The input param String of AsciiStrStr() requires a pointer to
Null-terminated string, however in HttpUtilitiesParse(),
the Buffersize before AllocateZeroPool() is equal to the size
of TCP header, after the CopyMem(), it might not end with
Null-terminator. It might cause memory access overflow.
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1204
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Songpeng Li <songpeng.li@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
The input param String of AsciiStrStr() requires a pointer to
Null-terminated string, however in HttpTcpReceiveHeader(),
the Buffersize before AllocateZeroPool() is equal to the size
of TCP header, after the CopyMem(), it might not end with
Null-terminator. It might cause memory access overflow.
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1204
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Songpeng Li <songpeng.li@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
*v2: Since the new PCD (PcdPxeTftpWindowSize) was renamed/defined in
NetworkPkg instead of MdeModulePkg, this new version is to update the
consuming PXE driver.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=886
This patch is to use the specified MTFTP windowsize to benefit the PXE
download performance.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Shao Ming <ming.shao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
*v2: Rename and redefine the PCD in NetworkPkg instead of MdeModulePkg.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=886
This patch is to define one new PCD for PXE driver to specify MTFTP windowsize so as
to improve the PXE download performance. The default value is set to 4.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Shao Ming <ming.shao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=886
This patch is to support the TFTP windowsize option described in RFC 7440.
The feature allows the client and server to negotiate a window size of
consecutive blocks to send as an alternative for replacing the single-block
lockstep schema.
Currently, the windowsize for write request operation is not supported since
there is no real use cases.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Shao Ming <ming.shao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1152
v2: Sync the same logic to Ipv6 and update code comments.
The PXE driver installs a SNP and open this SNP with attribute BY_DRIVER
to avoid it being opened by MNP driver, this SNP is also expected not to
be opened by other drivers with EXCLUSIVE attribute. In some cases, other
drivers may happen to do this by error, and thus cause a system crash.
This patch adds EXCLUSIVE attribute when opening SNP in PXE driver, and
will reject all OpenProtocol requests by EXCLUSIVE.
Cc: Subramanian, Sriram <sriram-s@hpe.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wang Fan <fan.wang@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
The function PxeBcFreeBootFileOption that is never called
have been removed.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1064
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Songpeng Li <songpeng.li@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
The function TcpPawsOK that is never called have been removed.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1064
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Songpeng Li <songpeng.li@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
The functions that are never called have been removed.
They are Ikev2OnPacketAccepted, Ikev2SaSessionOnDeleting,
Ikev2ChildSaSessionLookupByMid, Ikev2ChildSaSessionOnDeleting
and Ikev2ChildExchangeRekeySpi.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1064
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Songpeng Li <songpeng.li@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
The function IScsiFindTcbByITT that is never called have been removed.
The definition gEfiAcpi20TableGuid has been removed.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1064
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Songpeng Li <songpeng.li@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
Per spec, the GetVariable() runtime service is not required to populate
(*Attributes) on output when it fails with EFI_BUFFER_TOO_SMALL.
Therefore we have to fetch the full contents of the TlsCaCertificate
variable temporarily, just so we can (a) get the current attributes, and
(b) add EFI_VARIABLE_APPEND_WRITE to them for the subsequent SetVariable()
call.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Songpeng Li <songpeng.li@intel.com>
Reported-by: Songpeng Li <songpeng.li@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1090
Fixes: b90c335fbb
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Songpeng Li <songpeng.li@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Replace the OpenFileByDevicePath() function with EfiOpenFileByDevicePath()
from UefiLib, correcting the following issues:
- imprecise comments on OpenFileByDevicePath(),
- code duplication between this module and other modules,
- local variable name "EfiSimpleFileSystemProtocol" starting with "Efi"
prefix,
- bogus "FileHandle = NULL" assignments,
- passing a potentially unaligned "FILEPATH_DEVICE_PATH.PathName" field to
a protocol member function (forbidden by the UEFI spec),
- leaking "Handle1" when the device path type/subtype check fails in the
loop,
- stale SHELL_FILE_HANDLE reference in a comment.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1008
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Removing rules for Ipf sources file:
* Remove the source file which path with "ipf" and also listed in
[Sources.IPF] section of INF file.
* Remove the source file which listed in [Components.IPF] section
of DSC file and not listed in any other [Components] section.
* Remove the embedded Ipf code for MDE_CPU_IPF.
Removing rules for Inf file:
* Remove IPF from VALID_ARCHITECTURES comments.
* Remove DXE_SAL_DRIVER from LIBRARY_CLASS in [Defines] section.
* Remove the INF which only listed in [Components.IPF] section in DSC.
* Remove statements from [BuildOptions] that provide IPF specific flags.
* Remove any IPF sepcific sections.
Removing rules for Dec file:
* Remove [Includes.IPF] section from Dec.
Removing rules for Dsc file:
* Remove IPF from SUPPORTED_ARCHITECTURES in [Defines] section of DSC.
* Remove any IPF specific sections.
* Remove statements from [BuildOptions] that provide IPF specific flags.
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chen A Chen <chen.a.chen@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
*v2: Optimize the patch by calculating AsciiStrSize() only once.
In URI, the colon (:) is used to terminate the HostName path before
a port number. However, if HostName is expressed as IPv6 format, colon
characters in IPv6 addresses will conflict with the colon before port
number. To alleviate this conflict in URI, the IPv6 expressed HostName
are enclosed in square brackets ([]). To record the real IPv6 HostName,
square brackets should be stripped.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
*v2: Resolve the conflict commit.
*v3: Fixed the failure if BodyLength in HTTP token is less than the received
size of HTTPS message.
HttpBodyParserCallback function is to parse the HTTP(S) message body so as to
confirm whether there is the next message header. But it doesn't record the
parsing message data/length correctly.
This patch is refine the parsing logic so as to fix the potential failure.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Gary Lin <glin@suse.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Tested-by: Gary Lin <glin@suse.com>
1. Do not use tab characters
2. No trailing white space in one line
3. All files must end with CRLF
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
This patch is to add the instance of library class [SafeIntLib] to fix the
NetworkPkg build error, which is caused by the commit of 2167c7f7 that the
TlsLib will always consume SafeIntLib.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Long Qin <qin.long@intel.com>
Cc: Bi Dandan <dandan.bi@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Fix the following style issues:
- "Data" is accessed through a pointer to UINT16 rather than to a pointer
to EFI_TLS_CIPHER. While technically correct, UINT16 is harder to
interpret against the UEFI spec.
- Array subscripting is written with weird *(Pointer + Offset)
expressions, rather than with Pointer[Offset].
- The byte order is converted with HTONS(), while it should be NTOHS().
Either way, use the Data1 and Data2 fields of EFI_TLS_CIPHER instead.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=915
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
TlsSetSessionData() shouldn't just ignore an incomplete EFI_TLS_CIPHER
element at the end of "Data":
- Generally speaking, malformed input for a security API is best rejected
explicitly.
- Specifically speaking, the size of EFI_TLS_CIPHER is 2 bytes. If
DataSize is 1 on input, then the initial check for (DataSize == 0) will
fail, but then TlsSetCipherList() will be called with CipherNum=0.
Return EFI_INVALID_PARAMETER from TlsSetSessionData() if "Data" doesn't
contain a whole number of EFI_TLS_CIPHER elements. While at it, introduce
the dedicated variable CipherCount.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=915
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
If the platform creates the "TlsCaCertificate" variable as volatile, then
EnrollX509toVariable() shouldn't fail to extend it just because
TLS_AUTH_CONFIG_VAR_BASE_ATTR contains the EFI_VARIABLE_NON_VOLATILE
attribute.
Thus, if the variable exists, add the EFI_VARIABLE_APPEND_WRITE attribute
to the variable's current attributes. This is what DeleteCert() does
already.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
In TlsConfigCertificate(), make sure that the set of EFI_SIGNATURE_LIST
objects that the platform stored to "TlsCaCertificate" is well-formed.
In addition, because HttpInstance->TlsConfiguration->SetData() expects
X509 certificates only, ensure that the EFI_SIGNATURE_LIST objects only
report X509 certificates, as described under EFI_CERT_X509_GUID in the
UEFI-2.7 spec.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=909
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
For TlsConfigureSession(), it makes sense to exempt EFI_NOT_FOUND from
TlsConfigCipherList() / gRT->GetVariable(), because there is a default
cipher list (SSL_DEFAULT_CIPHER_LIST) we can fall back to.
The same is not true of TlsConfigCertificate(), because there is no
default CA cert list. The platform (or the user of the Setup utility) is
required to configure a CA cert list first.
Remove the misleading comment and status code mapping in
TlsConfigCertificate().
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
Introduce a FreeCACert label near the end of the function, so that we can
keep the FreePool(CACert) statement centralized for error and success
exits.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
The string "HTTPClient" has 10 non-NUL characters; the value 9 is a
copy-paste leftover from "PXEClient". Check for all 10 characters in the
vendor-class-identifier option when determining whether the DHCP offer is
an HTTP offer.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
After completed a DHCP D.O.R.A process and got the new address, the ARP Instance
and RouteTable should be configured so as to avoid the later Pxe.Arp failure.
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
The ISCSI connection will fail for the first time if the target info is
retrieved from DHCP and expressed as URI format. The issue is caused by
the missing DNS protocol dependency check during the driver support
function.
This patch is to fix the above issue.
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Per the request to support HttpMethodDelete:
https://bugzilla.tianocore.org/show_bug.cgi?id=879,
This patch is to enable the HTTP Delete Method.
Cc: Karunakar P <karunakarp@amiindia.co.in>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
The issue was enrolled by the commit of ceec3638. One of the change in the commit
was to return the status from NetMapIterate in Udp6Groups function. But it should
not return EFI_ABORTED directly in case McastIp is not NULL, which means to terminate
the iteration and leave the McastIp successfully.
Cc: Wang Fan <fan.wang@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
For IPv6 case, if one invalid URL returned from DHCP server, HttpBootDxe
driver could not retrieve the URL host address from DNS server. In such a
case, the error message should be printed as:
Error: Could not retrieve the host address from DNS server.
Instead of:
Error: Could not discover the boot information for DHCP server.
Then, we can still output as following:
Error: Could not retrieve NBP file size from HTTP server.
Besides, currently implementation in HttpBootLoadFile will always output
error message even the HTTP process is correct.
This patch is to fix above issue.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
The patch is to fix the incorrect parameter check for the HttpBootGetFileFromCache().
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
v2:
* Refine the error handling returned from GetVariable.
This patch is to read the HttpTlsCipherList variable and configure it for the
later HTTPS session.
If the variable is not set by any platform, EFI_NOT_FOUND will be returned
from GetVariable service. In such a case, the default CipherList created in
TlsDxe driver will be used.
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Kinney Michael D <michael.d.kinney@intel.com>
Cc: Zimmer Vincent <vincent.zimmer@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
v2:
* Rename the file/variable name.
This variable (HttpTlsCipherList) can be set by any platform that want to
control its own preferred Tls CipherList for the later HTTPS session.
The valid contents of variable must follow the TLS CipherList format defined
in RFC 5246. The valid length of variable must be an integral multiple of 2.
For example, if below cipher suites are preferred:
CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA256 = {0x00,0x3C}
CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA256 = {0x00,0x3D}
Then, the contents of variable should be:
{0x00,0x3C,0x00,0x3D}
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Kinney Michael D <michael.d.kinney@intel.com>
Cc: Zimmer Vincent <vincent.zimmer@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Current PXE driver uses zero GUID if failed to get the system GUID from smbios
table, and some OS PXE boot may fail in such case. This patch is to add a warning
message to inform user that smbios table is missed on the platform.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
When giving an invalid URI in Boot URI field within HTTP Boot
configuration page, the AsciiPrint will corrupt the setup screen.
This patch is to resolve the issue.
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Karunakar P <karunakarp@amiindia.co.in>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
According to UEFI spec, the PXE.Mtftp() should return invalid parameter if the
BufferPtr parameter was NULL and the DontUseBuffer parameter was FALSE.
The DontUseBuffer is only used when perform MTFTP/TFTP read operation.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
In UDP6Dxe, there are several places that may be enhanced
to check input parameters and returned status. This patch
is to fix these issues.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wang Fan <fan.wang@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
In UDP6Dxe, there are some coding style issues, this patch
is to fix these issues.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wang Fan <fan.wang@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
In UDP6Dxe Udp6Groups(), the code return directly without free the
buffer allocated for McastIp when JoinFlag is TRUE. It is a memory
leak issue that needs to be fixed. This patch is to fix this issue.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wang Fan <fan.wang@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
In Udp6Dxe, there are several places use ASSERT to check returned
value. But these errors should be handled if they occur, this patch
is to fix this issue.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wang Fan <fan.wang@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
v2:
* Refine the commit log.
There are two place to close the ISCSI ExitBootServiceEvent:
#1.IScsiOnExitBootService(), which is the callback function of
ExitBootServiceEvent.
#2.IScsiCleanDriverData(), which will be invoked by ISCSI driver
binding stop().
So, the ExitBootServiceEvent will be closed and freed when exit boot
server is triggered. But it may be closed and freed again in ISCSI driver
binding stop(), which will result in the issue recorded at
https://bugzilla.tianocore.org/show_bug.cgi?id=742.
This patch is to resolve the issue.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
This patch is to fix the compiler warning error: C4245. The issue will happen
if the below build option is enabled:
*_*_*_CC_FLAGS = -J.
That's because the value of ('A' - 'a') is a negative value, which will
be converted to an unsigned type if CHAR8 is treated as unsigned:
Src -= ('A' - 'a');
The above issue is also recorded at:
https://bugzilla.tianocore.org/show_bug.cgi?id=815.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
This patch is to fix the issue that dereferencing of "This" (EFI_LOAD_FILE_PROTOCOL)
in EfiPxeLoadFile() is happening before the NULL check.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
The PxeBcDhcp4CallBack() is provided for DHCP driver to invoke packet check
during DHCP process, the DHCP driver should make sure Packet and NewPacket
has meaningful value. This patch adds assert for this.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
PXE need to use extended DHCP options and check received offers in callback
function, so there is no need to continue the PXE process if DHCP driver has
been started by other instance but not PXE driver itself.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
When the platform gets the target info from DHCP (option 17) and the ISCSI
server is expressed as IP address, the value of DnsMode should be false,
otherwise, the failure will happen in certain case.
please refer to https://bugzilla.tianocore.org/show_bug.chi?id=823 for
the detailed steps.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Karunakar P <karunakarp@amiindia.co.in>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Tested-by: Karunakar P <karunakarp@amiindia.co.in>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wang Fan <fan.wang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Wang Fan <fan.wang@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wang Fan <fan.wang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Wang Fan <fan.wang@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
TCP payload check is implemented by TcpVerifySegment(), but all the function
calls of TcpVerifySegment() are placed in ASSERT(), which is only valid for
debug version:
ASSERT (TcpVerifySegment (Nbuf) != 0);
This patch is to enable the check for release version.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wang Fan <fan.wang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
The function SockGroup() is not used by any other code. So,
it can be deleted.
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wang Fan <fan.wang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
According the Spec, the FragmentBuffers in FragmentTable are allocated
by the application when calling Receive() function. This patch is to
check whether the FragmentBuffer is valid or not.
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wang Fan <fan.wang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
In HttpBootCallback(), when data type is HttpBootHttpResponse, function may meet
the resource redirect error. In current implementation, function will still go
ahead to find header for HTTP_HEADER_CONTENT_LENGTH, this is not expected. Function
should break in redirect status error handling.
Cc: Wang Fan <fan.wang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Wang Fan <fan.wang@intel.com>
Cc: Wang Fan <fan.wang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Wang Fan <fan.wang@intel.com>
This patch updates PxeBcIcmpErrorDpcHandle() and PxeBcIcmp6ErrorDpcHandle() to
recycle the ICMP packet after copy it to PXE mode data.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
The IP protocol has been configured to only receive ICMP packet in PXE driver.
So this patch removes the unnecessary check for NextHeader field and replace it
with ASSERT.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
Since new Api NetLibDetectMediaWaitTimeout was involved to support connecting
state handling, and it is forward compatible. So apply this Api in NetworkPkg.
V2:
*Define time period in a macro instead of hard code.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wang Fan <fan.wang@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Signed-off-by: fanwang2 <fan.wang@intel.com>
According the UEFI Spec for PxeBc.SetStationIP():
If NewStationIP is NULL, then the current IP address will not be modified.
...
If NewSubnetMask is NULL, then the current subnet mask will not be modified.
Currently, EfiPxeBcSetStationIP() doesn't comply with UEFI Spec. This patch is
to fix the issue.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
According UEFI Spec:
The PXE Base Code Callback Protocol must be on the same handle as the PXE
Base Code Protocol.
But current implementation doesn't follow that. This patch is fix that issue.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
According UEFI Spec, if valid PXE offer is not received, Pxe.Dhcp()
should return EFI_NO_RESPONSE, but currently, EFI_TIMEOUT is returned
from Pxe.Dhcp().
This patch is to fix the above issue.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
This patch is to resolve the issue reported @
https://bugzilla.tianocore.org/show_bug.cgi?id=804.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Karunakar P <karunakarp@amiindia.co.in>
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
The HostNameToIp() is a asynchronous function, so the caller
may free the HostName buffer immediately once HostNameToIp()
is returned. Then DNS driver may access the freed memory buffer
later.
This patch is to fix above issue.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wang Fan <fan.wang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wang Fan <fan.wang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
According to UEFI spec:
"Retry number if no response received after RetryInterval. If zero, use
the parameter configured through Dns.Configure() interface."
"Minimum interval of retry is 2 second. If the retry interval is less
than 2 second, then use the 2 second. If zero, use the parameter configured
through Dns.Configure() interface."
For both DNS.HostNameToIp and DNS.GeneralLookUp, the value of RetryCount /
RetryInterval need to be updated to comply with UEFI spec.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wang Fan <fan.wang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wang Fan <fan.wang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Commit 19bd133562 is to fix the incorrect SizeofHeaders
returned from HttpTcpReceiveHeader(). But it missed the "\r\n\r\n" calculation, which
will cause the later HttpHeaders parsing failure.
This patch is fix the above issue.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
This patch is to fix a bug that the HttpTcpReceiveHeader() may return incorrect
SizeofHeaders, which will include some already received message-body.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
V2:
Fix MSFT C4255 warning
V1:
Enable MSFT C4255 warning.
From MSDN:
Compiler Warning (level 4) C4255
function' : no function prototype given: converting '()' to '(void)'
The compiler did not find an explicit list of arguments to a function.
This warning is for the C compiler only.
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Bell Song <binx.song@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Base on the request of https://bugzilla.tianocore.org/show_bug.cgi?id=710,
we provide this patch to IPv6 condition check by leveraging AIP Protocol.
Cc: Karunakar P <karunakarp@amiindia.co.in>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Karunakar P <karunakarp@amiindia.co.in>
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Karunakar p <karunakarp@amiindia.co.in>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
v2:
* Fix the potential ASSERT issue.
Base on the request of https://bugzilla.tianocore.org/show_bug.cgi?id=710,
we provide this patch to IPv6 condition check by leveraging AIP Protocol.
Cc: Karunakar P <karunakarp@amiindia.co.in>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Karunakar P <karunakarp@amiindia.co.in>
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Karunakar p <karunakarp@amiindia.co.in>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
The existing attempt should not trigger the DHCP process if it
doesn't associates with the current NIC. That's incorrect when
displaying the initiator info in attempt page.
Cc: Karunakar P <karunakarp@amiindia.co.in>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Karunakar p <karunakarp@amiindia.co.in>
Edk2 has duplicated ping6/ifconfig6 implementation in NetworkPkg and ShellPkg.
The usage and parameter format of these 2 versions are exactly same. These two
commands have been added to Shell specification so the copy under
ShellPkg\Library\UefiShellNetwork2CommandsLib\
will be actively maintained in future.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
The commits utilizes a local variable to store the length of a string
which will be used right after.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
When creating the ISCSI string OpCode for IP_ADDRESS, the max length
should be IP(4)_STR_MAX_SIZE instead of IP(4)_MAX_SIZE.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
The IP driver uses EfiCreateProtocolNotifyEvent() to register notify callback
function for IpSec protocol, but it didn't notice that the callback will always
be executed at least once, even the protocol wasn't in handle database.
As a result, the Ip6IpSecProcessPacket() will still always call LocateProtocol()
even the IpSec protocol is not installed, which will impact the network
performance.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
During setting the DnsServer, the DataSize check is incorrect.
This patch is to fix the issue.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
v2:
* Refine the patch by changing the '==' to '>='.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Jin Eric <eric.jin@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
UEFI Spec 2.7 adds the clarification on SetData interface usage to clear specific
individual data types. This patch is to support this feature.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
The last 3 bytes of ISID should be able to changed by setting the keyword with
a value with length 6 (only last 3 bytes) or 12 (full ISID) according to the
keyword definition in UEFI configuration namespace website.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
https://bugzilla.tianocore.org/show_bug.cgi?id=642
Add top level License.txt file with the BSD 2-Clause
License that is used by the majority of the EKD II open
source project content. Merge copyright statements
from the BSD 2-Clause License files in each package
directory and remove the duplication License.txt
file from package directories.
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Andrew Fish <afish@apple.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
https://bugzilla.tianocore.org/show_bug.cgi?id=629
Move Contributions.txt that contains the TianoCore
Contribution Agreement 1.0 to the root of the edk2
repository and remove the duplicate Contributions.txt
files from all packages.
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Andrew Fish <afish@apple.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
HTTP defines a set of status code for redirecting a request to a different URI
in Section 6.4 of RFC7231 and also RFC7583. This patch updates the HTTP boot
driver to display the redirection info to the screen so the user would have
chance to know new URI address of the HTTP boot image.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
During clean up the HTTP child, all resources used by it should be cleaned. But
currently, TLS instance is not destroyed.
This patch is to fix this issue.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
This patch is to fix the potential issue recorded at Bugzilla 636:
https://bugzilla.tianocore.org/show_bug.cgi?id=636
The issue is caused by the IPv6 policy switching after PXEv6 boot. When IP
policy is changing, the IPv6 children used by PXE.UdpRead() will be destroyed.
Then, PXE Stop() function is called to uninstall the devicePath protocol,
which leads to the IPv6 PXE boot option goes missing.
Through the above analysis, the IP driver should take the responsibility for
the upper layer network stacks recovery by using ConnectController().
Cc: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Cc: Subramanian Sriram <sriram-s@hpe.com>
Cc: Ni Ruiyu <ruiyu.ni@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Reviewed-by: Subramanian Sriram <sriram-s@hpe.com>
Tested-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
This patch updates the HTTP Boot driver to install a default HTTP Callback protocol
if the platform doesn't provide one. This callback implementation will print the
boot file download progress in percentage format.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
DHCP4 service allows only one of its children to be configured in the active
state. If the DHCP4 D.O.R.A started by IP4 auto configuration and has not
been completed, the Dhcp4 state machine will not be in the right state for
the iSCSI to start a new round D.O.R.A. So, we need to switch it's policy to
static.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Currently, DNS driver configure the dhcp message type to inform
when building dhcp packet to get dns info from, but it not works
with dhcp server deployed on linux system. However it works well
when changed to request type.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
The RFC1323 which defines the TCP window scale option has been obsoleted by RFC7323.
This patch is to follow the RFC7323 to address the TCP window retraction problem
when a non-zero scale factor is used.
The changes has been test in high packet loss rate network by using HTTP boot and
iSCSI file read/write.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Moving Right window edge to the left on sender side without additional check
can lead to the TCP deadlock, when receiver ACKs proper segment, while sender
discards it for future ACK. To prevent this add check if usable window (or
shrink amount in this case) is bigger then receiver's window scale factor.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Andrey Tepin <atepin@kraftway.ru>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
In case of the DHCP and PXE services on different servers,PXEv6 boot will
failure when DhcpBinl offer received. The issue is caused by the following
reasons:
* PXE Client doesn't append VENDOR_CLASS request parameter, so the
offer replied from DHCP service will not contain VENDOR_CLASS option
(16).
* Once the DhcpBinl offer is selected, the boot discover message should
be sent out to request the bootfile by this offer. Current implementation
always use servers multi-cast address instead of BootFileUrl address in
dhcp6 offer. we should check it first, then decide whether use multi-cast
address or not.
* If DhcpBinl offer is selected, the boot discover message shouldn't
find server ID Option from DhcpBinl offer. That's incorrect because DHCP
service and PXE service on different servers. In such a case, we can ignore
the Server ID Option.
With the above fix in the patch, PXEv6 can boot successfully when DhcpBinl
offer received.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
if the server name expressed as a site local address begain with FEC0
when retrieving from dhcpv6 option 59 boot file url, it incorrectly process it
as a dns name.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
if we already established a iSCSI connection from initiator to target
based on IPv4 stack, after using reconnect -r command, we can not rebuild
the session with the windows target, since the server thought the session
is still exist. This issue is caused by wrong place of acquire ownership of
sock lock which lead the iSCSI can not reset the connection correctly.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
v2:
* Define one new internal function to clean the file content.
TlsAuthConfigDxe open file by FileExplorerLib. It need to close
file handler and free file related resource in some cases.
* User enrolls Cert by escape the Config page.
* The Cert is not X509 type.
* User chooses another file after he selected a file.
Cc: Zhang Chao B <chao.b.zhang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Chao Zhang<chao.b.zhang@intel.com>
When PXE10/WFM11a offer received, we should only cache
the first PXE10/WFM11a offer, and discard the others. But
Current we discard all PXE10/WFM11a offer. This patch is
to fix this issue.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
UINT32 integer overflow will happen once the download OS image over
4G size. This patch is to fix this issue.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
If we set PXEv6 as the first boot option and reboot immediately
after the first successful boot, it will assert. the root cause is
when we set the policy from manual to automatic in PXE driver,
the ip6 Configure item size is already set to zero and other
structures are also released, So it is not needed to perform DAD call
back function which is invoked by Ip6ConfigSetMaunualAddress.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
Need to check variable of mPrivate whether is
null before used and redefine the array length
of target address for keyword.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Add check logic and error message for some keywords validity.
show target address in URL format and MAC address correctly.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
According UEFI Spec, set to zero StationIp means to let the underlying
IPv6 driver choose a source address. But currently, DNSv6 always return
EFI_NO_MAPPING. The issue is caused by below bugs in DnsDxe:
* Incorrect TPL(TPL_CALLBACK) usage during UDP configuration.
* Failed to create the timer used to get IPv6 mapping
* Doesn't check the Ip6Mode.IsStarted flag.
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Zhang Lubo <lubo.zhang@intel.com>
Currently, error handling in IScsiDriverEntryPoint is incorrect. For
example, if IScsiCreateAttempts() return error due to the limited max
variable size, iSCSI will not unload the configuration entries.
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Zhang Lubo <lubo.zhang@intel.com>
v2: Handle error case in SockCreateChild and fix typo issue
when we destroy the socket Sock and its associated
protocol control block, we need to first close the
parent protocol, then remove the protocol from childHandle
and last to free any data structures that allocated in
CreateChild. But currently, we free the socket data (Socket ConfigureState)
before removing the protocol form the childhandle. So if the up layer
perform the driverbing stop to abort tcp session and send the tcp reset
packet, it will failed.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Since we use the Attempt and index as the attempt variable name instead of
the MAC address plus index, we need to update this to check the whether
the Controller handle is configured to use DNS protocol
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
There are cases that the operands of an expression are all with rank less
than UINT64/INT64 and the result of the expression is explicitly cast to
UINT64/INT64 to fit the target size.
An example will be:
UINT32 a,b;
// a and b can be any unsigned int type with rank less than UINT64, like
// UINT8, UINT16, etc.
UINT64 c;
c = (UINT64) (a + b);
Some static code checkers may warn that the expression result might
overflow within the rank of "int" (integer promotions) and the result is
then cast to a bigger size.
The commit refines codes by the following rules:
1). When the expression is possible to overflow the range of unsigned int/
int:
c = (UINT64)a + b;
2). When the expression will not overflow within the rank of "int", remove
the explicit type casts:
c = a + b;
3). When the expression will be cast to pointer of possible greater size:
UINT32 a,b;
VOID *c;
c = (VOID *)(UINTN)(a + b); --> c = (VOID *)((UINTN)a + b);
4). When one side of a comparison expression contains only operands with
rank less than UINT32:
UINT8 a;
UINT16 b;
UINTN c;
if ((UINTN)(a + b) > c) {...} --> if (((UINT32)a + b) > c) {...}
For rule 4), if we remove the 'UINTN' type cast like:
if (a + b > c) {...}
The VS compiler will complain with warning C4018 (signed/unsigned
mismatch, level 3 warning) due to promoting 'a + b' to type 'int'.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
For pointer subtraction, the result is of type "ptrdiff_t". According to
the C11 standard (Committee Draft - April 12, 2011):
"When two pointers are subtracted, both shall point to elements of the
same array object, or one past the last element of the array object; the
result is the difference of the subscripts of the two array elements. The
size of the result is implementation-defined, and its type (a signed
integer type) is ptrdiff_t defined in the <stddef.h> header. If the result
is not representable in an object of that type, the behavior is
undefined."
In our codes, there are cases that the pointer subtraction is not
performed by pointers to elements of the same array object. This might
lead to potential issues, since the behavior is undefined according to C11
standard.
Also, since the size of type "ptrdiff_t" is implementation-defined. Some
static code checkers may warn that the pointer subtraction might underflow
first and then being cast to a bigger size. For example:
UINT8 *Ptr1, *Ptr2;
UINTN PtrDiff;
...
PtrDiff = (UINTN) (Ptr1 - Ptr2);
The commit will refine the pointer subtraction expressions by casting each
pointer to UINTN first and then perform the subtraction:
PtrDiff = (UINTN) Ptr1 - (UINTN) Ptr2;
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Nil UUID is a special case with all zeros value. This
patch is to handle this case to avoid the invalid DUID.
Cc: Naveen Santhapur <naveens@amiindia.co.in>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Define the prompt and help information for PcdMaxIScsiAttemptNumber.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
v2: need to check the global variable mPrivate before using it in
the Convert AttemptConfigData To IfrNvData by Keyword function.
Add check logic for some attempt variable to enhance code in iSCSI.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Having duplicated DNS server IPs specified is not an ideal
configuration, but not an error condition. This patch is to
remove the duplicated DNS address check to allow the same DNS
address setting in SetData().
Cc: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Cc: Subramanian Sriram <sriram-s@hpe.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Subramanian Sriram <sriram-s@hpe.com>
Reviewed-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Tested-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Update the interface name from ethA ethB to
eth10, eth11 etc if port number more than 9.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Sriram Subramanian <sriram-s@hpe.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
v2:
Add error handling if can not create Attempts in driver entry point.
Since we support to define a macro be a PCD value, we enhance our code
by modifying the structure in IFR_NVDATA. This effect code logic mainly
in Creating Keywords,Convert IFR NvData To AttemptConfigData ByKeyword and
reverse function.
Fix typo errors and sync based on the latest code.
Enable iSCSI keywords configuration based on x-UEFI
name space. we introduce new PCD to control the attempt
numbers which will be created in non activated state, besides
the Attempt name is changed to READ_ONLY attribute in UI.
We can invoke KEYWORD HANDLER Protocol to configure
the related keywords.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin jiaxin.wu@intel.com
Currently, When there are more than 9 Ethernet ports available,
'ifconfig6 -l' is not listing all the ports, only show the ports 0 to 9.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Santhapur Naveen <naveens@amiindia.co.in>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
IANA has approved below new media type for EFI http(s) boot usage:
application/vnd.efi.img
application/vnd.efi.iso
HTTP boot driver should be updated to check the above media type
from Content-Type header field.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
This patch is to update the HTTP token notify as a DPC at
TPL_CALLBACK to align with UEFI Spec.
Cc: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Update existing #define and add a new #define used for the
PCD PcdIScsiAIPNetworkBootPolicy. Update the code in iScsiStart
according to the #define changes in iScsiDriver.h
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Zhang Lubo <lubo.zhang@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
When we create a HTTP driver service binding private
instance, there may be different DriverBindingHandle
for Ipv4 or Ipv6, so it is essential to distinguish
the HttpService image which will be used in open
protocol or close protocol.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Sriram Subramanian <sriram-s@hpe.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
If the code eventually returns "Status" anyway, it does not make
sense to explicitely return "Status" in case of an error, too.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
v3:
* Correct the commits grammar
v2:
* Rename the PCD to PcdAllowHttpConnections.
* Refine the PCD descriptions.
If the value of PcdAllowHttpConnections is TRUE, HTTP connections are
allowed. Both the "https://" and "http://" URI schemes are permitted.
Otherwise, HTTP connections are denied. Only the "https://" URI scheme
is permitted.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Kinney Michael D <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Gary Lin <glin@suse.com>
Tested-by: Gary Lin <glin@suse.com>
v2:
*1. Add IScsiDnsIsConfigured function in IScsiSupported to check
attempt using DNS protocol or not.2. Fix wrongs typos in IScsiDns.c
and .uni file.3. define a macro for the length of target URL.4.
update the Copyright to 2017.
Add DNS support for target URL directly configuration in UI.
Besides, When we enable the option (Get target info via DHCP) ,
the dhcp server will return target info include the rootpath,
like the format
"iscsi:"<servername>":"<protocol>":"<port>":"<LUN>":"<targetname>
According to the RFC 4173,the server name region is expressed as
IPv4(192.168.10.20 )or IPv6 ([2000:bbbb::3]) or domain name,
but currently we only support the IP address format.
To enable this feature, we can support both.
Another enhancement is that we can deal with the data received from
the iSCSI login response with an target redirection status,
in which contains the Target Address in the format
domainname[:port][,portal-group-tag] required by RFC 3720.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
The ChooseFile handler, UpdateCAFromFile, has to be EFIAPI or gcc would
use the wrong ABI and cause the crash of the firmware. This commit also
removes the unnecessary type casting in ChooseFile.
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Siyuan Fu <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
Ip6ConfigSetDnsServer may cause ASSERT if the invalid DNS
server address received. The issue is triggered by the NULL
pointer(Tmp) free.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
This patch is used to enable HTTPS feature. HttpDxe driver
will consume TlsDxe driver. It can both support http and https
feature, that’s depended on the information of URL, the HTTP
instance can be able to determine whether to use http or https.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Long Qin <qin.long@intel.com>
Cc: Thomas Palmer <thomas.palmer@hpe.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
This patch provides the UI to support TLS auth configuration.
* EFI_SIGNATURE_LIST format is used for 'TlsCaCertificate'
variable. So, TLS supports multiple certificate configuration.
* The variable attribute is BS with NV, which only target at
preventing runtime phase attack.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Long Qin <qin.long@intel.com>
Cc: Thomas Palmer <thomas.palmer@hpe.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
v3:
* Typo fix and code refine.
* Rename the internal macros and function:
TLS_INSTANCE_FROM_PROTOCOL_THIS -> TLS_INSTANCE_FROM_PROTOCOL
TLS_INSTANCE_FROM_CONFIGURATION_THIS -> TLS_INSTANCE_FROM_CONFIGURATION
TlsEcryptPacket -> TlsEncryptPacket
v2:
* Refine the TlsEcryptPacket/TlsDecryptPacket function
according the community feedback.
This patch is the implementation of EFI TLS Service Binding
Protocol, EFI TLS Protocol and EFI TLS Configuration Protocol
Interfaces.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Long Qin <qin.long@intel.com>
Cc: Thomas Palmer <thomas.palmer@hpe.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
This commit refines the logic for HttpBootUintnToAscDecWithFormat and
PxeBcUintnToAscDecWithFormat. It avoids using the decrement operator '--'
for array index to prevent possible mis-reports by static code checkers.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
This patch remove the ASSERT when receive a DHCP packet large than the maximum
cache buffer size.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
This patch updates the PXE and HTTP boot driver to drop the input DHCP packet
if it exceed the maximum length.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-By: Wu Jiaxin <jiaxin.wu@intel.com>
In one of the next patches, we'll introduce ARRAY_SIZE in
"MdePkg/Include/Base.h". In order to proceed in small steps, make the
module-local definition of ARRAY_SIZE conditional. This way the
introduction of the macro under MdePkg will silently switch this module
over (after which we can remove the module-local definition completely).
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
According to RFC 3720, the TargetAddress provided in a redirection
might be a DNS host name, a dotted-decimal IPv4 address, or a
bracketed IPv6 address. Current ISCSI driver in Networkpkg only
supports dotted-decimal IPv4 address, so we need add IPv6 address
support since it is a combo driver supporting dual stack.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
There may be an error happens when we use the
configure function to set or change the configuration
data for the DNS6 instance, So we will free the
DnsServerList without configured to NULL. If we reset
the instance with the parameter DnsConfigData to NULL, the
DnsServerList will be freed twice.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
The BootFileURL option (59) in dhcpv6 is used to deliver
the next server address with bootfile name, as an example
"tftp://[FEDC:BA98:7654:3210:FEDC:BA98:7654:3210]/BOOTFILE_NAME;
mode=octet", it can also be “tftp://domain_name/BOOTFILE_NAME;
mode=octet”, this patch is to support this case.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Current ISCSI driver records redirected iSCSI targetIP/Port in iBFT
once redirection occurs, which removes the possibility of the OS
to reconnect to the configured IP for load balancing. The behavior
is not explicitly described in IBFT spec, though the MSFT expert
confirm we should record original user setting rather than
publish the redirected IP.
Thanks Sriram for reviewing and validating this patch in his test-bed.
Cc: Subramanian Sriram <sriram-s@hpe.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Subramanian Sriram <sriram-s@hpe.com>
Tcp driver need to use EFI_D_NET to log DEBUG message,
So it becomes easy to separate/filter out debug messages
from network stack versus generic EFI_D_INFO debugs.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Cc: Subramanian Sriram <sriram-s@hpe.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
The previous DNS server data will be retained after the policy
changes from Auto to Manual. This patch is used to clean the
previous dhcp configuration data.
Cc: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Cc: Subramanian Sriram <sriram-s@hpe.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Tested-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
When HostNameToIp() and GeneralLookUp() are called with a invalid
host name, RCODE (4 bit field is set as part of responses) error
will returned in packet to identify the domain name referenced in
the query does not exist. So, EFI_NOT_FOUND should be returned
directly.
Current implementation only check the RCODE in successful condition.
Need update the code for more error check according to RFC 1035 4.1.1
section.
Cc: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Tested-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
v2:
* Code refine.
* For DnsCache, the minimum value of TTL is selected between CNAME and A/AAAA record.
According RFC 1034 - 3.6.2, if the query name is an alias, the name server
will include the CNAME record in the response and restart the query at the
domain name specified in the data field of the CNAME record. RFC also provides
one example server action when A query received:
Suppose a name server was processing a query with for USCISIC.ARPA, asking for
type A information, and had the following resource records:
USC-ISIC.ARPA IN CNAME C.ISI.EDU
C.ISI.EDU IN A 10.0.0.52
Both of these RRs would be returned in the response to the type A query.
Currently, DnsDxe driver doesn't handle the CNAME type response, which will cause
any exception result. The driver need continue the packet parsing while CNAME type
record parsed. So, this patch is used to handle it correctly.
Cc: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Tested-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
This path made the following update:
* Generate SPI randomly.
* Correct IKE_SPI_BASE value according RFC 4302/4303.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
*v2: update the commit log and refine the code comments.
There are three kinds of IKE Exchange process:
#1. Initial Exchange
#2. CREATE_CHILD_SA_Exchange
#3. Information Exchange
The IKE header "FLAG" update is incorrect in #2 and #3 exchange,
which may cause the continue session failure. This patch is used
to correct the updates of IKE header "FLAG" according the RFC4306
section 3.1.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
*v2: update the commit log.
IKE Initial Exchange message should cover below process:
Initiator Responder
Message1 HDR,SAil,KEi,Ni ------>
Message2 <------ HDR,SArl,KEr,Nr,[CERTREQ]
Message3 HDR,SK{} ------>
Message4 <------ HDR,SK{}
If Initial Exchange message is initiated by Linux IKE, it works well.
But the failure will happen if it's initiated by UEFI IKE. This issue
is caused by the no status check of NotifyCookiePayload.
While parsing the IKEv2 packet for IKE_SA_INIT exchange, if the packet
doesn't contain COOKIE Notify payload, EFI_INVALID_PARAMETER will be
returned from Ikev2ParserNotifyCookiePayload(). Current implementation
return this error status directly, then the session will be broken. The
correct behavior should check this status. If no COOKIE Notify payload,
initiator don't need to retry the IKE_SA_INIT.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
The bug is caused by using already freed memory.
If there is already an attempt and execute
'reconnect -r' command, all the AttemptConfig structure
will be freed, but the mCallbackInfo->Current is not
configured as null and this pointer will be used again in
IScsiFormExtractConfig.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
The RSDT is only used when the bios need to support ACPI 1.0
version. When change PcdAcpiExposedTableVersions to 0x3C, it
will not support ACPI 1.0. The default is 0x3E.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Add the following definition in the [BuildOptions] section in package DSC
files to disable APIs that are deprecated:
[BuildOptions]
*_*_*_CC_FLAGS = -D DISABLE_NEW_DEPRECATED_INTERFACES
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-By: Wu Jiaxin <jiaxin.wu@intel.com>
The UefiPxeBcDxe module encounters a build error for IA32 arch using the
latest version of VS2015:
UefiPxeBcDxe.lib(PxeBcBoot.obj) : error LNK2001: unresolved external
symbol __allmul
The cause is line 148 in file NetworkPkg\UefiPxeBcDxe\PxeBcBoot.c. The
third parameter for gBS->SetTimer() function is of type UINT64, so the
multiplication should use the MultU64x32() function now.
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Jiaxin Wu
Li, Songpeng
edk2-devel-bounces@lists.01.org
Laszlo Ersek
chenc2
Liming Gao
Fu Siyuan
Wang Fan
Song, BinX
Hao Wu
Michael D Kinney
hegdenag
Zhang Lubo
Thomas Huth
Gary Lin
Ye Ting