Merge branch 'master' into openslxopenslx

author: Simon Rettberg 2026-01-28 12:53:53 +0100
committer: Simon Rettberg 2026-01-28 12:53:53 +0100
commit: 8e82785c584dc13e20f9229decb95bd17bbe9cd1 (patch)
tree: a8b359e59196be5b2e3862bed189107f4bc9975f /src/net/tcp
parent: Merge branch 'master' into openslx (diff)
parent: [prefix] Make unlzma.S compatible with 386 class CPUs (diff)
download: ipxe-openslx.tar.gz
ipxe-openslx.tar.xz
ipxe-openslx.zip
12 files changed, 74 insertions, 18 deletions
diff --git a/src/net/tcp/http.c b/src/net/tcp/http.c
index b000ed80f..16cfd035e 100644
--- a/src/net/tcp/http.c
+++ b/src/net/tcp/http.c
@@ -22,6 +22,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /**
  * @file
diff --git a/src/net/tcp/httpauth.c b/src/net/tcp/httpauth.c
index 2c57e3d48..d682c5f8f 100644
--- a/src/net/tcp/httpauth.c
+++ b/src/net/tcp/httpauth.c
@@ -22,6 +22,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /**
  * @file
diff --git a/src/net/tcp/httpbasic.c b/src/net/tcp/httpbasic.c
index 52a67063d..4dffc7e0f 100644
--- a/src/net/tcp/httpbasic.c
+++ b/src/net/tcp/httpbasic.c
@@ -22,6 +22,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /**
  * @file
diff --git a/src/net/tcp/httpblock.c b/src/net/tcp/httpblock.c
index 1abd6b34d..14398869e 100644
--- a/src/net/tcp/httpblock.c
+++ b/src/net/tcp/httpblock.c
@@ -22,6 +22,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /**
  * @file
@@ -31,7 +32,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
  */
 
 #include <stdint.h>
-#include <ipxe/uaccess.h>
+#include <string.h>
 #include <ipxe/blocktrans.h>
 #include <ipxe/blockdev.h>
 #include <ipxe/acpi.h>
@@ -52,7 +53,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
  * @ret rc		Return status code
  */
 int http_block_read ( struct http_transaction *http, struct interface *data,
-		      uint64_t lba, unsigned int count, userptr_t buffer,
+		      uint64_t lba, unsigned int count, void *buffer,
 		      size_t len ) {
 	struct http_request_range range;
 	int rc;
@@ -101,7 +102,7 @@ int http_block_read_capacity ( struct http_transaction *http,
 		goto err_open;
 
 	/* Insert block device translator */
-	if ( ( rc = block_translate ( data, UNULL, HTTP_BLKSIZE ) ) != 0 ) {
+	if ( ( rc = block_translate ( data, NULL, HTTP_BLKSIZE ) ) != 0 ) {
 		DBGC ( http, "HTTP %p could not insert block translator: %s\n",
 		       http, strerror ( rc ) );
 		goto err_translate;
diff --git a/src/net/tcp/httpconn.c b/src/net/tcp/httpconn.c
index 538c4dcf6..4b99209f0 100644
--- a/src/net/tcp/httpconn.c
+++ b/src/net/tcp/httpconn.c
@@ -22,6 +22,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /**
  * @file
diff --git a/src/net/tcp/httpcore.c b/src/net/tcp/httpcore.c
index af2a237cf..912bea407 100644
--- a/src/net/tcp/httpcore.c
+++ b/src/net/tcp/httpcore.c
@@ -22,6 +22,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /**
  * @file
@@ -106,6 +107,9 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 /** Retry delay used when we cannot understand the Retry-After header */
 #define HTTP_RETRY_SECONDS 5
 
+/** Idle connection watchdog timeout */
+#define HTTP_WATCHDOG_SECONDS 120
+
 /** Receive profiler */
 static struct profiler http_rx_profiler __profiler = { .name = "http.rx" };
 
@@ -281,8 +285,9 @@ static void http_close ( struct http_transaction *http, int rc ) {
 	/* Stop process */
 	process_del ( &http->process );
 
-	/* Stop timer */
-	stop_timer ( &http->timer );
+	/* Stop timers */
+	stop_timer ( &http->retry );
+	stop_timer ( &http->watchdog );
 
 	/* Close all interfaces */
 	intfs_shutdown ( rc, &http->conn, &http->transfer, &http->content,
@@ -302,6 +307,18 @@ static void http_close_error ( struct http_transaction *http, int rc ) {
 }
 
 /**
+ * Hold off HTTP idle connection watchdog timer
+ *
+ * @v http		HTTP transaction
+ */
+static inline void http_watchdog ( struct http_transaction *http ) {
+
+	/* (Re)start watchdog timer */
+	start_timer_fixed ( &http->watchdog,
+			    ( HTTP_WATCHDOG_SECONDS * TICKS_PER_SEC ) );
+}
+
+/**
  * Reopen stale HTTP connection
  *
  * @v http		HTTP transaction
@@ -322,6 +339,9 @@ static void http_reopen ( struct http_transaction *http ) {
 	/* Reset state */
 	http->state = &http_request;
 
+	/* Restart idle connection watchdog timer */
+	http_watchdog ( http );
+
 	/* Reschedule transmission process */
 	process_add ( &http->process );
 
@@ -332,20 +352,37 @@ static void http_reopen ( struct http_transaction *http ) {
 }
 
 /**
- * Handle retry timer expiry
+ * Handle connection retry timer expiry
  *
- * @v timer		Retry timer
+ * @v retry		Retry timer
  * @v over		Failure indicator
  */
-static void http_expired ( struct retry_timer *timer, int over __unused ) {
+static void http_retry_expired ( struct retry_timer *retry,
+				 int over __unused ) {
 	struct http_transaction *http =
-		container_of ( timer, struct http_transaction, timer );
+		container_of ( retry, struct http_transaction, retry );
 
 	/* Reopen connection */
 	http_reopen ( http );
 }
 
 /**
+ * Handle idle connection watchdog timer expiry
+ *
+ * @v watchdog		Idle connection watchdog timer
+ * @v over		Failure indicator
+ */
+static void http_watchdog_expired ( struct retry_timer *watchdog,
+				    int over __unused ) {
+	struct http_transaction *http =
+		container_of ( watchdog, struct http_transaction, watchdog );
+
+	/* Abort connection */
+	DBGC ( http, "HTTP %p aborting idle connection\n", http );
+	http_close ( http, -ETIMEDOUT );
+}
+
+/**
  * HTTP transmit process
  *
  * @v http		HTTP transaction
@@ -460,6 +497,9 @@ static int http_content_deliver ( struct http_transaction *http,
 		return 0;
 	}
 
+	/* Hold off idle connection watchdog timer */
+	http_watchdog ( http );
+
 	/* Deliver to data transfer interface */
 	profile_start ( &http_xfer_profiler );
 	if ( ( rc = xfer_deliver ( &http->xfer, iob_disown ( iobuf ),
@@ -503,7 +543,7 @@ http_content_buffer ( struct http_transaction *http ) {
 __weak int http_block_read ( struct http_transaction *http __unused,
 			     struct interface *data __unused,
 			     uint64_t lba __unused, unsigned int count __unused,
-			     userptr_t buffer __unused, size_t len __unused ) {
+			     void *buffer __unused, size_t len __unused ) {
 
 	return -ENOTSUP;
 }
@@ -649,7 +689,8 @@ int http_open ( struct interface *xfer, struct http_method *method,
 	intf_init ( &http->conn, &http_conn_desc, &http->refcnt );
 	intf_plug_plug ( &http->transfer, &http->content );
 	process_init ( &http->process, &http_process_desc, &http->refcnt );
-	timer_init ( &http->timer, http_expired, &http->refcnt );
+	timer_init ( &http->retry, http_retry_expired, &http->refcnt );
+	timer_init ( &http->watchdog, http_watchdog_expired, &http->refcnt );
 	http->uri = uri_get ( uri );
 	http->request.method = method;
 	http->request.uri = request_uri_string;
@@ -675,6 +716,9 @@ int http_open ( struct interface *xfer, struct http_method *method,
 		goto err_connect;
 	}
 
+	/* Start watchdog timer */
+	http_watchdog ( http );
+
 	/* Attach to parent interface, mortalise self, and return */
 	intf_plug_plug ( &http->xfer, xfer );
 	ref_put ( &http->refcnt );
@@ -809,8 +853,9 @@ static int http_transfer_complete ( struct http_transaction *http ) {
 	/* Start timer to initiate retry */
 	DBGC2 ( http, "HTTP %p retrying after %d seconds\n",
 		http, http->response.retry_after );
-	start_timer_fixed ( &http->timer,
+	start_timer_fixed ( &http->retry,
 			    ( http->response.retry_after * TICKS_PER_SEC ) );
+	stop_timer ( &http->watchdog );
 	return 0;
 }
 
@@ -1090,7 +1135,8 @@ static int http_tx_request ( struct http_transaction *http ) {
 	}
 
 	/* Allocate I/O buffer */
-	iobuf = alloc_iob ( len + 1 /* NUL */ + http->request.content.len );
+	iobuf = xfer_alloc_iob ( &http->conn, ( len + 1 /* NUL */ +
+						http->request.content.len ) );
 	if ( ! iobuf ) {
 		rc = -ENOMEM;
 		goto err_alloc;
diff --git a/src/net/tcp/httpdigest.c b/src/net/tcp/httpdigest.c
index 4074078c7..8ff6dbfa5 100644
--- a/src/net/tcp/httpdigest.c
+++ b/src/net/tcp/httpdigest.c
@@ -22,6 +22,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /**
  * @file
diff --git a/src/net/tcp/httpntlm.c b/src/net/tcp/httpntlm.c
index 25187bd19..a7e44d5f6 100644
--- a/src/net/tcp/httpntlm.c
+++ b/src/net/tcp/httpntlm.c
@@ -22,6 +22,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /**
  * @file
diff --git a/src/net/tcp/https.c b/src/net/tcp/https.c
index 85f1f124f..bccfafe15 100644
--- a/src/net/tcp/https.c
+++ b/src/net/tcp/https.c
@@ -22,6 +22,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /**
  * @file
diff --git a/src/net/tcp/iscsi.c b/src/net/tcp/iscsi.c
index dd20849ce..0d1f0f645 100644
--- a/src/net/tcp/iscsi.c
+++ b/src/net/tcp/iscsi.c
@@ -22,6 +22,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <stddef.h>
 #include <string.h>
@@ -39,7 +40,6 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <ipxe/open.h>
 #include <ipxe/scsi.h>
 #include <ipxe/process.h>
-#include <ipxe/uaccess.h>
 #include <ipxe/tcpip.h>
 #include <ipxe/settings.h>
 #include <ipxe/features.h>
@@ -478,7 +478,7 @@ static int iscsi_rx_data_in ( struct iscsi_session *iscsi,
 	assert ( iscsi->command != NULL );
 	assert ( iscsi->command->data_in );
 	assert ( ( offset + len ) <= iscsi->command->data_in_len );
-	copy_to_user ( iscsi->command->data_in, offset, data, len );
+	memcpy ( ( iscsi->command->data_in + offset ), data, len );
 
 	/* Wait for whole SCSI response to arrive */
 	if ( remaining )
@@ -598,8 +598,8 @@ static int iscsi_tx_data_out ( struct iscsi_session *iscsi ) {
 	if ( ! iobuf )
 		return -ENOMEM;
 	
-	copy_from_user ( iob_put ( iobuf, len ),
-			 iscsi->command->data_out, offset, len );
+	memcpy ( iob_put ( iobuf, len ),
+		 ( iscsi->command->data_out + offset ), len );
 	memset ( iob_put ( iobuf, pad_len ), 0, pad_len );
 
 	return xfer_deliver_iob ( &iscsi->socket, iobuf );
diff --git a/src/net/tcp/oncrpc.c b/src/net/tcp/oncrpc.c
index cb66aeb85..64734a808 100644
--- a/src/net/tcp/oncrpc.c
+++ b/src/net/tcp/oncrpc.c
@@ -150,7 +150,7 @@ int oncrpc_call ( struct interface *intf, struct oncrpc_session *session,
 	frame_size  = oncrpc_compute_size ( header );
 	frame_size += oncrpc_compute_size ( fields );
 
-	io_buf = alloc_iob ( frame_size );
+	io_buf = xfer_alloc_iob ( intf, frame_size );
 	if ( ! io_buf )
 		return -ENOBUFS;
 
diff --git a/src/net/tcp/syslogs.c b/src/net/tcp/syslogs.c
index f1f70d59e..eff53ea94 100644
--- a/src/net/tcp/syslogs.c
+++ b/src/net/tcp/syslogs.c
@@ -22,6 +22,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /** @file
  *
@@ -31,6 +32,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 
 #include <stdint.h>
 #include <stdlib.h>
+#include <string.h>
 #include <byteswap.h>
 #include <ipxe/xfer.h>
 #include <ipxe/open.h>
author	Simon Rettberg	2026-01-28 12:53:53 +0100
committer	Simon Rettberg	2026-01-28 12:53:53 +0100
commit	8e82785c584dc13e20f9229decb95bd17bbe9cd1 (patch)
tree	a8b359e59196be5b2e3862bed189107f4bc9975f /src/net/tcp
parent	Merge branch 'master' into openslx (diff)
parent	[prefix] Make unlzma.S compatible with 386 class CPUs (diff)
download	ipxe-openslx.tar.gz ipxe-openslx.tar.xz ipxe-openslx.zip