ipxe.git
3 days ago[cloud] Allow multiple images to be imported simultaneously master
Michael Brown [Sun, 2 May 2021 11:23:00 +0000 (12:23 +0100)] 
[cloud] Allow multiple images to be imported simultaneously

Allow both x86_64 and arm64 images to be imported in a single import
command, thereby allowing for e.g.

  make CONFIG=cloud EMBED=config/cloud/aws.ipxe bin/ipxe.usb

  make CONFIG=cloud EMBED=config/cloud/aws.ipxe \
       CROSS=aarch64-linux-gnu- bin-arm64-efi/ipxe.usb

  ../contrib/cloud/aws-import -w amilist.txt -p \
       bin/ipxe.usb bin-arm64-efi/ipxe.usb

This simplifies the process of generating a single amilist.txt file
for inclusion in the documentation at https://ipxe.org/howto/ec2

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 days ago[cloud] Attempt to include CPUID_SETTINGS only for x86 builds
Michael Brown [Sun, 2 May 2021 11:35:37 +0000 (12:35 +0100)] 
[cloud] Attempt to include CPUID_SETTINGS only for x86 builds

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 days ago[cloud] Autodetect CPU architecture from AMI disk image
Michael Brown [Sun, 2 May 2021 08:39:10 +0000 (09:39 +0100)] 
[cloud] Autodetect CPU architecture from AMI disk image

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 days ago[cloud] Use a sortable default AMI name
Michael Brown [Sat, 1 May 2021 21:08:17 +0000 (22:08 +0100)] 
[cloud] Use a sortable default AMI name

The AWS console user interface provides no convenient way to sort AMIs
by creation date.

Provide a default AMI name constructed from the current date and CPU
architecture, to simplify the task of finding the most recent iPXE AMI
in a given AWS region.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 days ago[cloud] Add ability to generate Dokuwiki table of AMI images
Michael Brown [Sat, 1 May 2021 20:33:38 +0000 (21:33 +0100)] 
[cloud] Add ability to generate Dokuwiki table of AMI images

Add an option to generate the amilist.txt list of current AMI images
as included in the EC2 documentation at https://ipxe.org/howto/ec2

Signed-off-by: Michael Brown <mcb30@ipxe.org>
12 days ago[settings] Add --timeout option to "read" command
Michael Brown [Fri, 23 Apr 2021 11:30:30 +0000 (12:30 +0100)] 
[settings] Add --timeout option to "read" command

Requested-by: Matteo Guglielmi <Matteo.Guglielmi@dalco.ch>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
12 days ago[readline] Add an optional timeout to readline_history()
Michael Brown [Fri, 23 Apr 2021 11:27:57 +0000 (12:27 +0100)] 
[readline] Add an optional timeout to readline_history()

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 weeks ago[efi] Show ACPI address space descriptor ranges in debug messages
Michael Brown [Wed, 21 Apr 2021 15:13:02 +0000 (16:13 +0100)] 
[efi] Show ACPI address space descriptor ranges in debug messages

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 weeks ago[efi] Always map full length of coherent DMA buffer allocation
Michael Brown [Tue, 20 Apr 2021 13:37:08 +0000 (14:37 +0100)] 
[efi] Always map full length of coherent DMA buffer allocation

The EFI PCI API takes a page count as the input to AllocateBuffer()
but a byte count as the input to Map().  There is nothing in the UEFI
specification that requires us to map exactly the allocated length,
and no systems have yet been observed that will fail if the map length
does not exactly match the allocated length.  However, it is plausible
that some implementations may fail if asked to map a length that does
not match the length of the corresponding allocation.

Avoid potential future problems by always mapping the full allocated
length.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 weeks ago[build] Fix genfsimg to build ISO with long filenames
Matya [Tue, 20 Apr 2021 11:15:03 +0000 (13:15 +0200)] 
[build] Fix genfsimg to build ISO with long filenames

Commit 79c0173 ("[build] Create util/genfsimg for building
filesystem-based images") introduced the new genfsimg, which lacks the
-l option when building ISO files.  This option is required to build
level 2 (long plain) ISO9660 filenames, which are required when using
the .lkrn extensions on older versions of ISOLINUX.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 weeks ago[xen] Avoid infinite loop on allocation failure in xenstore_response()
Michael Brown [Tue, 20 Apr 2021 12:28:57 +0000 (13:28 +0100)] 
[xen] Avoid infinite loop on allocation failure in xenstore_response()

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 weeks ago[xen] Support scatter-gather to allow for jumbo frames xen-sg
Michael Brown [Wed, 14 Apr 2021 15:33:41 +0000 (16:33 +0100)] 
[xen] Support scatter-gather to allow for jumbo frames

The use of jumbo frames for the Xen netfront virtual NIC requires the
use of scatter-gather ("feature-sg"), with the receive descriptor ring
becoming a list of page-sized buffers and the backend using as many
page buffers as required for each packet.

Since iPXE's abstraction of an I/O buffer does not include any sort of
scatter-gather list, this requires an extra allocation and copy on the
receive datapath for any packet that spans more than a single page.

This support is required in order to successfully boot an AWS EC2
virtual machine (with non-enhanced networking) via iSCSI if jumbo
frames are enabled, since the netback driver used in EC2 seems not to
allow "feature-sg" to be renegotiated once the Linux kernel driver
takes over.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 weeks ago[int13] Do not report INT 13 extension support for emulated floppies
Michael Brown [Tue, 13 Apr 2021 19:30:20 +0000 (20:30 +0100)] 
[int13] Do not report INT 13 extension support for emulated floppies

The INT 13 extensions provide a mechanism for accessing disks using
linear (LBA) rather than C/H/S addressing.  SAN protocols such as
iSCSI invariably support only linear addresses and so iPXE currently
provides LBA access to all SAN disks (with autodetection and emulation
of an appropriate geometry for C/H/S accesses).

Most BIOSes will not report support for INT 13 extensions for floppy
disk drives, and some operating systems may be confused by a floppy
drive that claims such support.

Minimise surprise by reporting the existence of support for INT 13
extensions only for non-floppy drive numbers.  Continue to provide
support for all drive numbers, to avoid breaking operating systems
that may unconditionally use the INT 13 extensions without first
checking for support.

Reported-by: Valdo Toost <vtoost@hot.ee>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 weeks ago[cloud] Enable "poweroff" command in cloud images
Michael Brown [Sat, 10 Apr 2021 19:03:32 +0000 (20:03 +0100)] 
[cloud] Enable "poweroff" command in cloud images

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 weeks ago[netdevice] Ensure driver transmit() and poll() will not be re-entered
Michael Brown [Sat, 10 Apr 2021 15:53:52 +0000 (16:53 +0100)] 
[netdevice] Ensure driver transmit() and poll() will not be re-entered

When CONSOLE_SYSLOG is used, a DBG() from within a network device
driver may cause its transmit() or poll() methods to be unexpectedly
re-entered.  Since these methods are not intended to be re-entrant,
this can lead to undefined behaviour.

Add an explicit re-entrancy guard to both methods.  Note that this
must operate at a per-netdevice level, since there are legitimate
circumstances under which the netdev_tx() or netdev_poll() functions
may be re-entered (e.g. when using VLAN devices).

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 weeks ago[pci] Avoid scanning nonexistent buses when using PCIAPI_DIRECT
Michael Brown [Sat, 10 Apr 2021 12:14:30 +0000 (13:14 +0100)] 
[pci] Avoid scanning nonexistent buses when using PCIAPI_DIRECT

There is no method for obtaining the number of PCI buses when using
PCIAPI_DIRECT, and we therefore currently scan all possible bus
numbers.  This can cause a several-second startup delay in some
virtualised environments, since PCI configuration space access will
necessarily require the involvement of the hypervisor.

Ameliorate this situation by defaulting to scanning only a single bus,
and expanding the number of PCI buses to accommodate any subordinate
buses that are detected during enumeration.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 weeks ago[intel] Add additional PCI device ID to table
Tyler J. Stachecki [Sun, 4 Apr 2021 14:13:59 +0000 (10:13 -0400)] 
[intel] Add additional PCI device ID to table

Adding this missing identifier allows the X557-AT2 chipset seen on (at
least) Super Micro A2SDI-H-TF motherboards to function with iPXE.

Signed-off-by: Tyler J. Stachecki <stachecki.tyler@gmail.com>
3 weeks ago[efi] Mark PE .reloc and .debug sections as discardable
Marvin Häuser [Mon, 5 Apr 2021 14:45:07 +0000 (16:45 +0200)] 
[efi] Mark PE .reloc and .debug sections as discardable

After a PE image is fully loaded and relocated, the loader code may
opt to zero discardable sections for security reasons.  This includes
relocation and debug information, as both contain hints about specific
locations within the binary.  Mark both generated sections as
discardable, which follows the PE specification.

Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
3 weeks ago[efi] Align EFI image sections by page size
Marvin Häuser [Thu, 8 Apr 2021 18:04:16 +0000 (20:04 +0200)] 
[efi] Align EFI image sections by page size

For optimal memory permission management, PE sections need to be
aligned by the platform's minimum page size.  Currently, the PE
section alignment is fixed to 32 bytes, which is below the typical 4kB
page size.  Align all sections to 4kB and adjust ELF to PE image
conversion accordingly.

Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
3 weeks ago[efi] Discard .pci_devlist.* sections for EFI images tmp
Marvin Häuser [Thu, 8 Apr 2021 17:58:35 +0000 (19:58 +0200)] 
[efi] Discard .pci_devlist.* sections for EFI images

As per https://github.com/ipxe/ipxe/pull/313#issuecomment-816018398,
these sections are not required for EFI execution.  Discard them to
avoid implementation-defined alignment malforming binaries.

Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
7 weeks ago[dhcp] Handle DHCPNAK by returning to discovery state
Michael Brown [Thu, 11 Mar 2021 15:54:26 +0000 (15:54 +0000)] 
[dhcp] Handle DHCPNAK by returning to discovery state

Handle a DHCPNAK by returning to the discovery state to allow iPXE to
attempt to obtain a replacement IPv4 address.

Reuse the existing logic for deferring discovery when the link is
blocked: this avoids hammering a misconfigured DHCP server with a
non-stop stream of requests and allows the DHCP process to eventually
time out and fail.

Originally-implemented-by: Blake Rouse <blake.rouse@canonical.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
7 weeks ago[linux] Fail at link time if building slirp.linux without libslirp
Michael Brown [Thu, 11 Mar 2021 15:08:57 +0000 (15:08 +0000)] 
[linux] Fail at link time if building slirp.linux without libslirp

The iPXE build system is constructed for a standalone codebase with no
external dependencies, and does not have any equivalent of the
standard userspace ./configure script.  We currently check for the
ability to include slirp/libslirp.h and conditionalise portions of
linux_api.c on its presence.  The actual slirp driver code is built
unconditionally, as with all iPXE drivers.

This currently leads to a silent runtime failure if attempting to use
slirp.linux built on a system that was missing slirp/libslirp.h.

Convert this to a link-time failure by deliberately omitting the
relevant symbols from linux_api.c when slirp/libslirp.h is not
present.  This allows other builds (e.g. tap.linux or tests.linux) to
succeed: the link-time failure will occur only if the slirp driver is
included within the build target.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[linux] Do not assume that stat() works on sysfs files
Michael Brown [Wed, 3 Mar 2021 02:24:32 +0000 (02:24 +0000)] 
[linux] Do not assume that stat() works on sysfs files

Linux kernel 3.12 and earlier report a zero size via stat() for all
ACPI table files in sysfs.  There is no way to determine the file size
other than by reading the file until EOF.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[linux] Validate length of ACPI table read from sysfs
Michael Brown [Wed, 3 Mar 2021 01:55:07 +0000 (01:55 +0000)] 
[linux] Validate length of ACPI table read from sysfs

Consumers of acpi_find() will assume that returned structures include
a valid table header and that the length in the table header is
correct.  These assumptions are necessary when dealing with raw ACPI
tables, since there exists no independent source of length
information.

Ensure that these assumptions are also valid for ACPI tables read from
sysfs.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[linux] Place -lslirp at end of linker search list
Michael Brown [Wed, 3 Mar 2021 01:09:33 +0000 (01:09 +0000)] 
[linux] Place -lslirp at end of linker search list

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[linux] Use fstat() rather than statx()
Michael Brown [Wed, 3 Mar 2021 00:34:02 +0000 (00:34 +0000)] 
[linux] Use fstat() rather than statx()

The statx() system call has a clean header file and a consistent
layout, but was unfortunately added only in kernel 4.11.

Using stat() or fstat() directly is extremely messy since glibc does
not necessarily use the kernel native data structures.  However, as
the only current use case is to obtain the length of an open file, we
can merely provide a wrapper that does precisely this.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[linux] Use generic sysfs mechanism to read SMBIOS table
Michael Brown [Tue, 2 Mar 2021 23:43:21 +0000 (23:43 +0000)] 
[linux] Use generic sysfs mechanism to read SMBIOS table

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[linux] Use generic sysfs mechanism to read ACPI tables
Michael Brown [Tue, 2 Mar 2021 23:42:36 +0000 (23:42 +0000)] 
[linux] Use generic sysfs mechanism to read ACPI tables

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[linux] Add a generic function for reading files from sysfs
Michael Brown [Tue, 2 Mar 2021 23:37:41 +0000 (23:37 +0000)] 
[linux] Add a generic function for reading files from sysfs

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[linux] Free cached ACPI tables on shutdown
Michael Brown [Tue, 2 Mar 2021 23:56:11 +0000 (23:56 +0000)] 
[linux] Free cached ACPI tables on shutdown

Free any cached ACPI tables for the sake of neatness (and a clean
report from Valgrind).

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[dns] Reduce debug verbosity for DNS server list
Michael Brown [Tue, 2 Mar 2021 20:03:21 +0000 (20:03 +0000)] 
[dns] Reduce debug verbosity for DNS server list

The DNS server list is currently printed as a debug message whenever
settings are applied.  This can result in some very noisy debug logs
when a script makes extensive use of settings.

Move the DNS server list debug messages to DBGLVL_EXTRA.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[linux] Allow arbitrary settings to be applied to Linux devices
Michael Brown [Tue, 2 Mar 2021 19:34:16 +0000 (19:34 +0000)] 
[linux] Allow arbitrary settings to be applied to Linux devices

Allow arbitrary settings to be specified on the Linux command line.
For example:

    ./bin-x86_64-linux/slirp.linux \
          --net slirp,testserver=qa-test.ipxe.org

This can be useful when using the Linux userspace build to test
embedded scripts, since it allows arbitrary parameters to be passed
directly on the command line.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[linux] Add missing pci_num_bus() stub
Michael Brown [Tue, 2 Mar 2021 18:02:21 +0000 (18:02 +0000)] 
[linux] Add missing pci_num_bus() stub

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[build] Fix building on older versions of gcc
Michael Brown [Tue, 2 Mar 2021 16:46:14 +0000 (16:46 +0000)] 
[build] Fix building on older versions of gcc

Versions of gcc prior to 9.1 do not support the single-argument form
of static_assert().  Fix by unconditionally defining a compatibility
macro for the single file that uses this.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[slirp] Add libslirp driver for Linux
Michael Brown [Tue, 2 Mar 2021 10:20:55 +0000 (10:20 +0000)] 
[slirp] Add libslirp driver for Linux

Add a driver using libslirp to provide a virtual network interface
without requiring root permissions on the host.  This simplifies the
process of running iPXE as a Linux userspace application with network
access.  For example:

  make bin-x86_64-linux/slirp.linux
  ./bin-x86_64-linux/slirp.linux --net slirp

libslirp will provide a built-in emulated DHCP server and NAT router.
Settings such as the boot filename may be controlled via command-line
options.  For example:

  ./bin-x86_64-linux/slirp.linux \
      --net slirp,filename=http://192.168.0.1/boot.ipxe

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[build] Allow __asmcall to be used as a type attribute
Michael Brown [Tue, 2 Mar 2021 10:15:23 +0000 (10:15 +0000)] 
[build] Allow __asmcall to be used as a type attribute

The "used" attribute can be applied only to functions or variables,
which prevents the use of __asmcall as a type attribute.

Fix by removing "used" from the definition of __asmcall for i386 and
x86_64 architectures, and adding explicit __used annotations where
necessary.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[linux] Provide ACPI settings via /sys/firmware/acpi/tables
Michael Brown [Mon, 1 Mar 2021 01:38:54 +0000 (01:38 +0000)] 
[linux] Provide ACPI settings via /sys/firmware/acpi/tables

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[acpi] Allow for platforms that provide ACPI tables individually kexec kexec2 kexec3
Michael Brown [Mon, 1 Mar 2021 00:08:23 +0000 (00:08 +0000)] 
[acpi] Allow for platforms that provide ACPI tables individually

The ACPI API currently expects platforms to provide access to a single
contiguous ACPI table.  Some platforms (e.g. Linux userspace) do not
provide a convenient way to obtain the entire ACPI table, but do
provide access to individual tables.

All iPXE consumers of the ACPI API require access only to individual
tables.

Redefine the internal API to make acpi_find() an API method, with all
existing implementations delegating to the current RSDT-based
implementation.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[acpi] Eliminate redundant acpi_find_rsdt() in acpi_sx()
Michael Brown [Sun, 28 Feb 2021 23:59:15 +0000 (23:59 +0000)] 
[acpi] Eliminate redundant acpi_find_rsdt() in acpi_sx()

The result from acpi_find_rsdt() is used only for the debug message.
Simplify the debug message and remove the otherwise redundant call to
acpi_find_rsdt().

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[acpi] Use a fixed colour for debug messages
Michael Brown [Sun, 28 Feb 2021 23:58:06 +0000 (23:58 +0000)] 
[acpi] Use a fixed colour for debug messages

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[linux] Use host glibc system call wrappers
Michael Brown [Sun, 28 Feb 2021 13:45:58 +0000 (13:45 +0000)] 
[linux] Use host glibc system call wrappers

When building as a Linux userspace application, iPXE currently
implements its own system calls to the host kernel rather than relying
on the host's C library.  The output binary is statically linked and
has no external dependencies.

This matches the general philosophy of other platforms on which iPXE
runs, since there are no external libraries available on either BIOS
or UEFI bare metal.  However, it would be useful for the Linux
userspace application to be able to link against host libraries such
as libslirp.

Modify the build process to perform a two-stage link: first picking
out the requested objects in the usual way from blib.a but with
relocations left present, then linking again with a helper object to
create a standard hosted application.  The helper object provides the
standard main() entry point and wrappers for the Linux system calls
required by the iPXE Linux drivers and interface code.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[linux] Add a prefix to all symbols to avoid future name collisions
Michael Brown [Sat, 27 Feb 2021 18:52:11 +0000 (18:52 +0000)] 
[linux] Add a prefix to all symbols to avoid future name collisions

Allow for the possibility of linking to platform libraries for the
Linux userspace build by adding an iPXE-specific symbol prefix.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[bitops] Provide an explicit operand size for bit test instructions
Michael Brown [Sat, 27 Feb 2021 15:05:20 +0000 (15:05 +0000)] 
[bitops] Provide an explicit operand size for bit test instructions

Recent versions of the GNU assembler (observed with GNU as 2.35 on
Fedora 33) will produce a warning message

  Warning: no instruction mnemonic suffix given and no register
  operands; using default for `bts'

The operand size affects only the potential range for the bit number.
Since we pass the bit number as an unsigned int, it is already
constrained to 32 bits for both i386 and x86_64.

Silence the assembler warning by specifying an explicit 32-bit operand
size (and thereby matching the choice that the assembler would
otherwise make automatically).

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[efi] Compress EFI ROM images eficompress
Michael Brown [Fri, 19 Feb 2021 19:58:04 +0000 (19:58 +0000)] 
[efi] Compress EFI ROM images

Use the reference implementation of the EFI compression algorithm
(taken from the EDK2 codebase, with minor bugfixes to allow
compilation with -Werror) to compress EFI ROM images.

Inspired-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[librm] Test for FXSAVE/FXRSTOR instruction support
Michael Brown [Thu, 18 Feb 2021 14:30:27 +0000 (14:30 +0000)] 
[librm] Test for FXSAVE/FXRSTOR instruction support

Assume that preservation of the %xmm registers is unnecessary during
installation of iPXE into memory, since this is an operation that by
its nature substantially disrupts large portions of the system anyway
(such as the E820 memory map).  This assumption allows us to utilise
the existing CPUID code to check that FXSAVE/FXRSTOR are supported.

Test for support during the call to init_librm and store the flag for
use during subsequent calls to virt_call.

Reduce the scope of TIVOLI_VMM_WORKAROUND to affecting only the call
to check_fxsr(), to reduce #ifdef pollution in the remaining code.

Debugged-by: Johannes Heimansberg <git@jhe.dedyn.io>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[librm] Add missing __asmcall on init_idt()
Michael Brown [Thu, 18 Feb 2021 14:51:28 +0000 (14:51 +0000)] 
[librm] Add missing __asmcall on init_idt()

The __asmcall declaration has no effect on a void function with no
parameters, but should be included for completeness since the function
is called directly from assembly code.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[prefix] Add a generic raw image prefix
Michael Brown [Thu, 18 Feb 2021 12:13:12 +0000 (12:13 +0000)] 
[prefix] Add a generic raw image prefix

Provide a generic raw image prefix, which assumes that the iPXE image
has been loaded in its entirety on a paragraph boundary.

The resulting .raw image can be loaded via RPL using an rpld.conf file
such as:

    HOST {
        ethernet = 00:00:00:00:00:00/6;
        FILE {
            path="ipxe.raw";
            load=0x2000;
        };
        execute=0x2000;
    };

Debugged-by: Johannes Heimansberg <git@jhe.dedyn.io>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[initrd] Allow for zero-length initrd files
Michael Brown [Thu, 18 Feb 2021 01:49:23 +0000 (01:49 +0000)] 
[initrd] Allow for zero-length initrd files

A zero-length initrd file will currently cause an endless loop during
reshuffling as the empty image is repeatedly swapped with itself.

Fix by terminating the inner loop before considering an image as a
candidate to be swapped with itself.

Reported-by: Pico Mitchell <pico@randomapplications.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[cloud] Do not enable serial console on EFI platforms
Michael Brown [Wed, 17 Feb 2021 22:37:56 +0000 (22:37 +0000)] 
[cloud] Do not enable serial console on EFI platforms

Most EFI firmware builds (including those found on ARM64 instances in
AWS EC2) will already send console output to the serial port.

Do not enable direct serial console output in EFI builds using
CONFIG=cloud.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[efi] Record cached DHCPACK from loaded image's device handle, if present cachedhcp
Michael Brown [Wed, 17 Feb 2021 18:11:43 +0000 (18:11 +0000)] 
[efi] Record cached DHCPACK from loaded image's device handle, if present

Record the cached DHCPACK obtained from the EFI_PXE_BASE_CODE_PROTOCOL
instance installed on the loaded image's device handle, if present.

This allows a chainloaded UEFI iPXE to reuse the IPv4 address and DHCP
options previously obtained by the built-in PXE stack, as is already
done for a chainloaded BIOS iPXE.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[efi] Defer autoboot link-layer address and autoexec script probing
Michael Brown [Wed, 17 Feb 2021 17:07:12 +0000 (17:07 +0000)] 
[efi] Defer autoboot link-layer address and autoexec script probing

The code to detect the autoboot link-layer address and to load the
autoexec script currently runs before the call to initialise() and so
has to function without a working heap.

This requirement can be relaxed by deferring this code to run via an
initialisation function.  This gives the code a normal runtime
environment, but still invokes it early enough to guarantee that the
original loaded image device handle has not yet been invalidated.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[efi] Split out autoexec script portions of efi_autoboot.c
Michael Brown [Wed, 17 Feb 2021 16:57:19 +0000 (16:57 +0000)] 
[efi] Split out autoexec script portions of efi_autoboot.c

The "autoboot device" and "autoexec script" functionalities in
efi_autoboot.c are unrelated except in that they both need to be
invoked by efiprefix.c before device drivers are loaded.

Split out the autoexec script portions to a separate file to avoid
potential confusion.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[pxe] Split out platform-independent portions of cachedhcp.c
Michael Brown [Wed, 17 Feb 2021 15:59:52 +0000 (15:59 +0000)] 
[pxe] Split out platform-independent portions of cachedhcp.c

Split out the portions of cachedhcp.c that can be shared between BIOS
and UEFI (both of which can provide a buffer containing a previously
obtained DHCP packet, and neither of which provide a means to
determine the length of this DHCP packet).

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[ath5k] Add missing AR5K_EEPROM_READ in ath5k_eeprom_read_turbo_modes
Bruce Rogers [Tue, 16 Feb 2021 18:29:41 +0000 (11:29 -0700)] 
[ath5k] Add missing AR5K_EEPROM_READ in ath5k_eeprom_read_turbo_modes

The GCC11 compiler pointed out something that apparently no previous
compiler noticed: in ath5k_eeprom_pread_turbo_modes, local variable
val is used uninitialized. From what I can see, the code is just
missing an initial AR5K_EEPROM_READ. Add it right before the switch
statement.

Signed-off-by: Bruce Rogers <brogers@suse.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[cloud] Enable IPv6 and HTTPS in cloud boot images
Michael Brown [Tue, 16 Feb 2021 10:58:42 +0000 (10:58 +0000)] 
[cloud] Enable IPv6 and HTTPS in cloud boot images

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[cloud] Add utility for importing images to AWS EC2
Michael Brown [Tue, 16 Feb 2021 00:27:40 +0000 (00:27 +0000)] 
[cloud] Add utility for importing images to AWS EC2

Add a utility that can be used to upload an iPXE disk image to AWS EC2
as an Amazon Machine Image (AMI).  For example:

  make CONFIG=cloud EMBED=config/cloud/aws.ipxe bin/ipxe.usb

  ../contrib/cloud/aws-import -p -n "iPXE 1.21.1" bin/ipxe.usb

Uploads are performed in parallel across all regions, and use the EBS
direct APIs to avoid the need to store temporary files in S3 or to run
VM import tasks.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[build] Work around stray sections introduced by some binutils versions usbdisk
Michael Brown [Mon, 15 Feb 2021 09:54:03 +0000 (09:54 +0000)] 
[build] Work around stray sections introduced by some binutils versions

Some versions of GNU ld (observed with binutils 2.36 on Arch Linux)
introduce a .note.gnu.property section marked as loadable at a high
address and with non-empty contents.  This adds approximately 128MB of
garbage to the BIOS .usb disk images.

Fix by using a custom linker script for the prefix-only binaries such
as the USB disk partition table and MBR, in order to allow unwanted
sections to be explicitly discarded.

Reported-by: Christian Hesse <mail@eworm.de>
Tested-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[cloud] Use PCIAPI_DIRECT for cloud images
Michael Brown [Sat, 13 Feb 2021 19:41:03 +0000 (19:41 +0000)] 
[cloud] Use PCIAPI_DIRECT for cloud images

The version of SeaBIOS found on some AWS EC2 instances (observed with
t3a.nano in eu-west-1) has no support for the INT 1A PCI BIOS calls.

Bring config/ioapi.h into the named-configuration set of headers, and
specify the use of PCIAPI_DIRECT for CONFIG=cloud, to work around the
missing PCI BIOS support.

Switching to a different named configuration will now unfortunately
cause an almost complete rebuild of iPXE.  As described in commit
c801cb2 ("[build] Allow for named configurations at build time"), this
is the reason why config/ioapi.h was not originally in the
named-configuration set of header files.

This rebuild cost is acceptable given that build times are
substantially faster now than seven years ago, and that very few
people are likely to be switching named configurations on a regular
basis.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[ena] Switch to two-phase reset mechanism
Michael Brown [Sat, 13 Feb 2021 18:55:39 +0000 (18:55 +0000)] 
[ena] Switch to two-phase reset mechanism

The Linux and FreeBSD drivers for the (totally undocumented) ENA
adapters use a two-phase reset mechanism: first set ENA_CTRL.RESET and
wait for this to be reflected in ENA_STAT.RESET, then clear
ENA_CTRL.RESET and again wait for it to be reflected in
ENA_STAT.RESET.

The iPXE driver currently assumes a self-clearing reset mechanism,
which appeared to work at the time that the driver was created but
seems no longer to function, at least on the t3.nano and t3a.nano
instance types found in eu-west-1.

Switch to a simplified version of the two-phase reset mechanism as
used by Linux and FreeBSD.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[build] Use .balign directive instead of .align
Michael Brown [Fri, 12 Feb 2021 23:22:54 +0000 (23:22 +0000)] 
[build] Use .balign directive instead of .align

The semantics of the assembler's .align directive vary by CPU
architecture.  For the ARM builds, it specifies a power of two rather
than a number of bytes.  This currently leads to the .einfo entries
(which do not appear in the final binary) having an alignment of 256
bytes for the ARM builds.

Fix by switching to the GNU-specific directive .balign, which is
consistent across architectures

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[build] Remove support for building with the Intel C compiler
Michael Brown [Fri, 12 Feb 2021 21:56:53 +0000 (21:56 +0000)] 
[build] Remove support for building with the Intel C compiler

Support for building with the Intel C compiler (icc) was added in 2009
in the expectation that UEFI support would eventually involve
compiling iPXE to EFI Byte Code.

EFI Byte Code has never found any widespread use: no widely available
compilers can emit it, Microsoft refuses to sign EFI Byte Code
binaries for UEFI Secure Boot, and I have personally never encountered
any examples of EFI Byte Code in the wild.

The support for using the Intel C compiler has not been tested in over
a decade, and would almost certainly require modification to work with
current releases of the compiler.

Simplify the build process by removing this old legacy code.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[build] Report detailed errors when unable to find a usable mkisofs
Michael Brown [Fri, 12 Feb 2021 12:13:18 +0000 (12:13 +0000)] 
[build] Report detailed errors when unable to find a usable mkisofs

As of commit 7c3d186 ("[build] Check that mkisofs equivalent supports
the required options"), we may refuse to use a mkisofs equivalent if
it does not support the options required to produce the requested
output file.

This can result in confusing error messages since the user is unaware
of the reason for which the installed mkisofs or genisoimage has been
rejected.

Fix by explicitly reporting the reason why each possible mkisofs
equivalent could not be used.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[ci] Disable redundant scheduled execution of Coverity Scan
Michael Brown [Fri, 5 Feb 2021 11:59:27 +0000 (11:59 +0000)] 
[ci] Disable redundant scheduled execution of Coverity Scan

The scheduled Coverity Scan run is triggered by an external mechanism
that synchronises the coverity_scan branch with the master branch.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[ci] Disable Travis CI
Michael Brown [Wed, 3 Feb 2021 16:08:10 +0000 (16:08 +0000)] 
[ci] Disable Travis CI

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[ci] Add GitHub action for Coverity Scan
Michael Brown [Thu, 4 Feb 2021 16:15:33 +0000 (16:15 +0000)] 
[ci] Add GitHub action for Coverity Scan

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[ci] Add GitHub action for build testing
Michael Brown [Wed, 3 Feb 2021 16:06:35 +0000 (16:06 +0000)] 
[ci] Add GitHub action for build testing

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[build] Work around distros that use -fcf-protection=full by default
Michael Brown [Thu, 4 Feb 2021 11:07:46 +0000 (11:07 +0000)] 
[build] Work around distros that use -fcf-protection=full by default

Some patched versions of gcc (observed with gcc 9.3.0 on Ubuntu 20.04)
enable -fcf-protection=full by default.  This breaks code that is not
explicitly written to expect the use of this flag.  The breakage
occurs only at runtime if the affected code (such as setjmp()) happens
to execute, and is therefore a particularly pernicious class of bug to
be introduced into working code by a broken compiler.

Work around these broken patched versions of gcc by detecting support
for -fcf-protection and explicitly setting -fcf-protection=none if
found.

If any Ubuntu maintainers are listening: PLEASE STOP DOING THIS.  It's
extremely unhelpful to have to keep working around breakages that you
introduce by modifying the compiler's default behaviour.  Do what Red
Hat does instead: set your preferred CFLAGS within the package build
system rather than by patching the compiler to behave in violation of
its own documentation.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[build] Work around -fPIE patched versions of gcc on all architectures
Michael Brown [Thu, 4 Feb 2021 02:05:28 +0000 (02:05 +0000)] 
[build] Work around -fPIE patched versions of gcc on all architectures

Several distributions include versions of gcc that are patched to
create position-independent executables by default.  These have caused
multiple problems over the years: see e.g. commits fe61f6d ("[build]
Fix compilation when gcc is patched to default to -fPIE -Wl,-pie"),
5de1346 ("[build] Apply the "-fno-PIE -nopie" workaround only to i386
builds"), 7c395b0 ("[build] Use -no-pie on newer versions of gcc"),
and decee20 ("[build] Disable position-independent code for ARM64 EFI
builds").

The build system currently attempts to work around these mildly broken
patched versions of gcc for the i386 and arm64 architectures.  This
misses the relatively obscure bin-x86_64-pcbios build platform, which
turns out to also require the same workaround.

Attempt to preempt the next such required workaround by moving the
existing i386 version to apply to all platforms and all architectures,
unless -fpie has been requested explicitly by another Makefile (as is
done by arch/x86_64/Makefile.efi).

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[build] Avoid spurious "make clean" when building for the first time
Michael Brown [Thu, 4 Feb 2021 02:45:45 +0000 (02:45 +0000)] 
[build] Avoid spurious "make clean" when building for the first time

The function trace recorder build logic defaults to making "clean" a
dependency of the first build in a clean checkout.  This is redundant
and causes problems if the build process spins up multiple make
invocations to handle multiple build architectures.

Fix by replacing with logic based on the known-working patterns used
for the ASSERT and PROFILE build parameters.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[efi] Fix erroneous comparison of a pointer against userptr_t
Michael Brown [Wed, 3 Feb 2021 16:00:06 +0000 (16:00 +0000)] 
[efi] Fix erroneous comparison of a pointer against userptr_t

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[contrib] Update bochsrc.txt to work with current versions 8d337ec
Michael Brown [Mon, 1 Feb 2021 23:57:37 +0000 (23:57 +0000)] 
[contrib] Update bochsrc.txt to work with current versions

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[hermon] Add support for ConnectX-3 based cards
Christian Iversen [Tue, 26 Jan 2021 23:08:18 +0000 (00:08 +0100)] 
[hermon] Add support for ConnectX-3 based cards

After a ton of tedious work, I am pleased to finally introduce full
support for ConnectX-3 cards in iPXE!

The work has been done by finding all publicly available versions of
the Mellanox Flexboot sources, cleaning them up, synthesizing a git
history from them, cleaning out non-significant changes, and
correlating with the iPXE upstream git history.

After this, a proof-of-concept diff was produced, that allowed iPXE to
be compiled with rudimentary ConnectX-3 support. This diff was over
10k lines, and contained many changes that were not part of the core
driver.

Special thanks to Michael Brown <mcb30@ipxe.org> for answering my
barrage of questions, and helping brainstorm the development along the
way.

Signed-off-by: Christian Iversen <ci@iversenit.dk>
3 months ago[autoboot] Avoid closing and immediately reopening network device
Michael Brown [Mon, 1 Feb 2021 23:32:34 +0000 (23:32 +0000)] 
[autoboot] Avoid closing and immediately reopening network device

Some network devices can take a substantial time to close and reopen.
Avoid closing the device from which we are about to attempt booting,
in case it happens to be already open.

Suggested-by: Christian Iversen <ci@iversenit.dk>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[hermon] Avoid parsing length field on completion errors
Michael Brown [Mon, 1 Feb 2021 23:06:04 +0000 (23:06 +0000)] 
[hermon] Avoid parsing length field on completion errors

The CQE length field will not be valid for a completion in error.
Avoid parsing the length field and just call the completion handler
directly.

In debug builds, also dump the queue pair context to allow for
inspection of the error.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[hermon] Make hermon_dump_xxx() functions no-ops on non-debug builds
Michael Brown [Mon, 1 Feb 2021 22:57:57 +0000 (22:57 +0000)] 
[hermon] Make hermon_dump_xxx() functions no-ops on non-debug builds

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[hermon] Minimise reset time
Michael Brown [Mon, 1 Feb 2021 22:25:52 +0000 (22:25 +0000)] 
[hermon] Minimise reset time

Check for reset completion by waiting for the device to respond to PCI
configuration cycles, as documented in the Programmer's Reference
Manual.  On the original ConnectX HCA, this reduces the time spent on
reset from 1000ms down to 1ms.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[hermon] Throttle debug output when sensing port type
Christian Iversen [Tue, 26 Jan 2021 23:06:37 +0000 (00:06 +0100)] 
[hermon] Throttle debug output when sensing port type

When auto-detecting the initial port type, the Hermon driver will spam
the debug output without hesitation.  Add a short delay in each
iteration to fix this.

Signed-off-by: Christian Iversen <ci@iversenit.dk>
3 months ago[hermon] Add a debug notice when initialization is complete
Christian Iversen [Tue, 26 Jan 2021 21:36:15 +0000 (22:36 +0100)] 
[hermon] Add a debug notice when initialization is complete

Signed-off-by: Christian Iversen <ci@iversenit.dk>
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[hermon] Add support for port management event
Christian Iversen [Thu, 28 Jan 2021 20:29:57 +0000 (21:29 +0100)] 
[hermon] Add support for port management event

Inspired by Flexboot, the function hermon_event_port_mgmnt_change() is
added to handle the HERMON_EV_PORT_MGMNT_CHANGE event type, which
updates the Infiniband subsystem.

Signed-off-by: Christian Iversen <ci@iversenit.dk>
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[hermon] Adjust Ethernet work queue size
Christian Iversen [Tue, 26 Jan 2021 23:03:01 +0000 (00:03 +0100)] 
[hermon] Adjust Ethernet work queue size

Hermon Ethernet work queues have more RX than TX entries, unlike most
other drivers.  This is possibly the source of some stochastic
deadlocks previously experienced with this driver.

Update the sizes to be in line with other drivers, and make them
slightly larger for better performance.  These new queue sizes have
been found to work well with ConnectX-3 hardware.

Signed-off-by: Christian Iversen <ci@iversenit.dk>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[hermon] Use reset value suitable for ConnectX-3
Michael Brown [Mon, 1 Feb 2021 01:53:15 +0000 (01:53 +0000)] 
[hermon] Use reset value suitable for ConnectX-3

The programming documentation states that the reset magic value is
"0x00000001 (Big Endian)", and the current code matches this by using
the value 0x01000000 for the implicitly little-endian writel().

Inspection of the FlexBoot source code reveals an exciting variety of
reset values, some suggestive of confusion around endianness.

Experimentation suggests that the value 0x01000001 works reliably
across a wide range of hardware.

Debugged-by: Christian Iversen <ci@iversenit.dk>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[hermon] Clean up whitespace in hermon.c
Christian Iversen [Tue, 26 Jan 2021 22:47:01 +0000 (23:47 +0100)] 
[hermon] Clean up whitespace in hermon.c

Signed-off-by: Christian Iversen <ci@iversenit.dk>
3 months ago[iscsi] Update link to iBFT reference manual
Christian Iversen [Mon, 1 Feb 2021 00:27:08 +0000 (01:27 +0100)] 
[iscsi] Update link to iBFT reference manual

Signed-off-by: Christian Iversen <ci@iversenit.dk>
3 months ago[hermon] Limit link poll frequency in DOWN state hermon_link_poll
Michael Brown [Sun, 31 Jan 2021 23:29:45 +0000 (23:29 +0000)] 
[hermon] Limit link poll frequency in DOWN state

Some older versions of the hardware (and/or firmware) do not report an
event when an Infiniband link reaches the INIT state.  The driver
works around this missing event by calling ib_smc_update() on each
event queue poll while the link is in the DOWN state.

Commit 6cb12ee ("[hermon] Increase polling rate for command
completions") addressed this by speeding up the time taken to issue
each command invoked by ib_smc_update().  Experimentation shows that
the impact is still significant: for example, in a situation where an
unplugged port is opened, the throughput on the other port can be
reduced by over 99%.

Fix by throttling the rate at which link polling is attempted.

Debugged-by: Christian Iversen <ci@iversenit.dk>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Avoid using awk to format build ID as hexadecimal
Michael Brown [Sun, 31 Jan 2021 00:41:34 +0000 (00:41 +0000)] 
[build] Avoid using awk to format build ID as hexadecimal

The version of awk used in FreeBSD seems to be incapable of formatting
unsigned 32-bit integers above 0x80000000 and will silently render any
such value as 0x80000000.  For example:

  echo 3735928559 | awk '{printf "0x%08x", $1}'

will produce 0x80000000 instead of the correct 0xdeadbeef.

This results in an approximately 50% chance of a build ID collision
when building on FreeBSD.

Work around this problem by passing the decimal value directly in the
ld --defsym argument value.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Avoid using sha1sum when calculating build ID
Michael Brown [Sun, 31 Jan 2021 00:30:10 +0000 (00:30 +0000)] 
[build] Avoid using sha1sum when calculating build ID

The sha1sum command may not be available on all systems.  Use the
POSIX-confirming cksum instead.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Allow BIOS linker script to be used with FreeBSD linker
Michael Brown [Sat, 30 Jan 2021 11:48:47 +0000 (11:48 +0000)] 
[build] Allow BIOS linker script to be used with FreeBSD linker

Add a few more ABSOLUTE() expressions to convince the FreeBSD linker
that already-absolute symbols are, in fact, absolute.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Check for broken elftoolchain version of objcopy
Michael Brown [Sat, 30 Jan 2021 01:56:16 +0000 (01:56 +0000)] 
[build] Check for broken elftoolchain version of objcopy

The elftoolchain version of objcopy (as used in FreeBSD) seems to be
unusable for generating a raw binary file, since it will apparently
ignore the load memory addresses specified for each section in the
input file.

The binutils version of objcopy may be used on FreeBSD by specifying

  OBJCOPY=/usr/local/bin/objcopy

Detect an attempt to use the unusable elftoolchain version of objcopy
and report it as an error.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Avoid modifying load addresses when stripping .zinfo section
Michael Brown [Sat, 30 Jan 2021 01:35:27 +0000 (01:35 +0000)] 
[build] Avoid modifying load addresses when stripping .zinfo section

Some versions of objcopy will spuriously complain when asked to
extract the .zinfo section since doing so will nominally alter the
load addresses of the (non-loadable) .bss.* sections.

Avoid these warnings by placing the .zinfo section at the very end of
the load memory address space.

Allocate non-overlapping load memory addresses for the (non-loadable)
.bss.* sections, in the hope of avoiding spurious warnings about
overlapping load addresses.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Replace random build ID with a deterministic one
Manuel Mendez [Thu, 28 Jan 2021 21:45:04 +0000 (16:45 -0500)] 
[build] Replace random build ID with a deterministic one

Calculate the build ID as a checksum over the input files.  Since the
input files include $(BIN)/version.%.o which itself includes the build
target name (from which TGT_LD_FLAGS is calculated), this should be
sufficient to meet the requirement that the build ID be unique for
each $(BIN)/%.tmp even within the same build run.

Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Use $(shell ...) to invoke BUILD_ID_CMD
Manuel Mendez [Fri, 29 Jan 2021 14:23:54 +0000 (09:23 -0500)] 
[build] Use $(shell ...) to invoke BUILD_ID_CMD

When using $(shell), make will first invoke BUILD_ID_CMD and then have
the value defined when calling $(LD).  This means we get to see the
_build_id when building with make V=1.  Previously the build_id was
figured out as a subshell command run during the recipe execution
without being able to see the build_id itself.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Use SOURCE_DATE_EPOCH if it exists
Manuel Mendez [Sat, 16 Jan 2021 02:29:27 +0000 (21:29 -0500)] 
[build] Use SOURCE_DATE_EPOCH if it exists

See https://reproducible-builds.org/docs/source-date-epoch/ for
rationale.

Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Use recursive deletion for "make clean"
Michael Brown [Sat, 30 Jan 2021 17:37:09 +0000 (17:37 +0000)] 
[build] Use recursive deletion for "make clean"

Directories may be left behind by failed filesystem image builds, and
will not currently be successfully removed by a "make clean".

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Avoid shell brace expansion in "make clean"
Michael Brown [Sat, 30 Jan 2021 17:34:49 +0000 (17:34 +0000)] 
[build] Avoid shell brace expansion in "make clean"

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Allow elf2efi.c to build on FreeBSD
Michael Brown [Sat, 30 Jan 2021 00:11:33 +0000 (00:11 +0000)] 
[build] Allow elf2efi.c to build on FreeBSD

The elf.h on FreeBSD defines ELF_R_TYPE and ELF_R_SYM (based on the
host platform) and omits some but not all of the AArch64 relocation
types.

Fix by undefining ELF_R_TYPE and ELF_R_SYM in favour of our own
definitions, and by placing each potentially missing relocation type
within an individual #ifdef guard.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Ensure that isolinux.bin is modifiable
Michael Brown [Fri, 29 Jan 2021 23:55:36 +0000 (23:55 +0000)] 
[build] Ensure that isolinux.bin is modifiable

The -boot-info-table option to mkisofs will cause it to overwrite a
portion of the local copy of isolinux.bin.  Ensure that this file is
writable.

Originally-implemented-by: Nikolai Lifanov <lifanov@mail.lifanov.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Add syslinux search locations used on FreeBSD
Michael Brown [Fri, 29 Jan 2021 23:51:49 +0000 (23:51 +0000)] 
[build] Add syslinux search locations used on FreeBSD

Originally-implemented-by: Nikolai Lifanov <lifanov@mail.lifanov.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Drop timestamps from .a file determinism
Bernhard M. Wiedemann [Fri, 29 Jan 2021 12:41:42 +0000 (13:41 +0100)] 
[build] Drop timestamps from .a file

Make the contents of $(BLIB) deterministic to allow it to be
subsequently used for calculating a build ID.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[hermon] Perform clean MPT unmap on device shutdown
Christian Iversen [Tue, 26 Jan 2021 22:48:44 +0000 (23:48 +0100)] 
[hermon] Perform clean MPT unmap on device shutdown

This change is ported from Flexboot sources.  When stopping a Hermon
device, perform hermon_unmap_mpt() which runs HERMON_HCR_HW2SW_MPT to
bring the Memory Protection Table (MPT) back to software control.

Signed-off-by: Christian Iversen <ci@iversenit.dk>
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[hermon] Use Ethernet MAC as eIPoIB local EMAC
Christian Iversen [Tue, 26 Jan 2021 21:56:42 +0000 (22:56 +0100)] 
[hermon] Use Ethernet MAC as eIPoIB local EMAC

The eIPoIB local Ethernet MAC is currently constructed from the port
GUID.  Given a base GUID/MAC value of N, Mellanox seems to populate:

  Node GUID:   N + 0
  Port 1 GUID: N + 1
  Port 2 GUID: N + 2

and

  Port 1 MAC:  N + 0
  Port 2 MAC:  N + 1

This causes a duplicate local MAC address when port 1 is configured as
Infiniband and port 2 as Ethernet, since both will derive their MAC
address as (N + 1).

Fix by using the port's Ethernet MAC as the eIPoIB local EMAC.  This
is a behavioural change that could potentially break configurations
that rely on the local EMAC value, such as a DHCP server relying on
the chaddr field for DHCP reservations.

Signed-off-by: Christian Iversen <ci@iversenit.dk>
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>