git.qemu.org Git - ipxe.git/log

[libc] Rewrite strtoul()

The implementation of strtoul() has a partially unknown provenance.
Rewrite this code to avoid potential licensing uncertainty.

Since we now use -ffunction-sections, there is no need to place
strtoull() in a separate file from strtoul().

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[ipv4] Rewrite inet_aton()

The implementation of inet_aton() has an unknown provenance. Rewrite
this code to avoid potential licensing uncertainty.

Also move the code from core/misc.c to its logical home in net/ipv4.c,
and add a few extra test cases.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[legal] Add missing copyright header to net/ipv4.c

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[test] Add IPv4 self-tests

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[xhci] Abort commands on timeout

When a command times out, abort it (via the Command Abort bit in the
Command Ring Control Register) so that subsequent commands may execute
as expected.

This improves robustness when a device fails to respond to the Set
Address command, since the subsequent Disable Slot command will now
succeed.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[xhci] Leak memory if controller fails to disable slot

If the Disable Slot command fails then the hardware may continue to
write to the slot context. Leak the memory used by the slot context
to avoid future memory corruption.

This situation has been observed in practice when a Set Address
command fails, causing the command ring to become temporarily
unresponsive.

Note that there is no need to similarly leak memory on the failure
path in xhci_device_open(), since in the event of a failure the
hardware is never informed of the slot context address.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[timer] Rewrite the 8254 Programmable Interval Timer support

The 8254 timer code (used to implement udelay()) has an unknown
provenance. Rewrite this code to avoid potential licensing
uncertainty.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[ncm] Use generic USB network device framework

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[ecm] Use generic USB network device framework

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[usb] Add generic USB network device framework

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[libc] Reduce size of memset()

As with memcpy(), we can reduce the code size (by an average of 0.2%)
by giving the compiler more visibility into what memset() is doing,
and by avoiding the "rep" prefix on short fixed-length sequences of
string operations.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[test] Add constant-length memset() self-tests

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[test] Add self-tests for more string functions

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[libc] Rewrite string functions

Some of the C library string functions have an unknown provenance.
Reimplement all such functions to avoid potential licensing
uncertainty.

Remove the inline-assembler versions of strlen(), memswap(), and
strncmp(); these save a minimal amount of space (around 40 bytes in
total) and are not performance-critical.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[libc] Remove unused string functions

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[ncm] Use generic refill framework for bulk IN and interrupt endpoints

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[ecm] Use generic refill framework for bulk IN and interrupt endpoints

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[usb] Use generic refill framework for USB hub interrupt endpoints

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[usb] Provide generic framework for refilling receive endpoints

Provide a generic framework for allocating, refilling, and optionally
recycling I/O buffers used by bulk IN and interrupt endpoints.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[build] Apply the "-fno-PIE -nopie" workaround only to i386 builds

Hardened versions of gcc default to building position-independent
code, which breaks our i386 build. Our build process therefore
detects such platforms and automatically adds "-fno-PIE -nopie" to the
gcc command line.

On x86_64, we choose to build position-independent code (in order to
reduce the final binary size and, in particular, the number of
relocations required for UEFI binaries). The workaround therefore
breaks the build process for x86_64 binaries on such platforms.

Fix by moving the workaround to the i386-specific portion of the
Makefile.

Reported-by: Jan Kundrát <jkt@kde.org>
Debugged-by: Jan Kundrát <jkt@kde.org>
Debugged-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

[efi] Disallow R_X86_64_32 relocations

UEFI binaries may be relocated to any location within the 64-bit
address space. We compile as position-independent code with hidden
visibility, which should force all relocation records to be either
PC-relative (in which case no PE relocations are required) or full
64-bit relocations. There should be no R_X86_64_32 relocation
records, since that would imply an invalid assumption that code could
not be relocated above 4GB.

Remove support for R_X86_64_32 relocation records from util/elf2efi.c,
so that any such records result in a build failure rather than a
potential runtime failure.

Reported-by: Jan Kundrát <jkt@kde.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

[build] Sort objects in blib.a

When building hvmloader for Xen tools the iPXE objects are also linked
into the binary.  Unfortunately the linker will place them in the
order found in the archive.  Since this order is random the resulting
hvmloader binary differs when it was built from identical sources but
on different build hosts.  To help with creating a reproducible binary
the elements in blib.a must simply be sorted before passing them to
$(AR).

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

[usb] Handle port status changes received after failing to find a driver

Commit a60f2dd ("[usb] Try multiple USB device configurations")
changed the behaviour of register_usb() such that if no drivers are
found then the device will be closed and the memory used will be
freed.

If a port status change subsequently occurs while the device is still
physically attached, then usb_hotplug() will see this as a new device
having been attached, since there is no device recorded as being
currently attached to the port. This can lead to spurious hotplug
events (or even endless loops of hotplug events, if the process of
opening and closing the device happens to generate a port status
change).

Fix by using a separate flag to indicate that a device is physically
attached (even if we have no corresponding struct usb_device).

Reported-by: Dan Ellis <Dan.Ellis@displaylink.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

[rndis] Add rndis_rx_err()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[build] Allow product tag line to be customised via config/branding.h

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[build] Allow setting help text URI to be customised via config/branding.h

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[build] Allow command help text URI to be customised via config/branding.h

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[build] Allow error message URI to be customised via config/branding.h

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[build] Allow product URI to be customised via config/branding.h

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[build] Use PRODUCT_SHORT_NAME for end-user visible strings

Use PRODUCT_SHORT_NAME instead of a hardcoded "iPXE" for strings which
are typically shown in the user interface.

Note that this only allows for customisation of the user interface.
Where the "iPXE" string serves a technical purpose (such as in the
HTTP User-Agent), the string cannot be customised.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[build] Move branding information to config/branding.h

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[xhci] Delay after (possibly) forcing port link state to RxDetect

Some xHCI controllers (observed with a Renesas Electronics PCIe USB3
card) seem to require a delay after forcing the link state of USB3
ports to RxDetect. Omitting this delay causes strange behaviour
including system lockups.

Add an unconditional 20ms delay after writing the port link states.
This seems to be sufficient to avoid the problem.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[ecm] Add support for CDC-ECM USB Ethernet devices

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[usb] Allow usb_stream() to enforce a terminating short packet

Some USB endpoints require that a short packet be used to terminate
transfers, since they have no other way to determine message
boundaries. If the message length happens to be an exact multiple of
the USB packet size, then this requires the use of an additional
zero-length packet.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[usb] Parse endpoint descriptor bInterval field

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[usb] Handle CDC union functional descriptors

USB Communications Device Class devices may use a union functional
descriptor to group several interfaces into a function.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[usb] Try multiple USB device configurations

Iterate over a USB device's available configurations until we find one
for which we have working drivers.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[ncm] Reserve headroom in received packets

Some protocols (such as ARP) may modify the received packet and re-use
the same I/O buffer for transmission of a reply. To allow this,
reserve sufficient headroom at the start of each received packet
buffer for our transmit datapath headers.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[pxe] Maintain a queue for received PXE UDP packets

Some devices return multiple packets in a single poll. Handle such
devices gracefully by enqueueing received PXE UDP packets (along with
a pseudo-header to hold the IPv4 addresses and port numbers) and
dequeueing them on subsequent calls to PXENV_UDP_READ.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[pxe] Use tftp_uri() to construct PXE TFTP URIs

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[uri] Allow tftp_uri() to construct a URI with a custom port

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[tftp] Explicitly abort connection whenever parent interface is closed

Fetching the TFTP file size is currently implemented via a custom
"tftpsize://" protocol hack. Generalise this approach to instead
close the TFTP connection whenever the parent data-transfer interface
is closed.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[ncm] Use large multi-packet buffers by default

Some devices have a very small number of internal buffers, and rely on
being able to pack multiple packets into each buffer.  Using 2048-byte
buffers on such devices produces throughput of around 100Mbps.  Using
a small number of much larger buffers (e.g. 32kB) increases the
throughput to around 780Mbps.  (The full 1Gbps is not reached because
the high RTT induced by the use of multi-packet buffers causes us to
saturate our 256kB TCP window.)

Since allocation of large buffers is very likely to fail, allocate the
buffer set only once when the device is opened and recycle buffers
immediately after use.  Received data is now always copied to
per-packet buffers.

If allocation of large buffers fails, fall back to allocating a larger
number of smaller buffers.  This will give reduced performance, but
the device will at least still be functional.

Share code between the interrupt and bulk IN endpoint handlers, since
the buffer handling is now very similar.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[usb] Report xHCI host controller events

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[ncm] Add support for CDC-NCM USB Ethernet devices

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[usb] Add support for xHCI host controllers

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[usb] Add basic support for USB hubs

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[usb] Add basic support for USB devices

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[romprefix] Ensure UNDI loader can be included by all ROM types

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[pci] Allow drivers to specify a PCI class

Allow drivers to specify a supported PCI class code. To save space in
the final binary, make this an attribute of the driver rather than an
attribute of a PCI device ID list entry.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[build] Include Hyper-V driver in the all-drivers build

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[hyperv] Require support for VMBus version 3.0 or newer

We require the ability to disconnect from and reconnect to VMBus; if
we don't have this then there is no (viable) way for a loaded
operating system to continue to use any VMBus devices. (There is also
a small but non-zero risk that the host will continue to write to our
interrupt and monitor pages, since the VMBUS_UNLOAD message in earlier
versions is essentially a no-op.)

This requires us to ensure that the host supports protocol version 3.0
(VMBUS_VERSION_WIN8_1). However, we can't actually _use_ protocol
version 3.0, since doing so causes an iSCSI-booted Windows Server 2012
R2 VM to crash due to a NULL pointer dereference in vmbus.sys.

To work around this problem, we first ensure that we can connect using
protocol v3.0, then disconnect and reconnect using the oldest known
protocol.

This deliberately prevents the use of the iPXE native Hyper-V drivers
on older versions of Hyper-V, where we could use our drivers but in so
doing would break the loaded operating system.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[hyperv] Tidy up debug output

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[rndis] Ignore start-of-day RNDIS_INDICATE_STATUS_MSG with status 0x40020006

Windows Server 2012 R2 generates an RNDIS_INDICATE_STATUS_MSG with a
status code of 0x4002006. This status code does not appear to be
documented anywhere within the sphere of human knowledge.

Explicitly ignore this status code in order to avoid unnecessarily
cluttering the display when RNDIS debugging is enabled.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[hyperv] Assume that VMBus xfer page ranges correspond to RNDIS messages

The (undocumented) VMBus protocol seems to allow for transfer
page-based packets where the data payload is split into an arbitrary
set of ranges within the transfer page set.

The RNDIS protocol includes a length field within the header of each
message, and it is known from observation that multiple RNDIS messages
can be concatenated into a single VMBus message.

iPXE currently assumes that the transfer page range boundaries are
entirely arbitrary, and uses the RNDIS header length to determine the
RNDIS message boundaries.

Windows Server 2012 R2 generates an RNDIS_INDICATE_STATUS_MSG for an
undocumented and unknown status code (0x40020006) with a malformed
RNDIS header length: the length does not cover the StatusBuffer
portion of the message. This causes iPXE to report a malformed RNDIS
message and to discard any further RNDIS messages within the same
VMBus message.

The Linux Hyper-V driver assumes that the transfer page range
boundaries correspond to RNDIS message boundaries, and so does not
notice the malformed length field in the RNDIS header.

Match the behaviour of the Linux Hyper-V driver: assume that the
transfer page range boundaries correspond to the RNDIS message
boundaries and ignore the RNDIS header length. This avoids triggering
the "malformed packet" error and also avoids unnecessary data copying:
since we now have one I/O buffer per RNDIS message, there is no longer
any need to use iob_split().

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[hyperv] Increase TX ring size

Empirical observation suggests that 32 is a sensible size to minimise
the number of deferred packet transmissions without overflowing the
VMBus transmit ring buffer.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[hyperv] Receive all VMBus messages in a poll

Allow for elision of transmitted TCP ACKs by handling all received
VMBus messages in each network device poll operation.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[rndis] Clear receive filter when closing the device

On Windows Server 2012 R2, closing and reopening the device will
sometimes result in a non-functional RX datapath. The root cause is
unknown. Clearing the receive filter before closing the device seems
to fix the problem.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[hyperv] Tear down NetVSC RX buffer GPADL after closing VMBus device

On Windows Server 2012 R2, the receive buffer teardown completion
message seems to occasionally be deferred until after the VMBus
channel has been closed. This happens even if there are no packets
currently in the receive buffer.

Work around this problem by separating the revocation and teardown of
the receive buffer, and deferring the teardown until after the VMBus
channel has been closed.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[rndis] Send RNDIS_HALT_MSG

The RNDIS specification requires that we send RNDIS_HALT_MSG.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[rndis] Send RNDIS_INITIALISE_MSG

The Hyper-V RNDIS implementation on Windows Server 2012 R2 requires
that we send an explicit RNDIS initialisation message in order to get
a working RX datapath.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[hyperv] Add support for NetVSC paravirtual network devices

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[hyperv] Add support for VMBus devices

Add support for an abstraction of a VMBus device.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[hyperv] Add support for Hyper-V hypervisor

Add support for detecting and communicating with the Hyper-V
hypervisor.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[rndis] Add generic RNDIS device abstraction

RNDIS provides an abstraction of a network device on top of a generic
packet transmission mechanism.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[iobuf] Add iob_split() to split an I/O buffer into portions

RNDIS devices may provide multiple packets encapsulated into a single
message. Provide an API to allow the RNDIS driver to split an I/O
buffer into smaller portions.

The current implementation will always copy the underlying data,
rather than splitting the buffer in situ.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[device] Provide a driver-private data field for root devices

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[malloc] Report caller address as soon as memory corruption is detected

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[malloc] Check integrity of free list

Check the integrity of the free memory block list before and after any
modifications to the list. We check that certain invariants are
preserved:

- the list is a well-formed doubly linked list

- all blocks are at least MIN_MEMBLOCK_SIZE

- no block extends beyond the end of our address space

- blocks remain sorted in ascending order of address

- no blocks are adjacent (i.e. any adjacent blocks have been merged)

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[malloc] Sanity check parameters to alloc_memblock() and free_memblock()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[malloc] Tidy up debug output

Colourise debug output and move per-allocation messages to DBGLVL_EXTRA.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[list] Add sanity checks after list-adding functions

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[libc] Add ASSERTED macro to test if any assertion has triggered

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[netdevice] Fix erroneous use of free(iobuf) instead of free_iob(iobuf)

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[vmxnet3] Add profiling code to exclude time spent in the hypervisor

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[crypto] Fix parsing of OCSP responder ID key hash

We currently compare the entirety of the KeyHash object (including the
ASN.1 tag and length byte) against the raw SHA-1 hash of the
certificate's public key. This causes OCSP validation to fail for any
responses which identify the responder by key hash rather than by
name, and hence prevents the use of X.509 certificates where any
certificate in the chain has an OCSP responder which chooses to
identify itself via its key hash.

Fix by adding the missing asn1_enter() required to enter the ASN.1
octet string containing the key hash.

Also add a corresponding test case including an OCSP response where
the responder is identified by key hash, to ensure that this
functionality cannot be broken in future.

Debugged-by: Brian Rak <brak@gameservers.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

[intel] Use autoloaded MAC address instead of EEPROM MAC address

The i350 (and possibly other Intel NICs) have a non-trivial
correspondence between the PCI function number and the external
physical port number. For example, the i350 has a "LAN Function Sel"
bit within the EEPROM which can invert the mapping so that function 0
becomes port 3, function 1 becomes port 2, etc.

Unfortunately the MAC addresses within the EEPROM are indexed by
physical port number rather than PCI function number. The end result
is that when anything other than the default mapping is used, iPXE
will use the wrong address as the base MAC address.

Fix by using the autoloaded MAC address if it is valid, and falling
back to reading the MAC address directly from the EEPROM only if no
autoloaded address is available.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[ping] Allow "ping" command output to be inhibited

Originally-implemented-by: Cedric Levasseur <cyr-ius@ipocus.net>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

[ping] Allow termination after a specified number of packets

Add the "-c <count>" option to the "ping" command, allowing for
automatic termination after a specified number of packets.

When a number of packets is specified:

  - if a serious error (i.e. length mismatch or content mismatch)
    occurs, then the ping will be immediately terminated with the relevant
    status code;

  - if at least one response is received successfully, and all errors
    are non-serious (i.e. timeouts or out-of-sequence responses), then
    the ping will be terminated after the final response (or timeout)
    with a success status;

  - if no responses are received successfully, then the ping will be
    terminated after the final timeout with ETIMEDOUT.

If no number of packets is specified, then the ping will continue
until manually interrupted.

Originally-implemented-by: Cedric Levasseur <cyr-ius@ipocus.net>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

[ping] Report timed-out pings via the callback function

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[efi] Include NII driver within "snp" and "snponly" build targets

End users almost certainly don't care whether the underlying interface
is SNP or NII/UNDI. Try to minimise surprise and unnecessary
documentation by including the NII driver whenever the SNP driver is
requested.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[efi] Check for presence of UNDI in NII protocol

iPXE itself exposes a dummy NII protocol with no UNDI. Avoid
potentially dereferencing a NULL pointer by checking for a non-zero
UNDI address.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[efi] Add NII / UNDI driver

Some UEFI network drivers provide a software UNDI interface which is
exposed via the Network Interface Identifier Protocol (NII), rather
than providing a Simple Network Protocol (SNP).

The UEFI platform firmware will usually include the SnpDxe driver,
which attaches to NII and provides an SNP interface.  The SNP
interface is usually provided on the same handle as the underlying NII
device.  This causes problems for our EFI driver model: when
efi_driver_connect() detaches existing drivers from the handle it will
cause the SNP interface to be uninstalled, and so our SNP driver will
not be able to attach to the handle.  The platform firmware will
eventually reattach the SnpDxe driver and may attach us to the SNP
handle, but we have no way to prevent other drivers from attaching
first.

Fix by providing a driver which can attach directly to the NII
protocol, using the software UNDI interface to drive the network
device.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[efi] Update to current EDK2 headers

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[efi] Generalise snpnet_dev_info() to efi_device_info()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[efi] Free transmit ring entry before calling netdev_tx_complete()

The snpnet driver uses netdev_tx_defer() and so must ensure that space
in the (single-entry) transmit descriptor ring is freed up before
calling netdev_tx_complete().

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[intel] Add 8086:1557 card (Intel 82599 10G ethernet mezz)

Signed-off-by: Anton D. Kachalov <mouse@yandex-team.ru>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

[efi] Add definitions of GUIDs observed when chainloading from Intel driver

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[efi] Centralise definitions of more protocol GUIDs

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[build] Use -malign-double to build 32-bit UEFI binaries

The EDK2 codebase uses -malign-double for 32-bit builds, which causes
64-bit integers to be naturally aligned. This affects the layout of
some structures (including EFI_BLOCK_IO_MEDIA).

This mirrors wimboot commit 7b8f39d ("[build] Fix building of 32-bit
UEFI version").

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[dhcp] Remove obsolete dhcp_chaddr() function

As of commit 03f0c23 ("[ipoib] Expose Ethernet-compatible eIPoIB
link-layer addresses and headers"), all link layers have used
addresses which fit within the DHCP chaddr field. The dhcp_chaddr()
function was therefore made obsolete by this commit, but was
accidentally left present (though unused) in the source code.

Remove the dhcp_chaddr() function and the only remaining use of it,
unnecessarily introduced in commit 08bcc0f ("[dhcp] Check for matching
chaddr in received DHCP packets").

Reported-by: Wissam Shoukair <wissams@mellanox.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

[dhcp] Check for matching chaddr in received DHCP packets

On large networks a DHCP XID collision is possible. Fix by explicitly
checking the chaddr in received DHCP packets.

Originally-fixed-by: Wissam Shoukair <wissams@mellanox.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

[efi] Provide dummy device path in efi_image_probe()

Some UEFI platforms will fail the call to LoadImage() with
EFI_INVALID_PARAMETER if we do not provide a device path (even though
we are providing a non-NULL SourceBuffer).

Fix by providing an empty device path for the call to LoadImage() in
efi_image_probe().

The call to LoadImage() in efi_image_exec() already constructs and
provides a device path (based on the most recently opened SNP device),
and so does not require this fix.

Reported-by: NICOLAS CATTIE <nicolas.cattie@mpsa.com>
Tested-by: NICOLAS CATTIE <nicolas.cattie@mpsa.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

[intel] Add I217-LM PCI ID

Add the ID for the LM variant and differentiate it from the I217-V.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

[efi] Add efifatbin utility

Add utility for constructing EFI fat binaries (dual 32/64-bit
binaries, usable only on Apple EFI systems).

This utility is not part of the standard build process.  To use it:

  make util/efifatbin bin-i386-efi/ipxe.efi bin-x86_64-efi/ipxe.efi

and then

  ./util/efifatbin bin-*-efi/ipxe.efi fat-ipxe.efi

Requested-by: Brandon Penglase <bpenglase-ipxe@spaceservices.net>
Tested-by: Brandon Penglase <bpenglase-ipxe@spaceservices.net>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

[build] Clean up all binary directories on "make [very]clean"

Allow a straightforward "make clean" or "make veryclean" to apply to
all binary directories (using the shell pattern "bin{,-*}").
Individual binary directories can be cleaned using e.g.

make bin clean
make bin-x86_64-efi clean

Reported-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

[efi] Allow for non-PCI snpnet devices

We currently require information about the underlying PCI device to
populate the snpnet device's name and description. If the underlying
device is not a PCI device, this will fail and prevent the device from
being registered.

Fix by falling back to populating the device description with
information based on the EFI handle, if no PCI device information is
available.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[efi] Make EFI_PCI_ROOT_BRIDGE_IO_PROTOCOL optional

Some UEFI systems (observed with a Hyper-V virtual machine) do not
provide EFI_PCI_ROOT_BRIDGE_IO_PROTOCOL. Make this an optional
protocol (and fail any attempts to access PCI configuration space via
the root bridge if the protocol is missing).

Reported-by: Colin Blacker <Colin.Blacker@computerplanet.co.uk>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

[efi] Avoid returning uninitialised data from PCI configuration space reads

Under UEFI, reads from PCI configuration space may fail. If this
happens, we should return all-ones (which will mimic the behaviour of
an absent PCI device).

Signed-off-by: Michael Brown <mcb30@ipxe.org>

[efi] Use the SNP protocol instance to match the SNP chainloading device

Some systems will install a child of the SNP device and use this as
our loaded image's device handle, duplicating the installation of the
underlying SNP protocol onto the child device handle. On such
systems, we want to end up driving the parent device (and
disconnecting any other drivers, such as MNP, which may be attached to
the parent device).

Fix by recording the SNP protocol instance at initialisation time, and
using this to match against device handles (rather than simply
comparing the handles themselves).

Reported-by: Jarrod Johnson <jarrod.b.johnson@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>