Michael Brown [Thu, 19 Feb 2015 16:00:01 +0000 (16:00 +0000)]
[libc] Rewrite strtoul()
The implementation of strtoul() has a partially unknown provenance.
Rewrite this code to avoid potential licensing uncertainty.
Since we now use -ffunction-sections, there is no need to place
strtoull() in a separate file from strtoul().
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 19 Feb 2015 14:02:07 +0000 (14:02 +0000)]
[ipv4] Rewrite inet_aton()
The implementation of inet_aton() has an unknown provenance. Rewrite
this code to avoid potential licensing uncertainty.
Also move the code from core/misc.c to its logical home in net/ipv4.c,
and add a few extra test cases.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 18 Feb 2015 14:16:59 +0000 (14:16 +0000)]
[legal] Add missing copyright header to net/ipv4.c
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 18 Feb 2015 14:11:32 +0000 (14:11 +0000)]
[test] Add IPv4 self-tests
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 18 Feb 2015 11:10:55 +0000 (11:10 +0000)]
[xhci] Abort commands on timeout
When a command times out, abort it (via the Command Abort bit in the
Command Ring Control Register) so that subsequent commands may execute
as expected.
This improves robustness when a device fails to respond to the Set
Address command, since the subsequent Disable Slot command will now
succeed.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 18 Feb 2015 09:25:36 +0000 (09:25 +0000)]
[xhci] Leak memory if controller fails to disable slot
If the Disable Slot command fails then the hardware may continue to
write to the slot context. Leak the memory used by the slot context
to avoid future memory corruption.
This situation has been observed in practice when a Set Address
command fails, causing the command ring to become temporarily
unresponsive.
Note that there is no need to similarly leak memory on the failure
path in xhci_device_open(), since in the event of a failure the
hardware is never informed of the slot context address.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Tue, 17 Feb 2015 16:24:02 +0000 (16:24 +0000)]
[timer] Rewrite the 8254 Programmable Interval Timer support
The 8254 timer code (used to implement udelay()) has an unknown
provenance. Rewrite this code to avoid potential licensing
uncertainty.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Sun, 15 Feb 2015 23:32:39 +0000 (23:32 +0000)]
[ncm] Use generic USB network device framework
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 16 Feb 2015 14:06:27 +0000 (14:06 +0000)]
[ecm] Use generic USB network device framework
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 16 Feb 2015 14:05:45 +0000 (14:05 +0000)]
[usb] Add generic USB network device framework
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Tue, 17 Feb 2015 00:42:28 +0000 (00:42 +0000)]
[libc] Reduce size of memset()
As with memcpy(), we can reduce the code size (by an average of 0.2%)
by giving the compiler more visibility into what memset() is doing,
and by avoiding the "rep" prefix on short fixed-length sequences of
string operations.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Tue, 17 Feb 2015 00:41:40 +0000 (00:41 +0000)]
[test] Add constant-length memset() self-tests
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 16 Feb 2015 16:26:01 +0000 (16:26 +0000)]
[test] Add self-tests for more string functions
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 16 Feb 2015 17:59:11 +0000 (17:59 +0000)]
[libc] Rewrite string functions
Some of the C library string functions have an unknown provenance.
Reimplement all such functions to avoid potential licensing
uncertainty.
Remove the inline-assembler versions of strlen(), memswap(), and
strncmp(); these save a minimal amount of space (around 40 bytes in
total) and are not performance-critical.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 16 Feb 2015 15:33:32 +0000 (15:33 +0000)]
[libc] Remove unused string functions
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 12 Feb 2015 15:17:21 +0000 (15:17 +0000)]
[ncm] Use generic refill framework for bulk IN and interrupt endpoints
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 12 Feb 2015 15:16:40 +0000 (15:16 +0000)]
[ecm] Use generic refill framework for bulk IN and interrupt endpoints
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 12 Feb 2015 15:15:57 +0000 (15:15 +0000)]
[usb] Use generic refill framework for USB hub interrupt endpoints
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 12 Feb 2015 15:14:04 +0000 (15:14 +0000)]
[usb] Provide generic framework for refilling receive endpoints
Provide a generic framework for allocating, refilling, and optionally
recycling I/O buffers used by bulk IN and interrupt endpoints.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 12 Feb 2015 15:58:26 +0000 (15:58 +0000)]
[build] Apply the "-fno-PIE -nopie" workaround only to i386 builds
Hardened versions of gcc default to building position-independent
code, which breaks our i386 build. Our build process therefore
detects such platforms and automatically adds "-fno-PIE -nopie" to the
gcc command line.
On x86_64, we choose to build position-independent code (in order to
reduce the final binary size and, in particular, the number of
relocations required for UEFI binaries). The workaround therefore
breaks the build process for x86_64 binaries on such platforms.
Fix by moving the workaround to the i386-specific portion of the
Makefile.
Reported-by: Jan Kundrát <jkt@kde.org>
Debugged-by: Jan Kundrát <jkt@kde.org>
Debugged-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 12 Feb 2015 13:35:11 +0000 (13:35 +0000)]
[efi] Disallow R_X86_64_32 relocations
UEFI binaries may be relocated to any location within the 64-bit
address space. We compile as position-independent code with hidden
visibility, which should force all relocation records to be either
PC-relative (in which case no PE relocations are required) or full
64-bit relocations. There should be no R_X86_64_32 relocation
records, since that would imply an invalid assumption that code could
not be relocated above 4GB.
Remove support for R_X86_64_32 relocation records from util/elf2efi.c,
so that any such records result in a build failure rather than a
potential runtime failure.
Reported-by: Jan Kundrát <jkt@kde.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Olaf Hering [Mon, 2 Feb 2015 13:54:12 +0000 (14:54 +0100)]
[build] Sort objects in blib.a
When building hvmloader for Xen tools the iPXE objects are also linked
into the binary. Unfortunately the linker will place them in the
order found in the archive. Since this order is random the resulting
hvmloader binary differs when it was built from identical sources but
on different build hosts. To help with creating a reproducible binary
the elements in blib.a must simply be sorted before passing them to
$(AR).
Signed-off-by: Olaf Hering <olaf@aepfle.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 12 Feb 2015 00:46:22 +0000 (00:46 +0000)]
[usb] Handle port status changes received after failing to find a driver
Commit a60f2dd ("[usb] Try multiple USB device configurations")
changed the behaviour of register_usb() such that if no drivers are
found then the device will be closed and the memory used will be
freed.
If a port status change subsequently occurs while the device is still
physically attached, then usb_hotplug() will see this as a new device
having been attached, since there is no device recorded as being
currently attached to the port. This can lead to spurious hotplug
events (or even endless loops of hotplug events, if the process of
opening and closing the device happens to generate a port status
change).
Fix by using a separate flag to indicate that a device is physically
attached (even if we have no corresponding struct usb_device).
Reported-by: Dan Ellis <Dan.Ellis@displaylink.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 11 Feb 2015 17:26:51 +0000 (17:26 +0000)]
[rndis] Add rndis_rx_err()
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 11 Feb 2015 14:22:43 +0000 (14:22 +0000)]
[build] Allow product tag line to be customised via config/branding.h
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 11 Feb 2015 13:57:34 +0000 (13:57 +0000)]
[build] Allow setting help text URI to be customised via config/branding.h
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 11 Feb 2015 13:49:02 +0000 (13:49 +0000)]
[build] Allow command help text URI to be customised via config/branding.h
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 11 Feb 2015 13:32:57 +0000 (13:32 +0000)]
[build] Allow error message URI to be customised via config/branding.h
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 11 Feb 2015 13:08:36 +0000 (13:08 +0000)]
[build] Allow product URI to be customised via config/branding.h
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 11 Feb 2015 13:02:52 +0000 (13:02 +0000)]
[build] Use PRODUCT_SHORT_NAME for end-user visible strings
Use PRODUCT_SHORT_NAME instead of a hardcoded "iPXE" for strings which
are typically shown in the user interface.
Note that this only allows for customisation of the user interface.
Where the "iPXE" string serves a technical purpose (such as in the
HTTP User-Agent), the string cannot be customised.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 11 Feb 2015 12:51:58 +0000 (12:51 +0000)]
[build] Move branding information to config/branding.h
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 11 Feb 2015 11:18:35 +0000 (11:18 +0000)]
[xhci] Delay after (possibly) forcing port link state to RxDetect
Some xHCI controllers (observed with a Renesas Electronics PCIe USB3
card) seem to require a delay after forcing the link state of USB3
ports to RxDetect. Omitting this delay causes strange behaviour
including system lockups.
Add an unconditional 20ms delay after writing the port link states.
This seems to be sufficient to avoid the problem.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 9 Feb 2015 16:36:06 +0000 (16:36 +0000)]
[ecm] Add support for CDC-ECM USB Ethernet devices
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Tue, 10 Feb 2015 13:45:57 +0000 (13:45 +0000)]
[usb] Allow usb_stream() to enforce a terminating short packet
Some USB endpoints require that a short packet be used to terminate
transfers, since they have no other way to determine message
boundaries. If the message length happens to be an exact multiple of
the USB packet size, then this requires the use of an additional
zero-length packet.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 9 Feb 2015 23:50:35 +0000 (23:50 +0000)]
[usb] Parse endpoint descriptor bInterval field
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 9 Feb 2015 16:33:49 +0000 (16:33 +0000)]
[usb] Handle CDC union functional descriptors
USB Communications Device Class devices may use a union functional
descriptor to group several interfaces into a function.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 9 Feb 2015 13:37:34 +0000 (13:37 +0000)]
[usb] Try multiple USB device configurations
Iterate over a USB device's available configurations until we find one
for which we have working drivers.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Fri, 6 Feb 2015 15:46:43 +0000 (15:46 +0000)]
[ncm] Reserve headroom in received packets
Some protocols (such as ARP) may modify the received packet and re-use
the same I/O buffer for transmission of a reply. To allow this,
reserve sufficient headroom at the start of each received packet
buffer for our transmit datapath headers.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Fri, 6 Feb 2015 14:13:26 +0000 (14:13 +0000)]
[pxe] Maintain a queue for received PXE UDP packets
Some devices return multiple packets in a single poll. Handle such
devices gracefully by enqueueing received PXE UDP packets (along with
a pseudo-header to hold the IPv4 addresses and port numbers) and
dequeueing them on subsequent calls to PXENV_UDP_READ.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Fri, 6 Feb 2015 12:27:20 +0000 (12:27 +0000)]
[pxe] Use tftp_uri() to construct PXE TFTP URIs
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Fri, 6 Feb 2015 12:18:18 +0000 (12:18 +0000)]
[uri] Allow tftp_uri() to construct a URI with a custom port
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Fri, 6 Feb 2015 12:08:54 +0000 (12:08 +0000)]
[tftp] Explicitly abort connection whenever parent interface is closed
Fetching the TFTP file size is currently implemented via a custom
"tftpsize://" protocol hack. Generalise this approach to instead
close the TFTP connection whenever the parent data-transfer interface
is closed.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Fri, 6 Feb 2015 01:29:11 +0000 (01:29 +0000)]
[ncm] Use large multi-packet buffers by default
Some devices have a very small number of internal buffers, and rely on
being able to pack multiple packets into each buffer. Using 2048-byte
buffers on such devices produces throughput of around 100Mbps. Using
a small number of much larger buffers (e.g. 32kB) increases the
throughput to around 780Mbps. (The full 1Gbps is not reached because
the high RTT induced by the use of multi-packet buffers causes us to
saturate our 256kB TCP window.)
Since allocation of large buffers is very likely to fail, allocate the
buffer set only once when the device is opened and recycle buffers
immediately after use. Received data is now always copied to
per-packet buffers.
If allocation of large buffers fails, fall back to allocating a larger
number of smaller buffers. This will give reduced performance, but
the device will at least still be functional.
Share code between the interrupt and bulk IN endpoint handlers, since
the buffer handling is now very similar.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 5 Feb 2015 12:40:05 +0000 (12:40 +0000)]
[usb] Report xHCI host controller events
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 2 Feb 2015 14:41:19 +0000 (14:41 +0000)]
[ncm] Add support for CDC-NCM USB Ethernet devices
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 2 Feb 2015 14:40:06 +0000 (14:40 +0000)]
[usb] Add support for xHCI host controllers
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 2 Feb 2015 14:38:42 +0000 (14:38 +0000)]
[usb] Add basic support for USB hubs
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 2 Feb 2015 14:37:00 +0000 (14:37 +0000)]
[usb] Add basic support for USB devices
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 2 Feb 2015 15:11:41 +0000 (15:11 +0000)]
[romprefix] Ensure UNDI loader can be included by all ROM types
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 2 Feb 2015 14:31:18 +0000 (14:31 +0000)]
[pci] Allow drivers to specify a PCI class
Allow drivers to specify a supported PCI class code. To save space in
the final binary, make this an attribute of the driver rather than an
attribute of a PCI device ID list entry.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Sun, 21 Dec 2014 01:49:13 +0000 (01:49 +0000)]
[build] Include Hyper-V driver in the all-drivers build
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Sun, 21 Dec 2014 01:36:07 +0000 (01:36 +0000)]
[hyperv] Require support for VMBus version 3.0 or newer
We require the ability to disconnect from and reconnect to VMBus; if
we don't have this then there is no (viable) way for a loaded
operating system to continue to use any VMBus devices. (There is also
a small but non-zero risk that the host will continue to write to our
interrupt and monitor pages, since the VMBUS_UNLOAD message in earlier
versions is essentially a no-op.)
This requires us to ensure that the host supports protocol version 3.0
(VMBUS_VERSION_WIN8_1). However, we can't actually _use_ protocol
version 3.0, since doing so causes an iSCSI-booted Windows Server 2012
R2 VM to crash due to a NULL pointer dereference in vmbus.sys.
To work around this problem, we first ensure that we can connect using
protocol v3.0, then disconnect and reconnect using the oldest known
protocol.
This deliberately prevents the use of the iPXE native Hyper-V drivers
on older versions of Hyper-V, where we could use our drivers but in so
doing would break the loaded operating system.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Sat, 20 Dec 2014 21:32:30 +0000 (21:32 +0000)]
[hyperv] Tidy up debug output
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Sat, 20 Dec 2014 21:20:52 +0000 (21:20 +0000)]
[rndis] Ignore start-of-day RNDIS_INDICATE_STATUS_MSG with status 0x40020006
Windows Server 2012 R2 generates an RNDIS_INDICATE_STATUS_MSG with a
status code of 0x4002006. This status code does not appear to be
documented anywhere within the sphere of human knowledge.
Explicitly ignore this status code in order to avoid unnecessarily
cluttering the display when RNDIS debugging is enabled.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Sat, 20 Dec 2014 21:01:27 +0000 (21:01 +0000)]
[hyperv] Assume that VMBus xfer page ranges correspond to RNDIS messages
The (undocumented) VMBus protocol seems to allow for transfer
page-based packets where the data payload is split into an arbitrary
set of ranges within the transfer page set.
The RNDIS protocol includes a length field within the header of each
message, and it is known from observation that multiple RNDIS messages
can be concatenated into a single VMBus message.
iPXE currently assumes that the transfer page range boundaries are
entirely arbitrary, and uses the RNDIS header length to determine the
RNDIS message boundaries.
Windows Server 2012 R2 generates an RNDIS_INDICATE_STATUS_MSG for an
undocumented and unknown status code (0x40020006) with a malformed
RNDIS header length: the length does not cover the StatusBuffer
portion of the message. This causes iPXE to report a malformed RNDIS
message and to discard any further RNDIS messages within the same
VMBus message.
The Linux Hyper-V driver assumes that the transfer page range
boundaries correspond to RNDIS message boundaries, and so does not
notice the malformed length field in the RNDIS header.
Match the behaviour of the Linux Hyper-V driver: assume that the
transfer page range boundaries correspond to the RNDIS message
boundaries and ignore the RNDIS header length. This avoids triggering
the "malformed packet" error and also avoids unnecessary data copying:
since we now have one I/O buffer per RNDIS message, there is no longer
any need to use iob_split().
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Sat, 20 Dec 2014 12:41:42 +0000 (12:41 +0000)]
[hyperv] Increase TX ring size
Empirical observation suggests that 32 is a sensible size to minimise
the number of deferred packet transmissions without overflowing the
VMBus transmit ring buffer.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Sat, 20 Dec 2014 12:40:17 +0000 (12:40 +0000)]
[hyperv] Receive all VMBus messages in a poll
Allow for elision of transmitted TCP ACKs by handling all received
VMBus messages in each network device poll operation.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Sat, 20 Dec 2014 12:06:35 +0000 (12:06 +0000)]
[rndis] Clear receive filter when closing the device
On Windows Server 2012 R2, closing and reopening the device will
sometimes result in a non-functional RX datapath. The root cause is
unknown. Clearing the receive filter before closing the device seems
to fix the problem.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Fri, 19 Dec 2014 18:31:57 +0000 (18:31 +0000)]
[hyperv] Tear down NetVSC RX buffer GPADL after closing VMBus device
On Windows Server 2012 R2, the receive buffer teardown completion
message seems to occasionally be deferred until after the VMBus
channel has been closed. This happens even if there are no packets
currently in the receive buffer.
Work around this problem by separating the revocation and teardown of
the receive buffer, and deferring the teardown until after the VMBus
channel has been closed.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Fri, 19 Dec 2014 18:09:04 +0000 (18:09 +0000)]
[rndis] Send RNDIS_HALT_MSG
The RNDIS specification requires that we send RNDIS_HALT_MSG.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Fri, 19 Dec 2014 17:04:25 +0000 (17:04 +0000)]
[rndis] Send RNDIS_INITIALISE_MSG
The Hyper-V RNDIS implementation on Windows Server 2012 R2 requires
that we send an explicit RNDIS initialisation message in order to get
a working RX datapath.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 11 Dec 2014 17:24:30 +0000 (17:24 +0000)]
[hyperv] Add support for NetVSC paravirtual network devices
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 11 Dec 2014 17:23:45 +0000 (17:23 +0000)]
[hyperv] Add support for VMBus devices
Add support for an abstraction of a VMBus device.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 11 Dec 2014 17:22:18 +0000 (17:22 +0000)]
[hyperv] Add support for Hyper-V hypervisor
Add support for detecting and communicating with the Hyper-V
hypervisor.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 11 Dec 2014 17:13:38 +0000 (17:13 +0000)]
[rndis] Add generic RNDIS device abstraction
RNDIS provides an abstraction of a network device on top of a generic
packet transmission mechanism.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 11 Dec 2014 17:10:01 +0000 (17:10 +0000)]
[iobuf] Add iob_split() to split an I/O buffer into portions
RNDIS devices may provide multiple packets encapsulated into a single
message. Provide an API to allow the RNDIS driver to split an I/O
buffer into smaller portions.
The current implementation will always copy the underlying data,
rather than splitting the buffer in situ.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 18 Dec 2014 14:38:45 +0000 (14:38 +0000)]
[device] Provide a driver-private data field for root devices
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 15 Dec 2014 14:48:02 +0000 (14:48 +0000)]
[malloc] Report caller address as soon as memory corruption is detected
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 15 Dec 2014 14:45:05 +0000 (14:45 +0000)]
[malloc] Check integrity of free list
Check the integrity of the free memory block list before and after any
modifications to the list. We check that certain invariants are
preserved:
- the list is a well-formed doubly linked list
- all blocks are at least MIN_MEMBLOCK_SIZE
- no block extends beyond the end of our address space
- blocks remain sorted in ascending order of address
- no blocks are adjacent (i.e. any adjacent blocks have been merged)
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 15 Dec 2014 14:42:26 +0000 (14:42 +0000)]
[malloc] Sanity check parameters to alloc_memblock() and free_memblock()
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 15 Dec 2014 14:34:59 +0000 (14:34 +0000)]
[malloc] Tidy up debug output
Colourise debug output and move per-allocation messages to DBGLVL_EXTRA.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Tue, 9 Dec 2014 13:12:01 +0000 (13:12 +0000)]
[list] Add sanity checks after list-adding functions
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 10 Dec 2014 01:45:30 +0000 (01:45 +0000)]
[libc] Add ASSERTED macro to test if any assertion has triggered
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Tue, 9 Dec 2014 23:49:11 +0000 (23:49 +0000)]
[netdevice] Fix erroneous use of free(iobuf) instead of free_iob(iobuf)
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Fri, 12 Dec 2014 10:16:26 +0000 (10:16 +0000)]
[vmxnet3] Add profiling code to exclude time spent in the hypervisor
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 24 Nov 2014 14:55:07 +0000 (14:55 +0000)]
[crypto] Fix parsing of OCSP responder ID key hash
We currently compare the entirety of the KeyHash object (including the
ASN.1 tag and length byte) against the raw SHA-1 hash of the
certificate's public key. This causes OCSP validation to fail for any
responses which identify the responder by key hash rather than by
name, and hence prevents the use of X.509 certificates where any
certificate in the chain has an OCSP responder which chooses to
identify itself via its key hash.
Fix by adding the missing asn1_enter() required to enter the ASN.1
octet string containing the key hash.
Also add a corresponding test case including an OCSP response where
the responder is identified by key hash, to ensure that this
functionality cannot be broken in future.
Debugged-by: Brian Rak <brak@gameservers.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Fri, 31 Oct 2014 15:18:54 +0000 (15:18 +0000)]
[intel] Use autoloaded MAC address instead of EEPROM MAC address
The i350 (and possibly other Intel NICs) have a non-trivial
correspondence between the PCI function number and the external
physical port number. For example, the i350 has a "LAN Function Sel"
bit within the EEPROM which can invert the mapping so that function 0
becomes port 3, function 1 becomes port 2, etc.
Unfortunately the MAC addresses within the EEPROM are indexed by
physical port number rather than PCI function number. The end result
is that when anything other than the default mapping is used, iPXE
will use the wrong address as the base MAC address.
Fix by using the autoloaded MAC address if it is valid, and falling
back to reading the MAC address directly from the EEPROM only if no
autoloaded address is available.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 23 Oct 2014 15:52:08 +0000 (16:52 +0100)]
[ping] Allow "ping" command output to be inhibited
Originally-implemented-by: Cedric Levasseur <cyr-ius@ipocus.net>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 23 Oct 2014 15:30:58 +0000 (16:30 +0100)]
[ping] Allow termination after a specified number of packets
Add the "-c <count>" option to the "ping" command, allowing for
automatic termination after a specified number of packets.
When a number of packets is specified:
- if a serious error (i.e. length mismatch or content mismatch)
occurs, then the ping will be immediately terminated with the relevant
status code;
- if at least one response is received successfully, and all errors
are non-serious (i.e. timeouts or out-of-sequence responses), then
the ping will be terminated after the final response (or timeout)
with a success status;
- if no responses are received successfully, then the ping will be
terminated after the final timeout with ETIMEDOUT.
If no number of packets is specified, then the ping will continue
until manually interrupted.
Originally-implemented-by: Cedric Levasseur <cyr-ius@ipocus.net>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 23 Oct 2014 14:04:10 +0000 (15:04 +0100)]
[ping] Report timed-out pings via the callback function
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Fri, 17 Oct 2014 15:36:00 +0000 (16:36 +0100)]
[efi] Include NII driver within "snp" and "snponly" build targets
End users almost certainly don't care whether the underlying interface
is SNP or NII/UNDI. Try to minimise surprise and unnecessary
documentation by including the NII driver whenever the SNP driver is
requested.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Fri, 17 Oct 2014 15:50:45 +0000 (16:50 +0100)]
[efi] Check for presence of UNDI in NII protocol
iPXE itself exposes a dummy NII protocol with no UNDI. Avoid
potentially dereferencing a NULL pointer by checking for a non-zero
UNDI address.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Fri, 3 Oct 2014 12:17:22 +0000 (13:17 +0100)]
[efi] Add NII / UNDI driver
Some UEFI network drivers provide a software UNDI interface which is
exposed via the Network Interface Identifier Protocol (NII), rather
than providing a Simple Network Protocol (SNP).
The UEFI platform firmware will usually include the SnpDxe driver,
which attaches to NII and provides an SNP interface. The SNP
interface is usually provided on the same handle as the underlying NII
device. This causes problems for our EFI driver model: when
efi_driver_connect() detaches existing drivers from the handle it will
cause the SNP interface to be uninstalled, and so our SNP driver will
not be able to attach to the handle. The platform firmware will
eventually reattach the SnpDxe driver and may attach us to the SNP
handle, but we have no way to prevent other drivers from attaching
first.
Fix by providing a driver which can attach directly to the NII
protocol, using the software UNDI interface to drive the network
device.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 15 Oct 2014 13:45:17 +0000 (14:45 +0100)]
[efi] Update to current EDK2 headers
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Tue, 30 Sep 2014 17:06:13 +0000 (18:06 +0100)]
[efi] Generalise snpnet_dev_info() to efi_device_info()
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 16 Oct 2014 13:09:27 +0000 (14:09 +0100)]
[efi] Free transmit ring entry before calling netdev_tx_complete()
The snpnet driver uses netdev_tx_defer() and so must ensure that space
in the (single-entry) transmit descriptor ring is freed up before
calling netdev_tx_complete().
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Anton D. Kachalov [Tue, 30 Sep 2014 19:38:27 +0000 (23:38 +0400)]
[intel] Add 8086:1557 card (Intel 82599 10G ethernet mezz)
Signed-off-by: Anton D. Kachalov <mouse@yandex-team.ru>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 25 Sep 2014 12:16:44 +0000 (13:16 +0100)]
[efi] Add definitions of GUIDs observed when chainloading from Intel driver
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 25 Sep 2014 11:28:38 +0000 (12:28 +0100)]
[efi] Centralise definitions of more protocol GUIDs
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 24 Sep 2014 15:07:04 +0000 (16:07 +0100)]
[build] Use -malign-double to build 32-bit UEFI binaries
The EDK2 codebase uses -malign-double for 32-bit builds, which causes
64-bit integers to be naturally aligned. This affects the layout of
some structures (including EFI_BLOCK_IO_MEDIA).
This mirrors wimboot commit 7b8f39d ("[build] Fix building of 32-bit
UEFI version").
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 22 Sep 2014 15:41:10 +0000 (16:41 +0100)]
[dhcp] Remove obsolete dhcp_chaddr() function
As of commit 03f0c23 ("[ipoib] Expose Ethernet-compatible eIPoIB
link-layer addresses and headers"), all link layers have used
addresses which fit within the DHCP chaddr field. The dhcp_chaddr()
function was therefore made obsolete by this commit, but was
accidentally left present (though unused) in the source code.
Remove the dhcp_chaddr() function and the only remaining use of it,
unnecessarily introduced in commit 08bcc0f ("[dhcp] Check for matching
chaddr in received DHCP packets").
Reported-by: Wissam Shoukair <wissams@mellanox.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Mon, 22 Sep 2014 14:29:13 +0000 (15:29 +0100)]
[dhcp] Check for matching chaddr in received DHCP packets
On large networks a DHCP XID collision is possible. Fix by explicitly
checking the chaddr in received DHCP packets.
Originally-fixed-by: Wissam Shoukair <wissams@mellanox.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Fri, 19 Sep 2014 12:16:31 +0000 (13:16 +0100)]
[efi] Provide dummy device path in efi_image_probe()
Some UEFI platforms will fail the call to LoadImage() with
EFI_INVALID_PARAMETER if we do not provide a device path (even though
we are providing a non-NULL SourceBuffer).
Fix by providing an empty device path for the call to LoadImage() in
efi_image_probe().
The call to LoadImage() in efi_image_exec() already constructs and
provides a device path (based on the most recently opened SNP device),
and so does not require this fix.
Reported-by: NICOLAS CATTIE <nicolas.cattie@mpsa.com>
Tested-by: NICOLAS CATTIE <nicolas.cattie@mpsa.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Jan Kiszka [Mon, 15 Sep 2014 06:00:06 +0000 (08:00 +0200)]
[intel] Add I217-LM PCI ID
Add the ID for the LM variant and differentiate it from the I217-V.
Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 10 Sep 2014 01:58:50 +0000 (02:58 +0100)]
[efi] Add efifatbin utility
Add utility for constructing EFI fat binaries (dual 32/64-bit
binaries, usable only on Apple EFI systems).
This utility is not part of the standard build process. To use it:
make util/efifatbin bin-i386-efi/ipxe.efi bin-x86_64-efi/ipxe.efi
and then
./util/efifatbin bin-*-efi/ipxe.efi fat-ipxe.efi
Requested-by: Brandon Penglase <bpenglase-ipxe@spaceservices.net>
Tested-by: Brandon Penglase <bpenglase-ipxe@spaceservices.net>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 4 Sep 2014 15:46:59 +0000 (16:46 +0100)]
[build] Clean up all binary directories on "make [very]clean"
Allow a straightforward "make clean" or "make veryclean" to apply to
all binary directories (using the shell pattern "bin{,-*}").
Individual binary directories can be cleaned using e.g.
make bin clean
make bin-x86_64-efi clean
Reported-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 4 Sep 2014 15:18:08 +0000 (16:18 +0100)]
[efi] Allow for non-PCI snpnet devices
We currently require information about the underlying PCI device to
populate the snpnet device's name and description. If the underlying
device is not a PCI device, this will fail and prevent the device from
being registered.
Fix by falling back to populating the device description with
information based on the EFI handle, if no PCI device information is
available.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 4 Sep 2014 15:03:10 +0000 (16:03 +0100)]
[efi] Make EFI_PCI_ROOT_BRIDGE_IO_PROTOCOL optional
Some UEFI systems (observed with a Hyper-V virtual machine) do not
provide EFI_PCI_ROOT_BRIDGE_IO_PROTOCOL. Make this an optional
protocol (and fail any attempts to access PCI configuration space via
the root bridge if the protocol is missing).
Reported-by: Colin Blacker <Colin.Blacker@computerplanet.co.uk>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Thu, 4 Sep 2014 15:00:11 +0000 (16:00 +0100)]
[efi] Avoid returning uninitialised data from PCI configuration space reads
Under UEFI, reads from PCI configuration space may fail. If this
happens, we should return all-ones (which will mimic the behaviour of
an absent PCI device).
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown [Wed, 20 Aug 2014 12:15:00 +0000 (13:15 +0100)]
[efi] Use the SNP protocol instance to match the SNP chainloading device
Some systems will install a child of the SNP device and use this as
our loaded image's device handle, duplicating the installation of the
underlying SNP protocol onto the child device handle. On such
systems, we want to end up driving the parent device (and
disconnecting any other drivers, such as MNP, which may be attached to
the parent device).
Fix by recording the SNP protocol instance at initialisation time, and
using this to match against device handles (rather than simply
comparing the handles themselves).
Reported-by: Jarrod Johnson <jarrod.b.johnson@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>