2
0
mirror of https://github.com/xcat2/xNBA.git synced 2024-11-22 17:41:55 +00:00
Commit Graph

4294 Commits

Author SHA1 Message Date
Michael Brown
d23db28488 [tls] Fix potential memory leak
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-09-28 10:54:07 +01:00
Michael Brown
1e199c8260 [tls] Fix uninitialised variable
Reported-by: Christian Hesse <list@eworm.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-09-28 10:52:17 +01:00
Michael Brown
72db14640c [tls] Split received records over multiple I/O buffers
TLS servers are not obliged to implement the RFC3546 maximum fragment
length extension, and many common servers (including OpenSSL, as used
in Apache's mod_ssl) do not do so.  iPXE may therefore have to cope
with TLS records of up to 16kB.  Allocations for 16kB have a
non-negligible chance of failing, causing the TLS connection to abort.

Fix by maintaining the received record as a linked list of I/O
buffers, rather than a single contiguous buffer.  To reduce memory
pressure, we also decrypt in situ, and deliver the decrypted data via
xfer_deliver_iob() rather than xfer_deliver_raw().

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-09-27 01:56:01 +01:00
Michael Brown
09d45ffd79 [crypto] Allow in-place CBC decryption
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-09-27 01:54:55 +01:00
Michael Brown
c1adf7dabe [test] Add speed tests for cipher algorithms
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-09-26 15:27:33 +01:00
Michael Brown
681a219caa [test] Add speed tests for digest algorithms
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-09-26 14:54:02 +01:00
Michael Brown
09cc63fc8b [efi] Provide guaranteed space in transmitted packets
eIPoIB requires space to expand a transmitted ARP packet.  This
guarantee is met by ensuring that a transmitted packet consists of at
least MAX_LL_HEADER_LEN bytes from the start of the I/O buffer up to
the end of the link-layer header, and at least IOB_ZLEN bytes
thereafter.

Adjust the I/O buffer allocation for SNP transmitted packets to ensure
that this guarantee is met.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-09-14 17:49:53 +01:00
Michael Brown
73eb3f17db [int13] Zero all possible registers when jumping to a boot sector
At least one boot sector (the DUET boot sector used for bootstrapping
EFI from a non-EFI system) fails to initialise the high words of
registers before using them in calculations, leading to undefined
behaviour.

Work around such broken boot sectors by explicitly zeroing the
contents of all registers apart from %cs:%ip and %ss:%sp.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-09-14 15:42:54 +01:00
Michael Brown
8509dbf86a [int13] Use correct size when estimating floppy disk geometry
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-09-14 15:04:53 +01:00
Michael Brown
117fc61738 [console] Add support for the bochs/qemu debug port console
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-09-10 15:58:02 +01:00
Patrick Plenefisch
8e4faa0948 [cmdline] Add standalone "nslookup" command
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-09-10 15:31:14 +01:00
Michael Brown
c4500fb7ca [smbios] Default to "hex" type for non-string SMBIOS settings
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-09-10 15:29:36 +01:00
Michael Brown
25ec56e0ec [settings] Use a generic setting's own type as its default type
When fetching a named setting using a name that does not explicitly
specify a type, default to using the type stored when the setting was
created, rather than always defaulting to "string".  This allows the
behaviour of user-defined settings to match the behaviour of
predefined settings (which have a sensible default type).

For example:

  set server:ipv4 192.168.0.1
  echo ${server}

will now print "192.168.0.1", rather than trying to print out the raw
IPv4 address bytes as a string.

The downside of this change is that existing tricks for printing
special characters within scripts may require (backwards-compatible)
modification.  For example, the "clear screen" sequence:

  set esc:hex 1b
  set cls ${esc}[2J
  echo ${cls}

will now have to become

  set esc:hex 1b
  set cls ${esc:string}[2J  # Must now explicitly specify ":string"
  echo ${cls}

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-09-10 14:25:04 +01:00
Michael Brown
e6427b7ee1 [sdi] Add support for SDI images
Add support (disabled by default) for booting .sdi images as used by
Windows XP Embedded.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-09-05 14:11:01 +01:00
Michael Brown
03f0c23f8b [ipoib] Expose Ethernet-compatible eIPoIB link-layer addresses and headers
Almost all clients of the raw-packet interfaces (UNDI and SNP) can
handle only Ethernet link layers.  Expose an Ethernet-compatible link
layer to local clients, while remaining compatible with IPoIB on the
wire.  This requires manipulation of ARP (but not DHCP) packets within
the IPoIB driver.

This is ugly, but it's the only viable way to allow IPoIB devices to
be driven via the raw-packet interfaces.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-31 21:22:59 +01:00
Michael Brown
f54a61e434 [infiniband] Include destination address vector in ib_complete_recv()
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-31 21:22:58 +01:00
Michael Brown
cbe41cb31b [infiniband] Use explicit "source" and "dest" address vector parameter names
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-31 21:22:58 +01:00
Michael Brown
f747fac3e1 [infiniband] Allow queue pairs to have a custom allocator for receive iobufs
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-31 21:22:57 +01:00
Michael Brown
96be171be5 [iobuf] Allow allocation of I/O buffers with a specified alignment offset
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-31 21:22:52 +01:00
Michael Brown
e2becce186 [malloc] Allow allocation of memory with a specified alignment offset
Allow for allocation of memory blocks having a specified offset from a
specified physical alignment, such as being 12 bytes before a 2kB
boundary.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-31 21:22:45 +01:00
Michael Brown
de802310bc [retry] Expose retry_poll() to explicitly poll all running timers
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-31 20:21:15 +01:00
Michael Brown
1cbb1581f1 [ethernet] Expose eth_broadcast as a global constant
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-31 20:21:10 +01:00
Anton D. Kachalov
5e73677a01 [build] Add missing #include <config/local/sideband.h>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-27 00:28:49 +01:00
Anton D. Kachalov
34a637f46f [build] Display commands for dependency generation when building with V=1
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-27 00:24:23 +01:00
Michael Brown
79300e2ddf [tls] Disambiguate most error causes
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-25 04:08:04 +01:00
Michael Brown
70618161ad [realtek] Force EEPROM CS low before disabling EEPROM access mode
Some RTL8169 cards seem to drive the EEPROM CS line high (i.e. active)
when 9346CR.EEM is set to "normal operating mode", with the result
that the CS line is never deasserted.  The symptom of this is that the
first read from the EEPROM will work, while all subsequent reads will
return garbage data.

Reported-by: Thomas Miletich <thomas.miletich@gmail.com>
Debugged-by: Thomas Miletich <thomas.miletich@gmail.com>
Tested-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-24 17:26:11 +01:00
Michael Brown
d1949f2737 [bitbash] Add optional open() and close() methods for bit-bashing interfaces
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-24 17:26:10 +01:00
Michael Brown
5676abead2 [realtek] Forcibly enable advertisement of 1000Mbps speeds
Some RTL8169 cards (observed with an RTL8169SC) power up advertising
only 100Mbps, despite being capable of 1000Mbps.  Forcibly enable
advertisement of 1000Mbps on any RTL8169-like card.

This change relies on the assumption that the CTRL1000 register will
not exist on 100Mbps-only RTL8169 cards such as the RTL8101.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-23 22:44:20 +01:00
Michael Brown
6e50e7950f [mii] Add separate mii_restart() function
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-23 21:25:51 +01:00
Michael Brown
0dacd54174 [realtek] Enable DAC only when built as a 64-bit binary
Some RTL8169 cards (observed with an RTL8169SC) crash and burn if DAC
is enabled, even if only 32-bit addresses are used.  Observed
behaviour includes system lockups and repeated transmission of garbage
data onto the wire.

This seems to be a known problem.  The Linux r8169 driver disables DAC
by default and provides a "use_dac" module parameter.

There appears to be no known test for determining whether or not DAC
will work.  As a workaround, enable DAC only if we are built as as
64-bit binary.  This at least eliminates the problem in the common
case of a 32-bit build, which will never use 64-bit addresses anyway.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-23 15:15:43 +01:00
Michael Brown
0e61beb26f [realtek] Use read-modify-write to check for C+ Command register
Some bits in the C+ Command register are always one.  Testing for the
presence of the register must allow for this.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-23 15:15:42 +01:00
Michael Brown
77afdc5643 [realtek] Use explicit value for TCR.MXDMA
Some RTL8169 cards (observed with an RTL8169SC) power up with
TCR.MXDMA set to 16 bytes.  While this does not prevent proper
operation, it almost certainly degrades performance.

Fix by explicitly setting TCR.MXDMA to "unlimited".

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-23 15:15:42 +01:00
Michael Brown
5d05220ee0 [realtek] Use explicit values for RCR.RXFTH and RCR.MXDMA
Some RTL8169 cards (observed with an RTL8169SC) power up with invalid
values in RCR.RXFTH and RCR.MXDMA, causing receive DMA to fail.  Fix
by setting explicit values for both fields.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-23 15:15:35 +01:00
Michael Brown
b0ba892333 [realtek] Always set high dword of ring address registers
Some RTL8169 cards (observed with an RTL8169SC) power up with garbage
values in the ring address registers, and do not clear the registers
on reset.

Fix by always setting the high dword of the ring address registers.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-23 13:35:54 +01:00
Kevin Tran
a05871d89a [tg3] Fix driver for BCM5719, BCM5720, BCM5764M, BCM57762
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-20 18:50:35 +01:00
Michael Brown
8f7cd88af5 [http] Fix HTTP SAN booting
Commit 501527d ("[http] Treat any unexpected connection close as an
error") introduced a regression causing HTTP SAN booting to fail.  At
the end of the response to the HEAD request, the call to http_done()
would erroneously believe that the server had disconnected in the
middle of the HTTP headers.

Fix by treating the header block from a HEAD request as a trailer
block.  This fixes the problem and also simplifies the logic in
http_rx_header().

Reported-by: Shao Miller <shao.miller@yrdsb.edu.on.ca>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-17 18:00:40 +01:00
Marin Hannache
1170a36e6b [ftp] Add support for the FTP SIZE command
The FTP SIZE command allows us to get the size of a particular file,
as a consequence, we can now show proper transfer progression while
fetching a file using the FTP protocol.

Signed-off-by: Marin Hannache <git@mareo.fr>
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-15 17:04:41 +01:00
Michael Brown
501527daab [http] Treat any unexpected connection close as an error
iPXE currently checks that the server has not closed the connection
mid-stream (i.e. in the middle of a chunked transfer, or before the
specified Content-Length has been received), but does not check that
the server got as far as starting to send data.  Consequently, if the
server closes the connection before any data is transferred (e.g. if
the server gives up waiting while iPXE performs the validation steps
for TLS), then iPXE will treat this as a successful transfer of a
zero-length file.

Fix by checking the RX connection state, and forcing an error if the
server has closed the connection at an unexpected point.

Originally-fixed-by: Marin Hannache <mareo@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-15 16:29:22 +01:00
Michael Brown
c7eea31ed8 [util] Fix up checksum in UNDI ROM header, if present
The UNDI ROM header does contain a checksum byte.  Apparently no-one
cares about this, since iPXE has left it as zero for years without
anyone noticing.

Since Option::ROM now understands the UNDI ROM header, we may as well
fix up the checksum byte for the sake of completeness.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-15 13:22:12 +01:00
Michael Brown
69fa494280 [util] Display UNDI ROM header in disrom.pl
Requested-by: Daniel Wyatt <daniel.wyatt@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-15 13:19:16 +01:00
Daniel Wyatt
37ac7a666f [util] Allow for CALL NEAR in the option ROM initialisation entry point
Option::ROM currently understands only JMP NEAR and JMP SHORT
instructions in the initialisation entry point.  At least one Broadcom
option ROM has been observed to use a CALL NEAR instruction.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-15 12:51:47 +01:00
Michael Brown
d0bd383463 [comboot] Accept only ".cbt" as an extension for COMBOOT images
COMBOOT images are detected by looking for a ".com" or ".cbt" filename
extension.  There are widely-used files with a ".com" extension, such
as "wdsnbp.com", which are PXE images rather than COMBOOT images.

Avoid false detection of PXE images as COMBOOT images by accepting
only a ".cbt" extension as indicating a COMBOOT image.

Interestingly, this bug has been present for a long time but was
frequently concealed because the filename was truncated to fit the
fixed-length "name" field in struct image.  (PXE binaries ending in
".com" tend to be related to Windows deployment products and so often
use pathnames including backslashes, which iPXE doesn't recognise as a
path separator and so treats as part of a very long filename.)

Commit 1c127a6 ("[image] Simplify image management commands and
internal API") made the image name a variable-length field, and so
exposed this flaw in the COMBOOT image detection algorithm.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-13 22:14:57 +01:00
Michael Brown
d97c6a321e [bzimage] Allow file mode to be specified for standalone initrd files
Allow the file mode to be specified using a "mode=" command line
parameter.  For example:

  initrd http://web/boot/bootlocal.sh /opt/bootlocal.sh mode=755

Requested-by: Bryce Zimmerman <bryce.zimmerman@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-08-03 02:29:34 +01:00
Michael Brown
1f88e9c8ea [romprefix] Round up PMM allocation sizes to nearest 4kB
Some AMI BIOSes apparently break in exciting ways when asked for PMM
allocations for sizes that are not multiples of 4kB.

Fix by rounding up the image source area to the nearest 4kB.  (The
temporary decompression area is already rounded up to the nearest
128kB, to facilitate sharing between multiple iPXE ROMs.)

Reported-by: Itay Gazit <itayg@mellanox.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-07-25 14:37:43 +01:00
Thomas Miletich
ced1493c02 [tg3] Fix excessive DMA alignment.
Change the DMA alignment from 4096 bytes to 16 bytes, to conserve
available DMA memory.  The hardware doesn't have any specific
alignment requirements.

Signed-off-by: Thomas Miletich <thomas.miletich@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-07-24 15:50:11 +01:00
Michael Brown
183a70e8b7 [console] Sleep while waiting for user input
Reduce CPU usage while waiting for user input.  This is particularly
important for virtual machines, where CPU is a shared resource.

Reported-by: Alessandro Salvatori <alessandro@embrane.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-07-24 09:56:36 +01:00
Joshua Oreman
fb7c022c2c [tcpip] Fix building under Cygwin
Cygwin's assembler treats '/' as a comment character.

Reported-by: Steve Goodrich <steve.goodrich@se-eng.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-07-23 23:20:56 +01:00
Thomas Miletich
c70586f6e9 [build] Fix building under OpenBSD
Similarly to FreeBSD, OpenBSD requires the object format to be
specified as elf_i386_obsd rather than elf_i386.

Reported-by: Jiri B <jirib@devio.us>
Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-07-23 23:04:17 +01:00
Thomas Miletich
acd74089f5 [vmware] Fix compilation under OpenBSD
Reported-by: Jiri B <jirib@devio.us>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-07-23 22:53:13 +01:00
Michael Brown
8cac5c0c92 [util] Update mergerom.pl to handle iPXE ROM header
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-07-23 18:05:01 +01:00