At present dm/device.h includes the linux-compatible features. This
requires including linux/compat.h which in turn includes a lot of headers.
One of these is malloc.h which we thus end up including in every file in
U-Boot. Apart from the inefficiency of this, it is problematic for sandbox
which needs to use the system malloc() in some files.
Move the compatibility features into a separate header file.
Signed-off-by: Simon Glass <sjg@chromium.org>
These global variables are quite short and generic. In fact the same name
is more often used locally for struct members and function arguments.
Add a image_ prefix to make them easier to distinguish.
Signed-off-by: Simon Glass <sjg@chromium.org>
This function belongs more in flash.h than common.h so move it.
Also remove the space before the bracket in some calls.
Signed-off-by: Simon Glass <sjg@chromium.org>
These functions are used by code outside the network support, so move them
to lib/ to be more accessible.
Without this, the functions are only accessible in SPL/TPL only if
CONFIG_SPL/TPL_NET are defined. Many boards do not enable those option but
still want to do checksums in this format.
Fix up a few code-style nits while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
The function connects an ethernet device to a PHY using DT information.
This API is only available for eth devices with an associated device tree
node.
Signed-off-by: Alex Marginean <alexandru.marginean@nxp.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Renamed dm_mdio_phy_connect arguments dev to mdiodev and addr to phyaddr
for a bit more clarity and consistency with the following patches.
Also use NULL instead of 0 on error return path.
Signed-off-by: Alex Marginean <alexandru.marginean@nxp.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Commit b618b37076 ("net: Convert CONFIG_TFTP_BLOCKSIZE to Kconfig")
accidentally set the default *option* TFTP block size to 512 bytes, even
though the comment in the code says that this is a terrible choice. Most
boards didn't define the symbol before, so they got the default block size
of 1468 bytes before, but now use 512 bytes, which is also the fallback.
This leads to both abysmal performance and a lot of hashes printed
on the screen (one character for every 5K), which is both annoying and
slow over serial links.
Set the default block size in Kconfig back to the value it had before.
This improves TFTP performance from 2.8 MB/s to 6.9 MB/s on a Pine64.
Fixes: b618b37076 ("net: Convert CONFIG_TFTP_BLOCKSIZE to Kconfig")
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
device_probe() may fail in which case the seq_id will be -1. Don't
display these devices during startup. While this is only a cosmetic
change, the return value of eth_initialize() will also change to the
actual number of available devices. The return value is only used in
spl_net to decide whether there are any devices to boot from. So
returning only available devices is also more correct in that case.
Signed-off-by: Michael Walle <michael@walle.cc>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
During testing of qemu-riscv32 with a 2GiB memory configuration,
tftp always fails with a error message:
Load address: 0x84000000
Loading: #
TFTP error: trying to overwrite reserved memory...
It turns out the result of 'tftp_load_addr + tftp_load_size' just
overflows (0x100000000) and the test logic in store_block() fails.
Fix this by adjusting the end address to ULONG_MAX when overflow
is detected.
Fixes: a156c47e39 ("tftp: prevent overwriting reserved memory")
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
sandbox_defconfig does not compile using GCC 9.2.1:
net/net.c: In function ‘net_process_received_packet’:
net/net.c:1288:23: error: taking address of packed member of ‘struct
ip_udp_hdr’ may result in an unaligned pointer value
[-Werror=address-of-packed-member]
1288 | sumptr = (ushort *)&(ip->udp_src);
| ^~~~~~~~~~~~~~
Avoid the error by using a u8 pointer instead of an u16 pointer and
in-lining ntohs().
Simplify the checksumming of the last message byte.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
While we have networking use cases within SPL we do not support loading
files via NFS at this point in time. Disable calling nfs_start() so
that the NFS related code can be garbage collected at link time.
Signed-off-by: Tom Rini <trini@konsulko.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Part of the env cleanup moved this out of the environment code and into
the net code. However, this helper is sometimes needed even when the net
stack isn't included.
Move the helper to lib/net_utils.c like it's similarly-purposed
string_to_ip(). Also rename the moved function to similar naming.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Reported-by: Ondrej Jirman <megous@megous.com>
This function belongs in time.h so move it over and add a comment.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Create a new rand.h header file and move functions into it, to reduce
the size of common.h
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
With GCC 9.2.1 net/nfs.c leads to multiple errors of type
address-of-packed-member.
net/nfs.c: In function ‘rpc_req’:
net/nfs.c:199:18: error: taking address of packed member of
‘struct rpc_t’ may result in an unaligned pointer value
[-Werror=address-of-packed-member]
199 | p = (uint32_t *)&(rpc_pkt.u.call.data);
| ^~~~~~~~~~~~~~~~~~~~~~
net/nfs.c: In function ‘nfs_readlink_reply’:
net/nfs.c:631:46: error: taking address of packed member of
‘struct rpc_t’ may result in an unaligned pointer value
[-Werror=address-of-packed-member]
631 | nfs3_get_attributes_offset(rpc_pkt.u.reply.data);
| ~~~~~~~~~~~~~~~^~~~~
LD drivers/block/built-in.o
net/nfs.c: In function ‘nfs_read_reply’:
net/nfs.c:692:46: error: taking address of packed member of
‘struct rpc_t’ may result in an unaligned pointer value
[-Werror=address-of-packed-member]
692 | nfs3_get_attributes_offset(rpc_pkt.u.reply.data);
| ~~~~~~~~~~~~~~~^~~~~
struct rpc_t is only used as local variable. It is naturally packed. So
there is no need for the attribute packed.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
rpc_pkt.u.call.data is an array of uint32_t. There is no need to convert
it to uint32_t *.
memcpy() expects void * as it 1st and 2nd argument. There is no point in
converting pointers to char * before passing them to memcpy().
In ntohl(data[1]) != 0 calling ntohl() is superfluous. If the value is
zero, does not depend on the byte order.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
This patch adds a check to rpc_pkt.u.reply.data at nfs_lookup_reply.
Signed-off-by: Cheng Liu <liucheng32@huawei.com>
Reported-by: Fermín Serna <fermin@semmle.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
This patch adds a check to rpc_pkt.u.reply.data at nfs_readlink_reply.
Signed-off-by: Cheng Liu <liucheng32@huawei.com>
Reported-by: Fermín Serna <fermin@semmle.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
This patch adds a check to rpc_pkt.u.reply.data at nfs_read_reply.
Signed-off-by: Cheng Liu <liucheng32@huawei.com>
Reported-by: Fermín Serna <fermin@semmle.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
This patch adds a check to nfs_handler to fix buffer overflow for CVE-2019-14197,
CVE-2019-14200, CVE-2019-14201, CVE-2019-14202, CVE-2019-14203 and CVE-2019-14204.
Signed-off-by: Cheng Liu <liucheng32@huawei.com>
Reported-by: Fermín Serna <fermin@semmle.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
This patch adds a check to udp_len to fix unbounded memcpy for
CVE-2019-14192, CVE-2019-14193 and CVE-2019-14199.
Signed-off-by: Cheng Liu <liucheng32@huawei.com>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Reported-by: Fermín Serna <fermin@semmle.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Use the optional property device-name to name the MDIO bus. This works
around limitations with using the DT node name on devices such as
Armada-8040, which integrates two cp100 cores, both featuring MDIOs at the
same relative offsets and with the same DT node names.
The concept was originally proposed by Marvell as a custom property called
mdio-name specific to Marvell driver. This patch uses the more generic
property device-name and moves this into MDIO class code so other can use
it as well.
Signed-off-by: Alex Marginean <alexm.osslist@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Add support for capturing ethernet packets and storing
them in memory in PCAP(2.4) format, later to be analyzed by
any PCAP viewer software (IE. Wireshark)
This feature greatly assist debugging network issues such
as detecting dropped packets, packet corruption etc.
Signed-off-by: Ramon Fried <rfried.dev@gmail.com>
Reviewed-by: Alex Marginean <alexm.osslist@gmail.com>
Tested-by: Alex Marginean <alexm.osslist@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
This file contains lots of internal details about the environment. Most
code can include env.h instead, calling the functions there as needed.
Rename this file and add a comment at the top to indicate its internal
nature.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
[trini: Fixup apalis-tk1.c]
Signed-off-by: Tom Rini <trini@konsulko.com>
This header file is now only used by files that access internal
environment features. Drop it from various places where it is not needed.
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
This function fits better with the network subsystem, so move it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Joe Hershberger <joe.hershberger@ni.com>
Move env_set_hex() over to the new header file along with env_set_addr()
which uses it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Move this function over to the new header file. Also rename it to have an
env_ prefix like the other functions.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Adds a class for MDIO MUXes, which control access to a series of
downstream child MDIOs.
MDIO MUX drivers are required to implement a select function used to switch
between child buses.
MUX children are registered as MDIO buses and they can be used just like
regular MDIOs.
Signed-off-by: Alex Marginean <alexm.osslist@gmail.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Adds UCLASS_MDIO DM class supporting MDIO buses that are probed as
stand-alone devices. Useful in particular for systems that support
DM_ETH and have a stand-alone MDIO hardware block shared by multiple
Ethernet interfaces.
Signed-off-by: Alex Marginean <alexm.osslist@gmail.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Convert CONFIG_TFTP_BLOCKSIZE to Kconfig, update defconfigs,
headers and whitelist.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Christian Gmeiner <christian.gmeiner@gmail.com>
Cc: Joe Hershberger <joe.hershberger@ni.com>
Convert CONFIG_IP_DEFRAG to Kconfig, update defconfigs, headers
and whitelist. This patch is a follow-up on a patch by Christian
Gmeiner with the added config/header/whitelist updates.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Reported-by: Christian Gmeiner <christian.gmeiner@gmail.com>
Cc: Joe Hershberger <joe.hershberger@ni.com>
Add the standard Ethernet device tree bindings (imported from v5.0 of
the Linux kernel) and implement support for reading the MAC address for
Ethernet devices in the Ethernet uclass. If the "mac-address" property
exists, the MAC address will be parsed from that. If that property does
not exist, the "local-mac-address" property will be tried as fallback.
MAC addresses from device tree take precedence over the ones stored in
a network interface card's ROM.
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: Grygorii Strashko <grygorii.strashko@ti.com>
Signed-off-by: Thierry Reding <treding@nvidia.com>
In order for the device to use the proper MAC address, which can have
been configured in the environment prior to the device being registered,
ensure that the MAC address is written after the device has been probed.
For devices that are registered before the network stack is initialized,
this is already done during eth_initialize(). If the Ethernet device is
on a bus that is not initialized on early boot, such as PCI, the device
is not available at the time eth_initialize() is called, so we need the
MAC address programming to also happen after probe.
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Signed-off-by: Thierry Reding <treding@nvidia.com>
This fixes the automatic lmb initialization and reservation for boards
with more than one DRAM bank.
This fixes the CVE-2018-18439 and -18440 fixes that only allowed to load
files into the firs DRAM bank from fs and via tftp.
Found-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
As a follow-up, change the name of the newly introduced function
'lmb_get_unreserved_size' to 'lmb_get_free_size', which is more
appropriate.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
[trini: Fix test/lib/lmb.c]
Signed-off-by: Tom Rini <trini@konsulko.com>
No mainline board enables CONFIG_MCAST_TFTP and there have been
compilation issues with the code for some time. Additionally, it has a
potential buffer underrun issue (reported as a side note in
CVE-2018-18439).
Remove the multicast TFTP code but keep the driver API for the future
addition of IPv6.
Cc: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
ether_crc was added to the core net code in commit 53a5c424bf
("multicast tftp: RFC2090") so that other drivers could use it. However
the only current user of it is tsec.c so move it there.
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
When dealing with two ethernet ports and having "netretry" set
to "once", it could occur that the connection (e.g. an ARP
request) failed, hence the status of the netloop was
"NETLOOP_FAIL". Due to the setting of "netretry", the network
logic would then switch to the other network interface,
assigning "ret" with the return value of "net_start_again()".
If this call succeeded we would return 0 (i.e. success) to
the caller when in reality the network action failed.
Signed-off-by: Thomas RIENOESSL <thomas.rienoessl@bachmann.info>
Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
This fixes CVE-2018-18439 ("insufficient boundary checks in network
image boot") by using lmb to check for a valid range to store
received blocks.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
[trini: Always build lib/lmb.o on LMB and lib/fdtdec.o on OF_LIBFDT]
Signed-off-by: Tom Rini <trini@konsulko.com>
Make it possible to add TCP versions of the same, while reusing
IP portions. This patch should not change any behavior.
Signed-off-by: Duncan Hare <DH@Synoia.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Peter originally sent a fix, but it breaks a number of other things.
This addresses the original reported issue in a different way.
That report was:
> U-Boot has 1 common buffer to send Ethernet frames, pointed to by
> net_tx_packet. When sending to an IP address without knowing the MAC
> address, U-Boot makes an ARP request (using the arp_tx_packet buffer)
> to find out the MAC address of the IP addressr. When a matching ARP
> reply is received, U-Boot continues sending the frame stored in the
> net_tx_packet buffer.
>
> However, in the mean time, if U-Boot needs to send out any network
> packets (e.g. replying ping packets or ARP requests for its own IP
> address etc.), it will use the net_tx_packet buffer to prepare the
> new packet. Thus this buffer is no longer the original packet meant
> to be transmitted after the ARP reply. The original packet will be
> lost.
This instead uses the ARP tx buffer to send async replies in the case
where we are actively waiting for an ARP reply.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Reported-by: Tran Tien Dat <peter.trantiendat@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>