ipxe.git
39 hours ago[efi] Veto the Itautec Ip4ConfigDxe driver itautec master
Michael Brown [Fri, 11 Jun 2021 13:46:54 +0000 (14:46 +0100)] 
[efi] Veto the Itautec Ip4ConfigDxe driver

The Ip4ConfigDxe driver bug that was observed on Dell systems in
commit 64b4452 ("[efi] Blacklist the Dell Ip4ConfigDxe driver") has
also been observed on systems with a manufacturer name of "Itautec
S.A.".  The symptoms of the bug are identical: an attempt to call
DisconnectController() on the LOM device handle will lock up the
system.

Fix by extending the veto to cover the Ip4ConfigDxe driver for this
manufacturer.

Debugged-by: Celso Viana <celso.vianna@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
5 days ago[libc] Match standard prototype for putchar()
Michael Brown [Mon, 7 Jun 2021 12:26:01 +0000 (13:26 +0100)] 
[libc] Match standard prototype for putchar()

Reported-by: Bernhard M. Wiedemann <bwiedemann@suse.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
5 days ago[base64] Include terminating NUL within base64 character array
Michael Brown [Mon, 7 Jun 2021 12:18:19 +0000 (13:18 +0100)] 
[base64] Include terminating NUL within base64 character array

Reported-by: Bernhard M. Wiedemann <bwiedemann@suse.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
5 days ago[rndis] Fix size of reserved fields rndis_padding
Michael Brown [Mon, 7 Jun 2021 11:01:10 +0000 (12:01 +0100)] 
[rndis] Fix size of reserved fields

Most RNDIS data structures include a trailing 4-byte reserved field.
For the REMOTE_NDIS_PACKET_MSG and REMOTE_NDIS_INITIALIZE_CMPLT
structures, this is an 8-byte field instead.

iPXE currently uses incorrect structure definitions with a 4-byte
reserved field in all data structures, resulting in data payloads that
overlap the last 4 bytes of the 8-byte reserved field.

RNDIS uses explicit offsets to locate any data payloads beyond the
message header, and so liberal RNDIS parsers (such as those used in
Hyper-V and in the Linux USB Ethernet gadget driver) are still able to
parse the malformed structures.

A stricter RNDIS parser (such as that found in some older Android
builds that seem to use an out-of-tree USB Ethernet gadget driver) may
reject the malformed structures since the data payload offset is less
than the header length, causing iPXE to be unable to transmit packets.

Fix by correcting the length of the reserved fields.

Debugged-by: Martin Nield <pmn1492@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
8 days ago[ath5k] Avoid returning uninitialised data on EEPROM read errors
Michael Brown [Fri, 4 Jun 2021 13:16:44 +0000 (14:16 +0100)] 
[ath5k] Avoid returning uninitialised data on EEPROM read errors

Originally-implemented-by: Bernhard M. Wiedemann <bwiedemann@suse.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
9 days ago[crypto] Add memory output constraints for big-integer inline assembly bigint_output_constraints
Michael Brown [Thu, 3 Jun 2021 12:34:14 +0000 (13:34 +0100)] 
[crypto] Add memory output constraints for big-integer inline assembly

The ARM versions of the big-integer inline assembly functions include
constraints to indicate that the output value is modified by the
assembly code.  These constraints are not present in the equivalent
code for the x86 versions.

As of GCC 11, this results in the compiler reporting that the output
values may be uninitialized.

Fix by including the relevant memory output constraints.

Reported-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 weeks ago[build] Use SOURCE_DATE_EPOCH for isohybrid MBR ID if it exists
Michael Brown [Mon, 24 May 2021 14:38:54 +0000 (15:38 +0100)] 
[build] Use SOURCE_DATE_EPOCH for isohybrid MBR ID if it exists

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 weeks ago[build] Use SOURCE_DATE_EPOCH for .iso timestamps if it exists
Michael Brown [Mon, 24 May 2021 14:26:07 +0000 (15:26 +0100)] 
[build] Use SOURCE_DATE_EPOCH for .iso timestamps if it exists

Originally-implemented-by: Bernhard M. Wiedemann <bwiedemann@suse.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 weeks ago[efi] Provide an "initrd.magic" file for use by UEFI kernels
Michael Brown [Fri, 21 May 2021 13:27:27 +0000 (14:27 +0100)] 
[efi] Provide an "initrd.magic" file for use by UEFI kernels

Provide a file "initrd.magic" via the EFI_SIMPLE_FILE_SYSTEM_PROTOCOL
that contains the initrd file as constructed for BIOS bzImage kernels
(including injected files with CPIO headers constructed by iPXE).

This allows BIOS and UEFI kernels to obtain the exact same initramfs
image, by adding "initrd=initrd.magic" to the kernel command line.
For example:

  #!ipxe
  kernel boot/vmlinuz initrd=initrd.magic
  initrd boot/initrd.img
  initrd boot/modules/e1000.ko      /lib/modules/e1000.ko
  initrd boot/modules/af_packet.ko  /lib/modules/af_packet.ko
  boot

Do not include the "initrd.magic" file within the root directory
listing, since doing so would break software such as wimboot that
processes all files within the root directory.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 weeks ago[efi] Allow for non-image-backed virtual files
Michael Brown [Tue, 18 May 2021 13:03:15 +0000 (14:03 +0100)] 
[efi] Allow for non-image-backed virtual files

Restructure the EFI_SIMPLE_FILE_SYSTEM_PROTOCOL implementation to
allow for the existence of virtual files that are not simply backed by
a single underlying image.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 weeks ago[cpio] Split out bzImage initrd CPIO header construction
Michael Brown [Mon, 17 May 2021 13:57:48 +0000 (14:57 +0100)] 
[cpio] Split out bzImage initrd CPIO header construction

iPXE will construct CPIO headers for images that have a non-empty
command line, thereby allowing raw images (without CPIO headers) to be
injected into a dynamically constructed initrd.  This feature is
currently implemented within the BIOS-only bzImage format support.

Split out the CPIO header construction logic to allow for reuse in
other contexts such as in a UEFI build.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 weeks ago[x509] Use case-insensitive comparison for certificate names
Michael Brown [Tue, 18 May 2021 10:46:28 +0000 (11:46 +0100)] 
[x509] Use case-insensitive comparison for certificate names

DNS names are case-insensitive, and RFC 5280 (unlike RFC 3280)
mandates support for case-insensitive name comparison in X.509
certificates.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 weeks ago[libc] Add strncasecmp()
Michael Brown [Tue, 18 May 2021 10:45:24 +0000 (11:45 +0100)] 
[libc] Add strncasecmp()

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 weeks ago[bnxt] Use hexadecimal values in PCI_ROM entries
Joseph [Fri, 23 Apr 2021 03:07:53 +0000 (20:07 -0700)] 
[bnxt] Use hexadecimal values in PCI_ROM entries

Use hexadecimal values instead of macros in PCI_ROM entries so Perl
script can parse them correctly.  Move PCI_ROM entries from header
file to C file.  Integrate bnxt_vf_nics array into PCI_ROM entries by
introducing BNXT_FLAG_PCI_VF flag into driver_data field.  Add
whitespaces in PCI_ROM entries for style consistency.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 weeks ago[intel] Add PCI ID for I219-V and -LM 10 to 15
Christian Nilsson [Thu, 14 Feb 2019 20:56:11 +0000 (21:56 +0100)] 
[intel] Add PCI ID for I219-V and -LM 10 to 15

Signed-off-by: Christian Nilsson <nikize@gmail.com>
4 weeks ago[image] Support archive image formats independently of "imgextract" command
Michael Brown [Wed, 12 May 2021 13:37:57 +0000 (14:37 +0100)] 
[image] Support archive image formats independently of "imgextract" command

Support for the zlib and gzip archive image formats is currently
included only if the IMAGE_ARCHIVE_CMD is used to enable the
"imgextract" command.

The ability to transparently execute a single-member archive image
without using the "imgextract" command renders this unintuitive: a
user wanting to gain the ability to boot a gzip-compressed kernel
image would expect to have to enable IMAGE_GZIP rather than
IMAGE_ARCHIVE_CMD.

Reverse the inclusion logic, so that archive image formats must now be
enabled explicitly (via IMAGE_GZIP and/or IMAGE_ZLIB), with the
archive image management commands dragged in as needed if any archive
image formats are enabled.  The archive image management commands may
be explicitly disabled via IMAGE_ARCHIVE_CMD if necessary.

This matches the behaviour of IBMGMT_CMD and similar options, where
the relevant commands are included only when something else already
drags in the underlying feature.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 weeks ago[image] Propagate trust flag to extracted archive images
Michael Brown [Wed, 12 May 2021 13:13:01 +0000 (14:13 +0100)] 
[image] Propagate trust flag to extracted archive images

An extracted image is wholly derived from the original archive image.
If the original archive image has been verified and marked as trusted,
then this trust logically extends to any image extracted from it.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 weeks ago[image] Allow single-member archive images to be executed transparently
Michael Brown [Wed, 12 May 2021 12:54:59 +0000 (13:54 +0100)] 
[image] Allow single-member archive images to be executed transparently

Provide image_extract_exec() as a helper method to allow single-member
archive images (such as gzip compressed images) to be executed without
an explicit "imgextract" step.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 weeks ago[undi] Read TSC only when profiling
Michael Brown [Wed, 12 May 2021 09:55:17 +0000 (10:55 +0100)] 
[undi] Read TSC only when profiling

Avoid using the "rdtsc" instruction unless profiling is enabled.  This
allows the non-debug build of the UNDI driver to be used on a CPU such
as a 486 that does not support the TSC.

Reported-by: Nikolai Zhubr <n-a-zhubr@yandex.ru>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 weeks ago[rng] Check for TSC support before using RTC entropy source
Michael Brown [Wed, 12 May 2021 09:24:00 +0000 (10:24 +0100)] 
[rng] Check for TSC support before using RTC entropy source

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 weeks ago[prefix] Specify i486 architecture for LZMA decompressor
Michael Brown [Wed, 12 May 2021 09:09:33 +0000 (10:09 +0100)] 
[prefix] Specify i486 architecture for LZMA decompressor

The decompressor uses the i486 "bswap" instruction, but does not
require any instructions that exist only on i586 or above.  Update the
".arch" directive to reflect the requirements of the code as
implemented.

Reported-by: Martin Habets <habetsm.xilinx@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
5 weeks ago[gzip] Add support for gzip archive images
Michael Brown [Thu, 6 May 2021 17:38:37 +0000 (18:38 +0100)] 
[gzip] Add support for gzip archive images

Signed-off-by: Michael Brown <mcb30@ipxe.org>
5 weeks ago[zlib] Add support for zlib archive images
Michael Brown [Thu, 6 May 2021 12:17:35 +0000 (13:17 +0100)] 
[zlib] Add support for zlib archive images

Signed-off-by: Michael Brown <mcb30@ipxe.org>
5 weeks ago[image] Add "imgextract" command for extracting archive images
Michael Brown [Thu, 6 May 2021 12:11:31 +0000 (13:11 +0100)] 
[image] Add "imgextract" command for extracting archive images

Add the concept of extracting an image from an archive (which could be
a single-file archive such as a gzip-compressed file), along with an
"imgextract" command to expose this functionality to scripts.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
5 weeks ago[image] Provide image_set_len() utility function
Michael Brown [Thu, 6 May 2021 12:09:30 +0000 (13:09 +0100)] 
[image] Provide image_set_len() utility function

Signed-off-by: Michael Brown <mcb30@ipxe.org>
5 weeks ago[cloud] Allow multiple images to be imported simultaneously
Michael Brown [Sun, 2 May 2021 11:23:00 +0000 (12:23 +0100)] 
[cloud] Allow multiple images to be imported simultaneously

Allow both x86_64 and arm64 images to be imported in a single import
command, thereby allowing for e.g.

  make CONFIG=cloud EMBED=config/cloud/aws.ipxe bin/ipxe.usb

  make CONFIG=cloud EMBED=config/cloud/aws.ipxe \
       CROSS=aarch64-linux-gnu- bin-arm64-efi/ipxe.usb

  ../contrib/cloud/aws-import -w amilist.txt -p \
       bin/ipxe.usb bin-arm64-efi/ipxe.usb

This simplifies the process of generating a single amilist.txt file
for inclusion in the documentation at https://ipxe.org/howto/ec2

Signed-off-by: Michael Brown <mcb30@ipxe.org>
5 weeks ago[cloud] Attempt to include CPUID_SETTINGS only for x86 builds
Michael Brown [Sun, 2 May 2021 11:35:37 +0000 (12:35 +0100)] 
[cloud] Attempt to include CPUID_SETTINGS only for x86 builds

Signed-off-by: Michael Brown <mcb30@ipxe.org>
5 weeks ago[cloud] Autodetect CPU architecture from AMI disk image
Michael Brown [Sun, 2 May 2021 08:39:10 +0000 (09:39 +0100)] 
[cloud] Autodetect CPU architecture from AMI disk image

Signed-off-by: Michael Brown <mcb30@ipxe.org>
6 weeks ago[cloud] Use a sortable default AMI name
Michael Brown [Sat, 1 May 2021 21:08:17 +0000 (22:08 +0100)] 
[cloud] Use a sortable default AMI name

The AWS console user interface provides no convenient way to sort AMIs
by creation date.

Provide a default AMI name constructed from the current date and CPU
architecture, to simplify the task of finding the most recent iPXE AMI
in a given AWS region.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
6 weeks ago[cloud] Add ability to generate Dokuwiki table of AMI images
Michael Brown [Sat, 1 May 2021 20:33:38 +0000 (21:33 +0100)] 
[cloud] Add ability to generate Dokuwiki table of AMI images

Add an option to generate the amilist.txt list of current AMI images
as included in the EC2 documentation at https://ipxe.org/howto/ec2

Signed-off-by: Michael Brown <mcb30@ipxe.org>
7 weeks ago[settings] Add --timeout option to "read" command
Michael Brown [Fri, 23 Apr 2021 11:30:30 +0000 (12:30 +0100)] 
[settings] Add --timeout option to "read" command

Requested-by: Matteo Guglielmi <Matteo.Guglielmi@dalco.ch>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
7 weeks ago[readline] Add an optional timeout to readline_history()
Michael Brown [Fri, 23 Apr 2021 11:27:57 +0000 (12:27 +0100)] 
[readline] Add an optional timeout to readline_history()

Signed-off-by: Michael Brown <mcb30@ipxe.org>
7 weeks ago[efi] Show ACPI address space descriptor ranges in debug messages
Michael Brown [Wed, 21 Apr 2021 15:13:02 +0000 (16:13 +0100)] 
[efi] Show ACPI address space descriptor ranges in debug messages

Signed-off-by: Michael Brown <mcb30@ipxe.org>
7 weeks ago[efi] Always map full length of coherent DMA buffer allocation
Michael Brown [Tue, 20 Apr 2021 13:37:08 +0000 (14:37 +0100)] 
[efi] Always map full length of coherent DMA buffer allocation

The EFI PCI API takes a page count as the input to AllocateBuffer()
but a byte count as the input to Map().  There is nothing in the UEFI
specification that requires us to map exactly the allocated length,
and no systems have yet been observed that will fail if the map length
does not exactly match the allocated length.  However, it is plausible
that some implementations may fail if asked to map a length that does
not match the length of the corresponding allocation.

Avoid potential future problems by always mapping the full allocated
length.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
7 weeks ago[build] Fix genfsimg to build ISO with long filenames
Matya [Tue, 20 Apr 2021 11:15:03 +0000 (13:15 +0200)] 
[build] Fix genfsimg to build ISO with long filenames

Commit 79c0173 ("[build] Create util/genfsimg for building
filesystem-based images") introduced the new genfsimg, which lacks the
-l option when building ISO files.  This option is required to build
level 2 (long plain) ISO9660 filenames, which are required when using
the .lkrn extensions on older versions of ISOLINUX.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
7 weeks ago[xen] Avoid infinite loop on allocation failure in xenstore_response()
Michael Brown [Tue, 20 Apr 2021 12:28:57 +0000 (13:28 +0100)] 
[xen] Avoid infinite loop on allocation failure in xenstore_response()

Signed-off-by: Michael Brown <mcb30@ipxe.org>
8 weeks ago[xen] Support scatter-gather to allow for jumbo frames xen-sg
Michael Brown [Wed, 14 Apr 2021 15:33:41 +0000 (16:33 +0100)] 
[xen] Support scatter-gather to allow for jumbo frames

The use of jumbo frames for the Xen netfront virtual NIC requires the
use of scatter-gather ("feature-sg"), with the receive descriptor ring
becoming a list of page-sized buffers and the backend using as many
page buffers as required for each packet.

Since iPXE's abstraction of an I/O buffer does not include any sort of
scatter-gather list, this requires an extra allocation and copy on the
receive datapath for any packet that spans more than a single page.

This support is required in order to successfully boot an AWS EC2
virtual machine (with non-enhanced networking) via iSCSI if jumbo
frames are enabled, since the netback driver used in EC2 seems not to
allow "feature-sg" to be renegotiated once the Linux kernel driver
takes over.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
8 weeks ago[int13] Do not report INT 13 extension support for emulated floppies
Michael Brown [Tue, 13 Apr 2021 19:30:20 +0000 (20:30 +0100)] 
[int13] Do not report INT 13 extension support for emulated floppies

The INT 13 extensions provide a mechanism for accessing disks using
linear (LBA) rather than C/H/S addressing.  SAN protocols such as
iSCSI invariably support only linear addresses and so iPXE currently
provides LBA access to all SAN disks (with autodetection and emulation
of an appropriate geometry for C/H/S accesses).

Most BIOSes will not report support for INT 13 extensions for floppy
disk drives, and some operating systems may be confused by a floppy
drive that claims such support.

Minimise surprise by reporting the existence of support for INT 13
extensions only for non-floppy drive numbers.  Continue to provide
support for all drive numbers, to avoid breaking operating systems
that may unconditionally use the INT 13 extensions without first
checking for support.

Reported-by: Valdo Toost <vtoost@hot.ee>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[cloud] Enable "poweroff" command in cloud images
Michael Brown [Sat, 10 Apr 2021 19:03:32 +0000 (20:03 +0100)] 
[cloud] Enable "poweroff" command in cloud images

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[netdevice] Ensure driver transmit() and poll() will not be re-entered
Michael Brown [Sat, 10 Apr 2021 15:53:52 +0000 (16:53 +0100)] 
[netdevice] Ensure driver transmit() and poll() will not be re-entered

When CONSOLE_SYSLOG is used, a DBG() from within a network device
driver may cause its transmit() or poll() methods to be unexpectedly
re-entered.  Since these methods are not intended to be re-entrant,
this can lead to undefined behaviour.

Add an explicit re-entrancy guard to both methods.  Note that this
must operate at a per-netdevice level, since there are legitimate
circumstances under which the netdev_tx() or netdev_poll() functions
may be re-entered (e.g. when using VLAN devices).

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[pci] Avoid scanning nonexistent buses when using PCIAPI_DIRECT
Michael Brown [Sat, 10 Apr 2021 12:14:30 +0000 (13:14 +0100)] 
[pci] Avoid scanning nonexistent buses when using PCIAPI_DIRECT

There is no method for obtaining the number of PCI buses when using
PCIAPI_DIRECT, and we therefore currently scan all possible bus
numbers.  This can cause a several-second startup delay in some
virtualised environments, since PCI configuration space access will
necessarily require the involvement of the hypervisor.

Ameliorate this situation by defaulting to scanning only a single bus,
and expanding the number of PCI buses to accommodate any subordinate
buses that are detected during enumeration.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2 months ago[intel] Add additional PCI device ID to table
Tyler J. Stachecki [Sun, 4 Apr 2021 14:13:59 +0000 (10:13 -0400)] 
[intel] Add additional PCI device ID to table

Adding this missing identifier allows the X557-AT2 chipset seen on (at
least) Super Micro A2SDI-H-TF motherboards to function with iPXE.

Signed-off-by: Tyler J. Stachecki <stachecki.tyler@gmail.com>
2 months ago[efi] Mark PE .reloc and .debug sections as discardable
Marvin Häuser [Mon, 5 Apr 2021 14:45:07 +0000 (16:45 +0200)] 
[efi] Mark PE .reloc and .debug sections as discardable

After a PE image is fully loaded and relocated, the loader code may
opt to zero discardable sections for security reasons.  This includes
relocation and debug information, as both contain hints about specific
locations within the binary.  Mark both generated sections as
discardable, which follows the PE specification.

Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
2 months ago[efi] Align EFI image sections by page size
Marvin Häuser [Thu, 8 Apr 2021 18:04:16 +0000 (20:04 +0200)] 
[efi] Align EFI image sections by page size

For optimal memory permission management, PE sections need to be
aligned by the platform's minimum page size.  Currently, the PE
section alignment is fixed to 32 bytes, which is below the typical 4kB
page size.  Align all sections to 4kB and adjust ELF to PE image
conversion accordingly.

Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
2 months ago[efi] Discard .pci_devlist.* sections for EFI images tmp
Marvin Häuser [Thu, 8 Apr 2021 17:58:35 +0000 (19:58 +0200)] 
[efi] Discard .pci_devlist.* sections for EFI images

As per https://github.com/ipxe/ipxe/pull/313#issuecomment-816018398,
these sections are not required for EFI execution.  Discard them to
avoid implementation-defined alignment malforming binaries.

Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
3 months ago[dhcp] Handle DHCPNAK by returning to discovery state
Michael Brown [Thu, 11 Mar 2021 15:54:26 +0000 (15:54 +0000)] 
[dhcp] Handle DHCPNAK by returning to discovery state

Handle a DHCPNAK by returning to the discovery state to allow iPXE to
attempt to obtain a replacement IPv4 address.

Reuse the existing logic for deferring discovery when the link is
blocked: this avoids hammering a misconfigured DHCP server with a
non-stop stream of requests and allows the DHCP process to eventually
time out and fail.

Originally-implemented-by: Blake Rouse <blake.rouse@canonical.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[linux] Fail at link time if building slirp.linux without libslirp
Michael Brown [Thu, 11 Mar 2021 15:08:57 +0000 (15:08 +0000)] 
[linux] Fail at link time if building slirp.linux without libslirp

The iPXE build system is constructed for a standalone codebase with no
external dependencies, and does not have any equivalent of the
standard userspace ./configure script.  We currently check for the
ability to include slirp/libslirp.h and conditionalise portions of
linux_api.c on its presence.  The actual slirp driver code is built
unconditionally, as with all iPXE drivers.

This currently leads to a silent runtime failure if attempting to use
slirp.linux built on a system that was missing slirp/libslirp.h.

Convert this to a link-time failure by deliberately omitting the
relevant symbols from linux_api.c when slirp/libslirp.h is not
present.  This allows other builds (e.g. tap.linux or tests.linux) to
succeed: the link-time failure will occur only if the slirp driver is
included within the build target.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[linux] Do not assume that stat() works on sysfs files
Michael Brown [Wed, 3 Mar 2021 02:24:32 +0000 (02:24 +0000)] 
[linux] Do not assume that stat() works on sysfs files

Linux kernel 3.12 and earlier report a zero size via stat() for all
ACPI table files in sysfs.  There is no way to determine the file size
other than by reading the file until EOF.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[linux] Validate length of ACPI table read from sysfs
Michael Brown [Wed, 3 Mar 2021 01:55:07 +0000 (01:55 +0000)] 
[linux] Validate length of ACPI table read from sysfs

Consumers of acpi_find() will assume that returned structures include
a valid table header and that the length in the table header is
correct.  These assumptions are necessary when dealing with raw ACPI
tables, since there exists no independent source of length
information.

Ensure that these assumptions are also valid for ACPI tables read from
sysfs.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[linux] Place -lslirp at end of linker search list
Michael Brown [Wed, 3 Mar 2021 01:09:33 +0000 (01:09 +0000)] 
[linux] Place -lslirp at end of linker search list

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[linux] Use fstat() rather than statx()
Michael Brown [Wed, 3 Mar 2021 00:34:02 +0000 (00:34 +0000)] 
[linux] Use fstat() rather than statx()

The statx() system call has a clean header file and a consistent
layout, but was unfortunately added only in kernel 4.11.

Using stat() or fstat() directly is extremely messy since glibc does
not necessarily use the kernel native data structures.  However, as
the only current use case is to obtain the length of an open file, we
can merely provide a wrapper that does precisely this.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[linux] Use generic sysfs mechanism to read SMBIOS table
Michael Brown [Tue, 2 Mar 2021 23:43:21 +0000 (23:43 +0000)] 
[linux] Use generic sysfs mechanism to read SMBIOS table

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[linux] Use generic sysfs mechanism to read ACPI tables
Michael Brown [Tue, 2 Mar 2021 23:42:36 +0000 (23:42 +0000)] 
[linux] Use generic sysfs mechanism to read ACPI tables

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[linux] Add a generic function for reading files from sysfs
Michael Brown [Tue, 2 Mar 2021 23:37:41 +0000 (23:37 +0000)] 
[linux] Add a generic function for reading files from sysfs

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[linux] Free cached ACPI tables on shutdown
Michael Brown [Tue, 2 Mar 2021 23:56:11 +0000 (23:56 +0000)] 
[linux] Free cached ACPI tables on shutdown

Free any cached ACPI tables for the sake of neatness (and a clean
report from Valgrind).

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[dns] Reduce debug verbosity for DNS server list
Michael Brown [Tue, 2 Mar 2021 20:03:21 +0000 (20:03 +0000)] 
[dns] Reduce debug verbosity for DNS server list

The DNS server list is currently printed as a debug message whenever
settings are applied.  This can result in some very noisy debug logs
when a script makes extensive use of settings.

Move the DNS server list debug messages to DBGLVL_EXTRA.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[linux] Allow arbitrary settings to be applied to Linux devices
Michael Brown [Tue, 2 Mar 2021 19:34:16 +0000 (19:34 +0000)] 
[linux] Allow arbitrary settings to be applied to Linux devices

Allow arbitrary settings to be specified on the Linux command line.
For example:

    ./bin-x86_64-linux/slirp.linux \
          --net slirp,testserver=qa-test.ipxe.org

This can be useful when using the Linux userspace build to test
embedded scripts, since it allows arbitrary parameters to be passed
directly on the command line.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[linux] Add missing pci_num_bus() stub
Michael Brown [Tue, 2 Mar 2021 18:02:21 +0000 (18:02 +0000)] 
[linux] Add missing pci_num_bus() stub

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Fix building on older versions of gcc
Michael Brown [Tue, 2 Mar 2021 16:46:14 +0000 (16:46 +0000)] 
[build] Fix building on older versions of gcc

Versions of gcc prior to 9.1 do not support the single-argument form
of static_assert().  Fix by unconditionally defining a compatibility
macro for the single file that uses this.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[slirp] Add libslirp driver for Linux
Michael Brown [Tue, 2 Mar 2021 10:20:55 +0000 (10:20 +0000)] 
[slirp] Add libslirp driver for Linux

Add a driver using libslirp to provide a virtual network interface
without requiring root permissions on the host.  This simplifies the
process of running iPXE as a Linux userspace application with network
access.  For example:

  make bin-x86_64-linux/slirp.linux
  ./bin-x86_64-linux/slirp.linux --net slirp

libslirp will provide a built-in emulated DHCP server and NAT router.
Settings such as the boot filename may be controlled via command-line
options.  For example:

  ./bin-x86_64-linux/slirp.linux \
      --net slirp,filename=http://192.168.0.1/boot.ipxe

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Allow __asmcall to be used as a type attribute
Michael Brown [Tue, 2 Mar 2021 10:15:23 +0000 (10:15 +0000)] 
[build] Allow __asmcall to be used as a type attribute

The "used" attribute can be applied only to functions or variables,
which prevents the use of __asmcall as a type attribute.

Fix by removing "used" from the definition of __asmcall for i386 and
x86_64 architectures, and adding explicit __used annotations where
necessary.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[linux] Provide ACPI settings via /sys/firmware/acpi/tables
Michael Brown [Mon, 1 Mar 2021 01:38:54 +0000 (01:38 +0000)] 
[linux] Provide ACPI settings via /sys/firmware/acpi/tables

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[acpi] Allow for platforms that provide ACPI tables individually kexec kexec2 kexec3
Michael Brown [Mon, 1 Mar 2021 00:08:23 +0000 (00:08 +0000)] 
[acpi] Allow for platforms that provide ACPI tables individually

The ACPI API currently expects platforms to provide access to a single
contiguous ACPI table.  Some platforms (e.g. Linux userspace) do not
provide a convenient way to obtain the entire ACPI table, but do
provide access to individual tables.

All iPXE consumers of the ACPI API require access only to individual
tables.

Redefine the internal API to make acpi_find() an API method, with all
existing implementations delegating to the current RSDT-based
implementation.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[acpi] Eliminate redundant acpi_find_rsdt() in acpi_sx()
Michael Brown [Sun, 28 Feb 2021 23:59:15 +0000 (23:59 +0000)] 
[acpi] Eliminate redundant acpi_find_rsdt() in acpi_sx()

The result from acpi_find_rsdt() is used only for the debug message.
Simplify the debug message and remove the otherwise redundant call to
acpi_find_rsdt().

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[acpi] Use a fixed colour for debug messages
Michael Brown [Sun, 28 Feb 2021 23:58:06 +0000 (23:58 +0000)] 
[acpi] Use a fixed colour for debug messages

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[linux] Use host glibc system call wrappers
Michael Brown [Sun, 28 Feb 2021 13:45:58 +0000 (13:45 +0000)] 
[linux] Use host glibc system call wrappers

When building as a Linux userspace application, iPXE currently
implements its own system calls to the host kernel rather than relying
on the host's C library.  The output binary is statically linked and
has no external dependencies.

This matches the general philosophy of other platforms on which iPXE
runs, since there are no external libraries available on either BIOS
or UEFI bare metal.  However, it would be useful for the Linux
userspace application to be able to link against host libraries such
as libslirp.

Modify the build process to perform a two-stage link: first picking
out the requested objects in the usual way from blib.a but with
relocations left present, then linking again with a helper object to
create a standard hosted application.  The helper object provides the
standard main() entry point and wrappers for the Linux system calls
required by the iPXE Linux drivers and interface code.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[linux] Add a prefix to all symbols to avoid future name collisions
Michael Brown [Sat, 27 Feb 2021 18:52:11 +0000 (18:52 +0000)] 
[linux] Add a prefix to all symbols to avoid future name collisions

Allow for the possibility of linking to platform libraries for the
Linux userspace build by adding an iPXE-specific symbol prefix.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[bitops] Provide an explicit operand size for bit test instructions
Michael Brown [Sat, 27 Feb 2021 15:05:20 +0000 (15:05 +0000)] 
[bitops] Provide an explicit operand size for bit test instructions

Recent versions of the GNU assembler (observed with GNU as 2.35 on
Fedora 33) will produce a warning message

  Warning: no instruction mnemonic suffix given and no register
  operands; using default for `bts'

The operand size affects only the potential range for the bit number.
Since we pass the bit number as an unsigned int, it is already
constrained to 32 bits for both i386 and x86_64.

Silence the assembler warning by specifying an explicit 32-bit operand
size (and thereby matching the choice that the assembler would
otherwise make automatically).

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[efi] Compress EFI ROM images eficompress
Michael Brown [Fri, 19 Feb 2021 19:58:04 +0000 (19:58 +0000)] 
[efi] Compress EFI ROM images

Use the reference implementation of the EFI compression algorithm
(taken from the EDK2 codebase, with minor bugfixes to allow
compilation with -Werror) to compress EFI ROM images.

Inspired-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[librm] Test for FXSAVE/FXRSTOR instruction support
Michael Brown [Thu, 18 Feb 2021 14:30:27 +0000 (14:30 +0000)] 
[librm] Test for FXSAVE/FXRSTOR instruction support

Assume that preservation of the %xmm registers is unnecessary during
installation of iPXE into memory, since this is an operation that by
its nature substantially disrupts large portions of the system anyway
(such as the E820 memory map).  This assumption allows us to utilise
the existing CPUID code to check that FXSAVE/FXRSTOR are supported.

Test for support during the call to init_librm and store the flag for
use during subsequent calls to virt_call.

Reduce the scope of TIVOLI_VMM_WORKAROUND to affecting only the call
to check_fxsr(), to reduce #ifdef pollution in the remaining code.

Debugged-by: Johannes Heimansberg <git@jhe.dedyn.io>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[librm] Add missing __asmcall on init_idt()
Michael Brown [Thu, 18 Feb 2021 14:51:28 +0000 (14:51 +0000)] 
[librm] Add missing __asmcall on init_idt()

The __asmcall declaration has no effect on a void function with no
parameters, but should be included for completeness since the function
is called directly from assembly code.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[prefix] Add a generic raw image prefix
Michael Brown [Thu, 18 Feb 2021 12:13:12 +0000 (12:13 +0000)] 
[prefix] Add a generic raw image prefix

Provide a generic raw image prefix, which assumes that the iPXE image
has been loaded in its entirety on a paragraph boundary.

The resulting .raw image can be loaded via RPL using an rpld.conf file
such as:

    HOST {
        ethernet = 00:00:00:00:00:00/6;
        FILE {
            path="ipxe.raw";
            load=0x2000;
        };
        execute=0x2000;
    };

Debugged-by: Johannes Heimansberg <git@jhe.dedyn.io>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[initrd] Allow for zero-length initrd files
Michael Brown [Thu, 18 Feb 2021 01:49:23 +0000 (01:49 +0000)] 
[initrd] Allow for zero-length initrd files

A zero-length initrd file will currently cause an endless loop during
reshuffling as the empty image is repeatedly swapped with itself.

Fix by terminating the inner loop before considering an image as a
candidate to be swapped with itself.

Reported-by: Pico Mitchell <pico@randomapplications.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[cloud] Do not enable serial console on EFI platforms
Michael Brown [Wed, 17 Feb 2021 22:37:56 +0000 (22:37 +0000)] 
[cloud] Do not enable serial console on EFI platforms

Most EFI firmware builds (including those found on ARM64 instances in
AWS EC2) will already send console output to the serial port.

Do not enable direct serial console output in EFI builds using
CONFIG=cloud.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[efi] Record cached DHCPACK from loaded image's device handle, if present cachedhcp
Michael Brown [Wed, 17 Feb 2021 18:11:43 +0000 (18:11 +0000)] 
[efi] Record cached DHCPACK from loaded image's device handle, if present

Record the cached DHCPACK obtained from the EFI_PXE_BASE_CODE_PROTOCOL
instance installed on the loaded image's device handle, if present.

This allows a chainloaded UEFI iPXE to reuse the IPv4 address and DHCP
options previously obtained by the built-in PXE stack, as is already
done for a chainloaded BIOS iPXE.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[efi] Defer autoboot link-layer address and autoexec script probing
Michael Brown [Wed, 17 Feb 2021 17:07:12 +0000 (17:07 +0000)] 
[efi] Defer autoboot link-layer address and autoexec script probing

The code to detect the autoboot link-layer address and to load the
autoexec script currently runs before the call to initialise() and so
has to function without a working heap.

This requirement can be relaxed by deferring this code to run via an
initialisation function.  This gives the code a normal runtime
environment, but still invokes it early enough to guarantee that the
original loaded image device handle has not yet been invalidated.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[efi] Split out autoexec script portions of efi_autoboot.c
Michael Brown [Wed, 17 Feb 2021 16:57:19 +0000 (16:57 +0000)] 
[efi] Split out autoexec script portions of efi_autoboot.c

The "autoboot device" and "autoexec script" functionalities in
efi_autoboot.c are unrelated except in that they both need to be
invoked by efiprefix.c before device drivers are loaded.

Split out the autoexec script portions to a separate file to avoid
potential confusion.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[pxe] Split out platform-independent portions of cachedhcp.c
Michael Brown [Wed, 17 Feb 2021 15:59:52 +0000 (15:59 +0000)] 
[pxe] Split out platform-independent portions of cachedhcp.c

Split out the portions of cachedhcp.c that can be shared between BIOS
and UEFI (both of which can provide a buffer containing a previously
obtained DHCP packet, and neither of which provide a means to
determine the length of this DHCP packet).

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[ath5k] Add missing AR5K_EEPROM_READ in ath5k_eeprom_read_turbo_modes
Bruce Rogers [Tue, 16 Feb 2021 18:29:41 +0000 (11:29 -0700)] 
[ath5k] Add missing AR5K_EEPROM_READ in ath5k_eeprom_read_turbo_modes

The GCC11 compiler pointed out something that apparently no previous
compiler noticed: in ath5k_eeprom_pread_turbo_modes, local variable
val is used uninitialized. From what I can see, the code is just
missing an initial AR5K_EEPROM_READ. Add it right before the switch
statement.

Signed-off-by: Bruce Rogers <brogers@suse.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[cloud] Enable IPv6 and HTTPS in cloud boot images
Michael Brown [Tue, 16 Feb 2021 10:58:42 +0000 (10:58 +0000)] 
[cloud] Enable IPv6 and HTTPS in cloud boot images

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[cloud] Add utility for importing images to AWS EC2
Michael Brown [Tue, 16 Feb 2021 00:27:40 +0000 (00:27 +0000)] 
[cloud] Add utility for importing images to AWS EC2

Add a utility that can be used to upload an iPXE disk image to AWS EC2
as an Amazon Machine Image (AMI).  For example:

  make CONFIG=cloud EMBED=config/cloud/aws.ipxe bin/ipxe.usb

  ../contrib/cloud/aws-import -p -n "iPXE 1.21.1" bin/ipxe.usb

Uploads are performed in parallel across all regions, and use the EBS
direct APIs to avoid the need to store temporary files in S3 or to run
VM import tasks.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Work around stray sections introduced by some binutils versions usbdisk
Michael Brown [Mon, 15 Feb 2021 09:54:03 +0000 (09:54 +0000)] 
[build] Work around stray sections introduced by some binutils versions

Some versions of GNU ld (observed with binutils 2.36 on Arch Linux)
introduce a .note.gnu.property section marked as loadable at a high
address and with non-empty contents.  This adds approximately 128MB of
garbage to the BIOS .usb disk images.

Fix by using a custom linker script for the prefix-only binaries such
as the USB disk partition table and MBR, in order to allow unwanted
sections to be explicitly discarded.

Reported-by: Christian Hesse <mail@eworm.de>
Tested-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[cloud] Use PCIAPI_DIRECT for cloud images
Michael Brown [Sat, 13 Feb 2021 19:41:03 +0000 (19:41 +0000)] 
[cloud] Use PCIAPI_DIRECT for cloud images

The version of SeaBIOS found on some AWS EC2 instances (observed with
t3a.nano in eu-west-1) has no support for the INT 1A PCI BIOS calls.

Bring config/ioapi.h into the named-configuration set of headers, and
specify the use of PCIAPI_DIRECT for CONFIG=cloud, to work around the
missing PCI BIOS support.

Switching to a different named configuration will now unfortunately
cause an almost complete rebuild of iPXE.  As described in commit
c801cb2 ("[build] Allow for named configurations at build time"), this
is the reason why config/ioapi.h was not originally in the
named-configuration set of header files.

This rebuild cost is acceptable given that build times are
substantially faster now than seven years ago, and that very few
people are likely to be switching named configurations on a regular
basis.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[ena] Switch to two-phase reset mechanism
Michael Brown [Sat, 13 Feb 2021 18:55:39 +0000 (18:55 +0000)] 
[ena] Switch to two-phase reset mechanism

The Linux and FreeBSD drivers for the (totally undocumented) ENA
adapters use a two-phase reset mechanism: first set ENA_CTRL.RESET and
wait for this to be reflected in ENA_STAT.RESET, then clear
ENA_CTRL.RESET and again wait for it to be reflected in
ENA_STAT.RESET.

The iPXE driver currently assumes a self-clearing reset mechanism,
which appeared to work at the time that the driver was created but
seems no longer to function, at least on the t3.nano and t3a.nano
instance types found in eu-west-1.

Switch to a simplified version of the two-phase reset mechanism as
used by Linux and FreeBSD.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Use .balign directive instead of .align
Michael Brown [Fri, 12 Feb 2021 23:22:54 +0000 (23:22 +0000)] 
[build] Use .balign directive instead of .align

The semantics of the assembler's .align directive vary by CPU
architecture.  For the ARM builds, it specifies a power of two rather
than a number of bytes.  This currently leads to the .einfo entries
(which do not appear in the final binary) having an alignment of 256
bytes for the ARM builds.

Fix by switching to the GNU-specific directive .balign, which is
consistent across architectures

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Remove support for building with the Intel C compiler
Michael Brown [Fri, 12 Feb 2021 21:56:53 +0000 (21:56 +0000)] 
[build] Remove support for building with the Intel C compiler

Support for building with the Intel C compiler (icc) was added in 2009
in the expectation that UEFI support would eventually involve
compiling iPXE to EFI Byte Code.

EFI Byte Code has never found any widespread use: no widely available
compilers can emit it, Microsoft refuses to sign EFI Byte Code
binaries for UEFI Secure Boot, and I have personally never encountered
any examples of EFI Byte Code in the wild.

The support for using the Intel C compiler has not been tested in over
a decade, and would almost certainly require modification to work with
current releases of the compiler.

Simplify the build process by removing this old legacy code.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
3 months ago[build] Report detailed errors when unable to find a usable mkisofs
Michael Brown [Fri, 12 Feb 2021 12:13:18 +0000 (12:13 +0000)] 
[build] Report detailed errors when unable to find a usable mkisofs

As of commit 7c3d186 ("[build] Check that mkisofs equivalent supports
the required options"), we may refuse to use a mkisofs equivalent if
it does not support the options required to produce the requested
output file.

This can result in confusing error messages since the user is unaware
of the reason for which the installed mkisofs or genisoimage has been
rejected.

Fix by explicitly reporting the reason why each possible mkisofs
equivalent could not be used.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 months ago[ci] Disable redundant scheduled execution of Coverity Scan
Michael Brown [Fri, 5 Feb 2021 11:59:27 +0000 (11:59 +0000)] 
[ci] Disable redundant scheduled execution of Coverity Scan

The scheduled Coverity Scan run is triggered by an external mechanism
that synchronises the coverity_scan branch with the master branch.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 months ago[ci] Disable Travis CI
Michael Brown [Wed, 3 Feb 2021 16:08:10 +0000 (16:08 +0000)] 
[ci] Disable Travis CI

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 months ago[ci] Add GitHub action for Coverity Scan
Michael Brown [Thu, 4 Feb 2021 16:15:33 +0000 (16:15 +0000)] 
[ci] Add GitHub action for Coverity Scan

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 months ago[ci] Add GitHub action for build testing
Michael Brown [Wed, 3 Feb 2021 16:06:35 +0000 (16:06 +0000)] 
[ci] Add GitHub action for build testing

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 months ago[build] Work around distros that use -fcf-protection=full by default
Michael Brown [Thu, 4 Feb 2021 11:07:46 +0000 (11:07 +0000)] 
[build] Work around distros that use -fcf-protection=full by default

Some patched versions of gcc (observed with gcc 9.3.0 on Ubuntu 20.04)
enable -fcf-protection=full by default.  This breaks code that is not
explicitly written to expect the use of this flag.  The breakage
occurs only at runtime if the affected code (such as setjmp()) happens
to execute, and is therefore a particularly pernicious class of bug to
be introduced into working code by a broken compiler.

Work around these broken patched versions of gcc by detecting support
for -fcf-protection and explicitly setting -fcf-protection=none if
found.

If any Ubuntu maintainers are listening: PLEASE STOP DOING THIS.  It's
extremely unhelpful to have to keep working around breakages that you
introduce by modifying the compiler's default behaviour.  Do what Red
Hat does instead: set your preferred CFLAGS within the package build
system rather than by patching the compiler to behave in violation of
its own documentation.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 months ago[build] Work around -fPIE patched versions of gcc on all architectures
Michael Brown [Thu, 4 Feb 2021 02:05:28 +0000 (02:05 +0000)] 
[build] Work around -fPIE patched versions of gcc on all architectures

Several distributions include versions of gcc that are patched to
create position-independent executables by default.  These have caused
multiple problems over the years: see e.g. commits fe61f6d ("[build]
Fix compilation when gcc is patched to default to -fPIE -Wl,-pie"),
5de1346 ("[build] Apply the "-fno-PIE -nopie" workaround only to i386
builds"), 7c395b0 ("[build] Use -no-pie on newer versions of gcc"),
and decee20 ("[build] Disable position-independent code for ARM64 EFI
builds").

The build system currently attempts to work around these mildly broken
patched versions of gcc for the i386 and arm64 architectures.  This
misses the relatively obscure bin-x86_64-pcbios build platform, which
turns out to also require the same workaround.

Attempt to preempt the next such required workaround by moving the
existing i386 version to apply to all platforms and all architectures,
unless -fpie has been requested explicitly by another Makefile (as is
done by arch/x86_64/Makefile.efi).

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 months ago[build] Avoid spurious "make clean" when building for the first time
Michael Brown [Thu, 4 Feb 2021 02:45:45 +0000 (02:45 +0000)] 
[build] Avoid spurious "make clean" when building for the first time

The function trace recorder build logic defaults to making "clean" a
dependency of the first build in a clean checkout.  This is redundant
and causes problems if the build process spins up multiple make
invocations to handle multiple build architectures.

Fix by replacing with logic based on the known-working patterns used
for the ASSERT and PROFILE build parameters.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 months ago[efi] Fix erroneous comparison of a pointer against userptr_t
Michael Brown [Wed, 3 Feb 2021 16:00:06 +0000 (16:00 +0000)] 
[efi] Fix erroneous comparison of a pointer against userptr_t

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 months ago[contrib] Update bochsrc.txt to work with current versions 8d337ec
Michael Brown [Mon, 1 Feb 2021 23:57:37 +0000 (23:57 +0000)] 
[contrib] Update bochsrc.txt to work with current versions

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 months ago[hermon] Add support for ConnectX-3 based cards
Christian Iversen [Tue, 26 Jan 2021 23:08:18 +0000 (00:08 +0100)] 
[hermon] Add support for ConnectX-3 based cards

After a ton of tedious work, I am pleased to finally introduce full
support for ConnectX-3 cards in iPXE!

The work has been done by finding all publicly available versions of
the Mellanox Flexboot sources, cleaning them up, synthesizing a git
history from them, cleaning out non-significant changes, and
correlating with the iPXE upstream git history.

After this, a proof-of-concept diff was produced, that allowed iPXE to
be compiled with rudimentary ConnectX-3 support. This diff was over
10k lines, and contained many changes that were not part of the core
driver.

Special thanks to Michael Brown <mcb30@ipxe.org> for answering my
barrage of questions, and helping brainstorm the development along the
way.

Signed-off-by: Christian Iversen <ci@iversenit.dk>
4 months ago[autoboot] Avoid closing and immediately reopening network device
Michael Brown [Mon, 1 Feb 2021 23:32:34 +0000 (23:32 +0000)] 
[autoboot] Avoid closing and immediately reopening network device

Some network devices can take a substantial time to close and reopen.
Avoid closing the device from which we are about to attempt booting,
in case it happens to be already open.

Suggested-by: Christian Iversen <ci@iversenit.dk>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 months ago[hermon] Avoid parsing length field on completion errors
Michael Brown [Mon, 1 Feb 2021 23:06:04 +0000 (23:06 +0000)] 
[hermon] Avoid parsing length field on completion errors

The CQE length field will not be valid for a completion in error.
Avoid parsing the length field and just call the completion handler
directly.

In debug builds, also dump the queue pair context to allow for
inspection of the error.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
4 months ago[hermon] Make hermon_dump_xxx() functions no-ops on non-debug builds
Michael Brown [Mon, 1 Feb 2021 22:57:57 +0000 (22:57 +0000)] 
[hermon] Make hermon_dump_xxx() functions no-ops on non-debug builds

Signed-off-by: Michael Brown <mcb30@ipxe.org>