPkg/HttpDxe/HttpDxe.inf +++ b/NetworkPkg/HttpDxe/HttpDxe.inf @@ -1,9 +1,9 @@ ## @file # Implementation of EFI HTTP protocol interfaces. # -# Copyright (c) 2015, Intel Corporation. All rights reserved. +# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. # # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at # http://opensource.org/licenses/bsd-license.php. @@ -36,14 +36,17 @@ HttpDriver.c HttpImpl.h HttpImpl.c HttpProto.h HttpProto.c + HttpsSupport.h + HttpsSupport.c [LibraryClasses] UefiDriverEntryPoint UefiBootServicesTableLib + UefiRuntimeServicesTableLib MemoryAllocationLib BaseLib UefiLib DebugLib NetLib @@ -62,8 +65,11 @@ gEfiDns4ProtocolGuid ## SOMETIMES_CONSUMES gEfiDns6ServiceBindingProtocolGuid ## SOMETIMES_CONSUMES gEfiDns6ProtocolGuid ## SOMETIMES_CONSUMES gEfiIp4Config2ProtocolGuid ## SOMETIMES_CONSUMES gEfiIp6ConfigProtocolGuid## SOMETIMES_CONSUMES + gEfiTlsServiceBindingProtocolGuid## SOMETIMES_CONSUMES + gEfiTlsProtocolGuid ## SOMETIMES_CONSUMES + gEfiTlsConfigurationProtocolGuid ## SOMETIMES_CONSUMES [UserExtensions.TianoCore."ExtraFiles"] HttpDxeExtra.uni \ No newline at end of file diff --git a/NetworkPkg/HttpDxe/HttpImpl.c b/NetworkPkg/HttpDxe/HttpImpl.c index 63b683e..8d81a90 100644 --- a/NetworkPkg/HttpDxe/HttpImpl.c +++ b/NetworkPkg/HttpDxe/HttpImpl.c @@ -238,10 +238,11 @@ EfiHttpRequest ( CHAR8 *HostName; UINT16RemotePort; HTTP_PROTOCOL *HttpInstance; BOOLEAN Configure; BOOLEAN ReConfigure; + BOOLEAN TlsConfigure; CHAR8 *RequestStr; CHAR8 *Url; UINTN UrlLen; CHAR16*HostNameStr; HTTP_TOKEN_WRA
[edk2] [PATCH v2 4/6] NetworkPkg: TlsDxe driver implementation over OpenSSL
v2: Refine the MAX_BUFFER_SIZE This patch is the implementation of EFI TLS Protocol and EFI TLS Configuration Protocol Interfaces. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Long Qin <qin.l...@intel.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/NetworkPkg.dsc | 3 + NetworkPkg/TlsDxe/TlsConfigProtocol.c | 152 + NetworkPkg/TlsDxe/TlsDriver.c | 499 +++ NetworkPkg/TlsDxe/TlsDriver.h | 237 + NetworkPkg/TlsDxe/TlsDxe.inf | 67 NetworkPkg/TlsDxe/TlsDxe.uni | 25 ++ NetworkPkg/TlsDxe/TlsDxeExtra.uni | 20 ++ NetworkPkg/TlsDxe/TlsImpl.c | 280 +++ NetworkPkg/TlsDxe/TlsImpl.h | 342 +++ NetworkPkg/TlsDxe/TlsProtocol.c | 627 ++ 10 files changed, 2252 insertions(+) create mode 100644 NetworkPkg/TlsDxe/TlsConfigProtocol.c create mode 100644 NetworkPkg/TlsDxe/TlsDriver.c create mode 100644 NetworkPkg/TlsDxe/TlsDriver.h create mode 100644 NetworkPkg/TlsDxe/TlsDxe.inf create mode 100644 NetworkPkg/TlsDxe/TlsDxe.uni create mode 100644 NetworkPkg/TlsDxe/TlsDxeExtra.uni create mode 100644 NetworkPkg/TlsDxe/TlsImpl.c create mode 100644 NetworkPkg/TlsDxe/TlsImpl.h create mode 100644 NetworkPkg/TlsDxe/TlsProtocol.c diff --git a/NetworkPkg/NetworkPkg.dsc b/NetworkPkg/NetworkPkg.dsc index 0695dc1..2712a6a 100644 --- a/NetworkPkg/NetworkPkg.dsc +++ b/NetworkPkg/NetworkPkg.dsc @@ -47,10 +47,12 @@ TcpIoLib|MdeModulePkg/Library/DxeTcpIoLib/DxeTcpIoLib.inf HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + OpensslTlsLib|CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf [LibraryClasses.common.UEFI_DRIVER] @@ -103,10 +105,11 @@ NetworkPkg/Mtftp6Dxe/Mtftp6Dxe.inf NetworkPkg/DnsDxe/DnsDxe.inf NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf NetworkPkg/HttpBootDxe/HttpBootDxe.inf + NetworkPkg/TlsDxe/TlsDxe.inf NetworkPkg/Application/IfConfig6/IfConfig6.inf NetworkPkg/Application/IpsecConfig/IpSecConfig.inf NetworkPkg/Application/VConfig/VConfig.inf diff --git a/NetworkPkg/TlsDxe/TlsConfigProtocol.c b/NetworkPkg/TlsDxe/TlsConfigProtocol.c new file mode 100644 index 000..2855be1 --- /dev/null +++ b/NetworkPkg/TlsDxe/TlsConfigProtocol.c @@ -0,0 +1,152 @@ +/** @file + Implementation of EFI TLS Configuration Protocol Interfaces. + + Copyright (c) 2016, Intel Corporation. All rights reserved. + + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php. + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#include "TlsImpl.h" + +EFI_TLS_CONFIGURATION_PROTOCOL mTlsConfigurationProtocol = { + TlsConfigurationSetData, + TlsConfigurationGetData +}; + +/** + Set TLS configuration data. + + The SetData() function sets TLS configuration to non-volatile storage or volatile + storage. + + @param[in] ThisPointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance. + @param[in] DataTypeConfiguration data type. + @param[in] DataPointer to configuration data. + @param[in] DataSizeTotal size of configuration data. + + @retval EFI_SUCCESS The TLS configuration data is set successfully. + @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: + This is NULL. + Data is NULL. + DataSize is 0. + @retval EFI_UNSUPPORTED The DataType is unsupported. + @retval EFI_OUT_OF_RESOURCESRequired system resources could not be allocated. + +**/ +EFI_STATUS +EFIAPI +TlsConfigurationSetData ( + IN EFI_TLS_CONFIGURATION_PROTOCOL *This, + IN EFI_TLS_CONFIG_DATA_TYPEDataType, + IN VOID*Data, + IN UINTN DataSize + ) +{ + EFI_STATUSStatus; + TLS_INSTANCE *Instance; + EFI_TPL
[edk2] [PATCH v2 3/6] CryptoPkg: Add new TlsLib library
v2: Refine the MAX_BUFFER_SIZE This patch is used to add new TlsLib library, which is wrapped over OpenSSL. The implementation provides TLS library functions for EFI TLS protocol. Cc: Long Qin <qin.l...@intel.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- CryptoPkg/CryptoPkg.dec |4 + CryptoPkg/CryptoPkg.dsc |1 + CryptoPkg/Include/Library/TlsLib.h | 802 CryptoPkg/Library/TlsLib/TlsLib.c | 1772 +++ CryptoPkg/Library/TlsLib/TlsLib.inf | 46 + CryptoPkg/Library/TlsLib/TlsLib.uni | 19 + 6 files changed, 2644 insertions(+) create mode 100644 CryptoPkg/Include/Library/TlsLib.h create mode 100644 CryptoPkg/Library/TlsLib/TlsLib.c create mode 100644 CryptoPkg/Library/TlsLib/TlsLib.inf create mode 100644 CryptoPkg/Library/TlsLib/TlsLib.uni diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec index e1cdb8e..ea02ad7 100644 --- a/CryptoPkg/CryptoPkg.dec +++ b/CryptoPkg/CryptoPkg.dec @@ -29,10 +29,14 @@ [LibraryClasses] ## @libraryclass Provides basic library functions for cryptographic primitives. ## BaseCryptLib|Include/Library/BaseCryptLib.h + ## @libraryclass Provides TLS library functions for EFI TLS protocol. + ## + TlsLib|Include/Library/TlsLib.h + [Protocols] ## Include/Protocol/RuntimeCrypt.h gEfiRuntimeCryptProtocolGuid = { 0xe1475e0c, 0x1746, 0x4802, {0x86, 0x2e, 0x1, 0x1c, 0x2c, 0x2d, 0x9d, 0x86 }} [UserExtensions.TianoCore."ExtraFiles"] diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc index bb7f082..c81d349 100644 --- a/CryptoPkg/CryptoPkg.dsc +++ b/CryptoPkg/CryptoPkg.dsc @@ -122,10 +122,11 @@ ### [Components] CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf + CryptoPkg/Library/TlsLib/TlsLib.inf CryptoPkg/Application/Cryptest/Cryptest.inf CryptoPkg/CryptRuntimeDxe/CryptRuntimeDxe.inf diff --git a/CryptoPkg/Include/Library/TlsLib.h b/CryptoPkg/Include/Library/TlsLib.h new file mode 100644 index 000..d62375b --- /dev/null +++ b/CryptoPkg/Include/Library/TlsLib.h @@ -0,0 +1,802 @@ +/** @file + Defines TLS Library APIs. + +Copyright (c) 2016, Intel Corporation. All rights reserved. +This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#ifndef __TLS_LIB_H__ +#define __TLS_LIB_H__ + +/** + Initializes the OpenSSL library. + + This function registers ciphers and digests used directly and indirectly + by SSL/TLS, and initializes the readable error messages. + This function must be called before any other action takes places. + +**/ +VOID +EFIAPI +TlsInitialize ( + VOID + ); + +/** + Free an allocated SSL_CTX object. + + @param[in] TlsCtxPointer to the SSL_CTX object to be released. + +**/ +VOID +EFIAPI +TlsCtxFree ( + IN VOID *TlsCtx + ); + +/** + Creates a new SSL_CTX object as framework to establish TLS/SSL enabled + connections. + + @param[in] MajorVerMajor Version of TLS/SSL Protocol. + @param[in] MinorVerMinor Version of TLS/SSL Protocol. + + @return Pointer to an allocated SSL_CTX object. + If the creation failed, TlsCtxNew() returns NULL. + +**/ +VOID * +EFIAPI +TlsCtxNew ( + IN UINT8MajorVer, + IN UINT8MinorVer + ); + +/** + Free an allocated TLS object. + + This function removes the TLS object pointed to by Tls and frees up the + allocated memory. If Tls is NULL, nothing is done. + + @param[in] TlsPointer to the TLS object to be freed. + +**/ +VOID +EFIAPI +TlsFree ( + IN VOID *Tls + ); + +/** + Create a new TLS object for a connection. + + This function creates a new TLS object for a connection. The new object + inherits the setting of the underlying context TlsCtx: connection method, + options, verification setting. + + @param[in] TlsCtxPointer to the SSL_CTX object. + + @return Pointer to an allocated SSL object. + If the creation failed, TlsNew() returns NULL. + +**/ +VOID * +EFIAPI +TlsNew ( + IN VOID *TlsCtx + ); + +/** + Checks if the TLS handshake was done. + + This function will check if the specified TLS handshake was done.
[edk2] [Patch] MdeModulePkg: Coding style update for DxeHttpLib.inf
Cc: Fu Siyuan <siyuan...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf index 99fbe8d..92b9b91 100644 --- a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf +++ b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf @@ -1,9 +1,9 @@ ## @file # It provides the helper routines to parse the HTTP message byte stream. # -# Copyright (c) 2015, Intel Corporation. All rights reserved. +# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. # (C) Copyright 2016 Hewlett Packard Enterprise Development LP # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at # http://opensource.org/licenses/bsd-license.php @@ -43,6 +43,6 @@ UefiBootServicesTableLib MemoryAllocationLib NetLib [Protocols] - gEfiHttpUtilitiesProtocolGuid + gEfiHttpUtilitiesProtocolGuid ## SOMETIMES_CONSUMES \ No newline at end of file -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] CryptoPkg: Fix the potential system hang issue
This patch is used to fix the potential system hang caused by the NULL 'time' parameter usage. Cc: David Woodhouse <dw...@infradead.org> Cc: Long Qin <qin.l...@intel.com> Cc: Ye Ting <ting...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- .../Library/BaseCryptLib/SysCall/TimerWrapper.c| 29 +- 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c index 6422d61..93e487d 100644 --- a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c @@ -1,10 +1,10 @@ /** @file C Run-Time Libraries (CRT) Time Management Routines Wrapper Implementation for OpenSSL-based Cryptographic Library (used in DXE & RUNTIME). -Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved. +Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -71,10 +71,11 @@ UINTN CumulativeDays[2][14] = { // INTN *timer // ) time_t time (time_t *timer) { EFI_TIME Time; + time_tCalTime; UINTN Year; // // Get the current time and date information // @@ -82,26 +83,30 @@ time_t time (time_t *timer) // // Years Handling // UTime should now be set to 00:00:00 on Jan 1 of the current year. // - for (Year = 1970, *timer = 0; Year != Time.Year; Year++) { -*timer = *timer + (time_t)(CumulativeDays[IsLeap(Year)][13] * SECSPERDAY); + for (Year = 1970, CalTime = 0; Year != Time.Year; Year++) { +CalTime = CalTime + (time_t)(CumulativeDays[IsLeap(Year)][13] * SECSPERDAY); } // // Add in number of seconds for current Month, Day, Hour, Minute, Seconds, and TimeZone adjustment // - *timer = *timer + - (time_t)((Time.TimeZone != EFI_UNSPECIFIED_TIMEZONE) ? (Time.TimeZone * 60) : 0) + - (time_t)(CumulativeDays[IsLeap(Time.Year)][Time.Month] * SECSPERDAY) + - (time_t)(((Time.Day > 0) ? Time.Day - 1 : 0) * SECSPERDAY) + - (time_t)(Time.Hour * SECSPERHOUR) + - (time_t)(Time.Minute * 60) + - (time_t)Time.Second; - - return *timer; + CalTime = CalTime + +(time_t)((Time.TimeZone != EFI_UNSPECIFIED_TIMEZONE) ? (Time.TimeZone * 60) : 0) + +(time_t)(CumulativeDays[IsLeap(Time.Year)][Time.Month] * SECSPERDAY) + +(time_t)(((Time.Day > 0) ? Time.Day - 1 : 0) * SECSPERDAY) + +(time_t)(Time.Hour * SECSPERHOUR) + +(time_t)(Time.Minute * 60) + +(time_t)Time.Second; + + if (timer != NULL) { +*timer = CalTime; + } + + return CalTime; } // // Convert a time value from type time_t to struct tm. // -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] Makefile: Enable arch X64 build
This patch is used to support arch X64 build. The ARCH can be either IA32 or X64. Adapt these two directives to your need. Cc: Fu Siyuan <siyuan...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- Makefile | 25 ++--- 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/Makefile b/Makefile index ea567ba..85a68ec 100644 --- a/Makefile +++ b/Makefile @@ -1,8 +1,8 @@ #/*++ # -# Copyright (c) 2006, Intel Corporation +# Copyright (c) 2006 - 2016, Intel Corporation # All rights reserved. This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at # http://opensource.org/licenses/bsd-license.php # @@ -20,36 +20,47 @@ # #WINPCAP_DIR is the directory that contains the WinPcap developer's package #The TARGET can be either DEBUG or RELEASE. Adapt these two directives to your need +#The ARCH can be either IA32 or X64. Adapt these two directives to your need # WINPCAP_DIR = ".\WpdPack" TARGET = DEBUG +ARCH= IA32 + +# +#WINPCAP_LIBPATH is the directory that contains the WinPcap developer's library +# +!IF "$(ARCH)" == "IA32" +WINPCAP_LIB = ".\WpdPack\Lib" +!ELSE +WINPCAP_LIB = ".\WpdPack\Lib\x64" +!ENDIF # #Change the output directory and compile parameters according to the TARGET. # !IF "$(TARGET)" == "DEBUG" -OUTPUT_DIR = Debug +OUTPUT_DIR = Debug_$(ARCH) C_DEFINES = /D "WIN32" /D "SNPNT32IO_EXPORTS" -C_FLAGS = /Od /FD /MTd /Fo"Debug/" /Fd"Debug/vc70" /W3 /c /Wp64 /ZI /TC -LINK_FLAGS = /DLL /DEBUG /PDB:"Debug/SnpNt32Io.pdb" +C_FLAGS = /Od /FD /MTd /Fo"$(OUTPUT_DIR)/" /Fd"$(OUTPUT_DIR)/vc70" /W3 /c /Wp64 /ZI /TC +LINK_FLAGS = /DLL /DEBUG /PDB:"$(OUTPUT_DIR)/SnpNt32Io.pdb" !ELSE -OUTPUT_DIR = Release +OUTPUT_DIR = Release_$(ARCH) C_DEFINES = /D "WIN32" /D "NDEBUG" /D "SNPNT32IO_EXPORTS" -C_FLAGS = /O2 /FD /MT /GS /Fo"Release/" /Fd"Release/vc70" /W3 /c /Wp64 /Zi /TC +C_FLAGS = /O2 /FD /MT /GS /Fo"$(OUTPUT_DIR)/" /Fd"$(OUTPUT_DIR)/vc70" /W3 /c /Wp64 /Zi /TC LINK_FLAGS = /DLL !ENDIF # #Main section to build the SnpNt32Io.DLL. The "-" before command prevents the #nmake to exit when the command returns an error # SnpNt32Io.DLL : SnpNt32Io.obj - link $(LINK_FLAGS) /IMPLIB:"$(OUTPUT_DIR)/SnpNt32Io.lib" /LIBPATH:$(WINPCAP_DIR)\Lib\ + link $(LINK_FLAGS) /IMPLIB:"$(OUTPUT_DIR)/SnpNt32Io.lib" /LIBPATH:$(WINPCAP_LIB)\ /OUT:"$(OUTPUT_DIR)/SnpNt32Io.dll" wpcap.lib packet.lib $(OUTPUT_DIR)/SnpNt32Io.obj SnpNt32Io.obj : src\SnpNt32Io.c - md $(OUTPUT_DIR) cl /I $(WINPCAP_DIR)\Include $(C_DEFINES) $(C_FLAGS) src\SnpNt32Io.c -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] NetworkPkg: Fix IpsecConfig GCC build failure issue
This issue is caused by the string token ID for help message, which is defined in the internal head file. This head file is used for reference more than once. So, multiple definition for the string token ID error will be enrolled. Cc: Fu Siyuan <siyuan...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/Application/IpsecConfig/IpSecConfig.c | 7 ++- NetworkPkg/Application/IpsecConfig/IpSecConfig.h | 7 +-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/NetworkPkg/Application/IpsecConfig/IpSecConfig.c b/NetworkPkg/Application/IpsecConfig/IpSecConfig.c index ff895bc..274f582 100644 --- a/NetworkPkg/Application/IpsecConfig/IpSecConfig.c +++ b/NetworkPkg/Application/IpsecConfig/IpSecConfig.c @@ -1,9 +1,9 @@ /** @file The main process for IpSecConfig application. - Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved. + Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -24,10 +24,15 @@ #include "PolicyEntryOperation.h" #include "Delete.h" #include "Helper.h" // +// String token ID of IpSecConfig command help message text. +// +GLOBAL_REMOVE_IF_UNREFERENCED EFI_STRING_ID mStringIpSecHelpTokenId = STRING_TOKEN (STR_IPSEC_CONFIG_HELP); + +// // Used for ShellCommandLineParseEx only // and to ensure user inputs are in valid format // SHELL_PARAM_ITEMmIpSecConfigParamList[] = { { L"-p",TypeValue }, diff --git a/NetworkPkg/Application/IpsecConfig/IpSecConfig.h b/NetworkPkg/Application/IpsecConfig/IpSecConfig.h index 244926f..8ebc599 100644 --- a/NetworkPkg/Application/IpsecConfig/IpSecConfig.h +++ b/NetworkPkg/Application/IpsecConfig/IpSecConfig.h @@ -1,9 +1,9 @@ /** @file The internal structure and function declaration in IpSecConfig application. - Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved. + Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -25,15 +25,10 @@ #include #include #include -// -// String token ID of VConfig command help message text. -// -GLOBAL_REMOVE_IF_UNREFERENCED EFI_STRING_ID mStringIpSecHelpTokenId = STRING_TOKEN (STR_IPSEC_CONFIG_HELP); - #define ARRAY_SIZE(x) (sizeof(x) / sizeof(x[0])) #define IPSECCONFIG_STATUS_NAMEL"IpSecStatus" #define BIT(x) (UINT32) (1 << (x)) -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] ShellPkg: Update 'ifconfig -r' implementation
This patch is used to update ifconfig –r implementation to sync with UEFI Shell 2.2. option -r means to reconfigure all or specified interface, and set DHCP policy. If specified interface is already set to DHCP, then refresh the IPv4 configuration. If the interface name is specified with '-r', DHCP DORA process will be triggered by the policy transition (static -> dhcp). Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Carsey Jaben <jaben.car...@intel.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Cc: Subramanian Sriram <srira...@hpe.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- .../UefiShellNetwork1CommandsLib/Ifconfig.c| 31 ++ 1 file changed, 26 insertions(+), 5 deletions(-) diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c index 0c4a3b0..92108a1 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c @@ -1,10 +1,10 @@ /** @file The implementation for Shell command ifconfig based on IP4Config2 protocol. (C) Copyright 2013-2015 Hewlett-Packard Development Company, L.P. - Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved. + Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -708,40 +708,61 @@ IfConfigShowInterfaceInfo ( /** The clean process of the ifconfig command to clear interface info. @param[in] IfListThe pointer of IfList(interface list). + @param[in] IfNameThe pointer of interface name. @retval SHELL_SUCCESS The ifconfig command clean processed successfully. @retval others The ifconfig command clean process failed. **/ SHELL_STATUS IfConfigClearInterfaceInfo ( - IN LIST_ENTRY*IfList + IN LIST_ENTRY*IfList, + IN CHAR16*IfName ) { EFI_STATUSStatus; SHELL_STATUS ShellStatus; LIST_ENTRY*Entry; LIST_ENTRY*Next; IFCONFIG_INTERFACE_CB *IfCb; EFI_IP4_CONFIG2_POLICYPolicy; - - Policy = Ip4Config2PolicyDhcp; + Status = EFI_SUCCESS; ShellStatus = SHELL_SUCCESS; if (IsListEmpty (IfList)) { ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INVALID_INTERFACE), gShellNetwork1HiiHandle); } // // Go through the interface list. + // If the interface name is specified, DHCP DORA process will be + // triggered by the policy transition (static -> dhcp). // NET_LIST_FOR_EACH_SAFE (Entry, Next, IfList) { IfCb = NET_LIST_USER_STRUCT (Entry, IFCONFIG_INTERFACE_CB, Link); + +if ((IfName != NULL) && (StrCmp (IfName, IfCb->IfInfo->Name) == 0)) { + Policy = Ip4Config2PolicyStatic; + + Status = IfCb->IfCfg->SetData ( + IfCb->IfCfg, + Ip4Config2DataTypePolicy, + sizeof (EFI_IP4_CONFIG2_POLICY), + + ); + if (EFI_ERROR (Status)) { +ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_ERR_AD), gShellNetwork1HiiHandle, L"ifconfig"); +ShellStatus = SHELL_ACCESS_DENIED; +break; + } +} + +Policy = Ip4Config2PolicyDhcp; Status = IfCb->IfCfg->SetData ( IfCb->IfCfg, Ip4Config2DataTypePolicy, sizeof (EFI_IP4_CONFIG2_POLICY), @@ -1141,11 +1162,11 @@ IfConfig ( case IfConfigOpList: ShellStatus = IfConfigShowInterfaceInfo (>IfList); break; case IfConfigOpClear: -ShellStatus = IfConfigClearInterfaceInfo (>IfList); +ShellStatus = IfConfigClearInterfaceInfo (>IfList, Private->IfName); break; case IfConfigOpSet: ShellStatus = IfConfigSetInterfaceInfo (>IfList, Private->VarArg); break; -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [PATCH v4 6/6] Nt32Pkg: Enable Nt32Pkg platform HTTPS boot feature.
v4: *The size of private variable required in HTTPS boot may be large than the default limitation. So, Add HTTPS_BOOT_ENABLE value check for PcdMaxVariableSize. This path is used to enable HTTPS boot feature. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Long Qin <qin.l...@intel.com> Cc: Ruiyu Ni <ruiyu...@intel.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- Nt32Pkg/Nt32Pkg.dsc | 27 +-- Nt32Pkg/Nt32Pkg.fdf | 6 +- 2 files changed, 22 insertions(+), 11 deletions(-) diff --git a/Nt32Pkg/Nt32Pkg.dsc b/Nt32Pkg/Nt32Pkg.dsc index 87a08c0..a06b3ee 100644 --- a/Nt32Pkg/Nt32Pkg.dsc +++ b/Nt32Pkg/Nt32Pkg.dsc @@ -2,11 +2,11 @@ # EFI/Framework Emulation Platform with UEFI HII interface supported. # # The Emulation Platform can be used to debug individual modules, prior to creating #a real platform. This also provides an example for how an DSC is created. # -# Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved. +# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved. # Copyright (c) 2015, Hewlett-Packard Development Company, L.P. # (C) Copyright 2016 Hewlett Packard Enterprise Development LP # #This program and the accompanying materials #are licensed and made available under the terms and conditions of the BSD License @@ -43,10 +43,17 @@ # # Defines for default states. These can be changed on the command line. # -D FLAG=VALUE # DEFINE SECURE_BOOT_ENABLE = FALSE + + # + # This flag is to enable or disable HTTPS boot feature. + # These can be changed on the command line. + # -D FLAG=VALUE + # + DEFINE HTTPS_BOOT_ENABLE = FALSE # # SKU Identification section - list of all SKU IDs supported by this # Platform. @@ -132,15 +139,16 @@ DebugPrintErrorLevelLib|MdeModulePkg/Library/DxeDebugPrintErrorLevelLib/DxeDebugPrintErrorLevelLib.inf PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf DebugAgentLib|MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf CpuExceptionHandlerLib|MdeModulePkg/Library/CpuExceptionHandlerLibNull/CpuExceptionHandlerLibNull.inf LockBoxLib|MdeModulePkg/Library/LockBoxNullLib/LockBoxNullLib.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + OpensslTlsLib|CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf !if $(SECURE_BOOT_ENABLE) == TRUE PlatformSecureLib|Nt32Pkg/Library/PlatformSecureLib/PlatformSecureLib.inf - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf !else TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf @@ -174,13 +182,11 @@ OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf [LibraryClasses.common.PEIM] PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf OemHookStatusCodeLib|Nt32Pkg/Library/PeiNt32OemHookStatusCodeLib/PeiNt32OemHookStatusCodeLib.inf -!if $(SECURE_BOOT_ENABLE) == TRUE BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf -!endif [LibraryClasses.common] # # DXE phase common # @@ -191,13 +197,12 @@ ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf OemHookStatusCodeLib|Nt32Pkg/Library/DxeNt32OemHookStatusCodeLib/DxeNt32OemHookStatusCodeLib.inf PeCoffExtraActionLib|Nt32Pkg/Library/DxeNt32PeCoffExtraActionLib/DxeNt32PeCoffExtraActionLib.inf ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeExtractGuidedSectionLib.inf WinNtLib|Nt32Pkg/Library/DxeWinNtLib/DxeWinNtLib.inf -!if $(SECURE_BOOT_ENABLE) == TRUE BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf -!endif + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf [LibraryClasses.common.DXE_CORE] HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf MemoryAllocationLib|MdeModulePkg/Library/DxeCoreMemoryAllocationLib/DxeCoreMemoryAllocationLib.inf PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf @@ -214,13 +219,11 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] # # Runtime # -!if $(SECURE_BOOT_ENABLE) == TRUE BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf -!endif # # Pcd Section - list of all EDK II PCD Entries defined by
[edk2] [Patch 1/4] MdeModulePkg: Change the default IPv4 config policy
Git version '3d0a49ad' commit provided a scenario to resolve the performance issue for IPv4, but it's not workable for IPv6. To avoid IPv4 and IPv6 inconsistency, we decided to revert that version fix. If so, the default policy for Ip4Config2 is Ip4Config2PolicyDhcp, which results in all NIC ports attempting DHCP. So, this patch is used to changes the the default IPv4 config policy to Ip4Config2PolicyStatic and also defer the SetData operation after Ip4Config2Protocol installed. This update let the other platform drivers have chance to change the default config data by consume Ip4Config2Protocol. Cc: Subramanian Sriram <srira...@hpe.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- .../Universal/Network/Ip4Dxe/Ip4Config2Impl.c | 76 +- .../Universal/Network/Ip4Dxe/Ip4Config2Impl.h | 36 - MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c | 57 +- MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Dxe.inf | 2 +- MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c| 90 ++ 5 files changed, 155 insertions(+), 106 deletions(-) diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c index edbddba..1f763b6 100644 --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c @@ -1,9 +1,9 @@ /** @file The implementation of EFI IPv4 Configuration II Protocol. - Copyright (c) 2015, Intel Corporation. All rights reserved. + Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. (C) Copyright 2015 Hewlett Packard Enterprise Development LP This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -1142,11 +1142,13 @@ Ip4Config2SetPolicy ( if (NewPolicy >= Ip4Config2PolicyMax) { return EFI_INVALID_PARAMETER; } if (NewPolicy == Instance->Policy) { - return EFI_ABORTED; +if (NewPolicy != Ip4Config2PolicyDhcp || Instance->DhcpSuccess) { + return EFI_ABORTED; +} } else { if (NewPolicy == Ip4Config2PolicyDhcp) { // // The policy is changed from static to dhcp: // Clean the ManualAddress, Gateway and DnsServers, shrink the variable @@ -1906,11 +1908,11 @@ Ip4Config2InitInstance ( DataItem = >DataItem[Ip4Config2DataTypePolicy]; DataItem->SetData = Ip4Config2SetPolicy; DataItem->Data.Ptr = >Policy; DataItem->DataSize = sizeof (Instance->Policy); - Instance->Policy = Ip4Config2PolicyDhcp; + Instance->Policy = Ip4Config2PolicyStatic; SET_DATA_ATTRIB (DataItem->Attribute, DATA_ATTRIB_SIZE_FIXED); DataItem = >DataItem[Ip4Config2DataTypeManualAddress]; DataItem->SetData = Ip4Config2SetMaunualAddress; DataItem->Status = EFI_NOT_FOUND; @@ -1937,34 +1939,22 @@ Ip4Config2InitInstance ( Instance->Configured = TRUE; // // Try to read the config data from NV variable. + // If not found, write initialized config data into NV variable + // as a default config data. // Status = Ip4Config2ReadConfigData (IpSb->MacString, Instance); if (Status == EFI_NOT_FOUND) { Status = Ip4Config2WriteConfigData (IpSb->MacString, Instance); } if (EFI_ERROR (Status)) { return Status; } - - // - // Try to set the configured parameter. - // - for (Index = Ip4Config2DataTypePolicy; Index < Ip4Config2DataTypeMaximum; Index++) { -DataItem = >Ip4Config2Instance.DataItem[Index]; -if (DataItem->Data.Ptr != NULL) { - DataItem->SetData ( - >Ip4Config2Instance, - DataItem->DataSize, - DataItem->Data.Ptr - ); -} - } - + Instance->Ip4Config2.SetData = EfiIp4Config2SetData; Instance->Ip4Config2.GetData = EfiIp4Config2GetData; Instance->Ip4Config2.RegisterDataNotify = EfiIp4Config2RegisterDataNotify; Instance->Ip4Config2.UnregisterDataNotify = EfiIp4Config2UnregisterDataNotify; @@ -2027,5 +2017,55 @@ Ip4Config2CleanInstance ( Ip4Config2FormUnload (Instance); RemoveEntryList (>Link); } +/** + The event handle for IP4 auto reconfiguration. The original default + interface and route table will be removed as the default. + + @param[in] ContextThe IP4 service binding instance. + +**/ +VOID +EFIAPI +Ip4AutoReconfigCallBackDpc ( + IN VOID *Context + ) +{ + IP4_SERVICE *IpSb; + + IpSb = (IP4_SERVICE *) Context
[edk2] [Patch 4/4] ShellPkg: Revert git 'd6cf1af9' fix
'd6cf1af9' is associated with '3d0a49ad' commit. So, this patch is used to respond the revert for '3d0a49ad' to adapt the Ipv4 config policy update. Cc: Subramanian Sriram <srira...@hpe.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- .../UefiShellNetwork1CommandsLib/Ifconfig.c| 119 +++-- 1 file changed, 15 insertions(+), 104 deletions(-) diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c index f8dbc88..f02281d 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c @@ -1,10 +1,10 @@ /** @file The implementation for Shell command ifconfig based on IP4Config2 protocol. (C) Copyright 2013-2015 Hewlett-Packard Development Company, L.P. - Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved. + Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -271,90 +271,10 @@ IfConfigManualAddressNotify ( ) { *((BOOLEAN *) Context) = TRUE; } - -/** - Create an IP child, use it to start the auto configuration, then destroy it. - - @param[in] Controller The controller which has the service installed. - @param[in] ImageThe image handle used to open service. - - @retval EFI_SUCCESS The configuration is done. -**/ -EFI_STATUS -EFIAPI -IfConfigStartIp4( - IN EFI_HANDLEController, - IN EFI_HANDLEImage - ) -{ - EFI_IP4_PROTOCOL *Ip4; - EFI_HANDLEIp4Handle; - EFI_IP4_CONFIG_DATA Ip4ConfigData; - EFI_STATUSStatus; - - // - // Get the Ip4ServiceBinding Protocol - // - Ip4Handle = NULL; - Ip4 = NULL; - - Status = NetLibCreateServiceChild ( - Controller, - Image, - , - - ); - - if (EFI_ERROR (Status)) { -return Status; - } - - Status = gBS->OpenProtocol ( - Ip4Handle, - , - (VOID **) , - Controller, - Image, - EFI_OPEN_PROTOCOL_GET_PROTOCOL - ); - - if (EFI_ERROR (Status)) { -goto ON_EXIT; - } - - Ip4ConfigData.DefaultProtocol = EFI_IP_PROTO_ICMP; - Ip4ConfigData.AcceptAnyProtocol= FALSE; - Ip4ConfigData.AcceptIcmpErrors = FALSE; - Ip4ConfigData.AcceptBroadcast = FALSE; - Ip4ConfigData.AcceptPromiscuous= FALSE; - Ip4ConfigData.UseDefaultAddress= TRUE; - ZeroMem (, sizeof (EFI_IPv4_ADDRESS)); - ZeroMem (, sizeof (EFI_IPv4_ADDRESS)); - Ip4ConfigData.TypeOfService= 0; - Ip4ConfigData.TimeToLive = 1; - Ip4ConfigData.DoNotFragment= FALSE; - Ip4ConfigData.RawData = FALSE; - Ip4ConfigData.ReceiveTimeout = 0; - Ip4ConfigData.TransmitTimeout = 0; - - Ip4->Configure (Ip4, ); - -ON_EXIT: - NetLibDestroyServiceChild ( -Controller, -Image, -, -Ip4Handle -); - - return Status; -} - - /** Print MAC address. @param[in]NodeThe pointer of MAC address buffer. @param[in]SizeThe size of MAC address buffer. @@ -972,33 +892,24 @@ IfConfigSetInterfaceInfo ( // // Process valid variables. // if (StrCmp(VarArg->Arg, L"dhcp") == 0) { - if (IfCb->Policy == Ip4Config2PolicyDhcp) { -Status = IfConfigStartIp4 (IfCb->NicHandle, gImageHandle); -if (EFI_ERROR(Status)) { - ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_ERR_AD), gShellNetwork1HiiHandle, L"ifconfig"); - ShellStatus = SHELL_ACCESS_DENIED; - goto ON_EXIT; -} - } else { -// -// Set dhcp config policy -// -Policy = Ip4Config2PolicyDhcp; -Status = IfCb->IfCfg->SetData ( -IfCb->IfCfg, -Ip4Config2DataTypePolicy, -sizeof (EFI_IP4_CONFIG2_POLICY), - -); -if (EFI_ERROR(Status)) { - ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_ERR_AD), gShellNetwork1HiiHandle, L"ifconfig"); - ShellStatus = SHELL_ACCESS_DENIED; - goto ON_EXIT; -} + // + // Set dhcp config policy
[edk2] [Patch 2/4] NetworkPkg: Change the default IPv6 config policy
The default policy for Ip6Config is Ip6ConfigPolicyAutomatic, which results in all NIC ports starting SARR process when it receives RA message with M flag from IPv6 router. So, this patch is used to changes the the default IPv6 config policy to Ip6ConfigPolicyManualand also defer the SetData operation after Ip6ConfigProtocol installed. This update let the other platform drivers have chance to change the default config data by consume Ip6ConfigProtocol. Cc: Subramanian Sriram <srira...@hpe.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c | 4 +- NetworkPkg/Ip6Dxe/Ip6ConfigImpl.h | 22 ++- NetworkPkg/Ip6Dxe/Ip6Driver.c | 81 ++- NetworkPkg/Ip6Dxe/Ip6Dxe.inf | 2 +- 4 files changed, 78 insertions(+), 31 deletions(-) diff --git a/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c b/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c index 75d4f23..62a8ae2 100644 --- a/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c +++ b/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c @@ -1,9 +1,9 @@ /** @file The implementation of EFI IPv6 Configuration Protocol. - Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved. + Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -2207,11 +2207,11 @@ Ip6ConfigInitInstance ( DataItem = >DataItem[Ip6ConfigDataTypePolicy]; DataItem->SetData = Ip6ConfigSetPolicy; DataItem->Data.Ptr = >Policy; DataItem->DataSize = sizeof (Instance->Policy); - Instance->Policy = Ip6ConfigPolicyAutomatic; + Instance->Policy = Ip6ConfigPolicyManual; SET_DATA_ATTRIB (DataItem->Attribute, DATA_ATTRIB_SIZE_FIXED); DataItem = >DataItem[Ip6ConfigDataTypeDupAddrDetectTransmits]; DataItem->SetData = Ip6ConfigSetDadXmits; DataItem->Data.Ptr = >DadXmits; diff --git a/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.h b/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.h index 581978b..2f0e446 100644 --- a/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.h +++ b/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.h @@ -1,9 +1,9 @@ /** @file Definitions for EFI IPv6 Configuartion Protocol implementation. - Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved. + Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -214,10 +214,30 @@ struct _IP6_CONFIG_INSTANCE { IP6_FORM_CALLBACK_INFOCallbackInfo; IP6_CONFIG_NVDATA Ip6NvData; }; /** + Read the configuration data from variable storage according to the VarName and + gEfiIp6ConfigProtocolGuid. It checks the integrity of variable data. If the + data is corrupted, it clears the variable data to ZERO. Othewise, it outputs the + configuration data to IP6_CONFIG_INSTANCE. + + @param[in] VarName The pointer to the variable name + @param[in, out] Instance The pointer to the IP6 config instance data. + + @retval EFI_NOT_FOUND The variable can not be found or already corrupted. + @retval EFI_OUT_OF_RESOURCES Fail to allocate resource to complete the operation. + @retval EFI_SUCCESS The configuration data was retrieved successfully. + +**/ +EFI_STATUS +Ip6ConfigReadConfigData ( + IN CHAR16 *VarName, + IN OUT IP6_CONFIG_INSTANCE *Instance + ); + +/** The event process routine when the DHCPv6 server is answered with a reply packet for an information request. @param[in] This Points to the EFI_DHCP6_PROTOCOL. @param[in] Context The pointer to the IP6 configuration instance data. diff --git a/NetworkPkg/Ip6Dxe/Ip6Driver.c b/NetworkPkg/Ip6Dxe/Ip6Driver.c index 076dc60..ba70290 100644 --- a/NetworkPkg/Ip6Dxe/Ip6Driver.c +++ b/NetworkPkg/Ip6Dxe/Ip6Driver.c @@ -1,9 +1,9 @@ /** @file The driver binding and service binding protocol for IP6 driver. - Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved. + Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved. (C) Copyright 2015 Hewlett-Packard Development Company, L.P. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text o
[edk2] [Patch 3/4] NetworkPkg: Revert git 'eb213f2f' fix
'eb213f2f' is associated with '3d0a49ad' commit. So, this patch is used to respond the revert for '3d0a49ad' to adapt the Ipv4 config policy update. Cc: Subramanian Sriram <srira...@hpe.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/DnsDxe/DnsDhcp.c | 158 +-- NetworkPkg/DnsDxe/DnsDxe.inf | 4 +- 2 files changed, 2 insertions(+), 160 deletions(-) diff --git a/NetworkPkg/DnsDxe/DnsDhcp.c b/NetworkPkg/DnsDxe/DnsDhcp.c index 6b409ba..00fc0ef 100644 --- a/NetworkPkg/DnsDxe/DnsDhcp.c +++ b/NetworkPkg/DnsDxe/DnsDhcp.c @@ -1,9 +1,9 @@ /** @file Functions implementation related with DHCPv4/v6 for DNS driver. -Copyright (c) 2015, Intel Corporation. All rights reserved. +Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -13,156 +13,10 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. **/ #include "DnsImpl.h" /** - The callback function for the timer event used to get map. - - @param[in] EventThe event this function is registered to. - @param[in] Context The context registered to the event. -**/ -VOID -EFIAPI -TimeoutToGetMap ( - IN EFI_EVENT Event, - IN VOID *Context - ) -{ - *((BOOLEAN *) Context) = TRUE; - return ; -} - -/** - Create an IP child, use it to start the auto configuration, then destroy it. - - @param[in] Controller The controller which has the service installed. - @param[in] ImageThe image handle used to open service. - - @retval EFI_SUCCESS The configuration is done. - @retval Others Other errors as indicated. -**/ -EFI_STATUS -EFIAPI -DnsStartIp4( - IN EFI_HANDLEController, - IN EFI_HANDLEImage - ) -{ - EFI_IP4_PROTOCOL *Ip4; - EFI_HANDLEIp4Handle; - EFI_EVENT TimerToGetMap; - EFI_IP4_CONFIG_DATA Ip4ConfigData; - EFI_IP4_MODE_DATA Ip4Mode; - EFI_STATUSStatus; - - BOOLEAN Timeout; - - // - // Get the Ip4ServiceBinding Protocol - // - Ip4Handle = NULL; - Ip4 = NULL; - TimerToGetMap = NULL; - - Timeout = FALSE; - - Status = NetLibCreateServiceChild ( - Controller, - Image, - , - - ); - - if (EFI_ERROR (Status)) { -return Status; - } - - Status = gBS->OpenProtocol ( - Ip4Handle, - , - (VOID **) , - Controller, - Image, - EFI_OPEN_PROTOCOL_GET_PROTOCOL - ); - - if (EFI_ERROR (Status)) { -goto ON_EXIT; - } - - Ip4ConfigData.DefaultProtocol = EFI_IP_PROTO_ICMP; - Ip4ConfigData.AcceptAnyProtocol= FALSE; - Ip4ConfigData.AcceptIcmpErrors = FALSE; - Ip4ConfigData.AcceptBroadcast = FALSE; - Ip4ConfigData.AcceptPromiscuous= FALSE; - Ip4ConfigData.UseDefaultAddress= TRUE; - ZeroMem (, sizeof (EFI_IPv4_ADDRESS)); - ZeroMem (, sizeof (EFI_IPv4_ADDRESS)); - Ip4ConfigData.TypeOfService= 0; - Ip4ConfigData.TimeToLive = 1; - Ip4ConfigData.DoNotFragment= FALSE; - Ip4ConfigData.RawData = FALSE; - Ip4ConfigData.ReceiveTimeout = 0; - Ip4ConfigData.TransmitTimeout = 0; - - Status = Ip4->Configure (Ip4, ); - - if (Status == EFI_NO_MAPPING) { -Status = gBS->CreateEvent ( -EVT_NOTIFY_SIGNAL | EVT_TIMER, -TPL_CALLBACK, -TimeoutToGetMap, -, - -); - -if (EFI_ERROR (Status)) { - goto ON_EXIT; -} - -Status = gBS->SetTimer ( - TimerToGetMap, - TimerRelative, - MultU64x32 (1000, 5) - ); - -if (EFI_ERROR (Status)) { - goto ON_EXIT; -} - -while (!Timeout) { - Ip4->Poll (Ip4); - - if (!EFI_ERROR (Ip4->GetModeData (Ip4, , NULL, NULL)) && - Ip4Mode.IsConfigured) { -break; - } -} - -if (Timeout) { - Status = EFI_DEVICE_ERROR; -} - } - -ON_EXIT: - - if (TimerToGetMap != NULL) { -gBS->SetTimer (TimerToGetMap, TimerCancel, 0); -gBS->CloseEvent (TimerToGetMap); - } - - NetLibDestroyServiceChild ( -Co
[edk2] [Patch 4/6] NetworkPkg: TlsDxe driver implementation over OpenSSL
This patch is the implementation of EFI TLS Protocol and EFI TLS Configuration Protocol Interfaces. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Long Qin <qin.l...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/NetworkPkg.dsc | 3 + NetworkPkg/TlsDxe/TlsConfigProtocol.c | 152 + NetworkPkg/TlsDxe/TlsDriver.c | 499 +++ NetworkPkg/TlsDxe/TlsDriver.h | 237 + NetworkPkg/TlsDxe/TlsDxe.inf | 67 NetworkPkg/TlsDxe/TlsDxe.uni | 25 ++ NetworkPkg/TlsDxe/TlsDxeExtra.uni | 20 ++ NetworkPkg/TlsDxe/TlsImpl.c | 280 +++ NetworkPkg/TlsDxe/TlsImpl.h | 342 +++ NetworkPkg/TlsDxe/TlsProtocol.c | 627 ++ 10 files changed, 2252 insertions(+) create mode 100644 NetworkPkg/TlsDxe/TlsConfigProtocol.c create mode 100644 NetworkPkg/TlsDxe/TlsDriver.c create mode 100644 NetworkPkg/TlsDxe/TlsDriver.h create mode 100644 NetworkPkg/TlsDxe/TlsDxe.inf create mode 100644 NetworkPkg/TlsDxe/TlsDxe.uni create mode 100644 NetworkPkg/TlsDxe/TlsDxeExtra.uni create mode 100644 NetworkPkg/TlsDxe/TlsImpl.c create mode 100644 NetworkPkg/TlsDxe/TlsImpl.h create mode 100644 NetworkPkg/TlsDxe/TlsProtocol.c diff --git a/NetworkPkg/NetworkPkg.dsc b/NetworkPkg/NetworkPkg.dsc index 0695dc1..2712a6a 100644 --- a/NetworkPkg/NetworkPkg.dsc +++ b/NetworkPkg/NetworkPkg.dsc @@ -47,10 +47,12 @@ TcpIoLib|MdeModulePkg/Library/DxeTcpIoLib/DxeTcpIoLib.inf HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + OpensslTlsLib|CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf [LibraryClasses.common.UEFI_DRIVER] @@ -103,10 +105,11 @@ NetworkPkg/Mtftp6Dxe/Mtftp6Dxe.inf NetworkPkg/DnsDxe/DnsDxe.inf NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf NetworkPkg/HttpBootDxe/HttpBootDxe.inf + NetworkPkg/TlsDxe/TlsDxe.inf NetworkPkg/Application/IfConfig6/IfConfig6.inf NetworkPkg/Application/IpsecConfig/IpSecConfig.inf NetworkPkg/Application/VConfig/VConfig.inf diff --git a/NetworkPkg/TlsDxe/TlsConfigProtocol.c b/NetworkPkg/TlsDxe/TlsConfigProtocol.c new file mode 100644 index 000..2855be1 --- /dev/null +++ b/NetworkPkg/TlsDxe/TlsConfigProtocol.c @@ -0,0 +1,152 @@ +/** @file + Implementation of EFI TLS Configuration Protocol Interfaces. + + Copyright (c) 2016, Intel Corporation. All rights reserved. + + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php. + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#include "TlsImpl.h" + +EFI_TLS_CONFIGURATION_PROTOCOL mTlsConfigurationProtocol = { + TlsConfigurationSetData, + TlsConfigurationGetData +}; + +/** + Set TLS configuration data. + + The SetData() function sets TLS configuration to non-volatile storage or volatile + storage. + + @param[in] ThisPointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance. + @param[in] DataTypeConfiguration data type. + @param[in] DataPointer to configuration data. + @param[in] DataSizeTotal size of configuration data. + + @retval EFI_SUCCESS The TLS configuration data is set successfully. + @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: + This is NULL. + Data is NULL. + DataSize is 0. + @retval EFI_UNSUPPORTED The DataType is unsupported. + @retval EFI_OUT_OF_RESOURCESRequired system resources could not be allocated. + +**/ +EFI_STATUS +EFIAPI +TlsConfigurationSetData ( + IN EFI_TLS_CONFIGURATION_PROTOCOL *This, + IN EFI_TLS_CONFIG_DATA_TYPEDataType, + IN VOID*Data, + IN UINTN DataSize + ) +{ + EFI_STATUSStatus; + TLS_INSTANCE *Instance; + EFI_TPL OldTpl; + + Status = EFI_SUCCESS; + + if (This == NULL ||
[edk2] [Patch 5/6] NetworkPkg: HTTPS support over IPv4 and IPv6
This patch is used to enable HTTPS feature. HttpDxe driver will consume TlsDxe driver. It can both support http and https feature, it’s depended on the information in URL, the HTTP instance can be able to determine whether to use http or https. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Long Qin <qin.l...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/HttpDxe/HttpDriver.h |7 +- NetworkPkg/HttpDxe/HttpDxe.inf|8 +- NetworkPkg/HttpDxe/HttpImpl.c | 188 - NetworkPkg/HttpDxe/HttpProto.c| 395 ++--- NetworkPkg/HttpDxe/HttpProto.h| 65 +- NetworkPkg/HttpDxe/HttpsSupport.c | 1680 + NetworkPkg/HttpDxe/HttpsSupport.h | 314 +++ 7 files changed, 2520 insertions(+), 137 deletions(-) create mode 100644 NetworkPkg/HttpDxe/HttpsSupport.c create mode 100644 NetworkPkg/HttpDxe/HttpsSupport.h diff --git a/NetworkPkg/HttpDxe/HttpDriver.h b/NetworkPkg/HttpDxe/HttpDriver.h index 138f56c..d2a6ae5 100644 --- a/NetworkPkg/HttpDxe/HttpDriver.h +++ b/NetworkPkg/HttpDxe/HttpDriver.h @@ -1,9 +1,9 @@ /** @file The header files of the driver binding and service binding protocol for HttpDxe driver. - Copyright (c) 2015, Intel Corporation. All rights reserved. + Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -20,10 +20,11 @@ // // Libraries // #include +#include #include #include #include #include #include @@ -46,11 +47,12 @@ #include #include #include #include #include - +#include +#include // // Produced Protocols // #include @@ -75,10 +77,11 @@ extern EFI_HTTP_UTILITIES_PROTOCOL *mHttpUtilities; // Include files with function prototypes // #include "ComponentName.h" #include "HttpImpl.h" #include "HttpProto.h" +#include "HttpsSupport.h" #include "HttpDns.h" typedef struct { EFI_SERVICE_BINDING_PROTOCOL *ServiceBinding; UINTN NumberOfChildren; diff --git a/NetworkPkg/HttpDxe/HttpDxe.inf b/NetworkPkg/HttpDxe/HttpDxe.inf index bf2cbee..a228c3d 100644 --- a/NetworkPkg/HttpDxe/HttpDxe.inf +++ b/NetworkPkg/HttpDxe/HttpDxe.inf @@ -1,9 +1,9 @@ ## @file # Implementation of EFI HTTP protocol interfaces. # -# Copyright (c) 2015, Intel Corporation. All rights reserved. +# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. # # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at # http://opensource.org/licenses/bsd-license.php. @@ -36,14 +36,17 @@ HttpDriver.c HttpImpl.h HttpImpl.c HttpProto.h HttpProto.c + HttpsSupport.h + HttpsSupport.c [LibraryClasses] UefiDriverEntryPoint UefiBootServicesTableLib + UefiRuntimeServicesTableLib MemoryAllocationLib BaseLib UefiLib DebugLib NetLib @@ -62,8 +65,11 @@ gEfiDns4ProtocolGuid ## SOMETIMES_CONSUMES gEfiDns6ServiceBindingProtocolGuid ## SOMETIMES_CONSUMES gEfiDns6ProtocolGuid ## SOMETIMES_CONSUMES gEfiIp4Config2ProtocolGuid ## SOMETIMES_CONSUMES gEfiIp6ConfigProtocolGuid## SOMETIMES_CONSUMES + gEfiTlsServiceBindingProtocolGuid## SOMETIMES_CONSUMES + gEfiTlsProtocolGuid ## SOMETIMES_CONSUMES + gEfiTlsConfigurationProtocolGuid ## SOMETIMES_CONSUMES [UserExtensions.TianoCore."ExtraFiles"] HttpDxeExtra.uni \ No newline at end of file diff --git a/NetworkPkg/HttpDxe/HttpImpl.c b/NetworkPkg/HttpDxe/HttpImpl.c index a068cfb..8632226 100644 --- a/NetworkPkg/HttpDxe/HttpImpl.c +++ b/NetworkPkg/HttpDxe/HttpImpl.c @@ -238,10 +238,11 @@ EfiHttpRequest ( CHAR8 *HostName; UINT16RemotePort; HTTP_PROTOCOL *HttpInstance; BOOLEAN Configure; BOOLEAN ReConfigure; + BOOLEAN TlsConfigure; CHAR8 *RequestStr; CHAR8 *Url; UINTN UrlLen; CHAR16*HostNameStr; HTTP_TOKEN_WRAP *Wrap; @@ -306,10 +307,38 @@ EfiHttpRequest ( HttpInstance->Url = Url; } UnicodeStrToAsciiStr (Request->Url, Url); + + // + // From the information in Url, the HTTP instance will
[edk2] [Patch 6/6] Nt32Pkg: Enable Nt32Pkg platform HTTPS boot feature.
Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Long Qin <qin.l...@intel.com> Cc: Ruiyu Ni <ruiyu...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- Nt32Pkg/Nt32Pkg.dsc | 8 +++- Nt32Pkg/Nt32Pkg.fdf | 7 ++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/Nt32Pkg/Nt32Pkg.dsc b/Nt32Pkg/Nt32Pkg.dsc index 87a08c0..da62b3a 100644 --- a/Nt32Pkg/Nt32Pkg.dsc +++ b/Nt32Pkg/Nt32Pkg.dsc @@ -2,11 +2,11 @@ # EFI/Framework Emulation Platform with UEFI HII interface supported. # # The Emulation Platform can be used to debug individual modules, prior to creating #a real platform. This also provides an example for how an DSC is created. # -# Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved. +# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved. # Copyright (c) 2015, Hewlett-Packard Development Company, L.P. # (C) Copyright 2016 Hewlett Packard Enterprise Development LP # #This program and the accompanying materials #are licensed and made available under the terms and conditions of the BSD License @@ -137,10 +137,11 @@ !if $(SECURE_BOOT_ENABLE) == TRUE PlatformSecureLib|Nt32Pkg/Library/PlatformSecureLib/PlatformSecureLib.inf IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + OpensslTlsLib|CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf !else TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf @@ -193,10 +194,11 @@ PeCoffExtraActionLib|Nt32Pkg/Library/DxeNt32PeCoffExtraActionLib/DxeNt32PeCoffExtraActionLib.inf ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeExtractGuidedSectionLib.inf WinNtLib|Nt32Pkg/Library/DxeWinNtLib/DxeWinNtLib.inf !if $(SECURE_BOOT_ENABLE) == TRUE BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf !endif [LibraryClasses.common.DXE_CORE] HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf MemoryAllocationLib|MdeModulePkg/Library/DxeCoreMemoryAllocationLib/DxeCoreMemoryAllocationLib.inf @@ -444,10 +446,14 @@ NetworkPkg/HttpBootDxe/HttpBootDxe.inf NetworkPkg/DnsDxe/DnsDxe.inf NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf +!if $(SECURE_BOOT_ENABLE) == TRUE + NetworkPkg/TlsDxe/TlsDxe.inf +!endif + MdeModulePkg/Universal/BdsDxe/BdsDxe.inf { NULL|MdeModulePkg/Library/BmpImageDecoderLib/BmpImageDecoderLib.inf } MdeModulePkg/Application/UiApp/UiApp.inf{ diff --git a/Nt32Pkg/Nt32Pkg.fdf b/Nt32Pkg/Nt32Pkg.fdf index a10c12f..0c21ba6 100644 --- a/Nt32Pkg/Nt32Pkg.fdf +++ b/Nt32Pkg/Nt32Pkg.fdf @@ -1,9 +1,9 @@ ## @file # This is NT32 FDF file with UEFI HII features enabled # -# Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved. +# Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved. # (C) Copyright 2016 Hewlett Packard Enterprise Development LP # #This program and the accompanying materials #are licensed and made available under the terms and conditions of the BSD License #which accompanies this distribution. The full text of the license may be found at @@ -260,10 +260,15 @@ INF MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf INF MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf INF NetworkPkg/DnsDxe/DnsDxe.inf INF NetworkPkg/HttpDxe/HttpDxe.inf INF NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf + +!if $(SECURE_BOOT_ENABLE) == TRUE +INF NetworkPkg/TlsDxe/TlsDxe.inf +!endif + # # FILE statements are provided so that a platform integrator can include # complete EFI FFS files, as well as a method for constructing FFS files # using curly "{}" brace scoping. The following three FILEs are -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch 3/6] CryptoPkg: Add new TlsLib library
This patch is used to add new TlsLib library, which is wrapped over OpenSSL. The implementation provides TLS library functions for EFI TLS protocol. Cc: Long Qin <qin.l...@intel.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- CryptoPkg/CryptoPkg.dec |6 +- CryptoPkg/CryptoPkg.dsc |1 + CryptoPkg/Include/Library/TlsLib.h | 802 CryptoPkg/Library/TlsLib/TlsLib.c | 1772 +++ CryptoPkg/Library/TlsLib/TlsLib.inf | 46 + CryptoPkg/Library/TlsLib/TlsLib.uni | 19 + 6 files changed, 2645 insertions(+), 1 deletion(-) create mode 100644 CryptoPkg/Include/Library/TlsLib.h create mode 100644 CryptoPkg/Library/TlsLib/TlsLib.c create mode 100644 CryptoPkg/Library/TlsLib/TlsLib.inf create mode 100644 CryptoPkg/Library/TlsLib/TlsLib.uni diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec index 4561f3f..dc8c698 100644 --- a/CryptoPkg/CryptoPkg.dec +++ b/CryptoPkg/CryptoPkg.dec @@ -2,11 +2,11 @@ # Package for cryptography modules. # # This Package provides cryptographic-related libraries for UEFI security modules. # It also provides a test application to test libraries. # -# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved. +# Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved. # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at # http://opensource.org/licenses/bsd-license.php # @@ -28,10 +28,14 @@ [LibraryClasses] ## @libraryclass Provides basic library functions for cryptographic primitives. ## BaseCryptLib|Include/Library/BaseCryptLib.h + ## @libraryclass Provides TLS library functions for EFI TLS protocol. + ## + TlsLib|Include/Library/TlsLib.h + [Protocols] ## Include/Protocol/RuntimeCrypt.h gEfiRuntimeCryptProtocolGuid = { 0xe1475e0c, 0x1746, 0x4802, {0x86, 0x2e, 0x1, 0x1c, 0x2c, 0x2d, 0x9d, 0x86 }} [UserExtensions.TianoCore."ExtraFiles"] diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc index bb7f082..c81d349 100644 --- a/CryptoPkg/CryptoPkg.dsc +++ b/CryptoPkg/CryptoPkg.dsc @@ -122,10 +122,11 @@ ### [Components] CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf + CryptoPkg/Library/TlsLib/TlsLib.inf CryptoPkg/Application/Cryptest/Cryptest.inf CryptoPkg/CryptRuntimeDxe/CryptRuntimeDxe.inf diff --git a/CryptoPkg/Include/Library/TlsLib.h b/CryptoPkg/Include/Library/TlsLib.h new file mode 100644 index 000..d62375b --- /dev/null +++ b/CryptoPkg/Include/Library/TlsLib.h @@ -0,0 +1,802 @@ +/** @file + Defines TLS Library APIs. + +Copyright (c) 2016, Intel Corporation. All rights reserved. +This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#ifndef __TLS_LIB_H__ +#define __TLS_LIB_H__ + +/** + Initializes the OpenSSL library. + + This function registers ciphers and digests used directly and indirectly + by SSL/TLS, and initializes the readable error messages. + This function must be called before any other action takes places. + +**/ +VOID +EFIAPI +TlsInitialize ( + VOID + ); + +/** + Free an allocated SSL_CTX object. + + @param[in] TlsCtxPointer to the SSL_CTX object to be released. + +**/ +VOID +EFIAPI +TlsCtxFree ( + IN VOID *TlsCtx + ); + +/** + Creates a new SSL_CTX object as framework to establish TLS/SSL enabled + connections. + + @param[in] MajorVerMajor Version of TLS/SSL Protocol. + @param[in] MinorVerMinor Version of TLS/SSL Protocol. + + @return Pointer to an allocated SSL_CTX object. + If the creation failed, TlsCtxNew() returns NULL. + +**/ +VOID * +EFIAPI +TlsCtxNew ( + IN UINT8MajorVer, + IN UINT8MinorVer + ); + +/** + Free an allocated TLS object. + + This function removes the TLS object pointed to by Tls and frees up the + allocated memory. If Tls is NULL, nothing is done. + + @param[in] TlsPointer to the TLS object to be freed. + +**/ +VOID +EFIAPI +TlsFree ( + IN VOID *Tls + ); + +/** + Create a new TLS object for a connection.
[edk2] [Patch 1/6] MdePkg: Add TLS related protocol definition
This patch is used to add Tls.h and TlsConfig.h header files to define EFI TLS Configuration Protocol, EFI TLS Service Binding Protocol and EFI TLS Configuration Protocol. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Long Qin <qin.l...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- MdePkg/Include/Protocol/Tls.h | 460 MdePkg/Include/Protocol/TlsConfig.h | 132 +++ MdePkg/MdePkg.dec | 9 + 3 files changed, 601 insertions(+) create mode 100644 MdePkg/Include/Protocol/Tls.h create mode 100644 MdePkg/Include/Protocol/TlsConfig.h diff --git a/MdePkg/Include/Protocol/Tls.h b/MdePkg/Include/Protocol/Tls.h new file mode 100644 index 000..51a3cda --- /dev/null +++ b/MdePkg/Include/Protocol/Tls.h @@ -0,0 +1,460 @@ +/** @file + EFI TLS Protocols as defined in UEFI 2.5. + + The EFI TLS Service Binding Protocol is used to locate EFI TLS Protocol drivers + to create and destroy child of the driver to communicate with other host using + TLS protocol. + The EFI TLS Protocol provides the ability to manage TLS session. + + Copyright (c) 2016, Intel Corporation. All rights reserved. + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + + @par Revision Reference: + This Protocol is introduced in UEFI Specification 2.5 + +**/ + +#ifndef __EFI_TLS_PROTOCOL_H__ +#define __EFI_TLS_PROTOCOL_H__ + +/// +/// The EFI TLS Service Binding Protocol is used to locate EFI TLS Protocol drivers to +/// create and destroy child of the driver to communicate with other host using TLS +/// protocol. +/// +#define EFI_TLS_SERVICE_BINDING_PROTOCOL_GUID \ + { \ +0x952cb795, 0xff36, 0x48cf, {0xa2, 0x49, 0x4d, 0xf4, 0x86, 0xd6, 0xab, 0x8d } \ + } + +/// +/// The EFI TLS protocol provides the ability to manage TLS session. +/// +#define EFI_TLS_PROTOCOL_GUID \ + { \ +0xca959f, 0x6cfa, 0x4db1, {0x95, 0xbc, 0xe4, 0x6c, 0x47, 0x51, 0x43, 0x90 } \ + } + +typedef struct _EFI_TLS_PROTOCOL EFI_TLS_PROTOCOL; + +/// +/// EFI_TLS_SESSION_DATA_TYPE +/// +typedef enum { + /// + /// Session Configuration + /// + + /// + /// TLS session Version. The corresponding Data is of type EFI_TLS_VERSION. + /// + EfiTlsVersion, + /// + /// TLS session as client or as server. The corresponding Data is of + /// EFI_TLS_CONNECTION_END. + /// + EfiTlsConnectionEnd, + /// + /// A priority list of preferred algorithms for the TLS session. + /// The corresponding Data is a list of EFI_TLS_CIPHER. + /// + EfiTlsCipherList, + /// + /// TLS session compression method. + /// The corresponding Data is of type EFI_TLS_COMPRESSION. + /// + EfiTlsCompressionMethod, + /// + /// TLS session extension data. + /// The corresponding Data is a list of type EFI_TLS_EXTENDION. + /// + EfiTlsExtensionData, + /// + /// TLS session verify method. + /// The corresponding Data is of type EFI_TLS_VERIFY. + /// + EfiTlsVerifyMethod, + /// + /// TLS session data session ID. + /// For SetSessionData(), it is TLS session ID used for session resumption. + /// For GetSessionData(), it is the TLS session ID used for current session. + /// The corresponding Data is of type EFI_TLS_SESSION_ID. + /// + EfiTlsSessionID, + /// + /// TLS session data session state. + /// The corresponding Data is of type EFI_TLS_SESSION_STATE. + /// + EfiTlsSessionState, + + /// + /// Session information + /// + + /// + /// TLS session data client random. + /// The corresponding Data is of type EFI_TLS_RANDOM. + /// + EfiTlsClientRandom, + /// + /// TLS session data server random. + /// The corresponding Data is of type EFI_TLS_RANDOM. + /// + EfiTlsServerRandom, + /// + /// TLS session data key material. + /// The corresponding Data is of type EFI_TLS_MASTER_SECRET. + /// + EfiTlsKeyMaterial, + + EfiTlsSessionDataTypeMaximum + +} EFI_TLS_SESSION_DATA_TYPE; + +/// +/// EFI_TLS_VERSION +/// Note: The TLS version definition is from SSL3.0 to the latest TLS (e.g. 1.2). +/// SSL2.0 is obsolete and should not be used. +/// +typedef struct { + UINT8 Major; + UINT8 Minor; +} EFI_TLS_VERSION; + +/// +/// EFI_TLS_CONNECTION_END to define TLS session as client or server. +/// +typedef enum { + EfiTlsClient, + EfiTlsServer, +} EFI_TLS_CONNECTION_END; + +/// +/// EFI_TLS_CIPHER +/// Note: The definition of EFI_TLS_CIPHER definition is from "RFC 5246, A.4.1. +/// Hello Messages". The value of EFI_TLS_CIPHER
[edk2] [Patch 2/6] CryptoPkg: Add OpensslTlsLib module to enable 'openssl\ssl'
This patch is used to add OpensslTlsLib module to enable 'openssl\ssl' function. Cc: Long Qin <qin.l...@intel.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- CryptoPkg/CryptoPkg.dsc| 1 + CryptoPkg/Include/OpenSslSupport.h | 11 ++- .../Library/BaseCryptLib/SysCall/CrtWrapper.c | 5 + .../Library/BaseCryptLib/SysCall/TimerWrapper.c| 29 +++--- .../Library/OpensslLib/EDKII_openssl-1.0.2f.patch | 9 ++ CryptoPkg/Library/OpensslLib/Install.cmd | 1 + CryptoPkg/Library/OpensslLib/Install.sh| 1 + CryptoPkg/Library/OpensslLib/OpensslLib.inf| 2 +- CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf | 110 + CryptoPkg/Library/OpensslLib/OpensslTlsLib.uni | Bin 0 -> 1792 bytes 10 files changed, 155 insertions(+), 14 deletions(-) create mode 100644 CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf create mode 100644 CryptoPkg/Library/OpensslLib/OpensslTlsLib.uni diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc index 5ae0e67..bb7f082 100644 --- a/CryptoPkg/CryptoPkg.dsc +++ b/CryptoPkg/CryptoPkg.dsc @@ -48,10 +48,11 @@ UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + OpensslTlsLib|CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf [LibraryClasses.ARM, LibraryClasses.AARCH64] # # It is not possible to prevent the ARM compiler for generic intrinsic functions. # This library provides the instrinsic functions generate by a given compiler. diff --git a/CryptoPkg/Include/OpenSslSupport.h b/CryptoPkg/Include/OpenSslSupport.h index 239ae8b..13c73b5 100644 --- a/CryptoPkg/Include/OpenSslSupport.h +++ b/CryptoPkg/Include/OpenSslSupport.h @@ -1,9 +1,9 @@ /** @file Root include file to support building OpenSSL Crypto Library. -Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved. +Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -116,10 +116,12 @@ typedef UINT32 ino_t; typedef UINT32 dev_t; typedef UINT16 nlink_t; typedef intpid_t; typedef void *DIR; typedef void __sighandler_t (int); +typedef UINT8 __uint8_t; +typedef UINT8 sa_family_t; // // Structures from EFI Application Toolkit required to buiild Open SSL // struct tm { @@ -170,10 +172,16 @@ struct stat { UINT32 st_gen; /* file generation number */ INT32st_lspare; INT64st_qspare[2]; }; +struct sockaddr { + __uint8_t sa_len; /* total length */ + sa_family_t sa_family;/* address family */ + charsa_data[14]; /* actually longer; address value */ +}; + // // Externs from EFI Application Toolkit required to buiild Open SSL // extern int errno; @@ -270,8 +278,9 @@ extern FILE *stdout; #define strchr(str,ch)ScanMem8((VOID *)(str),AsciiStrSize(str),(UINT8)ch) #define abort() ASSERT (FALSE) #define assert(expression) #define localtime(timer) NULL #define gmtime_r(timer,result)(result = NULL) +#define gettimeofday(tvp,tz) do { (tvp)->tv_sec = time(NULL); (tvp)->tv_usec = 0; } while (0) #define atoi(nptr)AsciiStrDecimalToUintn(nptr) #endif diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c index c0ccc0e..e68bfb8 100644 --- a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c @@ -446,5 +446,10 @@ void syslog (int a, const char *c, ...) ssize_t write (int f, const void *b, size_t l) { return 0; } + +int printf (char const *fmt, ...) +{ + return 0; +} diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c index 6422d61..93e487d 100644 --- a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c @@ -1,10 +1,10 @@ /** @file C Run-Time Libraries (CRT) Time Management Routines Wrapper Implementation for OpenSSL-based Cryptographic Library (used in DXE & RUNTIME). -Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved. +Copyright (c) 2010 - 2016, Intel Corporatio
[edk2] [PATCH v2 1/2] MdeModulePkg: Define a general function to create DNS QName
v2: * Correct function description. * Correct max QName size. * Add max domain name length check. This patch is used to define a general function to create DNS QName. QName is a domain name represented as a sequence of labels, where each label consists of a length octet followed by that number of octets. The domain name terminates with the zero length octet for the null label of the root. Cc: Hegde Nagaraj P <nagaraj-p.he...@hpe.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- MdeModulePkg/Include/Library/NetLib.h | 22 +++ MdeModulePkg/Library/DxeNetLib/DxeNetLib.c | 62 +- 2 files changed, 83 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Include/Library/NetLib.h b/MdeModulePkg/Include/Library/NetLib.h index e4456fa..b871a85 100644 --- a/MdeModulePkg/Include/Library/NetLib.h +++ b/MdeModulePkg/Include/Library/NetLib.h @@ -35,10 +35,12 @@ typedef UINT16 TCP_PORTNO; #define EFI_IP_PROTO_UDP 0x11 #define EFI_IP_PROTO_TCP 0x06 #define EFI_IP_PROTO_ICMP 0x01 #define IP4_PROTO_IGMP0x02 #define IP6_ICMP 58 +#define DNS_MAX_NAME_SIZE 255 +#define DNS_MAX_MESSAGE_SIZE 512 // // The address classification // #define IP4_ADDR_CLASSA 1 @@ -2154,6 +2156,26 @@ EFI_STATUS EFIAPI NetLibGetSystemGuid ( OUT EFI_GUID *SystemGuid ); +/** + Create Dns QName according the queried domain name. + QName is a domain name represented as a sequence of labels, + where each label consists of a length octet followed by that + number of octets. The QName terminates with the zero + length octet for the null label of the root. Caller should + take responsibility to free the buffer in returned pointer. + + @param DomainNameThe pointer to the queried domain name string. + + @retval NULL Failed to fill QName. + @return QName filled successfully. + +**/ +CHAR8 * +EFIAPI +NetLibCreateDnsQName ( + IN CHAR16 *DomainName + ); + #endif diff --git a/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c b/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c index e112d45..390afef 100644 --- a/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c +++ b/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c @@ -1,9 +1,9 @@ /** @file Network library. -Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved. +Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved. (C) Copyright 2015 Hewlett Packard Enterprise Development LP This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -3324,5 +3324,65 @@ NetLibGetSystemGuid ( } } while (TRUE); } while (Smbios.Raw < SmbiosEnd.Raw); return EFI_NOT_FOUND; } + +/** + Create Dns QName according the queried domain name. + QName is a domain name represented as a sequence of labels, + where each label consists of a length octet followed by that + number of octets. The QName terminates with the zero + length octet for the null label of the root. Caller should + take responsibility to free the buffer in returned pointer. + + @param DomainNameThe pointer to the queried domain name string. + + @retval NULL Failed to fill QName. + @return QName filled successfully. + +**/ +CHAR8 * +EFIAPI +NetLibCreateDnsQName ( + IN CHAR16 *DomainName + ) +{ + CHAR8 *QueryName; + CHAR8 *Header; + CHAR8 *Tail; + UINTN Len; + UINTN Index; + + QueryName = NULL; + Header = NULL; + Tail = NULL; + + if (StrLen (DomainName) > DNS_MAX_NAME_SIZE) { +return NULL; + } + + QueryName = AllocateZeroPool (DNS_MAX_NAME_SIZE); + if (QueryName == NULL) { +return NULL; + } + + Header = QueryName; + Tail = Header + 1; + Len = 0; + for (Index = 0; DomainName[Index] != 0; Index++) { +*Tail = (CHAR8) DomainName[Index]; +if (*Tail == '.') { + *Header = (CHAR8) Len; + Header = Tail; + Tail ++; + Len = 0; +} else { + Tail++; + Len++; +} + } + *Header = (CHAR8) Len; + *Tail = 0; + + return QueryName; +} \ No newline at end of file -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [PATCH v2 0/2] Expose one function defined in DnsDxe to NetLib
v2: * Correct function description. * Correct max QName size. * Add max domain name length check. * Update to use DNS_MAX_MESSAGE_SIZE. The series of patches are used to expose one function defined in DnsDxe to NetLib. Cc: Hegde Nagaraj P <nagaraj-p.he...@hpe.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> Jiaxin Wu (2): MdeModulePkg: Define a general function to create DNS QName NetworkPkg: Replace the internal function with exposed one MdeModulePkg/Include/Library/NetLib.h | 22 +++ MdeModulePkg/Library/DxeNetLib/DxeNetLib.c | 62 - NetworkPkg/DnsDxe/DnsImpl.c| 63 +++--- NetworkPkg/DnsDxe/DnsImpl.h| 19 - NetworkPkg/DnsDxe/DnsProtocol.c| 4 +- 5 files changed, 91 insertions(+), 79 deletions(-) -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [PATCH v2 2/2] NetworkPkg: Replace the internal function with exposed one
v2: * Update to use DNS_MAX_MESSAGE_SIZE. This patch is used to replace the internal function with the exposed one defined in NetLib.h. Cc: Hegde Nagaraj P <nagaraj-p.he...@hpe.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/DnsDxe/DnsImpl.c | 63 - NetworkPkg/DnsDxe/DnsImpl.h | 19 - NetworkPkg/DnsDxe/DnsProtocol.c | 4 +-- 3 files changed, 8 insertions(+), 78 deletions(-) diff --git a/NetworkPkg/DnsDxe/DnsImpl.c b/NetworkPkg/DnsDxe/DnsImpl.c index 617e623..1918441 100644 --- a/NetworkPkg/DnsDxe/DnsImpl.c +++ b/NetworkPkg/DnsDxe/DnsImpl.c @@ -1036,65 +1036,10 @@ AddDns6ServerIp ( return EFI_SUCCESS; } /** - Fill QName for IP querying. QName is a domain name represented as - a sequence of labels, where each label consists of a length octet - followed by that number of octets. The domain name terminates with - the zero length octet for the null label of the root. Caller should - take responsibility to the buffer in QName. - - @param HostName Queried HostName - - @retval NULL Failed to fill QName. - @return QName filled successfully. - -**/ -CHAR8 * -EFIAPI -DnsFillinQNameForQueryIp ( - IN CHAR16 *HostName - ) -{ - CHAR8 *QueryName; - CHAR8 *Header; - CHAR8 *Tail; - UINTN Len; - UINTN Index; - - QueryName = NULL; - Header = NULL; - Tail = NULL; - - QueryName = AllocateZeroPool (DNS_DEFAULT_BLKSIZE); - if (QueryName == NULL) { -return NULL; - } - - Header = QueryName; - Tail = Header + 1; - Len = 0; - for (Index = 0; HostName[Index] != 0; Index++) { -*Tail = (CHAR8) HostName[Index]; -if (*Tail == '.') { - *Header = (CHAR8) Len; - Header = Tail; - Tail ++; - Len = 0; -} else { - Tail++; - Len++; -} - } - *Header = (CHAR8) Len; - *Tail = 0; - - return QueryName; -} - -/** Find out whether the response is valid or invalid. @param TokensMap All DNS transmittal Tokens entry. @param Identification Identification for queried packet. @param TypeType for queried packet. @@ -1804,12 +1749,16 @@ ConstructDNSQuery ( ) { NET_FRAGMENTFrag; DNS_HEADER *DnsHeader; DNS_QUERY_SECTION *DnsQuery; - - Frag.Bulk = AllocatePool (DNS_DEFAULT_BLKSIZE * sizeof (UINT8)); + + // + // Messages carried by UDP are restricted to 512 bytes (not counting the IP + // or UDP headers). + // + Frag.Bulk = AllocatePool (DNS_MAX_MESSAGE_SIZE * sizeof (UINT8)); if (Frag.Bulk == NULL) { return EFI_OUT_OF_RESOURCES; } // diff --git a/NetworkPkg/DnsDxe/DnsImpl.h b/NetworkPkg/DnsDxe/DnsImpl.h index 8cd73e7..0ef8255 100644 --- a/NetworkPkg/DnsDxe/DnsImpl.h +++ b/NetworkPkg/DnsDxe/DnsImpl.h @@ -85,11 +85,10 @@ extern EFI_DNS6_PROTOCOL mDns6Protocol; #define DNS_STATE_CONFIGED 1 #define DNS_STATE_DESTROY2 #define DNS_DEFAULT_TIMEOUT 2 #define DNS_DEFAULT_RETRY3 -#define DNS_DEFAULT_BLKSIZE 512 #define DNS_TIME_TO_GETMAP 5 #pragma pack(1) @@ -555,28 +554,10 @@ AddDns6ServerIp ( IN LIST_ENTRY*Dns6ServerList, IN EFI_IPv6_ADDRESS ServerIp ); /** - Fill QName for IP querying. QName is a domain name represented as - a sequence of labels, where each label consists of a length octet - followed by that number of octets. The domain name terminates with - the zero length octet for the null label of the root. - - @param HostName Queried HostName - - @retval NULL Failed to fill QName. - @return QName filled successfully. - -**/ -CHAR8 * -EFIAPI -DnsFillinQNameForQueryIp ( - IN CHAR16 *HostName - ); - -/** Find out whether the response is valid or invalid. @param TokensMap All DNS transmittal Tokens entry. @param Identification Identification for queried packet. @param TypeType for queried packet. diff --git a/NetworkPkg/DnsDxe/DnsProtocol.c b/NetworkPkg/DnsDxe/DnsProtocol.c index f572b8b..11009fd 100644 --- a/NetworkPkg/DnsDxe/DnsProtocol.c +++ b/NetworkPkg/DnsDxe/DnsProtocol.c @@ -452,11 +452,11 @@ Dns4HostNameToIp ( TokenEntry->Token = Token; // // Construct QName. // - QueryName = DnsFillinQNameForQueryIp (TokenEntry->QueryHostName); + QueryName = NetLibCreateDnsQName (TokenEntry->QueryHostName); if (QueryName == NULL) { Status = EFI_OUT_OF_RESOURCES; goto ON_EXIT; } @@ -1262,11 +1262,11 @@ Dns6HostNameToIp ( // // Construct QName. // - QueryName = DnsFillinQNameForQueryIp (TokenEntry->QueryHost
[edk2] [Patch] MdePkg: Add TLS related protocol definition
This patch is used to add Tls.h and TlsConfig.h header files to define EFI TLS Configuration Protocol, EFI TLS Service Binding Protocol and EFI TLS Configuration Protocol. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Long Qin <qin.l...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- MdePkg/Include/Protocol/Tls.h | 460 MdePkg/Include/Protocol/TlsConfig.h | 132 +++ MdePkg/MdePkg.dec | 11 +- 3 files changed, 602 insertions(+), 1 deletion(-) create mode 100644 MdePkg/Include/Protocol/Tls.h create mode 100644 MdePkg/Include/Protocol/TlsConfig.h diff --git a/MdePkg/Include/Protocol/Tls.h b/MdePkg/Include/Protocol/Tls.h new file mode 100644 index 000..51a3cda --- /dev/null +++ b/MdePkg/Include/Protocol/Tls.h @@ -0,0 +1,460 @@ +/** @file + EFI TLS Protocols as defined in UEFI 2.5. + + The EFI TLS Service Binding Protocol is used to locate EFI TLS Protocol drivers + to create and destroy child of the driver to communicate with other host using + TLS protocol. + The EFI TLS Protocol provides the ability to manage TLS session. + + Copyright (c) 2016, Intel Corporation. All rights reserved. + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + + @par Revision Reference: + This Protocol is introduced in UEFI Specification 2.5 + +**/ + +#ifndef __EFI_TLS_PROTOCOL_H__ +#define __EFI_TLS_PROTOCOL_H__ + +/// +/// The EFI TLS Service Binding Protocol is used to locate EFI TLS Protocol drivers to +/// create and destroy child of the driver to communicate with other host using TLS +/// protocol. +/// +#define EFI_TLS_SERVICE_BINDING_PROTOCOL_GUID \ + { \ +0x952cb795, 0xff36, 0x48cf, {0xa2, 0x49, 0x4d, 0xf4, 0x86, 0xd6, 0xab, 0x8d } \ + } + +/// +/// The EFI TLS protocol provides the ability to manage TLS session. +/// +#define EFI_TLS_PROTOCOL_GUID \ + { \ +0xca959f, 0x6cfa, 0x4db1, {0x95, 0xbc, 0xe4, 0x6c, 0x47, 0x51, 0x43, 0x90 } \ + } + +typedef struct _EFI_TLS_PROTOCOL EFI_TLS_PROTOCOL; + +/// +/// EFI_TLS_SESSION_DATA_TYPE +/// +typedef enum { + /// + /// Session Configuration + /// + + /// + /// TLS session Version. The corresponding Data is of type EFI_TLS_VERSION. + /// + EfiTlsVersion, + /// + /// TLS session as client or as server. The corresponding Data is of + /// EFI_TLS_CONNECTION_END. + /// + EfiTlsConnectionEnd, + /// + /// A priority list of preferred algorithms for the TLS session. + /// The corresponding Data is a list of EFI_TLS_CIPHER. + /// + EfiTlsCipherList, + /// + /// TLS session compression method. + /// The corresponding Data is of type EFI_TLS_COMPRESSION. + /// + EfiTlsCompressionMethod, + /// + /// TLS session extension data. + /// The corresponding Data is a list of type EFI_TLS_EXTENDION. + /// + EfiTlsExtensionData, + /// + /// TLS session verify method. + /// The corresponding Data is of type EFI_TLS_VERIFY. + /// + EfiTlsVerifyMethod, + /// + /// TLS session data session ID. + /// For SetSessionData(), it is TLS session ID used for session resumption. + /// For GetSessionData(), it is the TLS session ID used for current session. + /// The corresponding Data is of type EFI_TLS_SESSION_ID. + /// + EfiTlsSessionID, + /// + /// TLS session data session state. + /// The corresponding Data is of type EFI_TLS_SESSION_STATE. + /// + EfiTlsSessionState, + + /// + /// Session information + /// + + /// + /// TLS session data client random. + /// The corresponding Data is of type EFI_TLS_RANDOM. + /// + EfiTlsClientRandom, + /// + /// TLS session data server random. + /// The corresponding Data is of type EFI_TLS_RANDOM. + /// + EfiTlsServerRandom, + /// + /// TLS session data key material. + /// The corresponding Data is of type EFI_TLS_MASTER_SECRET. + /// + EfiTlsKeyMaterial, + + EfiTlsSessionDataTypeMaximum + +} EFI_TLS_SESSION_DATA_TYPE; + +/// +/// EFI_TLS_VERSION +/// Note: The TLS version definition is from SSL3.0 to the latest TLS (e.g. 1.2). +/// SSL2.0 is obsolete and should not be used. +/// +typedef struct { + UINT8 Major; + UINT8 Minor; +} EFI_TLS_VERSION; + +/// +/// EFI_TLS_CONNECTION_END to define TLS session as client or server. +/// +typedef enum { + EfiTlsClient, + EfiTlsServer, +} EFI_TLS_CONNECTION_END; + +/// +/// EFI_TLS_CIPHER +/// Note: The definition of EFI_TLS_CIPHER definition is from "RFC 5246, A.4.1. +/// Hello Messages". Th
[edk2] [Patch 1/2] MdePkg: Correct inconsistent function descriptions in DNS
This patch is used to correct inconsistent function descriptions in Dns4.h and Dns6.h. Cc: Fu Siyuan <siyuan...@intel.com> Cc: Ye Ting <ting...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- MdePkg/Include/Protocol/Dns4.h | 5 ++--- MdePkg/Include/Protocol/Dns6.h | 8 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/MdePkg/Include/Protocol/Dns4.h b/MdePkg/Include/Protocol/Dns4.h index 3e7cdaa..2489268 100644 --- a/MdePkg/Include/Protocol/Dns4.h +++ b/MdePkg/Include/Protocol/Dns4.h @@ -2,11 +2,11 @@ This file defines the EFI Domain Name Service Binding Protocol interface. It is split into the following two main sections: DNSv4 Service Binding Protocol (DNSv4SB) DNSv4 Protocol (DNSv4) - Copyright (c) 2015, Intel Corporation. All rights reserved. + Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -337,11 +337,11 @@ EFI_STATUS The HostNameToIp () function is used to translate the host name to host IP address. A type A query is used to get the one or more IP addresses for this host. @param[in] ThisPointer to EFI_DNS4_PROTOCOL instance. - @param[in] HostnameHost name. + @param[in] HostNameHost name. @param[in] Token Point to the completion token to translate host name to host address. @retval EFI_SUCCESS The operation completed successfully. @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: @@ -378,11 +378,10 @@ EFI_STATUS Token is NULL. Token.Event is NULL. IpAddress is not valid IP address . @retval EFI_NO_MAPPING There's no source address is available for use. @retval EFI_ALREADY_STARTED This Token is being used in another DNS session. - @retval EFI_NOT_STARTED This instance has not been started. @retval EFI_OUT_OF_RESOURCESFailed to allocate needed resources. **/ typedef EFI_STATUS (EFIAPI *EFI_DNS4_IP_TO_HOST_NAME) ( diff --git a/MdePkg/Include/Protocol/Dns6.h b/MdePkg/Include/Protocol/Dns6.h index 03cdf6a..1ea85bc 100644 --- a/MdePkg/Include/Protocol/Dns6.h +++ b/MdePkg/Include/Protocol/Dns6.h @@ -2,11 +2,11 @@ This file defines the EFI DNSv6 (Domain Name Service version 6) Protocol. It is split into the following two main sections: DNSv6 Service Binding Protocol (DNSv6SB) DNSv6 Protocol (DNSv6) - Copyright (c) 2015, Intel Corporation. All rights reserved. + Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -299,11 +299,11 @@ EFI_STATUS @param[in] DnsConfigData Pointer to the configuration data structure. All associated storage to be allocated and released by caller. @retval EFI_SUCCESS The operation completed successfully. @retval EFI_INVALID_PARAMTERThis is NULL. - The StationIp address provided in DnsConfigData is not a valid unicast. + The StationIp address provided in DnsConfigData is not zero and not a valid unicast. DnsServerList is NULL while DnsServerList Count is not ZERO. DnsServerList Count is ZERO while DnsServerList is not NULL. @retval EFI_OUT_OF_RESOURCESThe DNS instance data or required space could not be allocated. @retval EFI_DEVICE_ERRORAn unexpected system or network error occurred. The EFI DNSv6 Protocol instance is not configured. @@ -321,14 +321,14 @@ EFI_STATUS /** Host name to host address translation. The HostNameToIp () function is used to translate the host name to host IP address. A - type A query is used to get the one or more IPv6 addresses for this host. + type query is used to get the one or more IPv6 addresses for this host. @param[in] ThisPointer to EFI_DNS6_PROTOCOL instance. - @param[in] HostnameHost name. + @param[in] HostNameHost name. @param[in] Token Point to the completion token to translate host name to host address. @retval EFI_SUCCESS
[edk2] [Patch 2/2] NetworkPkg: Correct inconsistent function descriptions in DNS
This patch is used to correct inconsistent function descriptions in DnsDxe. Cc: Fu Siyuan <siyuan...@intel.com> Cc: Ye Ting <ting...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/DnsDxe/DnsImpl.h | 583 ++- NetworkPkg/DnsDxe/DnsProtocol.c | 585 +++- 2 files changed, 665 insertions(+), 503 deletions(-) diff --git a/NetworkPkg/DnsDxe/DnsImpl.h b/NetworkPkg/DnsDxe/DnsImpl.h index 72b85cb..8cd73e7 100644 --- a/NetworkPkg/DnsDxe/DnsImpl.h +++ b/NetworkPkg/DnsDxe/DnsImpl.h @@ -730,130 +730,147 @@ DnsOnTimerUpdate ( IN VOID *Context ); /** - This function is used to retrieve DNS mode data for this DNS instance. + Retrieve mode data of this DNS instance. - @param[in] This Pointer to EFI_DNS4_PROTOCOL instance. - @param[out] DnsModeDataPointer to the caller-allocated storage for the EFI_DNS4_MODE_DATA structure. + This function is used to retrieve DNS mode data for this DNS instance. - @retval EFI_SUCCESS The operation completed successfully. - @retval EFI_NOT_STARTED When DnsConfigData is queried, no configuration data is - available because this instance has not been configured. - @retval EFI_OUT_OF_RESOURCES Failed to allocate needed resources. - @retval EFI_INVALID_PARAMETER This is NULL or DnsModeData is NULL. + @param[in] This Pointer to EFI_DNS4_PROTOCOL instance. + @param[out] DnsModeDataPoint to the mode data. + @retval EFI_SUCCESS The operation completed successfully. + @retval EFI_NOT_STARTED When DnsConfigData is queried, no configuration data + is available because this instance has not been + configured. + @retval EFI_INVALID_PARAMETER This is NULL or DnsModeData is NULL. + @retval EFI_OUT_OF_RESOURCESFailed to allocate needed resources. **/ EFI_STATUS EFIAPI Dns4GetModeData ( IN EFI_DNS4_PROTOCOL *This, OUT EFI_DNS4_MODE_DATA *DnsModeData ); /** - This function is used to configure DNS configuration data for this DNS instance. - - @param[in] This Pointer to EFI_DNS4_PROTOCOL instance. - @param[in] DnsConfigData Pointer to caller-allocated buffer containing EFI_DNS4_CONFIG_DATA structure. - If NULL, the driver will reinitialize the protocol instance to the unconfigured state. - - @retval EFI_SUCCESS The operation completed successfully. - @retval EFI_UNSUPPORTED The designated protocol is not supported. - @retval EFI_OUT_OF_RESOURCES Failed to allocate needed resources. - @retval EFI_INVALID_PARAMETER This is NULL. - The StationIp address provided in DnsConfigData is not a valid unicast. - DnsServerList is NULL while DnsServerListCount is not equal to Zero. - DnsServerListCount is Zero while DnsServerListCount is not equal to NULL. - @retval EFI_DEVICE_ERROR An unexpected system or network error occurred. The EFI DNSv4 Protocol instance is not configured. - + Configure this DNS instance. + + This function is used to configure DNS mode data for this DNS instance. + + @param[in] ThisPointer to EFI_DNS4_PROTOCOL instance. + @param[in] DnsConfigData Point to the Configuration data. + + @retval EFI_SUCCESS The operation completed successfully. + @retval EFI_UNSUPPORTED The designated protocol is not supported. + @retval EFI_INVALID_PARAMTERThisis NULL. + The StationIp address provided in DnsConfigData is not a + valid unicast. + DnsServerList is NULL while DnsServerListCount + is not ZERO. + DnsServerListCount is ZERO while DnsServerList + is not NULL + @retval EFI_OUT_OF_RESOURCESThe DNS instance data or required space could not be + allocated. + @retval EFI_DEVICE_ERRORAn unexpected system or network error occurred. The + EFI DNSv4 Protocol instance is not configured. + @retval EFI_ALREADY_STARTED Second call to Configure() with DnsConfigData. To + reconfigure the instance the caller must call Configure() + with NULL first to return driver to unconfigured state. **/ EFI_STATUS EFIAPI Dns4Configure ( IN EFI_DNS4_PROTOCOL *This, IN EFI_DNS4_CONFIG_DATA*DnsConfigData ); /** - The function is used to translate the ho
[edk2] [Patch 0/2] Correct inconsistent function descriptions in DNS
This patch is used to correct inconsistent function descriptions in DNS. Cc: Fu Siyuan <siyuan...@intel.com> Cc: Ye Ting <ting...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> Jiaxin Wu (2): MdePkg: Correct inconsistent function descriptions in DNS NetworkPkg: Correct inconsistent function descriptions in DNS MdePkg/Include/Protocol/Dns4.h | 5 +- MdePkg/Include/Protocol/Dns6.h | 8 +- NetworkPkg/DnsDxe/DnsImpl.h | 583 ++- NetworkPkg/DnsDxe/DnsProtocol.c | 585 +++- 4 files changed, 671 insertions(+), 510 deletions(-) -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] Maintainers.txt: Update maintainers for NetworkPkg
Cc: Fu Siyuan <siyuan...@intel.com> Cc: Ye Ting <ting...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- Maintainers.txt | 2 -- 1 file changed, 2 deletions(-) diff --git a/Maintainers.txt b/Maintainers.txt index 0bd9c2f..9295532 100644 --- a/Maintainers.txt +++ b/Maintainers.txt @@ -146,12 +146,10 @@ M: Liming Gao <liming@intel.com> NetworkPkg W: https://github.com/tianocore/tianocore.github.io/wiki/NetworkPkg M: Siyuan Fu <siyuan...@intel.com> M: Jiaxin Wu <jiaxin...@intel.com> -M: Lubo Zhang <lubo.zh...@intel.com> -M: Fan Wang <fan.w...@intel.com> Nt32Pkg W: https://github.com/tianocore/tianocore.github.io/wiki/Nt32Pkg M: Ruiyu Ni <ruiyu...@intel.com> -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] MdePkg: Remove magic number
This patch is used to update structure of EFI_IP4_CONFIG2_INTERFACE_INFO to remove magic number. Cc: Fu Siyuan <siyuan...@intel.com> Cc: Ye Ting <ting...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- MdePkg/Include/Protocol/Ip4Config2.h | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/MdePkg/Include/Protocol/Ip4Config2.h b/MdePkg/Include/Protocol/Ip4Config2.h index 383da8a..fca2bb5 100644 --- a/MdePkg/Include/Protocol/Ip4Config2.h +++ b/MdePkg/Include/Protocol/Ip4Config2.h @@ -1,10 +1,10 @@ /** @file This file provides a definition of the EFI IPv4 Configuration II Protocol. -Copyright (c) 2015, Intel Corporation. All rights reserved. +Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -74,17 +74,22 @@ typedef enum { Ip4Config2DataTypeDnsServer, Ip4Config2DataTypeMaximum } EFI_IP4_CONFIG2_DATA_TYPE; /// +/// EFI_IP4_CONFIG2_INTERFACE_INFO related definitions +/// +#define EFI_IP4_CONFIG2_INTERFACE_INFO_NAME_SIZE 32 + +/// /// EFI_IP4_CONFIG2_INTERFACE_INFO /// typedef struct { /// /// The name of the interface. It is a NULL-terminated Unicode string. /// - CHAR16Name[32]; + CHAR16Name[EFI_IP4_CONFIG2_INTERFACE_INFO_NAME_SIZE]; /// /// The interface type of the network interface. See RFC 1700, /// section "Number Hardware Type". /// UINT8 IfType; -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch 1/2] MdeModulePkg: Define one function to create DNS QName
This patch is used to define a general function to create DNS QName. QName is a domain name represented as a sequence of labels, where each label consists of a length octet followed by that number of octets. The domain name terminates with the zero length octet for the null label of the root. Cc: Hegde Nagaraj P <nagaraj-p.he...@hpe.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- MdeModulePkg/Include/Library/NetLib.h | 21 +++ MdeModulePkg/Library/DxeNetLib/DxeNetLib.c | 58 +- 2 files changed, 78 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Include/Library/NetLib.h b/MdeModulePkg/Include/Library/NetLib.h index e4456fa..a257815 100644 --- a/MdeModulePkg/Include/Library/NetLib.h +++ b/MdeModulePkg/Include/Library/NetLib.h @@ -35,10 +35,11 @@ typedef UINT16 TCP_PORTNO; #define EFI_IP_PROTO_UDP 0x11 #define EFI_IP_PROTO_TCP 0x06 #define EFI_IP_PROTO_ICMP 0x01 #define IP4_PROTO_IGMP0x02 #define IP6_ICMP 58 +#define DNS_MAX_BLKSIZE 512 // // The address classification // #define IP4_ADDR_CLASSA 1 @@ -2154,6 +2155,26 @@ EFI_STATUS EFIAPI NetLibGetSystemGuid ( OUT EFI_GUID *SystemGuid ); +/** + Create Dns QName according the queried domain name. + QName is a domain name represented as a sequence of labels, + where each label consists of a length octet followed by that + number of octets. The domain name terminates with the zero + length octet for the null label of the root. Caller should + take responsibility to the buffer in QName. + + @param StringThe pointer to the queried Ascii string. + + @retval NULL Failed to fill QName. + @return QName filled successfully. + +**/ +CHAR8 * +EFIAPI +NetLibCreateDnsQName ( + IN CHAR16 *DomainName + ); + #endif diff --git a/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c b/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c index e112d45..dd67a1c 100644 --- a/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c +++ b/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c @@ -1,9 +1,9 @@ /** @file Network library. -Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved. +Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved. (C) Copyright 2015 Hewlett Packard Enterprise Development LP This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -3324,5 +3324,61 @@ NetLibGetSystemGuid ( } } while (TRUE); } while (Smbios.Raw < SmbiosEnd.Raw); return EFI_NOT_FOUND; } + +/** + Create Dns QName according the queried domain name. + QName is a domain name represented as a sequence of labels, + where each label consists of a length octet followed by that + number of octets. The domain name terminates with the zero + length octet for the null label of the root. Caller should + take responsibility to the buffer in QName. + + @param StringThe pointer to the queried Ascii string. + + @retval NULL Failed to fill QName. + @return QName filled successfully. + +**/ +CHAR8 * +EFIAPI +NetLibCreateDnsQName ( + IN CHAR16 *DomainName + ) +{ + CHAR8 *QueryName; + CHAR8 *Header; + CHAR8 *Tail; + UINTN Len; + UINTN Index; + + QueryName = NULL; + Header = NULL; + Tail = NULL; + + QueryName = AllocateZeroPool (DNS_MAX_BLKSIZE); + if (QueryName == NULL) { +return NULL; + } + + Header = QueryName; + Tail = Header + 1; + Len = 0; + for (Index = 0; DomainName[Index] != 0; Index++) { +*Tail = (CHAR8) DomainName[Index]; +if (*Tail == '.') { + *Header = (CHAR8) Len; + Header = Tail; + Tail ++; + Len = 0; +} else { + Tail++; + Len++; +} + } + *Header = (CHAR8) Len; + *Tail = 0; + + return QueryName; +} \ No newline at end of file -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch 2/2] NetworkPkg: Replace the internal function with exposed one
This patch is used to replace the internal function with the exposed one defined in NetLib.h. Cc: Hegde Nagaraj P <nagaraj-p.he...@hpe.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/DnsDxe/DnsImpl.c | 63 - NetworkPkg/DnsDxe/DnsImpl.h | 19 - NetworkPkg/DnsDxe/DnsProtocol.c | 6 ++-- 3 files changed, 9 insertions(+), 79 deletions(-) diff --git a/NetworkPkg/DnsDxe/DnsImpl.c b/NetworkPkg/DnsDxe/DnsImpl.c index 71dacce..77e6496 100644 --- a/NetworkPkg/DnsDxe/DnsImpl.c +++ b/NetworkPkg/DnsDxe/DnsImpl.c @@ -1012,65 +1012,10 @@ AddDns6ServerIp ( return EFI_SUCCESS; } /** - Fill QName for IP querying. QName is a domain name represented as - a sequence of labels, where each label consists of a length octet - followed by that number of octets. The domain name terminates with - the zero length octet for the null label of the root. Caller should - take responsibility to the buffer in QName. - - @param HostName Queried HostName - - @retval NULL Failed to fill QName. - @return QName filled successfully. - -**/ -CHAR8 * -EFIAPI -DnsFillinQNameForQueryIp ( - IN CHAR16 *HostName - ) -{ - CHAR8 *QueryName; - CHAR8 *Header; - CHAR8 *Tail; - UINTN Len; - UINTN Index; - - QueryName = NULL; - Header = NULL; - Tail = NULL; - - QueryName = AllocateZeroPool (DNS_DEFAULT_BLKSIZE); - if (QueryName == NULL) { -return NULL; - } - - Header = QueryName; - Tail = Header + 1; - Len = 0; - for (Index = 0; HostName[Index] != 0; Index++) { -*Tail = (CHAR8) HostName[Index]; -if (*Tail == '.') { - *Header = (CHAR8) Len; - Header = Tail; - Tail ++; - Len = 0; -} else { - Tail++; - Len++; -} - } - *Header = (CHAR8) Len; - *Tail = 0; - - return QueryName; -} - -/** Find out whether the response is valid or invalid. @param TokensMap All DNS transmittal Tokens entry. @param Identification Identification for queried packet. @param TypeType for queried packet. @@ -1780,12 +1725,16 @@ ConstructDNSQuery ( ) { NET_FRAGMENTFrag; DNS_HEADER *DnsHeader; DNS_QUERY_SECTION *DnsQuery; - - Frag.Bulk = AllocatePool (DNS_DEFAULT_BLKSIZE * sizeof (UINT8)); + + // + // Messages carried by UDP are restricted to 512 bytes (not counting the IP + // or UDP headers). + // + Frag.Bulk = AllocatePool (DNS_MAX_BLKSIZE * sizeof (UINT8)); if (Frag.Bulk == NULL) { return EFI_OUT_OF_RESOURCES; } // diff --git a/NetworkPkg/DnsDxe/DnsImpl.h b/NetworkPkg/DnsDxe/DnsImpl.h index 72b85cb..e286064 100644 --- a/NetworkPkg/DnsDxe/DnsImpl.h +++ b/NetworkPkg/DnsDxe/DnsImpl.h @@ -85,11 +85,10 @@ extern EFI_DNS6_PROTOCOL mDns6Protocol; #define DNS_STATE_CONFIGED 1 #define DNS_STATE_DESTROY2 #define DNS_DEFAULT_TIMEOUT 2 #define DNS_DEFAULT_RETRY3 -#define DNS_DEFAULT_BLKSIZE 512 #define DNS_TIME_TO_GETMAP 5 #pragma pack(1) @@ -555,28 +554,10 @@ AddDns6ServerIp ( IN LIST_ENTRY*Dns6ServerList, IN EFI_IPv6_ADDRESS ServerIp ); /** - Fill QName for IP querying. QName is a domain name represented as - a sequence of labels, where each label consists of a length octet - followed by that number of octets. The domain name terminates with - the zero length octet for the null label of the root. - - @param HostName Queried HostName - - @retval NULL Failed to fill QName. - @return QName filled successfully. - -**/ -CHAR8 * -EFIAPI -DnsFillinQNameForQueryIp ( - IN CHAR16 *HostName - ); - -/** Find out whether the response is valid or invalid. @param TokensMap All DNS transmittal Tokens entry. @param Identification Identification for queried packet. @param TypeType for queried packet. diff --git a/NetworkPkg/DnsDxe/DnsProtocol.c b/NetworkPkg/DnsDxe/DnsProtocol.c index a3f3de9..3093535 100644 --- a/NetworkPkg/DnsDxe/DnsProtocol.c +++ b/NetworkPkg/DnsDxe/DnsProtocol.c @@ -1,9 +1,9 @@ /** @file Implementation of EFI_DNS4_PROTOCOL and EFI_DNS6_PROTOCOL interfaces. -Copyright (c) 2015, Intel Corporation. All rights reserved. +Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -442,11 +442,11 @@ Dns4HostNameToIp ( TokenEntry->Token = Token; // // Construc
[edk2] [Patch 0/2] Expose one function defined in DnsDxe to NetLib
The series of patches are used to expose one function defined in DnsDxe to NetLib. Cc: Hegde Nagaraj P <nagaraj-p.he...@hpe.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> Jiaxin Wu (2): MdeModulePkg: Define a general function to create DNS QName NetworkPkg: Replace the internal function with exposed one MdeModulePkg/Include/Library/NetLib.h | 21 ++ MdeModulePkg/Library/DxeNetLib/DxeNetLib.c | 58 ++- NetworkPkg/DnsDxe/DnsImpl.c| 63 +++--- NetworkPkg/DnsDxe/DnsImpl.h| 19 - NetworkPkg/DnsDxe/DnsProtocol.c| 6 +-- 5 files changed, 87 insertions(+), 80 deletions(-) -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] edk2: Update the maintainer list.
This patch is used to update the CryptoPkg and NetworkPkg maintainer list. Cc: Long Qin <qin.l...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Tian Hot <hot.t...@intel.com> Cc: Li Ruth <ruth...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- Maintainers.txt | 4 1 file changed, 4 insertions(+) diff --git a/Maintainers.txt b/Maintainers.txt index dc0891e..59cd2bf 100644 --- a/Maintainers.txt +++ b/Maintainers.txt @@ -83,10 +83,11 @@ M: Prince Agyeman <prince.agye...@intel.com> S: Maintained CryptoPkg W: https://github.com/tianocore/tianocore.github.io/wiki/CryptoPkg M: Qin Long <qin.l...@intel.com> +M: Ting Ye <ting...@intel.com> DuetPkg W: https://github.com/tianocore/tianocore.github.io/wiki/DuetPkg M: Ruiyu Ni <ruiyu...@intel.com> @@ -144,10 +145,13 @@ M: Michael D Kinney <michael.d.kin...@intel.com> M: Liming Gao <liming@intel.com> NetworkPkg W: https://github.com/tianocore/tianocore.github.io/wiki/NetworkPkg M: Siyuan Fu <siyuan...@intel.com> +M: Jiaxin Wu <jiaxin...@intel.com> +M: Lubo Zhang <lubo.zh...@intel.com> +M: Fan Wang <fan.w...@intel.com> Nt32Pkg W: https://github.com/tianocore/tianocore.github.io/wiki/Nt32Pkg M: Ruiyu Ni <ruiyu...@intel.com> -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch 2/2] NetworkPkg: Remove DNS QType and QClass definition
This patch is used to remove DNS QType and QClass definition in DnsImpl.h since it will be exposed in NetLib.h. Cc: Hegde Nagaraj P <nagaraj-p.he...@hpe.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/DnsDxe/DnsImpl.h | 15 +-- 1 file changed, 1 insertion(+), 14 deletions(-) diff --git a/NetworkPkg/DnsDxe/DnsImpl.h b/NetworkPkg/DnsDxe/DnsImpl.h index 847cd15..72b85cb 100644 --- a/NetworkPkg/DnsDxe/DnsImpl.h +++ b/NetworkPkg/DnsDxe/DnsImpl.h @@ -1,9 +1,9 @@ /** @file DnsDxe support functions implementation. -Copyright (c) 2015, Intel Corporation. All rights reserved. +Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -174,23 +174,10 @@ typedef struct { UINT16 Class; UINT32 Ttl; UINT16 DataLength; } DNS_ANSWER_SECTION; -#define DNS_TYPE_A 1 -#define DNS_TYPE_NS 2 -#define DNS_TYPE_CNAME 5 -#define DNS_TYPE_PTR12 -#define DNS_TYPE_HINFO 13 -#define DNS_TYPE_MX 15 -#define DNS_TYPE_ 28 -#define DNS_TYPE_SRV_RR 33 -#define DNS_TYPE_AXFR 252 -#define DNS_TYPE_ANY255 - -#define DNS_CLASS_INET 1 - #define DNS4_DOMAIN L"in-addr.arpa" #define DNS6_DOMAIN L"IP6.ARPA" #pragma pack() -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch 0/2] Move DNS QType and QClass definition to NetLib.h
The series patches are used to Move DNS QType and QClass definition to NetLib.h Cc: Hegde Nagaraj P <nagaraj-p.he...@hpe.com> Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> Jiaxin Wu (2): MdeModulePkg: Add DNS QType and QClass values definition NetworkPkg: Remove DNS QType and QClass definition MdeModulePkg/Include/Library/NetLib.h | 29 - NetworkPkg/DnsDxe/DnsImpl.h | 15 +-- 2 files changed, 29 insertions(+), 15 deletions(-) -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch 2/2] NetworkPkg: Fix SPD entry edit policy issue in IPSecConfig.
The current implementation doesn't handle the relationship between SPD and SAD well, which may introduce some security and connection issue after SPD updated. For SPD entry edit policy, if one SPD entry is edited/updated, the original SAs list should be discard. Current IPSecConfig tool does not dealt properly with those rules. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- .../Application/IpsecConfig/PolicyEntryOperation.c | 41 ++ 1 file changed, 18 insertions(+), 23 deletions(-) diff --git a/NetworkPkg/Application/IpsecConfig/PolicyEntryOperation.c b/NetworkPkg/Application/IpsecConfig/PolicyEntryOperation.c index 970caa1..9bbc114 100644 --- a/NetworkPkg/Application/IpsecConfig/PolicyEntryOperation.c +++ b/NetworkPkg/Application/IpsecConfig/PolicyEntryOperation.c @@ -1,9 +1,9 @@ /** @file The implementation of policy entry operation function in IpSecConfig application. - Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved. + Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -1396,10 +1396,12 @@ CombineSpdEntry ( break; } // // Process Data // + OldData->SaIdCount = 0; + if ((Mask & NAME) != 0) { AsciiStrCpyS ((CHAR8 *) OldData->Name, MAX_PEERID_LEN, (CHAR8 *) NewData->Name); } if ((Mask & PACKET_FLAG) != 0) { @@ -1860,41 +1862,34 @@ EditOperatePolicyEntry ( Context->Data, Context->Mask, ); if (!EFI_ERROR (Status)) { + // + // If the Selector already existed, this Entry will be updated by set data. + // + Status = mIpSecConfig->SetData ( + mIpSecConfig, + Context->DataType, + Context->Selector, /// New created selector. + Data, /// Old date which has been modified, need to be set data. + Selector + ); + ASSERT_EFI_ERROR (Status); + if (CreateNew) { // -// Insert new entry before old entry +// Edit the entry to a new one. So, we need delete the old entry. // Status = mIpSecConfig->SetData ( mIpSecConfig, Context->DataType, - Context->Selector, - Data, - Selector - ); -ASSERT_EFI_ERROR (Status); -// -// Delete old entry -// -Status = mIpSecConfig->SetData ( - mIpSecConfig, - Context->DataType, - Selector, - NULL, + Selector, /// Old selector. + NULL, /// NULL means to delete this Entry specified by Selector. NULL ); ASSERT_EFI_ERROR (Status); - } else { -Status = mIpSecConfig->SetData ( - mIpSecConfig, - Context->DataType, - Context->Selector, - Data, - NULL - ); } } Context->Status = Status; return EFI_ABORTED; -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch 0/2] Fix IpSec SPD and SAD mapping issue when SPD updated
The serial patches are used to fix the IpSec SPD and SAD mapping issue when SPD updated by IPSecConfig tool. The problem is divided into two parts: One is SPD SetData policy, and the other is edit policy which mainly triggered by IPSecConfig tool. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> Jiaxin Wu (2): NetworkPkg: Fix IpSec SPD and SAD mapping issue when SPD is updated NetworkPkg: Fix SPD entry edit policy issue in IPSecConfig. .../Application/IpsecConfig/PolicyEntryOperation.c | 41 ++--- NetworkPkg/IpSecDxe/IpSecConfigImpl.c | 68 +++--- 2 files changed, 64 insertions(+), 45 deletions(-) -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch 1/2] NetworkPkg: Fix IpSec SPD and SAD mapping issue when SPD updated
The current implementation doesn't handle the relationship between SPD and SAD well, which may introduce some security and connection issue after SPD updated. For SPD SetData policy: A) When delete the existed SPD entry, its related SAs also should be removed from its Sas list(SadEntry->BySpd). If the SA entry is established by IKE, we can remove it from global SAD list(SadEntry->List) and then free it directly since its SpdEntry will be freed later. B) SPD SetData operation should do some setting date validity-check. For example, whether the SaId specified by setting Data is valid. If the setting date is invalid, EFI_INVALID_PARAMETER should be returned. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/IpSecDxe/IpSecConfigImpl.c | 68 +++ 1 file changed, 46 insertions(+), 22 deletions(-) diff --git a/NetworkPkg/IpSecDxe/IpSecConfigImpl.c b/NetworkPkg/IpSecDxe/IpSecConfigImpl.c index 8c7724c..e1b24e4 100644 --- a/NetworkPkg/IpSecDxe/IpSecConfigImpl.c +++ b/NetworkPkg/IpSecDxe/IpSecConfigImpl.c @@ -1,9 +1,9 @@ /** @file The implementation of IPSEC_CONFIG_PROTOCOL. - Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved. + Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -209,11 +209,11 @@ CompareSpdSelector ( IsMatch = FALSE; return IsMatch; } // - // Compare the all LocalAddress fields in the two Spdselectors. + // Compare the all LocalAddress and RemoteAddress fields in the two Spdselectors. // First, SpdSel1->LocalAddress to SpdSel2->LocalAddress && Compare // SpdSel1->RemoteAddress to SpdSel2->RemoteAddress. If all match, return // TRUE. // for (Index = 0; Index < SpdSel1->LocalAddressCount; Index++) { @@ -370,11 +370,11 @@ IsSubSpdSelector ( ) { IsMatch = FALSE; } // - // Compare the all LocalAddress fields in the two Spdselectors. + // Compare the all LocalAddress and RemoteAddress fields in the two Spdselectors. // First, SpdSel1->LocalAddress to SpdSel2->LocalAddress && Compare // SpdSel1->RemoteAddress to SpdSel2->RemoteAddress. If all match, return // TRUE. // if (IsMatch) { @@ -427,13 +427,13 @@ IsSubSpdSelector ( IsMatch = FALSE; return IsMatch; } // - // Compare the all LocalAddress fields in the two Spdselectors. - // First, SpdSel1->LocalAddress to SpdSel2->LocalAddress && Compare - // SpdSel1->RemoteAddress to SpdSel2->RemoteAddress. If all match, return + // Compare the all LocalAddress and RemoteAddress fields in the two Spdselectors. + // First, SpdSel1->LocalAddress to SpdSel2->RemoteAddress && Compare + // SpdSel1->RemoteAddress to SpdSel2->LocalAddress. If all match, return // TRUE. // for (Index = 0; Index < SpdSel1->LocalAddressCount; Index++) { if (!IsInAddressInfoList ( >LocalAddress[Index], @@ -1016,10 +1016,12 @@ UnfixPadEntry ( and its policy is not NULL. - The Action of Data is Protected, its policy mode is Tunnel, and its tunnel option is NULL. - The Action of Data is protected and its policy mode is not Tunnel and it tunnel option is not NULL. + - SadEntry requied to be set into new SpdEntry's Sas has + been found but it is invalid. @retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated. @retval EFI_SUCCESS The specified configuration data was obtained successfully. **/ EFI_STATUS @@ -1037,10 +1039,11 @@ SetSpdEntry ( LIST_ENTRY *SpdSas; LIST_ENTRY *EntryInsertBefore; LIST_ENTRY *Entry; LIST_ENTRY *Entry2; LIST_ENTRY *NextEntry; + LIST_ENTRY *NextEntry2; IPSEC_SPD_ENTRY *SpdEntry; IPSEC_SAD_ENTRY *SadEntry; UINTN SpdEntrySize; UINTN Index; @@ -1095,15 +1098,26 @@ SetSpdEntry ( // Update the reverse ref of SAD entry in the SPD.sas list. // SpdSas = >Data->Sas; // - // TODO: Deleted the related SAs. + // Remove the related SAs from Sas(SadEntry->BySpd). If the SA entry is established by + // IKE, remove from mConfigData list(
[edk2] [Patch] NetworkPkg: Removing or adding some ASSERT statement
Refine the code by removing or adding some ASSERT statement to make the code more readable. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/DnsDxe/DnsImpl.c | 4 NetworkPkg/DnsDxe/DnsProtocol.c | 8 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/NetworkPkg/DnsDxe/DnsImpl.c b/NetworkPkg/DnsDxe/DnsImpl.c index 8725670..823bcf3 100644 --- a/NetworkPkg/DnsDxe/DnsImpl.c +++ b/NetworkPkg/DnsDxe/DnsImpl.c @@ -1358,12 +1358,10 @@ ParseDnsResponse ( // // Check whether it's the GeneralLookUp querying. // if (Instance->Service->IpVersion == IP_VERSION_4 && Dns4TokenEntry->GeneralLookUp) { - ASSERT (Dns4TokenEntry != NULL); - Dns4RR = Dns4TokenEntry->Token->RspData.GLookupData->RRList; AnswerData = (UINT8 *) AnswerSection + sizeof (*AnswerSection); // // Fill the ResourceRecord. @@ -1385,12 +1383,10 @@ ParseDnsResponse ( } CopyMem (Dns4RR[RRCount].RData, AnswerData, Dns4RR[RRCount].DataLength); RRCount ++; } else if (Instance->Service->IpVersion == IP_VERSION_6 && Dns6TokenEntry->GeneralLookUp) { - ASSERT (Dns6TokenEntry != NULL); - Dns6RR = Dns6TokenEntry->Token->RspData.GLookupData->RRList; AnswerData = (UINT8 *) AnswerSection + sizeof (*AnswerSection); // // Fill the ResourceRecord. diff --git a/NetworkPkg/DnsDxe/DnsProtocol.c b/NetworkPkg/DnsDxe/DnsProtocol.c index e7aa227..a3f3de9 100644 --- a/NetworkPkg/DnsDxe/DnsProtocol.c +++ b/NetworkPkg/DnsDxe/DnsProtocol.c @@ -460,10 +460,12 @@ Dns4HostNameToIp ( } goto ON_EXIT; } + ASSERT (Packet != NULL); + // // Save the token into the Dns4TxTokens map. // Status = NetMapInsertTail (>Dns4TxTokens, TokenEntry, Packet); if (EFI_ERROR (Status)) { @@ -633,10 +635,12 @@ Dns4GeneralLookUp ( } goto ON_EXIT; } + ASSERT (Packet != NULL); + // // Save the token into the Dns4TxTokens map. // Status = NetMapInsertTail (>Dns4TxTokens, TokenEntry, Packet); if (EFI_ERROR (Status)) { @@ -1229,10 +1233,12 @@ Dns6HostNameToIp ( } goto ON_EXIT; } + ASSERT (Packet != NULL); + // // Save the token into the Dns6TxTokens map. // Status = NetMapInsertTail (>Dns6TxTokens, TokenEntry, Packet); if (EFI_ERROR (Status)) { @@ -1402,10 +1408,12 @@ Dns6GeneralLookUp ( } goto ON_EXIT; } + ASSERT (Packet != NULL); + // // Save the token into the Dns6TxTokens map. // Status = NetMapInsertTail (>Dns6TxTokens, TokenEntry, Packet); if (EFI_ERROR (Status)) { -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] NetworkPkg: Fix the potential NULL pointer dereferenced issue
This patch is used to fix the potential NULL pointer dereferenced in function 'ParseDnsResponse'. Cc: Fu Siyuan <siyuan...@intel.com> Cc: Zhang Lubo <lubo.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/DnsDxe/DnsImpl.c | 59 +++-- 1 file changed, 41 insertions(+), 18 deletions(-) diff --git a/NetworkPkg/DnsDxe/DnsImpl.c b/NetworkPkg/DnsDxe/DnsImpl.c index 42d51f0..4f7320e 100644 --- a/NetworkPkg/DnsDxe/DnsImpl.c +++ b/NetworkPkg/DnsDxe/DnsImpl.c @@ -1197,23 +1197,32 @@ ParseDnsResponse ( } // // Check the Query type, do some buffer allocations. // - if (QuerySection->Type == DNS_TYPE_A) { -Dns4TokenEntry->Token->RspData.H2AData = AllocatePool (sizeof (DNS_HOST_TO_ADDR_DATA)); -ASSERT (Dns4TokenEntry->Token->RspData.H2AData != NULL); -Dns4TokenEntry->Token->RspData.H2AData->IpList = AllocatePool (DnsHeader->AnswersNum * sizeof (EFI_IPv4_ADDRESS)); -ASSERT (Dns4TokenEntry->Token->RspData.H2AData->IpList != NULL); - } else if (QuerySection->Type == DNS_TYPE_) { -Dns6TokenEntry->Token->RspData.H2AData = AllocatePool (sizeof (DNS6_HOST_TO_ADDR_DATA)); -ASSERT (Dns6TokenEntry->Token->RspData.H2AData != NULL); -Dns6TokenEntry->Token->RspData.H2AData->IpList = AllocatePool (DnsHeader->AnswersNum * sizeof (EFI_IPv6_ADDRESS)); -ASSERT (Dns6TokenEntry->Token->RspData.H2AData->IpList != NULL); + if (Instance->Service->IpVersion == IP_VERSION_4) { +ASSERT (Dns4TokenEntry != NULL); +if (QuerySection->Type == DNS_TYPE_A) { + Dns4TokenEntry->Token->RspData.H2AData = AllocatePool (sizeof (DNS_HOST_TO_ADDR_DATA)); + ASSERT (Dns4TokenEntry->Token->RspData.H2AData != NULL); + Dns4TokenEntry->Token->RspData.H2AData->IpList = AllocatePool (DnsHeader->AnswersNum * sizeof (EFI_IPv4_ADDRESS)); + ASSERT (Dns4TokenEntry->Token->RspData.H2AData->IpList != NULL); +} else { + Status = EFI_UNSUPPORTED; + goto ON_EXIT; +} } else { -Status = EFI_UNSUPPORTED; -goto ON_EXIT; +ASSERT (Dns6TokenEntry != NULL); +if (QuerySection->Type == DNS_TYPE_) { + Dns6TokenEntry->Token->RspData.H2AData = AllocatePool (sizeof (DNS6_HOST_TO_ADDR_DATA)); + ASSERT (Dns6TokenEntry->Token->RspData.H2AData != NULL); + Dns6TokenEntry->Token->RspData.H2AData->IpList = AllocatePool (DnsHeader->AnswersNum * sizeof (EFI_IPv6_ADDRESS)); + ASSERT (Dns6TokenEntry->Token->RspData.H2AData->IpList != NULL); +} else { + Status = EFI_UNSUPPORTED; + goto ON_EXIT; +} } // // Processing AnswerSection. // @@ -1238,11 +1247,11 @@ ParseDnsResponse ( switch (AnswerSection->Type) { case DNS_TYPE_A: // // This is address entry, get Data. // -ASSERT (AnswerSection->DataLength == 4); +ASSERT (Dns4TokenEntry != NULL && AnswerSection->DataLength == 4); HostAddr4 = Dns4TokenEntry->Token->RspData.H2AData->IpList; AnswerData = (UINT8 *) AnswerSection + sizeof (*AnswerSection); CopyMem ([IpCount], AnswerData, sizeof (EFI_IPv4_ADDRESS)); @@ -1280,11 +1289,11 @@ ParseDnsResponse ( break; case DNS_TYPE_: // // This is address entry, get Data. // -ASSERT (AnswerSection->DataLength == 16); +ASSERT (Dns6TokenEntry != NULL && AnswerSection->DataLength == 16); HostAddr6 = Dns6TokenEntry->Token->RspData.H2AData->IpList; AnswerData = (UINT8 *) AnswerSection + sizeof (*AnswerSection); CopyMem ([IpCount], AnswerData, sizeof (EFI_IPv6_ADDRESS)); @@ -1331,27 +1340,41 @@ ParseDnsResponse ( // AnswerName = (CHAR8 *) AnswerSection + sizeof (*AnswerSection) + AnswerSection->DataLength; AnswerSectionNum ++; } - if (QuerySection->Type == DNS_TYPE_A) { -Dns4TokenEntry->Token->RspData.H2AData->IpCount = IpCount; - } else if (QuerySection->Type == DNS_TYPE_) { -Dns6TokenEntry->Token->RspData.H2AData->IpCount = IpCount; + if (Instance->Service->IpVersion == IP_VERSION_4) { +ASSERT (Dns4TokenEntry != NULL); +if (QuerySection->Type == DNS_TYPE_A) { + Dns4TokenEntry->Token->RspData.H2AData->IpCount = IpCount; +} else { + Status = EFI_UNSUPPORTED; + goto ON_EXIT; +} + } else { +ASSERT (Dns6TokenEntry != NULL); +if (QuerySection->Type == DNS_TYPE_) { + Dns6TokenEntry->Token->RspData.H2AData->IpCount = IpCount; +} else { + Status = EFI_UNSUPPORTED; + goto ON_EXIT; +} } // // Parsing is complete, SignalEvent here. // if (Instance-
[edk2] [Patch] ShellPkg: Fix ifconfig hang issue with incomplete parameters
This patch is used to fix ifconfig hang issue with incomplete parameters. In addition, some error related output information is added to increase the interactivity. Cc: Leekha Shaveta <shav...@freescale.com> Cc: Carsey Jaben <jaben.car...@intel.com> Cc: Ye Ting <ting...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- .../UefiShellNetwork1CommandsLib/Ifconfig.c| 61 - .../UefiShellNetwork1CommandsLib.uni | Bin 21094 -> 21256 bytes 2 files changed, 47 insertions(+), 14 deletions(-) diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c index fb6f575..f8dbc88 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c @@ -826,10 +826,11 @@ IfConfigClearInterfaceInfo ( Ip4Config2DataTypePolicy, sizeof (EFI_IP4_CONFIG2_POLICY), ); if (EFI_ERROR (Status)) { + ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_ERR_AD), gShellNetwork1HiiHandle, L"ifconfig"); ShellStatus = SHELL_ACCESS_DENIED; break; } } @@ -902,10 +903,11 @@ IfConfigSetInterfaceInfo ( NULL, NULL, ); if (EFI_ERROR (Status)) { +ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_ERR_AD), gShellNetwork1HiiHandle, L"ifconfig"); ShellStatus = SHELL_ACCESS_DENIED; goto ON_EXIT; } Status = gBS->CreateEvent ( @@ -914,10 +916,11 @@ IfConfigSetInterfaceInfo ( IfConfigManualAddressNotify, , ); if (EFI_ERROR (Status)) { +ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_ERR_AD), gShellNetwork1HiiHandle, L"ifconfig"); ShellStatus = SHELL_ACCESS_DENIED; goto ON_EXIT; } // @@ -972,10 +975,11 @@ IfConfigSetInterfaceInfo ( // if (StrCmp(VarArg->Arg, L"dhcp") == 0) { if (IfCb->Policy == Ip4Config2PolicyDhcp) { Status = IfConfigStartIp4 (IfCb->NicHandle, gImageHandle); if (EFI_ERROR(Status)) { + ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_ERR_AD), gShellNetwork1HiiHandle, L"ifconfig"); ShellStatus = SHELL_ACCESS_DENIED; goto ON_EXIT; } } else { // @@ -987,74 +991,100 @@ IfConfigSetInterfaceInfo ( Ip4Config2DataTypePolicy, sizeof (EFI_IP4_CONFIG2_POLICY), ); if (EFI_ERROR(Status)) { + ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_ERR_AD), gShellNetwork1HiiHandle, L"ifconfig"); ShellStatus = SHELL_ACCESS_DENIED; goto ON_EXIT; } } VarArg= VarArg->Next; } else if (StrCmp (VarArg->Arg, L"static") == 0) { - // - // Set manual config policy. - // - Policy = Ip4Config2PolicyStatic; - Status = IfCb->IfCfg->SetData ( - IfCb->IfCfg, - Ip4Config2DataTypePolicy, - sizeof (EFI_IP4_CONFIG2_POLICY), - - ); - if (EFI_ERROR(Status)) { -ShellStatus = SHELL_ACCESS_DENIED; + VarArg= VarArg->Next; + if (VarArg == NULL) { +ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_LACK_COMMAND), gShellNetwork1HiiHandle); +ShellStatus = SHELL_INVALID_PARAMETER; goto ON_EXIT; } - VarArg= VarArg->Next; - ZeroMem (, sizeof (ManualAddress)); // // Get manual IP address. // Status = NetLibStrToIp4 (VarArg->Arg, ); if (EFI_ERROR(Status)) { +ShellPrintHiiEx(-1, -1, NULL,STRING_TOKEN (STR_IFCONFIG_INVALID_IPADDRESS), gShellNetwork1HiiHandle, VarArg->Arg); ShellStatus = SHELL_INVALID_PARAMETER; goto ON_EXIT; } // // Get subnetmask. // VarArg = VarArg->Next; + if (VarArg == NULL) { +ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_LACK_COMMAND), gShellNetwork1HiiHandle); +ShellStatus = SHELL_INVALID_PARAMETER; +goto ON_EXIT; + } + Status = NetLibStrToIp4 (VarArg->Arg, ); if (EFI_ERROR(Status)) { +ShellPrintHiiEx(-1, -1, NULL,STRING_TOKEN (STR_IFCONFIG_INVALID_IPADDRESS), gShellNetwork1HiiHandle, VarArg->Arg); ShellStatus = SHELL_INVALID_PARAMETER; goto ON_EXIT; } //
[edk2] [Patch] ShellPkg: Fix wrong return status for Ifconfig.c
The Ifconfig command handler tries to return an EFI_STATUS when the return type should be SHELL_STATUS. Cc: Cohen, Eugene <eug...@hp.com> Cc: Carsey, Jaben <jaben.car...@intel.com> Cc: Ye Ting <ting...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- .../UefiShellNetwork1CommandsLib/Ifconfig.c| 102 ++--- 1 file changed, 69 insertions(+), 33 deletions(-) diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c index e16d46a..fb6f575 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c @@ -421,11 +421,11 @@ IfConfigGetInterfaceInfo ( NULL, , ); if (EFI_ERROR (Status) || (HandleNum == 0)) { -return EFI_ABORTED; +return Status; } // // Enumerate all handles that installed with ip4 service binding protocol. // @@ -585,15 +585,15 @@ ON_ERROR: /** The list process of the ifconfig command. @param[in] IfListThe pointer of IfList(interface list). - @retval EFI_SUCCESSThe ifconfig command list processed successfully. + @retval SHELL_SUCCESS The ifconfig command list processed successfully. @retval others The ifconfig command list process failed. **/ -EFI_STATUS +SHELL_STATUS IfConfigShowInterfaceInfo ( IN LIST_ENTRY*IfList ) { LIST_ENTRY *Entry; @@ -781,35 +781,37 @@ IfConfigShowInterfaceInfo ( } } ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_BREAK), gShellNetwork1HiiHandle); - return EFI_SUCCESS; + return SHELL_SUCCESS; } /** The clean process of the ifconfig command to clear interface info. @param[in] IfListThe pointer of IfList(interface list). - @retval EFI_SUCCESSThe ifconfig command clean processed successfully. + @retval SHELL_SUCCESS The ifconfig command clean processed successfully. @retval others The ifconfig command clean process failed. **/ -EFI_STATUS +SHELL_STATUS IfConfigClearInterfaceInfo ( IN LIST_ENTRY*IfList ) { - EFI_STATUSStatus; + EFI_STATUSStatus; + SHELL_STATUS ShellStatus; LIST_ENTRY*Entry; LIST_ENTRY*Next; IFCONFIG_INTERFACE_CB *IfCb; EFI_IP4_CONFIG2_POLICYPolicy; Policy = Ip4Config2PolicyDhcp; Status = EFI_SUCCESS; + ShellStatus = SHELL_SUCCESS; if (IsListEmpty (IfList)) { ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INVALID_INTERFACE), gShellNetwork1HiiHandle); } @@ -823,37 +825,37 @@ IfConfigClearInterfaceInfo ( IfCb->IfCfg, Ip4Config2DataTypePolicy, sizeof (EFI_IP4_CONFIG2_POLICY), ); - if (EFI_ERROR (Status)) { + ShellStatus = SHELL_ACCESS_DENIED; break; } } - return Status; + return ShellStatus; } /** The set process of the ifconfig command. @param[in] IfListThe pointer of IfList(interface list). @param[in] VarArgThe pointer of ARG_LIST(Args with "-s" option). - @retval EFI_SUCCESSThe ifconfig command set processed successfully. + @retval SHELL_SUCCESS The ifconfig command set processed successfully. @retval others The ifconfig command set process failed. **/ -EFI_STATUS +SHELL_STATUS IfConfigSetInterfaceInfo ( IN LIST_ENTRY*IfList, IN ARG_LIST *VarArg ) { - EFI_STATUS Status; + SHELL_STATUS ShellStatus; IFCONFIG_INTERFACE_CB*IfCb; VAR_CHECK_CODE CheckCode; EFI_EVENTTimeOutEvt; EFI_EVENTMappedEvt; BOOLEAN IsAddressOk; @@ -870,18 +872,19 @@ IfConfigSetInterfaceInfo ( Dns = NULL; if (IsListEmpty (IfList)) { ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INVALID_INTERFACE), gShellNetwork1HiiHandle); -return EFI_INVALID_PARAMETER; +return SHELL_INVALID_PARAMETER; } // // Make sure to set only one interface each time. // IfCb = NET_LIST_USER_STRUCT (IfList->ForwardLink, IFCONFIG_INTERFACE_CB, Link); Status = EFI_SUCCESS; + ShellStatus = SHELL_SUCCESS; // // Initialize check list mechanism. // CheckCode = IfConfigRetriveCheckListByName( @@ -899,10 +902,11 @@ IfConfigSetInterfaceInfo ( NULL, NULL, ); if (EFI_ERROR (Status)) { +ShellStatus = SHELL_ACCESS_DENIED; goto ON_EXIT; } Status = gBS->CreateEvent (
[edk2] [Patch] NetworkPkg: Fix connection issue after correct SPD and re-enable IPsec
This patch is used to fix connection failure issue after correct the SPD and re-enable IPsec. The driver should not update the SadEntry's SpdSelector when doing SpdEntry modification. SadEntry's SpdSelector may not equal to this edited SpdEntry’s Selector. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- NetworkPkg/IpSecDxe/IpSecConfigImpl.c | 7 +-- 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/NetworkPkg/IpSecDxe/IpSecConfigImpl.c b/NetworkPkg/IpSecDxe/IpSecConfigImpl.c index bd49245..405521d 100644 --- a/NetworkPkg/IpSecDxe/IpSecConfigImpl.c +++ b/NetworkPkg/IpSecDxe/IpSecConfigImpl.c @@ -1201,16 +1201,11 @@ SetSpdEntry ( )) { if (SadEntry->Data->SpdEntry != NULL) { RemoveEntryList (>BySpd); } InsertTailList (>Data->Sas, >BySpd); -SadEntry->Data->SpdEntry = SpdEntry; -DuplicateSpdSelector ( - (EFI_IPSEC_CONFIG_SELECTOR *)SadEntry->Data->SpdSelector, - (EFI_IPSEC_CONFIG_SELECTOR *)SpdEntry->Selector, - NULL - ); +SadEntry->Data->SpdEntry = SpdEntry; } } } // // Insert the new SPD entry. -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [PATCH v2] NetworkPkg: Fix IpSec run into infinite loop issue
v2: * Update the copyright year and conditional judgment for removing. When use -e to edit SPD database, the corresponding SA entry will be updated to the sas list of the new SPD entry. But before that, all of them should be removed from the original sas list. If not, the list will be broken into infinite loop. Cc: Ye Ting ting...@intel.com Cc: Fu Siyuan siyuan...@intel.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- NetworkPkg/IpSecDxe/IpSecConfigImpl.c | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/NetworkPkg/IpSecDxe/IpSecConfigImpl.c b/NetworkPkg/IpSecDxe/IpSecConfigImpl.c index 6eabfe4..bd49245 100644 --- a/NetworkPkg/IpSecDxe/IpSecConfigImpl.c +++ b/NetworkPkg/IpSecDxe/IpSecConfigImpl.c @@ -1,9 +1,9 @@ /** @file The implementation of IPSEC_CONFIG_PROTOCOL. - Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.BR + Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.BR This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -1197,10 +1197,13 @@ SetSpdEntry ( if (CompareSaId ( (EFI_IPSEC_CONFIG_SELECTOR *) SpdData-SaId[Index], (EFI_IPSEC_CONFIG_SELECTOR *) SadEntry-Id )) { +if (SadEntry-Data-SpdEntry != NULL) { + RemoveEntryList (SadEntry-BySpd); +} InsertTailList (SpdEntry-Data-Sas, SadEntry-BySpd); SadEntry-Data-SpdEntry = SpdEntry; DuplicateSpdSelector ( (EFI_IPSEC_CONFIG_SELECTOR *)SadEntry-Data-SpdSelector, (EFI_IPSEC_CONFIG_SELECTOR *)SpdEntry-Selector, -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] ShellPkg: Get media status in ifconfig command
This patch is used to get media status in ifconfig command. Cc: Ye Ting ting...@intel.com Cc: Fu Siyuan siyuan...@intel.com Cc: Jaben Carsey jaben.car...@intel.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- .../UefiShellNetwork1CommandsLib/Ifconfig.c| 85 +++-- .../UefiShellNetwork1CommandsLib.uni | Bin 20910 - 21094 bytes 2 files changed, 80 insertions(+), 5 deletions(-) diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c index 273f1a8..4637f28 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c @@ -378,10 +378,68 @@ IfConfigPrintMacAddr ( } ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_NEWLINE), gShellNetwork1HiiHandle); } +/** + Get network physical device NIC information. + + @param[in] Handle The network physical device handle. + @param[out] MediaPresent Upon successful return, TRUE is media present +is enabled. FALSE otherwise. + + @retval EFI_SUCCESS The operation was successful. + @retval othersGet media status failed. +**/ +EFI_STATUS +EFIAPI +IfConfigGetNicMediaStatus ( + IN EFI_HANDLEServiceHandle, + OUT BOOLEAN *MediaPresent + ) + +{ + EFI_STATUS Status; + EFI_HANDLE SnpHandle; + EFI_SIMPLE_NETWORK_PROTOCOL *Snp; + UINT32 InterruptStatus; + + ASSERT (MediaPresent != NULL); + + // + // Get SNP handle + // + Snp = NULL; + SnpHandle = NetLibGetSnpHandle (ServiceHandle, Snp); + if (SnpHandle == NULL) { +return EFI_INVALID_PARAMETER; + } + + // + // Check whether SNP support media detection + // + if (!Snp-Mode-MediaPresentSupported) { +return EFI_UNSUPPORTED; + } + + // + // Invoke Snp-GetStatus() to refresh MediaPresent field in SNP mode data + // + Status = Snp-GetStatus (Snp, InterruptStatus, NULL); + if (EFI_ERROR (Status)) { +return Status; + } + + if (Snp-Mode-MediaPresent) { +*MediaPresent = TRUE; + } else { +*MediaPresent = FALSE; + } + + return EFI_SUCCESS; +} + /** The get current status of all handles. @param[in] IfName The pointer of IfName(interface name). @@ -594,15 +652,18 @@ ON_ERROR: EFI_STATUS IfConfigShowInterfaceInfo ( IN LIST_ENTRY*IfList ) { - LIST_ENTRY*Entry; - LIST_ENTRY*Next; - IFCONFIG_INTERFACE_CB *IfCb; - EFI_IPv4_ADDRESS Gateway; - UINT32Index; + LIST_ENTRY *Entry; + LIST_ENTRY *Next; + IFCONFIG_INTERFACE_CB*IfCb; + BOOLEAN MediaPresent; + EFI_IPv4_ADDRESS Gateway; + UINT32Index; + + MediaPresent = TRUE; if (IsListEmpty (IfList)) { ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INVALID_INTERFACE), gShellNetwork1HiiHandle); } @@ -618,10 +679,24 @@ IfConfigShowInterfaceInfo ( // Print interface name. // ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_IF_NAME), gShellNetwork1HiiHandle, IfCb-IfInfo-Name); // +// Get media state. +// +IfConfigGetNicMediaStatus (IfCb-NicHandle, MediaPresent); + +// +// Print media state. +// +if (!MediaPresent) { + ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_MEDIA_STATE), gShellNetwork1HiiHandle, LMedia disconnected); +} else { + ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_MEDIA_STATE), gShellNetwork1HiiHandle, LMedia present); +} + +// // Print interface config policy. // if (IfCb-Policy == Ip4Config2PolicyDhcp) { ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_POLICY_DHCP), gShellNetwork1HiiHandle); } else { diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/UefiShellNetwork1CommandsLib.uni b/ShellPkg/Library/UefiShellNetwork1CommandsLib/UefiShellNetwork1CommandsLib.uni index 7cc7b7d672246a62ef97a8b002a780003d3da330..43259591820582cc38937ad680739fcff21b96c5 100644 GIT binary patch delta 66 zcmZ3tnDN;X#toCSgnb!Y8C)1V85|kn8G;!?fON@hnk|30}QmpJs5l$QW;VhG8qyX S6o9fNK)Qqb+fZpwmJY$n-Ez5 delta 14 WcmaF1gmK+s#toCSHhXEyr~?2pOQ_= -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] NetworkPkg: Fix IpSec run into infinite loop issue
When use -e to edit SPD database, the corresponding SA entry will be updated to the sas list of the new SPD entry. But before that, all of them should be removed from the original sas list. If not, the list will be broken into infinite loop. Cc: Ye Ting ting...@intel.com Cc: Fu Siyuan siyuan...@intel.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- NetworkPkg/IpSecDxe/IpSecConfigImpl.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/NetworkPkg/IpSecDxe/IpSecConfigImpl.c b/NetworkPkg/IpSecDxe/IpSecConfigImpl.c index 6eabfe4..c58b966 100644 --- a/NetworkPkg/IpSecDxe/IpSecConfigImpl.c +++ b/NetworkPkg/IpSecDxe/IpSecConfigImpl.c @@ -1197,10 +1197,13 @@ SetSpdEntry ( if (CompareSaId ( (EFI_IPSEC_CONFIG_SELECTOR *) SpdData-SaId[Index], (EFI_IPSEC_CONFIG_SELECTOR *) SadEntry-Id )) { +if (!IsListEmpty (SadEntry-BySpd)) { + RemoveEntryList (SadEntry-BySpd); +} InsertTailList (SpdEntry-Data-Sas, SadEntry-BySpd); SadEntry-Data-SpdEntry = SpdEntry; DuplicateSpdSelector ( (EFI_IPSEC_CONFIG_SELECTOR *)SadEntry-Data-SpdSelector, (EFI_IPSEC_CONFIG_SELECTOR *)SpdEntry-Selector, -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [PATCH v2] NetworkPkg: Update HttpDxe to consume EFI_HTTP_UTILITIES_PROTOCOL
v2: * Register a notification function to be executed for Http utilities protocol in the drivers entry points. Since we add EFI_HTTP_UTILITIES_PROTOCOL support, HttpDxe driver should be updated to remove internal http utilities functions and consume this protocol directly. Cc: Ye Ting ting...@intel.com Cc: Siyuan Fu siyuan...@intel.com Cc: Samer El-Haj-Mahmoud el...@hp.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- NetworkPkg/HttpDxe/HttpDriver.c| 54 +++- NetworkPkg/HttpDxe/HttpDriver.h| 4 +- NetworkPkg/HttpDxe/HttpDxe.inf | 3 +- NetworkPkg/HttpDxe/HttpImpl.c | 20 +- NetworkPkg/HttpDxe/HttpProto.c | 30 +- NetworkPkg/HttpDxe/HttpUtilities.c | 622 - NetworkPkg/HttpDxe/HttpUtilities.h | 82 - 7 files changed, 94 insertions(+), 721 deletions(-) delete mode 100644 NetworkPkg/HttpDxe/HttpUtilities.c delete mode 100644 NetworkPkg/HttpDxe/HttpUtilities.h diff --git a/NetworkPkg/HttpDxe/HttpDriver.c b/NetworkPkg/HttpDxe/HttpDriver.c index 43f42e2..bd1d04e 100644 --- a/NetworkPkg/HttpDxe/HttpDriver.c +++ b/NetworkPkg/HttpDxe/HttpDriver.c @@ -13,10 +13,12 @@ **/ #include HttpDriver.h +EFI_HTTP_UTILITIES_PROTOCOL *mHttpUtilities = NULL; + /// /// Driver Binding Protocol instance /// EFI_DRIVER_BINDING_PROTOCOL gHttpDxeDriverBinding = { HttpDxeDriverBindingSupported, @@ -99,10 +101,39 @@ HttpCleanService ( ); } } /** + The event process routine when the http utilities protocol is installed + in the system. + + @param[in] Event Not used. + @param[in] Context The pointer to the IP4 config2 instance data. + +**/ +VOID +EFIAPI +HttpUtilitiesInstalledCallback ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + gBS-LocateProtocol ( + gEfiHttpUtilitiesProtocolGuid, + NULL, + (VOID **) mHttpUtilities + ); + + // + // Close the event if Http utilities protocol is loacted. + // + if (mHttpUtilities != NULL Event != NULL) { + gBS-CloseEvent (Event); + } +} + +/** This is the declaration of an EFI image entry point. This entry point is the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers including both device drivers and bus drivers. @param ImageHandle The firmware allocated handle for the UEFI image. @@ -116,11 +147,32 @@ EFI_STATUS EFIAPI HttpDxeDriverEntryPoint ( IN EFI_HANDLEImageHandle, IN EFI_SYSTEM_TABLE *SystemTable ) -{ +{ + VOID *Registration; + + gBS-LocateProtocol ( + gEfiHttpUtilitiesProtocolGuid, + NULL, + (VOID **) mHttpUtilities + ); + + if (mHttpUtilities == NULL) { +// +// No Http utilities protocol, register a notify. +// +EfiCreateProtocolNotifyEvent ( + gEfiHttpUtilitiesProtocolGuid, + TPL_CALLBACK, + HttpUtilitiesInstalledCallback, + NULL, + Registration + ); + } + // // Install UEFI Driver Model protocol(s). // return EfiLibInstallDriverBindingComponentName2 ( ImageHandle, diff --git a/NetworkPkg/HttpDxe/HttpDriver.h b/NetworkPkg/HttpDxe/HttpDriver.h index 5bad705..d95b05b 100644 --- a/NetworkPkg/HttpDxe/HttpDriver.h +++ b/NetworkPkg/HttpDxe/HttpDriver.h @@ -39,10 +39,11 @@ #include Protocol/ComponentName.h // // Consumed Protocols // +#include Protocol/HttpUtilities.h #include Protocol/Tcp4.h #include Protocol/Dns4.h #include Protocol/Ip4Config2.h // @@ -60,18 +61,19 @@ // extern EFI_DRIVER_BINDING_PROTOCOL gHttpDxeDriverBinding; extern EFI_COMPONENT_NAME2_PROTOCOL gHttpDxeComponentName2; extern EFI_COMPONENT_NAME_PROTOCOL gHttpDxeComponentName; +extern EFI_HTTP_UTILITIES_PROTOCOL *mHttpUtilities; + // // Include files with function prototypes // #include ComponentName.h #include HttpImpl.h #include HttpProto.h #include HttpDns.h -#include HttpUtilities.h typedef struct { EFI_SERVICE_BINDING_PROTOCOL *ServiceBinding; UINTN NumberOfChildren; EFI_HANDLE*ChildHandleBuffer; diff --git a/NetworkPkg/HttpDxe/HttpDxe.inf b/NetworkPkg/HttpDxe/HttpDxe.inf index 4632934..d9652b3 100644 --- a/NetworkPkg/HttpDxe/HttpDxe.inf +++ b/NetworkPkg/HttpDxe/HttpDxe.inf @@ -36,12 +36,10 @@ HttpDriver.c HttpImpl.h HttpImpl.c HttpProto.h HttpProto.c - HttpUtilities.h - HttpUtilities.c [LibraryClasses] UefiDriverEntryPoint UefiBootServicesTableLib MemoryAllocationLib @@ -52,10 +50,11 @@ HttpLib [Protocols] gEfiHttpServiceBindingProtocolGuid ## BY_START gEfiHttpProtocolGuid ## BY_START + gEfiHttpUtilitiesProtocolGuid## TO_START gEfiTcp4ServiceBindingProtocolGuid ## TO_START gEfiTcp4ProtocolGuid ## TO_START gEfiDns4ServiceBindingProtocolGuid
[edk2] [Patch 0/3] Add header file and driver module for HTTP utilities
Those patches are used to add header file and driver module for HTTP utilities Jiaxin Wu (3): MdePkg: Add header files for HTTP utilities protocol. NetworkPkg: Add HTTP utilities driver. Nt32Pkg: Add HttpUtilitiesDxe module. MdePkg/Include/Protocol/HttpUtilities.h| 124 +++ MdePkg/MdePkg.dec | 3 + NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.c | 126 +++ NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.h | 212 +++ NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf | 51 +++ NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesImpl.c| 279 +++ .../HttpUtilitiesDxe/HttpUtilitiesProtocol.c | 393 + NetworkPkg/NetworkPkg.dsc | 2 + Nt32Pkg/Nt32Pkg.dsc| 1 + Nt32Pkg/Nt32Pkg.fdf| 1 + 10 files changed, 1192 insertions(+) create mode 100644 MdePkg/Include/Protocol/HttpUtilities.h create mode 100644 NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.c create mode 100644 NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.h create mode 100644 NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf create mode 100644 NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesImpl.c create mode 100644 NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesProtocol.c -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] NetworkPkg: Update the NetworkPkg package version
This patch is used to update the NetworkPkg package version. Cc: Fu Siyuan siyuan...@intel.com Cc: Ye Ting ting...@intel.com Cc: Chao Zhangchao.b.zh...@intel.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- NetworkPkg/NetworkPkg.dec | 2 +- NetworkPkg/NetworkPkg.dsc | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/NetworkPkg/NetworkPkg.dec b/NetworkPkg/NetworkPkg.dec index e7f86bd..de5dabe 100644 --- a/NetworkPkg/NetworkPkg.dec +++ b/NetworkPkg/NetworkPkg.dec @@ -18,11 +18,11 @@ [Defines] DEC_SPECIFICATION = 0x00010005 PACKAGE_NAME = NetworkPkg PACKAGE_GUID = 947988BE-8D5C-471a-893D-AD181C46BEBB - PACKAGE_VERSION= 0.95 + PACKAGE_VERSION= 0.96 PACKAGE_UNI_FILE = NetworkPkg.uni [Includes] Include diff --git a/NetworkPkg/NetworkPkg.dsc b/NetworkPkg/NetworkPkg.dsc index 1d7fd85..0fa91f5 100644 --- a/NetworkPkg/NetworkPkg.dsc +++ b/NetworkPkg/NetworkPkg.dsc @@ -1,10 +1,10 @@ ## @file # UEFI 2.4 Network Module Package for All Architectures # # (C) Copyright 2014 Hewlett-Packard Development Company, L.P.BR -# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.BR +# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.BR # #This program and the accompanying materials #are licensed and made available under the terms and conditions of the BSD License #which accompanies this distribution. The full text of the license may be found at #http://opensource.org/licenses/bsd-license.php @@ -15,11 +15,11 @@ ## [Defines] PLATFORM_NAME = NetworkPkg PLATFORM_GUID = 3FD34E9B-E90C-44e1-B510-1F632A509F10 - PLATFORM_VERSION = 0.95 + PLATFORM_VERSION = 0.96 DSC_SPECIFICATION = 0x00010005 OUTPUT_DIRECTORY = Build/NetworkPkg SUPPORTED_ARCHITECTURES= IA32|IPF|X64|EBC|ARM|AARCH64 BUILD_TARGETS = DEBUG|RELEASE SKUID_IDENTIFIER = DEFAULT -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] ShellPkg: Fix 'ifconfig' getting the address from dhcp error
R18201 fix caused ifconfig in shell failed to get the address from dhcp with the command ifconfig -s eth0 dhcp since the default policy is dhcp already. We can fix it by following the rule to starting the Ip4 auto configuration. Cc: Ye Ting ting...@intel.com Cc: Zhang Lubo lubo.zh...@intel.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- .../UefiShellNetwork1CommandsLib/Ifconfig.c| 115 ++--- 1 file changed, 100 insertions(+), 15 deletions(-) diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c index df19a9f..273f1a8 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c @@ -273,10 +273,89 @@ IfConfigManualAddressNotify ( *((BOOLEAN *) Context) = TRUE; } /** + Create an IP child, use it to start the auto configuration, then destroy it. + + @param[in] Controller The controller which has the service installed. + @param[in] ImageThe image handle used to open service. + + @retval EFI_SUCCESS The configuration is done. +**/ +EFI_STATUS +EFIAPI +IfConfigStartIp4( + IN EFI_HANDLEController, + IN EFI_HANDLEImage + ) +{ + EFI_IP4_PROTOCOL *Ip4; + EFI_HANDLEIp4Handle; + EFI_IP4_CONFIG_DATA Ip4ConfigData; + EFI_STATUSStatus; + + // + // Get the Ip4ServiceBinding Protocol + // + Ip4Handle = NULL; + Ip4 = NULL; + + Status = NetLibCreateServiceChild ( + Controller, + Image, + gEfiIp4ServiceBindingProtocolGuid, + Ip4Handle + ); + + if (EFI_ERROR (Status)) { +return Status; + } + + Status = gBS-OpenProtocol ( + Ip4Handle, + gEfiIp4ProtocolGuid, + (VOID **) Ip4, + Controller, + Image, + EFI_OPEN_PROTOCOL_GET_PROTOCOL + ); + + if (EFI_ERROR (Status)) { +goto ON_EXIT; + } + + Ip4ConfigData.DefaultProtocol = EFI_IP_PROTO_ICMP; + Ip4ConfigData.AcceptAnyProtocol= FALSE; + Ip4ConfigData.AcceptIcmpErrors = FALSE; + Ip4ConfigData.AcceptBroadcast = FALSE; + Ip4ConfigData.AcceptPromiscuous= FALSE; + Ip4ConfigData.UseDefaultAddress= TRUE; + ZeroMem (Ip4ConfigData.StationAddress, sizeof (EFI_IPv4_ADDRESS)); + ZeroMem (Ip4ConfigData.SubnetMask, sizeof (EFI_IPv4_ADDRESS)); + Ip4ConfigData.TypeOfService= 0; + Ip4ConfigData.TimeToLive = 1; + Ip4ConfigData.DoNotFragment= FALSE; + Ip4ConfigData.RawData = FALSE; + Ip4ConfigData.ReceiveTimeout = 0; + Ip4ConfigData.TransmitTimeout = 0; + + Ip4-Configure (Ip4, Ip4ConfigData); + +ON_EXIT: + NetLibDestroyServiceChild ( +Controller, +Image, +gEfiIp4ServiceBindingProtocolGuid, +Ip4Handle +); + + return Status; +} + + +/** Print MAC address. @param[in]NodeThe pointer of MAC address buffer. @param[in]SizeThe size of MAC address buffer. @@ -872,25 +951,31 @@ IfConfigSetInterfaceInfo ( // // Process valid variables. // if (StrCmp(VarArg-Arg, Ldhcp) == 0) { - // - // Set dhcp config policy - // - Policy = Ip4Config2PolicyDhcp; - Status = IfCb-IfCfg-SetData ( - IfCb-IfCfg, - Ip4Config2DataTypePolicy, - sizeof (EFI_IP4_CONFIG2_POLICY), - Policy - ); - - if (EFI_ERROR(Status)) { -goto ON_EXIT; + if (IfCb-Policy == Ip4Config2PolicyDhcp) { +Status = IfConfigStartIp4 (IfCb-NicHandle, gImageHandle); +if (EFI_ERROR(Status)) { + goto ON_EXIT; +} + } else { +// +// Set dhcp config policy +// +Policy = Ip4Config2PolicyDhcp; +Status = IfCb-IfCfg-SetData ( +IfCb-IfCfg, +Ip4Config2DataTypePolicy, +sizeof (EFI_IP4_CONFIG2_POLICY), +Policy +); +if (EFI_ERROR(Status)) { + goto ON_EXIT; +} } - + VarArg= VarArg-Next; } else if (StrCmp (VarArg-Arg, Lstatic) == 0) { // // Set manual config policy. @@ -1036,11 +1121,11 @@ IfConfigSetInterfaceInfo ( ON_EXIT: if (Dns != NULL) { FreePool (Dns); } - return EFI_SUCCESS; + return Status; } /** The ifconfig command main process. -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo
[edk2] [Patch] NetworkPkg: Fix DHCP TransmitReceive EFI_NO_MAPPING return in DnsDxe
If the default station address is not available, TransmitReceive function will return EFI_NO_MAPPING. DNS driver should handle this case. This issue is caused by the r18201 fix. Cc: Ye Ting ting...@intel.com Cc: Zhang Lubo lubo.zh...@intel.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- NetworkPkg/DnsDxe/DnsDhcp.c | 151 +++ NetworkPkg/DnsDxe/DnsDxe.inf | 2 + 2 files changed, 153 insertions(+) diff --git a/NetworkPkg/DnsDxe/DnsDhcp.c b/NetworkPkg/DnsDxe/DnsDhcp.c index 1cc337f..9d1000b 100644 --- a/NetworkPkg/DnsDxe/DnsDhcp.c +++ b/NetworkPkg/DnsDxe/DnsDhcp.c @@ -13,10 +13,151 @@ Intel Corporation. **/ #include DnsImpl.h /** + The callback function for the timer event used to get map. + + @param[in] EventThe event this function is registered to. + @param[in] Context The context registered to the event. +**/ +VOID +EFIAPI +TimeoutToGetMap ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + *((BOOLEAN *) Context) = TRUE; + return ; +} + +/** + Create an IP child, use it to start the auto configuration, then destroy it. + + @param[in] Controller The controller which has the service installed. + @param[in] ImageThe image handle used to open service. + + @retval EFI_SUCCESS The configuration is done. +**/ +EFI_STATUS +EFIAPI +DnsStartIp4( + IN EFI_HANDLEController, + IN EFI_HANDLEImage + ) +{ + EFI_IP4_PROTOCOL *Ip4; + EFI_HANDLEIp4Handle; + EFI_EVENT TimerToGetMap; + EFI_IP4_CONFIG_DATA Ip4ConfigData; + EFI_IP4_MODE_DATA Ip4Mode; + EFI_STATUSStatus; + + BOOLEAN mTimeout; + + // + // Get the Ip4ServiceBinding Protocol + // + Ip4Handle = NULL; + Ip4 = NULL; + TimerToGetMap = NULL; + + mTimeout = FALSE; + + Status = NetLibCreateServiceChild ( + Controller, + Image, + gEfiIp4ServiceBindingProtocolGuid, + Ip4Handle + ); + + if (EFI_ERROR (Status)) { +return Status; + } + + Status = gBS-OpenProtocol ( + Ip4Handle, + gEfiIp4ProtocolGuid, + (VOID **) Ip4, + Controller, + Image, + EFI_OPEN_PROTOCOL_GET_PROTOCOL + ); + + if (EFI_ERROR (Status)) { +goto ON_EXIT; + } + + Ip4ConfigData.DefaultProtocol = EFI_IP_PROTO_ICMP; + Ip4ConfigData.AcceptAnyProtocol= FALSE; + Ip4ConfigData.AcceptIcmpErrors = FALSE; + Ip4ConfigData.AcceptBroadcast = FALSE; + Ip4ConfigData.AcceptPromiscuous= FALSE; + Ip4ConfigData.UseDefaultAddress= TRUE; + ZeroMem (Ip4ConfigData.StationAddress, sizeof (EFI_IPv4_ADDRESS)); + ZeroMem (Ip4ConfigData.SubnetMask, sizeof (EFI_IPv4_ADDRESS)); + Ip4ConfigData.TypeOfService= 0; + Ip4ConfigData.TimeToLive = 1; + Ip4ConfigData.DoNotFragment= FALSE; + Ip4ConfigData.RawData = FALSE; + Ip4ConfigData.ReceiveTimeout = 0; + Ip4ConfigData.TransmitTimeout = 0; + + Status = Ip4-Configure (Ip4, Ip4ConfigData); + + if (Status == EFI_NO_MAPPING) { +Status = gBS-CreateEvent ( +EVT_NOTIFY_SIGNAL | EVT_TIMER, +TPL_CALLBACK, +TimeoutToGetMap, +mTimeout, +TimerToGetMap +); + +if (EFI_ERROR (Status)) { + goto ON_EXIT; +} + +Status = gBS-SetTimer ( + TimerToGetMap, + TimerRelative, + MultU64x32 (1000, 5) + ); + +if (EFI_ERROR (Status)) { + goto ON_EXIT; +} + +while (!mTimeout) { + Ip4-Poll (Ip4); + + if (!EFI_ERROR (Ip4-GetModeData (Ip4, Ip4Mode, NULL, NULL)) + Ip4Mode.IsConfigured) { +break; + } +} + } + +ON_EXIT: + + if (TimerToGetMap != NULL) { +gBS-SetTimer (TimerToGetMap, TimerCancel, 0); +gBS-CloseEvent (TimerToGetMap); + } + + NetLibDestroyServiceChild ( +Controller, +Image, +gEfiIp4ServiceBindingProtocolGuid, +Ip4Handle +); + + return Status; +} + +/** This function initialize the DHCP4 message instance. This function will pad each item of dhcp4 message packet. @param Seed Pointer to the message instance of the DHCP4 packet. @@ -321,10 +462,20 @@ GetDns4ServerFromDhcp4 ( if (!MediaPresent) { return EFI_NO_MEDIA; } // + // Start the auto configuration if UseDefaultSetting. + // + if (Instance-Dns4CfgData.UseDefaultSetting) { +Status = DnsStartIp4 (Controller, Image); +if (EFI_ERROR(Status)) { + return Status; +} + } + + // // Create a Mnp child instance
[edk2] [PATCH v2] NetworkPkg: Fix DHCP TransmitReceive EFI_NO_MAPPING return in DnsDxe
v2: * Add Timeout check, if time out, return EFI_DEVICE_ERROR. If the default station address is not available, TransmitReceive function will return EFI_NO_MAPPING. DNS driver should handle this case. This issue is caused by the r18201 fix. Cc: Ye Ting ting...@intel.com Cc: Zhang Lubo lubo.zh...@intel.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- NetworkPkg/DnsDxe/DnsDhcp.c | 155 +++ NetworkPkg/DnsDxe/DnsDxe.inf | 2 + 2 files changed, 157 insertions(+) diff --git a/NetworkPkg/DnsDxe/DnsDhcp.c b/NetworkPkg/DnsDxe/DnsDhcp.c index 1cc337f..d0a0888 100644 --- a/NetworkPkg/DnsDxe/DnsDhcp.c +++ b/NetworkPkg/DnsDxe/DnsDhcp.c @@ -13,10 +13,155 @@ Intel Corporation. **/ #include DnsImpl.h /** + The callback function for the timer event used to get map. + + @param[in] EventThe event this function is registered to. + @param[in] Context The context registered to the event. +**/ +VOID +EFIAPI +TimeoutToGetMap ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + *((BOOLEAN *) Context) = TRUE; + return ; +} + +/** + Create an IP child, use it to start the auto configuration, then destroy it. + + @param[in] Controller The controller which has the service installed. + @param[in] ImageThe image handle used to open service. + + @retval EFI_SUCCESS The configuration is done. +**/ +EFI_STATUS +EFIAPI +DnsStartIp4( + IN EFI_HANDLEController, + IN EFI_HANDLEImage + ) +{ + EFI_IP4_PROTOCOL *Ip4; + EFI_HANDLEIp4Handle; + EFI_EVENT TimerToGetMap; + EFI_IP4_CONFIG_DATA Ip4ConfigData; + EFI_IP4_MODE_DATA Ip4Mode; + EFI_STATUSStatus; + + BOOLEAN Timeout; + + // + // Get the Ip4ServiceBinding Protocol + // + Ip4Handle = NULL; + Ip4 = NULL; + TimerToGetMap = NULL; + + Timeout = FALSE; + + Status = NetLibCreateServiceChild ( + Controller, + Image, + gEfiIp4ServiceBindingProtocolGuid, + Ip4Handle + ); + + if (EFI_ERROR (Status)) { +return Status; + } + + Status = gBS-OpenProtocol ( + Ip4Handle, + gEfiIp4ProtocolGuid, + (VOID **) Ip4, + Controller, + Image, + EFI_OPEN_PROTOCOL_GET_PROTOCOL + ); + + if (EFI_ERROR (Status)) { +goto ON_EXIT; + } + + Ip4ConfigData.DefaultProtocol = EFI_IP_PROTO_ICMP; + Ip4ConfigData.AcceptAnyProtocol= FALSE; + Ip4ConfigData.AcceptIcmpErrors = FALSE; + Ip4ConfigData.AcceptBroadcast = FALSE; + Ip4ConfigData.AcceptPromiscuous= FALSE; + Ip4ConfigData.UseDefaultAddress= TRUE; + ZeroMem (Ip4ConfigData.StationAddress, sizeof (EFI_IPv4_ADDRESS)); + ZeroMem (Ip4ConfigData.SubnetMask, sizeof (EFI_IPv4_ADDRESS)); + Ip4ConfigData.TypeOfService= 0; + Ip4ConfigData.TimeToLive = 1; + Ip4ConfigData.DoNotFragment= FALSE; + Ip4ConfigData.RawData = FALSE; + Ip4ConfigData.ReceiveTimeout = 0; + Ip4ConfigData.TransmitTimeout = 0; + + Status = Ip4-Configure (Ip4, Ip4ConfigData); + + if (Status == EFI_NO_MAPPING) { +Status = gBS-CreateEvent ( +EVT_NOTIFY_SIGNAL | EVT_TIMER, +TPL_CALLBACK, +TimeoutToGetMap, +Timeout, +TimerToGetMap +); + +if (EFI_ERROR (Status)) { + goto ON_EXIT; +} + +Status = gBS-SetTimer ( + TimerToGetMap, + TimerRelative, + MultU64x32 (1000, 5) + ); + +if (EFI_ERROR (Status)) { + goto ON_EXIT; +} + +while (!Timeout) { + Ip4-Poll (Ip4); + + if (!EFI_ERROR (Ip4-GetModeData (Ip4, Ip4Mode, NULL, NULL)) + Ip4Mode.IsConfigured) { +break; + } +} + +if (Timeout) { + Status = EFI_DEVICE_ERROR; +} + } + +ON_EXIT: + + if (TimerToGetMap != NULL) { +gBS-SetTimer (TimerToGetMap, TimerCancel, 0); +gBS-CloseEvent (TimerToGetMap); + } + + NetLibDestroyServiceChild ( +Controller, +Image, +gEfiIp4ServiceBindingProtocolGuid, +Ip4Handle +); + + return Status; +} + +/** This function initialize the DHCP4 message instance. This function will pad each item of dhcp4 message packet. @param Seed Pointer to the message instance of the DHCP4 packet. @@ -321,10 +466,20 @@ GetDns4ServerFromDhcp4 ( if (!MediaPresent) { return EFI_NO_MEDIA; } // + // Start the auto configuration if UseDefaultSetting. + // + if (Instance-Dns4CfgData.UseDefaultSetting) { +Status = DnsStartIp4 (Controller
[edk2] [PATCH v2] MdeModulePkg: IP4 should re-initiate a DHCP while network reconnection
v2: * Update the MediaPresent detect declaring. IP4 driver should re-initiate a DHCP if it detects that there is a network reconnection. To fix this issue, we can implement the DHCP re-initiate policy while the media change detected. The Ip4 driver should set a timer to signal the Ip4 to run the DHCP configuration again(D.O.R.A). IP4 driver should free old IP address related resource, then initiate a DHCP process to acquire new IP. Cc: Ye Ting ting...@intel.com Cc: Zhang Lubo lubo.zh...@intel.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- .../Universal/Network/Ip4Dxe/Ip4Config2Impl.c | 1 + MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c | 10 ++ MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c| 121 - MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.h| 7 ++ 4 files changed, 133 insertions(+), 6 deletions(-) diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c index fcb2bdd..caf84fb 100644 --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c @@ -490,10 +490,11 @@ Ip4Config2SetDefaultAddr ( IpSb = IP4_SERVICE_FROM_IP4_CONFIG2_INSTANCE (Instance); IpIf = IpSb-DefaultInterface; ASSERT (IpIf != NULL); if ((IpIf-Ip == StationAddress) (IpIf-SubnetMask == SubnetMask)) { +IpSb-State = IP4_SERVICE_CONFIGED; return EFI_SUCCESS; } // // The default address is changed, free the previous interface first. diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c index 101390c..4d3ccec 100644 --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c @@ -208,10 +208,14 @@ Ip4CreateService ( ZeroMem (IpSb-SnpMode, sizeof (EFI_SIMPLE_NETWORK_MODE)); IpSb-Timer = NULL; + IpSb-ReconfigEvent = NULL; + + IpSb-MediaPresent = TRUE; + // // Create various resources. First create the route table, timer // event and MNP child. IGMP, interface's initialization depend // on the MNP child. // @@ -384,10 +388,16 @@ Ip4CleanService ( gBS-CloseEvent (IpSb-Timer); IpSb-Timer = NULL; } + if (IpSb-ReconfigEvent != NULL) { +gBS-CloseEvent (IpSb-ReconfigEvent); + +IpSb-ReconfigEvent = NULL; + } + if (IpSb-MacString != NULL) { FreePool (IpSb-MacString); } Ip4Config2CleanInstance (IpSb-Ip4Config2Instance); diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c index 2fb4f4c..ac8fb1a 100644 --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c @@ -561,10 +561,58 @@ Ip4InitProtocol ( EfiInitializeLock (IpInstance-RecycleLock, TPL_NOTIFY); } +/** + The event handle for IP4 auto reconfiguration. The original default + interface and route table will be removed as the default. + + @param[in] ContextThe IP4 service binding instance. + +**/ +VOID +EFIAPI +Ip4AutoReconfigCallBackDpc ( + IN VOID *Context + ) +{ + IP4_SERVICE *IpSb; + + IpSb = (IP4_SERVICE *) Context; + NET_CHECK_SIGNATURE (IpSb, IP4_SERVICE_SIGNATURE); + + if (IpSb-State IP4_SERVICE_UNSTARTED) { +IpSb-State = IP4_SERVICE_UNSTARTED; + } + + Ip4StartAutoConfig (IpSb-Ip4Config2Instance); + + return ; +} + + +/** + Request Ip4AutoReconfigCallBackDpc as a DPC at TPL_CALLBACK. + + @param Event The event that is signalled. + @param Context The IP4 service binding instance. + +**/ +VOID +EFIAPI +Ip4AutoReconfigCallBack ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + // + // Request Ip4AutoReconfigCallBackDpc as a DPC at TPL_CALLBACK + // + QueueDpc (TPL_CALLBACK, Ip4AutoReconfigCallBackDpc, Context); +} + /** Configure the IP4 child. If the child is already configured, change the configuration parameter. Otherwise configure it for the first time. The caller should validate the configuration @@ -676,14 +724,31 @@ Ip4ConfigProtocol ( // // Use the default address. If the default configuration hasn't // been started, start it. // if (IpSb-State == IP4_SERVICE_UNSTARTED) { + // + // Create the ReconfigEvent to start the new configuration. + // + if (IpSb-ReconfigEvent == NULL) { +Status = gBS-CreateEvent ( +EVT_NOTIFY_SIGNAL, +TPL_NOTIFY, +Ip4AutoReconfigCallBack, +IpSb, +IpSb-ReconfigEvent +); + +if (EFI_ERROR (Status)) { + goto ON_ERROR; +} + } + Status = Ip4StartAutoConfig (IpSb-Ip4Config2Instance); if (EFI_ERROR (Status)) { -goto
[edk2] [Patch] NetworkPkg: Stop and release DHCP4 child after boot info is ready
HttpBootDxe need to stop and release the DHCP4 child when it's not used so the NBP could create new DHCP4 child and use it. Cc: Ye Ting ting...@intel.com Cc: Zhang Lubo lubo.zh...@intel.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- NetworkPkg/HttpBootDxe/HttpBootImpl.c | 12 1 file changed, 12 insertions(+) diff --git a/NetworkPkg/HttpBootDxe/HttpBootImpl.c b/NetworkPkg/HttpBootDxe/HttpBootImpl.c index 711cc3c..920761e 100644 --- a/NetworkPkg/HttpBootDxe/HttpBootImpl.c +++ b/NetworkPkg/HttpBootDxe/HttpBootImpl.c @@ -242,10 +242,16 @@ HttpBootStop ( Private-BootFileSize = 0; Private-SelectIndex = 0; Private-SelectProxyType = HttpOfferTypeMax; if (!Private-UsingIpv6) { +// +// Stop and release the DHCP4 child. +// +Private-Dhcp4-Stop (Private-Dhcp4); +Private-Dhcp4-Configure (Private-Dhcp4, NULL); + for (Index = 0; Index HTTP_BOOT_OFFER_MAX_NUM; Index++) { if (Private-OfferBuffer[Index].Dhcp4.UriParser) { HttpUrlFreeParser (Private-OfferBuffer[Index].Dhcp4.UriParser); } } @@ -336,10 +342,16 @@ HttpBootDxeLoadFile ( Status = HttpBootLoadFile (Private, BufferSize, Buffer); } if (Status != EFI_SUCCESS Status != EFI_BUFFER_TOO_SMALL) { HttpBootStop (Private); + } else { +// +// Stop and release the DHCP4 child. +// +Private-Dhcp4-Stop (Private-Dhcp4); +Private-Dhcp4-Configure (Private-Dhcp4, NULL); } return Status; } -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] MdeModulePkg: Fix issue about Ip4Dxe implementation for DHCP DORA process
DHCP policy is applied as default at boot time on all NICs in the system, which results in all NIC ports attempting DHCP and trying to acquire IP addresses during boot. Ip4 driver should only set dhcp as default policy, and not trigger DORA at driver binding start(). We should start DORA until one IP child is configured to use default address. Cc: Fu Siyuan siyuan...@intel.com Cc: Ye Ting ting...@intel.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- .../Universal/Network/Ip4Dxe/Ip4Config2Impl.c | 21 + .../Universal/Network/Ip4Dxe/Ip4Config2Impl.h | 16 MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c | 7 +-- 3 files changed, 22 insertions(+), 22 deletions(-) diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c index 2da4a51..fcb2bdd 100644 --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c @@ -83,26 +83,10 @@ Ip4Config2DestroyDhcp4 ( return Status; } /** - Start the DHCP configuration for this IP service instance. - It will locates the EFI_IP4_CONFIG2_PROTOCOL, then start the - DHCP configuration. - - @param[in] Instance The IP4 config2 instance to configure. - - @retval EFI_SUCCESSThe auto configuration is successfull started. - @retval Others Failed to start auto configuration. - -**/ -EFI_STATUS -Ip4StartAutoConfig ( - IN IP4_CONFIG2_INSTANCE *Instance - ); - -/** Update the current policy to NewPolicy. During the transition period, the default router list and address list in all interfaces will be released. @param[in] IpSb The IP4 service binding instance. @@ -990,14 +974,11 @@ Ip4Config2SetPolicy ( if (NewPolicy = Ip4Config2PolicyMax) { return EFI_INVALID_PARAMETER; } if (NewPolicy == Instance-Policy) { -if (NewPolicy != Ip4Config2PolicyDhcp || Instance-DhcpSuccess) { - return EFI_ABORTED; -} - + return EFI_ABORTED; } else { if (NewPolicy == Ip4Config2PolicyDhcp) { // // The policy is changed from static to dhcp: // Clean the ManualAddress, Gateway and DnsServers, shrink the variable diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.h b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.h index 26e16a2..e74b9ae 100644 --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.h +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.h @@ -209,10 +209,26 @@ typedef struct { UINT8 Route; } IP4_CONFIG2_DHCP4_OPTION; #pragma pack() /** + Start the DHCP configuration for this IP service instance. + It will locates the EFI_IP4_CONFIG2_PROTOCOL, then start the + DHCP configuration. + + @param[in] Instance The IP4 config2 instance to configure. + + @retval EFI_SUCCESSThe auto configuration is successfull started. + @retval Others Failed to start auto configuration. + +**/ +EFI_STATUS +Ip4StartAutoConfig ( + IN IP4_CONFIG2_INSTANCE *Instance + ); + +/** Initialize an IP4_CONFIG2_INSTANCE. @param[out]Instance The buffer of IP4_CONFIG2_INSTANCE to be initialized. @retval EFI_OUT_OF_RESOURCES Failed to allocate resources to complete the operation. diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c index b0f597f..2fb4f4c 100644 --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c @@ -676,12 +676,15 @@ Ip4ConfigProtocol ( // // Use the default address. If the default configuration hasn't // been started, start it. // if (IpSb-State == IP4_SERVICE_UNSTARTED) { - Status = EFI_NO_MAPPING; - goto ON_ERROR; + Status = Ip4StartAutoConfig (IpSb-Ip4Config2Instance); + + if (EFI_ERROR (Status)) { +goto ON_ERROR; + } } IpIf = IpSb-DefaultInterface; NET_GET_REF (IpSb-DefaultInterface); -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] ShellPkg: Fix issue about ping fail with IPv4
Fix issue about ping fail with IPv4, which is caused by the incorrect checksum in request message. Cc: Fu Siyuan siyuan...@intel.com Cc: Ye Ting ting...@intel.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c index 643be23..cc3c0c3 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c @@ -596,19 +596,19 @@ PingGenerateToken ( // // Assembly echo request packet. // Request-Type= (UINT8)(Private-IpChoice==PING_IP_CHOICE_IP6?ICMP_V6_ECHO_REQUEST:ICMP_V4_ECHO_REQUEST); Request-Code= 0; - Request-SequenceNum = SequenceNum; - Request-TimeStamp = TimeStamp; + Request-SequenceNum = SequenceNum; Request-Identifier = 0; Request-Checksum= 0; // // Assembly token for transmit. // if (Private-IpChoice==PING_IP_CHOICE_IP6) { +Request-TimeStamp = TimeStamp; ((EFI_IP6_TRANSMIT_DATA*)TxData)-ExtHdrsLength = 0; ((EFI_IP6_TRANSMIT_DATA*)TxData)-ExtHdrs = NULL; ((EFI_IP6_TRANSMIT_DATA*)TxData)-OverrideData= 0; ((EFI_IP6_TRANSMIT_DATA*)TxData)-DataLength = Private-BufferSize; ((EFI_IP6_TRANSMIT_DATA*)TxData)-FragmentCount = 1; @@ -626,10 +626,11 @@ PingGenerateToken ( ((EFI_IP4_TRANSMIT_DATA*)TxData)-DestinationAddress.Addr[1] = Private-DstAddress[1]; ((EFI_IP4_TRANSMIT_DATA*)TxData)-DestinationAddress.Addr[2] = Private-DstAddress[2]; ((EFI_IP4_TRANSMIT_DATA*)TxData)-DestinationAddress.Addr[3] = Private-DstAddress[3]; HeadSum = NetChecksum ((UINT8 *) Request, Private-BufferSize); +Request-TimeStamp = TimeStamp; TempChecksum = NetChecksum ((UINT8 *) Request-TimeStamp, sizeof (UINT64)); Request-Checksum = (UINT16)(~NetAddChecksum (HeadSum, TempChecksum)); } -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel