iPXE - Open Source Boot Firmware

people/budrys/ipxe.git
7 years ago[test] Add self-tests for crc32_le() master
Michael Brown [Mon, 7 May 2012 15:56:17 +0000 (16:56 +0100)] 
[test] Add self-tests for crc32_le()

Add self-tests for crc32_le() using test vectors generated with Perl's
Digest::CRC.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[test] Fix compiler warning on older gcc versions
Michael Brown [Fri, 4 May 2012 17:46:26 +0000 (18:46 +0100)] 
[test] Fix compiler warning on older gcc versions

Reported-by: Alex Davies <alex@davz.net>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Allow certificate chains to be long-lived data structures
Michael Brown [Fri, 4 May 2012 16:12:32 +0000 (17:12 +0100)] 
[crypto] Allow certificate chains to be long-lived data structures

At present, certificate chain validation is treated as an
instantaneous process that can be carried out using only data that is
already in memory.  This model does not allow for validation to
include non-instantaneous steps, such as downloading a cross-signing
certificate, or determining certificate revocation status via OCSP.

Redesign the internal representation of certificate chains to allow
chains to outlive the scope of the original source of certificates
(such as a TLS Certificate record).

Allow for certificates to be cached, so that each certificate needs to
be validated only once.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[time] Add Linux time source using gettimeofday()
Michael Brown [Fri, 4 May 2012 16:53:23 +0000 (17:53 +0100)] 
[time] Add Linux time source using gettimeofday()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[malloc] Allow Valgrind to be used when all assertions are enabled
Michael Brown [Fri, 4 May 2012 16:12:49 +0000 (17:12 +0100)] 
[malloc] Allow Valgrind to be used when all assertions are enabled

The free-memory-block traversal code triggers multiple warnings from
Valgrind when assertions are enabled, since the list consistency
checks performed by list_check() end up accessing areas that have been
marked as inaccessible.

Fix by ensuring that any memory areas that will be accessed by
list_check() are marked as defined when necessary.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Fix memory leak in cms_verify_digest()
Michael Brown [Fri, 4 May 2012 14:32:20 +0000 (15:32 +0100)] 
[crypto] Fix memory leak in cms_verify_digest()

Detected using Valgrind.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Parse OCSP responder URI from X.509 certificate
Michael Brown [Mon, 30 Apr 2012 00:49:01 +0000 (01:49 +0100)] 
[crypto] Parse OCSP responder URI from X.509 certificate

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[list] Add list_for_each_entry_continue() and _continue_reverse()
Michael Brown [Fri, 4 May 2012 14:12:22 +0000 (15:12 +0100)] 
[list] Add list_for_each_entry_continue() and _continue_reverse()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[test] Fix memory leak in settings self-tests
Michael Brown [Thu, 3 May 2012 14:24:01 +0000 (15:24 +0100)] 
[test] Fix memory leak in settings self-tests

Detected using Valgrind.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[malloc] Discard all cached data on shutdown
Michael Brown [Mon, 30 Apr 2012 19:33:23 +0000 (20:33 +0100)] 
[malloc] Discard all cached data on shutdown

Allow detection of genuine memory leaks by ensuring that all cached
data is freed on shutdown.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[menu] Add "--default" option to "choose" command
Michael Brown [Sat, 28 Apr 2012 22:18:55 +0000 (23:18 +0100)] 
[menu] Add "--default" option to "choose" command

Suggested-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[realtek] Support RTL8139 cards within generic Realtek driver
Michael Brown [Sat, 28 Apr 2012 14:47:46 +0000 (15:47 +0100)] 
[realtek] Support RTL8139 cards within generic Realtek driver

RTL8139C+ cards use essentially the same datapath as RTL8169, which is
zerocopy and 64-bit capable.  Older RTL8139 cards use a single receive
ring buffer rather than a descriptor ring, but still share substantial
amounts of functionality with RTL8169.

Include support for RTL8139 cards within the generic Realtek driver,
since there is no way to differentiate between RTL8139 and RTL8139C+
cards based on the PCI IDs alone.

Many thanks to all the people who worked on the rtl8139 driver over
the years.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[http] Fix typo in memory allocation
Kevin Tran [Fri, 27 Apr 2012 20:07:12 +0000 (21:07 +0100)] 
[http] Fix typo in memory allocation

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[myson] Replace driver for Myson Technology NICs
Michael Brown [Thu, 26 Apr 2012 21:10:54 +0000 (22:10 +0100)] 
[myson] Replace driver for Myson Technology NICs

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[natsemi] Fix test for addresses below 4GB
Michael Brown [Fri, 27 Apr 2012 00:18:19 +0000 (01:18 +0100)] 
[natsemi] Fix test for addresses below 4GB

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[natsemi] Replace driver for National Semicondutor NICs
Michael Brown [Tue, 24 Apr 2012 20:48:48 +0000 (21:48 +0100)] 
[natsemi] Replace driver for National Semicondutor NICs

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Do not allow build-time cryptography settings to be overridden
Michael Brown [Tue, 24 Apr 2012 15:10:22 +0000 (16:10 +0100)] 
[crypto] Do not allow build-time cryptography settings to be overridden

If a root certificate has been explicitly specified at build time
using TRUST=/path/to/cert then do not allow this to be overridden even
from a trustworthy settings source (such as VMware GuestInfo).

Similarly, if a client certificate (and private key) has been
explicitly specified at build time, then do not allow it to be
overridden at runtime.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Allow client certificate to be changed without a rebuild
Michael Brown [Tue, 24 Apr 2012 12:17:29 +0000 (13:17 +0100)] 
[crypto] Allow client certificate to be changed without a rebuild

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[build] Use $(xxx_DEPS) for additional dependency information
Michael Brown [Tue, 24 Apr 2012 12:11:21 +0000 (13:11 +0100)] 
[build] Use $(xxx_DEPS) for additional dependency information

Some objects (embedded.o, rootcert.o, and clientcert.o) define
additional dependencies on external files, using syntax such as:

    $(BIN)/clientcert.o : $(CERT_LIST)

This dependency can be missed when using debug builds.  For example,
if DEBUG=clientcert is used, then the relevant object is
$(BIN)/clientcert.dbg1.o rather than $(BIN)/clientcert.o.

Fix by adding dependencies to $(clientcert_DEPS) instead:

    clientcert_DEPS += $(CERT_LIST)

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[util] Remove obsolete Makefile rule for util/prototester.c
Marin Hannache [Thu, 12 Apr 2012 21:14:46 +0000 (23:14 +0200)] 
[util] Remove obsolete Makefile rule for util/prototester.c

util/prototester.c was removed in commit a6d1815 ("Obsolete for some
time now") back in 2006.

Signed-off-by: Marin Hannache <mareo@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[image] Remove non-working image loaders
Marin Hannache [Thu, 12 Apr 2012 21:14:08 +0000 (23:14 +0200)] 
[image] Remove non-working image loaders

The WinCE, a.out and FreeBSD loaders are designed to be #included by
core/loader.c, which no longer exists.  These old loaders are not
usable anymore and cause compilation failures when enabled in
config/general.h.

Signed-off-by: Marin Hannache <mareo@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[intel] Replace driver for Intel Gigabit NICs
Michael Brown [Mon, 23 Apr 2012 22:29:18 +0000 (23:29 +0100)] 
[intel] Replace driver for Intel Gigabit NICs

Tested-by: Robin Smidsrød <robin@smidsrod.no>
Tested-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[http] Avoid using stack-allocated memory in http_step()
Michael Brown [Mon, 23 Apr 2012 22:26:29 +0000 (23:26 +0100)] 
[http] Avoid using stack-allocated memory in http_step()

http_step() allocates a potentially large block of storage (since the
URI can be arbitrarily long), and can be invoked as part of an already
deep call stack via xfer_window_changed().

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[script] Avoid using stack-allocated memory in process_line()
Michael Brown [Mon, 23 Apr 2012 21:42:10 +0000 (22:42 +0100)] 
[script] Avoid using stack-allocated memory in process_line()

Script lines can be arbitrarily long; allocate on the heap rather than
on the stack.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[xfer] Avoid using stack-allocated memory in xfer_printf()
Michael Brown [Mon, 23 Apr 2012 19:17:24 +0000 (20:17 +0100)] 
[xfer] Avoid using stack-allocated memory in xfer_printf()

xfer_printf() occasionally has to deal with strings that are
potentially long, such as HTTP URIs with multiple query parameters.
Allocating these on the stack can lead to stack overruns and memory
corruption.

Fix by using vasprintf() instead of a stack allocation.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[realtek] Update link state when device is opened
Michael Brown [Mon, 23 Apr 2012 09:47:11 +0000 (10:47 +0100)] 
[realtek] Update link state when device is opened

The link state is currently set at probe time, and updated only when
the device is polled.  This results in the user seeing a misleading
stale "Link: down" message, if autonegotiation did not complete within
the short timespan of the probe routine.

Fix by updating the link state when the device is opened, so that the
message that ends up being displayed to the user reflects the real
link state at device open time.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[netdevice] Allow network device to update link state before checking
Michael Brown [Sat, 21 Apr 2012 15:25:55 +0000 (16:25 +0100)] 
[netdevice] Allow network device to update link state before checking

If the network interface has only just been opened (e.g. by the "dhcp"
command) then we should allow at least one opportunity for the card to
update the link state before testing it, to avoid false positives.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[skel] Add skeleton network driver
Michael Brown [Fri, 20 Apr 2012 22:41:00 +0000 (23:41 +0100)] 
[skel] Add skeleton network driver

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[efi] Fix compiler warning in elf2efi.c
Michael Brown [Sat, 21 Apr 2012 07:02:15 +0000 (08:02 +0100)] 
[efi] Fix compiler warning in elf2efi.c

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[efi] Update link state in SNP device mode data
Michael Brown [Thu, 19 Apr 2012 21:52:09 +0000 (22:52 +0100)] 
[efi] Update link state in SNP device mode data

There is no explicit SNP API call to determine link state; the SNP
interface user may check the MediaPresent field within the mode data
at any time.

Update the MediaPresent field whenever the link state changes.

Reported-by: Michael R Turner <mikeyt@us.ibm.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Allow trusted root certificate to be changed without a rebuild
Michael Brown [Thu, 19 Apr 2012 13:52:07 +0000 (14:52 +0100)] 
[crypto] Allow trusted root certificate to be changed without a rebuild

Changing the trusted root certificate currently requires a rebuild of
the iPXE binary, which may be inconvenient or impractical.

Allow the list of trusted root certificate fingerprints to be
overridden using the "trust" setting, but only at the point of iPXE
initialisation.  This prevents untrusted sources of settings
(e.g. DHCP) from subverting the chain of trust, while allowing
trustworthy sources to change the trusted root certificate without
requiring a rebuild.

The basic idea is that if you are able to manipulate a trustworthy
source of settings (e.g. VMware GuestInfo or non-volatile stored
options), then you would be able to replace the iPXE binary anyway,
and so no security is lost by allowing such sources to override the
list of trusted root certificates.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[settings] Add fetch_setting_copy()
Michael Brown [Thu, 19 Apr 2012 15:09:31 +0000 (16:09 +0100)] 
[settings] Add fetch_setting_copy()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[multiboot] Place multiboot modules low in memory
Michael Brown [Sun, 15 Apr 2012 00:35:39 +0000 (01:35 +0100)] 
[multiboot] Place multiboot modules low in memory

Solaris assumes that there is enough space above the Multiboot modules
to use as a decompression and scratch area.  This assumption is
invalid when using iPXE, which places the Multiboot modules near the
top of (32-bit) memory.

Fix by copying the modules to an area of memory immediately following
the loaded kernel.

Debugged-by: Michael Brown <mcb30@ipxe.org>
Debugged-by: Scott McWhirter <scottm@joyent.com>
Tested-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[realtek] Replace driver for Realtek Gigabit NICs
Michael Brown [Tue, 17 Apr 2012 20:35:40 +0000 (21:35 +0100)] 
[realtek] Replace driver for Realtek Gigabit NICs

Tested-by: Thomas Miletich <thomas.miletich@gmail.com>
Debugged-by: Thomas Miletich <thomas.miletich@gmail.com>
Tested-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[mii] Add generic MII reset function
Michael Brown [Wed, 18 Apr 2012 15:30:11 +0000 (16:30 +0100)] 
[mii] Add generic MII reset function

iPXE provides no support for manually configuring the link speed.
Provide a generic routine which should be able to reset any MII/GMII
PHY and enable autonegotiation.

Prototyped-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[mii] Synchronise constants with current Linux include/linux/mii.h
Michael Brown [Wed, 18 Apr 2012 14:42:55 +0000 (15:42 +0100)] 
[mii] Synchronise constants with current Linux include/linux/mii.h

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[mii] Remove unused functionality
Michael Brown [Wed, 18 Apr 2012 14:29:48 +0000 (15:29 +0100)] 
[mii] Remove unused functionality

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[util] Add utility to generate list of supported network cards
Robin Smidsrød [Wed, 11 Apr 2012 20:26:04 +0000 (22:26 +0200)] 
[util] Add utility to generate list of supported network cards

niclist.pl recursively scans specified source folders and builds a
list of supported NICs by looking for ISA_ROM and PCI_ROM lines and
outputs the list in text, CSV, JSON, HTML or DokuWiki format.  Sorting
and column selection is possible.

The pci-utils pci.ids file is fetched from SourceForge once a day to
also output the "official" vendor/device names associated with the PCI
device.

Signed-off-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[vmware] Allow settings to be specified in the VMware .vmx file
Michael Brown [Thu, 1 Mar 2012 15:58:08 +0000 (15:58 +0000)] 
[vmware] Allow settings to be specified in the VMware .vmx file

Allow iPXE settings to be specified in the .vmx file via the VMware
GuestInfo mechanism.  For example:

    guestinfo.ipxe.filename = "http://boot.ipxe.org/demo/boot.php"
    guestinfo.ipxe.dns = "192.168.0.1"
    guestinfo.ipxe.net0.ip = "192.168.0.15"
    guestinfo.ipxe.net0.netmask = "255.255.255.0"
    guestinfo.ipxe.net0.gateway = "192.168.0.1"

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[tftp] Allow builds without TFTP support
Michael Brown [Tue, 17 Apr 2012 10:50:11 +0000 (11:50 +0100)] 
[tftp] Allow builds without TFTP support

Allow TFTP to be configured out by moving the next-server setting
definition (which is used by autoboot.c) from tftp.c to settings.c.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[settings] Split fetching and storing out of setting type handlers
Michael Brown [Mon, 16 Apr 2012 20:47:35 +0000 (21:47 +0100)] 
[settings] Split fetching and storing out of setting type handlers

Refactor setting type handlers to parse and format values, rather than
storing and fetching formatted values.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[test] Add self-tests for setting types
Michael Brown [Tue, 17 Apr 2012 09:38:30 +0000 (10:38 +0100)] 
[test] Add self-tests for setting types

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[libc] Allow strtoul() to interpret negative numbers
Michael Brown [Tue, 17 Apr 2012 09:15:29 +0000 (10:15 +0100)] 
[libc] Allow strtoul() to interpret negative numbers

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[multiboot] Include full image URI in command line
Michael Brown [Sat, 14 Apr 2012 23:15:41 +0000 (00:15 +0100)] 
[multiboot] Include full image URI in command line

Solaris kernels seem to rely on having the full kernel path present in
the multiboot command line; if only the kernel name is present then
the boot fails with the error message

  krtld: failed to open 'unix'

Debugged-by: Michael Brown <mcb30@ipxe.org>
Debugged-by: Scott McWhirter <scottm@joyent.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[linux] Fix a build error on some platforms
Marin Mareo Hannache [Sun, 1 Apr 2012 17:25:56 +0000 (19:25 +0200)] 
[linux] Fix a build error on some platforms

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[tftp] Remove configuration option for tftm
Marin Mareo Hannache [Sun, 1 Apr 2012 15:30:43 +0000 (17:30 +0200)] 
[tftp] Remove configuration option for tftm

DOWNLOAD_PROTO_TFTM is now useless as tftm support has been merged
into tftp.c.  DOWNLOAD_PROTO_TFTP should be used instead.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[build] Enable warnings when building utilities
Michael Brown [Tue, 10 Apr 2012 18:38:54 +0000 (19:38 +0100)] 
[build] Enable warnings when building utilities

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[igbvf] Add i350 virtual function support
Erik Jacobson [Thu, 5 Apr 2012 16:31:57 +0000 (11:31 -0500)] 
[igbvf] Add i350 virtual function support

Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[e1000e] Basic 82579 support
Daniel Hokka Zakrisson [Fri, 6 Apr 2012 08:13:04 +0000 (10:13 +0200)] 
[e1000e] Basic 82579 support

Add support for 82579-based chips such as those found on Sandy Bridge
motherboards.  Based on d3738bb8203acf8552c3ec8b3447133fc0938ddd in
Linux.

Signed-off-by: Daniel Hokka Zakrisson <daniel@hozac.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[tls] Fix wrong memset in function tls_clear_cipher
Stefan Weil [Wed, 4 Apr 2012 16:16:01 +0000 (18:16 +0200)] 
[tls] Fix wrong memset in function tls_clear_cipher

sizeof(cipherspec) is obviously wrong in this context, because it will
only zero the first 4 or 8 bytes (cipherspec is a pointer).

This problem was reported by cppcheck.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Fix wrong setup in function aes_wrap
Stefan Weil [Wed, 4 Apr 2012 16:16:00 +0000 (18:16 +0200)] 
[crypto] Fix wrong setup in function aes_wrap

Use explicit size in memset because 8 bytes must be set always.

This problem was reported by cppcheck.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[int13] Fix compilation on some versions of gcc
Michael Brown [Tue, 10 Apr 2012 11:55:54 +0000 (12:55 +0100)] 
[int13] Fix compilation on some versions of gcc

Using __from_text16() and __from_data16() in inline asm constraints
sometimes defeats gcc's ability to simplify expressions down to
compile-time constants.

Reported-by: Jason Kohles <jkohles@palantir.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[syslog] Add basic support for encrypted syslog via TLS
Michael Brown [Tue, 10 Apr 2012 10:54:31 +0000 (11:54 +0100)] 
[syslog] Add basic support for encrypted syslog via TLS

Encrypted syslog seems not yet to be standardised, but is supported by
some existing syslog servers.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[elf] Avoid attempting to load 64-bit ELF binaries
Michael Brown [Mon, 9 Apr 2012 14:15:05 +0000 (15:15 +0100)] 
[elf] Avoid attempting to load 64-bit ELF binaries

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[image] Fix use-after-free in debug messages
Michael Brown [Fri, 30 Mar 2012 19:50:25 +0000 (20:50 +0100)] 
[image] Fix use-after-free in debug messages

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[menu] Fix default selection when default is item 0
Michael Brown [Fri, 30 Mar 2012 16:57:52 +0000 (17:57 +0100)] 
[menu] Fix default selection when default is item 0

Reported-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[int13] Add support for emulating floppy disk drives
Michael Brown [Fri, 30 Mar 2012 11:05:13 +0000 (12:05 +0100)] 
[int13] Add support for emulating floppy disk drives

Tested-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[comboot] Remove COMBOOT image support by default
Michael Brown [Thu, 29 Mar 2012 00:24:31 +0000 (01:24 +0100)] 
[comboot] Remove COMBOOT image support by default

iPXE's support for COMBOOT images is now quite outdated; it has not
kept up to date with changes in the COMBOOT API.  The primary use for
COMBOOT seems to be for menuing support.  Now that we have native iPXE
script-based menus, COMBOOT support can be gracefully retired (with
immense thanks to Daniel Verkamp for having successfully implemented
such an ambitious feature many years ago).

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[menu] Add menu commands
Michael Brown [Wed, 28 Mar 2012 23:05:22 +0000 (00:05 +0100)] 
[menu] Add menu commands

Allow iPXE scripts to create menus.  For example:

    #!ipxe

    menu iSCSI boot demonstration
    item install         Install Fedora to ${root-path}
    item --default boot  Boot from ${root-path}
    item shell           Enter iPXE shell
    item exit            Exit to BIOS
    choose label && goto ${label}

    :boot
    sanboot ${root-path}

    :install
    sanhook ${root-path}
    chain http://${next-server}/fedora.ipxe

    :shell
    shell

    :exit

Inspired-by: Robin Smidsrød <robin@smidsrod.no>
Tested-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[menu] Add menu user interface
Michael Brown [Wed, 28 Mar 2012 23:03:11 +0000 (00:03 +0100)] 
[menu] Add menu user interface

Inspired-by: Robin Smidsrød <robin@smidsrod.no>
Tested-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[menu] Add the abstract concept of a menu
Michael Brown [Tue, 27 Mar 2012 16:27:27 +0000 (17:27 +0100)] 
[menu] Add the abstract concept of a menu

Inspired-by: Robin Smidsrød <robin@smidsrod.no>
Tested-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[bios] Recognise Page Up and Page Down keys
Michael Brown [Thu, 29 Mar 2012 11:50:08 +0000 (12:50 +0100)] 
[bios] Recognise Page Up and Page Down keys

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[parseopt] Allow "prompt" command to accept character literals for --key
Michael Brown [Tue, 27 Mar 2012 18:49:12 +0000 (19:49 +0100)] 
[parseopt] Allow "prompt" command to accept character literals for --key

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[readline] Accept Ctrl-U for "delete to start of line"
Robin Smidsrød [Wed, 28 Mar 2012 10:52:55 +0000 (11:52 +0100)] 
[readline] Accept Ctrl-U for "delete to start of line"

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[http] Disambiguate the various error causes
Michael Brown [Tue, 27 Mar 2012 20:40:44 +0000 (21:40 +0100)] 
[http] Disambiguate the various error causes

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[console] Add "no_latin1" keymap
Michael Brown [Tue, 27 Mar 2012 20:04:18 +0000 (21:04 +0100)] 
[console] Add "no_latin1" keymap

The "no" keymap is for a Dvorak keyboard.

Reported-by: Robin Smidsrød <robin@smidsrod.no>
Tested-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[console] Ignore unexpected keysyms when generating keyboard maps
Michael Brown [Tue, 27 Mar 2012 19:55:19 +0000 (20:55 +0100)] 
[console] Ignore unexpected keysyms when generating keyboard maps

I am unable to find any definitive documentation on how Linux keyboard
symbols work.  In the absence of any documentation, I'm going to
assume that unexpected keysyms are harmless and should be ignored.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Add an explicit "RSA signature incorrect" error message
Michael Brown [Tue, 27 Mar 2012 13:58:45 +0000 (14:58 +0100)] 
[crypto] Add an explicit "RSA signature incorrect" error message

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[console] Add LOG_ALL as a synonym for LOG_DEBUG
Michael Brown [Tue, 27 Mar 2012 10:14:36 +0000 (11:14 +0100)] 
[console] Add LOG_ALL as a synonym for LOG_DEBUG

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[image] Log image executions
Michael Brown [Tue, 27 Mar 2012 10:11:28 +0000 (11:11 +0100)] 
[image] Log image executions

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[console] Remove "log message" usage from interactive console defaults
Michael Brown [Mon, 26 Mar 2012 23:51:10 +0000 (00:51 +0100)] 
[console] Remove "log message" usage from interactive console defaults

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[downloader] Use a more meaningful error message when out of memory
Michael Brown [Mon, 26 Mar 2012 23:43:07 +0000 (00:43 +0100)] 
[downloader] Use a more meaningful error message when out of memory

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[downloader] Abort download immediately if buffer resizing fails
Michael Brown [Mon, 26 Mar 2012 23:38:19 +0000 (00:38 +0100)] 
[downloader] Abort download immediately if buffer resizing fails

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[umalloc] Unhide umalloc()ed memory region when there are no allocations
Michael Brown [Mon, 26 Mar 2012 23:21:24 +0000 (00:21 +0100)] 
[umalloc] Unhide umalloc()ed memory region when there are no allocations

At present, we always hide an extra sizeof(struct external_memory), to
account for the header on the lowest allocated block.  This header
ceases to exist when there are no allocated blocks remaining.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[umalloc] Fail allocations when we run out of external memory
Michael Brown [Mon, 26 Mar 2012 23:18:12 +0000 (00:18 +0100)] 
[umalloc] Fail allocations when we run out of external memory

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Disambiguate all CMS errors
Michael Brown [Mon, 26 Mar 2012 22:34:49 +0000 (23:34 +0100)] 
[crypto] Disambiguate all CMS errors

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[image] Log results of image signature checks
Michael Brown [Mon, 26 Mar 2012 22:24:27 +0000 (23:24 +0100)] 
[image] Log results of image signature checks

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[downloader] Log final status of all downloads
Michael Brown [Mon, 26 Mar 2012 21:47:50 +0000 (22:47 +0100)] 
[downloader] Log final status of all downloads

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[syslog] Pass internal syslog() priority through to syslog console
Michael Brown [Mon, 26 Mar 2012 19:23:30 +0000 (20:23 +0100)] 
[syslog] Pass internal syslog() priority through to syslog console

Use a private ANSI escape sequence to convey the priority of an
internal syslog() message through to the syslog server.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[console] Do not share ANSI escape context between lineconsole users
Michael Brown [Mon, 26 Mar 2012 20:03:59 +0000 (21:03 +0100)] 
[console] Do not share ANSI escape context between lineconsole users

An ANSI escape sequence context cannot be shared between multiple
users.  Make the ANSI escape sequence context part of the line console
definition and provide individual contexts for each user.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[console] Add "log message" console usage and an internal syslog() call
Michael Brown [Mon, 26 Mar 2012 18:50:50 +0000 (19:50 +0100)] 
[console] Add "log message" console usage and an internal syslog() call

Provide an internal syslog() function (unrelated to the syslog
console) which can be used to create log messages with specified
priorities.

The build-time constant LOG_LEVEL can be used to select the minimum
required priority for log messages.  Any messages that do not have a
sufficient priority will be ignored (and will be optimised away at
compile-time).

The default LOG_LEVEL is LOG_NONE.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[console] Exclude text-based UI output from logfile-based consoles
Michael Brown [Mon, 26 Mar 2012 18:02:30 +0000 (19:02 +0100)] 
[console] Exclude text-based UI output from logfile-based consoles

The output from text-based user interfaces such as the "config"
command is not generally meaningful for logfile-based consoles such as
syslog and vmconsole.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[console] Allow usage to be defined independently for each console
Michael Brown [Mon, 26 Mar 2012 16:25:08 +0000 (17:25 +0100)] 
[console] Allow usage to be defined independently for each console

Add the concept of a "console usage", such as "standard output" or
"debug messages".  Allow usages to be associated with each console
independently.  For example, to send debugging output via the serial
port, while preventing it from appearing on the local console:

  #define CONSOLE_SERIAL CONSOLE_USAGE_ALL
  #define CONSOLE_PCBIOS ( CONSOLE_USAGE_ALL & ~CONSOLE_USAGE_DEBUG )

If no usages are explicitly specified, then a default set of usages
will be applied.  For example:

  #define CONSOLE_SERIAL

will have the same affect as

  #define CONSOLE_SERIAL CONSOLE_USAGE_ALL

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[console] Remove unused "btext" console
Michael Brown [Mon, 26 Mar 2012 14:47:34 +0000 (15:47 +0100)] 
[console] Remove unused "btext" console

The "btext" console has been disabled by a "#if 0" since 2007.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[console] Move putchar() and getchar() declarations to stdio.h
Michael Brown [Mon, 26 Mar 2012 13:43:52 +0000 (14:43 +0100)] 
[console] Move putchar() and getchar() declarations to stdio.h

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[image] Add the "imgtrust" and "imgverify" commands
Michael Brown [Thu, 22 Mar 2012 13:46:38 +0000 (13:46 +0000)] 
[image] Add the "imgtrust" and "imgverify" commands

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[image] Simplify image management commands and internal API
Michael Brown [Sat, 24 Mar 2012 01:16:37 +0000 (01:16 +0000)] 
[image] Simplify image management commands and internal API

Remove the name, cmdline, and action parameters from imgdownload() and
imgdownload_string().  These functions now simply download and return
an image.

Add the function imgacquire(), which will interpret a "name or URI
string" parameter and return either an existing image or a newly
downloaded image.

Use imgacquire() to merge similar image-management commands that
currently differ only by whether they take the name of an existing
image or the URI of a new image to download.  For example, "chain" and
"imgexec" can now be merged.

Extend imgstat and imgfree commands to take an optional list of
images.

Remove the arbitrary restriction on the length of image names.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[build] Fix compilation under Cygwin
Michael Brown [Thu, 22 Mar 2012 23:52:24 +0000 (23:52 +0000)] 
[build] Fix compilation under Cygwin

Originally-fixed-by: Steve Goodrich <steve.goodrich@se-eng.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[image] Add concept of trusted images
Michael Brown [Thu, 22 Mar 2012 13:39:45 +0000 (13:39 +0000)] 
[image] Add concept of trusted images

Trusted images may always be executed.  Untrusted images may be
executed only if the current image trust requirement allows untrusted
images.

Images can be marked as trusted using image_trust(), and marked as
untrusted using image_untrust().

The current image trust requirement can be changed using
image_set_trust().  It is possible to make the change permanent, in
which case any future attempts to change the image trust requirement
will fail.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[bios] Set character attributes only when necessary
Michael Brown [Thu, 22 Mar 2012 12:22:38 +0000 (12:22 +0000)] 
[bios] Set character attributes only when necessary

There is no INT 10 call for "display character with attribute,
advancing the cursor and scrolling the screen as necessary".  We
therefore make two INT 10 calls: INT 10,09 to write the character with
its attribute at the current cursor position, and then INT 10,0e to
(re)write the character (leaving the attribute unchanged), advance the
cursor position and scroll as necessary.

This confuses the serial-over-LAN console redirection feature provided
by some BIOSes.

Fix by performing the INT10,09 only when necessary to change the
existing attribute.

Reported-by: Itay Gazit <itaygazit@gmail.com>
Tested-by: Itay Gazit <itaygazit@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[test] Add CMS self-tests
Michael Brown [Wed, 21 Mar 2012 17:31:53 +0000 (17:31 +0000)] 
[test] Add CMS self-tests

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Add support for Cryptographic Message Syntax (PKCS #7)
Michael Brown [Tue, 20 Mar 2012 23:54:16 +0000 (23:54 +0000)] 
[crypto] Add support for Cryptographic Message Syntax (PKCS #7)

The Cryptographic Message Syntax (PKCS#7) provides a format for
encapsulating digital signatures of arbitrary binary blobs.  A
signature can be generated using

  openssl cms -sign -in <file to sign> -binary -noattr \
     -signer <signer>.crt -inkey <signer>.key -certfile <CA>.crt \
  -outform DER -out <signature>

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Parse X.509 extended key usage extension
Michael Brown [Wed, 21 Mar 2012 16:16:37 +0000 (16:16 +0000)] 
[crypto] Parse X.509 extended key usage extension

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Differentiate "untrusted root" and "incomplete chain" error cases
Michael Brown [Thu, 22 Mar 2012 10:55:13 +0000 (10:55 +0000)] 
[crypto] Differentiate "untrusted root" and "incomplete chain" error cases

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Shrink raw certificate data to fit certificate
Michael Brown [Thu, 22 Mar 2012 11:01:13 +0000 (11:01 +0000)] 
[crypto] Shrink raw certificate data to fit certificate

The certificate may be part of an ASN.1-encoded certificate chain, and
so may not be the only object contained within the ASN.1 cursor.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Avoid an error when asn1_shrink() is already at end of object
Michael Brown [Thu, 22 Mar 2012 02:10:17 +0000 (02:10 +0000)] 
[crypto] Avoid an error when asn1_shrink() is already at end of object

asn1_skip() will return an error on reaching the end of an object, and
so should not be used as the basis for asn1_shrink().

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Add previous certificate in chain as a parameter to parse_next()
Michael Brown [Wed, 21 Mar 2012 16:48:08 +0000 (16:48 +0000)] 
[crypto] Add previous certificate in chain as a parameter to parse_next()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Parse X.509 certificate serial number
Michael Brown [Wed, 21 Mar 2012 17:14:05 +0000 (17:14 +0000)] 
[crypto] Parse X.509 certificate serial number

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Define ASN.1 OID-identified algorithms for all supported digests
Michael Brown [Wed, 21 Mar 2012 14:18:06 +0000 (14:18 +0000)] 
[crypto] Define ASN.1 OID-identified algorithms for all supported digests

Signed-off-by: Michael Brown <mcb30@ipxe.org>

7 years ago[crypto] Generalise X.509 OID-identified algorithm to asn1.c
Michael Brown [Wed, 21 Mar 2012 13:57:32 +0000 (13:57 +0000)] 
[crypto] Generalise X.509 OID-identified algorithm to asn1.c

The concept of an OID-identified algorithm as defined in X.509 is used
in some other standards (e.g. PKCS#7).  Generalise this functionality
and provide it as part of the ASN.1 core.

Signed-off-by: Michael Brown <mcb30@ipxe.org>