aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/arch/i386/firmware/pcbios/memmap.c14
-rw-r--r--src/arch/i386/image/multiboot.c6
-rw-r--r--src/include/gpxe/tls.h20
-rw-r--r--src/net/ipv4.c2
-rw-r--r--src/net/tls.c37
5 files changed, 49 insertions, 30 deletions
diff --git a/src/arch/i386/firmware/pcbios/memmap.c b/src/arch/i386/firmware/pcbios/memmap.c
index 848979e..2e9627c 100644
--- a/src/arch/i386/firmware/pcbios/memmap.c
+++ b/src/arch/i386/firmware/pcbios/memmap.c
@@ -158,7 +158,7 @@ static int meme820 ( struct memory_map *memmap ) {
uint32_t smap;
size_t size;
unsigned int flags;
- unsigned int discard_d, discard_D;
+ unsigned int discard_D;
/* Clear the E820 buffer. Do this once before starting,
* rather than on each call; some BIOSes rely on the contents
@@ -171,13 +171,15 @@ static int meme820 ( struct memory_map *memmap ) {
* this by telling gcc that all non-output registers
* may be corrupted.
*/
- __asm__ __volatile__ ( REAL_CODE ( "stc\n\t"
+ __asm__ __volatile__ ( REAL_CODE ( "pushl %%ebp\n\t"
+ "stc\n\t"
"int $0x15\n\t"
"pushfw\n\t"
- "popw %w0\n\t" )
- : "=r" ( flags ), "=a" ( smap ),
- "=b" ( next ), "=D" ( discard_D ),
- "=c" ( size ), "=d" ( discard_d )
+ "popw %%dx\n\t"
+ "popl %%ebp\n\t" )
+ : "=a" ( smap ), "=b" ( next ),
+ "=c" ( size ), "=d" ( flags ),
+ "=D" ( discard_D )
: "a" ( 0xe820 ), "b" ( next ),
"D" ( __from_data16 ( &e820buf ) ),
"c" ( sizeof ( e820buf ) ),
diff --git a/src/arch/i386/image/multiboot.c b/src/arch/i386/image/multiboot.c
index a4a340f..49adf95 100644
--- a/src/arch/i386/image/multiboot.c
+++ b/src/arch/i386/image/multiboot.c
@@ -282,11 +282,13 @@ static int multiboot_exec ( struct image *image ) {
/* Jump to OS with flat physical addressing */
DBGC ( image, "MULTIBOOT %p starting execution at %lx\n",
image, entry );
- __asm__ __volatile__ ( PHYS_CODE ( "call *%%edi\n\t" )
+ __asm__ __volatile__ ( PHYS_CODE ( "pushl %%ebp\n\t"
+ "call *%%edi\n\t"
+ "popl %%ebp\n\t" )
: : "a" ( MULTIBOOT_BOOTLOADER_MAGIC ),
"b" ( virt_to_phys ( &mbinfo ) ),
"D" ( entry )
- : "ecx", "edx", "esi", "ebp", "memory" );
+ : "ecx", "edx", "esi", "memory" );
DBGC ( image, "MULTIBOOT %p returned\n", image );
diff --git a/src/include/gpxe/tls.h b/src/include/gpxe/tls.h
index a8cf16e..3910945 100644
--- a/src/include/gpxe/tls.h
+++ b/src/include/gpxe/tls.h
@@ -109,6 +109,22 @@ struct tls_cipherspec {
void *mac_secret;
};
+/** TLS pre-master secret */
+struct tls_pre_master_secret {
+ /** TLS version */
+ uint16_t version;
+ /** Random data */
+ uint8_t random[46];
+} __attribute__ (( packed ));
+
+/** TLS client random data */
+struct tls_client_random {
+ /** GMT Unix time */
+ uint32_t gmt_unix_time;
+ /** Random data */
+ uint8_t random[28];
+} __attribute__ (( packed ));
+
/** A TLS session */
struct tls_session {
/** Reference counter */
@@ -128,13 +144,13 @@ struct tls_session {
/** Next RX cipher specification */
struct tls_cipherspec rx_cipherspec_pending;
/** Premaster secret */
- uint8_t pre_master_secret[48];
+ struct tls_pre_master_secret pre_master_secret;
/** Master secret */
uint8_t master_secret[48];
/** Server random bytes */
uint8_t server_random[32];
/** Client random bytes */
- uint8_t client_random[32];
+ struct tls_client_random client_random;
/** MD5 context for handshake verification */
uint8_t handshake_md5_ctx[MD5_CTX_SIZE];
/** SHA1 context for handshake verification */
diff --git a/src/net/ipv4.c b/src/net/ipv4.c
index e14ed6a..63dcca2 100644
--- a/src/net/ipv4.c
+++ b/src/net/ipv4.c
@@ -188,7 +188,7 @@ static struct io_buffer * ipv4_reassemble ( struct io_buffer * iobuf ) {
free_iob ( iobuf );
/** Check if the fragment series is over */
- if ( !iphdr->frags & IP_MASK_MOREFRAGS ) {
+ if ( ! ( iphdr->frags & IP_MASK_MOREFRAGS ) ) {
iobuf = fragbuf->frag_iob;
free_fragbuf ( fragbuf );
return iobuf;
diff --git a/src/net/tls.c b/src/net/tls.c
index 834686f..fa4b58d 100644
--- a/src/net/tls.c
+++ b/src/net/tls.c
@@ -270,16 +270,16 @@ static void tls_generate_master_secret ( struct tls_session *tls ) {
DBGC_HD ( tls, &tls->pre_master_secret,
sizeof ( tls->pre_master_secret ) );
DBGC ( tls, "TLS %p client random bytes:\n", tls );
- DBGC_HD ( tls, &tls->client_random, sizeof ( tls->server_random ) );
+ DBGC_HD ( tls, &tls->client_random, sizeof ( tls->client_random ) );
DBGC ( tls, "TLS %p server random bytes:\n", tls );
DBGC_HD ( tls, &tls->server_random, sizeof ( tls->server_random ) );
- tls_prf_label ( tls, tls->pre_master_secret,
+ tls_prf_label ( tls, &tls->pre_master_secret,
sizeof ( tls->pre_master_secret ),
- tls->master_secret, sizeof ( tls->master_secret ),
+ &tls->master_secret, sizeof ( tls->master_secret ),
"master secret",
- tls->client_random, sizeof ( tls->client_random ),
- tls->server_random, sizeof ( tls->server_random ) );
+ &tls->client_random, sizeof ( tls->client_random ),
+ &tls->server_random, sizeof ( tls->server_random ) );
DBGC ( tls, "TLS %p generated master secret:\n", tls );
DBGC_HD ( tls, &tls->master_secret, sizeof ( tls->master_secret ) );
@@ -304,10 +304,10 @@ static int tls_generate_keys ( struct tls_session *tls ) {
int rc;
/* Generate key block */
- tls_prf_label ( tls, tls->master_secret, sizeof ( tls->master_secret ),
+ tls_prf_label ( tls, &tls->master_secret, sizeof ( tls->master_secret ),
key_block, sizeof ( key_block ), "key expansion",
- tls->server_random, sizeof ( tls->server_random ),
- tls->client_random, sizeof ( tls->client_random ) );
+ &tls->server_random, sizeof ( tls->server_random ),
+ &tls->client_random, sizeof ( tls->client_random ) );
/* Split key block into portions */
key = key_block;
@@ -604,7 +604,7 @@ static int tls_send_client_hello ( struct tls_session *tls ) {
htonl ( sizeof ( hello ) -
sizeof ( hello.type_length ) ) );
hello.version = htons ( TLS_VERSION_TLS_1_0 );
- memcpy ( &hello.random, tls->client_random, sizeof ( hello.random ) );
+ memcpy ( &hello.random, &tls->client_random, sizeof ( hello.random ) );
hello.cipher_suite_len = htons ( sizeof ( hello.cipher_suites ) );
hello.cipher_suites[0] = htons ( TLS_RSA_WITH_AES_128_CBC_SHA );
hello.cipher_suites[1] = htons ( TLS_RSA_WITH_AES_256_CBC_SHA );
@@ -643,7 +643,7 @@ static int tls_send_client_key_exchange ( struct tls_session *tls ) {
sizeof ( tls->pre_master_secret ) );
DBGC_HD ( tls, tls->rsa_mod, tls->rsa_mod_len );
DBGC_HD ( tls, tls->rsa_pub_exp, tls->rsa_pub_exp_len );
- RSA_encrypt ( rsa_ctx, tls->pre_master_secret,
+ RSA_encrypt ( rsa_ctx, ( const uint8_t * ) &tls->pre_master_secret,
sizeof ( tls->pre_master_secret ),
key_xchg.encrypted_pre_master_secret, 0 );
DBGC ( tls, "RSA encrypt done. Ciphertext:\n" );
@@ -685,7 +685,7 @@ static int tls_send_finished ( struct tls_session *tls ) {
htonl ( sizeof ( finished ) -
sizeof ( finished.type_length ) ) );
tls_verify_handshake ( tls, digest );
- tls_prf_label ( tls, tls->master_secret, sizeof ( tls->master_secret ),
+ tls_prf_label ( tls, &tls->master_secret, sizeof ( tls->master_secret ),
finished.verify_data, sizeof ( finished.verify_data ),
"client finished", digest, sizeof ( digest ) );
@@ -802,7 +802,7 @@ static int tls_new_server_hello ( struct tls_session *tls,
}
/* Copy out server random bytes */
- memcpy ( tls->server_random, hello_a->random,
+ memcpy ( &tls->server_random, &hello_a->random,
sizeof ( tls->server_random ) );
/* Select cipher suite */
@@ -1710,13 +1710,12 @@ int add_tls ( struct xfer_interface *xfer, struct xfer_interface **next ) {
tls_clear_cipher ( tls, &tls->tx_cipherspec_pending );
tls_clear_cipher ( tls, &tls->rx_cipherspec );
tls_clear_cipher ( tls, &tls->rx_cipherspec_pending );
- *( ( uint32_t * ) tls->client_random ) = 0; /* GMT Unix time */
- tls_generate_random ( ( tls->client_random + 4 ),
- ( sizeof ( tls->client_random ) - 4 ) );
- *( ( uint16_t * ) tls->pre_master_secret )
- = htons ( TLS_VERSION_TLS_1_0 );
- tls_generate_random ( ( tls->pre_master_secret + 2 ),
- ( sizeof ( tls->pre_master_secret ) - 2 ) );
+ tls->client_random.gmt_unix_time = 0;
+ tls_generate_random ( &tls->client_random.random,
+ ( sizeof ( tls->client_random.random ) ) );
+ tls->pre_master_secret.version = htons ( TLS_VERSION_TLS_1_0 );
+ tls_generate_random ( &tls->pre_master_secret.random,
+ ( sizeof ( tls->pre_master_secret.random ) ) );
digest_init ( &md5_algorithm, tls->handshake_md5_ctx );
digest_init ( &sha1_algorithm, tls->handshake_sha1_ctx );
tls->tx_state = TLS_TX_CLIENT_HELLO;