Skip to content

Commits

Permalink
ebf2eaf515
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Commits on Mar 18, 2019

  1. [intel] Add PCI ID for I219-V and -LM 6 to 9

    Signed-off-by: Christian Nilsson <nikize@gmail.com>
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    NiKiZe authored and mcb30 committed Mar 18, 2019
    Copy the full SHA
    ebf2eaf View commit details
    Browse the repository at this point in the history

Commits on Mar 10, 2019

  1. [ocsp] Accept response certID with missing hashAlgorithm parameters

    One of the design goals of ASN.1 DER is to provide a canonical
    serialization of a data structure, thereby allowing for equality of
    values to be tested by simply comparing the serialized bytes.
    
    Some OCSP servers will modify the request certID to omit the optional
    (and null) "parameters" portion of the hashAlgorithm.  This is
    arguably legal but breaks the ability to perform a straightforward
    bitwise comparison on the entire certID field between request and
    response.
    
    Fix by comparing the OID-identified hashAlgorithm separately from the
    remaining certID fields.
    
    Originally-fixed-by: Thilo Fromm <Thilo@kinvolk.io>
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Mar 10, 2019
    Copy the full SHA
    b6ffe28 View commit details
    Browse the repository at this point in the history
  2. [tcp] Display "connecting" status until connection is established

    Provide increased visibility into the progress of TCP connections by
    displaying an explicit "connecting" status message while waiting for
    the TCP handshake to complete.
    
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Mar 10, 2019
    Copy the full SHA
    f6b2bf9 View commit details
    Browse the repository at this point in the history
  3. [tls] Display validator messages only while validation is in progress

    Allow the cipherstream to report progress status messages during
    connection establishment.
    
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Mar 10, 2019
    Copy the full SHA
    7b63c12 View commit details
    Browse the repository at this point in the history

Commits on Mar 7, 2019

  1. [tls] Display cross-certificate and OCSP status messages

    TLS connections will almost always create background connections to
    perform cross-signed certificate downloads and OCSP checks.  There is
    currently no direct visibility into which checks are taking place,
    which makes troubleshooting difficult in the absence of either a
    packet capture or a debug build.
    
    Use the job progress message buffer to report the current cross-signed
    certificate download or OCSP status check, where applicable.
    
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Mar 7, 2019
    Copy the full SHA
    b28ccfc View commit details
    Browse the repository at this point in the history
  2. [crypto] Use x509_name() in validator debug messages

    Display a human-readable certificate name in validator debug messages
    wherever possible.
    
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Mar 7, 2019
    Copy the full SHA
    447e5cd View commit details
    Browse the repository at this point in the history

Commits on Mar 6, 2019

  1. [tls] Support stateless session resumption

    Add support for RFC5077 session ticket extensions to allow for
    stateless TLS session resumption.
    
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Mar 6, 2019
    Copy the full SHA
    eaba1a2 View commit details
    Browse the repository at this point in the history
  2. [tls] Fix incorrectly duplicated error number

    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Mar 6, 2019
    Copy the full SHA
    799781f View commit details
    Browse the repository at this point in the history

Commits on Feb 21, 2019

  1. [tls] Support stateful session resumption

    Record the session ID (if any) provided by the server and attempt to
    reuse it for any concurrent connections to the same server.
    
    If multiple connections are initiated concurrently (e.g. when using
    PeerDist) then defer sending the ClientHello for all but the first
    connection, to allow time for the first connection to potentially
    obtain a session ID (and thereby speed up the negotiation for all
    remaining connections).
    
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Feb 21, 2019
    Copy the full SHA
    272fe32 View commit details
    Browse the repository at this point in the history

Commits on Feb 19, 2019

  1. [efi] Blacklist the Dell Ip4ConfigDxe driver

    On a Dell OptiPlex 7010, calling DisconnectController() on the LOM
    device handle will lock up the system.  Debugging shows that execution
    is trapped in an infinite loop that is somehow trying to reconnect
    drivers (without going via ConnectController()).
    
    The problem can be reproduced in the UEFI shell with no iPXE code
    present, by using the "disconnect" command.  Experimentation shows
    that the only fix is to unload (rather than just disconnect) the
    "Ip4ConfigDxe" driver.
    
    Add the concept of a blacklist of UEFI drivers that will be
    automatically unloaded when iPXE runs as an application, and add the
    Dell Ip4ConfigDxe driver to this blacklist.
    
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Feb 19, 2019
    Copy the full SHA
    64b4452 View commit details
    Browse the repository at this point in the history

Commits on Jan 25, 2019

  1. [init] Show startup and shutdown function names in debug messages

    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Jan 25, 2019
    Copy the full SHA
    36a4c85 View commit details
    Browse the repository at this point in the history

Commits on Jan 21, 2019

  1. [util] Add support for EFI ROM images

    The Option::ROM module recognizes and checks EFI header of image.  The
    disrom.pl utility dumps this header if is present.
    
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    pe-bo authored and mcb30 committed Jan 21, 2019
    Copy the full SHA
    de4565c View commit details
    Browse the repository at this point in the history
  2. [util] Improve processing of ROM images in Option::ROM

    The Option::ROM module now compares the Code Type in the PCIR header
    to 0x00 (PC-AT) in order to check the presence of other header types
    (PnP, UNDI, iPXE, etc).  The validity of these headers are checked not
    only by offset, but by range and signature checks also.  The image
    checksum and initial size also depends on Code Type.
    
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    pe-bo authored and mcb30 committed Jan 21, 2019
    Copy the full SHA
    3f4c179 View commit details
    Browse the repository at this point in the history
  3. [zbin] Fix compiler warning with GCC 9

    GCC 9 warns that abs() may truncate its signed long argument.  Fix by
    using labs() instead.
    
    Reported-by: Martin Liška <mliska@suse.cz>
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Jan 21, 2019
    Copy the full SHA
    956f6a7 View commit details
    Browse the repository at this point in the history

Commits on Jan 15, 2019

  1. [libc] Fix strcmp()/strncmp() to return proper values

    Fix strcmp() and strncmp() to return proper standard positive/negative
    values for unequal strings.  Current implementation is backwards
    (i.e. the functions are returning negative when should be positive and
    vice-versa).
    
    Currently all consumers of these functions only check the return value
    for ==0 or !=0 and so we can safely change the implementation without
    breaking things.
    
    Signed-off-by: Aaron Young <Aaron.Young@oracle.com>
    Modified-by: Michael Brown <mcb30@ipxe.org>
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    ajyoung-oracle authored and mcb30 committed Jan 15, 2019
    Copy the full SHA
    3946aa9 View commit details
    Browse the repository at this point in the history
  2. [efi] Fix error handling path in efi_snp_probe

    Current (simplified):
    
    1. InstallMultipleProtocolInterfaces
           if err goto err_install_protocol_interface;
    2. OpenProtocol(efi_nii_protocol_guid)
           if err goto err_open_nii;
    3. OpenProtocol(efi_nii31_protocol_guid)
           if err goto err_open_nii31;
    4. efi_child_add
           if err goto err_efi_child_add;
    ...
    err_efi_child_add:
       CloseProtocol(efi_nii_protocol_guid) <= should be efi_nii31_protocol_guid
    err_open_nii: <= should be err_open_nii31
       CloseProtocol(efi_nii31_protocol_guid) <= should be efi_nii_protocol_guid
    err_open_nii31: <= should be err_open_nii
       UninstallMultipleProtocolInterfaces
    
    Signed-off-by: Ignat Korchagin <ignat@cloudflare.com>
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    ignatk authored and mcb30 committed Jan 15, 2019
    Copy the full SHA
    e226fec View commit details
    Browse the repository at this point in the history
  3. [pci] Correct invalid base-class/sub-class/prog-if order in PCIR

    PCI Configuration Space contains fields prog-if at the offset 0x09,
    sub-class at the offset 0x0a and base-class at the offset 0x0b (it
    respects little endian).  PCIR structure uses these fields in the same
    order.
    
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    pe-bo authored and mcb30 committed Jan 15, 2019
    Copy the full SHA
    ba0d5aa View commit details
    Browse the repository at this point in the history

Commits on Sep 17, 2018

  1. [build] Handle R_X86_64_PLT32 from binutils 2.31

    Starting from binutils 2.31.0 (commit bd7ab16b) x86-64 assembler
    generates R_X86_64_PLT32 instead of R_X86_64_PC32.
    
    Acked-by: John Jolly <jjolly@suse.com>
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    eworm-de authored and mcb30 committed Sep 17, 2018
    Copy the full SHA
    133f4c4 View commit details
    Browse the repository at this point in the history

Commits on Aug 26, 2018

  1. [sfc] Add support for X25xx adapters

    The first adapters in this family are X2522-10, X2522-25, X2541 and
    X2542.
    
    These no longer use PCI BAR 0 for I/O, but use that for memory.  In
    other words, BAR 2 on SFN8xxx adapters now becomes BAR 0.
    
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    habetsm-xilinx authored and mcb30 committed Aug 26, 2018
    Copy the full SHA
    af18607 View commit details
    Browse the repository at this point in the history

Commits on Jul 17, 2018

  1. [intelxl] Add driver for Intel 40 Gigabit Ethernet NICs

    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Jul 17, 2018
    Copy the full SHA
    d2063b7 View commit details
    Browse the repository at this point in the history
  2. [ethernet] Use standard 1500 byte MTU unless explicitly overridden

    Devices that support jumbo frames will currently default to the
    largest possible MTU.  This assumption is valid for virtual adapters
    such as virtio-net, where the MTU must have been configured by a
    system administrator, but is unsafe in the general case of a physical
    adapter.
    
    Default to the standard Ethernet MTU, unless explicitly overridden
    either by the driver or via the ${netX/mtu} setting.
    
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Jul 17, 2018
    Copy the full SHA
    b9d68b9 View commit details
    Browse the repository at this point in the history

Commits on Jul 9, 2018

  1. [rndis] Clean up error handling path in register_rndis()

    Avoid calling rndis_halt() and rndis->op->close() twice if the call to
    register_netdev() fails.
    
    Reported-by: Roman Kagan <rkagan@virtuozzo.com>
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Jul 9, 2018
    Copy the full SHA
    05b9791 View commit details
    Browse the repository at this point in the history

Commits on Jul 8, 2018

  1. [build] Use positive-form tests when checking for supported warnings

    Some versions of gcc seem to silently accept an attempt to disable an
    unrecognised warning (e.g. via -Wno-stringop-truncation) but will then
    report the unrecognised warning if any other error occurs during the
    build, resulting in a potentially misleading error message.
    
    Avoid this potential confusion by using the positive-form tests in
    order to determine the workaround CFLAGS.
    
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Jul 8, 2018
    Copy the full SHA
    1c47eb1 View commit details
    Browse the repository at this point in the history

Commits on Jul 7, 2018

  1. [vmbus] Do not expect version in version_response

    The definition of version_response channel message in Linux doesn't
    include version field, so the upcoming VMBus implementation in QEMU
    doesn't set it either.  Neither Windows nor Linux had any problem with
    this.
    
    The check against this field is redundant because the message is the
    response to initiate_contact message containing the specific version
    requested, so the response with version_supported=true is unambiguous.
    
    Drop this check and don't rely on the field to be present in the
    message.
    
    Signed-off-by: Roman Kagan <rkagan@virtuozzo.com>
    Modified-by: Michael Brown <mcb30@ipxe.org>
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    rvka authored and mcb30 committed Jul 7, 2018
    Copy the full SHA
    4095654 View commit details
    Browse the repository at this point in the history
  2. [rndis] Register netdev with MAC filled

    register_netdev expects ->hw_addr and ->ll_addr to be already filled,
    so move it towards the end of register_rndis, after the respective
    fields have been successfully queried from the underlying device.
    
    Signed-off-by: Roman Kagan <rkagan@virtuozzo.com>
    Modified-by: Michael Brown <mcb30@ipxe.org>
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    rvka authored and mcb30 committed Jul 7, 2018
    Copy the full SHA
    16d7495 View commit details
    Browse the repository at this point in the history
  3. [efi] Exclude link-layer header length from MaxPacketSize

    Modified-by: Michael Brown <mcb30@ipxe.org>
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    lasalvavida authored and mcb30 committed Jul 7, 2018
    Copy the full SHA
    88ac1d3 View commit details
    Browse the repository at this point in the history
  4. [intelx] Add support for Intel X552 NIC

    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    sthaber authored and mcb30 committed Jul 7, 2018
    Copy the full SHA
    97a3d37 View commit details
    Browse the repository at this point in the history
  5. [build] Disable gcc stringop-truncation warnings

    The gcc 8 compiler introduces a warning for certain string
    manipulation functions, flagging usages which _may_ not be intended.
    An audit of the iPXE sources indicates all usages of strncat and
    strncpy are as intended, so the warnings currently issued are not
    helpful, especially if warnings are considered errors.
    
    Fix by detecting gcc's support for -Wno-stringop-truncation and, if
    detected, using that option to avoid the warning.
    
    Signed-off-by: Bruce Rogers <brogers@suse.com>
    Modified-by: Michael Brown <mcb30@ipxe.org>
    Also-fixed-by: Christian Hesse <list@eworm.de>
    Also-fixed-by: Roman Kagan <rkagan@virtuozzo.com>
    Also-fixed-by: Bernhard M. Wiedemann <bwiedemann@suse.de>
    Also-fixed-by: Olaf Hering <olaf@aepfle.de>
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    bfrogers authored and mcb30 committed Jul 7, 2018
    Copy the full SHA
    8ed4e30 View commit details
    Browse the repository at this point in the history

Commits on Jun 8, 2018

  1. [http] Work around stateful authentication schemes

    As pointedly documented in RFC7230 section 2.3, HTTP is a stateless
    protocol: each request message can be understood in isolation from any
    other requests or responses.  Various authentication schemes such as
    NTLM break this fundamental property of HTTP and rely on the same TCP
    connection being reused.
    
    Work around these broken authentication schemes by ensuring that the
    most recently pooled connection is reused for the subsequent
    authentication retry.
    
    Reported-by: Andreas Hammarskjöld <junior@2PintSoftware.com>
    Tested-by: Andreas Hammarskjöld <junior@2PintSoftware.com>
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Jun 8, 2018
    Copy the full SHA
    e7f67d5 View commit details
    Browse the repository at this point in the history

Commits on Apr 20, 2018

  1. [icplus] Add driver for IC+ network card

    Signed-off-by: Sylvie Barlow <sylvie.c.barlow@gmail.com>
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    sylviebarlow authored and mcb30 committed Apr 20, 2018
    Copy the full SHA
    960d1e3 View commit details
    Browse the repository at this point in the history
  2. [mii] Add bit-bashing interface

    Signed-off-by: Sylvie Barlow <sylvie.c.barlow@gmail.com>
    Modified-by: Michael Brown <mcb30@ipxe.org>
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    sylviebarlow authored and mcb30 committed Apr 20, 2018
    Copy the full SHA
    c239f0b View commit details
    Browse the repository at this point in the history
  3. [mii] Add mii_find()

    Add the function mii_find() in order to locate the PHY address.
    
    Signed-off-by: Sylvie Barlow <sylvie.c.barlow@gmail.com>
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    sylviebarlow authored and mcb30 committed Apr 20, 2018
    Copy the full SHA
    7ed1dc9 View commit details
    Browse the repository at this point in the history
  4. [mii] Fix typo in parameter name

    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Apr 20, 2018
    Copy the full SHA
    6047b7c View commit details
    Browse the repository at this point in the history

Commits on Apr 19, 2018

  1. [tcp] Add missing packed attribute on struct tcp_header

    Debugged-by: Mark Rutland <mark.rutland@arm.com>
    Debugged-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Apr 19, 2018
    Copy the full SHA
    e901e6b View commit details
    Browse the repository at this point in the history
  2. [mii] Separate concepts of MII interface and MII device

    We currently have no generic concept of a PHY address, since all
    existing implementations simply hardcode the PHY address within the
    MII access methods.
    
    A bit-bashing MII interface will need to be provided with an explicit
    PHY address in order to generate the correct waveform.  Allow for this
    by separating out the concept of a MII device (i.e. a specific PHY
    address attached to a particular MII interface).
    
    Signed-off-by: Michael Brown <mcb30@ipxe.org>
    mcb30 committed Apr 19, 2018
    Copy the full SHA
    6804a8c View commit details
    Browse the repository at this point in the history
Older