[PATCH v7 00/20] Introduce the lwIP network stack
Tom Rini
trini at konsulko.com
Mon Aug 5 20:20:22 CEST 2024
On Mon, Aug 05, 2024 at 08:18:09PM +0200, Jerome Forissier wrote:
>
>
> On 8/2/24 20:32, Tom Rini wrote:
> > On Fri, Aug 02, 2024 at 06:26:27PM +0200, Jerome Forissier wrote:
> >
> >> This is a rework of a patch series by Maxim Uvarov: "net/lwip: add lwip
> >> library for the network stack" [1]. The goal is to introduce the lwIP TCP/IP
> >> stack [2] [3] as an alternative to the current implementation in net/,
> >> selectable with Kconfig, and ultimately keep only lwIP if possible. Some
> >> reasons for doing so are:
> >> - Make the support of HTTPS in the wget command easier. Javier T. and
> >> Raymond M. (CC'd) have some additional lwIP and Mbed TLS patches to do
> >> so. With that it becomes possible to fetch and launch a distro installer
> >> such as Debian etc. using a secure, authenticated connection directly
> >> from the U-Boot shell. Several use cases:
> >> * Authentication: prevent MITM attack (third party replacing the
> >> binary with a different one)
> >> * Confidentiality: prevent third parties from grabbing a copy of the
> >> image as it is being downloaded
> >> * Allow connection to servers that do not support plain HTTP anymore
> >> (this is becoming more and more common on the Internet these days)
> >> - Possibly benefit from additional features implemented in lwIP
> >> - Less code to maintain in U-Boot
> >>
> >> Prior to applying this series, the lwIP stack needs to be added as a
> >> Git subtree with the following command:
> >>
> >> $ git subtree add --squash --prefix lib/lwip/lwip https://git.savannah.gnu.org/git/lwip.git STABLE-2_2_0_RELEASE
> >
> > On Pi 3 I'm again / still seeing:
> > ========================================== FAILURES ===========================================
> > ___________________________________ test_efi_helloworld_net ___________________________________
> > test/py/tests/test_efi_loader.py:163: in test_efi_helloworld_net
> > assert expected_text in output
> > E AssertionError: assert 'Hello, world' in 'No UEFI binary known at 200000'
> > ------------------------------------ Captured stdout call -------------------------------------
> > U-Boot> tftpboot 200000 EFI/arm64/helloworld.efi
> > Using smsc95xx_eth device
> > TFTP from server 192.168.1.10; our IP address is 192.168.1.100
> > Filename 'EFI/arm64/helloworld.efi'.
> > Load address: 0x200000
> > Loading: #
> > 883.8 KiB/s
> > done
> > Bytes transferred = 4528 (11b0 hex)
> > U-Boot> U-Boot> crc32 200000 $filesize
> > crc32 for 00200000 ... 002011af ==> 2b466005
> > U-Boot> U-Boot> bootefi 200000
> > No UEFI binary known at 200000
> > U-Boot>
> > =================================== short test summary info ===================================
> >
> > On a configuration that works fine with the legacy network stack.
> >
>
> That was caused by a missing call to efi_set_bootdev() in tftp_loop()
> (net/lwip/tftp.c). Fixed in v8.
Thanks.
> I also fixed a similar issue with wget (net/lwip/wget.c) but I
> noticed that the NET version of wget has the same issue:
>
> U-Boot> wget 200000 192.168.0.30:helloworld.efi
> Waiting for Ethernet connection... done.
> HTTP/1.0 200 OK
> Packets received 13, Transfer Successful
> Bytes transferred = 12720 (31b0 hex)
> U-Boot> bootefi 200000
> No UEFI binary known at 200000
> U-Boot>
>
> Should I also fix it in the same way? Or did I miss something? How
> are you supposed to boot an EFI image downloaded via wget?
A lack of tests for wget + EFI is how we got here, so thanks for finding
the bug. For the sake of cleaner tests, can you please fix the legacy
one as well, and add a test similar to the tftp one, but for wget?
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20240805/27098656/attachment-0001.sig>
More information about the U-Boot
mailing list