david/ipxe
david
/
ipxe
Archived
1
0
Fork 0
Commit Graph

5795 Commits

Author SHA1 Message Date
Michael Brown 6ee15cbac3 [linda] Use correct length for memset()
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-21 13:50:51 +02:00
Michael Brown e500e5dd07 [nfs] Fix double free bug on error path
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-21 13:46:26 +02:00
Michael Brown 91372d6dab [xfer] Ensure va_end() is called on failure path
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-21 13:38:39 +02:00
Michael Brown a5affc832e [arbel] Avoid potential integer overflow when calculating memory mappings
When the area to be mapped straddles the 2GB boundary, the expression
(high+size) will overflow on the first loop iteration.  Fix by using
(end-size), which cannot underflow.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-21 12:01:55 +02:00
Michael Brown 6ee62eb242 [hermon] Avoid potential integer overflow when calculating memory mappings
When the area to be mapped straddles the 2GB boundary, the expression
(high+size) will overflow on the first loop iteration.  Fix by using
(end-size), which cannot underflow.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-21 12:01:51 +02:00
Michael Brown de2c6fa240 [dhcp] Allow vendor class to be changed in DHCP requests
Allow the DHCPv4 vendor class to be specified via the "vendor-class"
setting.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-20 13:58:59 +02:00
Michael Brown 7692a8ff02 [undi] Move PXE API caller back into UNDI driver
As of commit 10d19bd ("[pxe] Always retrieve cached DHCPACK and apply
to relevant network device"), the UNDI driver has been the only user
of pxeparent_call().  Remove the unnecessary layer of abstraction by
refactoring this code back into undinet.c, and fix the ability of
undiisr.S to fall back to chaining to the original handler if we were
unable to unhook our own ISR.

This effectively reverts commit 337e1ed ("[pxe] Separate parent PXE
API caller from UNDINET driver").

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-19 15:57:24 +00:00
Michael Brown 6324227dca [efi] Skip cable detection at initialisation where possible
We currently request cable detection in PXE_OPCODE_INITIALIZE to work
around buggy Emulex drivers (see commit c0b61ba ("[efi] Work around
bugs in Emulex NII driver")).

This causes problems with some other NII drivers (e.g. Mellanox),
which may time out if the underlying link is intrinsically slow to
come up.

Attempt to work around both problems simultaneously by requesting
cable detection only if the underlying NII driver does not support
link status reporting via PXE_OPCODE_GET_STATUS.  (This is based on a
potentially incorrect assumption that the buggy Emulex drivers do not
claim to report link status via PXE_OPCODE_GET_STATUS.)

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-19 13:30:27 +00:00
Michael Brown fdcdc5203b [efi] Provide ACPI table description for SAN devices
Provide a basic proof of concept ACPI table description (e.g. iBFT for
iSCSI) for SAN devices in a UEFI environment, using a control flow
that is functionally identical to that used in a BIOS environment.

Originally-implemented-by: Vishvananda Ishaya Abrams <vish.ishaya@oracle.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-13 12:18:46 +00:00
Michael Brown 553f485734 [efi] Add EFI_ACPI_TABLE_PROTOCOL header and GUID definition
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-10 21:58:05 +00:00
Michael Brown 0463ec32c7 [efi] Update to current EDK2 headers
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-10 21:18:03 +00:00
Michael Brown afdebdc163 [build] Provide common ARRAY_SIZE() definition
Several files define the ARRAY_SIZE() macro as used in Linux.  Provide
a common definition for this in include/compiler.h.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-10 15:44:11 +00:00
Vishvananda Ishaya Abrams 4524cc11bf [iscsi] Don't close when receiving NOP-In
Some iSCSI targets send NOP-In.  Rather than closing the connection
when we receive one, it is more user friendly to log a debug message
and keep the connection open.  Eventually, it would be nice if iPXE
supported replying to NOP-Ins, but we might as well keep the
connection open until the target disconnects us.

Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-09 14:23:22 +00:00
Vishvananda Ishaya 1d04900262 [intel] Reset all virtual function settings
Some VF data is not cleared with reset, so make sure to return all the
settings to default before configuring the VF.

This fixes an issue where network packets would fail to be received if
the VF was previously used by the linux ixgbevf driver.

Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-09 13:56:22 +00:00
Michael Brown 9db9221ea0 [scsi] Avoid duplicate calls to scsicmd_close()
When a SCSI device is closed in error, the shutdown of the device's
block data interface will probably lead to any outstanding commands
being closed (by whichever object is currently connected to the block
data interface).  However, commands remain in the list of outstanding
commands until the final reference is dropped.  The result is that
scsidev_close() will make a second call to scsicmd_close() for each
command.  This is harmless, but produces confusing debug messages.

Fix by treating the outstanding command list as holding an explicit
reference to each command, and removing the command from the list of
outstanding commands in scsicmd_close().

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-09 13:07:57 +00:00
Michael Brown 9423a85f71 [block] Use intfs_shutdown() when shutting down multiple interfaces
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-09 12:16:56 +00:00
Michael Brown 7ff3fc7c72 [scsi] Use intfs_shutdown() when shutting down multiple interfaces
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-09 12:16:35 +00:00
Michael Brown a29bdb3a92 [iscsi] Use intfs_shutdown() when shutting down multiple interfaces
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-09 12:16:15 +00:00
Michael Brown d9886f1961 [block] Retry any SAN device operation
The SCSI layer currently implements a retry loop in order to retry
commands that fail due to spurious "error" conditions such as "power
on occurred".  Move this retry loop to the generic SAN device layer:
this allow for retries due to other transient error conditions such as
an iSCSI target having dropped the connection due to inactivity.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-07 16:11:22 +00:00
Michael Brown 23d388418e [efi] Refactor to use centralised SAN device abstraction
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-07 13:40:35 +00:00
Michael Brown e790366c7c [int13] Refactor to use centralised SAN device abstraction
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-07 13:40:35 +00:00
Michael Brown e7ee2eda4b [block] Centralise "san-drive" setting
The concept of the SAN drive number is meaningful only in a BIOS
environment, where it represents the INT13 drive number (0x80 for the
first hard disk).  We retain this concept in a UEFI environment to
allow for a simple way for iPXE commands to refer to SAN drives.

Centralise the concept of the default drive number, since it is shared
between all supported environments.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-07 13:40:35 +00:00
Michael Brown 4adc7b0290 [block] Centralise SAN device abstraction
Create a central SAN device abstraction to be shared between BIOS and
UEFI.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-07 13:40:35 +00:00
Michael Brown 530ec83011 [block] Remove spurious comments
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-07 13:40:35 +00:00
Michael Brown 0e0e0321a5 [efi] Add missing SANBOOT_PROTO_HTTP to EFI default configuration
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-03-07 13:39:55 +00:00
Konrad Adamczyk 30f96c9f41 [thunderx] Don't disable NIC when exiting from iPXE
According to ThunderX Errata G-17560, NIC_PF_CFG[ENA] bit should not
be cleared at exit.  This allows other drivers to access the NIC regs
correctly.

Signed-off-by: Konrad Adamczyk <konrad.adamczyk@cavium.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-02-07 12:05:00 +00:00
Bartosz Szczepanek ed864feb3a [thunderx] Fix hardware deinitialization
It is required to reset BGX context state for the LMAC using
BGX_CMR_CONFIG register.

This solves problem with network connectivity in Linux booted from
iPXE.

Signed-off-by: Bartosz Szczepanek <bartosz.szczepanek@cavium.com>
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-02-07 11:54:57 +00:00
Michael Brown 4a4da573dd [http] Cleanly shut down potentially looped interfaces
Use intfs_shutdown() and intfs_restart() to cleanly shut down multiple
interfaces that may loop back to the same object.

This fixes a regression introduced by commit daa8ed9 ("[interface]
Provide intf_reinit() to reinitialise nullified interfaces") which
broke the use of HTTP Basic and Digest authentication.

Reported-by: murmansk <murmansk@hotmail.com>
Reported-by: Brett Waldo <brettwaldo@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-02-02 16:58:00 +00:00
Michael Brown 23b788e5cd [interface] Provide the ability to shut down multiple interfaces
Shutting down (and optionally restarting) multiple interfaces is
fraught with problems if there are loops in the interface connectivity
(e.g. the HTTP content-decoded and transfer-decoded interfaces, which
will generally loop back to each other).  Various workarounds
currently exist across the codebase, generally involving preceding
calls to intf_nullify() to avoid problems due to known loops.

Provide intfs_shutdown() and intfs_restart() to allow all of an
object's interfaces to be shut down (or restarted) in a single call,
without having to worry about potential external loops.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-02-02 15:49:21 +00:00
Michael Brown a8f80a75d2 [time] Report attempts to use timers before initialisation
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-02-01 15:30:41 +00:00
Michael Brown 41f786cc0a [settings] Add "unixtime" builtin setting to expose the current time
Expose the current wall-clock time (in seconds since the Epoch), since
this is often useful in captured boot logs and can also be useful when
checking unexpected X.509 certificate validation failures.

Use a :uint32 setting to avoid Y2K38 rollover, thereby ensuring that
this will eventually be somebody else's problem.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-26 12:26:54 +00:00
Christian Nilsson 0bfe9f5342 [intel] Add INTEL_NO_PHY_RST for I219-LM (2)
Originally-implemented-by: Malte zu Klampen <malte@pclab.ifg.uni-kiel.de>
Originally-implemented-by: Richard Moore <rich@richud.com>
Tested-by: Esben Storgaard Nielsen <esn@solar.dk>
Signed-off-by: Christian Nilsson <nikize@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-26 12:26:54 +00:00
Michael Brown f8cf3ceb0b [int13] Test correct return status from INT 13 calls
INT 13 calls return a status value via %ah, with CF set if %ah is
non-zero (indicating an error).  Our wrappers zero the whole of %ax if
CF is clear, to allow C code (which has no easy access to CF) to
simply test for a non-zero status to detect an error.

The current code assigns the returned status to a uint8_t, effectively
testing %al rather than %ah.  Fix by treating the returned status as a
uint16_t instead.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-26 09:45:19 +00:00
Michael Brown fcf7751565 [int13] Avoid potential division by zero
Avoid using a zero sector count to guess the disk geometry, since that
would result in a division by zero when calculating the number of
cylinders.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-26 09:31:40 +00:00
Michael Brown f3ba0fb5fd [hyperv] Provide timer based on the 10MHz time reference count MSR
When running on AMD platforms, the legacy hardware emulation is
extremely unreliable.  In particular, the IRQ0 timer interrupt is
likely to simply stop working, resulting in a total failure of any
code that relies on timers (such as DHCP retransmission attempts).

Work around this by using the 10MHz time counter provided by Hyper-V
via an MSR.  (This timer can be tested in KVM via the command-line
option "-cpu host,hv_time".)

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-26 08:19:26 +00:00
Michael Brown 302f1eeb80 [time] Allow timer to be selected at runtime
Allow the active timer (providing udelay() and currticks()) to be
selected at runtime based on probing during the INIT_EARLY stage of
initialisation.

TICKS_PER_SEC is now a fixed compile-time constant for all builds, and
is independent of the underlying clock tick rate.  We choose the value
1024 to allow multiplications and divisions on seconds to be converted
to bit shifts.

TICKS_PER_MS is defined as 1, allowing multiplications and divisions
on milliseconds to be omitted entirely.  The 2% inaccuracy in this
definition is negligible when using the standard BIOS timer (running
at around 18.2Hz).

TIMER_RDTSC now checks for a constant TSC before claiming to be a
usable timer.  (This timer can be tested in KVM via the command-line
option "-cpu host,+invtsc".)

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-26 08:17:37 +00:00
Michael Brown d37e025b81 [cpuid] Provide cpuid_supported() to test for supported functions
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-25 20:57:18 +00:00
Michael Brown 70fc25ad6e [netdevice] Limit MTU by hardware maximum frame length
Separate out the concept of "hardware maximum supported frame length"
and "configured link MTU", and limit the latter according to the
former.

In networks where the DHCP-supplied link MTU is inconsistent with the
hardware or driver capabilities (e.g. a network using jumbo frames),
this will result in iPXE advertising a TCP MSS consistent with a size
that can actually be received.

Note that the term "MTU" is typically used to refer to the maximum
length excluding the link-layer headers; we adopt this usage.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-25 14:55:09 +00:00
Michael Brown f450c75dad [interface] Unplug interface before calling intf_close() in intf_shutdown()
The call to intf_close() may result in the original interface being
reopened.  For example: when reading the capacity of a 2TB+ disk via
iSCSI, the SCSI layer will respond to the intf_close() from the READ
CAPACITY (10) command by immediately issuing a READ CAPACITY (16)
command.  The iSCSI layer happens to reuse the same interface for the
new command (since it allows only a single concurrent command).

Currently, intf_shutdown() unplugs the interface after the call to
intf_close() returns.  In the above scenario, this results in
unplugging the just-reopened interface.

Fix by transferring the interface destination (and its reference) to a
temporary interface, and so effectively performing the unplug before
making the call to intf_close().

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-25 11:29:29 +00:00
Michael Brown 5ff13830ec [interface] Remove misleading comment
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-25 10:17:48 +00:00
Michael Brown 8ef4e7c572 [interface] Avoid unnecessary reference counting in intf_unplug()
The null interface does not have a reference counter, so the call to
intf_get() is always redundant.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-25 10:16:36 +00:00
Michael Brown 941c53a3bf [efi] Fix building elf2efi.c when -fpic is enabled by default
The x86_64 EDK2 headers include a #pragma to mark all subsequent
symbol declarations and references as hidden if position-independent
code is being generated.  Since libgen.h is currently included only
after the EDK2 headers, this results in __xpg_basename() being
erroneously marked as having hidden visibility (if the compiler
defaults to building position-independent code); this eventually
results in a failure to link the elf2efi binary.

Fix by including libgen.h prior to including the EDK2 headers.

Originally-fixed-by: Doug Goldstein <cardoe@cardoe.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-25 08:15:21 +00:00
Michael Brown bd6255c7be [pic8259] Fix definitions for "read IRR" and "read ISR" commands
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-25 07:37:04 +00:00
Michael Brown 321af68b72 [hyperv] Ignore unsolicited VMBus messages
In some high-end Azure instances (e.g. NC6) we may receive an
unsolicited VMBUS_OFFER_CHANNEL message for a PCIe pass-through device
some time after completing the bus enumeration.  This currently causes
apparently random failures due to unexpected VMBus message types.

Fix by ignoring any unsolicited VMBus messages.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-24 15:03:10 +00:00
Michael Brown 90fc2f273a [cloud] Show CPU vendor and model in example cloud boot scripts
Some problems arise only when running on a specific CPU type (e.g.
non-functional timer interrupts as observed in Azure AMD instances).
Include the CPU vendor and model within the sample cloud boot scripts,
to assist in debugging such problems.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-24 13:47:03 +00:00
Michael Brown 16aed6e5ce [netdevice] Allow MTU to be changed at runtime
Provide a settings applicator to modify netdev->max_pkt_len in
response to changes to the "mtu" setting (DHCP option 26).

Note that as with MAC address changes, drivers are permitted to
completely ignore any changes in the MTU value.  The net result will
be that iPXE effectively uses the smaller of either the hardware
default MTU or the software configured MTU.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-23 17:47:28 +00:00
Michael Brown 4e85b2708f [virtio] Use host-specified MTU when available
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-23 16:32:54 +00:00
Michael Brown de85336abb [cloud] Add ability to retrieve Google Compute Engine metadata
For some unspecified "security" reason, the Google Compute Engine
metadata server will refuse any requests that do not include the
non-standard HTTP header "Metadata-Flavor: Google".

Attempt to autodetect such requests (by comparing the hostname against
"metadata.google.internal"), and add the "Metadata-Flavor: Google"
header if applicable.

Enable this feature in the CONFIG=cloud build, and include a sample
embedded script allowing iPXE to boot from a script configured as
metadata via e.g.

  # Create shared boot image
  make bin/ipxe.usb CONFIG=cloud EMBED=config/cloud/gce.ipxe

  # Configure per-instance boot script
  gcloud compute instances add-metadata <instance> \
         --metadata-from-file ipxeboot=boot.ipxe

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-23 14:43:20 +00:00
Michael Brown 0dc4814ca8 [virtio] Use separate RX and TX empty header buffers
Some host implementations (notably Google Compute Platform) are known
to unconditionally write back VIRTIO_NET_HDR_F_DATA_VALID to
header->flags for received packets, regardless of the features
negotiated by the driver.  This breaks the transmit datapath by
effectively setting an illegal flag for all subsequent transmitted
packets.

Work around this problem by using separate empty header buffers for
the receive and transmit queues.

Debugged-by: Ladi Prosek <lprosek@redhat.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-23 13:27:26 +00:00
David Decotigny b6f524388b [af_packet] Add new AF_PACKET driver for Linux
This code largely inspired by tap.c.  Allows for testing iPXE on real
NICs from within Linux.  For example:

  make bin-x86_64-linux/af_packet.linux
  valgrind ./bin-x86_64-linux/af_packet.linux --net af_packet,if=eth3

Tested as x86_64 and i386 binary.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2017-01-22 14:02:54 +00:00