Expose iPXE's images as a UEFI file system, allowing the booted image
to access all images downloaded by iPXE.
This functionality is complementary to the custom iPXE download
protocol. The iPXE download protocol allows a booted image to utilise
iPXE to download arbitrary URIs, but requires the booted image to
specifically support the custom iPXE download protocol. The new
functionality limits the booted image to accessing only files that
were already downloaded by iPXE (e.g. as part of a script), but can
work with any generic UEFI image (e.g. the UEFI shell). Both
protocols are provided simultaneously, and are attached to the SNP
device handle.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
If a multifunction PCI device exposes an iPXE ROM via each function,
then each function will display a "Press Ctrl-B to configure iPXE"
prompt, and delay for two seconds. Since a single instance of iPXE
can drive all functions on the multifunction device, this simply adds
unnecessary delay to the boot process.
Fix by inhibiting the "Press Ctrl-B" prompt for all except the first
function on a PCI device.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Many BIOSes do not construct the full system memory map until after
calling the option ROM initialisation entry points. For several
years, we have added sanity checks and workarounds to accommodate
charming quirks such as BIOSes which report the entire 32-bit address
space (including all memory-mapped PCI BARs) as being usable RAM.
The IBM x3650 takes quirky behaviour to a new extreme. Calling either
INT 15,e820 or INT 15,e801 during POST doesn't just get you invalid
data. We could cope with invalid data. Instead, these nominally
read-only API calls manage to trash some internal BIOS state, with the
result that the system memory map is _never_ constructed. This tends
to confuse subsequent bootloaders and operating systems.
[ GRUB 0.97 fails in a particularly amusing way. Someone thought it
would be a good idea for memcpy() to check that the destination memory
region is a valid part of the system memory map; if not, then memcpy()
will sulk, fail, and return NULL. This breaks pretty much every use
of memcpy() including, for example, those inserted implicitly by gcc
to copy non-const initialisers. Debugging is _fun_ when a simple call
to printf() manages to create an infinite recursion, exhaust the
available stack space, and shut down the CPU. ]
Fix by completely inhibiting calls to INT 15,e820 and INT 15,e801
during POST.
We do now allow relocation during POST up to the maximum address
returned by INT 15,88 (which seems so far to always be safe). This
allows us to continue to have a reasonable size of external heap, even
if the PMM allocation is close to the 1MB mark.
The downside of allowing relocation during POST is that we may
overwrite PMM-allocated memory in use by other option ROMs. However,
the downside of inhibiting relocation, when combined with also
inhibiting calls to INT 15,e820 and INT 15,e801, would be that we
might have no external heap available: this would make booting an OS
impossible and could prevent some devices from even completing
initialisation.
On balance, the lesser evil is probably to allow relocation during
POST (up to the limit provided by INT 15,88). Entering iPXE during
POST is a rare operation; on the even rarer systems where doing so
happens to overwrite a PMM-allocated region, then there exists a
fairly simple workaround: if the user enters iPXE during POST and
wishes to exit iPXE, then the user must reboot. This is an acceptable
cost, given the rarity of the situation and the simplicity of the
workaround.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
romprefix.S currently calls uninstall() with an invalid value in %ax.
Consequently, base memory is not freed after a ROM boot attempt (or
after entering iPXE during POST).
The uninstall() function is physically present in .text16, and so can
use %cs to determine the .text16 segment address. The .data16 segment
address is not required, since uninstall() is called only by code
paths which set up .data16 to immediately follow .text16.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Add "make vmware" build target, to build all of the ROMs used with
VMware.
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The PXE TFTP API allows the caller to request a particular TFTP block
size. Since mid-2008, iPXE has appended a "?blksize=xxx" parameter to
the TFTP URI constructed internally; nothing has ever parsed this
parameter. Nobody seems to have cared that this parameter has been
ignored for almost five years.
Fix by using xfer_window(), which provides a fairly natural way to
convey the block size information from the PXE TFTP API to the TFTP
protocol layer.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Nothing currently prevents a menu separator from being assigned a
shortcut key, and then from being selected using that shortcut key.
This produces an inconsistency in the user interface, since separators
cannot be selected by other means of menu navigation (arrow keys, page
up/down, etc).
It would be trivial to prevent separators from being assigned shortcut
keys, but this would eliminate one potentially useful use case: having
a large menu and using shortcut keys to jump to a section within the
menu.
Fix by treating a shortcut key on a separator as equivalent to "select
the separator, then press the down arrow key". This has the effect of
moving to the first non-separator menu item following the specified
separator, which is probably the most intuitive behaviour. (The
existing logic for moving the selection already handles the various
nasty corner cases such as a menu ending with one or more separators.)
Reported-by: Ján ONDREJ (SAL) <ondrejj@salstar.sk>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Unrecognised keys may be returned by getkey() as character code zero,
which currently matches against the first menu item with no shortcut
key defined.
Prevent this unintended behaviour by explicitly checking that the menu
item has a defined shortcut key.
Reported-by: Ján ONDREJ (SAL) <ondrejj@salstar.sk>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The output->buf field is a pointer, not an array, so sizeof() is not
applicable. We must use the allocated string length instead.
Identified by gcc:
util/zbin.c: In function ‘alloc_output_file’:
util/zbin.c:146:37: warning: argument to ‘sizeof’ in ‘memset’ call
is the same expression as the destination; did you mean to
dereference it? [-Wsizeof-pointer-memaccess]
memset ( output->buf, 0xff, sizeof ( output->buf ) );
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some PXE stacks are known to claim that IRQs are supported, but then
never generate interrupts. No satisfactory solution has been found to
this problem; the workaround is to add the PCI vendor and device IDs
to a list of devices which will be treated as simply not supporting
interrupts.
This is something of a hack, since it will generate false positives
for identical devices with a working PXE stack (e.g. those that have
been reflashed with iPXE), but it's an improvement on the current
situation.
Reported-by: Richard Moore <rich@richud.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some NICs (e.g. Hermon) provide hardware support for stripping the
VLAN tag, but do not provide any way for this support to be disabled.
Drivers for this hardware must therefore call vlan_find() to identify
a suitable receiving network device.
Provide a weak version of vlan_find() which will always return NULL if
VLAN support has not been enabled (either directly, or by enabling
a feature such as FCoE which requires VLAN support). This allows the
VLAN code to be omitted from builds where the user has not requested
support for VLANs.
Inspired-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The iBFT NIC section has a VLAN field which must be filled in so that
iSCSI booting works over VLANs.
Unfortunately it is unclear from the IBM specification linked in
ibft.c whether the VLAN field is just the 802.1Q VLAN Identifier or
the full 802.1Q TCI. For now just fill in the VID, the Priority Code
Point and Drop Eligible Indicator could be set in the future if it
turns out they should be present too.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The iBFT has a VLAN field that should be filled in. Add the
vlan_tag() function to extract the VLAN tag of a network device.
Since VLAN support is optional, define a weak function that returns 0
when iPXE is built without VLAN support.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Authenticode requires that the size of the raw file must equal the
size of the OptionalHeader.SizeOfHeaders plus the sum of all sections'
SizeOfRawData.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Allow non-data records to be split across multiple received I/O
buffers, to accommodate large certificate chains.
Reported-by: Nicola Volpini <Nicola.Volpini@kambi.com>
Tested-by: Nicola Volpini <Nicola.Volpini@kambi.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
EFI's device naming model requires drivers to provide names for child
devices. Allow the driver's GetControllerName() method to delegate to
an instance of EFI_COMPONENT_NAME2_PROTOCOL installed on the child
device itself (if present); this allows the SNP device to expose its
own device name via the PCI driver's GetControllerName() method.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
At present, loading a bzImage via iPXE requires enough RAM to hold two
copies of each initrd file. Remove this constraint by rearranging the
initrds in place.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
No code from the original source remains within this file; relicense
under GPL2+ with a new copyright notice.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The version number string is currently updated only if version.o
happens to be rebuilt due to changes in its dependencies. Add a
dependency upon the git index, so that the version number is updated
after any checkout.
Signed-off-by: Thomas Miletich <thomas.miletich@gmail.com>
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Using -fno-dwarf2-cfi-asm is not sufficient to prevent the .eh_frame
section from being generated on newer versions of gcc. Add
-fno-exceptions -fno-unwind-tables -fno-asynchronous-unwind-tables;
this is sufficient to inhibit the .eh_frame section on gcc 4.7.1.
This does not affect the overall binary size, but does fix the numbers
reported by "size" for individual object files.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Current versions of gcc require -maccumulate-outgoing-args if any
sysv_abi functions call ms_abi functions. This requirement is likely
to be lifted in future gcc versions, so test explicitly to see if the
current version of gcc requires -maccumulate-outgoing-args.
This problem is currently masked since the implied
-fasynchronous-unwind-tables (which is the default in current gcc
versions) implies -maccumulate-outgoing-args.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Commit 947976d ("[netdevice] Do not force a poll on net_tx()")
requires network devices to have TX rings that are sufficiently large
to allow a transmitted response to all packets received during a
single poll.
Reported-by: Robin Smidsrød <robin@smidsrod.no>
Tested-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The Intel NIC emulation in some versions of VMware seems to suffer
from a flaw whereby the Interrupt Cause Register (ICR) fails to assert
the usual "packet received" bit (ICR.RXT0) if a receive overflow
(ICR.RXO) has also occurred.
Work around this flaw by polling for completed descriptors whenever
either ICR.RXT0 or ICR.RXO is asserted.
Reported-by: Miroslav Halas <miroslav.halas@bankofamerica.com>
Debugged-by: Miroslav Halas <miroslav.halas@bankofamerica.com>
Tested-by: Miroslav Halas <miroslav.halas@bankofamerica.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Avoid memory leaks by clearing any (non-child) settings immediately
before unregistering the network device settings block.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
When prompting the user to enter a setting value via the "read"
command, prefill the input buffer with the setting's current value.
Requested-by: Ján Ondrej (SAL) <ondrejj@salstar.ks>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Including a netdev_poll() within net_tx() can cause the net_step()
loop to end up processing hundreds or thousands of packets within a
single step, since each received packet being processed may trigger a
response which, in turn causes a poll for further received packets.
Network devices must now ensure that the TX ring is at least as large
as the RX ring, in order to avoid running out of TX descriptors. This
should not cause any problems; unlike the RX ring, there is no
substantial memory cost incurred by increasing the TX ring size.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Remove the newline from the "Press Ctrl-B..." prompt string, so that
prompt() does not attempt to backspace beyond the start of the line.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Commit 5ad445f ("[settings] Treat an empty formatted value as meaning
"delete setting"") (re)defined the semantics of storing an empty
formatted setting as meaning "delete setting".
Remove the existing self-test using an empty formatted hex setting
value, since it no longer conforms to the defined semantics.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Take ownership from the ARP cache at the start of arp_destroy(), to
ensure that no code path can lead to arp_destroy() being re-entered.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
serial_console_init() would enable serial console support without
knowing if the serial driver succeeded or not. As a result, the
serial console would interfere with a normal keyboard on a system
lacking serial support.
Reported-by: Jan ONDREJ (SAL) <ondrejj(at)salstar.sk>
Signed-off-by: Shao Miller <sha0.miller@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Commit 73eb3f1 ("[int13] Zero all possible registers when jumping to a
boot sector") introduced a regression preventing the SAN-booting of
boot sectors which rely upon %dl containing the correct drive number
(such as most CD-ROM boot sectors).
Fix by not zeroing %edx.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
TLS servers are not obliged to implement the RFC3546 maximum fragment
length extension, and many common servers (including OpenSSL, as used
in Apache's mod_ssl) do not do so. iPXE may therefore have to cope
with TLS records of up to 16kB. Allocations for 16kB have a
non-negligible chance of failing, causing the TLS connection to abort.
Fix by maintaining the received record as a linked list of I/O
buffers, rather than a single contiguous buffer. To reduce memory
pressure, we also decrypt in situ, and deliver the decrypted data via
xfer_deliver_iob() rather than xfer_deliver_raw().
Signed-off-by: Michael Brown <mcb30@ipxe.org>
eIPoIB requires space to expand a transmitted ARP packet. This
guarantee is met by ensuring that a transmitted packet consists of at
least MAX_LL_HEADER_LEN bytes from the start of the I/O buffer up to
the end of the link-layer header, and at least IOB_ZLEN bytes
thereafter.
Adjust the I/O buffer allocation for SNP transmitted packets to ensure
that this guarantee is met.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
At least one boot sector (the DUET boot sector used for bootstrapping
EFI from a non-EFI system) fails to initialise the high words of
registers before using them in calculations, leading to undefined
behaviour.
Work around such broken boot sectors by explicitly zeroing the
contents of all registers apart from %cs:%ip and %ss:%sp.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
When fetching a named setting using a name that does not explicitly
specify a type, default to using the type stored when the setting was
created, rather than always defaulting to "string". This allows the
behaviour of user-defined settings to match the behaviour of
predefined settings (which have a sensible default type).
For example:
set server:ipv4 192.168.0.1
echo ${server}
will now print "192.168.0.1", rather than trying to print out the raw
IPv4 address bytes as a string.
The downside of this change is that existing tricks for printing
special characters within scripts may require (backwards-compatible)
modification. For example, the "clear screen" sequence:
set esc:hex 1b
set cls ${esc}[2J
echo ${cls}
will now have to become
set esc:hex 1b
set cls ${esc:string}[2J # Must now explicitly specify ":string"
echo ${cls}
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Almost all clients of the raw-packet interfaces (UNDI and SNP) can
handle only Ethernet link layers. Expose an Ethernet-compatible link
layer to local clients, while remaining compatible with IPoIB on the
wire. This requires manipulation of ARP (but not DHCP) packets within
the IPoIB driver.
This is ugly, but it's the only viable way to allow IPoIB devices to
be driven via the raw-packet interfaces.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Allow for allocation of memory blocks having a specified offset from a
specified physical alignment, such as being 12 bytes before a 2kB
boundary.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some RTL8169 cards seem to drive the EEPROM CS line high (i.e. active)
when 9346CR.EEM is set to "normal operating mode", with the result
that the CS line is never deasserted. The symptom of this is that the
first read from the EEPROM will work, while all subsequent reads will
return garbage data.
Reported-by: Thomas Miletich <thomas.miletich@gmail.com>
Debugged-by: Thomas Miletich <thomas.miletich@gmail.com>
Tested-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some RTL8169 cards (observed with an RTL8169SC) power up advertising
only 100Mbps, despite being capable of 1000Mbps. Forcibly enable
advertisement of 1000Mbps on any RTL8169-like card.
This change relies on the assumption that the CTRL1000 register will
not exist on 100Mbps-only RTL8169 cards such as the RTL8101.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some RTL8169 cards (observed with an RTL8169SC) crash and burn if DAC
is enabled, even if only 32-bit addresses are used. Observed
behaviour includes system lockups and repeated transmission of garbage
data onto the wire.
This seems to be a known problem. The Linux r8169 driver disables DAC
by default and provides a "use_dac" module parameter.
There appears to be no known test for determining whether or not DAC
will work. As a workaround, enable DAC only if we are built as as
64-bit binary. This at least eliminates the problem in the common
case of a 32-bit build, which will never use 64-bit addresses anyway.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some bits in the C+ Command register are always one. Testing for the
presence of the register must allow for this.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some RTL8169 cards (observed with an RTL8169SC) power up with
TCR.MXDMA set to 16 bytes. While this does not prevent proper
operation, it almost certainly degrades performance.
Fix by explicitly setting TCR.MXDMA to "unlimited".
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some RTL8169 cards (observed with an RTL8169SC) power up with invalid
values in RCR.RXFTH and RCR.MXDMA, causing receive DMA to fail. Fix
by setting explicit values for both fields.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some RTL8169 cards (observed with an RTL8169SC) power up with garbage
values in the ring address registers, and do not clear the registers
on reset.
Fix by always setting the high dword of the ring address registers.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Commit 501527d ("[http] Treat any unexpected connection close as an
error") introduced a regression causing HTTP SAN booting to fail. At
the end of the response to the HEAD request, the call to http_done()
would erroneously believe that the server had disconnected in the
middle of the HTTP headers.
Fix by treating the header block from a HEAD request as a trailer
block. This fixes the problem and also simplifies the logic in
http_rx_header().
Reported-by: Shao Miller <shao.miller@yrdsb.edu.on.ca>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The FTP SIZE command allows us to get the size of a particular file,
as a consequence, we can now show proper transfer progression while
fetching a file using the FTP protocol.
Signed-off-by: Marin Hannache <git@mareo.fr>
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
iPXE currently checks that the server has not closed the connection
mid-stream (i.e. in the middle of a chunked transfer, or before the
specified Content-Length has been received), but does not check that
the server got as far as starting to send data. Consequently, if the
server closes the connection before any data is transferred (e.g. if
the server gives up waiting while iPXE performs the validation steps
for TLS), then iPXE will treat this as a successful transfer of a
zero-length file.
Fix by checking the RX connection state, and forcing an error if the
server has closed the connection at an unexpected point.
Originally-fixed-by: Marin Hannache <mareo@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The UNDI ROM header does contain a checksum byte. Apparently no-one
cares about this, since iPXE has left it as zero for years without
anyone noticing.
Since Option::ROM now understands the UNDI ROM header, we may as well
fix up the checksum byte for the sake of completeness.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Option::ROM currently understands only JMP NEAR and JMP SHORT
instructions in the initialisation entry point. At least one Broadcom
option ROM has been observed to use a CALL NEAR instruction.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
COMBOOT images are detected by looking for a ".com" or ".cbt" filename
extension. There are widely-used files with a ".com" extension, such
as "wdsnbp.com", which are PXE images rather than COMBOOT images.
Avoid false detection of PXE images as COMBOOT images by accepting
only a ".cbt" extension as indicating a COMBOOT image.
Interestingly, this bug has been present for a long time but was
frequently concealed because the filename was truncated to fit the
fixed-length "name" field in struct image. (PXE binaries ending in
".com" tend to be related to Windows deployment products and so often
use pathnames including backslashes, which iPXE doesn't recognise as a
path separator and so treats as part of a very long filename.)
Commit 1c127a6 ("[image] Simplify image management commands and
internal API") made the image name a variable-length field, and so
exposed this flaw in the COMBOOT image detection algorithm.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Allow the file mode to be specified using a "mode=" command line
parameter. For example:
initrd http://web/boot/bootlocal.sh /opt/bootlocal.sh mode=755
Requested-by: Bryce Zimmerman <bryce.zimmerman@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some AMI BIOSes apparently break in exciting ways when asked for PMM
allocations for sizes that are not multiples of 4kB.
Fix by rounding up the image source area to the nearest 4kB. (The
temporary decompression area is already rounded up to the nearest
128kB, to facilitate sharing between multiple iPXE ROMs.)
Reported-by: Itay Gazit <itayg@mellanox.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Change the DMA alignment from 4096 bytes to 16 bytes, to conserve
available DMA memory. The hardware doesn't have any specific
alignment requirements.
Signed-off-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Reduce CPU usage while waiting for user input. This is particularly
important for virtual machines, where CPU is a shared resource.
Reported-by: Alessandro Salvatori <alessandro@embrane.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Cygwin's assembler treats '/' as a comment character.
Reported-by: Steve Goodrich <steve.goodrich@se-eng.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Similarly to FreeBSD, OpenBSD requires the object format to be
specified as elf_i386_obsd rather than elf_i386.
Reported-by: Jiri B <jirib@devio.us>
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
PCI3.0 allows us to report a "runtime size" which can be smaller than
the actual ROM size. On systems that support PMM our runtime size
will be small (~2.5kB), which helps to conserve the limited option ROM
space. However, there is no guarantee that the PMM allocation will
succeed, and so we need to report the worst-case runtime size in the
PCI header.
Move the "shrunk ROM size" field from the PCI header to a new "iPXE
ROM header", allowing it to be accessed by ROM-manipulation utilities
such as disrom.pl.
Reported-by: Anton D. Kachalov <mouse@yandex-team.ru>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Datasheet pp. 41-42 defines 'rx packet length' as upper word of
'status' dword field of the receive descriptor table.
http://www.smsc.com/media/Downloads_Archive/discontinued/83c171.pdf
Tested on SMC EtherPower II.
Signed-off-by: Alexey Smazhenko <darkover@corbina.com.ua>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
gcc 4.7 produces a spurious warning about an array subscript being out
of bounds. Use a pointer dereference instead of an array lookup to
inhibit this spurious warning.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Simplify the process of booting by ensuring that old images are not
left registered after an unsuccessful autoboot attempt.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Expose image tail-recursion to iPXE scripts via the "--replace"
option. This functions similarly to exec() under Unix: the
currently-executing script is replaced with the new image (as opposed
to running the new image as a subroutine).
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The script include/ipxe/efi/import.pl relies on a particular format
for the #include guard in order to detect EFI headers that are not
imported.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
PXENV_FILE_CMDLINE is an iPXE extension, and will not be supported by
most PXE stacks. Do not report any errors to the user, since in
almost all cases the error will mean simply "not loaded by iPXE".
Reported-by: Patrick Domack <patrickdk@patrickdk.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The EFI_CPU_IO_PROTOCOL is not available on all EFI platforms. In
particular, it is not available under OVMF, as used for qemu.
Since the EFI_CPU_IO_PROTOCOL is an abomination of unnecessary
complexity, banish it and use raw I/O instead.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Attempt to restore the network device to the state it was in prior to
calling the NBP. This simplifies the task of taking follow-up action
in an iPXE script.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Allow scripts to report errors in more detail by exposing the most
recent error via the ${errno} setting. For example:
chain ${filename} || goto failed
...
:failed
imgfree http://192.168.0.1/ipxe_error.php?error=${errno}
Note that ${errno} is valid only immediately after executing a failed
command.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some BIOSes (observed on a Supermicro system with an AMI BIOS) seem to
use the area immediately below 0x7c00 to store data related to the
boot process. This data is currently liable to be overwritten by the
temporary stack used while decompressing and installing iPXE.
Try to avoid any such problems by placing the temporary stack
immediately after the loaded iPXE binary. Any memory used by the
stack could then potentially have been overwritten anyway by a larger
binary.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
On i350 the datasheet contradicts itself in stating that the default
value of RXDCTL.ENABLE for queue zero is both set (according to the
"Receive Initialization" section) and unset (according to the "Receive
Descriptor Control - RXDCTL" section). Empirical evidence suggests
that the default value is unset.
Explicitly enable both transmit and receive queues to avoid any
ambiguity.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
On 82576 (and probably others), the datasheet states that "the tail
register of the queue (RDT[n]) should not be bumped until the queue is
enabled". There is some confusion over exactly what constitutes
"enabled": the initialisation blurb says that we should "poll the
RXDCTL register until the ENABLE bit is set", while the description
for the RXDCTL register says that the ENABLE bit is set by default
(for queue zero). Empirical evidence suggests that the ENABLE bit
reads as set immediately after writing to RCTL.EN, and so polling is
not necessary.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The setup_move_size field is not defined in protocol versions earlier
than 2.00 (and is obsolete in versions later than 2.01). In binaries
using versions earlier than 2.00, the relevant location is likely to
contain executable code.
Interestingly, this bug has been present since support for pre-2.00
protocol versions was added in 2009, and has been unexpectedly
modifying the memtest86+ code fragment:
mov $0x92, %dx
inb %dx, %al
Fortuitously, the modification exactly overwrote the value loaded into
%dx, and so the net effect was limited to causing Fast Gate A20
detection to always fail.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
A window size of 256kB should be sufficient to allow for
full-bandwidth transfers over a Gigabit LAN, and for acceptable
transfer speeds over other typical links.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The maximum TCP throughput is fundamentally limited by the amount of
available receive buffer space. Increase the heap size from 128kB to
512kB to allow the use of larger TCP windows.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Whenever memory pressure causes a queued packet to be discarded (and
so retransmitted), reduce the maximum TCP window to a size that would
have prevented the discard.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Discarding the active ARP cache entry in the middle of a download will
substantially disrupt the TCP stream. Try to minimise any such
disruption by treating ARP cache entries as expensive, and discarding
them only when nothing else is available to discard.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
I/O buffers are allocated on aligned boundaries. The I/O buffer
descriptor (the struct io_buffer) is currently attached to the end of
the I/O buffer. When the size of the buffer is close to its
alignment, this can waste large amounts of aligned memory.
For example, a network card using 2048-byte receive buffers will end
up allocating 2072 bytes on a 2048-byte boundary. This effectively
wastes 50% of the available memory.
Improve the situation by allocating the descriptor separately from the
main I/O buffer if inline allocation would cause the total allocated
size to cross the alignment boundary.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The current logic is to process at most one received packet per call
to net_poll(), on the basis that refilling the hardware descriptor
ring should be delayed as little as possible. However, this limits
the rate at which packets can be processed and ultimately ends up
adding latency which, in turn, limits the achievable throughput.
With temporary modifications in place to essentially remove all
resource constraints (heap size increased to 16MB, RX descriptor ring
increased to 64 descriptors) and a TCP window size of 1MB, the
throughput on a gigabit (i.e. 119MBps) network can be observed to fall
off exponentially from around 115MBps to around 75MBps. Changing
net_poll() to process all received packets results in a steady
119MBps throughput.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Commit 196751c ("[build] Enable warnings when building utilities")
revealed a previously hidden compiler warning in util/nrv2b.c
regarding an out-of-bounds array subscript in the code
#if defined(SWD_BEST_OFF)
if (s->best_pos[2] == 0)
s->best_pos[2] = key + 1;
#endif
where best_pos[] is defined by
#define SWD_BEST_OFF 1
#if defined(SWD_BEST_OFF)
unsigned int best_off[ SWD_BEST_OFF ];
unsigned int best_pos[ SWD_BEST_OFF ];
#endif
With SWD_BEST_OFF set to 1, it can be proven that all code paths
referring to s->best_off[] and s->best_pos[] will never be executed,
with the exception of the two lines above. Since these two lines
alone can have no effect on execution, we can safely undefine
SWD_BEST_OFF.
Verified by comparing md5sums of bin/undionly.kpxe before and after
the change.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Each ARP cache entry maintains a transmission queue, which is sent out
as soon as the link-layer address is known. If multiple packets are
queued, then it is possible for memory pressure to cause the ARP cache
discarder to be invoked during transmission of the first packet, which
may cause the ARP cache entry to be deleted before the second packet
can be sent. This results in an invalid pointer dereference.
Avoid this problem by reference-counting ARP cache entries and
ensuring that an extra reference is held while processing the
transmission queue, and by using list_first_entry() rather than
list_for_each_entry_safe() to traverse the queue.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Commit ea61075 ("[tcp] Add support for TCP window scaling") introduced
a potential NULL pointer dereference by referring to the connection's
send window scale before checking whether or not the connection is
known.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
iPXE currently aligns all I/O buffers on a 2kB boundary. This is
overkill for transmitted packets, which are typically much smaller
than 2kB.
Align I/O buffers on their own size. This reduces the alignment
requirement for small buffers, while preserving the guarantee that I/O
buffers will never cross boundaries that might cause problems for some
DMA engines.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The default maximum plaintext fragment length for TLS is 16kB, which
is a substantial amount of memory for iPXE to have to allocate for a
temporary decryption buffer.
Reduce the memory footprint of TLS connections by requesting a maximum
fragment length of 2kB.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The maximum unscaled TCP window (64kB) implies a maximum bandwidth of
around 300kB/s on a WAN link with an RTT of 200ms. Add support for
the TCP window scaling option to remove this upper limit.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The undinet driver always has to make a copy of the received frame
into an I/O buffer. Align this copy sensibly so that subsequent
operations are as fast as possible.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Checking for keypresses takes a non-negligible amount of time, and
measurably affects our RTT. Minimise the impact by checking for
keypresses only once per timer tick.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The generic TCP/IP checksum implementation requires approximately 10
CPU clocks per byte (as measured using the TSC). Improve this to
approximately 0.5 CPU clocks per byte by using "lodsl ; adcl" in an
unrolled loop.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Calculating the TCP/IP checksum on received packets accounts for a
substantial fraction of the response latency.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The "rep" prefix can be used with an iteration count of zero, which
allows the variable-length memcpy() to be implemented without using
any conditional jumps.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
A reasonably large (512MB) file transferred via HTTP over Gigabit
Ethernet should complete in around 4.6 seconds. Increase the
resolution of the "time" command to tenths of a second, to allow such
transfers to be meaningfully measured.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Use hw pointer in PCI driver data as expected by sky2_remove().
Signed-off-by: Valentine Barshak <gvaxon@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
iPXE has no concept of the local time zone, mainly because there is no
viable way to obtain time zone information in the absence of local
state. This causes potential problems with newly-issued certificates
and certificates that are about to expire.
Avoid such problems by allowing an error margin of around 12 hours on
certificate validity periods, similar to the error margin already
allowed for OCSP response timestamps.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
FCoE requires the use of multiple local unicast link-layer addresses.
To avoid the complexity of managing multiple addresses, iPXE operates
in promiscuous mode. As a consequence, any unicast packets with
non-matching IPv4 addresses are rejected at the IPv4 layer (rather
than at the link layer).
This can cause problems when issuing a second DHCP request: if the
address chosen by the DHCP server does not match the existing address,
then the DHCP response will itself be rejected.
Fix by requesting a broadcast response from the DHCP server if the
network interface already has any IPv4 addresses.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
PMM defines the return code 0xffffffff as meaning "unsupported
function". It's hard to imagine a PMM BIOS that doesn't support
pmmAllocate(), but apparently such things do exist.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
A .mrom image currently assumes that it is the first image within the
expansion ROM BAR, which may not be correct when multiple images are
present.
Fix by scanning through the BAR until we locate an image matching our
build ID.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The header of a .mrom image declares its length to be only a few
kilobytes; the remainder is accessed via a sideband mechanism. This
makes it difficult to append an additional ROM image, such as an EFI
ROM.
Add a second, dummy ROM header covering the payload portion of the
.mrom image, allowing consumers to locate any appended ROM images in
the usual way.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Avoid potential confusion in the documentation by using a
vendor-neutral name for the extended (AMD-defined) feature set.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Add "sync" command (loosely based on the Unix "sync"), which will wait
for any pending operations to complete.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
iPXE is fundamentally asynchronous in operation: some operations
continue in the background even after the foreground has continued to
a new task. For example, the closing FIN/ACK exchanges of a TCP
connection will take place in the background after an HTTP download
has completed.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Provide HTTP Basic authentication credentials only in response to a
401 Unauthorized response from the server.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some headers can modify the meaning of the response code. For
example, a WWW-Authenticate header can change the interpretation of a
401 Unauthorized response from "Access denied" to "Please
authenticate".
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The setting name "key" conflicts with the setting name "key" already
in use by the 802.11 code. Resolve the conflict by renaming the newer
setting to "privkey".
Signed-off-by: Michael Brown <mcb30@ipxe.org>
EFI_PCI_DEVICE_ENABLE is a list of the standard attributes that must
be enabled for a PCI device to function: I/O cycles, memory cycles,
and bus-mastering. We currently call EFI_PCI_IO_PROTOCOL::Attribute()
with the parameter EFI_PCI_DEVICE_ENABLE to enable a PCI device. This
should translate to a single write to PCI configuration space.
Simplicity is not a virtue within the UEFI world. Some platforms will
'helpfully' report an error if EFI_PCI_DEVICE_ENABLE is used on a
device that doesn't actually support all three of the relevant
attributes. For example, if a PCI device provides only memory-mapped
accesses (and so hardwires the I/O enable bit to zero), then using
EFI_PCI_DEVICE_ENABLE on such a platform will result in an
EFI_UNSUPPORTED error.
There is no plausible use case in which it is useful for the platform
to return an error in this way, and doing so makes it impossible to
distinguish genuine errors from noise.
Work around this broken behaviour by attempting to enable the three
attributes individually, and ignoring any errors.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
iSCSI generally includes a full SCSI response only when an error
occurs. iscsi_scsi_done() currently passes the NULL response through
to scsi_response(), which ends up causing scsicmd_response() to
dereference a NULL pointer.
Fix by calling scsi_response() only if we have a non-NULL response.
Reported-by: Brendon Walsh <brendonwalsh@niamu.com>
Tested-by: Brendon Walsh <brendonwalsh@niamu.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Add support for constructing OCSP queries and parsing OCSP responses.
(There is no support yet for actually issuing an OCSP query via an
HTTP POST.)
Signed-off-by: Michael Brown <mcb30@ipxe.org>
X.509 certificate processing currently produces an overwhelming amount
of debugging information. Move some of this from DBGLVL_LOG to
DBGLVL_EXTRA, to make the output more manageable.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Automatically attempt to download any required cross-signing
certificates from http://ca.ipxe.org/auto, in order to enable the use
of standard SSL certificates issued by public CAs.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
To allow for automatic download of cross-signing certificates and for
OCSP, the validation of certificates must be an asynchronous process.
Create a stub validator which uses a job-control interface to report
the result of certificate validation.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
CMS includes an unordered certificate set, from which certificates
must be extracted in order by matching up issuers with subjects. We
will use the same functionality as part of the automatic download of
cross-signing certificates. Generalise cms_find_subject() to
x509_find_subject(), and create x509_auto_append().
Signed-off-by: Michael Brown <mcb30@ipxe.org>
At present, certificate chain validation is treated as an
instantaneous process that can be carried out using only data that is
already in memory. This model does not allow for validation to
include non-instantaneous steps, such as downloading a cross-signing
certificate, or determining certificate revocation status via OCSP.
Redesign the internal representation of certificate chains to allow
chains to outlive the scope of the original source of certificates
(such as a TLS Certificate record).
Allow for certificates to be cached, so that each certificate needs to
be validated only once.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The free-memory-block traversal code triggers multiple warnings from
Valgrind when assertions are enabled, since the list consistency
checks performed by list_check() end up accessing areas that have been
marked as inaccessible.
Fix by ensuring that any memory areas that will be accessed by
list_check() are marked as defined when necessary.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
RTL8139C+ cards use essentially the same datapath as RTL8169, which is
zerocopy and 64-bit capable. Older RTL8139 cards use a single receive
ring buffer rather than a descriptor ring, but still share substantial
amounts of functionality with RTL8169.
Include support for RTL8139 cards within the generic Realtek driver,
since there is no way to differentiate between RTL8139 and RTL8139C+
cards based on the PCI IDs alone.
Many thanks to all the people who worked on the rtl8139 driver over
the years.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
If a root certificate has been explicitly specified at build time
using TRUST=/path/to/cert then do not allow this to be overridden even
from a trustworthy settings source (such as VMware GuestInfo).
Similarly, if a client certificate (and private key) has been
explicitly specified at build time, then do not allow it to be
overridden at runtime.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some objects (embedded.o, rootcert.o, and clientcert.o) define
additional dependencies on external files, using syntax such as:
$(BIN)/clientcert.o : $(CERT_LIST)
This dependency can be missed when using debug builds. For example,
if DEBUG=clientcert is used, then the relevant object is
$(BIN)/clientcert.dbg1.o rather than $(BIN)/clientcert.o.
Fix by adding dependencies to $(clientcert_DEPS) instead:
clientcert_DEPS += $(CERT_LIST)
Signed-off-by: Michael Brown <mcb30@ipxe.org>
util/prototester.c was removed in commit a6d1815 ("Obsolete for some
time now") back in 2006.
Signed-off-by: Marin Hannache <mareo@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The WinCE, a.out and FreeBSD loaders are designed to be #included by
core/loader.c, which no longer exists. These old loaders are not
usable anymore and cause compilation failures when enabled in
config/general.h.
Signed-off-by: Marin Hannache <mareo@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
http_step() allocates a potentially large block of storage (since the
URI can be arbitrarily long), and can be invoked as part of an already
deep call stack via xfer_window_changed().
Signed-off-by: Michael Brown <mcb30@ipxe.org>
xfer_printf() occasionally has to deal with strings that are
potentially long, such as HTTP URIs with multiple query parameters.
Allocating these on the stack can lead to stack overruns and memory
corruption.
Fix by using vasprintf() instead of a stack allocation.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The link state is currently set at probe time, and updated only when
the device is polled. This results in the user seeing a misleading
stale "Link: down" message, if autonegotiation did not complete within
the short timespan of the probe routine.
Fix by updating the link state when the device is opened, so that the
message that ends up being displayed to the user reflects the real
link state at device open time.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
If the network interface has only just been opened (e.g. by the "dhcp"
command) then we should allow at least one opportunity for the card to
update the link state before testing it, to avoid false positives.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
There is no explicit SNP API call to determine link state; the SNP
interface user may check the MediaPresent field within the mode data
at any time.
Update the MediaPresent field whenever the link state changes.
Reported-by: Michael R Turner <mikeyt@us.ibm.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Changing the trusted root certificate currently requires a rebuild of
the iPXE binary, which may be inconvenient or impractical.
Allow the list of trusted root certificate fingerprints to be
overridden using the "trust" setting, but only at the point of iPXE
initialisation. This prevents untrusted sources of settings
(e.g. DHCP) from subverting the chain of trust, while allowing
trustworthy sources to change the trusted root certificate without
requiring a rebuild.
The basic idea is that if you are able to manipulate a trustworthy
source of settings (e.g. VMware GuestInfo or non-volatile stored
options), then you would be able to replace the iPXE binary anyway,
and so no security is lost by allowing such sources to override the
list of trusted root certificates.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Solaris assumes that there is enough space above the Multiboot modules
to use as a decompression and scratch area. This assumption is
invalid when using iPXE, which places the Multiboot modules near the
top of (32-bit) memory.
Fix by copying the modules to an area of memory immediately following
the loaded kernel.
Debugged-by: Michael Brown <mcb30@ipxe.org>
Debugged-by: Scott McWhirter <scottm@joyent.com>
Tested-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Tested-by: Thomas Miletich <thomas.miletich@gmail.com>
Debugged-by: Thomas Miletich <thomas.miletich@gmail.com>
Tested-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
iPXE provides no support for manually configuring the link speed.
Provide a generic routine which should be able to reset any MII/GMII
PHY and enable autonegotiation.
Prototyped-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
niclist.pl recursively scans specified source folders and builds a
list of supported NICs by looking for ISA_ROM and PCI_ROM lines and
outputs the list in text, CSV, JSON, HTML or DokuWiki format. Sorting
and column selection is possible.
The pci-utils pci.ids file is fetched from SourceForge once a day to
also output the "official" vendor/device names associated with the PCI
device.
Signed-off-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Allow iPXE settings to be specified in the .vmx file via the VMware
GuestInfo mechanism. For example:
guestinfo.ipxe.filename = "http://boot.ipxe.org/demo/boot.php"
guestinfo.ipxe.dns = "192.168.0.1"
guestinfo.ipxe.net0.ip = "192.168.0.15"
guestinfo.ipxe.net0.netmask = "255.255.255.0"
guestinfo.ipxe.net0.gateway = "192.168.0.1"
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Allow TFTP to be configured out by moving the next-server setting
definition (which is used by autoboot.c) from tftp.c to settings.c.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Refactor setting type handlers to parse and format values, rather than
storing and fetching formatted values.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Solaris kernels seem to rely on having the full kernel path present in
the multiboot command line; if only the kernel name is present then
the boot fails with the error message
krtld: failed to open 'unix'
Debugged-by: Michael Brown <mcb30@ipxe.org>
Debugged-by: Scott McWhirter <scottm@joyent.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
DOWNLOAD_PROTO_TFTM is now useless as tftm support has been merged
into tftp.c. DOWNLOAD_PROTO_TFTP should be used instead.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Add support for 82579-based chips such as those found on Sandy Bridge
motherboards. Based on d3738bb8203acf8552c3ec8b3447133fc0938ddd in
Linux.
Signed-off-by: Daniel Hokka Zakrisson <daniel@hozac.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
sizeof(cipherspec) is obviously wrong in this context, because it will
only zero the first 4 or 8 bytes (cipherspec is a pointer).
This problem was reported by cppcheck.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Use explicit size in memset because 8 bytes must be set always.
This problem was reported by cppcheck.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Using __from_text16() and __from_data16() in inline asm constraints
sometimes defeats gcc's ability to simplify expressions down to
compile-time constants.
Reported-by: Jason Kohles <jkohles@palantir.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
iPXE's support for COMBOOT images is now quite outdated; it has not
kept up to date with changes in the COMBOOT API. The primary use for
COMBOOT seems to be for menuing support. Now that we have native iPXE
script-based menus, COMBOOT support can be gracefully retired (with
immense thanks to Daniel Verkamp for having successfully implemented
such an ambitious feature many years ago).
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The "no" keymap is for a Dvorak keyboard.
Reported-by: Robin Smidsrød <robin@smidsrod.no>
Tested-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
I am unable to find any definitive documentation on how Linux keyboard
symbols work. In the absence of any documentation, I'm going to
assume that unexpected keysyms are harmless and should be ignored.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
At present, we always hide an extra sizeof(struct external_memory), to
account for the header on the lowest allocated block. This header
ceases to exist when there are no allocated blocks remaining.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Use a private ANSI escape sequence to convey the priority of an
internal syslog() message through to the syslog server.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
An ANSI escape sequence context cannot be shared between multiple
users. Make the ANSI escape sequence context part of the line console
definition and provide individual contexts for each user.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Provide an internal syslog() function (unrelated to the syslog
console) which can be used to create log messages with specified
priorities.
The build-time constant LOG_LEVEL can be used to select the minimum
required priority for log messages. Any messages that do not have a
sufficient priority will be ignored (and will be optimised away at
compile-time).
The default LOG_LEVEL is LOG_NONE.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The output from text-based user interfaces such as the "config"
command is not generally meaningful for logfile-based consoles such as
syslog and vmconsole.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Add the concept of a "console usage", such as "standard output" or
"debug messages". Allow usages to be associated with each console
independently. For example, to send debugging output via the serial
port, while preventing it from appearing on the local console:
#define CONSOLE_SERIAL CONSOLE_USAGE_ALL
#define CONSOLE_PCBIOS ( CONSOLE_USAGE_ALL & ~CONSOLE_USAGE_DEBUG )
If no usages are explicitly specified, then a default set of usages
will be applied. For example:
#define CONSOLE_SERIAL
will have the same affect as
#define CONSOLE_SERIAL CONSOLE_USAGE_ALL
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Remove the name, cmdline, and action parameters from imgdownload() and
imgdownload_string(). These functions now simply download and return
an image.
Add the function imgacquire(), which will interpret a "name or URI
string" parameter and return either an existing image or a newly
downloaded image.
Use imgacquire() to merge similar image-management commands that
currently differ only by whether they take the name of an existing
image or the URI of a new image to download. For example, "chain" and
"imgexec" can now be merged.
Extend imgstat and imgfree commands to take an optional list of
images.
Remove the arbitrary restriction on the length of image names.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Trusted images may always be executed. Untrusted images may be
executed only if the current image trust requirement allows untrusted
images.
Images can be marked as trusted using image_trust(), and marked as
untrusted using image_untrust().
The current image trust requirement can be changed using
image_set_trust(). It is possible to make the change permanent, in
which case any future attempts to change the image trust requirement
will fail.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
There is no INT 10 call for "display character with attribute,
advancing the cursor and scrolling the screen as necessary". We
therefore make two INT 10 calls: INT 10,09 to write the character with
its attribute at the current cursor position, and then INT 10,0e to
(re)write the character (leaving the attribute unchanged), advance the
cursor position and scroll as necessary.
This confuses the serial-over-LAN console redirection feature provided
by some BIOSes.
Fix by performing the INT10,09 only when necessary to change the
existing attribute.
Reported-by: Itay Gazit <itaygazit@gmail.com>
Tested-by: Itay Gazit <itaygazit@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The Cryptographic Message Syntax (PKCS#7) provides a format for
encapsulating digital signatures of arbitrary binary blobs. A
signature can be generated using
openssl cms -sign -in <file to sign> -binary -noattr \
-signer <signer>.crt -inkey <signer>.key -certfile <CA>.crt \
-outform DER -out <signature>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The certificate may be part of an ASN.1-encoded certificate chain, and
so may not be the only object contained within the ASN.1 cursor.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
asn1_skip() will return an error on reaching the end of an object, and
so should not be used as the basis for asn1_shrink().
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The concept of an OID-identified algorithm as defined in X.509 is used
in some other standards (e.g. PKCS#7). Generalise this functionality
and provide it as part of the ASN.1 core.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
OIDs are theoretically part of a global hierarchy. However, the
hierarchy is sufficiently disorganised as to be essentially
meaningless for all purposes other than guaranteeing uniqueness.
Ignore the hierarchical nature of OIDs and treat them as opaque.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Allow a client certificate and corresponding private key to be
specified at build time using the syntax
make CERT=/path/to/certificate KEY=/path/to/key
The build process uses openssl to convert the files into DER format,
and includes them within the client certificate store in
clientcert.c. The build process will prompt for the private key
password if applicable.
Note that the private key is stored unencrypted, and so the resulting
iPXE binary (and the temporary files created during the build process)
should be treated as being equivalent to an unencrypted private key
file.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Simplify code by recording the active handshake digest algorithm as a
session parameter. (Note that we must still accumulate digests for
all supported algorithms, since we don't know which digest will
eventually be used until we receive the Server Hello.)
Signed-off-by: Michael Brown <mcb30@ipxe.org>
TLSv1.1 and earlier use a hybrid of MD5 and SHA-1 to generate digests
over the handshake messages. Formalise this as a separate digest
algorithm "md5+sha1".
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Validate the server certificate against the trusted root certificate
store. The server must provide a complete certificate chain, up to
and including the trusted root certificate that is embedded into iPXE.
Note that the date and time are not yet validated.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Allow trusted root certificates to be specified at build time using
the syntax
make TRUST=/path/to/certificate1,/path/to/certificate2,...
The build process uses openssl to calculate the SHA-256 fingerprints
of the specified certificates, and adds them to the root certificate
store in rootcert.c. The certificates can be in any format understood
by openssl.
The certificates may be server certificates or (more usefully) CA
certificates.
If no trusted certificates are specified, then the default "iPXE root
CA" certificate will be used.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
bigint_mod_multiply() and bigint_mod_exp() require a fixed amount of
temporary storage for intermediate results. (The amount of temporary
storage required depends upon the size of the integers involved.)
When performing calculations for 4096-bit RSA the amount of temporary
storage space required will exceed 2.5kB, which is too much to
allocate on the stack. Avoid this problem by forcing the caller to
allocate temporary storage.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Avoid a compiler warning on some versions of gcc by using real
function prototypes.
Reported-by: Rob Shelley <Rob@cirris.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
RSA requires modular exponentiation using arbitrarily large integers.
Given the sizes of the modulus and exponent, all required calculations
can be done without any further dynamic storage allocation. The x86
architecture allows for efficient large integer support via inline
assembly using the instructions that take advantage of the carry flag
(e.g. "adcl", "rcrl").
This implemention is approximately 80% smaller than the (more generic)
AXTLS implementation.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
All axTLS files are now vanilla versions of the upstream axTLS files,
with one minor exception: the unused "ctx" parameter of
bi_int_divide() has been marked with "__unused" to avoid a compilation
error.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
gcc will not warn about unused constant static variables. An unused
test declaration is almost certainly a bug, so ensure that warnings
are generated.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Both HMAC_DRBG using SHA-1 and HMAC_DRBG using SHA-256 are Approved
algorithms in ANS X9.82 for our chosen security strength of 128 bits.
However, general recommendations (see e.g. NIST SP800-57) are to use a
larger hash function in preference to SHA-1.
Since SHA-256 is required anyway for TLSv1.2 support, there is no code
size penalty for switching HMAC_DRBG to also use SHA-256.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
ANS X9.82 Part 4 (April 2011 Draft) Section 13.3.4.2 states that "When
using the derivation function based on a hash function, the output
length of the hash function shall meet or exceed the security strength
indicated by the min_entropy parameter in the Get_entropy_input call",
although this criteria is missing from the pseudocode provided in the
same section.
Add a test for this condition, and upgrade from SHA-1 to SHA-256 since
SHA-1 has an output length of 160 bits, which is insufficient for
generating the (128 * 3/2 = 192) bits required when instantiating the
128-bit strength DRBG.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Replace MD5 implementation with one which is around 20% smaller. This
implementation has been verified using the existing MD5 self-tests.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Minimise code size by forcing the use of memory addresses for
__bswap_16s() and __bswap_64s(). (__bswap_32s() cannot avoid loading the
value into a register.)
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Fix a strict-aliasing error on certain versions of gcc.
Reported-by: Marko Myllynen <myllynen@redhat.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Replace SHA-1 implementation from AXTLS with a dedicated iPXE
implementation which is around 40% smaller. This implementation has
been verified using the existing SHA-1 self-tests (including the NIST
SHA-1 test vectors).
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Use the "bswap" instruction to shrink the size of byte-swapping code,
and provide the in-place variants __bswap_{16,32,64}s.
"bswap" is available only on 486 and later processors. (We already
assume the presence of "cpuid" and "rdtsc", which are available only
on Pentium and later processors.)
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Advertise support for TLS version 1.1, and be prepared to downgrade to
TLS version 1.0. Tested against Apache with mod_gnutls, using the
GnuTLSPriorities directive to force specific protocol versions.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Allow packet transmission to be deferred pending successful ARP
resolution. This avoids the time spent waiting for a higher-level
protocol (e.g. TCP or TFTP) to attempt retransmission.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some PXE stacks (observed with a QLogic 8242) will always try to
prepend a link-layer header, even if the caller uses P_UNKNOWN to
indicate that the link-layer header has already been filled in. This
results in an invalid packet being transmitted.
Work around these faulty PXE stacks where possible by stripping the
existing link-layer header and allowing the PXE stack to (re)construct
the link-layer header itself.
Originally-fixed-by: Buck Huppmann <buckh@pobox.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some iSCSI targets respond to a PDU before receiving the padding
bytes. If the target responds quickly enough, this can cause iPXE to
start processing a new TX PDU before the padding bytes have been sent,
which results in a protocol violation.
Fix by always transmitting the padding bytes along with the data
segment.
Originally-fixed-by: Shyam Iyer <shyam_iyer@dell.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
As RFC 2616 10.3.4 explains, a 303 status is the proper HTTP 1.1
behavior for what most HTTP 1.0 clients did with code 302.
Signed-off-by: Jason Lunz <lunz@acm.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Abstract out the generic line-handling portions of the syslog
putchar() routine, to allow use by other console types.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Explicitly disable the syslog console when no syslog server is
defined, rather than (ab)using the socket family address as an
equivalent console-enabled flag.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Separate out the core HTTP functionality (which is shared by both HTTP
and HTTPS) from the provision of the "http://" URI opener. This
allows for builds that support only "https://" URIs.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The RTC-based entropy source uses the nanosecond-scale CPU TSC to
measure the time between two 1kHz interrupts generated by the CMOS
RTC. In a physical machine these clocks are driven from independent
crystals, resulting in some observable clock drift. In a virtual
machine, the CMOS RTC is typically emulated using host-OS
constructions such as SIGALRM.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Separate out the list of self-tests from the self-test infrastructure.
This allows tests to be run individually. For example:
make bin/sha1_test.iso
Signed-off-by: Michael Brown <mcb30@ipxe.org>
RSA requires the generation of random non-zero bytes (i.e. a sequence
of random numbers in the range [0x01,0xff]). ANS X9.82 provides
various Approved methods for converting random bits into random
numbers. The simplest such method is the Simple Discard Method.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
ANS X9.82 specifies that the start-up tests shall consist of at least
one full cycle of the continuous tests.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
ANS X9.82 specifies several Approved Sources of Entropy Input (SEI).
One such SEI uses an entropy source as the Source of Entropy Input,
condensing each entropy source output after each GetEntropy call.
This can be implemented relatively cheaply in iPXE and avoids the need
to allocate potentially very large buffers.
(Note that the terms "entropy source" and "Source of Entropy Input"
are not synonyms within the context of ANS X9.82.)
Use the iPXE API mechanism to allow entropy sources to be selected at
compilation time.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Treat an empty (zeroed) DRBG as invalid. This ensures that a DRBG
that has not yet been instantiated (or that has been uninstantiated)
will refuse to attempt to generate random bits.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
NIST provides a set of known-answer tests for the Hash_DRBG algorithm,
which includes known answers for the derivation function Hash_df used
as part of Hash_DRBG. Hash_DRBG is not an Approved algorithm for ANS
X9.82, but the known answers for Hash_df (which is part of ANS X9.82)
can still be used as part of the conformance testing for ANS X9.82.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
ANS X9.82 specifies several Approved derivation functions for use in
distributing entropy throughout a buffer. One such derivation
function is Hash_df, which can be implemented using the existing iPXE
SHA-1 functionality.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
iPXE exposes some extended capabilities via the PXE FILE API to allow
NBPs such as pxelinux to use protocols other than TFTP. Provide an
equivalent interface as a UEFI protocol so that EFI binaries may also
take advantage of iPXE's extended capabilities.
This can be used with a patched version of elilo, for example:
http://comments.gmane.org/gmane.comp.boot-loaders.elilo.general/147
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Practically speaking, it seems the convention is to only have one
packet pending and not rely upon any mechanism to associate returned
txbuf with txqueue.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
This function never did much in this driver anyway, and after commit
b5ed30b2 ("[tg3] Fix compilation on newer gcc versions") it became
apparent that its remaining functionality could be easily moved to
tg3_test_dma().
Signed-off-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
initrd_init() calls umalloc() to allocate space for the initrd image,
but does so before hide_etherboot() has been called. It is therefore
possible for the initrd to end up overwriting iPXE itself.
Fix by converting initrd_init() from an init_fn to a startup_fn.
Originally-fixed-by: Till Straumann <strauman@slac.stanford.edu>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Replace the old Etherboot tg3 driver with a more up-to-date driver
using the iPXE API.
Signed-off-by: Thomas Miletich <thomas.miletich@gmail.com>
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
ANS X9.82 specifies that an Approved DRBG must consist of an Approved
algorithm wrapped inside an envelope which handles entropy gathering,
prediction resistance, automatic reseeding and other housekeeping
tasks.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Cryptographic random number generation requires an entropy source,
which is used as the input to a Deterministic Random Bit Generator
(DRBG).
iPXE does not currently have a suitable entropy source. Provide a
dummy source to allow the DRBG code to be implemented.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
NIST provides a set of known-answer tests for the HMAC_DRBG algorithm,
which can be used as part of the conformance testing for ANS X9.82.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
ANS X9.82 specifies several Approved algorithms for use in a
Deterministic Random Bit Generator (DRBG). One such algorithm is
HMAC_DRBG, which can be implemented using the existing iPXE SHA-1 and
HMAC functionality. This algorithm provides a maximum security
strength of 128 bits.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The command line may be situated in an area of base memory that will
be overwritten by iPXE's real-mode segments, causing the command line
to be corrupted before it can be used.
Fix by creating a copy of the command line on the prefix stack (below
0x7c00) before installing the real-mode segments.
Reported-by: Dave Hansen <dave@sr71.net>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
PXENV_FILE_EXIT_HOOK is designed to allow ipxelinux.0 to unload both
the iPXE and pxelinux components without affecting the underlying PXE
stack. Unfortunately, it causes unexpected behaviour in other
situations, such as when loading a non-embedded pxelinux.0 via
undionly.kpxe. For example:
PXE ROM -> undionly.kpxe -> pxelinux.0 -> chain.c32 to boot hd0
would cause control to return to iPXE instead of booting from the hard
disk. In some cases, this would result in a harmless but confusing
"No more network devices" message; in other cases stranger things
would happen, such as being returned to the iPXE shell prompt.
The fundamental problem is that when pxelinux detects
PXENV_FILE_EXIT_HOOK, it may attempt to specify an exit hook and then
exit back to iPXE, assuming that iPXE will in turn exit cleanly via
the specified exit hook. This is not a valid assumption in the
general case, since the action of exiting back to iPXE does not
directly cause iPXE to exit itself. (In the specific case of
ipxelinux.0, this will work since the embedded script exits as soon as
pxelinux.0 exits.)
Fix the unexpected behaviour in the non-ipxelinux.0 cases by including
support for PXENV_FILE_EXIT_HOOK only when using a new .kkkpxe format.
The ipxelinux.0 build process should therefore now use undionly.kkkpxe
instead of undionly.kkpxe.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Very nasty things can happen if a NULL network device is used. Check
that pxe_netdev is non-NULL at the applicable entry points, so that
this type of problem gets reported to the caller rather than being
allowed to crash the system.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
It can sometimes be awkward to prevent additional packets from being
received during a loopback test. Allow such additional packets to be
present without terminating the test.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
On at least one PXE stack (Realtek r8169), PXENV_UNDI_INITIALIZE has
been observed to fail intermittently due to a media test failure (PXE
error 0x00000061). Retrying the call to PXENV_UNDI_INITIALIZE
succeeds, and the NIC is then usable.
It is worth noting that this particular Realtek PXE stack is already
known to be unreliable: for example, it repeatably fails its own
boot-time media test after every warm reboot.
Fix by attempting PXENV_UNDI_INITIALIZE multiple times, with a short
delay between each attempt to allow the link to settle.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The PXE specification requires us to request DHCP options 128 to 135
inclusive, although these have no defined purpose.
Suggested-by: Ralf Buettner <rab@bootix.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The RS bit is used to instruct the NIC to update the TX descriptor
status byte. The RPS bit is used to instruct the NIC to defer this
update until after the packet has been transmitted on the wire (rather
than merely read into the transmit FIFO).
The driver currently sets RPS but not RS. Some e1000 models seem to
interpret this as implying that the status byte should be updated;
some don't. On the ones that don't, we never see any TX completions
and so rapidly run out of TX buffers.
Fix by setting the RS bit in the TX descriptor. (We don't care about
when the packet reaches the wire, so don't bother setting the RPS
bit.)
Reported-by: Miroslav Halas <miroslav.halas@bankofamerica.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some iSCSI targets (observed with stgt) can be configured to reject
connections that do not use header or data digests, and will respond
with "HeaderDigest=Reject" and/or "DataDigest=Reject", while still
allowing the connection to proceed to the full feature phase.
According to a strict reading of RFC3720, we are perfectly safe to
ignore these "Reject" messages: upon such a rejection "the negotiated
key is left at its current value (or default if no value was set)".
Since the default value for both HeaderDigest and DataDigest is
"None", then the only viable conclusion to be drawn is that the value
resulting from "Reject" is still "None".
Unfortunately, stgt doesn't seem to agree with this interpretation of
events, causing us to eventually report an unhelpful "connection timed
out" message to the user when we don't get any response to our first
PDU in full feature phase.
Fix by detecting any rejected parameters and immediately reporting an
error, which at least gives the user some insight as to what the real
problem may be.
Reported-by: Michal Suchanek <hramrach@centrum.cz>
Tested-by: Michal Suchanek <hramrach@centrum.cz>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Commit 9b99d2a ("[build] Avoid generating ROMs with "match-any" vendor
or device IDs") introduced a regression which caused the UNDI PCI
driver to be omitted from the list of all drivers, and thus to be
excluded from the all-drivers build.
Fix by ensuring that the per-driver section of the Makefile is
generated even when there are no ROMs to be built.
Reported-by: Sven Dreyer <sven@dreyer-net.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
WinPE has been observed to call PXENV_UNDI_SHUTDOWN but not
PXENV_STOP_UNDI. This means that Hermon hardware is left partially
active (firmware running and one event queue mapped) when WinPE starts
up, which can cause a Blue Screen of Death.
Fix by ensuring that the hardware is left quiescent (with the firmware
stopped) when no interfaces are open.
Reported-by: Itay Gazit <itayg@mellanox.co.il>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Avoid spurious matches for peer key 0 against empty peer cache
entries, and set the LL_MULTICAST flag in addition to LL_BROADCAST.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The ChipCmd register is only an 8-bit register. The 16-bit access
used by iPXE was causing an issue when used with qemu emulated rtl8139
device which was improperly aligning IOs.
Signed-off-by: Julian Pidancet <julian.pidancet@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Allow an initrd (such as an embedded script) to be passed to iPXE when
loaded as a .lkrn (or .iso) image. This allows an embedded script to
be varied without recompiling iPXE.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Specify a driver name of "undionly" and a device name based on the
UNDI-reported underlying hardware device. For example:
net0: 52:54:00:12:34:56 using undionly on UNDI-PCI00:03.0 (open)
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Drivers are currently expected to initialise only the hardware
address, with the link-layer protocol code taking care of converting
this into a valid link-layer address. Some drivers (e.g. undinet) can
legitimately determine both the hardware and link-layer addresses,
which may differ.
Allow for this situation by checking to see if the link-layer address
is empty before initialising it from the hardware address.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some BIOSes are reported to corrupt %ebx when using INT 15,2401 (see
http://opensolaris.org/jive/thread.jspa?messageID=377026). Guard
against this by preserving all (non-segment) registers.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The symbol_text16 is defined globally by the linker. Use rm_text16
instead of _text16 for the local variable within librm.S to avoid
confusion when reading linker maps.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
All users of imgdownload() require registration of the image, so make
registration an integral part of imgdownload() itself and simplify the
"action" parameter to be one of image_select(), image_exec() et al.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The "sleep" command is generally useful to have. For example:
:dhcp_retry
dhcp && goto dhcp_done
sleep 5
goto dhcp_retry
:dhcp_done
Make the "sleep" command available by default, leaving TIME_CMD
controlling only the (fairly specialist) "time" command.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Arbel seems to crash the system as soon as the first send WQE
completes on an RC queue pair. (NOPs complete successfully, so this
is a problem specific to the work queue rather than the completion
queue.) The cause of this problem has remained unknown for over a
year.
Check in the non-functioning code to avoid bit-rot, and in the hope
that someone will find the fix.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
This self-test mechanism is inspired by Perl's Test::Simple and
similar modules. The aim is to encourage the use of self-tests by
making it as easy as possible to create self-test code
Signed-off-by: Michael Brown <mcb30@ipxe.org>
iPXE currently uses the last four bytes of the MAC address as the DHCP
transaction identifier. Reduce the probability of collisions by
generating a random transaction identifier.
Originally-implemented-by: Amos Kong <akong@redhat.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Provide a utility to quickly determine the ROM size and .mrom format
support for attached PCI devices. For example:
01:00.0 (1186:4300) supports a 128kB .rom or .mrom
Inspired-by: Wes Frazier <wes.frazier@members.fsf.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
TCP currently neglects to allow sufficient space for its own headers
when allocating I/O buffers. This problem is masked by the fact that
the maximum link-layer header size (802.11) is substantially larger
than the common Ethernet link-layer header.
Fix by allowing sufficient space for any TCP headers, as well as the
network-layer and link-layer headers.
Reported-by: Scott K Logan <logans@cottsay.net>
Debugged-by: Scott K Logan <logans@cottsay.net>
Tested-by: Scott K Logan <logans@cottsay.net>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The version field of an X.509 certificate appears to be optional.
Reported-by: Sebastiano Manusia <Sebastiano.Manusia@chuv.ch>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
CRLF line terminators are allowed in scripts; the carriage return is
simply interpreted as trailing whitespace and so is ignored. This
fails on lines containing script labels, since the label-finding code
checks for a line containing only the ":" marker and the label itself
(without any trailing whitespace).
Fix by allowing a label to be terminated by either a NUL or a
whitespace character.
Reported-by: Bovey Christian <Christian.Bovey@chuv.ch>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
iPXE specifies a value of 0 for cmdline_size, causing GRUB to not pass
in a command line. Fix by setting cmdline_size to the maximum value
of 2047.
Signed-off-by: Valentine Barshak <gvaxon@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
timer->refcnt is allowed to be NULL, in which case the timer's
expired() method may end up freeing the timer object.
Discovered using valgrind.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
When transmitting, use the broadcast link-layer address for any
broadcast address (e.g. 192.168.0.255), not just INADDR_BROADCAST
(255.255.255.255).
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Explicitly discard any unicast packets for addresses that we do not
control, to avoid unexpected behaviour when operating in promiscuous
mode (which is now the default, thanks to FCoE).
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Allow the link layer to directly report whether or not a packet is
multicast or broadcast at the time of calling pull(), rather than
relying on heuristics to determine this at a later stage.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
According to section 14.23 of RFC2616, an HTTP Host header without
port implies the default port is used. Thus, when fetching from
anywhere but port 80 for HTTP or 443 for HTTPS, the port ought to be
explicitly given in that header. Otherwise, some servers might fail
to associate the request with the correct virtual host or generate
incorrect self-referencing URLs.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Reported-by: Stefan Hajnoczi <stefanha@gmail.com>
Signed-off-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The iSCSI TX process can now be woken up by the TCP socket via
xfer_window_changed(), so it is no longer valid to assume that
iscsi_tx_step() can be called in state ISCSI_TX_IDLE only immediately
after completing a transmission.
Fix by calling iscsi_tx_done() only upon a transition into state
ISCSI_TX_IDLE.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some older versions of gcc issue a warning if -ffunction-sections is
used in combination with -g (gcc bug #18553). Inhibit
-ffunction-sections when building with such a version of gcc.
Reported-by: zhengwei <zw111_2001@126.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Provide support for HTTP range requests, and expose this functionality
via the iPXE block device API. This allows SAN booting from a root
path such as:
sanboot http://boot.ipxe.org/freedos/fdfullcd.iso
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Allow objects to support both streaming and block device protocols, by
starting streaming data only when the data transfer window opens.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Polling for the data-transfer window to become open is wasteful. We
can eliminate the polling loop by using hw_step() as the handler for
an xfer_window_changed() event.
If the window is already open at the time of instantiation, then
xfer_window_changed() may never be called. We can cover this case by
using hw_step() as the step() method of a one-shot process. Since the
signature for an xfer_window_changed() method is identical to the
signature for a process step() method, the same function can be used
for both.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some processes execute only once, and exist solely in order to defer
execution until after the relevant instantiator method has returned.
Such processes do not need to be automatically rescheduled when
executing.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Give the step() method a pointer to the containing object, rather than
a pointer to the process. This is consistent with the operation of
interface methods, and allows a single function to serve as both an
interface method and a process step() method.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Modify the default action for xfer_vredirect() to automatically send
xfer_window_changed() messages to both the new child and the parent
interfaces. This will allow the elimination of processes that simply
poll on xfer_window() to determine when a redirection has completed
successfully.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
ftp_data_deliver() does nothing except pass through the received data
to the xfer interface, and so can be eliminated by using a
pass-through interface.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some bootloaders seem to add "BOOT_IMAGE=..." at the end of the
command line; some at the start. Cope with either variation.
Reported-by: Dave Hansen <dave@sr71.net>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
At the time of attempting ARP resolution, we already know the
transmitting network device. We can therefore record ARP errors using
netdev_tx_err() so that they show up in the output of "ifstat".
Inspired-by: Dominik Russenberger <dominik.russenberger@terreactive.ch>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Allow TX errors to be recorded against a network device even when the
packet didn't make it as far as netdev_tx().
Inspired-by: Dominik Russenberger <dominik.russenberger@terreactive.ch>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
IBM BIOSes ignore the PnP header offset stored at address 0x1a and
instead scan for the $PnP signature on a 16-byte boundary. (This
alignment is not mandated by the PnP specification.)
Force PnP header to a 16-byte boundary to work around these BIOSes.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Several BIOSes (including most IBM BIOSes and many virtual machine
BIOSes) do not provide detectable PnP support, but will use the BEV
entry point for a PnP option ROM. On these semi-PnP BIOSes, iPXE will
respond to the absence of detectable PnP support by hooking INT19,
which disrupts the boot order.
BIOSes that genuinely require hooking INT19 seem to be very rare
nowadays. It may therefore be preferable to assume that the absence
of detectable PnP support indicates a semi-PnP BIOS rather than a
non-PnP BIOS.
Change the default behaviour so that INT19 will never be hooked unless
the compile-time option NONPNP_HOOK_INT19 is enabled. Leave the
redundant PnP detection routine in-place to allow for debugging via
the ROM banner line.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Revert commit 38cd351 ("[romprefix] Attempt to gracefully handle
semi-PnP IBM BIOSes"), since the test for the "IBM " signature in %edi
is not sufficient to identify an IBM BIOS.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
(Ab)use the "ident" field in transmitted IPv4 packets to convey
metadata about the network device. In particular:
bits 0-3 represent the low bits of the "RX" good packet counter
bits 4-7 represent the low bits of the "RXE" bad packet counter
bits 8-15 represent the transmitted packet sequence number
This allows some relevant information about the internal state of the
network device to be read out from a packet trace from a non-debug
build of iPXE. In particular, it allows a packet trace containing
packets transmitted by iPXE to indicate whether or not any packets
have been received by iPXE.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Booting from an HTTP SAN will require HTTP range requests, which are
defined only in HTTP/1.1 and above. HTTP/1.1 mandates support for
"Transfer-Encoding: chunked", so we must support it.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
This reverts commit 15c1200 ("[hermon] Work around missing mport
support in current BOFM implementations").
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Newer BOFM builds provide support for mapping multiple physical ports
to a single PCI bus:dev.fn via PCI VPD descriptions. These builds
will also leave the {slot,port} field intact, and will populate the
mport field with a meaningful value.
Older BOFM builds will zero out the {slot,port} field. A zero value
in this field may indicate either a genuine zero value (i.e. slot 0
first port) or an older build.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some IBM BIOSes provide partial support for PnP: they will use the BEV
entry point but will not advertise PnP support. This causes iPXE to
hook INT 19, which disrupts the boot process.
Attempt to improve this situation by detecting an IBM BIOS and
treating it as a PnP BIOS despite the absence of a PnP signature.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some versions of binutils have curious concepts of what constitutes
subtraction. For example:
0x00000000000000f0 _text16_late = .
0x0000000000000898 _mtext16 = .
0x0000000000000898 _etext16 = .
0x0000000000000898 _text16_late_filesz = ABSOLUTE ((_mtext16 - _text16_late))
0x00000000000007a8 _text16_late_memsz = ABSOLUTE ((_etext16 - _text16_late))
This has interesting side-effects such as producing sizes for .bss
segments that are negative, causing the majority of addressable memory
to be zeroed out.
Fix by using the form
ABSOLUTE ( x ) - ABSOLUTE ( y )
rather than
ABSOLUTE ( x - y )
Reported-by: H. Peter Anvin <hpa@zytor.com>
Suggested-by: H. Peter Anvin <hpa@zytor.com>
Tested-by: H. Peter Anvin <hpa@zytor.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
This allows older versions of ELTORITO.SYS (such as the version found
on the FreeDOS installation CD-ROM) to use iPXE's emulated CD-ROM
drive.
Reported-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Make the build command line less cumbersome by accepting
make DEBUG=int13 EMBED=test.ipxe
rather then
make DEBUG=int13 EMBEDDED_IMAGE=test.ipxe
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Expose the multiple-SAN-drive capability of the iPXE core via the iPXE
command line by adding commands to hook and unhook additional drives.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some PXE stacks (notably old Etherboot/gPXE stacks) will claim to use
the timer interrupt, rather than reporting that interrupts are not
supported. Since using the timer interrupt is equivalent to polling
anyway, we may as well genuinely poll these stacks.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
PCI_ROM() and ISA_ROM() macros occur only within driver files.
Running parserom.pl on non-driver files is therefore redundant.
Skip running parserom.pl on any files outside a "drivers" directory.
This reduces the time taken to generate build rules and dependencies
after a "make veryclean" by around 12%.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
There is no plausible scenario I can think of in which "isset" would
be used with more than one argument. Simplify the code by specifying
that exactly one argument is required.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Current BOFM versions are unable to create entries with mport>1, which
means that only the port 1 MAC address can be explicitly specified.
Work around this by using the provided MAC address as a base address
for all subsequent ports. For example, if BOFM assigns the address
00:1A:64:76:00:09 for port 1
then we will assign the addresses
00:1A:64:76:00:09 for port 1
00:1A:64:76:00:0a for port 2
Future BOFM versions that may correctly support mport will work with
this scheme without modification provided that the BOFM entries are
created in increasing order of mport. Since BOFM tools tend to
generate entries in increasing order (of slot, port, etc), this is not
an unreasonable compromise.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
GNU gold (part of newer binutils builds) does not appear to be
designed to support generic linker functionality, since its source
code contains several Linux-specific hard-coded assumptions about the
layout of ELF binaries. Attempting to build iPXE using GNU gold will
generally cause some kind of "linker internal error".
Provide an explicit error message suggesting the use of GNU ld
instead.
Reported-by: Chris Hills <chaz@chaz6.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Commit 3f442d3 ("[tcp] Record ts_recent on first received packet")
failed to achieve its stated intention.
Fix this (and reduce the code size) by moving the ts_recent update to
tcp_rx_seq(). This is the code responsible for advancing the window,
called by both tcp_rx_syn() and tcp_rx_data(), and so the window check
is now redundant.
Reported-by: Frank Weed <zorbustheknight@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Commit b5f5f73 ("[cmdline] Expand settings within each command-line
token individually") introduced a regression into the "isset" command:
it is now possible for command-line arguments to be empty strings, and
so "isset" cannot simply check for a non-empty argument list.
Restore previous behaviour by checking for the presence of any
non-empty arguments, rather than checking for a non-empty argument
list.
Reported-by: Nemtallah Daher <n.daher@csuohio.edu>
Tested-by: Nemtallah Daher <n.daher@csuohio.edu>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Set the current working URI to NULL rather than to "tftp://0.0.0.0/".
Reported-by: Piotr Jaroszyński <p.jaroszynski@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Standardise on using init_editstring() to initialise an embedded
editable string, to match the coding style used by other embedded
objects.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
A PCI_ROM() entry containing a vendor or device ID of PCI_ANY_ID
(0xffff) indicates to pci_find_driver() that the entry's vendor or
device ID should be ignored when matching against the device's vendor
or device ID. It does not represent a PCI ROM that should be built.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Each PCI ROM currently ends up appearing twice in the $(ROMS) list:
once under its designated name (e.g. "rtl8139.rom"), once under its
PCI IDs (e.g. "bin/10ec8139.rom").
Include only the latter of these in the $(ROMS) list, so that doing
"make allroms" will generate only one copy of each ROM.
Reported-by: Bastian Blank <waldi@debian.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
For devices that start in a link-down state, the user will see a
message such as:
[Link status: The socket is not connected (http://ipxe.org/38086001)]
Waiting for link-up on net0...
This is potentially misleading, since it suggests that there is a
genuine problem. Add a dedicated error message for "link down",
giving instead:
[Link status: Down (http://ipxe.org/38086101)]
Waiting for link-up on net0...
Reported-by: Tal Aloni <tal.aloni.il@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The original EFI BOFM protocol has a design flaw that limits the size
of the table to 1kB, since the table is embedded within the
IBM_BOFM_DRIVER_CONFIGURATION_PROTOCOL structure. Version 2 of the
protocol works around this problem.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
iPXE operates the forcedeth NIC in promiscuous mode, and never changes
the unicast MAC address filter registers. We should not therefore set
the flag indicating (to other drivers loaded later) that the MAC
address order has already been corrected.
Reported-by: Tal Aloni <tal.aloni.il@gmail.com>
Tested-by: Tal Aloni <tal.aloni.il@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The forcedeth driver currently implements unicast MAC address
filtering in software. This is almost invariably the wrong thing to
do (since the network stack must already be able to cope with unwanted
packets) and it breaks FCoE (which requires the card to operate in
promiscuous mode).
Also, the implementation is buggy: is_local_ether_addr() is used to
check for a locally-assigned Ethernet address (not to check for a
unicast address), and the current link-layer address is in
netdev->ll_addr, not netdev->hw_addr.
Fix by removing this code.
Reported-by: Tal Aloni <tal.aloni.il@gmail.com>
Tested-by: Tal Aloni <tal.aloni.il@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
A scriptlet is a single iPXE command that can be stored in
non-volatile option storage and used to override the default
"autoboot" behaviour without having to reflash the iPXE image.
For example, a scriptlet could contain
autoboot || reboot
to instruct iPXE to reboot the system if booting fails.
Unlike an embedded image, the presence of a scriptlet does not inhibit
the initial "Press Ctrl-B..." prompt. This allows the user to recover
from setting a faulty scriptlet.
Originally-implemented-by: Glenn Brown <glenn@myri.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Perform settings expansion after tokenisation, and only at the point
of executing each command. This allows statements such as
dhcp && echo ${net0/ip}
to work correctly.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
It is currently possible to construct a sequence of commands to be
executed regardless of success or failure using "|| &&" as the command
separator. (The "||" captures the failure case, the blank command
converts it to a success case.)
Allow ";" to be used as a more visually appealing (and
space-efficient) alternative.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Temporary modification to prevent valgrind.h from breaking compilation
with gcc 4.6. When this problem is fixed upstream, a new and
unmodified copy of valgrind.h should be imported.
Signed-off-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Avoid unused-but-set variable warning in gcc 4.6 which was introduced
by commit 9215b7f ("[forcedeth] Clear the MII link status register on
link status changes").
Signed-off-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
An iPXE .exe image can be loaded from DOS. Tested using bin/ipxe.exe
to load a Linux kernel and simple initramfs from within MS-DOS 6.22.
(EDD must be disabled using the "edd=off" kernel parameter, since the
loaded kernel image has already overwritten parts of DOS' INT 13
wrapper.)
Signed-off-by: Michael Brown <mcb30@ipxe.org>
In the unlikely (but observable) event that INT 15,88 returns less
memory above 1MB than is required for the temporary decompression
area, ignore it and use the 1MB point anyway.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Make the allocators used by malloc and linux_umalloc valgrindable.
Include valgrind headers in the codebase to avoid a build dependency
on valgrind.
Signed-off-by: Piotr Jaroszyński <p.jaroszynski@gmail.com>
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
There is no need to explicitly call basename() to construct an image
name in imgfetch_core_exec(), since image_set_uri() will do so
automatically anyway (and will do so without getting confused by URIs
with query strings).
Signed-off-by: Michael Brown <mcb30@ipxe.org>
netdev_close() assumes that devices that are open are on the
open_list, which wasn't true if device specific opening failed.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The "read" command allows a script to prompt a user to enter a
setting. For example:
echo -n Static IP address:
read net0/ip
Total cost: 17 bytes.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Commit 6861304 ("[tcp] Handle out-of-order received packets")
introduced a regression in which ts_recent would not be updated until
the first packet is received in the ESTABLISHED state, i.e. the
timestamp from the SYN+ACK packet would be ignored. This causes the
connection to be dropped by strictly-conforming TCP peers, such as
FreeBSD.
Fix by delaying the timestamp window check until after processing the
received SYN flag.
Reported-by: winders@sonnet.com
Signed-off-by: Michael Brown <mcb30@ipxe.org>
bin/ipxe.lkrn is built anyway in order to create bin/ipxe.iso, so
there is no additional cost to including it within the default build.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Normalise the progress figures to ensure that multiplication by 100
(to produce a percentage) cannot result in integer overflow.
Reported-by: Sven Dreyer <sven@dreyer-net.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
iPXE documentation tends to refer to "settings" rather than "options",
since settings can be more general than DHCP options.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Some PXE stacks advertise that interrupts are not supported, despite
requiring the use of interrupts. Attempt to cope with such cards
without breaking others by always hooking the interrupt, and using the
"interrupts supported" flag only to decide whether or not to wait for
an interrupt before calling PXENV_UNDI_ISR_IN_PROCESS.
The possible combinations are therefore:
1. Card generates interrupts and claims to support interrupts
iPXE will call PXENV_UNDI_ISR_IN_PROCESS only after an interrupt
has been observed. (This is required to avoid lockups in some PXE
stacks, which spuriously sulk if called before an interrupt has
been generated.)
Such a card should work correctly.
2. Card does not generate interrupts and does not claim to support
interrupts
iPXE will call PXENV_UNDI_ISR_IN_PROCESS indiscriminately, matching
the observed behaviour of at least one other PXE NBP (winBoot/i).
Such a card should work correctly.
3. Card generates interrupts but claims not to support interrupts
iPXE will call PXENV_UNDI_ISR_IN_PROCESS indiscriminately. An
interrupt will still result in a call to PXENV_UNDI_ISR_IN_START.
Such a card may work correctly.
4. Card does not generate interrupts but claims to support interrupts
Such a card will not work at all.
Reported-by: Jerry Cheng <jaspers.cheng@msa.hinet.net>
Tested-by: Jerry Cheng <jaspers.cheng@msa.hinet.net>
Reported-by: Mauricio Silveira <mauricio@livreti.com.br>
Tested-by: Mauricio Silveira <mauricio@livreti.com.br>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Improve the appearance of the "config" user interface by ensuring that
settings appear in some kind of logical order.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Commit 5fbd020 ("[settings] Display canonical setting name in output
of "show" command") introduced a regression causing all setting
expansions (e.g. "${net0/mac}") to expand to an empty string.
Fix by returning the formatted value length from
fetchf_named_setting(), as expected by the caller.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Allow the user to browse through the settings block hierarchy.
Originally-implemented-by: Glenn Brown <glenn@myri.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Display only settings relevant to the current scope. For example,
"config net0" no longer displays SMBIOS settings, and "config smbios"
displays only SMBIOS settings.
Originally-implemented-by: Glenn Brown <glenn@myri.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Enable the "show" command to display the full, canonicalised name of
the fetched setting. For example:
iPXE> show mac
net0/mac:hex = 52:54:00:12:34:56
iPXE> dhcp && show ip
DHCP (net0 52:54:00:12:34:56)... ok
net0.dhcp/ip:ipv4 = 10.0.0.168
iPXE> show net0/6
net0.dhcp/dns:ipv4 = 10.0.0.6
Inspired-by: Glenn Brown <glenn@myri.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Expose settings_name(), shrink the unnecessarily large static buffer,
properly name root settings block, and simplify.
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Expose a function setting_applies() to allow a caller to determine
whether or not a particular setting is applicable to a particular
settings block.
Restrict DHCP-backed settings blocks to accepting only DHCP-based
settings.
Restrict network device settings blocks to accepting only DHCP-based
settings and network device-specific settings such as "mac".
Inspired-by: Glenn Brown <glenn@myri.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The "us" keyboard layout contains a mapping for keycode 86 (which
seems not to correspond to any physical key on many US keyboards) to
the ASCII character '<'. This mapping causes conflicts with the
mapping for keycode 51, which also maps (with shift) to '<'.
Change the keyboard mapping generator to choose the lowest keycode for
each ASCII character as indicating the relevant mapping to use, on the
basis that a lower keycode roughly indicates a "more normal" key. On
a German keyboard, which has keys for both keycode 51 and keycode 86
present, this causes '<' to be remapped to ';', which is a closer
match to typical user expectations.
Reported-by: Sven Dreyer <sven@dreyer-net.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown
Brandon Penglase
Daniel P. Berrange
Kevin Tran
Stefan Hajnoczi
Jens Rottmann
Stefan Weil
Thomas Miletich
Shao Miller
Patrick Plenefisch
Anton D. Kachalov
Marin Hannache
Daniel Wyatt
Joshua Oreman
Alexey
Christian Hesse
Valentine Barshak
Marin Hannache
Robin Smidsrød
Erik Jacobson
Daniel Hokka Zakrisson
Olaf Hering
1d 2k
Jason Lunz
Jarrod Johnson
Jarrod Johnson
Till Straumann
Julian Pidancet
Scott K Logan
Malte Starostik
Dominic Cleal
Greg Jednaszewski
Bastian Blank
Gilles Espinasse
Piotr Jaroszyński
Glenn Brown
Yann Cézard