iPXE - Open Source Boot Firmware

vendor/xcat/ipxe.git
5 years agoFix assertion failure on certs without subjectAltName master
Jarrod Johnson [Mon, 24 Mar 2014 19:38:07 +0000 (15:38 -0400)] 
Fix assertion failure on certs without subjectAltName

While the patch had been done to correctly indicate presence,
it still hit assertions.

5 years agoAdd iPaddress support for subjectAltName
Jarrod Johnson [Wed, 19 Mar 2014 14:47:22 +0000 (10:47 -0400)] 
Add iPaddress support for subjectAltName

subjectaltname only understood DNS entries.  Amend it to support IPv4 iPAddress.

5 years agoExtend DHCP timeout
Jarrod Johnson [Fri, 7 Mar 2014 21:28:28 +0000 (16:28 -0500)] 
Extend DHCP timeout

Per  Alex Williamson <alex.williamson@redhat.com>:
For discovery, both the DHCP and PXE specs suggest timeouts of 4, 8,
16, and 32 seconds.  This gives us a maximum timeout of 60 seconds,
versus the current timeout of 15 seconds at timeouts of 1, 2, 4, and
8 seconds.

On the request phase, the specs are quite different.  RFC2131 for DHCP
suggests the same intervals as above for discovery, while the PXE spec
recommends intervals of 1, 2, 3, and 4 seconds.  Our timer only wants
to do exponential back-off, so we compromise and adjust to intervals
of 1, 2, 4, and 8 seconds.  PXE boot server discovery appears to want
the same timeouts as the DHCP request phase.

5 years agoHandle OCSP responses that don't provide certificates
Jarrod Johnson [Fri, 14 Mar 2014 17:57:31 +0000 (13:57 -0400)] 
Handle OCSP responses that don't provide certificates

From 9f2bbf20533a6c006820c5b03be6f3a93e8b3e99 Mon Sep 17 00:00:00 2001
From: Alexander Chernyakhovsky <achernya@google.com>
Date: Tue, 15 Oct 2013 16:03:11 -0400
Subject: [PATCH 4/4] Handle OCSP responses that don't provide certificates

Certificate authorities are not required to send the certificate used
to sign the OCSP response under some scenarios, namely in the case
when the certificate is the same as the one that did the original
issue. The iPXE code previously assumed that such cases did not exist,
and valid OCSP responses were dropped.  Change these semantics by
attempting to validate with the original issuer if no specific signing
certificate was provided.
---
 src/crypto/ocsp.c | 9 ++++++++-
  1 file changed, 8 insertions(+), 1 deletion(-)

5 years agoMerge subject alt name and wildcard certificate support
Jarrod Johnson [Fri, 14 Mar 2014 17:55:54 +0000 (13:55 -0400)] 
Merge  subject alt name and wildcard certificate support

From: Alexander Chernyakhovsky <achernya@google.com>
Date: Thu, 25 Jul 2013 21:35:14 -0400
Subject: [PATCH 1/4] Implement subject-alt-name and wildcard certificates

5 years agoRevert "From: Alexander Chernyakhovsky <achernya@google.com>"
Jarrod Johnson [Sat, 2 Nov 2013 12:14:37 +0000 (08:14 -0400)] 
Revert "From: Alexander Chernyakhovsky <achernya@google.com>"

This reverts commit 7baf1781fba3003ab6b899028d83aac930ca3e16.

5 years agoImplement some EFI compliant entropy provider for use in SSL
Jarrod Johnson [Thu, 31 Oct 2013 22:19:42 +0000 (18:19 -0400)] 
Implement some EFI compliant entropy provider for use in SSL

For now, mimick the rtc_entropy by using timers and TSC jitter.
When UEFI 2.4 is more accessible to develop/test against, should
add a path to take advantage of the RNG protocol it provides
to supplement this scheme.

5 years agoFrom: Alexander Chernyakhovsky <achernya@google.com>
Jarrod Johnson [Tue, 22 Oct 2013 23:35:46 +0000 (19:35 -0400)] 
From: Alexander Chernyakhovsky <achernya@google.com>
    Date: Thu, 25 Jul 2013 21:35:14 -0400
        Subject: [PATCH 1/3] Implement subject-alt-name and wildcard certificates

5 years agoRevert "From: Alexander Chernyakhovsky <achernya@google.com>"
Jarrod Johnson [Tue, 22 Oct 2013 23:07:44 +0000 (19:07 -0400)] 
Revert "From: Alexander Chernyakhovsky <achernya@google.com>"

This reverts commit 6b435d458aa67ebbdfd0292f81bf3cbf91e2a5c4.

5 years agoFrom: Alexander Chernyakhovsky <achernya@google.com>
Jarrod Johnson [Tue, 15 Oct 2013 17:58:41 +0000 (13:58 -0400)] 
From: Alexander Chernyakhovsky <achernya@google.com>
Date: Thu, 25 Jul 2013 21:35:14 -0400
Subject: [PATCH 1/3] Implement subject-alt-name and wildcard certificates

5 years agoMerge branch 'master' of https://git.ipxe.org/ipxe
Jarrod Johnson [Tue, 1 Oct 2013 12:46:03 +0000 (08:46 -0400)] 
Merge branch 'master' of https://git.ipxe.org/ipxe

Conflicts:
src/config/general.h

5 years ago[cmdline] Add "nstat" command
Michael Brown [Wed, 25 Sep 2013 13:35:07 +0000 (14:35 +0100)] 
[cmdline] Add "nstat" command

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[neighbour] Add nstat() function to print out neighbour table
Michael Brown [Wed, 25 Sep 2013 13:34:00 +0000 (14:34 +0100)] 
[neighbour] Add nstat() function to print out neighbour table

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[build] Work around bug in gcc >= 4.8
Michael Brown [Wed, 25 Sep 2013 11:55:46 +0000 (12:55 +0100)] 
[build] Work around bug in gcc >= 4.8

Commit 238050d ("[build] Work around bug in gcc >= 4.8") works around
one instance of a bug in recent versions of gcc, in which "ebp" cannot
be specified within an asm clobber list.

Some versions of gcc seem to exhibit the same bug on other points in
the codebase.  Fix by changing all instances of "ebp" in a clobber
list to use the push/pop %ebp workaround instead.

Originally-implemented-by: Víctor Román Archidona <contacto@victor-roman.es>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[ipv6] Add inet6_aton()
Michael Brown [Wed, 11 Sep 2013 03:26:39 +0000 (04:26 +0100)] 
[ipv6] Add inet6_aton()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[tcp] Reduce path MTU to 1280 bytes
Michael Brown [Wed, 4 Sep 2013 16:37:34 +0000 (17:37 +0100)] 
[tcp] Reduce path MTU to 1280 bytes

The path MTU is currently hardcoded to 1460 bytes, which fails to
allow space for TCP options.  Sending a maximum-sized datagram (which
is viable when using HTTP POST) will therefore fail since the Ethernet
MTU will be exceeded.

Reduce the hardcoded path MTU to produce a maximum datagram of 1280
bytes, which is the size required of data link layers by IPv6.  It is
a reasonable assumption that all intermediary data link layers will be
able to convey this packet without fragmentation, even for IPv4.

Note that this reduction has a minimal impact upon download
throughput, since it affects only the transmit data path.

Originally-fixed-by: Suresh Sundriyal <ssundriy@vmware.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[ipv6] Fix uninitialised-variable warning
Michael Brown [Tue, 3 Sep 2013 19:01:17 +0000 (20:01 +0100)] 
[ipv6] Fix uninitialised-variable warning

Fix uninitialised-variable warning reported by gcc 4.5.2.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[ipv6] Replace IPv6 stack
Michael Brown [Mon, 26 Aug 2013 13:23:54 +0000 (14:23 +0100)] 
[ipv6] Replace IPv6 stack

Replace the existing partially-implemented IPv6 stack with a fresh
implementation.

This implementation is not yet complete.  The IPv6 transmit and
receive datapaths are functional (including fragment reassembly and
parsing of arbitrary extension headers).  NDP neighbour solicitations
and advertisements are supported.  ICMPv6 echo is supported.

At present, only link-local addresses may be used, and there is no way
to specify an IPv6 address as part of a URI (either directly or via
a DNS lookup).

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[ipv4] Abstract out protocol-specific portions of "route" command
Michael Brown [Tue, 3 Sep 2013 15:28:34 +0000 (16:28 +0100)] 
[ipv4] Abstract out protocol-specific portions of "route" command

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[neighbour] Generalise concept of neighbour discovery
Michael Brown [Sun, 1 Sep 2013 15:13:58 +0000 (16:13 +0100)] 
[neighbour] Generalise concept of neighbour discovery

Split the protocol-independent portions of arp.c into a separate file
neighbour.c, to allow for sharing of functionality between IPv4+ARP
and IPv6+NDP.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[tcpip] Pass through network device to transport layer protocols
Michael Brown [Sun, 1 Sep 2013 19:55:18 +0000 (20:55 +0100)] 
[tcpip] Pass through network device to transport layer protocols

NDP requires knowledge of the network device on which a packet was
received.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[linux] Apply MAC address prior to registering network device
Michael Brown [Sun, 1 Sep 2013 16:38:40 +0000 (17:38 +0100)] 
[linux] Apply MAC address prior to registering network device

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[ethernet] Add support for generating multicast hash for IPv6 addresses
Michael Brown [Sat, 31 Aug 2013 02:23:24 +0000 (03:23 +0100)] 
[ethernet] Add support for generating multicast hash for IPv6 addresses

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[netdevice] Add method for generating EUI-64 address from link-layer address
Michael Brown [Fri, 30 Aug 2013 18:05:03 +0000 (19:05 +0100)] 
[netdevice] Add method for generating EUI-64 address from link-layer address

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[netdevice] Add concept of a network device index
Michael Brown [Thu, 29 Aug 2013 13:10:16 +0000 (14:10 +0100)] 
[netdevice] Add concept of a network device index

IPv6 link-local socket addresses require some way to specify a local
network device.  We cannot simply use a pointer to the network device,
since a struct sockaddr_in6 may be long-lived and has no way to hold a
reference to the network device.

Using a network device index allows a socket address to cleanly refer
to a network device without worrying about whether or not that device
continues to exist.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[netdevice] Increase maximum network-layer address length
Michael Brown [Mon, 2 Sep 2013 21:31:04 +0000 (22:31 +0100)] 
[netdevice] Increase maximum network-layer address length

IPv6 uses 16-byte network-layer addresses.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[ipv4] Generalise fragment reassembly mechanism
Michael Brown [Tue, 27 Aug 2013 15:08:15 +0000 (16:08 +0100)] 
[ipv4] Generalise fragment reassembly mechanism

Generalise the concept of fragment reassembly to allow for code
sharing between IPv4 and IPv6 protocols.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[linux] Give tap devices a name and bus type
Michael Brown [Tue, 27 Aug 2013 15:28:54 +0000 (16:28 +0100)] 
[linux] Give tap devices a name and bus type

Give tap devices a meaningful name, and avoid segmentation faults when
attempting to retrieve ${net0/bustype} by assigning a new bus type for
tap devices.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[settings] Make built-in settings a linker table
Michael Brown [Tue, 27 Aug 2013 12:46:12 +0000 (13:46 +0100)] 
[settings] Make built-in settings a linker table

Allow for configurable provision of built-in settings by placing them
in a linker table rather than an array.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years agoMerge branch 'master' of https://git.ipxe.org/ipxe
Jarrod Johnson [Tue, 20 Aug 2013 15:39:22 +0000 (11:39 -0400)] 
Merge branch 'master' of https://git.ipxe.org/ipxe

Conflicts:
src/config/general.h

5 years ago[3c90x] Fix High-MTU packet reception
Thomas Miletich [Mon, 19 Aug 2013 11:36:27 +0000 (13:36 +0200)] 
[3c90x] Fix High-MTU packet reception

Prevent the card from flagging packets of 1518 bytes length as
overlength.

This fixes the High-MTU loopback test.

Signed-off-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[3c90x] Don't round up transmit packet length
Thomas Miletich [Mon, 19 Aug 2013 11:16:27 +0000 (13:16 +0200)] 
[3c90x] Don't round up transmit packet length

The 3c90x B and C revisions support rounding up the packet length to a
specific boundary.  Disable this feature to avoid overlength packets.

This fixes the loopback test.

Signed-off-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[3c90x] Stall upload engine before setting RX ring address
Thomas Miletich [Mon, 19 Aug 2013 10:59:34 +0000 (12:59 +0200)] 
[3c90x] Stall upload engine before setting RX ring address

According to the 3c90x datasheet we have to stall the upload (receive)
engine before setting the receive ring address.

Signed-off-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[http] Add support for HTTP POST
Michael Brown [Mon, 19 Aug 2013 16:17:49 +0000 (17:17 +0100)] 
[http] Add support for HTTP POST

Allow HTTP POST requests to be generated when the URI includes a
parameter list.  For example:

  #!ipxe
  params
  param mac ${net0/mac}
  param uuid ${uuid}
  param asset ${asset}
  chain http://boot.ipxe.org/demo/boot.php##params

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[uri] Allow URIs to incorporate a parameter list
Michael Brown [Wed, 14 Aug 2013 14:07:52 +0000 (15:07 +0100)] 
[uri] Allow URIs to incorporate a parameter list

HTTP POST requires the ability to associate a parameter list with a
URI.  There is no standardised syntax for this.  Use a non-standard
URI syntax to incorporate the specification of a parameter list within
a URI:

  URI = [ absoluteURI | relativeURI ]
[ "#" fragment ] [ "##params" [ "=" paramsName ] ]

e.g.

  http://boot.ipxe.org/demo/boot.php##params
  http://boot.ipxe.org/demo/boot.php##params=mylist

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[cmdline] Add "params" and "param" commands to manage form parameter lists
Michael Brown [Tue, 13 Aug 2013 21:32:45 +0000 (22:32 +0100)] 
[cmdline] Add "params" and "param" commands to manage form parameter lists

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[params] Add support for the general concept of a form parameter list
Michael Brown [Tue, 13 Aug 2013 21:31:47 +0000 (22:31 +0100)] 
[params] Add support for the general concept of a form parameter list

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years agoMerge branch 'master' of https://git.ipxe.org/ipxe
Jarrod Johnson [Thu, 15 Aug 2013 18:43:09 +0000 (14:43 -0400)] 
Merge branch 'master' of https://git.ipxe.org/ipxe

Conflicts:
src/config/general.h
src/net/netdev_settings.c
src/net/tcp.c

5 years ago[settings] Expose memory map via settings mechanism
Michael Brown [Mon, 12 Aug 2013 12:42:12 +0000 (13:42 +0100)] 
[settings] Expose memory map via settings mechanism

Allow memory map entries to be read using the syntax

  ${memmap/<region>.<properties>.<scale>}

where <region> is the index of the memory region, <properties> is a
bitmask where bit 0 represents the start address and bit 1 represents
the length (allowing the end address to be encoded by having both bits
0 and 1 set), and <scale> is the number of bits by which to shift the
result.

This allows for several values of interest to be encoded.  For
example:

  ${memmap/<region>.1.0:hexraw}   # 64-bit start address of <region>
  ${memmap/<region>.2.0:hexraw}   # 64-bit length of <region>, in bytes
  ${memmap/<region>.3.0:hexraw}   # 64-bit end address of <region>
  ${memmap/<region>.2.10:int32}   # Length of <region>, in kB
  ${memmap/<region>.2.20:int32}   # Length of <region>, in MB

The numeric encoding is slightly more sophisticated than described
here, allowing a single encoding to cover multiple regions.  (See the
source code for details.)  The primary use case for this feature is to
provide the total system memory size (in MB) via the "memsize"
predefined setting.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[settings] Allow numeric_setting_value() to handle long setting values
Michael Brown [Mon, 12 Aug 2013 17:23:25 +0000 (18:23 +0100)] 
[settings] Allow numeric_setting_value() to handle long setting values

Allow numeric_setting_value() to handle e.g. the byte sequence

  00:00:00:00:12:34:56:78

by returning -ERANGE only if the value actually overflows the return
type.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[test] Add self-tests for snprintf()
Michael Brown [Mon, 12 Aug 2013 15:34:10 +0000 (16:34 +0100)] 
[test] Add self-tests for snprintf()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[settings] Expose CPUID instruction via settings mechanism
Michael Brown [Tue, 6 Aug 2013 18:16:30 +0000 (19:16 +0100)] 
[settings] Expose CPUID instruction via settings mechanism

Allow CPUID values to be read using the syntax

  ${cpuid/<register>.<function>}

For example, ${cpuid/2.0x80000001} will give the value of %ecx after
calling CPUID with %eax=0x80000001.  Values for <register> are encoded
as %eax=0, %ebx=1, %ecx=2, %edx=3.

The numeric encoding is more sophisticated than described above,
allowing for settings such as the CPU model (obtained by calling CPUID
with %eax=0x80000002-0x80000004 inclusive and concatenating the values
returned in %eax:%ebx:%ecx:%edx).  See the source code for details.

The "cpuvendor" and "cpumodel" settings provide easy access to these
more complex CPUID settings.

This functionality is intended to complement the "cpuid" command,
which allows for testing individual CPUID feature bits.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[nfs] Fix an issue with the selection of a local port
Marin Hannache [Thu, 18 Jul 2013 12:35:30 +0000 (14:35 +0200)] 
[nfs] Fix an issue with the selection of a local port

Reported-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[tcpip] Allow binding to unspecified privileged ports (below 1024)
Michael Brown [Tue, 6 Aug 2013 14:56:54 +0000 (15:56 +0100)] 
[tcpip] Allow binding to unspecified privileged ports (below 1024)

Originally-implemented-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[ipv6] Rename sin_{family,port} to sin6_{family,port} in struct sockaddr_in6
Michael Brown [Tue, 6 Aug 2013 14:55:23 +0000 (15:55 +0100)] 
[ipv6] Rename sin_{family,port} to sin6_{family,port} in struct sockaddr_in6

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[udp] Move high-frequency debug messages to DBGLVL_EXTRA
Michael Brown [Tue, 6 Aug 2013 14:52:31 +0000 (15:52 +0100)] 
[udp] Move high-frequency debug messages to DBGLVL_EXTRA

This makes it possible to leave UDP debugging enabled in order to see
interesting UDP events, without flooding the console with at least one
message per packet.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[cmdline] Add "pciscan" command to allow iteration over PCI devices
Michael Brown [Thu, 1 Aug 2013 15:53:17 +0000 (16:53 +0100)] 
[cmdline] Add "pciscan" command to allow iteration over PCI devices

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[pci] Add pci_find_next() to iterate over existent PCI devices
Michael Brown [Thu, 1 Aug 2013 15:52:28 +0000 (16:52 +0100)] 
[pci] Add pci_find_next() to iterate over existent PCI devices

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[cmdline] Add "inc" command
Michael Brown [Thu, 1 Aug 2013 13:42:28 +0000 (14:42 +0100)] 
[cmdline] Add "inc" command

The "inc" command allows the numeric value of a setting to be
incremented, allowing for the construction of simple loops within an
iPXE script.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[settings] Introduce the generalised concept of a numeric setting
Michael Brown [Thu, 1 Aug 2013 13:39:58 +0000 (14:39 +0100)] 
[settings] Introduce the generalised concept of a numeric setting

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[script] Allow commands following a script label
Michael Brown [Tue, 23 Jul 2013 15:49:12 +0000 (16:49 +0100)] 
[script] Allow commands following a script label

Allow commands to be placed on the same line as a label.  This allows
for improved legibility of loop constructions by incorporating the
loop check condition into the same line as the loop label.  For
example, to iterate over network devices using the forthcoming "inc"
command:

  set idx:int16 0
  :loop isset ${net${idx}/mac} || goto loop_done
    echo net${idx} is a ${net${idx}/chip} with MAC ${net${idx}/mac}
    inc idx && goto loop
  :loop_done

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[script] Allow initial whitespace on lines containing labels
Michael Brown [Tue, 23 Jul 2013 13:46:45 +0000 (14:46 +0100)] 
[script] Allow initial whitespace on lines containing labels

Initial whitespace is already accepted on lines containing commands,
since it gets ignored by the system() call.  Minimise surprise and
allow for neater indentation of scripts by also allowing whitespace on
lines containing labels.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[settings] Remove now-unused fetchf_named_setting() and storef_named_setting()
Michael Brown [Mon, 22 Jul 2013 13:36:00 +0000 (14:36 +0100)] 
[settings] Remove now-unused fetchf_named_setting() and storef_named_setting()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[settings] Eliminate calls to {fetch,store}f_named_setting() in NVO commands
Michael Brown [Fri, 19 Jul 2013 13:07:18 +0000 (14:07 +0100)] 
[settings] Eliminate calls to {fetch,store}f_named_setting() in NVO commands

A deliberate side effect of this commit is that the "read" command
will now preserve the type of the setting, if the setting name
contains no type information.  For example:

  iPXE> set foo:ipv4 192.168.0.1
  iPXE> read foo
  192.168.0.100
  iPXE> show foo
  foo:ipv4 = 192.168.0.100

rather than the arguably unexpected behaviour of resetting the type to
"string".

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[settings] Eliminate call to storef_named_setting() in choose_exec()
Michael Brown [Thu, 18 Jul 2013 14:49:32 +0000 (15:49 +0100)] 
[settings] Eliminate call to storef_named_setting() in choose_exec()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[parseopt] Add parse_setting()
Michael Brown [Thu, 18 Jul 2013 15:11:39 +0000 (16:11 +0100)] 
[parseopt] Add parse_setting()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[parseopt] Move parse_settings() to parseopt.c
Michael Brown [Thu, 18 Jul 2013 14:30:00 +0000 (15:30 +0100)] 
[parseopt] Move parse_settings() to parseopt.c

Signed-off-by: Michael Brown <mcb30@ipxe.org>

5 years ago[parseopt] Allow parsed option to be modified
Michael Brown [Mon, 22 Jul 2013 15:13:25 +0000 (16:13 +0100)] 
[parseopt] Allow parsed option to be modified

Parsing a setting name requires the ability to modify the text being
parsed.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Remove now-unused store_named_setting()
Michael Brown [Thu, 18 Jul 2013 14:19:59 +0000 (15:19 +0100)] 
[settings] Remove now-unused store_named_setting()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Eliminate call to store_named_setting() in nslookup.c
Michael Brown [Thu, 18 Jul 2013 13:49:06 +0000 (14:49 +0100)] 
[settings] Eliminate call to store_named_setting() in nslookup.c

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Eliminate call to fetchf_named_setting() in expand_settings()
Michael Brown [Thu, 18 Jul 2013 13:47:42 +0000 (14:47 +0100)] 
[settings] Eliminate call to fetchf_named_setting() in expand_settings()

Use parse_setting_name() and fetchf_setting_copy() in
expand_settings(), to eliminate the call to fetchf_named_setting().

This change also eliminates the potentially large stack-allocated
buffer in expand_settings().

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Add fetchf_setting_copy()
Michael Brown [Thu, 18 Jul 2013 13:46:20 +0000 (14:46 +0100)] 
[settings] Add fetchf_setting_copy()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Change "not-found" semantics of fetch_setting_copy()
Michael Brown [Fri, 19 Jul 2013 13:53:38 +0000 (14:53 +0100)] 
[settings] Change "not-found" semantics of fetch_setting_copy()

fetch_settings_copy() currently returns success and a NULL data
pointer to indicate a non-existent setting.  This is intended to allow
the caller to differentiate between a non-existent setting and an
error in allocating memory for the copy of the setting.

The underlying settings blocks' fetch() methods provide no way to
perform an existence check separate from an attempt to fetch the
setting.  A "non-existent setting" therefore means simply a setting
for which an error was encountered when attempting to fetch from every
settings block within the subtree.

Since any underlying error within a settings block (e.g. a GuestRPC
failure when attempting to retrieve a VMware GuestInfo setting) will
produce the effect of a "non-existent setting", it seems somewhat
meaningless to give special treatment to memory allocation errors
within fetch_setting_copy().

Remove the special treatment and simplify the semantics of
fetch_setting_copy() by directly passing through any underlying error
(including non-existence) encountered while fetching the setting.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Expose parse_setting_name()
Michael Brown [Thu, 18 Jul 2013 13:44:09 +0000 (14:44 +0100)] 
[settings] Expose parse_setting_name()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Remove default_type parameter from parse_setting_name()
Michael Brown [Fri, 19 Jul 2013 13:08:13 +0000 (14:08 +0100)] 
[settings] Remove default_type parameter from parse_setting_name()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Remove temporary name buffer parameter from parse_setting_name()
Michael Brown [Thu, 18 Jul 2013 14:48:29 +0000 (15:48 +0100)] 
[settings] Remove temporary name buffer parameter from parse_setting_name()

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Avoid potentially large stack allocations
Michael Brown [Wed, 17 Jul 2013 13:00:38 +0000 (14:00 +0100)] 
[settings] Avoid potentially large stack allocations

Avoid potentially large stack allocations in fetchf_setting() and
storef_setting().

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Clarify usage of the term "named setting"
Michael Brown [Thu, 18 Jul 2013 12:35:19 +0000 (13:35 +0100)] 
[settings] Clarify usage of the term "named setting"

There are currently two conflicting usages of the term "named setting"
within iPXE: one refers to predefined settings (such as show up in the
"config" UI), the other refers to settings identified by a name (such
as "net0.dhcp/ip").

Split these usages into the term "predefined setting" and "named
setting" to avoid ambiguity.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[build] Fix %.licence build target
Michael Brown [Mon, 15 Jul 2013 22:08:50 +0000 (00:08 +0200)] 
[build] Fix %.licence build target

Our use of --gc-sections causes the linker to discard the symbols
defined by FILE_LICENCE(), meaning that the resulting licence
determination is incomplete.

We must use the KEEP() directive in the linker script to force the
linker to not discard the licence symbols.  Using KEEP(*(COMMON))
would be undesirable, since there are some symbols in COMMON which we
may wish to discard.

Fix by placing symbols defined by PROVIDE_SYMBOL() (which is used by
FILE_LICENCE()) into a special ".provided" section, which we then mark
with KEEP().  All such symbols are zero-length, so there is no cost in
terms of the final binary size.

Since the symbols are no longer in COMMON, the linker will reject
symbols with the same name coming from multiple objects.  We therefore
append the object name to the licence symbol, to ensure that it is
unique.

Reported-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[legal] Add missing FILE_LICENCE declarations
Michael Brown [Mon, 15 Jul 2013 22:23:09 +0000 (00:23 +0200)] 
[legal] Add missing FILE_LICENCE declarations

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[script] Avoid trying to read final character of a zero-length string
Michael Brown [Mon, 15 Jul 2013 16:06:41 +0000 (18:06 +0200)] 
[script] Avoid trying to read final character of a zero-length string

Detected using Valgrind.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[nfs] Add support for NFS protocol
Marin Hannache [Mon, 15 Jul 2013 15:56:29 +0000 (17:56 +0200)] 
[nfs] Add support for NFS protocol

Tested-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[ifmgmt] Avoid relying on global variable within ifcommon_exec()
Michael Brown [Mon, 15 Jul 2013 15:30:39 +0000 (17:30 +0200)] 
[ifmgmt] Avoid relying on global variable within ifcommon_exec()

The getopt API defines optind as a global variable.  When used by the
"autoboot" command, the payload function passed to ifcommon_exec() may
result in a new iPXE script being executed; the commands therein would
then overwrite the value of optind.  On returning, ifcommon_exec()
would continue processing the list of interfaces from an undefined
point.

Fix by using a local variable to hold the index within the list of
interfaces.

Reported-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[build] Include ipxe.pxe in default build
Robin Smidsrød [Mon, 15 Jul 2013 12:21:04 +0000 (14:21 +0200)] 
[build] Include ipxe.pxe in default build

Signed-off-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[cmdline] Add "poweroff" command
Marin Hannache [Sat, 13 Jul 2013 12:31:15 +0000 (14:31 +0200)] 
[cmdline] Add "poweroff" command

Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[legal] Add missing FILE_LICENCE declarations
Marin Hannache [Mon, 15 Jul 2013 10:30:57 +0000 (12:30 +0200)] 
[legal] Add missing FILE_LICENCE declarations

Signed-off-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[realtek] Allow extra space in RX buffers
Michael Brown [Mon, 15 Jul 2013 10:15:48 +0000 (12:15 +0200)] 
[realtek] Allow extra space in RX buffers

Some hardware (observed with an onboard RTL8168) will erroneously
report a buffer overflow error if the received packet exactly fills
the receive buffer.

Fix by adding an extra four bytes of padding to each receive buffer.

Debugged-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Add support for navigation keys in "config" user interface
Michael Brown [Mon, 15 Jul 2013 09:59:13 +0000 (11:59 +0200)] 
[settings] Add support for navigation keys in "config" user interface

Add support for page up, page down, home and end keys, matching the
navigation logic used in the menu user interface.

Originally-implemented-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[velocity] Rewrite VIA Velocity driver
Adrian Jamróz [Sat, 13 Jul 2013 16:59:07 +0000 (18:59 +0200)] 
[velocity] Rewrite VIA Velocity driver

Signed-off-by: Adrian Jamróz <adrian.jamroz@gmail.com>
Modified-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[script] Allow for backslash continuation of script lines
Michael Brown [Mon, 15 Jul 2013 09:13:33 +0000 (11:13 +0200)] 
[script] Allow for backslash continuation of script lines

Allow long script lines to be broken up using backslash continuation.
For example:

   choose --default linux --timeout 3000 os \
      && goto boot_${os} || goto cancelled

Requested-by: Robin Smidsrød <robin@smidsrod.no>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[realtek] Report RX error detail in debug messages
Michael Brown [Sun, 14 Jul 2013 22:38:43 +0000 (00:38 +0200)] 
[realtek] Report RX error detail in debug messages

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[base16] Ensure base16_encode() always terminates its result string
Michael Brown [Sun, 14 Jul 2013 22:06:45 +0000 (00:06 +0200)] 
[base16] Ensure base16_encode() always terminates its result string

base16_encode() will fail to generate a terminating NUL if the length
of the raw data is zero, since the loop calling sprintf() will never
execute.

Fix by explicitly terminating the result with a NUL.

Reported-by: Marin Hannache <git@mareo.fr>
Debugged-by: Marin Hannache <git@mareo.fr>
Tested-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[legal] Add FILE_LICENCE for ath9k driver headers
Marin Hannache [Sun, 14 Jul 2013 21:19:55 +0000 (23:19 +0200)] 
[legal] Add FILE_LICENCE for ath9k driver headers

Signed-off-by: Marin Hannache <git@mareo.fr>
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[legal] Add FILE_LICENCE for core/errno.c
Marin Hannache [Sun, 14 Jul 2013 21:19:37 +0000 (23:19 +0200)] 
[legal] Add FILE_LICENCE for core/errno.c

Signed-off-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[legal] Add FILE_LICENCE for valgrind headers
Marin Hannache [Sun, 14 Jul 2013 21:19:15 +0000 (23:19 +0200)] 
[legal] Add FILE_LICENCE for valgrind headers

Signed-off-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[linux] Add missing #include <stddef.h>
Marin Hannache [Fri, 12 Jul 2013 22:01:47 +0000 (00:01 +0200)] 
[linux] Add missing #include <stddef.h>

Signed-off-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[intel] Incorporate ring producer and consumer counters in diagnostics
Michael Brown [Sun, 14 Jul 2013 17:07:38 +0000 (19:07 +0200)] 
[intel] Incorporate ring producer and consumer counters in diagnostics

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[rhine] Rewrite VIA Rhine driver
Adrian Jamróz [Sat, 13 Jul 2013 14:11:50 +0000 (16:11 +0200)] 
[rhine] Rewrite VIA Rhine driver

Replace the old via-rhine driver with a new version using the iPXE
API.

Includes fixes by Thomas Miletich for:

  - MMIO access
  - Link detection
  - RX completion in RX overflow case
  - Reset and EEPROM reloading
  - CRC stripping
  - Missing cpu_to_le32() calls
  - Missing memory barriers

Signed-off-by: Adrian Jamróz <adrian.jamroz@gmail.com>
Modified-by: Thomas Miletich <thomas.miletich@gmail.com>
Tested-by: Thomas Miletich <thomas.miletich@gmail.com>
Tested-by: Robin Smidsrød <robin@smidsrod.no>
Modified-by: Michael Brown <mcb30@ipxe.org>
Tested-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[lotest] Include sequence number within loopback test packets
Michael Brown [Sun, 14 Jul 2013 09:37:17 +0000 (11:37 +0200)] 
[lotest] Include sequence number within loopback test packets

Include a sequence number as the first four bytes of the loopback test
packet payload.  When a content mismatch occurs, this gives some
information about the source of the mismatched packet.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Add "version" builtin setting
Robin Smidsrød [Sat, 13 Jul 2013 18:57:39 +0000 (20:57 +0200)] 
[settings] Add "version" builtin setting

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[cmdline] Accept "netX" in iPXE commands
Michael Brown [Sat, 13 Jul 2013 13:22:34 +0000 (15:22 +0200)] 
[cmdline] Accept "netX" in iPXE commands

Allow any iPXE command expecting a network device name to accept
"netX" as a synonym for "most recently opened network device".

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Make "netX" settings block function as a symbolic link
Michael Brown [Sat, 13 Jul 2013 13:06:20 +0000 (15:06 +0200)] 
[settings] Make "netX" settings block function as a symbolic link

Add a facility for settings blocks to act as symbolic links to other
settings blocks, and reimplement the "netX" virtual settings block
using this facility.

The primary advantage of this approach is that unscoped settings such
as ${mac} and ${filename} will now reflect the settings obtained from
the most recently opened network device: in most cases, this will mean
the settings obtained from the most recent DHCP attempt.  This should
improve conformance to the principle of least astonishment.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Expose PCI configuration space via settings mechanism
Michael Brown [Tue, 9 Jul 2013 15:03:35 +0000 (16:03 +0100)] 
[settings] Expose PCI configuration space via settings mechanism

Allow values to be read from PCI configuration space using the syntax

  ${pci/<busdevfn>.<offset>.<length>}

where <busdevfn> is the bus:dev.fn address of the PCI device
(expressed as a single integer, as returned by ${net0/busloc}),
<offset> is the offset within PCI configuration space, and <length> is
the length within PCI configuration space.

Values are returned in reverse byte order, since PCI configuration
space is little-endian by definition.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Add config/settings.h
Michael Brown [Tue, 9 Jul 2013 15:01:52 +0000 (16:01 +0100)] 
[settings] Add config/settings.h

Move VMWARE_SETTINGS build configuration option from config/sideband.h
to a new config/settings.h.

Existing instances of config/local/sideband.h will not be affected,
since config.c still #includes config/sideband.h.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[linux] Add support for accessing PCI configuration space via /proc/bus/pci
Michael Brown [Sat, 13 Jul 2013 10:42:40 +0000 (12:42 +0200)] 
[linux] Add support for accessing PCI configuration space via /proc/bus/pci

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Add "busdevfn" setting type
Michael Brown [Fri, 12 Jul 2013 20:28:00 +0000 (22:28 +0200)] 
[settings] Add "busdevfn" setting type

Allow network device's "busloc" setting to be formatted as a PCI
bus:dev.fn address using e.g. ${net0/busloc:busdevfn}.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[netdevice] Add "bustype" and "busloc" settings
Michael Brown [Fri, 12 Jul 2013 20:25:35 +0000 (22:25 +0200)] 
[netdevice] Add "bustype" and "busloc" settings

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Add "hexraw" setting type
Michael Brown [Fri, 12 Jul 2013 12:58:19 +0000 (14:58 +0200)] 
[settings] Add "hexraw" setting type

Originally-implemented-by: Jeppe Toustrup <ipxe@tenzer.dk>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[settings] Use hex_decode() to parse hex settings
Michael Brown [Fri, 12 Jul 2013 12:45:55 +0000 (14:45 +0200)] 
[settings] Use hex_decode() to parse hex settings

Use hex_decode() to parse "hex" and "hexhyp" settings.  Note that this
parser is stricter than the old parser; it now requires exactly two
hex digits for each byte.  (The old parser was based upon strtoul()
and so would allow leading whitespace and a leading plus or minus
sign.)

Signed-off-by: Michael Brown <mcb30@ipxe.org>

6 years ago[base16] Generalise base16_decode() to hex_decode()
Michael Brown [Fri, 12 Jul 2013 12:44:20 +0000 (14:44 +0200)] 
[base16] Generalise base16_decode() to hex_decode()

Provide a generic hex_decode() routine which can be shared between the
Base16 code and the "hex" and "hexhyp" settings parsers.

Signed-off-by: Michael Brown <mcb30@ipxe.org>