Michael Brown [Thu, 18 Jul 2013 12:35:19 +0000 (13:35 +0100)]
[settings] Clarify usage of the term "named setting"
There are currently two conflicting usages of the term "named setting"
within iPXE: one refers to predefined settings (such as show up in the
"config" UI), the other refers to settings identified by a name (such
as "net0.dhcp/ip").
Split these usages into the term "predefined setting" and "named
setting" to avoid ambiguity.
Michael Brown [Mon, 15 Jul 2013 22:08:50 +0000 (00:08 +0200)]
[build] Fix %.licence build target
Our use of --gc-sections causes the linker to discard the symbols
defined by FILE_LICENCE(), meaning that the resulting licence
determination is incomplete.
We must use the KEEP() directive in the linker script to force the
linker to not discard the licence symbols. Using KEEP(*(COMMON))
would be undesirable, since there are some symbols in COMMON which we
may wish to discard.
Fix by placing symbols defined by PROVIDE_SYMBOL() (which is used by
FILE_LICENCE()) into a special ".provided" section, which we then mark
with KEEP(). All such symbols are zero-length, so there is no cost in
terms of the final binary size.
Since the symbols are no longer in COMMON, the linker will reject
symbols with the same name coming from multiple objects. We therefore
append the object name to the licence symbol, to ensure that it is
unique.
Reported-by: Marin Hannache <git@mareo.fr> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 15 Jul 2013 15:30:39 +0000 (17:30 +0200)]
[ifmgmt] Avoid relying on global variable within ifcommon_exec()
The getopt API defines optind as a global variable. When used by the
"autoboot" command, the payload function passed to ifcommon_exec() may
result in a new iPXE script being executed; the commands therein would
then overwrite the value of optind. On returning, ifcommon_exec()
would continue processing the list of interfaces from an undefined
point.
Fix by using a local variable to hold the index within the list of
interfaces.
Reported-by: Robin Smidsrød <robin@smidsrod.no> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 15 Jul 2013 10:15:48 +0000 (12:15 +0200)]
[realtek] Allow extra space in RX buffers
Some hardware (observed with an onboard RTL8168) will erroneously
report a buffer overflow error if the received packet exactly fills
the receive buffer.
Fix by adding an extra four bytes of padding to each receive buffer.
Debugged-by: Thomas Miletich <thomas.miletich@gmail.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Adrian Jamróz [Sat, 13 Jul 2013 16:59:07 +0000 (18:59 +0200)]
[velocity] Rewrite VIA Velocity driver
Signed-off-by: Adrian Jamróz <adrian.jamroz@gmail.com> Modified-by: Thomas Miletich <thomas.miletich@gmail.com> Signed-off-by: Thomas Miletich <thomas.miletich@gmail.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Adrian Jamróz [Sat, 13 Jul 2013 14:11:50 +0000 (16:11 +0200)]
[rhine] Rewrite VIA Rhine driver
Replace the old via-rhine driver with a new version using the iPXE
API.
Includes fixes by Thomas Miletich for:
- MMIO access
- Link detection
- RX completion in RX overflow case
- Reset and EEPROM reloading
- CRC stripping
- Missing cpu_to_le32() calls
- Missing memory barriers
Signed-off-by: Adrian Jamróz <adrian.jamroz@gmail.com> Modified-by: Thomas Miletich <thomas.miletich@gmail.com> Tested-by: Thomas Miletich <thomas.miletich@gmail.com> Tested-by: Robin Smidsrød <robin@smidsrod.no> Modified-by: Michael Brown <mcb30@ipxe.org> Tested-by: Michael Brown <mcb30@ipxe.org> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Sun, 14 Jul 2013 09:37:17 +0000 (11:37 +0200)]
[lotest] Include sequence number within loopback test packets
Include a sequence number as the first four bytes of the loopback test
packet payload. When a content mismatch occurs, this gives some
information about the source of the mismatched packet.
Michael Brown [Sat, 13 Jul 2013 13:06:20 +0000 (15:06 +0200)]
[settings] Make "netX" settings block function as a symbolic link
Add a facility for settings blocks to act as symbolic links to other
settings blocks, and reimplement the "netX" virtual settings block
using this facility.
The primary advantage of this approach is that unscoped settings such
as ${mac} and ${filename} will now reflect the settings obtained from
the most recently opened network device: in most cases, this will mean
the settings obtained from the most recent DHCP attempt. This should
improve conformance to the principle of least astonishment.
Michael Brown [Tue, 9 Jul 2013 15:03:35 +0000 (16:03 +0100)]
[settings] Expose PCI configuration space via settings mechanism
Allow values to be read from PCI configuration space using the syntax
${pci/<busdevfn>.<offset>.<length>}
where <busdevfn> is the bus:dev.fn address of the PCI device
(expressed as a single integer, as returned by ${net0/busloc}),
<offset> is the offset within PCI configuration space, and <length> is
the length within PCI configuration space.
Values are returned in reverse byte order, since PCI configuration
space is little-endian by definition.
Michael Brown [Fri, 12 Jul 2013 12:45:55 +0000 (14:45 +0200)]
[settings] Use hex_decode() to parse hex settings
Use hex_decode() to parse "hex" and "hexhyp" settings. Note that this
parser is stricter than the old parser; it now requires exactly two
hex digits for each byte. (The old parser was based upon strtoul()
and so would allow leading whitespace and a leading plus or minus
sign.)
Michael Brown [Fri, 12 Jul 2013 01:10:03 +0000 (03:10 +0200)]
[tcp] Do not send RST for unrecognised connections
On large networks with substantial numbers of monitoring agents,
unwanted TCP connection attempts may end up flooding iPXE's ARP cache.
Fix by silently dropping packets received for unrecognised TCP
connections. This should not cause problems, since many firewalls
will also silently drop any such packets.
Reported-by: Jarrod Johnson <jarrod.b.johnson@gmail.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 24 Jun 2013 15:14:36 +0000 (16:14 +0100)]
[autoboot] Use next-server from filename's settings block
Locate the settings block containing the filename, and search only
that settings block for the next-server address. This avoids problems
caused by misconfigured DHCP servers which provide a next-server
address (often defaulting to the DHCP server's own IP address) even
when not providing a filename.
Originally-implemented-by: Alex Williamson <alex.williamson@redhat.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Fri, 7 Jun 2013 12:46:27 +0000 (13:46 +0100)]
[build] Work around bug in gcc >= 4.8
gcc 4.8 and 4.9 fail to compile pxe_call.c with the error "bp cannot
be used in asm here". Other points in the codebase which use "ebp" in
the asm clobber list do not seem to be affected.
Unfortunately gcc provides no way to specify %ebp as an output
register, so we cannot use this as a workaround. The only viable
solution is to explicitly push/pop %ebp within the asm itself. This
is ugly for two reasons: firstly, it may be unnecessary; secondly, it
may cause gcc to generate invalid %esp-relative addresses if the asm
happens to use memory operands. This specific block of asm uses no
memory operands and so will not generate invalid code.
Reported-by: Daniel P. Berrange <berrange@redhat.com> Reported-by: Christian Hesse <list@eworm.de> Originally-fixed-by: Christian Hesse <list@eworm.de> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 5 Jun 2013 13:01:40 +0000 (14:01 +0100)]
[bzimage] Align initrd images to page boundary
Some versions of Linux apparently complain if initrds are not aligned
to a page boundary. Fix by changing INITRD_ALIGN from 4 bytes to 4096
bytes.
The amount of padding at the end of each initrd will now often be
sufficient to allow the cpio header to be prepended without crossing
an alignment boundary. The final location of the initrd may therefore
end up being slightly higher than the post-shuffle location.
bzimage_load_initrd() must therefore now copy the initrd body prior to
copying the cpio header, otherwise the start of the initrd body may be
overwritten by the cpio header. (Note that the guarantee that an
initrd will never need to overwrite an initrd at a higher location
still holds, since the overall length of each initrd cannot decrease
as a result of adding a cpio header.)
Reported-by: Dave Hansen <dave@sr71.net> Signed-off-by: Michael Brown <mcb30@ipxe.org>
RFC2560 mandates that a valid OCSP response will contain exactly one
relevant certificate. However, some OCSP responders include
extraneous certificates. iPXE currently assumes that the first
certificate in the OCSP response is the relevant certificate; OCSP
checks will therefore fail if the responder includes the extraneous
certificates before the relevant certificate.
Fix by using the responder ID to identify the relevant certificate.
Reported-by: Christian Stroehmeier <stroemi@mail.uni-paderborn.de> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Sun, 26 May 2013 17:26:48 +0000 (18:26 +0100)]
[realtek] Fix reopening of legacy-mode 8139 NIC
realtek_destroy_ring() currently does nothing if the card is operating
in legacy (pre-RTL8139C+) mode. In particular, the producer and
consumer counters are incorrectly left holding their current values.
Virtual hardware (e.g. the emulated RTL8139 in qemu and similar VMs)
is tolerant of this behaviour, but real hardware will fail to transmit
if the descriptors are not used in the correct order.
Fix by resetting the producer and consumer counters in
realtek_destroy_ring() even if the card is operating in legacy mode.
Reported-by: Gelip <mrgelip@gmail.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Frediano Ziglio [Tue, 14 May 2013 13:06:25 +0000 (14:06 +0100)]
[romprefix] Fix incorrect pointer offset in undiloader.S
Commit 2422647 ("[prefix] Allow prefix to specify an arbitrary maximum
address for relocation") introduced a regression into the UNDI ROM
loader by preserving an extra register on the stack without modifying
the %sp-relative addresses used in the routine.
Fix by correcting the %sp-relative addresses to allow for the extra
preserved variable.
Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Tue, 14 May 2013 13:28:30 +0000 (14:28 +0100)]
[build] Use $(eval) if available
When the $(eval) function is available (in GNU make >= 3.80), we can
evaluate many of the dynamically-generated Makefile rules directly.
This avoids generating a few hundred Makefile fragments in the
filesystem, and so speeds up the build process.
Michael Brown [Fri, 10 May 2013 09:03:56 +0000 (10:03 +0100)]
[crypto] Report meaningful error when certificate chain validation fails
If a certificate chain contains no certificate which can be validated
as a standalone certificate (i.e. contains no trusted root
certificates or previously-validated certificates) then iPXE will
currently return a fixed error EACCES_UNTRUSTED. This masks the
actual errors obtained when attempting to validate each certificate as
a standalone certificate, and so makes troubleshooting difficult for
the end user.
Fix by instead returning the error obtained when attempting to
validate the final certificate in the chain as a standalone
certificate. This error is most likely (though not guaranteed) to
represent the "real" problem.
Reported-by: Sven Dreyer <sven@dreyer-net.de> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 1 May 2013 19:42:57 +0000 (20:42 +0100)]
[smbios] Allow access to multiple instances of SMBIOS structures
Extend the syntax for numerical SMBIOS settings from
smbios/<type>.<offset>.<length>
to
smbios/[<instance>.]<type>.<offset>.<length>
Where SMBIOS provides multiple structures with the same <type>, this
extended syntax allows for access to structures other than the first.
If <instance> is omitted then it will default to zero, giving access
to the first instance (and so matching existing behaviour).
The 16-bit SMBIOS handle (which is an alternative way to disambiguate
multiple instances of the same type of structure) can be accessed, if
required, using
Michael Brown [Wed, 1 May 2013 21:00:51 +0000 (22:00 +0100)]
[smbios] Allow access to unreferenced SMBIOS strings
iPXE allows access to general SMBIOS settings using the syntax:
smbios/<type>.<offset>.<length>
This provides access to any fixed-offset field within an SMBIOS
structure. This syntax is currently overloaded to interpret a zero
<length> as meaning that the byte at <offset> contains a string index;
this provides access to SMBIOS strings (which are not located at fixed
offsets).
The "OEM Strings" SMBIOS structure contains strings which are not
referenced by any fixed string index field within the structure. iPXE
currently provides no way to access these strings.
Fix by overloading the syntax for numerical SMBIOS settings to
interpret an <offset> of zero as implying that <length> contains a
literal string index. The OEM Strings can then be accessed using:
smbios/11.0.1
smbios/11.0.2
smbios/11.0.3
...
The actual byte at offset zero will always contain the structure type,
which is already known since it must be specified in order to access
the structure. There is thus no plausible existing use case for an
offset of zero; overloading the syntax in this way should therefore
not break compatibility with any existing scripts.
The corner case where both <offset> and <length> are zero is undefined
(and, for now, will simply return a "not found" error).
Michael Brown [Wed, 1 May 2013 13:05:42 +0000 (14:05 +0100)]
[netdevice] Add netdev_tx_defer() to allow drivers to defer transmissions
Devices with small transmit descriptor rings may temporarily run out
of space. Provide netdev_tx_defer() to allow drivers to defer packets
for retransmission as soon as a descriptor becomes available.
Michael Brown [Wed, 1 May 2013 08:15:51 +0000 (09:15 +0100)]
[realtek] Ensure EEPROM writes reach chip before starting udelay()
On some systems, it appears to be possible for writes to the EEPROM
registers to be delayed for long enough that the EEPROM's setup and
hold times are violated, resulting in invalid data being read from the
EEPROM.
Fix by inserting a PCI read cycle immediately after writes to
RTL_9346CR, to ensure that the write has completed before starting the
udelay() used to time the SPI bus transitions.
Reported-by: Gelip <mrgelip@gmail.com> Tested-by: Gelip <mrgelip@gmail.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Tue, 30 Apr 2013 13:31:39 +0000 (14:31 +0100)]
[romprefix] Report failure cause when unable to open payload
Report the cause of the failure when we are unable to open the .mrom
payload. There are two possible failure cases:
- Unable to find a suitable memory BAR to borrow (e.g. if the NIC
doesn't have a memory BAR that is at least as large as the
expansion ROM BAR, or if the memory BAR has been assigned a 64-bit
address which won't fit into the 32-bit expansion ROM BAR). This
will be reported as "BABABABA".
- Unable to find correct ROM image within the BAR. This will be
reported as the address (within the borrowed BAR) at which we first
fail to find a valid 55AA signature.
Michael Brown [Tue, 30 Apr 2013 12:36:04 +0000 (13:36 +0100)]
[realtek] Allow reaction time between writing RTL_CAPR and reading RTL_CR
Some older RTL8139 chips seem to not immediately update the
RTL_CR.BUFE bit in response to a write to RTL_CAPR. This results in
iPXE seeing a spurious zero-length received packet, and thereafter
being out of sync with the hardware's RX ring offset.
Fix by inserting an extra PCI read cycle after writing to RTL_CAPR, to
give the chip time to react before we next read RTL_CR.
Reported-by: Gelip <mrgelip@gmail.com> Tested-by: Gelip <mrgelip@gmail.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Sun, 28 Apr 2013 17:50:10 +0000 (18:50 +0100)]
[realtek] Use ID word to detect EEPROM presence
Some onboard RTL8169 NICs seem to leave the EEPROM pins disconnected.
The existing is_valid_ether_addr() test will not necessarily catch
this, since it expects a missing EEPROM to show up as a MAC address of
00:00:00:00:00:00 or ff:ff:ff:ff:ff:ff. When the EEPROM pins are
floating the MAC address may read as e.g. 00:00:00:00:0f:00, which
will not be detected as invalid.
Check the ID word in the first two bytes of the EEPROM (which should
have the value 0x8129 for all RTL8139 and RTL8169 chips), and use this
to determine whether or not an EEPROM is present.
Reported-by: Carl Karsten <carl@nextdayvideo.com> Tested-by: Carl Karsten <carl@nextdayvideo.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Sun, 28 Apr 2013 16:43:37 +0000 (17:43 +0100)]
[build] Default to short wchar_t in stddef.h
sparse does not understand -fshort-wchar. Default to using uint16_t
as a wchar_t if not explicitly specified by the compiler, to avoid
large numbers of spurious warnings from sparse.
Michael Brown [Sun, 28 Apr 2013 15:43:32 +0000 (16:43 +0100)]
[build] Use -Wno-decl when running sparse
Linker table entries must be non-static in order to avoid being
completely optimised away by some versions of gcc. Use -Wno-decl to
prevent sparse from warning about these, since the alternative would
be to litter the code with otherwise unnecessary "extern"
declarations.
Michael Brown [Thu, 25 Apr 2013 13:51:33 +0000 (14:51 +0100)]
[build] Define __WINT_TYPE__ if necessary
sparse does not define __WCHAR_TYPE__ or __WINT_TYPE__. We already
define __WCHAR_TYPE__ if the compiler does not do so; do the same for
__WINT_TYPE__.
Michael Brown [Thu, 25 Apr 2013 12:45:41 +0000 (13:45 +0100)]
[build] Allow sparse to find compiler.h
sparse seems to have problems finding compiler.h when specified as
"-include compiler.h"; one possible explanation is that it ignores the
include path. Fix by using "-include include/compiler.h".
Michael Brown [Fri, 19 Apr 2013 13:26:12 +0000 (14:26 +0100)]
[netdevice] Use link-layer address as part of RNG seed
iPXE currently seeds the random number generator using the system
timer tick count. When large numbers of machines are booted
simultaneously, multiple machines may end up choosing the same DHCP
transaction ID (XID) value; this can cause problems.
Fix by using the least significant (and hence most variable) bits of
each network device's link-layer address to perturb the random number
generator. This introduces some per-machine unique data into the
random number generator's seed, and so reduces the chances of DHCP XID
collisions.
This does not affect the ANS X9.82-compatible random bit generator
used by TLS and other cryptography code, which uses an entirely
separate source of entropy.
Originally-implemented-by: Bernhard Kohl <bernhard.kohl@nsn.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Add disambiguated errors for LoadImage() and StartImage(), primarily
to demonstrate how to use __einfo_uniqify() and __einfo_platformify()
in the context of EFI platform errors.
Michael Brown [Thu, 18 Apr 2013 20:29:53 +0000 (21:29 +0100)]
[efi] Perform meaningful error code conversions
Exploit the redefinition of iPXE error codes to include a "platform
error code" to allow for meaningful conversion of EFI_STATUS values to
iPXE errors and vice versa.
Michael Brown [Fri, 19 Apr 2013 12:34:13 +0000 (13:34 +0100)]
[libc] Redefine low 8 bits of error code as "platform error code"
The low 8 bits of an iPXE error code are currently defined as the
closest equivalent PXE error code. Generalise this scheme to
platforms other than PC-BIOS by extending this definition to "closest
equivalent platform error code". This allows for the possibility of
returning meaningful errors via EFI APIs.
Michael Brown [Wed, 3 Apr 2013 14:21:03 +0000 (15:21 +0100)]
[intel] Expose functionality to be shared with intelx driver
The Intel 10 Gigabit NICs have a datapath that is almost
register-compatible with the Intel 1 Gigabit NICs. Expose common
functionality to avoid duplication of code in the new "intelx" driver.
Michael Brown [Wed, 3 Apr 2013 14:20:55 +0000 (15:20 +0100)]
[intel] Remove hardcoded offsets for descriptor ring registers
The Intel 10 Gigabit NICs use the same simplified (aka "legacy")
descriptor format and the same layout for descriptor register blocks
as the Intel 1 Gigabit NICs. The offsets of the descriptor register
blocks are not the same.
Simplify reuse of the existing code by removing all hardcoded offsets
for registers within descriptor register blocks, and ensuring that all
offsets are calculated using the descriptor register block base
address provided via intel_init_ring().
Michael Brown [Wed, 17 Apr 2013 18:36:03 +0000 (19:36 +0100)]
[bios] Fix screen clearing on buggy BIOSes
The implementation of INT 10,06 on some BIOSes (observed with both
Hyper-V and a Dell OptiPlex 7010) seems to treat %dx=0xffff as a
special value meaning "do absolutely nothing". Fix by using
%dx=0xfefe, which should still be sufficient to cover any realistic
screen size.
Reported-by: John Clark <skyman@iastate.edu> Tested-by: John Clark <skyman@iastate.edu> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Sat, 6 Apr 2013 10:27:27 +0000 (11:27 +0100)]
[settings] Expose build architecture and platform via settings
Expose the build architecture (e.g. "i386" or "x86_64") via
${buildarch} and the firmware platform (e.g. "pcbios" or "efi") via
${platform}. These settings directly expose the ARCH and PLATFORM
variables from the Makefile.
Note that the build architecture reflects the architecture for which
iPXE was compiled, not the architecture on which iPXE is currently
running. The "cpuid" command can be used to detect a 64-bit system at
runtime.
Requested-by: James A. Peltier <jpeltier@sfu.ca> Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 25 Mar 2013 18:02:20 +0000 (18:02 +0000)]
[prism2] Use standard type names
Avoid using UINT16 and similar typedefs, which are non-standard in the
iPXE codebase and generate conflicts when trying to include any of the
EFI headers.
Also fix trailing whitespace in the affected files, to prevent
complaints from git.
Michael Brown [Fri, 22 Mar 2013 13:42:16 +0000 (13:42 +0000)]
[efi] Add "reboot" command for EFI
Abstract out the ability to reboot the system to a separate reboot()
function (with platform-specific implementations), add an EFI
implementation, and make the existing "reboot" command available under
EFI.
Michael Brown [Wed, 20 Mar 2013 00:54:42 +0000 (00:54 +0000)]
[dhcp] Use PXE byte ordering for UUID in DHCP option 97
The PXE spec does not specify a byte ordering for UUIDs, but RFC4578
suggests that it follows the EFI spec, in which the first three fields
are little-endian.
Michael Brown [Wed, 20 Mar 2013 00:14:38 +0000 (00:14 +0000)]
[smbios] Mangle UUIDs for SMBIOS version 2.6 and newer
iPXE treats UUIDs as being in network byte order (big-endian). The
SMBIOS specification version 2.6 states that UUIDs are stored with
little-endian values in the first three fields; earlier versions did
not specify an endianness. This results in some inconsistency between
the BIOS, vendor PXE, iPXE, and operating system interpretations of
the SMBIOS UUID.
dmidecode assumes that the byte order is little-endian if and only if
the SMBIOS version is 2.6 or higher. Choose to match this behaviour.
Reported-by: Matthew Helton <mwhelton@gmail.com> Reported-by: Alexandru Bordei <alexandru.bordei@gmail.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
projects / thirdparty / ipxe.git / log
