Commit Graph

19 Commits

Author SHA1 Message Date
Laszlo Ersek 47b76780b4 NetworkPkg/IScsiDxe: fix IScsiHexToBin() hex parsing
The IScsiHexToBin() function has the following parser issues:

(1) If the *subject sequence* in "HexStr" is empty, the function returns
    EFI_SUCCESS (with "BinLength" set to 0 on output). Such inputs should
    be rejected.

(2) The function mis-handles a "HexStr" that ends with a stray nibble. For
    example, if "HexStr" is "0xABC", the function decodes it to the bytes
    {0xAB, 0x0C}, sets "BinLength" to 2 on output, and returns
    EFI_SUCCESS. Such inputs should be rejected.

(3) If an invalid hex char is found in "HexStr", the function treats it as
    end-of-hex-string, and returns EFI_SUCCESS. Such inputs should be
    rejected.

All of the above cases are remotely triggerable, as shown in a subsequent
patch, which adds error checking to the IScsiHexToBin() call sites. While
the initiator is not immediately compromised, incorrectly parsing CHAP_R
from the target, in case of mutual authentication, is not great.

Extend the interface contract of IScsiHexToBin() with
EFI_INVALID_PARAMETER, for reporting issues (1) through (3), and implement
the new checks.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3356
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210608121259.32451-9-lersek@redhat.com>
2021-06-09 17:25:03 +00:00
Laszlo Ersek dc469f1371 NetworkPkg/IScsiDxe: reformat IScsiHexToBin() leading comment block
We'll need further return values for IScsiHexToBin() in a subsequent
patch; make room for them in the leading comment block of the function.
While at it, rewrap the comment block to 80 characters width.

No functional changes.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3356
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210608121259.32451-8-lersek@redhat.com>
2021-06-09 17:25:03 +00:00
Laszlo Ersek cf01b2dc8f NetworkPkg/IScsiDxe: fix potential integer overflow in IScsiBinToHex()
Considering IScsiBinToHex():

>   if (((*HexLength) - 3) < BinLength * 2) {
>     *HexLength = BinLength * 2 + 3;
>   }

the following subexpressions are problematic:

  (*HexLength) - 3
  BinLength * 2
  BinLength * 2 + 3

The first one may wrap under zero, the latter two may wrap over
MAX_UINT32.

Rewrite the calculation using SafeIntLib.

While at it, change the type of the "Index" variable from UINTN to UINT32.
The largest "Index"-based value that we calculate is

  Index * 2 + 2                                (with (Index == BinLength))

Because the patch makes

  BinLength * 2 + 3

safe to calculate in UINT32, using UINT32 for

  Index * 2 + 2                                (with (Index == BinLength))

is safe too. Consistently using UINT32 improves readability.

This patch is best reviewed with "git show -W".

The integer overflows that this patch fixes are theoretical; a subsequent
patch in the series will audit the IScsiBinToHex() call sites, and show
that none of them can fail.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3356
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210608121259.32451-6-lersek@redhat.com>
2021-06-09 17:25:03 +00:00
Antoine Coeur efb5659334 NetworkPkg/IScsiDxe: Fix various typos
Fix various typos in comments and documentation.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Maciej Rabeda <maciej.rabeda@intel.com>
Signed-off-by: Antoine Coeur <coeur@gmx.fr>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Reviewed-by: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Signed-off-by: Philippe Mathieu-Daude <philmd@redhat.com>
Message-Id: <20200207010831.9046-42-philmd@redhat.com>
2020-02-10 22:30:07 +00:00
Michael D Kinney ecf98fbcf8 NetworkPkg: Replace BSD License with BSD+Patent License
https://bugzilla.tianocore.org/show_bug.cgi?id=1373

Replace BSD 2-Clause License with BSD+Patent License.  This change is
based on the following emails:

  https://lists.01.org/pipermail/edk2-devel/2019-February/036260.html
  https://lists.01.org/pipermail/edk2-devel/2018-October/030385.html

RFCs with detailed process for the license change:

  V3: https://lists.01.org/pipermail/edk2-devel/2019-March/038116.html
  V2: https://lists.01.org/pipermail/edk2-devel/2019-March/037669.html
  V1: https://lists.01.org/pipermail/edk2-devel/2019-March/037500.html

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Siyuan Fu <siyuan.fu@intel.com>
2019-04-09 10:58:15 -07:00
Liming Gao f75a7f568e NetworkPkg: Clean up source files
1. Do not use tab characters
2. No trailing white space in one line
3. All files must end with CRLF

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
2018-06-28 11:19:49 +08:00
Jiaxin Wu 6b08dd6eb8 NetworkPkg/IScsiDxe: Add IPv6 support condition check.
Base on the request of https://bugzilla.tianocore.org/show_bug.cgi?id=710,
we provide this patch to IPv6 condition check by leveraging AIP Protocol.

Cc: Karunakar P <karunakarp@amiindia.co.in>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Karunakar P <karunakarp@amiindia.co.in>
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Karunakar p <karunakarp@amiindia.co.in>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
2017-10-26 16:21:16 +08:00
Zhang Lubo 8d1f5e0416 NetworkPkg:Add scriptable configuration to iSCSI driver by leveraging x-UEFI.
v2:
Add error handling if can not create Attempts in driver entry point.
Since we support to define a macro be a PCD value, we enhance our code
by modifying the structure in IFR_NVDATA. This effect code logic mainly
in Creating Keywords,Convert IFR NvData To AttemptConfigData ByKeyword and
reverse function.
Fix typo errors and sync based on the latest code.

Enable iSCSI keywords configuration based on x-UEFI
name space. we introduce new PCD to control the attempt
numbers which will be created in non activated state, besides
the Attempt name is changed to READ_ONLY attribute in UI.
We can invoke KEYWORD HANDLER Protocol to configure
the related keywords.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin jiaxin.wu@intel.com
2017-02-23 16:50:54 +08:00
Zhang Lubo eabc6e59b9 NetworkPkg: Add dns support for target URL configuration in ISCSI.
v2:
*1. Add IScsiDnsIsConfigured function in IScsiSupported to check
attempt using DNS protocol or not.2. Fix wrongs typos in IScsiDns.c
and .uni file.3. define a macro for the length of target URL.4.
update the Copyright to 2017.

Add DNS support for target URL directly configuration in UI.

Besides, When we enable the option (Get target info via DHCP) ,
the dhcp server will return target info include the  rootpath,
like the format
"iscsi:"<servername>":"<protocol>":"<port>":"<LUN>":"<targetname>
According to the RFC 4173,the server name region is expressed as
IPv4(192.168.10.20 )or IPv6 ([2000:bbbb::3]) or domain name,
but currently we only support the IP address format.
To enable this feature, we can support both.

Another enhancement is that we can deal with the data received from
the iSCSI login response with an target redirection status,
in which contains the Target Address in the format
domainname[:port][,portal-group-tag] required by RFC 3720.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2017-01-19 11:31:57 +08:00
Ye Ting a2d59ef291 NetworkPkg: Record user configured TargetIP/Port in iBFT
Current ISCSI driver records redirected iSCSI targetIP/Port in iBFT
once redirection occurs, which removes the possibility of the OS
to reconnect to the configured IP for load balancing. The behavior
is not explicitly described in IBFT spec, though the MSFT expert
confirm we should record original user setting rather than
publish the redirected IP.

Thanks Sriram for reviewing and validating this patch in his test-bed.

Cc: Subramanian Sriram <sriram-s@hpe.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Subramanian Sriram <sriram-s@hpe.com>
2016-10-14 10:54:26 +08:00
Zhang Lubo e590d29f6e NetworkPkg: refine codes of iSCSI driver.
Add error handling logic in DriverBingingStop function,
it may return error status when invoking the
UninstallProtocolInterface.

Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
2016-04-22 15:41:46 +08:00
Hao Wu 59c0c1cb55 NetworkPkg IScsiDxe: Fix typos in function descriptions
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19601 6f19259b-4bc3-4df7-8a09-765794883524
2016-01-06 01:12:27 +00:00
fanwang2 5ae7578af6 NetworkPkg: Change the macro name to fit coding style
Change several macro names to fit name EDK2 naming conventions: Use all capital letters for #define.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: fanwang2 <fan.wang@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Qiu Shumin <shumin.qiu@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18199 6f19259b-4bc3-4df7-8a09-765794883524
2015-08-11 01:11:29 +00:00
fanwang2 841349282b NetworkPkg: fix an error lead building crash
Fix an error which leads the building process crashes.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: fanwang2 <fan.wang@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18066 6f19259b-4bc3-4df7-8a09-765794883524
2015-07-27 02:45:43 +00:00
fanwang2 42f0586d61 NetworkPkg: Add old IPv4_DEVICE_PATH and IPv6_DEVICE_PATH support
GatewayIpAddress and SubnetMask do not exist in old IPv4_DEVICE_PATH,
IPAddressOrigin, PrefixLength and GatewayIPAddress do not exist in old
IPv6_DEVICE_PATH. This will lead new IScsiDxe to error without updating
IPv4_DEVICE_PATH and IPv6_DEVICE_PATH in system.

Following UEFI2.5 spec of IPv4_DEVICE_PATH do a check before accessing
fields only defined in new version's IPv4_DEVICE_PATH, and revise the same
issue for IPv6_DEVICE_PATH in Iscsi driver.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: fanwang2 <fan.wang@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
[lersek@redhat.com: rewrapped commit message]
Signed-off-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18056 6f19259b-4bc3-4df7-8a09-765794883524
2015-07-26 08:03:59 +00:00
Fu Siyuan 18b24f924f Fix bug in unload function: Check if component name protocol exist, only uninstall it when it really exists.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Tian, Feng <feng.tian@intel.com>
Reviewed-by: Jin, Eric <eric.jin@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15092 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-10 08:24:29 +00:00
Wu Jiaxin b7cc5bf180 Fix a bug about the iSCSI DHCP dependency issue.
Create rules to determine whether iSCSI need DHCP protocol in current configuration by examining user’s configuration data in DriverBindingSupported().

Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com >
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14803 6f19259b-4bc3-4df7-8a09-765794883524
2013-10-25 08:07:26 +00:00
sfu5 75dce34062 1. Fix a bug in PXE driver that the PXE boot do not restart if a new boot option on the different IP stack is selected.
2. Retrieve the IP information after iSCSI TCPv6 connection established and fill it into iBFT table.
3. Generate a random IAID for each NIC port to require different IPv6 address in PXE driver.
4. Update function EfiMtftp6Configure() and Mtftp6RrqHandleOack() to allocate at most one UdpIo.
5. Fix a typo from “destory” to “destroy” in network code.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Ouyang Qian <qian.ouyang@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13859 6f19259b-4bc3-4df7-8a09-765794883524
2012-10-17 08:23:41 +00:00
tye1 4c5a5e0cfe Add IScsiDxe driver to NetworkPkg in order to support iSCSI over IPv6 stack and iSCSI MPIO.
Signed-off-by: tye1
Reviewed-by: hhuan13
Reviewed-by: eric_tian


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12149 6f19259b-4bc3-4df7-8a09-765794883524
2011-08-17 02:38:08 +00:00