[PATCH v2] tftp: roll-over block counter to prevent data packets timeouts

* [PATCH v2] tftp: roll-over block counter to prevent data packets timeouts
@ 2020-09-10 15:17 Javier Martinez Canillas
  2020-09-10 15:31 ` Daniel Kiper
  0 siblings, 1 reply; 2+ messages in thread
From: Javier Martinez Canillas @ 2020-09-10 15:17 UTC (permalink / raw)
  To: grub-devel
  Cc: Javier Martinez Canillas, Peter Jones, Alexey Makhalov, Daniel Kiper

Commit 781b3e5efc3 (tftp: Do not use priority queue) caused a regression
when fetching files over TFTP whose size is bigger than 65535 * block size.

  grub> linux /images/pxeboot/vmlinuz
  grub> echo $?
  0
  grub> initrd /images/pxeboot/initrd.img
  error: timeout reading '/images/pxeboot/initrd.img'.
  grub> echo $?
  28

It is caused by the block number counter being a 16-bit field, which leads
to a maximum file size of ((1 << 16) - 1) * block size. Because GRUB sets
the block size to 1024 octets (by using the TFTP Blocksize Option from RFC
2348 [0]), the maximum file size that can be transferred is 67107840 bytes.

The TFTP PROTOCOL (REVISION 2) RFC 1350 [1] does not mention what a client
should do when a file size is bigger than the maximum, but most TFTP hosts
support the block number counter to be rolled over. That is, acking a data
packet with a block number of 0 is taken as if the 65356th block was acked.

It was working before because the block counter roll-over was happening due
an overflow. But that got fixed by the mentioned commit, which led to the
regression when attempting to fetch files larger than the maximum size.

To allow TFTP file transfers of unlimited size again, re-introduce a block
counter roll-over so the data packets are acked preventing the timeouts.

[0]: https://tools.ietf.org/html/rfc2348
[1]: https://tools.ietf.org/html/rfc1350

Fixes: 781b3e5efc3 (tftp: Do not use priority queue)
Suggested-by: Peter Jones <pjones@redhat.com>
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>

---

Changes in v2:
- Remove unnecessary quotes when referring to a commit.
- Use type casting instead of a mask to roll-over.

 grub-core/net/tftp.c | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/grub-core/net/tftp.c b/grub-core/net/tftp.c
index 644135caf46..ec85fce3b1b 100644
--- a/grub-core/net/tftp.c
+++ b/grub-core/net/tftp.c
@@ -183,11 +183,22 @@ tftp_receive (grub_net_udp_socket_t sock __attribute__ ((unused)),
 	  return GRUB_ERR_NONE;
 	}
 
-      /* Ack old/retransmitted block. */
-      if (grub_be_to_cpu16 (tftph->u.data.block) < data->block + 1)
+      /*
+       * Ack old/retransmitted block.
+       *
+       * The block number is a 16-bit counter, thus the maximum file size that
+       * could be transfered is 65535 * block size. Most TFTP hosts support to
+       * roll-over the block counter to allow unlimited transfer file size.
+       *
+       * This behavior is not defined in the RFC 1350 [0] but is implemented by
+       * most TFTP clients and hosts.
+       *
+       * [0]: https://tools.ietf.org/html/rfc1350
+       */
+      if (grub_be_to_cpu16 (tftph->u.data.block) < ((grub_uint16_t)(data->block + 1)))
 	ack (data, grub_be_to_cpu16 (tftph->u.data.block));
       /* Ignore unexpected block. */
-      else if (grub_be_to_cpu16 (tftph->u.data.block) > data->block + 1)
+      else if (grub_be_to_cpu16 (tftph->u.data.block) > ((grub_uint16_t)(data->block + 1)))
 	grub_dprintf ("tftp", "TFTP unexpected block # %d\n", tftph->u.data.block);
       else
 	{
-- 
2.28.0



^ permalink raw reply related	[flat|nested] 2+ messages in thread