1 /** @file
2  *
3  * PXE Preboot API
4  *
5  */
6 
7 /* PXE API interface for Etherboot.
8  *
9  * Copyright (C) 2004 Michael Brown <mbrown@fensystems.co.uk>.
10  *
11  * This program is free software; you can redistribute it and/or
12  * modify it under the terms of the GNU General Public License as
13  * published by the Free Software Foundation; either version 2 of the
14  * License, or any later version.
15  *
16  * This program is distributed in the hope that it will be useful, but
17  * WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
19  * General Public License for more details.
20  *
21  * You should have received a copy of the GNU General Public License
22  * along with this program; if not, write to the Free Software
23  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24  */
25 
26 FILE_LICENCE ( GPL2_OR_LATER );
27 
28 #include <stdint.h>
29 #include <string.h>
30 #include <stdlib.h>
31 #include <gpxe/uaccess.h>
32 #include <gpxe/dhcp.h>
33 #include <gpxe/fakedhcp.h>
34 #include <gpxe/device.h>
35 #include <gpxe/netdevice.h>
36 #include <gpxe/isapnp.h>
37 #include <gpxe/init.h>
38 #include <gpxe/if_ether.h>
39 #include <basemem_packet.h>
40 #include <biosint.h>
41 #include "pxe.h"
42 #include "pxe_call.h"
43 
44 /* Avoid dragging in isapnp.o unnecessarily */
45 uint16_t isapnp_read_port;
46 
47 /** Zero-based versions of PXENV_GET_CACHED_INFO::PacketType */
48 enum pxe_cached_info_indices {
49 	CACHED_INFO_DHCPDISCOVER = ( PXENV_PACKET_TYPE_DHCP_DISCOVER - 1 ),
50 	CACHED_INFO_DHCPACK = ( PXENV_PACKET_TYPE_DHCP_ACK - 1 ),
51 	CACHED_INFO_BINL = ( PXENV_PACKET_TYPE_CACHED_REPLY - 1 ),
52 	NUM_CACHED_INFOS
53 };
54 
55 /** A cached DHCP packet */
56 union pxe_cached_info {
57 	struct dhcphdr dhcphdr;
58 	/* This buffer must be *exactly* the size of a BOOTPLAYER_t
59 	 * structure, otherwise WinPE will die horribly.  It takes the
60 	 * size of *our* buffer and feeds it in to us as the size of
61 	 * one of *its* buffers.  If our buffer is larger than it
62 	 * expects, we therefore end up overwriting part of its data
63 	 * segment, since it tells us to do so.  (D'oh!)
64 	 *
65 	 * Note that a BOOTPLAYER_t is not necessarily large enough to
66 	 * hold a DHCP packet; this is a flaw in the PXE spec.
67 	 */
68 	BOOTPLAYER_t packet;
69 } __attribute__ (( packed ));
70 
71 /** A PXE DHCP packet creator */
72 struct pxe_dhcp_packet_creator {
73 	/** Create DHCP packet
74 	 *
75 	 * @v netdev		Network device
76 	 * @v data		Buffer for DHCP packet
77 	 * @v max_len		Size of DHCP packet buffer
78 	 * @ret rc		Return status code
79 	 */
80 	int ( * create ) ( struct net_device *netdev, void *data,
81 			   size_t max_len );
82 };
83 
84 /** PXE DHCP packet creators */
85 static struct pxe_dhcp_packet_creator pxe_dhcp_packet_creators[] = {
86 	[CACHED_INFO_DHCPDISCOVER] = { create_fakedhcpdiscover },
87 	[CACHED_INFO_DHCPACK] = { create_fakedhcpack },
88 	[CACHED_INFO_BINL] = { create_fakepxebsack },
89 };
90 
91 /* The case in which the caller doesn't supply a buffer is really
92  * awkward to support given that we have multiple sources of options,
93  * and that we don't actually store the DHCP packets.  (We may not
94  * even have performed DHCP; we may have obtained all configuration
95  * from non-volatile stored options or from the command line.)
96  *
97  * Some NBPs rely on the buffers we provide being persistent, so we
98  * can't just use the temporary packet buffer.  4.5kB of base memory
99  * always wasted just because some clients are too lazy to provide
100  * their own buffers...
101  */
102 static union pxe_cached_info __bss16_array ( cached_info, [NUM_CACHED_INFOS] );
103 #define cached_info __use_data16 ( cached_info )
104 
105 /**
106  * Set PXE cached TFTP filename
107  *
108  * @v filename		TFTP filename
109  *
110  * This is a bug-for-bug compatibility hack needed in order to work
111  * with Microsoft Remote Installation Services (RIS).  The filename
112  * used in a call to PXENV_RESTART_TFTP or PXENV_TFTP_READ_FILE must
113  * be returned as the DHCP filename in subsequent calls to
114  * PXENV_GET_CACHED_INFO.
115  */
pxe_set_cached_filename(const unsigned char * filename)116 void pxe_set_cached_filename ( const unsigned char *filename ) {
117 	memcpy ( cached_info[CACHED_INFO_DHCPACK].dhcphdr.file, filename,
118 		 sizeof ( cached_info[CACHED_INFO_DHCPACK].dhcphdr.file ) );
119 	memcpy ( cached_info[CACHED_INFO_BINL].dhcphdr.file, filename,
120 		 sizeof ( cached_info[CACHED_INFO_BINL].dhcphdr.file ) );
121 }
122 
123 /**
124  * UNLOAD BASE CODE STACK
125  *
126  * @v None				-
127  * @ret ...
128  *
129  */
pxenv_unload_stack(struct s_PXENV_UNLOAD_STACK * unload_stack)130 PXENV_EXIT_t pxenv_unload_stack ( struct s_PXENV_UNLOAD_STACK *unload_stack ) {
131 	DBG ( "PXENV_UNLOAD_STACK" );
132 
133 	unload_stack->Status = PXENV_STATUS_SUCCESS;
134 	return PXENV_EXIT_SUCCESS;
135 }
136 
137 /* PXENV_GET_CACHED_INFO
138  *
139  * Status: working
140  */
pxenv_get_cached_info(struct s_PXENV_GET_CACHED_INFO * get_cached_info)141 PXENV_EXIT_t pxenv_get_cached_info ( struct s_PXENV_GET_CACHED_INFO
142 				     *get_cached_info ) {
143 	struct pxe_dhcp_packet_creator *creator;
144 	union pxe_cached_info *info;
145 	unsigned int idx;
146 	size_t len;
147 	userptr_t buffer;
148 	int rc;
149 
150 	DBG ( "PXENV_GET_CACHED_INFO %d", get_cached_info->PacketType );
151 
152 	DBG ( " to %04x:%04x+%x", get_cached_info->Buffer.segment,
153 	      get_cached_info->Buffer.offset, get_cached_info->BufferSize );
154 
155 	/* Sanity check */
156         idx = ( get_cached_info->PacketType - 1 );
157 	if ( idx >= NUM_CACHED_INFOS ) {
158 		DBG ( " bad PacketType" );
159 		goto err;
160 	}
161 	info = &cached_info[idx];
162 
163 	/* Construct cached version of packet, if not already constructed. */
164 	if ( ! info->dhcphdr.op ) {
165 		/* Construct DHCP packet */
166 		creator = &pxe_dhcp_packet_creators[idx];
167 		if ( ( rc = creator->create ( pxe_netdev, info,
168 					      sizeof ( *info ) ) ) != 0 ) {
169 			DBG ( " failed to build packet" );
170 			goto err;
171 		}
172 	}
173 
174 	len = get_cached_info->BufferSize;
175 	if ( len == 0 ) {
176 		/* Point client at our cached buffer.
177 		 *
178 		 * To add to the fun, Intel decided at some point in
179 		 * the evolution of the PXE specification to add the
180 		 * BufferLimit field, which we are meant to fill in
181 		 * with the length of our packet buffer, so that the
182 		 * caller can safely modify the boot server reply
183 		 * packet stored therein.  However, this field was not
184 		 * present in earlier versions of the PXE spec, and
185 		 * there is at least one PXE NBP (Altiris) which
186 		 * allocates only exactly enough space for this
187 		 * earlier, shorter version of the structure.  If we
188 		 * actually fill in the BufferLimit field, we
189 		 * therefore risk trashing random areas of the
190 		 * caller's memory.  If we *don't* fill it in, then
191 		 * the caller is at liberty to assume that whatever
192 		 * random value happened to be in that location
193 		 * represents the length of the buffer we've just
194 		 * passed back to it.
195 		 *
196 		 * Since older PXE stacks won't fill this field in
197 		 * anyway, it's probably safe to assume that no
198 		 * callers actually rely on it, so we choose to not
199 		 * fill it in.
200 		 */
201 		get_cached_info->Buffer.segment = rm_ds;
202 		get_cached_info->Buffer.offset = __from_data16 ( info );
203 		get_cached_info->BufferSize = sizeof ( *info );
204 		DBG ( " returning %04x:%04x+%04x['%x']",
205 		      get_cached_info->Buffer.segment,
206 		      get_cached_info->Buffer.offset,
207 		      get_cached_info->BufferSize,
208 		      get_cached_info->BufferLimit );
209 	} else {
210 		/* Copy packet to client buffer */
211 		if ( len > sizeof ( *info ) )
212 			len = sizeof ( *info );
213 		if ( len < sizeof ( *info ) )
214 			DBG ( " buffer may be too short" );
215 		buffer = real_to_user ( get_cached_info->Buffer.segment,
216 					get_cached_info->Buffer.offset );
217 		copy_to_user ( buffer, 0, info, len );
218 		get_cached_info->BufferSize = len;
219 	}
220 
221 	get_cached_info->Status = PXENV_STATUS_SUCCESS;
222 	return PXENV_EXIT_SUCCESS;
223 
224  err:
225 	get_cached_info->Status = PXENV_STATUS_OUT_OF_RESOURCES;
226 	return PXENV_EXIT_FAILURE;
227 }
228 
229 /* PXENV_RESTART_TFTP
230  *
231  * Status: working
232  */
pxenv_restart_tftp(struct s_PXENV_TFTP_READ_FILE * restart_tftp)233 PXENV_EXIT_t pxenv_restart_tftp ( struct s_PXENV_TFTP_READ_FILE
234 				  *restart_tftp ) {
235 	PXENV_EXIT_t tftp_exit;
236 
237 	DBG ( "PXENV_RESTART_TFTP " );
238 
239 	/* Intel bug-for-bug hack */
240 	pxe_set_cached_filename ( restart_tftp->FileName );
241 
242 	/* Words cannot describe the complete mismatch between the PXE
243 	 * specification and any possible version of reality...
244 	 */
245 	restart_tftp->Buffer = PXE_LOAD_PHYS; /* Fixed by spec, apparently */
246 	restart_tftp->BufferSize = ( 0xa0000 - PXE_LOAD_PHYS ); /* Near enough */
247 	tftp_exit = pxenv_tftp_read_file ( restart_tftp );
248 	if ( tftp_exit != PXENV_EXIT_SUCCESS )
249 		return tftp_exit;
250 
251 	/* Fire up the new NBP */
252 	restart_tftp->Status = pxe_start_nbp();
253 
254 	/* Not sure what "SUCCESS" actually means, since we can only
255 	 * return if the new NBP failed to boot...
256 	 */
257 	return PXENV_EXIT_SUCCESS;
258 }
259 
260 /* PXENV_START_UNDI
261  *
262  * Status: working
263  */
pxenv_start_undi(struct s_PXENV_START_UNDI * start_undi)264 PXENV_EXIT_t pxenv_start_undi ( struct s_PXENV_START_UNDI *start_undi ) {
265 	unsigned int bus_type;
266 	unsigned int location;
267 	struct net_device *netdev;
268 
269 	DBG ( "PXENV_START_UNDI %04x:%04x:%04x",
270 	      start_undi->AX, start_undi->BX, start_undi->DX );
271 
272 	/* Determine bus type and location.  Use a heuristic to decide
273 	 * whether we are PCI or ISAPnP
274 	 */
275 	if ( ( start_undi->DX >= ISAPNP_READ_PORT_MIN ) &&
276 	     ( start_undi->DX <= ISAPNP_READ_PORT_MAX ) &&
277 	     ( start_undi->BX >= ISAPNP_CSN_MIN ) &&
278 	     ( start_undi->BX <= ISAPNP_CSN_MAX ) ) {
279 		bus_type = BUS_TYPE_ISAPNP;
280 		location = start_undi->BX;
281 		/* Record ISAPnP read port for use by isapnp.c */
282 		isapnp_read_port = start_undi->DX;
283 	} else {
284 		bus_type = BUS_TYPE_PCI;
285 		location = start_undi->AX;
286 	}
287 
288 	/* Probe for devices, etc. */
289 	startup();
290 
291 	/* Look for a matching net device */
292 	netdev = find_netdev_by_location ( bus_type, location );
293 	if ( ! netdev ) {
294 		DBG ( " no net device found" );
295 		start_undi->Status = PXENV_STATUS_UNDI_CANNOT_INITIALIZE_NIC;
296 		return PXENV_EXIT_FAILURE;
297 	}
298 	DBG ( " using netdev %s", netdev->name );
299 
300 	/* Activate PXE */
301 	pxe_activate ( netdev );
302 
303 	start_undi->Status = PXENV_STATUS_SUCCESS;
304 	return PXENV_EXIT_SUCCESS;
305 }
306 
307 /* PXENV_STOP_UNDI
308  *
309  * Status: working
310  */
pxenv_stop_undi(struct s_PXENV_STOP_UNDI * stop_undi)311 PXENV_EXIT_t pxenv_stop_undi ( struct s_PXENV_STOP_UNDI *stop_undi ) {
312 	DBG ( "PXENV_STOP_UNDI" );
313 
314 	/* Deactivate PXE */
315 	pxe_deactivate();
316 
317 	/* Prepare for unload */
318 	shutdown ( SHUTDOWN_BOOT );
319 
320 	/* Check to see if we still have any hooked interrupts */
321 	if ( hooked_bios_interrupts != 0 ) {
322 		DBG ( "PXENV_STOP_UNDI failed: %d interrupts still hooked\n",
323 		      hooked_bios_interrupts );
324 		stop_undi->Status = PXENV_STATUS_KEEP_UNDI;
325 		return PXENV_EXIT_FAILURE;
326 	}
327 
328 	stop_undi->Status = PXENV_STATUS_SUCCESS;
329 	return PXENV_EXIT_SUCCESS;
330 }
331 
332 /* PXENV_START_BASE
333  *
334  * Status: won't implement (requires major structural changes)
335  */
pxenv_start_base(struct s_PXENV_START_BASE * start_base)336 PXENV_EXIT_t pxenv_start_base ( struct s_PXENV_START_BASE *start_base ) {
337 	DBG ( "PXENV_START_BASE" );
338 
339 	start_base->Status = PXENV_STATUS_UNSUPPORTED;
340 	return PXENV_EXIT_FAILURE;
341 }
342 
343 /* PXENV_STOP_BASE
344  *
345  * Status: working
346  */
pxenv_stop_base(struct s_PXENV_STOP_BASE * stop_base)347 PXENV_EXIT_t pxenv_stop_base ( struct s_PXENV_STOP_BASE *stop_base ) {
348 	DBG ( "PXENV_STOP_BASE" );
349 
350 	/* The only time we will be called is when the NBP is trying
351 	 * to shut down the PXE stack.  There's nothing we need to do
352 	 * in this call.
353 	 */
354 
355 	stop_base->Status = PXENV_STATUS_SUCCESS;
356 	return PXENV_EXIT_SUCCESS;
357 }
358