[PATCH v4 00/14] Introduce the lwIP network stack

Jerome Forissier jerome.forissier at linaro.org
Fri Jun 21 19:56:56 CEST 2024 


On 6/21/24 18:08, Tim Harvey wrote:
> On Fri, Jun 21, 2024 at 5:59 AM Jerome Forissier
> <jerome.forissier at linaro.org> wrote:
>>
>>
>>
>> On 6/20/24 19:10, Tim Harvey wrote:
>>> On Mon, Jun 17, 2024 at 8:33 AM Jerome Forissier
>>> <jerome.forissier at linaro.org> wrote:
>>>>
>>>> This is a rework of a patch series by Maxim Uvarov: "net/lwip: add lwip
>>>> library for the network stack" [1]. The goal is to introduce the lwIP TCP/IP
>>>> stack [2] [3] as an alternative to the current implementation in net/,
>>>> selectable with Kconfig, and ultimately keep only lwIP if possible. Some
>>>> reasons for doing so are:
>>>> - Make the support of HTTPS in the wget command easier. Javier T. (CC'd)
>>>> has some additional lwIP and Mbed TLS patches to do so. With that it
>>>> becomes possible to fetch and launch a distro installer such as Debian
>>>> etc. using a secure, authenticated connection directly from the U-Boot
>>>> shell. Several use cases:
>>>>   * Authentication: prevent MITM attack (third party replacing the
>>>> binary with a different one)
>>>>   * Confidentiality: prevent third parties from grabbing a copy of the
>>>> image as it is being downloaded
>>>>   * Allow connection to servers that do not support plain HTTP anymore
>>>> (this is becoming more and more common on the Internet these days)
>>>> - Possibly benefit from additional features implemented in lwIP
>>>> - Less code to maintain in U-Boot
>>>>
>>>> Prior to applying this series, the lwIP stack needs to be added as a
>>>> Git subtree with the following command:
>>>>
>>>>  $  git subtree add --squash --prefix lib/lwip/lwip https://git.savannah.gnu.org/git/lwip.git STABLE-2_2_0_RELEASE
>>>>
>>>> The first patch renames some enums in order to avoid a conflict when a
>>>> later patch enables the lwIP library.
>>>>
>>>> The second patch introduces a new Kconfig symbol: NET_LWIP, which selects
>>>> the lwIP implementation instead of the current one (NET). Contrary to the
>>>> approach chosen by Maxim in [1], NET_LWIP and NET cannot be enabled
>>>> simultaneously. The rationale is we want to start from a clean state and
>>>> not pull potentially duplicated functionality from both stacks. Note
>>>> however that a few files are still built in net/, they are the ones
>>>> related to ethernet device management and the ethernet bootflow.
>>>>
>>>> The third patch splits the net.h header into net-legacy.h, net-common.h,
>>>> net-lwip.h, leaving net.h as a simple wrapper.
>>>>
>>>> The fourth patch introduces the Makefile to build lwIP when NET_LWIP is
>>>> enabled.
>>>>
>>>> The subsequent patches implement various network-oriented commands and
>>>> features: dhcp, dns, ping, tftpboot, wget.
>>>>
>>>> A number of features are currently incompatible with NET_LWIP: SANDBOX,
>>>> DFU_TFTP, FASTBOOT, SPL_NET. All make assumptions on how the network
>>>> stack is implemented and/or pull sybols that are not trivially exported
>>>> from lwIP. Some interface rework may be needed.
>>>>
>>>> Due to the above and in order to provide some level of testing, a new QEMU
>>>> configuration is introduced (qemu_arm64_lwip_defconfig) which is the same
>>>> as qemu_arm64_defconfig but with NET_LWIP and CMD_*_LWIP enabled.
>>>> Tests are added to test/py/tests/test_net.py for that configuration.
>>>>
>>>
>>> Hi Jermone,
>>>
>>> I've given this a spin on an imx8mm-venice-gw73xx-0x via
>>> imx8mm_venice_defconfig and I can't get DHCP to work (didn't work in
>>> v3 either):
>>>
>>> $ diff defconfig configs/imx8mm_venice_defconfig
>>> 68,69c68,71
>>> < CONFIG_CMD_DNS_LWIP=y
>>> < CONFIG_CMD_WGET_LWIP=y
>>> ---
>>>> CONFIG_CMD_DHCP6=y
>>>> CONFIG_CMD_TFTPPUT=y
>>>> CONFIG_SYS_DISABLE_AUTOLOAD=y
>>>> CONFIG_CMD_WGET=y
>>> 88,90c90,94
>>> < CONFIG_NET_LWIP=y
>>> < CONFIG_LWIP_DEBUG=y
>>> < CONFIG_LWIP_ASSERT=y
>>> ---
>>>> CONFIG_NET_RANDOM_ETHADDR=y
>>>> CONFIG_IP_DEFRAG=y
>>>> CONFIG_TFTP_BLOCKSIZE=4096
>>>> CONFIG_PROT_TCP_SACK=y
>>>> CONFIG_IPV6=y
>>>
>>> Target:
>>> u-boot=> net list
>>> eth0 : ethernet at 30be0000 00:d0:12:b5:f8:41 active
>>> u-boot=> dhcp || echo fail
>>> eth0: ethernet at 30be0000 00:d0:12:b5:f8:41 active
>>> netif_set_ipaddr: netif address being changed
>>> netif: added interface 0 addr 192.168.1.1 netmask 0.0.0.0 gw 0.0.0.0
>>> etharp_request: sending ARP request.
>>> etharp_raw: sending raw ARP packet.
>>> ethernet_output: sending packet 000000007df00bf0
>>> dhcp_start(netif=000000007df2af40) 0dhcp_start(): mallocing new DHCP client
>>> dhcp_start(): allocated dhcp
>>> dhcp_start(): starting DHCP configuration
>>> dhcp_discover()
>>> transaction id xid(42021)
>>> dhcp_discover: making request
>>> dhcp_discover: sendto(DISCOVER, IP_ADDR_BROADCAST, LWIP_IANA_PORT_DHCP_SERVER)
>>> ip4_output_if: 0IP header:
>>> +-------------------------------+
>>> | 4 | 5 |  0x00 |       336     | (v, hl, tos, len)
>>> +-------------------------------+
>>> |        0      |000|       0   | (id, flags, offset)
>>> +-------------------------------+
>>> |  255  |   17  |    0xba9d     | (ttl, proto, chksum)
>>> +-------------------------------+
>>> |    0  |    0  |    0  |    0  | (src)
>>> +-------------------------------+
>>> |  255  |  255  |  255  |  255  | (dest)
>>> +-------------------------------+
>>> ip4_output_if: call netif->output()
>>> ethernet_output: sending packet 000000007df2c010
>>> dhcp_discover: deleting()
>>> dhcp_discover: SELECTING
>>> dhcp_discover(): set request timeout 2000 msecs
>>> ethernet_input: dest:ff:ff:ff:ff:ff:ff, src:28:28:5d:bb:16:9f, type:8899
>>> ethernet_input: dest:ff:ff:ff:ff:ff:ff, src:00:27:0e:0d:74:ba, type:806
>>> etharp_update_arp_entry: 172.24.20.24 - 00:27:0e:0d:74:ba
>>> etharp_find_entry: found empty entry 0
>>> etharp_find_entry: no empty entry found and not allowed to recycle
>>> etharp_input: incoming ARP request
>>> etharp_input: ARP request was not for us.
>>> ethernet_input: dest:ff:ff:ff:ff:ff:ff, src:98:90:96:ac:d7:63, type:806
>>> etharp_update_arp_entry: 172.24.20.3 - 98:90:96:ac:d7:63
>>> etharp_find_entry: found empty entry 0
>>> etharp_find_entry: no empty entry found and not allowed to recycle
>>> etharp_input: incoming ARP request
>>> etharp_input: ARP request was not for us.
>>> ethernet_input: dest:ff:ff:ff:ff:ff:ff, src:84:2b:2b:4e:5a:9a, type:806
>>> etharp_update_arp_entry: 172.24.0.1 - 84:2b:2b:4e:5a:9a
>>> etharp_find_entry: found empty entry 0
>>> etharp_find_entry: no empty entry found and not allowed to recycle
>>> etharp_input: incoming ARP request
>>> etharp_input: ARP request was not for us.
>>> ethernet_input: dest:ff:ff:ff:ff:ff:ff, src:cc:96:e5:1e:a0:7b, type:800
>>> ip_input: iphdr->dest 0xffff1fac netif->ip_addr 0x101a8c0 (0x0, 0x0, 0xffff1fac)
>>> ip4_input: UDP packet to DHCP client port 138
>>> ip4_input: packet not for us.
>>
>> That's weird. I think what could happen is the interface already has
>> a static IP assigned when it is registered to the lwIP stack and thus
>> DHCP never receives the packed because it is dropped before.
>> I have reworked the initialization code in v5, lwIP will get to know
>> only one interface at a time and I make sure that interface is registered
>> without an IP address when doing DHCP. Hopefully that should fix the issue.
>>
>> Thanks for testing!
>>
> 
> I tried your to-upstream/v5-wip branch
> (042bea36eb9731079a3d7afffe3774d79e06ac5d) and it behaves the same. Do
> you have something else to try/test?

Not at the moment, unfortunately. I'll take a closer look at what this
message "packet not for us" means on Monday.

Thanks,
-- 
Jerome

> 
> Best Regards,
> 
> Tim

More information about the U-Boot mailing list