1 /*
2  *	Based on LiMon - BOOTP.
3  *
4  *	Copyright 1994, 1995, 2000 Neil Russell.
5  *	(See License)
6  *	Copyright 2000 Roland Borde
7  *	Copyright 2000 Paolo Scaffardi
8  *	Copyright 2000-2004 Wolfgang Denk, wd@denx.de
9  */
10 
11 #include <common.h>
12 #include <command.h>
13 #include <efi_loader.h>
14 #include <net.h>
15 #include <net/tftp.h>
16 #include "bootp.h"
17 #ifdef CONFIG_LED_STATUS
18 #include <status_led.h>
19 #endif
20 #ifdef CONFIG_BOOTP_RANDOM_DELAY
21 #include "net_rand.h"
22 #endif
23 
24 #define BOOTP_VENDOR_MAGIC	0x63825363	/* RFC1048 Magic Cookie */
25 
26 /*
27  * The timeout for the initial BOOTP/DHCP request used to be described by a
28  * counter of fixed-length timeout periods. TIMEOUT_COUNT represents
29  * that counter
30  *
31  * Now that the timeout periods are variable (exponential backoff and retry)
32  * we convert the timeout count to the absolute time it would have take to
33  * execute that many retries, and keep sending retry packets until that time
34  * is reached.
35  */
36 #ifndef CONFIG_NET_RETRY_COUNT
37 # define TIMEOUT_COUNT	5		/* # of timeouts before giving up */
38 #else
39 # define TIMEOUT_COUNT	(CONFIG_NET_RETRY_COUNT)
40 #endif
41 #define TIMEOUT_MS	((3 + (TIMEOUT_COUNT * 5)) * 1000)
42 
43 #define PORT_BOOTPS	67		/* BOOTP server UDP port */
44 #define PORT_BOOTPC	68		/* BOOTP client UDP port */
45 
46 #ifndef CONFIG_DHCP_MIN_EXT_LEN		/* minimal length of extension list */
47 #define CONFIG_DHCP_MIN_EXT_LEN 64
48 #endif
49 
50 #ifndef CONFIG_BOOTP_ID_CACHE_SIZE
51 #define CONFIG_BOOTP_ID_CACHE_SIZE 4
52 #endif
53 
54 u32		bootp_ids[CONFIG_BOOTP_ID_CACHE_SIZE];
55 unsigned int	bootp_num_ids;
56 int		bootp_try;
57 ulong		bootp_start;
58 ulong		bootp_timeout;
59 char net_nis_domain[32] = {0,}; /* Our NIS domain */
60 char net_hostname[32] = {0,}; /* Our hostname */
61 char net_root_path[64] = {0,}; /* Our bootpath */
62 
63 static ulong time_taken_max;
64 
65 #if defined(CONFIG_CMD_DHCP)
66 static dhcp_state_t dhcp_state = INIT;
67 static u32 dhcp_leasetime;
68 static struct in_addr dhcp_server_ip;
69 static u8 dhcp_option_overload;
70 #define OVERLOAD_FILE 1
71 #define OVERLOAD_SNAME 2
72 static void dhcp_handler(uchar *pkt, unsigned dest, struct in_addr sip,
73 			unsigned src, unsigned len);
74 
75 /* For Debug */
76 #if 0
77 static char *dhcpmsg2str(int type)
78 {
79 	switch (type) {
80 	case 1:	 return "DHCPDISCOVER"; break;
81 	case 2:	 return "DHCPOFFER";	break;
82 	case 3:	 return "DHCPREQUEST";	break;
83 	case 4:	 return "DHCPDECLINE";	break;
84 	case 5:	 return "DHCPACK";	break;
85 	case 6:	 return "DHCPNACK";	break;
86 	case 7:	 return "DHCPRELEASE";	break;
87 	default: return "UNKNOWN/INVALID MSG TYPE"; break;
88 	}
89 }
90 #endif
91 #endif
92 
bootp_add_id(ulong id)93 static void bootp_add_id(ulong id)
94 {
95 	if (bootp_num_ids >= ARRAY_SIZE(bootp_ids)) {
96 		size_t size = sizeof(bootp_ids) - sizeof(id);
97 
98 		memmove(bootp_ids, &bootp_ids[1], size);
99 		bootp_ids[bootp_num_ids - 1] = id;
100 	} else {
101 		bootp_ids[bootp_num_ids] = id;
102 		bootp_num_ids++;
103 	}
104 }
105 
bootp_match_id(ulong id)106 static bool bootp_match_id(ulong id)
107 {
108 	unsigned int i;
109 
110 	for (i = 0; i < bootp_num_ids; i++)
111 		if (bootp_ids[i] == id)
112 			return true;
113 
114 	return false;
115 }
116 
check_reply_packet(uchar * pkt,unsigned dest,unsigned src,unsigned len)117 static int check_reply_packet(uchar *pkt, unsigned dest, unsigned src,
118 			      unsigned len)
119 {
120 	struct bootp_hdr *bp = (struct bootp_hdr *)pkt;
121 	int retval = 0;
122 
123 	if (dest != PORT_BOOTPC || src != PORT_BOOTPS)
124 		retval = -1;
125 	else if (len < sizeof(struct bootp_hdr) - OPT_FIELD_SIZE)
126 		retval = -2;
127 	else if (bp->bp_op != OP_BOOTREPLY)
128 		retval = -3;
129 	else if (bp->bp_htype != HWT_ETHER)
130 		retval = -4;
131 	else if (bp->bp_hlen != HWL_ETHER)
132 		retval = -5;
133 	else if (!bootp_match_id(net_read_u32(&bp->bp_id)))
134 		retval = -6;
135 	else if (memcmp(bp->bp_chaddr, net_ethaddr, HWL_ETHER) != 0)
136 		retval = -7;
137 
138 	debug("Filtering pkt = %d\n", retval);
139 
140 	return retval;
141 }
142 
143 /*
144  * Copy parameters of interest from BOOTP_REPLY/DHCP_OFFER packet
145  */
store_net_params(struct bootp_hdr * bp)146 static void store_net_params(struct bootp_hdr *bp)
147 {
148 #if !defined(CONFIG_BOOTP_SERVERIP)
149 	struct in_addr tmp_ip;
150 	bool overwrite_serverip = true;
151 
152 #if defined(CONFIG_BOOTP_PREFER_SERVERIP)
153 	overwrite_serverip = false;
154 #endif
155 
156 	net_copy_ip(&tmp_ip, &bp->bp_siaddr);
157 	if (tmp_ip.s_addr != 0 && (overwrite_serverip || !net_server_ip.s_addr))
158 		net_copy_ip(&net_server_ip, &bp->bp_siaddr);
159 	memcpy(net_server_ethaddr,
160 	       ((struct ethernet_hdr *)net_rx_packet)->et_src, 6);
161 	if (
162 #if defined(CONFIG_CMD_DHCP)
163 	    !(dhcp_option_overload & OVERLOAD_FILE) &&
164 #endif
165 	    (strlen(bp->bp_file) > 0) &&
166 	    !net_boot_file_name_explicit) {
167 		copy_filename(net_boot_file_name, bp->bp_file,
168 			      sizeof(net_boot_file_name));
169 	}
170 
171 	debug("net_boot_file_name: %s\n", net_boot_file_name);
172 
173 	/* Propagate to environment:
174 	 * don't delete exising entry when BOOTP / DHCP reply does
175 	 * not contain a new value
176 	 */
177 	if (*net_boot_file_name)
178 		env_set("bootfile", net_boot_file_name);
179 #endif
180 	net_copy_ip(&net_ip, &bp->bp_yiaddr);
181 }
182 
truncate_sz(const char * name,int maxlen,int curlen)183 static int truncate_sz(const char *name, int maxlen, int curlen)
184 {
185 	if (curlen >= maxlen) {
186 		printf("*** WARNING: %s is too long (%d - max: %d)"
187 			" - truncated\n", name, curlen, maxlen);
188 		curlen = maxlen - 1;
189 	}
190 	return curlen;
191 }
192 
193 #if !defined(CONFIG_CMD_DHCP)
194 
bootp_process_vendor_field(u8 * ext)195 static void bootp_process_vendor_field(u8 *ext)
196 {
197 	int size = *(ext + 1);
198 
199 	debug("[BOOTP] Processing extension %d... (%d bytes)\n", *ext,
200 	      *(ext + 1));
201 
202 	net_boot_file_expected_size_in_blocks = 0;
203 
204 	switch (*ext) {
205 		/* Fixed length fields */
206 	case 1:			/* Subnet mask */
207 		if (net_netmask.s_addr == 0)
208 			net_copy_ip(&net_netmask, (struct in_addr *)(ext + 2));
209 		break;
210 	case 2:			/* Time offset - Not yet supported */
211 		break;
212 		/* Variable length fields */
213 	case 3:			/* Gateways list */
214 		if (net_gateway.s_addr == 0)
215 			net_copy_ip(&net_gateway, (struct in_addr *)(ext + 2));
216 		break;
217 	case 4:			/* Time server - Not yet supported */
218 		break;
219 	case 5:			/* IEN-116 name server - Not yet supported */
220 		break;
221 	case 6:
222 		if (net_dns_server.s_addr == 0)
223 			net_copy_ip(&net_dns_server,
224 				    (struct in_addr *)(ext + 2));
225 #if defined(CONFIG_BOOTP_DNS2)
226 		if ((net_dns_server2.s_addr == 0) && (size > 4))
227 			net_copy_ip(&net_dns_server2,
228 				    (struct in_addr *)(ext + 2 + 4));
229 #endif
230 		break;
231 	case 7:			/* Log server - Not yet supported */
232 		break;
233 	case 8:			/* Cookie/Quote server - Not yet supported */
234 		break;
235 	case 9:			/* LPR server - Not yet supported */
236 		break;
237 	case 10:		/* Impress server - Not yet supported */
238 		break;
239 	case 11:		/* RPL server - Not yet supported */
240 		break;
241 	case 12:		/* Host name */
242 		if (net_hostname[0] == 0) {
243 			size = truncate_sz("Host Name",
244 				sizeof(net_hostname), size);
245 			memcpy(&net_hostname, ext + 2, size);
246 			net_hostname[size] = 0;
247 		}
248 		break;
249 	case 13:		/* Boot file size */
250 		if (size == 2)
251 			net_boot_file_expected_size_in_blocks =
252 				ntohs(*(ushort *)(ext + 2));
253 		else if (size == 4)
254 			net_boot_file_expected_size_in_blocks =
255 				ntohl(*(ulong *)(ext + 2));
256 		break;
257 	case 14:		/* Merit dump file - Not yet supported */
258 		break;
259 	case 15:		/* Domain name - Not yet supported */
260 		break;
261 	case 16:		/* Swap server - Not yet supported */
262 		break;
263 	case 17:		/* Root path */
264 		if (net_root_path[0] == 0) {
265 			size = truncate_sz("Root Path",
266 				sizeof(net_root_path), size);
267 			memcpy(&net_root_path, ext + 2, size);
268 			net_root_path[size] = 0;
269 		}
270 		break;
271 	case 18:		/* Extension path - Not yet supported */
272 		/*
273 		 * This can be used to send the information of the
274 		 * vendor area in another file that the client can
275 		 * access via TFTP.
276 		 */
277 		break;
278 		/* IP host layer fields */
279 	case 40:		/* NIS Domain name */
280 		if (net_nis_domain[0] == 0) {
281 			size = truncate_sz("NIS Domain Name",
282 				sizeof(net_nis_domain), size);
283 			memcpy(&net_nis_domain, ext + 2, size);
284 			net_nis_domain[size] = 0;
285 		}
286 		break;
287 #if defined(CONFIG_CMD_SNTP) && defined(CONFIG_BOOTP_NTPSERVER)
288 	case 42:	/* NTP server IP */
289 		net_copy_ip(&net_ntp_server, (struct in_addr *)(ext + 2));
290 		break;
291 #endif
292 		/* Application layer fields */
293 	case 43:		/* Vendor specific info - Not yet supported */
294 		/*
295 		 * Binary information to exchange specific
296 		 * product information.
297 		 */
298 		break;
299 		/* Reserved (custom) fields (128..254) */
300 	}
301 }
302 
bootp_process_vendor(u8 * ext,int size)303 static void bootp_process_vendor(u8 *ext, int size)
304 {
305 	u8 *end = ext + size;
306 
307 	debug("[BOOTP] Checking extension (%d bytes)...\n", size);
308 
309 	while ((ext < end) && (*ext != 0xff)) {
310 		if (*ext == 0) {
311 			ext++;
312 		} else {
313 			u8 *opt = ext;
314 
315 			ext += ext[1] + 2;
316 			if (ext <= end)
317 				bootp_process_vendor_field(opt);
318 		}
319 	}
320 
321 	debug("[BOOTP] Received fields:\n");
322 	if (net_netmask.s_addr)
323 		debug("net_netmask : %pI4\n", &net_netmask);
324 
325 	if (net_gateway.s_addr)
326 		debug("net_gateway	: %pI4", &net_gateway);
327 
328 	if (net_boot_file_expected_size_in_blocks)
329 		debug("net_boot_file_expected_size_in_blocks : %d\n",
330 		      net_boot_file_expected_size_in_blocks);
331 
332 	if (net_hostname[0])
333 		debug("net_hostname  : %s\n", net_hostname);
334 
335 	if (net_root_path[0])
336 		debug("net_root_path  : %s\n", net_root_path);
337 
338 	if (net_nis_domain[0])
339 		debug("net_nis_domain : %s\n", net_nis_domain);
340 
341 #if defined(CONFIG_CMD_SNTP) && defined(CONFIG_BOOTP_NTPSERVER)
342 	if (net_ntp_server.s_addr)
343 		debug("net_ntp_server : %pI4\n", &net_ntp_server);
344 #endif
345 }
346 
347 /*
348  *	Handle a BOOTP received packet.
349  */
bootp_handler(uchar * pkt,unsigned dest,struct in_addr sip,unsigned src,unsigned len)350 static void bootp_handler(uchar *pkt, unsigned dest, struct in_addr sip,
351 			  unsigned src, unsigned len)
352 {
353 	struct bootp_hdr *bp;
354 
355 	debug("got BOOTP packet (src=%d, dst=%d, len=%d want_len=%zu)\n",
356 	      src, dest, len, sizeof(struct bootp_hdr));
357 
358 	bp = (struct bootp_hdr *)pkt;
359 
360 	/* Filter out pkts we don't want */
361 	if (check_reply_packet(pkt, dest, src, len))
362 		return;
363 
364 	/*
365 	 *	Got a good BOOTP reply.	 Copy the data into our variables.
366 	 */
367 #if defined(CONFIG_LED_STATUS) && defined(CONFIG_LED_STATUS_BOOT_ENABLE)
368 	status_led_set(CONFIG_LED_STATUS_BOOT, CONFIG_LED_STATUS_OFF);
369 #endif
370 
371 	store_net_params(bp);		/* Store net parameters from reply */
372 
373 	/* Retrieve extended information (we must parse the vendor area) */
374 	if (net_read_u32((u32 *)&bp->bp_vend[0]) == htonl(BOOTP_VENDOR_MAGIC))
375 		bootp_process_vendor((uchar *)&bp->bp_vend[4], len);
376 
377 	net_set_timeout_handler(0, (thand_f *)0);
378 	bootstage_mark_name(BOOTSTAGE_ID_BOOTP_STOP, "bootp_stop");
379 
380 	debug("Got good BOOTP\n");
381 
382 	net_auto_load();
383 }
384 #endif
385 
386 /*
387  *	Timeout on BOOTP/DHCP request.
388  */
bootp_timeout_handler(void)389 static void bootp_timeout_handler(void)
390 {
391 	ulong time_taken = get_timer(bootp_start);
392 
393 	if (time_taken >= time_taken_max) {
394 #ifdef CONFIG_BOOTP_MAY_FAIL
395 		char *ethrotate;
396 
397 		ethrotate = env_get("ethrotate");
398 		if ((ethrotate && strcmp(ethrotate, "no") == 0) ||
399 		    net_restart_wrap) {
400 			puts("\nRetry time exceeded\n");
401 			net_set_state(NETLOOP_FAIL);
402 		} else
403 #endif
404 		{
405 			puts("\nRetry time exceeded; starting again\n");
406 			net_start_again();
407 		}
408 	} else {
409 		bootp_timeout *= 2;
410 		if (bootp_timeout > 2000)
411 			bootp_timeout = 2000;
412 		net_set_timeout_handler(bootp_timeout, bootp_timeout_handler);
413 		bootp_request();
414 	}
415 }
416 
417 #define put_vci(e, str)						\
418 	do {							\
419 		size_t vci_strlen = strlen(str);		\
420 		*e++ = 60;	/* Vendor Class Identifier */	\
421 		*e++ = vci_strlen;				\
422 		memcpy(e, str, vci_strlen);			\
423 		e += vci_strlen;				\
424 	} while (0)
425 
add_vci(u8 * e)426 static u8 *add_vci(u8 *e)
427 {
428 	char *vci = NULL;
429 	char *env_vci = env_get("bootp_vci");
430 
431 #if defined(CONFIG_SPL_BUILD) && defined(CONFIG_SPL_NET_VCI_STRING)
432 	vci = CONFIG_SPL_NET_VCI_STRING;
433 #elif defined(CONFIG_BOOTP_VCI_STRING)
434 	vci = CONFIG_BOOTP_VCI_STRING;
435 #endif
436 
437 	if (env_vci)
438 		vci = env_vci;
439 
440 	if (vci)
441 		put_vci(e, vci);
442 
443 	return e;
444 }
445 
446 /*
447  *	Initialize BOOTP extension fields in the request.
448  */
449 #if defined(CONFIG_CMD_DHCP)
dhcp_extended(u8 * e,int message_type,struct in_addr server_ip,struct in_addr requested_ip)450 static int dhcp_extended(u8 *e, int message_type, struct in_addr server_ip,
451 			struct in_addr requested_ip)
452 {
453 	u8 *start = e;
454 	u8 *cnt;
455 #ifdef CONFIG_LIB_UUID
456 	char *uuid;
457 #endif
458 	int clientarch = -1;
459 
460 #if defined(CONFIG_BOOTP_VENDOREX)
461 	u8 *x;
462 #endif
463 #if defined(CONFIG_BOOTP_SEND_HOSTNAME)
464 	char *hostname;
465 #endif
466 
467 	*e++ = 99;		/* RFC1048 Magic Cookie */
468 	*e++ = 130;
469 	*e++ = 83;
470 	*e++ = 99;
471 
472 	*e++ = 53;		/* DHCP Message Type */
473 	*e++ = 1;
474 	*e++ = message_type;
475 
476 	*e++ = 57;		/* Maximum DHCP Message Size */
477 	*e++ = 2;
478 	*e++ = (576 - 312 + OPT_FIELD_SIZE) >> 8;
479 	*e++ = (576 - 312 + OPT_FIELD_SIZE) & 0xff;
480 
481 	if (server_ip.s_addr) {
482 		int tmp = ntohl(server_ip.s_addr);
483 
484 		*e++ = 54;	/* ServerID */
485 		*e++ = 4;
486 		*e++ = tmp >> 24;
487 		*e++ = tmp >> 16;
488 		*e++ = tmp >> 8;
489 		*e++ = tmp & 0xff;
490 	}
491 
492 	if (requested_ip.s_addr) {
493 		int tmp = ntohl(requested_ip.s_addr);
494 
495 		*e++ = 50;	/* Requested IP */
496 		*e++ = 4;
497 		*e++ = tmp >> 24;
498 		*e++ = tmp >> 16;
499 		*e++ = tmp >> 8;
500 		*e++ = tmp & 0xff;
501 	}
502 #if defined(CONFIG_BOOTP_SEND_HOSTNAME)
503 	hostname = env_get("hostname");
504 	if (hostname) {
505 		int hostnamelen = strlen(hostname);
506 
507 		*e++ = 12;	/* Hostname */
508 		*e++ = hostnamelen;
509 		memcpy(e, hostname, hostnamelen);
510 		e += hostnamelen;
511 	}
512 #endif
513 
514 #ifdef CONFIG_BOOTP_PXE_CLIENTARCH
515 	clientarch = CONFIG_BOOTP_PXE_CLIENTARCH;
516 #endif
517 
518 	if (env_get("bootp_arch"))
519 		clientarch = env_get_ulong("bootp_arch", 16, clientarch);
520 
521 	if (clientarch > 0) {
522 		*e++ = 93;	/* Client System Architecture */
523 		*e++ = 2;
524 		*e++ = (clientarch >> 8) & 0xff;
525 		*e++ = clientarch & 0xff;
526 	}
527 
528 	*e++ = 94;	/* Client Network Interface Identifier */
529 	*e++ = 3;
530 	*e++ = 1;	/* type field for UNDI */
531 	*e++ = 0;	/* major revision */
532 	*e++ = 0;	/* minor revision */
533 
534 #ifdef CONFIG_LIB_UUID
535 	uuid = env_get("pxeuuid");
536 
537 	if (uuid) {
538 		if (uuid_str_valid(uuid)) {
539 			*e++ = 97;	/* Client Machine Identifier */
540 			*e++ = 17;
541 			*e++ = 0;	/* type 0 - UUID */
542 
543 			uuid_str_to_bin(uuid, e, UUID_STR_FORMAT_STD);
544 			e += 16;
545 		} else {
546 			printf("Invalid pxeuuid: %s\n", uuid);
547 		}
548 	}
549 #endif
550 
551 	e = add_vci(e);
552 
553 #if defined(CONFIG_BOOTP_VENDOREX)
554 	x = dhcp_vendorex_prep(e);
555 	if (x)
556 		return x - start;
557 #endif
558 
559 	*e++ = 55;		/* Parameter Request List */
560 	 cnt = e++;		/* Pointer to count of requested items */
561 	*cnt = 0;
562 #if defined(CONFIG_BOOTP_SUBNETMASK)
563 	*e++  = 1;		/* Subnet Mask */
564 	*cnt += 1;
565 #endif
566 #if defined(CONFIG_BOOTP_TIMEOFFSET)
567 	*e++  = 2;
568 	*cnt += 1;
569 #endif
570 #if defined(CONFIG_BOOTP_GATEWAY)
571 	*e++  = 3;		/* Router Option */
572 	*cnt += 1;
573 #endif
574 #if defined(CONFIG_BOOTP_DNS)
575 	*e++  = 6;		/* DNS Server(s) */
576 	*cnt += 1;
577 #endif
578 #if defined(CONFIG_BOOTP_HOSTNAME)
579 	*e++  = 12;		/* Hostname */
580 	*cnt += 1;
581 #endif
582 #if defined(CONFIG_BOOTP_BOOTFILESIZE)
583 	*e++  = 13;		/* Boot File Size */
584 	*cnt += 1;
585 #endif
586 #if defined(CONFIG_BOOTP_BOOTPATH)
587 	*e++  = 17;		/* Boot path */
588 	*cnt += 1;
589 #endif
590 #if defined(CONFIG_BOOTP_NISDOMAIN)
591 	*e++  = 40;		/* NIS Domain name request */
592 	*cnt += 1;
593 #endif
594 #if defined(CONFIG_BOOTP_NTPSERVER)
595 	*e++  = 42;
596 	*cnt += 1;
597 #endif
598 	/* no options, so back up to avoid sending an empty request list */
599 	if (*cnt == 0)
600 		e -= 2;
601 
602 	*e++  = 255;		/* End of the list */
603 
604 	/* Pad to minimal length */
605 #ifdef	CONFIG_DHCP_MIN_EXT_LEN
606 	while ((e - start) < CONFIG_DHCP_MIN_EXT_LEN)
607 		*e++ = 0;
608 #endif
609 
610 	return e - start;
611 }
612 
613 #else
614 /*
615  * Warning: no field size check - change CONFIG_BOOTP_* at your own risk!
616  */
bootp_extended(u8 * e)617 static int bootp_extended(u8 *e)
618 {
619 	u8 *start = e;
620 
621 	*e++ = 99;		/* RFC1048 Magic Cookie */
622 	*e++ = 130;
623 	*e++ = 83;
624 	*e++ = 99;
625 
626 #if defined(CONFIG_CMD_DHCP)
627 	*e++ = 53;		/* DHCP Message Type */
628 	*e++ = 1;
629 	*e++ = DHCP_DISCOVER;
630 
631 	*e++ = 57;		/* Maximum DHCP Message Size */
632 	*e++ = 2;
633 	*e++ = (576 - 312 + OPT_FIELD_SIZE) >> 16;
634 	*e++ = (576 - 312 + OPT_FIELD_SIZE) & 0xff;
635 #endif
636 
637 	add_vci(e);
638 
639 #if defined(CONFIG_BOOTP_SUBNETMASK)
640 	*e++ = 1;		/* Subnet mask request */
641 	*e++ = 4;
642 	e   += 4;
643 #endif
644 
645 #if defined(CONFIG_BOOTP_GATEWAY)
646 	*e++ = 3;		/* Default gateway request */
647 	*e++ = 4;
648 	e   += 4;
649 #endif
650 
651 #if defined(CONFIG_BOOTP_DNS)
652 	*e++ = 6;		/* Domain Name Server */
653 	*e++ = 4;
654 	e   += 4;
655 #endif
656 
657 #if defined(CONFIG_BOOTP_HOSTNAME)
658 	*e++ = 12;		/* Host name request */
659 	*e++ = 32;
660 	e   += 32;
661 #endif
662 
663 #if defined(CONFIG_BOOTP_BOOTFILESIZE)
664 	*e++ = 13;		/* Boot file size */
665 	*e++ = 2;
666 	e   += 2;
667 #endif
668 
669 #if defined(CONFIG_BOOTP_BOOTPATH)
670 	*e++ = 17;		/* Boot path */
671 	*e++ = 32;
672 	e   += 32;
673 #endif
674 
675 #if defined(CONFIG_BOOTP_NISDOMAIN)
676 	*e++ = 40;		/* NIS Domain name request */
677 	*e++ = 32;
678 	e   += 32;
679 #endif
680 #if defined(CONFIG_BOOTP_NTPSERVER)
681 	*e++ = 42;
682 	*e++ = 4;
683 	e   += 4;
684 #endif
685 
686 	*e++ = 255;		/* End of the list */
687 
688 	/*
689 	 * If nothing in list, remove it altogether. Some DHCP servers get
690 	 * upset by this minor faux pas and do not respond at all.
691 	 */
692 	if (e == start + 3) {
693 		printf("*** Warning: no DHCP options requested\n");
694 		e -= 3;
695 	}
696 
697 	return e - start;
698 }
699 #endif
700 
bootp_reset(void)701 void bootp_reset(void)
702 {
703 	bootp_num_ids = 0;
704 	bootp_try = 0;
705 	bootp_start = get_timer(0);
706 	bootp_timeout = 250;
707 }
708 
bootp_request(void)709 void bootp_request(void)
710 {
711 	uchar *pkt, *iphdr;
712 	struct bootp_hdr *bp;
713 	int extlen, pktlen, iplen;
714 	int eth_hdr_size;
715 #ifdef CONFIG_BOOTP_RANDOM_DELAY
716 	ulong rand_ms;
717 #endif
718 	u32 bootp_id;
719 	struct in_addr zero_ip;
720 	struct in_addr bcast_ip;
721 	char *ep;  /* Environment pointer */
722 
723 	bootstage_mark_name(BOOTSTAGE_ID_BOOTP_START, "bootp_start");
724 #if defined(CONFIG_CMD_DHCP)
725 	dhcp_state = INIT;
726 #endif
727 
728 	ep = env_get("bootpretryperiod");
729 	if (ep != NULL)
730 		time_taken_max = simple_strtoul(ep, NULL, 10);
731 	else
732 		time_taken_max = TIMEOUT_MS;
733 
734 #ifdef CONFIG_BOOTP_RANDOM_DELAY		/* Random BOOTP delay */
735 	if (bootp_try == 0)
736 		srand_mac();
737 
738 	if (bootp_try <= 2)	/* Start with max 1024 * 1ms */
739 		rand_ms = rand() >> (22 - bootp_try);
740 	else		/* After 3rd BOOTP request max 8192 * 1ms */
741 		rand_ms = rand() >> 19;
742 
743 	printf("Random delay: %ld ms...\n", rand_ms);
744 	mdelay(rand_ms);
745 
746 #endif	/* CONFIG_BOOTP_RANDOM_DELAY */
747 
748 	printf("BOOTP broadcast %d\n", ++bootp_try);
749 	pkt = net_tx_packet;
750 	memset((void *)pkt, 0, PKTSIZE);
751 
752 	eth_hdr_size = net_set_ether(pkt, net_bcast_ethaddr, PROT_IP);
753 	pkt += eth_hdr_size;
754 
755 	/*
756 	 * Next line results in incorrect packet size being transmitted,
757 	 * resulting in errors in some DHCP servers, reporting missing bytes.
758 	 * Size must be set in packet header after extension length has been
759 	 * determined.
760 	 * C. Hallinan, DS4.COM, Inc.
761 	 */
762 	/* net_set_udp_header(pkt, 0xFFFFFFFFL, PORT_BOOTPS, PORT_BOOTPC,
763 		sizeof (struct bootp_hdr)); */
764 	iphdr = pkt;	/* We need this later for net_set_udp_header() */
765 	pkt += IP_UDP_HDR_SIZE;
766 
767 	bp = (struct bootp_hdr *)pkt;
768 	bp->bp_op = OP_BOOTREQUEST;
769 	bp->bp_htype = HWT_ETHER;
770 	bp->bp_hlen = HWL_ETHER;
771 	bp->bp_hops = 0;
772 	/*
773 	 * according to RFC1542, should be 0 on first request, secs since
774 	 * first request otherwise
775 	 */
776 	bp->bp_secs = htons(get_timer(bootp_start) / 1000);
777 	zero_ip.s_addr = 0;
778 	net_write_ip(&bp->bp_ciaddr, zero_ip);
779 	net_write_ip(&bp->bp_yiaddr, zero_ip);
780 	net_write_ip(&bp->bp_siaddr, zero_ip);
781 	net_write_ip(&bp->bp_giaddr, zero_ip);
782 	memcpy(bp->bp_chaddr, net_ethaddr, 6);
783 	copy_filename(bp->bp_file, net_boot_file_name, sizeof(bp->bp_file));
784 
785 	/* Request additional information from the BOOTP/DHCP server */
786 #if defined(CONFIG_CMD_DHCP)
787 	extlen = dhcp_extended((u8 *)bp->bp_vend, DHCP_DISCOVER, zero_ip,
788 			       zero_ip);
789 #else
790 	extlen = bootp_extended((u8 *)bp->bp_vend);
791 #endif
792 
793 	/*
794 	 *	Bootp ID is the lower 4 bytes of our ethernet address
795 	 *	plus the current time in ms.
796 	 */
797 	bootp_id = ((u32)net_ethaddr[2] << 24)
798 		| ((u32)net_ethaddr[3] << 16)
799 		| ((u32)net_ethaddr[4] << 8)
800 		| (u32)net_ethaddr[5];
801 	bootp_id += get_timer(0);
802 	bootp_id = htonl(bootp_id);
803 	bootp_add_id(bootp_id);
804 	net_copy_u32(&bp->bp_id, &bootp_id);
805 
806 	/*
807 	 * Calculate proper packet lengths taking into account the
808 	 * variable size of the options field
809 	 */
810 	iplen = BOOTP_HDR_SIZE - OPT_FIELD_SIZE + extlen;
811 	pktlen = eth_hdr_size + IP_UDP_HDR_SIZE + iplen;
812 	bcast_ip.s_addr = 0xFFFFFFFFL;
813 	net_set_udp_header(iphdr, bcast_ip, PORT_BOOTPS, PORT_BOOTPC, iplen);
814 	net_set_timeout_handler(bootp_timeout, bootp_timeout_handler);
815 
816 #if defined(CONFIG_CMD_DHCP)
817 	dhcp_state = SELECTING;
818 	net_set_udp_handler(dhcp_handler);
819 #else
820 	net_set_udp_handler(bootp_handler);
821 #endif
822 	net_send_packet(net_tx_packet, pktlen);
823 }
824 
825 #if defined(CONFIG_CMD_DHCP)
dhcp_process_options(uchar * popt,uchar * end)826 static void dhcp_process_options(uchar *popt, uchar *end)
827 {
828 	int oplen, size;
829 #if defined(CONFIG_CMD_SNTP) && defined(CONFIG_BOOTP_TIMEOFFSET)
830 	int *to_ptr;
831 #endif
832 
833 	while (popt < end && *popt != 0xff) {
834 		oplen = *(popt + 1);
835 		switch (*popt) {
836 		case 0:
837 			oplen = -1; /* Pad omits len byte */
838 			break;
839 		case 1:
840 			net_copy_ip(&net_netmask, (popt + 2));
841 			break;
842 #if defined(CONFIG_CMD_SNTP) && defined(CONFIG_BOOTP_TIMEOFFSET)
843 		case 2:		/* Time offset	*/
844 			to_ptr = &net_ntp_time_offset;
845 			net_copy_u32((u32 *)to_ptr, (u32 *)(popt + 2));
846 			net_ntp_time_offset = ntohl(net_ntp_time_offset);
847 			break;
848 #endif
849 		case 3:
850 			net_copy_ip(&net_gateway, (popt + 2));
851 			break;
852 		case 6:
853 			net_copy_ip(&net_dns_server, (popt + 2));
854 #if defined(CONFIG_BOOTP_DNS2)
855 			if (*(popt + 1) > 4)
856 				net_copy_ip(&net_dns_server2, (popt + 2 + 4));
857 #endif
858 			break;
859 		case 12:
860 			size = truncate_sz("Host Name",
861 				sizeof(net_hostname), oplen);
862 			memcpy(&net_hostname, popt + 2, size);
863 			net_hostname[size] = 0;
864 			break;
865 		case 15:	/* Ignore Domain Name Option */
866 			break;
867 		case 17:
868 			size = truncate_sz("Root Path",
869 				sizeof(net_root_path), oplen);
870 			memcpy(&net_root_path, popt + 2, size);
871 			net_root_path[size] = 0;
872 			break;
873 		case 28:	/* Ignore Broadcast Address Option */
874 			break;
875 #if defined(CONFIG_CMD_SNTP) && defined(CONFIG_BOOTP_NTPSERVER)
876 		case 42:	/* NTP server IP */
877 			net_copy_ip(&net_ntp_server, (popt + 2));
878 			break;
879 #endif
880 		case 51:
881 			net_copy_u32(&dhcp_leasetime, (u32 *)(popt + 2));
882 			break;
883 		case 52:
884 			dhcp_option_overload = popt[2];
885 			break;
886 		case 53:	/* Ignore Message Type Option */
887 			break;
888 		case 54:
889 			net_copy_ip(&dhcp_server_ip, (popt + 2));
890 			break;
891 		case 58:	/* Ignore Renewal Time Option */
892 			break;
893 		case 59:	/* Ignore Rebinding Time Option */
894 			break;
895 		case 66:	/* Ignore TFTP server name */
896 			break;
897 		case 67:	/* Bootfile option */
898 			if (!net_boot_file_name_explicit) {
899 				size = truncate_sz("Bootfile",
900 						   sizeof(net_boot_file_name),
901 						   oplen);
902 				memcpy(&net_boot_file_name, popt + 2, size);
903 				net_boot_file_name[size] = 0;
904 			}
905 			break;
906 		default:
907 #if defined(CONFIG_BOOTP_VENDOREX)
908 			if (dhcp_vendorex_proc(popt))
909 				break;
910 #endif
911 			printf("*** Unhandled DHCP Option in OFFER/ACK:"
912 			       " %d\n", *popt);
913 			break;
914 		}
915 		popt += oplen + 2;	/* Process next option */
916 	}
917 }
918 
dhcp_packet_process_options(struct bootp_hdr * bp)919 static void dhcp_packet_process_options(struct bootp_hdr *bp)
920 {
921 	uchar *popt = (uchar *)&bp->bp_vend[4];
922 	uchar *end = popt + BOOTP_HDR_SIZE;
923 
924 	if (net_read_u32((u32 *)&bp->bp_vend[0]) != htonl(BOOTP_VENDOR_MAGIC))
925 		return;
926 
927 	dhcp_option_overload = 0;
928 
929 	/*
930 	 * The 'options' field MUST be interpreted first, 'file' next,
931 	 * 'sname' last.
932 	 */
933 	dhcp_process_options(popt, end);
934 
935 	if (dhcp_option_overload & OVERLOAD_FILE) {
936 		popt = (uchar *)bp->bp_file;
937 		end = popt + sizeof(bp->bp_file);
938 		dhcp_process_options(popt, end);
939 	}
940 
941 	if (dhcp_option_overload & OVERLOAD_SNAME) {
942 		popt = (uchar *)bp->bp_sname;
943 		end = popt + sizeof(bp->bp_sname);
944 		dhcp_process_options(popt, end);
945 	}
946 }
947 
dhcp_message_type(unsigned char * popt)948 static int dhcp_message_type(unsigned char *popt)
949 {
950 	if (net_read_u32((u32 *)popt) != htonl(BOOTP_VENDOR_MAGIC))
951 		return -1;
952 
953 	popt += 4;
954 	while (*popt != 0xff) {
955 		if (*popt == 53)	/* DHCP Message Type */
956 			return *(popt + 2);
957 		if (*popt == 0)	{
958 			/* Pad */
959 			popt += 1;
960 		} else {
961 			/* Scan through all options */
962 			popt += *(popt + 1) + 2;
963 		}
964 	}
965 	return -1;
966 }
967 
dhcp_send_request_packet(struct bootp_hdr * bp_offer)968 static void dhcp_send_request_packet(struct bootp_hdr *bp_offer)
969 {
970 	uchar *pkt, *iphdr;
971 	struct bootp_hdr *bp;
972 	int pktlen, iplen, extlen;
973 	int eth_hdr_size;
974 	struct in_addr offered_ip;
975 	struct in_addr zero_ip;
976 	struct in_addr bcast_ip;
977 
978 	debug("dhcp_send_request_packet: Sending DHCPREQUEST\n");
979 	pkt = net_tx_packet;
980 	memset((void *)pkt, 0, PKTSIZE);
981 
982 	eth_hdr_size = net_set_ether(pkt, net_bcast_ethaddr, PROT_IP);
983 	pkt += eth_hdr_size;
984 
985 	iphdr = pkt;	/* We'll need this later to set proper pkt size */
986 	pkt += IP_UDP_HDR_SIZE;
987 
988 	bp = (struct bootp_hdr *)pkt;
989 	bp->bp_op = OP_BOOTREQUEST;
990 	bp->bp_htype = HWT_ETHER;
991 	bp->bp_hlen = HWL_ETHER;
992 	bp->bp_hops = 0;
993 	bp->bp_secs = htons(get_timer(bootp_start) / 1000);
994 	/* Do not set the client IP, your IP, or server IP yet, since it
995 	 * hasn't been ACK'ed by the server yet */
996 
997 	/*
998 	 * RFC3046 requires Relay Agents to discard packets with
999 	 * nonzero and offered giaddr
1000 	 */
1001 	zero_ip.s_addr = 0;
1002 	net_write_ip(&bp->bp_giaddr, zero_ip);
1003 
1004 	memcpy(bp->bp_chaddr, net_ethaddr, 6);
1005 	copy_filename(bp->bp_file, net_boot_file_name, sizeof(bp->bp_file));
1006 
1007 	/*
1008 	 * ID is the id of the OFFER packet
1009 	 */
1010 
1011 	net_copy_u32(&bp->bp_id, &bp_offer->bp_id);
1012 
1013 	/*
1014 	 * Copy options from OFFER packet if present
1015 	 */
1016 
1017 	/* Copy offered IP into the parameters request list */
1018 	net_copy_ip(&offered_ip, &bp_offer->bp_yiaddr);
1019 	extlen = dhcp_extended((u8 *)bp->bp_vend, DHCP_REQUEST,
1020 		dhcp_server_ip, offered_ip);
1021 
1022 	iplen = BOOTP_HDR_SIZE - OPT_FIELD_SIZE + extlen;
1023 	pktlen = eth_hdr_size + IP_UDP_HDR_SIZE + iplen;
1024 	bcast_ip.s_addr = 0xFFFFFFFFL;
1025 	net_set_udp_header(iphdr, bcast_ip, PORT_BOOTPS, PORT_BOOTPC, iplen);
1026 
1027 #ifdef CONFIG_BOOTP_DHCP_REQUEST_DELAY
1028 	udelay(CONFIG_BOOTP_DHCP_REQUEST_DELAY);
1029 #endif	/* CONFIG_BOOTP_DHCP_REQUEST_DELAY */
1030 	debug("Transmitting DHCPREQUEST packet: len = %d\n", pktlen);
1031 	net_send_packet(net_tx_packet, pktlen);
1032 }
1033 
1034 /*
1035  *	Handle DHCP received packets.
1036  */
dhcp_handler(uchar * pkt,unsigned dest,struct in_addr sip,unsigned src,unsigned len)1037 static void dhcp_handler(uchar *pkt, unsigned dest, struct in_addr sip,
1038 			 unsigned src, unsigned len)
1039 {
1040 	struct bootp_hdr *bp = (struct bootp_hdr *)pkt;
1041 
1042 	debug("DHCPHandler: got packet: (src=%d, dst=%d, len=%d) state: %d\n",
1043 	      src, dest, len, dhcp_state);
1044 
1045 	/* Filter out pkts we don't want */
1046 	if (check_reply_packet(pkt, dest, src, len))
1047 		return;
1048 
1049 	debug("DHCPHandler: got DHCP packet: (src=%d, dst=%d, len=%d) state: "
1050 	      "%d\n", src, dest, len, dhcp_state);
1051 
1052 	if (net_read_ip(&bp->bp_yiaddr).s_addr == 0)
1053 		return;
1054 
1055 	switch (dhcp_state) {
1056 	case SELECTING:
1057 		/*
1058 		 * Wait an appropriate time for any potential DHCPOFFER packets
1059 		 * to arrive.  Then select one, and generate DHCPREQUEST
1060 		 * response.  If filename is in format we recognize, assume it
1061 		 * is a valid OFFER from a server we want.
1062 		 */
1063 		debug("DHCP: state=SELECTING bp_file: \"%s\"\n", bp->bp_file);
1064 #ifdef CONFIG_SYS_BOOTFILE_PREFIX
1065 		if (strncmp(bp->bp_file,
1066 			    CONFIG_SYS_BOOTFILE_PREFIX,
1067 			    strlen(CONFIG_SYS_BOOTFILE_PREFIX)) == 0) {
1068 #endif	/* CONFIG_SYS_BOOTFILE_PREFIX */
1069 			dhcp_packet_process_options(bp);
1070 			efi_net_set_dhcp_ack(pkt, len);
1071 
1072 			debug("TRANSITIONING TO REQUESTING STATE\n");
1073 			dhcp_state = REQUESTING;
1074 
1075 			net_set_timeout_handler(5000, bootp_timeout_handler);
1076 			dhcp_send_request_packet(bp);
1077 #ifdef CONFIG_SYS_BOOTFILE_PREFIX
1078 		}
1079 #endif	/* CONFIG_SYS_BOOTFILE_PREFIX */
1080 
1081 		return;
1082 		break;
1083 	case REQUESTING:
1084 		debug("DHCP State: REQUESTING\n");
1085 
1086 		if (dhcp_message_type((u8 *)bp->bp_vend) == DHCP_ACK) {
1087 			dhcp_packet_process_options(bp);
1088 			/* Store net params from reply */
1089 			store_net_params(bp);
1090 			dhcp_state = BOUND;
1091 			printf("DHCP client bound to address %pI4 (%lu ms)\n",
1092 			       &net_ip, get_timer(bootp_start));
1093 			net_set_timeout_handler(0, (thand_f *)0);
1094 			bootstage_mark_name(BOOTSTAGE_ID_BOOTP_STOP,
1095 					    "bootp_stop");
1096 
1097 			net_auto_load();
1098 			return;
1099 		}
1100 		break;
1101 	case BOUND:
1102 		/* DHCP client bound to address */
1103 		break;
1104 	default:
1105 		puts("DHCP: INVALID STATE\n");
1106 		break;
1107 	}
1108 }
1109 
dhcp_request(void)1110 void dhcp_request(void)
1111 {
1112 	bootp_request();
1113 }
1114 #endif	/* CONFIG_CMD_DHCP */
1115