u-boot.git/net, branch v2019.07 Unnamed repository; edit this file 'description' to name the repository. net: Convert CONFIG_TFTP_BLOCKSIZE to Kconfig 2019-06-14T20:10:36+00:00 Marek Vasut marek.vasut@gmail.com 2019-06-11T02:51:15+00:00 b618b3707633d4e345104b345c382b5e3bfcbe52 Convert CONFIG_TFTP_BLOCKSIZE to Kconfig, update defconfigs, headers and whitelist. Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com> Cc: Christian Gmeiner <christian.gmeiner@gmail.com> Cc: Joe Hershberger <joe.hershberger@ni.com> 
Convert CONFIG_TFTP_BLOCKSIZE to Kconfig, update defconfigs,
headers and whitelist.

Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Christian Gmeiner <christian.gmeiner@gmail.com>
Cc: Joe Hershberger <joe.hershberger@ni.com>
net: Convert CONFIG_IP_DEFRAG to Kconfig 2019-06-14T20:03:56+00:00 Marek Vasut marek.vasut@gmail.com 2019-06-11T02:51:14+00:00 3f6bcdf6a5b315e99b878212219a99e8df177112 Convert CONFIG_IP_DEFRAG to Kconfig, update defconfigs, headers and whitelist. This patch is a follow-up on a patch by Christian Gmeiner with the added config/header/whitelist updates. Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com> Reported-by: Christian Gmeiner <christian.gmeiner@gmail.com> Cc: Joe Hershberger <joe.hershberger@ni.com> 
Convert CONFIG_IP_DEFRAG to Kconfig, update defconfigs, headers
and whitelist. This patch is a follow-up on a patch by Christian
Gmeiner with the added config/header/whitelist updates.

Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Reported-by: Christian Gmeiner <christian.gmeiner@gmail.com>
Cc: Joe Hershberger <joe.hershberger@ni.com>
net: eth-uclass: Support device tree MAC addresses 2019-06-01T18:33:17+00:00 Thierry Reding treding@nvidia.com 2019-05-20T15:59:57+00:00 379af67ab3ba1a16e032c8d082fe85efa4bf21fe Add the standard Ethernet device tree bindings (imported from v5.0 of the Linux kernel) and implement support for reading the MAC address for Ethernet devices in the Ethernet uclass. If the "mac-address" property exists, the MAC address will be parsed from that. If that property does not exist, the "local-mac-address" property will be tried as fallback. MAC addresses from device tree take precedence over the ones stored in a network interface card's ROM. Acked-by: Joe Hershberger <joe.hershberger@ni.com> Reviewed-by: Grygorii Strashko <grygorii.strashko@ti.com> Signed-off-by: Thierry Reding <treding@nvidia.com> 
Add the standard Ethernet device tree bindings (imported from v5.0 of
the Linux kernel) and implement support for reading the MAC address for
Ethernet devices in the Ethernet uclass. If the "mac-address" property
exists, the MAC address will be parsed from that. If that property does
not exist, the "local-mac-address" property will be tried as fallback.

MAC addresses from device tree take precedence over the ones stored in
a network interface card's ROM.

Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: Grygorii Strashko <grygorii.strashko@ti.com>
Signed-off-by: Thierry Reding <treding@nvidia.com>
net: eth-uclass: Write MAC address to hardware after probe 2019-06-01T18:33:16+00:00 Thierry Reding treding@nvidia.com 2019-05-20T15:59:56+00:00 b743bbd2ebec440f42b44392b7dc4f79a9f588cf In order for the device to use the proper MAC address, which can have been configured in the environment prior to the device being registered, ensure that the MAC address is written after the device has been probed. For devices that are registered before the network stack is initialized, this is already done during eth_initialize(). If the Ethernet device is on a bus that is not initialized on early boot, such as PCI, the device is not available at the time eth_initialize() is called, so we need the MAC address programming to also happen after probe. Acked-by: Joe Hershberger <joe.hershberger@ni.com> Signed-off-by: Thierry Reding <treding@nvidia.com> 
In order for the device to use the proper MAC address, which can have
been configured in the environment prior to the device being registered,
ensure that the MAC address is written after the device has been probed.
For devices that are registered before the network stack is initialized,
this is already done during eth_initialize(). If the Ethernet device is
on a bus that is not initialized on early boot, such as PCI, the device
is not available at the time eth_initialize() is called, so we need the
MAC address programming to also happen after probe.

Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Signed-off-by: Thierry Reding <treding@nvidia.com>
lmb: handle more than one DRAM BANK 2019-02-02T13:19:17+00:00 Simon Goldschmidt simon.k.r.goldschmidt@gmail.com 2019-01-26T21:13:04+00:00 9cc2323feebdde500f50f7abb855045dbde765cb This fixes the automatic lmb initialization and reservation for boards with more than one DRAM bank. This fixes the CVE-2018-18439 and -18440 fixes that only allowed to load files into the firs DRAM bank from fs and via tftp. Found-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com> Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org> 
This fixes the automatic lmb initialization and reservation for boards
with more than one DRAM bank.

This fixes the CVE-2018-18439 and -18440 fixes that only allowed to load
files into the firs DRAM bank from fs and via tftp.

Found-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
lib: lmb: rename lmb_get_unreserved_size to lmb_get_free_size 2019-01-26T13:13:57+00:00 Simon Goldschmidt simon.k.r.goldschmidt@gmail.com 2019-01-21T19:29:55+00:00 65304aade8041c03859d0f7b210f2e2a4d46bec0 As a follow-up, change the name of the newly introduced function 'lmb_get_unreserved_size' to 'lmb_get_free_size', which is more appropriate. Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com> [trini: Fix test/lib/lmb.c] Signed-off-by: Tom Rini <trini@konsulko.com> 
As a follow-up, change the name of the newly introduced function
'lmb_get_unreserved_size' to 'lmb_get_free_size', which is more
appropriate.

Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
[trini: Fix test/lib/lmb.c]
Signed-off-by: Tom Rini <trini@konsulko.com>
net: remove CONFIG_MCAST_TFTP 2019-01-24T17:35:30+00:00 Chris Packham judge.packham@gmail.com 2018-11-26T08:00:29+00:00 67bb984249442378ebb6a0eb68b6b0dd67dfbe72 No mainline board enables CONFIG_MCAST_TFTP and there have been compilation issues with the code for some time. Additionally, it has a potential buffer underrun issue (reported as a side note in CVE-2018-18439). Remove the multicast TFTP code but keep the driver API for the future addition of IPv6. Cc: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com> Signed-off-by: Chris Packham <judge.packham@gmail.com> Acked-by: Joe Hershberger <joe.hershberger@ni.com> 
No mainline board enables CONFIG_MCAST_TFTP and there have been
compilation issues with the code for some time. Additionally, it has a
potential buffer underrun issue (reported as a side note in
CVE-2018-18439).

Remove the multicast TFTP code but keep the driver API for the future
addition of IPv6.

Cc: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
net: move ether_crc to tsec driver 2019-01-24T17:35:29+00:00 Chris Packham judge.packham@gmail.com 2018-11-26T08:00:28+00:00 1a4af5c562fdb9f5a884a53f136f2b2075ffd1d8 ether_crc was added to the core net code in commit 53a5c424bf86 ("multicast tftp: RFC2090") so that other drivers could use it. However the only current user of it is tsec.c so move it there. Signed-off-by: Chris Packham <judge.packham@gmail.com> Acked-by: Joe Hershberger <joe.hershberger@ni.com> 
ether_crc was added to the core net code in commit 53a5c424bf86
("multicast tftp: RFC2090") so that other drivers could use it. However
the only current user of it is tsec.c so move it there.

Signed-off-by: Chris Packham <judge.packham@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
net: explicitly assign errno to return code in case of network failure 2019-01-24T17:35:28+00:00 Thomas RIENOESSL thomas.rienoessl@bachmann.info 2018-11-21T14:56:07+00:00 a735e6e9d639114d67e4440f9e051a89d2094118 When dealing with two ethernet ports and having "netretry" set to "once", it could occur that the connection (e.g. an ARP request) failed, hence the status of the netloop was "NETLOOP_FAIL". Due to the setting of "netretry", the network logic would then switch to the other network interface, assigning "ret" with the return value of "net_start_again()". If this call succeeded we would return 0 (i.e. success) to the caller when in reality the network action failed. Signed-off-by: Thomas RIENOESSL <thomas.rienoessl@bachmann.info> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com> Acked-by: Joe Hershberger <joe.hershberger@ni.com> 
When dealing with two ethernet ports and having "netretry" set
to "once", it could occur that the connection (e.g. an ARP
request) failed, hence the status of the netloop was
"NETLOOP_FAIL". Due to the setting of "netretry", the network
logic would then switch to the other network interface,
assigning "ret" with the return value of "net_start_again()".
If this call succeeded we would return 0 (i.e. success) to
the caller when in reality the network action failed.

Signed-off-by: Thomas RIENOESSL <thomas.rienoessl@bachmann.info>
Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
tftp: prevent overwriting reserved memory 2019-01-17T04:15:53+00:00 Simon Goldschmidt simon.k.r.goldschmidt@gmail.com 2019-01-14T21:38:22+00:00 a156c47e39ad7d007c88919103ee0ee131c6203b This fixes CVE-2018-18439 ("insufficient boundary checks in network image boot") by using lmb to check for a valid range to store received blocks. Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com> Acked-by: Joe Hershberger <joe.hershberger@ni.com> [trini: Always build lib/lmb.o on LMB and lib/fdtdec.o on OF_LIBFDT] Signed-off-by: Tom Rini <trini@konsulko.com> 
This fixes CVE-2018-18439 ("insufficient boundary checks in network
image boot") by using lmb to check for a valid range to store
received blocks.

Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
[trini: Always build lib/lmb.o on LMB and lib/fdtdec.o on OF_LIBFDT]
Signed-off-by: Tom Rini <trini@konsulko.com>