Michael Brown [Sun, 4 Mar 2012 21:41:24 +0000 (21:41 +0000)]
[i386] Use memory address constraints in __bswap_16s() and __bswap_64s()
Minimise code size by forcing the use of memory addresses for
__bswap_16s() and __bswap_64s(). (__bswap_32s() cannot avoid loading the
value into a register.)
Michael Brown [Sun, 4 Mar 2012 15:13:54 +0000 (15:13 +0000)]
[crypto] Replace SHA-1 implementation
Replace SHA-1 implementation from AXTLS with a dedicated iPXE
implementation which is around 40% smaller. This implementation has
been verified using the existing SHA-1 self-tests (including the NIST
SHA-1 test vectors).
Michael Brown [Sun, 4 Mar 2012 15:06:45 +0000 (15:06 +0000)]
[i386] Optimise byte-swapping functions and provide __bswap_{16,32,64}s()
Use the "bswap" instruction to shrink the size of byte-swapping code,
and provide the in-place variants __bswap_{16,32,64}s.
"bswap" is available only on 486 and later processors. (We already
assume the presence of "cpuid" and "rdtsc", which are available only
on Pentium and later processors.)
Michael Brown [Sat, 3 Mar 2012 14:11:46 +0000 (14:11 +0000)]
[tls] Support TLS version 1.1
Advertise support for TLS version 1.1, and be prepared to downgrade to
TLS version 1.0. Tested against Apache with mod_gnutls, using the
GnuTLSPriorities directive to force specific protocol versions.
Michael Brown [Fri, 2 Mar 2012 20:12:10 +0000 (20:12 +0000)]
[arp] Maintain an ARP transmission queue
Allow packet transmission to be deferred pending successful ARP
resolution. This avoids the time spent waiting for a higher-level
protocol (e.g. TCP or TFTP) to attempt retransmission.
Michael Brown [Fri, 2 Mar 2012 18:02:03 +0000 (18:02 +0000)]
[undi] Allow underlying PXE stack to construct link-layer header
Some PXE stacks (observed with a QLogic 8242) will always try to
prepend a link-layer header, even if the caller uses P_UNKNOWN to
indicate that the link-layer header has already been filled in. This
results in an invalid packet being transmitted.
Work around these faulty PXE stacks where possible by stripping the
existing link-layer header and allowing the PXE stack to (re)construct
the link-layer header itself.
Originally-fixed-by: Buck Huppmann <buckh@pobox.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 1 Mar 2012 16:26:38 +0000 (16:26 +0000)]
[iscsi] Send any padding inline with the data segment
Some iSCSI targets respond to a PDU before receiving the padding
bytes. If the target responds quickly enough, this can cause iPXE to
start processing a new TX PDU before the padding bytes have been sent,
which results in a protocol violation.
Fix by always transmitting the padding bytes along with the data
segment.
Originally-fixed-by: Shyam Iyer <shyam_iyer@dell.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Tue, 28 Feb 2012 22:27:48 +0000 (22:27 +0000)]
[syslog] Disable console when no syslog server is defined
Explicitly disable the syslog console when no syslog server is
defined, rather than (ab)using the socket family address as an
equivalent console-enabled flag.
Michael Brown [Tue, 28 Feb 2012 14:53:28 +0000 (14:53 +0000)]
[http] Allow for HTTPS-only builds
Separate out the core HTTP functionality (which is shared by both HTTP
and HTTPS) from the provision of the "http://" URI opener. This
allows for builds that support only "https://" URIs.
Michael Brown [Sun, 19 Feb 2012 22:24:42 +0000 (22:24 +0000)]
[rng] Add RTC-based entropy source
The RTC-based entropy source uses the nanosecond-scale CPU TSC to
measure the time between two 1kHz interrupts generated by the CMOS
RTC. In a physical machine these clocks are driven from independent
crystals, resulting in some observable clock drift. In a virtual
machine, the CMOS RTC is typically emulated using host-OS
constructions such as SIGALRM.
Michael Brown [Tue, 21 Feb 2012 12:09:15 +0000 (12:09 +0000)]
[rng] Add get_random_nz() function required by RSA algorithm
RSA requires the generation of random non-zero bytes (i.e. a sequence
of random numbers in the range [0x01,0xff]). ANS X9.82 provides
various Approved methods for converting random bits into random
numbers. The simplest such method is the Simple Discard Method.
Michael Brown [Sun, 19 Feb 2012 22:14:06 +0000 (22:14 +0000)]
[rng] Add ANS X9.82 Approved Source of Entropy Input
ANS X9.82 specifies several Approved Sources of Entropy Input (SEI).
One such SEI uses an entropy source as the Source of Entropy Input,
condensing each entropy source output after each GetEntropy call.
This can be implemented relatively cheaply in iPXE and avoids the need
to allocate potentially very large buffers.
(Note that the terms "entropy source" and "Source of Entropy Input"
are not synonyms within the context of ANS X9.82.)
Use the iPXE API mechanism to allow entropy sources to be selected at
compilation time.
Michael Brown [Mon, 20 Feb 2012 21:24:30 +0000 (21:24 +0000)]
[rng] Record validity within DRBG state
Treat an empty (zeroed) DRBG as invalid. This ensures that a DRBG
that has not yet been instantiated (or that has been uninstantiated)
will refuse to attempt to generate random bits.
Michael Brown [Sun, 19 Feb 2012 14:34:46 +0000 (14:34 +0000)]
[rng] Add NIST self-tests for Hash_df
NIST provides a set of known-answer tests for the Hash_DRBG algorithm,
which includes known answers for the derivation function Hash_df used
as part of Hash_DRBG. Hash_DRBG is not an Approved algorithm for ANS
X9.82, but the known answers for Hash_df (which is part of ANS X9.82)
can still be used as part of the conformance testing for ANS X9.82.
Michael Brown [Sun, 19 Feb 2012 14:31:41 +0000 (14:31 +0000)]
[rng] Add ANS X9.82 Approved Hash_df derivation function
ANS X9.82 specifies several Approved derivation functions for use in
distributing entropy throughout a buffer. One such derivation
function is Hash_df, which can be implemented using the existing iPXE
SHA-1 functionality.
Jarrod Johnson [Mon, 8 Aug 2011 19:54:15 +0000 (15:54 -0400)]
[efi] Add iPXE download protocol
iPXE exposes some extended capabilities via the PXE FILE API to allow
NBPs such as pxelinux to use protocols other than TFTP. Provide an
equivalent interface as a UEFI protocol so that EFI binaries may also
take advantage of iPXE's extended capabilities.
This can be used with a patched version of elilo, for example:
Jarrod Johnson [Sat, 14 Jan 2012 18:18:34 +0000 (13:18 -0500)]
[snpnet] Give up entirely on the transmit queue
Practically speaking, it seems the convention is to only have one
packet pending and not rely upon any mechanism to associate returned
txbuf with txqueue.
Thomas Miletich [Fri, 10 Feb 2012 13:17:45 +0000 (14:17 +0100)]
[tg3] Remove tg3_calc_dma_bndry()
This function never did much in this driver anyway, and after commit b5ed30b2 ("[tg3] Fix compilation on newer gcc versions") it became
apparent that its remaining functionality could be easily moved to
tg3_test_dma().
Signed-off-by: Thomas Miletich <thomas.miletich@gmail.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 9 Feb 2012 16:41:05 +0000 (16:41 +0000)]
[prefix] Delay initrd image copy until memory map is ready
initrd_init() calls umalloc() to allocate space for the initrd image,
but does so before hide_etherboot() has been called. It is therefore
possible for the initrd to end up overwriting iPXE itself.
Fix by converting initrd_init() from an init_fn to a startup_fn.
Originally-fixed-by: Till Straumann <strauman@slac.stanford.edu> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 23 Jan 2012 15:00:46 +0000 (15:00 +0000)]
[rng] Add ANS X9.82 Approved DRBG mechanism
ANS X9.82 specifies that an Approved DRBG must consist of an Approved
algorithm wrapped inside an envelope which handles entropy gathering,
prediction resistance, automatic reseeding and other housekeeping
tasks.
Michael Brown [Mon, 23 Jan 2012 14:52:56 +0000 (14:52 +0000)]
[rng] Add ANS X9.82 Approved HMAC_DRBG algorithm
ANS X9.82 specifies several Approved algorithms for use in a
Deterministic Random Bit Generator (DRBG). One such algorithm is
HMAC_DRBG, which can be implemented using the existing iPXE SHA-1 and
HMAC functionality. This algorithm provides a maximum security
strength of 128 bits.
Michael Brown [Wed, 18 Jan 2012 00:02:16 +0000 (00:02 +0000)]
[lkrnprefix] Copy command line before installing iPXE
The command line may be situated in an area of base memory that will
be overwritten by iPXE's real-mode segments, causing the command line
to be corrupted before it can be used.
Fix by creating a copy of the command line on the prefix stack (below
0x7c00) before installing the real-mode segments.
Reported-by: Dave Hansen <dave@sr71.net> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Sun, 11 Dec 2011 02:11:45 +0000 (02:11 +0000)]
[pxe] Provide PXENV_FILE_EXIT_HOOK only for ipxelinux.0 builds
PXENV_FILE_EXIT_HOOK is designed to allow ipxelinux.0 to unload both
the iPXE and pxelinux components without affecting the underlying PXE
stack. Unfortunately, it causes unexpected behaviour in other
situations, such as when loading a non-embedded pxelinux.0 via
undionly.kpxe. For example:
PXE ROM -> undionly.kpxe -> pxelinux.0 -> chain.c32 to boot hd0
would cause control to return to iPXE instead of booting from the hard
disk. In some cases, this would result in a harmless but confusing
"No more network devices" message; in other cases stranger things
would happen, such as being returned to the iPXE shell prompt.
The fundamental problem is that when pxelinux detects
PXENV_FILE_EXIT_HOOK, it may attempt to specify an exit hook and then
exit back to iPXE, assuming that iPXE will in turn exit cleanly via
the specified exit hook. This is not a valid assumption in the
general case, since the action of exiting back to iPXE does not
directly cause iPXE to exit itself. (In the specific case of
ipxelinux.0, this will work since the embedded script exits as soon as
pxelinux.0 exits.)
Fix the unexpected behaviour in the non-ipxelinux.0 cases by including
support for PXENV_FILE_EXIT_HOOK only when using a new .kkkpxe format.
The ipxelinux.0 build process should therefore now use undionly.kkkpxe
instead of undionly.kkpxe.
Michael Brown [Thu, 8 Dec 2011 02:35:23 +0000 (02:35 +0000)]
[pxe] Check for a valid PXE network device when applicable
Very nasty things can happen if a NULL network device is used. Check
that pxe_netdev is non-NULL at the applicable entry points, so that
this type of problem gets reported to the caller rather than being
allowed to crash the system.
Michael Brown [Wed, 7 Dec 2011 00:41:48 +0000 (00:41 +0000)]
[lotest] Accept non-loopback packets during test
It can sometimes be awkward to prevent additional packets from being
received during a loopback test. Allow such additional packets to be
present without terminating the test.
Michael Brown [Thu, 8 Dec 2011 00:06:53 +0000 (00:06 +0000)]
[undi] Retry PXENV_UNDI_INITIALIZE multiple times
On at least one PXE stack (Realtek r8169), PXENV_UNDI_INITIALIZE has
been observed to fail intermittently due to a media test failure (PXE
error 0x00000061). Retrying the call to PXENV_UNDI_INITIALIZE
succeeds, and the NIC is then usable.
It is worth noting that this particular Realtek PXE stack is already
known to be unreliable: for example, it repeatably fails its own
boot-time media test after every warm reboot.
Fix by attempting PXENV_UNDI_INITIALIZE multiple times, with a short
delay between each attempt to allow the link to settle.
Michael Brown [Tue, 6 Dec 2011 01:43:29 +0000 (01:43 +0000)]
[e1000] Request notification of TX completions
The RS bit is used to instruct the NIC to update the TX descriptor
status byte. The RPS bit is used to instruct the NIC to defer this
update until after the packet has been transmitted on the wire (rather
than merely read into the transmit FIFO).
The driver currently sets RPS but not RS. Some e1000 models seem to
interpret this as implying that the status byte should be updated;
some don't. On the ones that don't, we never see any TX completions
and so rapidly run out of TX buffers.
Fix by setting the RS bit in the TX descriptor. (We don't care about
when the packet reaches the wire, so don't bother setting the RPS
bit.)
Reported-by: Miroslav Halas <miroslav.halas@bankofamerica.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 5 Dec 2011 20:28:45 +0000 (20:28 +0000)]
[iscsi] Fail immediately if target rejects any of our parameters
Some iSCSI targets (observed with stgt) can be configured to reject
connections that do not use header or data digests, and will respond
with "HeaderDigest=Reject" and/or "DataDigest=Reject", while still
allowing the connection to proceed to the full feature phase.
According to a strict reading of RFC3720, we are perfectly safe to
ignore these "Reject" messages: upon such a rejection "the negotiated
key is left at its current value (or default if no value was set)".
Since the default value for both HeaderDigest and DataDigest is
"None", then the only viable conclusion to be drawn is that the value
resulting from "Reject" is still "None".
Unfortunately, stgt doesn't seem to agree with this interpretation of
events, causing us to eventually report an unhelpful "connection timed
out" message to the user when we don't get any response to our first
PDU in full feature phase.
Fix by detecting any rejected parameters and immediately reporting an
error, which at least gives the user some insight as to what the real
problem may be.
Reported-by: Michal Suchanek <hramrach@centrum.cz> Tested-by: Michal Suchanek <hramrach@centrum.cz> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 16 Nov 2011 00:18:26 +0000 (00:18 +0000)]
[build] Include UNDI PCI driver within all-drivers build
Commit 9b99d2a ("[build] Avoid generating ROMs with "match-any" vendor
or device IDs") introduced a regression which caused the UNDI PCI
driver to be omitted from the list of all drivers, and thus to be
excluded from the all-drivers build.
Fix by ensuring that the per-driver section of the Makefile is
generated even when there are no ROMs to be built.
Reported-by: Sven Dreyer <sven@dreyer-net.de> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 14 Nov 2011 19:13:31 +0000 (19:13 +0000)]
[hermon] Ensure hardware is quiescent when no interfaces are open
WinPE has been observed to call PXENV_UNDI_SHUTDOWN but not
PXENV_STOP_UNDI. This means that Hermon hardware is left partially
active (firmware running and one event queue mapped) when WinPE starts
up, which can cause a Blue Screen of Death.
Fix by ensuring that the hardware is left quiescent (with the firmware
stopped) when no interfaces are open.
Reported-by: Itay Gazit <itayg@mellanox.co.il> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Julian Pidancet [Mon, 14 Nov 2011 21:00:20 +0000 (21:00 +0000)]
[rtl8139] Perform only 8-bit ioport access on the ChipCmd register
The ChipCmd register is only an 8-bit register. The 16-bit access
used by iPXE was causing an issue when used with qemu emulated rtl8139
device which was improperly aligning IOs.
Signed-off-by: Julian Pidancet <julian.pidancet@gmail.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Sat, 12 Nov 2011 00:34:55 +0000 (00:34 +0000)]
[prefix] Allow an initrd to be passed to iPXE
Allow an initrd (such as an embedded script) to be passed to iPXE when
loaded as a .lkrn (or .iso) image. This allows an embedded script to
be varied without recompiling iPXE.
Michael Brown [Fri, 28 Oct 2011 21:32:33 +0000 (22:32 +0100)]
[netdevice] Allow driver to preinitialise the link-layer address
Drivers are currently expected to initialise only the hardware
address, with the link-layer protocol code taking care of converting
this into a valid link-layer address. Some drivers (e.g. undinet) can
legitimately determine both the hardware and link-layer addresses,
which may differ.
Allow for this situation by checking to see if the link-layer address
is empty before initialising it from the hardware address.
Michael Brown [Tue, 25 Oct 2011 14:48:20 +0000 (15:48 +0100)]
[liba20] Preserve all non-segment registers when calling INT 15,2401
Some BIOSes are reported to corrupt %ebx when using INT 15,2401 (see
http://opensolaris.org/jive/thread.jspa?messageID=377026). Guard
against this by preserving all (non-segment) registers.
Michael Brown [Tue, 25 Oct 2011 14:12:30 +0000 (15:12 +0100)]
[librm] Avoid (harmless) collisions with linker symbols
The symbol_text16 is defined globally by the linker. Use rm_text16
instead of _text16 for the local variable within librm.S to avoid
confusion when reading linker maps.
Michael Brown [Tue, 25 Oct 2011 00:41:41 +0000 (01:41 +0100)]
[image] Eliminate the register_and_xxx_image() functions
All users of imgdownload() require registration of the image, so make
registration an integral part of imgdownload() itself and simplify the
"action" parameter to be one of image_select(), image_exec() et al.
Michael Brown [Fri, 17 Sep 2010 21:43:45 +0000 (22:43 +0100)]
[arbel] Add (not-yet-functional) support for RC queue pairs
Arbel seems to crash the system as soon as the first send WQE
completes on an RC queue pair. (NOPs complete successfully, so this
is a problem specific to the work queue rather than the completion
queue.) The cause of this problem has remained unknown for over a
year.
Check in the non-functioning code to avoid bit-rot, and in the hope
that someone will find the fix.
projects / thirdparty / ipxe.git / log
