Change in ...coreboot[master]: payloads/ipxe: Enable HTTPS support

List overview All Threads
Download

newer

older

Change in coreboot[master]:...

Felix Singer (Code Review)

25 Jan 2019 25 Jan '19

4:06 a.m.

Felix Singer has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/31086

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

payloads/ipxe: Enable HTTPS support

HTTPS needs a newer iPXE version than 2017.3, because it doesn't work with this release.

Tested under master branch.

Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Signed-off-by: Felix Singer migy@darmstadt.ccc.de --- M payloads/external/iPXE/Makefile 1 file changed, 1 insertion(+), 0 deletions(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/86/31086/1

diff --git a/payloads/external/iPXE/Makefile b/payloads/external/iPXE/Makefile index a8b1245..05b6f4dd 100644 --- a/payloads/external/iPXE/Makefile +++ b/payloads/external/iPXE/Makefile @@ -54,6 +54,7 @@ sed 's|#define\s*COMCONSOLE.*|#define COMCONSOLE $(IPXE_UART)|' "$(project_dir)/src/config/serial.h" > "$(project_dir)/src/config/serial.h.tmp" sed 's|#define\s*COMSPEED.*|#define COMSPEED $(CONFIG_TTYS0_BAUD)|' "$(project_dir)/src/config/serial.h.tmp" > "$(project_dir)/src/config/serial.h" endif + sed -ie 's|.*DOWNLOAD_PROTO_HTTPS|#define DOWNLOAD_PROTO_HTTPS|g' "$(project_dir)/src/config/general.h"

build: config echo " MAKE $(project_name) $(TAG-y)"

Attachments:

attachment.htm (text/html — 2.8 KB)

Show replies by date

Felix Singer (Code Review)

25 Feb 25 Feb

11:23 a.m.

Felix Singer has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/31086 )

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

Patch Set 1:

This change is ready for review.

Felix Singer (Code Review)

20 Apr 20 Apr

1:08 a.m.

Hello build bot (Jenkins),

I'd like you to reexamine a change. Please visit

https://review.coreboot.org/c/coreboot/+/31086

to look at the new patch set (#3).

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

payloads/ipxe: Enable HTTPS support

Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Signed-off-by: Felix Singer migy@darmstadt.ccc.de --- M payloads/external/iPXE/Makefile 1 file changed, 1 insertion(+), 0 deletions(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/86/31086/3

Nico Huber (Code Review)

5 May 5 May

3:24 p.m.

Nico Huber has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/31086 )

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

Patch Set 3:

(1 comment)

https://review.coreboot.org/#/c/31086/3/payloads/external/iPXE/Makefile File payloads/external/iPXE/Makefile:

https://review.coreboot.org/#/c/31086/3/payloads/external/iPXE/Makefile@57 PS3, Line 57: sed -ie 's|.*DOWNLOAD_PROTO_HTTPS|#define DOWNLOAD_PROTO_HTTPS|g' "$(project_dir)/src/config/general.h" Standard sed doesn't know -i, and this doesn't work with GNU sed (appends the `e` given to -i to the output file name).

-- To view, visit https://review.coreboot.org/c/coreboot/+/31086 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Gerrit-Change-Number: 31086 Gerrit-PatchSet: 3 Gerrit-Owner: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Martin Roth martinroth@google.com Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-CC: Nico Huber nico.h@gmx.de Gerrit-Comment-Date: Sun, 05 May 2019 13:24:52 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Gerrit-MessageType: comment

Nico Huber (Code Review)

3:26 p.m.

Nico Huber has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/31086 )

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

Patch Set 3:

(1 comment)

https://review.coreboot.org/#/c/31086/3/payloads/external/iPXE/Makefile File payloads/external/iPXE/Makefile:

https://review.coreboot.org/#/c/31086/3/payloads/external/iPXE/Makefile@57 PS3, Line 57: sed -ie 's|.*DOWNLOAD_PROTO_HTTPS|#define DOWNLOAD_PROTO_HTTPS|g' "$(project_dir)/src/config/general.h"

...

Standard sed doesn't know -i, and this doesn't work with GNU […]

Ah, that about GNU sed wasn't right. It creates a backup file with the suffix `e`.

-- To view, visit https://review.coreboot.org/c/coreboot/+/31086 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Gerrit-Change-Number: 31086 Gerrit-PatchSet: 3 Gerrit-Owner: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Martin Roth martinroth@google.com Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-CC: Nico Huber nico.h@gmx.de Gerrit-Comment-Date: Sun, 05 May 2019 13:26:16 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: Nico Huber nico.h@gmx.de Gerrit-MessageType: comment

Felix Singer (Code Review)

3:47 p.m.

Hello Paul Menzel, Philipp Deppenwiese, build bot (Jenkins), Martin Roth,

I'd like you to reexamine a change. Please visit

https://review.coreboot.org/c/coreboot/+/31086

to look at the new patch set (#4).

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

payloads/ipxe: Enable HTTPS support

Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Signed-off-by: Felix Singer migy@darmstadt.ccc.de --- M payloads/external/iPXE/Makefile 1 file changed, 1 insertion(+), 0 deletions(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/86/31086/4

Nico Huber (Code Review)

3:59 p.m.

Nico Huber has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/31086 )

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

Patch Set 4:

(1 comment)

https://review.coreboot.org/#/c/31086/4/payloads/external/iPXE/Makefile File payloads/external/iPXE/Makefile:

https://review.coreboot.org/#/c/31086/4/payloads/external/iPXE/Makefile@56 PS4, Line 56: sed 's|.*DOWNLOAD_PROTO_HTTPS|#define DOWNLOAD_PROTO_HTTPS|g' "$(project_dir)/src/config/general.h" > "$(project_dir)/src/config/general.h" This reading from / redirecting to the same file is not supposed to work. The shell first creates an empty file, then runs the sed command. `sed` + `mv` is the standard solution for this situation (see above).

You have moved this into the `ifeq` btw.

-- To view, visit https://review.coreboot.org/c/coreboot/+/31086 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Gerrit-Change-Number: 31086 Gerrit-PatchSet: 4 Gerrit-Owner: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Martin Roth martinroth@google.com Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-CC: Nico Huber nico.h@gmx.de Gerrit-Comment-Date: Sun, 05 May 2019 13:59:31 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Gerrit-MessageType: comment

Felix Singer (Code Review)

4:06 p.m.

Hello Paul Menzel, Philipp Deppenwiese, build bot (Jenkins), Martin Roth,

I'd like you to reexamine a change. Please visit

https://review.coreboot.org/c/coreboot/+/31086

to look at the new patch set (#5).

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

payloads/ipxe: Enable HTTPS support

Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Signed-off-by: Felix Singer migy@darmstadt.ccc.de --- M payloads/external/iPXE/Makefile 1 file changed, 2 insertions(+), 0 deletions(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/86/31086/5

Nico Huber (Code Review)

5:48 p.m.

Nico Huber has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/31086 )

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

Patch Set 5: Code-Review+1

-- To view, visit https://review.coreboot.org/c/coreboot/+/31086 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Gerrit-Change-Number: 31086 Gerrit-PatchSet: 5 Gerrit-Owner: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Martin Roth martinroth@google.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Comment-Date: Sun, 05 May 2019 15:48:15 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

Michał Żygowski (Code Review)

7 May 7 May

11:14 a.m.

Michał Żygowski has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/31086 )

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

Patch Set 5:

If we are going with https and security way, what about IMAGE_TRUST_CMD? It may allow verifying images downloaded by http/https. Although I don't know whether it is enabled by default.

-- To view, visit https://review.coreboot.org/c/coreboot/+/31086 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Gerrit-Change-Number: 31086 Gerrit-PatchSet: 5 Gerrit-Owner: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Martin Roth martinroth@google.com Gerrit-Reviewer: Michał Żygowski michal.zygowski@3mdeb.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Comment-Date: Tue, 07 May 2019 09:14:26 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: No Gerrit-MessageType: comment

Felix Singer (Code Review)

11:35 a.m.

Felix Singer has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/31086 )

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

Patch Set 5:

...

Patch Set 5:

If we are going with https and security way, what about IMAGE_TRUST_CMD? It may allow verifying images downloaded by http/https. Although I don't know whether it is enabled by default.

I already created a dedicated Patch for this. See https://review.coreboot.org/c/coreboot/+/31087

-- To view, visit https://review.coreboot.org/c/coreboot/+/31086 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Gerrit-Change-Number: 31086 Gerrit-PatchSet: 5 Gerrit-Owner: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Martin Roth martinroth@google.com Gerrit-Reviewer: Michał Żygowski michal.zygowski@3mdeb.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Comment-Date: Tue, 07 May 2019 09:35:00 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: No Gerrit-MessageType: comment

Piotr Król (Code Review)

16 Nov 16 Nov

2:05 a.m.

New subject: Change in coreboot[master]: payloads/ipxe: Enable HTTPS support

Piotr Król has uploaded a new patch set (#6) to the change originally created by Felix Singer. ( https://review.coreboot.org/c/coreboot/+/31086 )

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

payloads/ipxe: Enable HTTPS support

Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Signed-off-by: Felix Singer migy@darmstadt.ccc.de Signed-off-by: Piotr Król piotr.krol@3mdeb.com --- M payloads/external/Makefile.inc M payloads/external/iPXE/Kconfig M payloads/external/iPXE/Makefile 3 files changed, 15 insertions(+), 0 deletions(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/86/31086/6

-- To view, visit https://review.coreboot.org/c/coreboot/+/31086 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Gerrit-Change-Number: 31086 Gerrit-PatchSet: 6 Gerrit-Owner: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Martin Roth martinroth@google.com Gerrit-Reviewer: Michał Żygowski michal.zygowski@3mdeb.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com Gerrit-Reviewer: Piotr Król piotr.krol@3mdeb.com Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-MessageType: newpatchset

Krystian Hebel (Code Review)

23 Mar 23 Mar

5:04 p.m.

New subject: Change in coreboot[master]: payloads/ipxe: Enable HTTPS support

Krystian Hebel has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/31086 )

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

Patch Set 6:

(2 comments)

https://review.coreboot.org/c/coreboot/+/31086/6/payloads/external/iPXE/Kcon... File payloads/external/iPXE/Kconfig:

https://review.coreboot.org/c/coreboot/+/31086/6/payloads/external/iPXE/Kcon... PS6, Line 118: default n Any reason for 'n' here? Are we worried about size of binary?

https://review.coreboot.org/c/coreboot/+/31086/6/payloads/external/iPXE/Make... File payloads/external/iPXE/Makefile:

https://review.coreboot.org/c/coreboot/+/31086/6/payloads/external/iPXE/Make... PS6, Line 70: ifeq ($(CONFIG_PXE_HAS_HTTPS),y) Inconsistent spacing above this and preceding 'if(n)eq's

-- To view, visit https://review.coreboot.org/c/coreboot/+/31086 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Gerrit-Change-Number: 31086 Gerrit-PatchSet: 6 Gerrit-Owner: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Martin Roth martinroth@google.com Gerrit-Reviewer: Michał Żygowski michal.zygowski@3mdeb.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Patrick Georgi pgeorgi@google.com Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com Gerrit-Reviewer: Piotr Król piotr.krol@3mdeb.com Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-CC: Krystian Hebel krystian.hebel@3mdeb.com Gerrit-Comment-Date: Mon, 23 Mar 2020 16:04:19 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Gerrit-MessageType: comment

Krystian Hebel (Code Review)

30 Apr 30 Apr

1:03 p.m.

New subject: Change in coreboot[master]: payloads/ipxe: Enable HTTPS support

Krystian Hebel has uploaded a new patch set (#7) to the change originally created by Felix Singer. ( https://review.coreboot.org/c/coreboot/+/31086 )

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

payloads/ipxe: Enable HTTPS support

Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Signed-off-by: Felix Singer migy@darmstadt.ccc.de Signed-off-by: Piotr Król piotr.krol@3mdeb.com Signed-off-by: Krystian Hebel krystian.hebel@3mdeb.com --- M payloads/external/Makefile.inc M payloads/external/iPXE/Kconfig M payloads/external/iPXE/Makefile 3 files changed, 13 insertions(+), 0 deletions(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/86/31086/7

-- To view, visit https://review.coreboot.org/c/coreboot/+/31086 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Gerrit-Change-Number: 31086 Gerrit-PatchSet: 7 Gerrit-Owner: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Krystian Hebel krystian.hebel@3mdeb.com Gerrit-Reviewer: Martin Roth martinroth@google.com Gerrit-Reviewer: Michał Żygowski michal.zygowski@3mdeb.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Patrick Georgi pgeorgi@google.com Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com Gerrit-Reviewer: Piotr Król piotr.krol@3mdeb.com Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-MessageType: newpatchset

Michał Żygowski (Code Review)

1:09 p.m.

New subject: Change in coreboot[master]: payloads/ipxe: Enable HTTPS support

Michał Żygowski has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/31086 )

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

Patch Set 7: Code-Review+2

(2 comments)

https://review.coreboot.org/c/coreboot/+/31086/6/payloads/external/iPXE/Kcon... File payloads/external/iPXE/Kconfig:

https://review.coreboot.org/c/coreboot/+/31086/6/payloads/external/iPXE/Kcon... PS6, Line 118: default n

...

Any reason for 'n' here? Are we worried about size of binary?

Ack

https://review.coreboot.org/c/coreboot/+/31086/6/payloads/external/iPXE/Make... File payloads/external/iPXE/Makefile:

https://review.coreboot.org/c/coreboot/+/31086/6/payloads/external/iPXE/Make... PS6, Line 70: ifeq ($(CONFIG_PXE_HAS_HTTPS),y)

...

Inconsistent spacing above this and preceding 'if(n)eq's

Ack

-- To view, visit https://review.coreboot.org/c/coreboot/+/31086 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Gerrit-Change-Number: 31086 Gerrit-PatchSet: 7 Gerrit-Owner: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Krystian Hebel krystian.hebel@3mdeb.com Gerrit-Reviewer: Martin Roth martinroth@google.com Gerrit-Reviewer: Michał Żygowski michal.zygowski@3mdeb.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Patrick Georgi pgeorgi@google.com Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com Gerrit-Reviewer: Piotr Król piotr.krol@3mdeb.com Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Comment-Date: Thu, 30 Apr 2020 11:09:25 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Comment-In-Reply-To: Krystian Hebel krystian.hebel@3mdeb.com Gerrit-MessageType: comment

Krystian Hebel (Code Review)

2:23 p.m.

New subject: Change in coreboot[master]: payloads/ipxe: Enable HTTPS support

Krystian Hebel has uploaded a new patch set (#9) to the change originally created by Felix Singer. ( https://review.coreboot.org/c/coreboot/+/31086 )

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

payloads/ipxe: Enable HTTPS support

Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Signed-off-by: Felix Singer migy@darmstadt.ccc.de Signed-off-by: Piotr Król piotr.krol@3mdeb.com Signed-off-by: Krystian Hebel krystian.hebel@3mdeb.com --- M payloads/external/Makefile.inc M payloads/external/iPXE/Kconfig M payloads/external/iPXE/Makefile 3 files changed, 13 insertions(+), 0 deletions(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/86/31086/9

-- To view, visit https://review.coreboot.org/c/coreboot/+/31086 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Gerrit-Change-Number: 31086 Gerrit-PatchSet: 9 Gerrit-Owner: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Krystian Hebel krystian.hebel@3mdeb.com Gerrit-Reviewer: Martin Roth martinroth@google.com Gerrit-Reviewer: Michał Żygowski michal.zygowski@3mdeb.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Patrick Georgi pgeorgi@google.com Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com Gerrit-Reviewer: Piotr Król piotr.krol@3mdeb.com Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-MessageType: newpatchset

Michał Żygowski (Code Review)

2:28 p.m.

New subject: Change in coreboot[master]: payloads/ipxe: Enable HTTPS support

Michał Żygowski has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/31086 )

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

Patch Set 9:

(2 comments)

https://review.coreboot.org/c/coreboot/+/31086/3/payloads/external/iPXE/Make... File payloads/external/iPXE/Makefile:

https://review.coreboot.org/c/coreboot/+/31086/3/payloads/external/iPXE/Make... PS3, Line 57: sed -ie 's|.*DOWNLOAD_PROTO_HTTPS|#define DOWNLOAD_PROTO_HTTPS|g' "$(project_dir)/src/config/general.h"

...

Ah, that about GNU sed wasn't right. It creates […]

Ack

https://review.coreboot.org/c/coreboot/+/31086/4/payloads/external/iPXE/Make... File payloads/external/iPXE/Makefile:

https://review.coreboot.org/c/coreboot/+/31086/4/payloads/external/iPXE/Make... PS4, Line 56: sed 's|.*DOWNLOAD_PROTO_HTTPS|#define DOWNLOAD_PROTO_HTTPS|g' "$(project_dir)/src/config/general.h" > "$(project_dir)/src/config/general.h"

...

This reading from / redirecting to the same file is not supposed to work. […]

Ack

-- To view, visit https://review.coreboot.org/c/coreboot/+/31086 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Gerrit-Change-Number: 31086 Gerrit-PatchSet: 9 Gerrit-Owner: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Krystian Hebel krystian.hebel@3mdeb.com Gerrit-Reviewer: Martin Roth martinroth@google.com Gerrit-Reviewer: Michał Żygowski michal.zygowski@3mdeb.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Patrick Georgi pgeorgi@google.com Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com Gerrit-Reviewer: Piotr Król piotr.krol@3mdeb.com Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Comment-Date: Thu, 30 Apr 2020 12:28:25 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: Nico Huber nico.h@gmx.de Gerrit-MessageType: comment

Michał Żygowski (Code Review)

2:28 p.m.

New subject: Change in coreboot[master]: payloads/ipxe: Enable HTTPS support

Michał Żygowski has submitted this change. ( https://review.coreboot.org/c/coreboot/+/31086 )

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

payloads/ipxe: Enable HTTPS support

Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Signed-off-by: Felix Singer migy@darmstadt.ccc.de Signed-off-by: Piotr Król piotr.krol@3mdeb.com Signed-off-by: Krystian Hebel krystian.hebel@3mdeb.com Reviewed-on: https://review.coreboot.org/c/coreboot/+/31086 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Michał Żygowski michal.zygowski@3mdeb.com --- M payloads/external/Makefile.inc M payloads/external/iPXE/Kconfig M payloads/external/iPXE/Makefile 3 files changed, 13 insertions(+), 0 deletions(-)

Approvals: build bot (Jenkins): Verified Michał Żygowski: Looks good to me, approved

diff --git a/payloads/external/Makefile.inc b/payloads/external/Makefile.inc index 0a96aff..7319a11 100644 --- a/payloads/external/Makefile.inc +++ b/payloads/external/Makefile.inc @@ -263,6 +263,7 @@ CONFIG_SCRIPT=$(PXE_CONFIG_SCRIPT) \ CONFIG_HAS_SCRIPT=$(CONFIG_PXE_ADD_SCRIPT) \ CONFIG_PXE_NO_PROMT=$(CONFIG_PXE_NO_PROMT) \ + CONFIG_PXE_HAS_HTTPS=$(CONFIG_PXE_HAS_HTTPS) \ MFLAGS= MAKEFLAGS=

# LinuxBoot diff --git a/payloads/external/iPXE/Kconfig b/payloads/external/iPXE/Kconfig index 7cb0d1e..1636138 100644 --- a/payloads/external/iPXE/Kconfig +++ b/payloads/external/iPXE/Kconfig @@ -113,5 +113,13 @@ Uses the ipxe script instead showing the prompt: "Press Ctrl-B to start iPXE..."

+config PXE_HAS_HTTPS + bool "Enable HTTPS protocol" + default y + depends on BUILD_IPXE + help + Enable HTTPS protocol, which allows you to encrypt all communication + with a web server and to verify the server's identity + endmenu endif diff --git a/payloads/external/iPXE/Makefile b/payloads/external/iPXE/Makefile index 0c071fa..489bcfa 100644 --- a/payloads/external/iPXE/Makefile +++ b/payloads/external/iPXE/Makefile @@ -65,6 +65,10 @@ sed 's|#define\s*BANNER_TIMEOUT.*|#define BANNER_TIMEOUT 0|' "$(project_dir)/src/config/general.h" > "$(project_dir)/src/config/general.h.tmp" mv "$(project_dir)/src/config/general.h.tmp" "$(project_dir)/src/config/general.h" endif +ifeq ($(CONFIG_PXE_HAS_HTTPS),y) + sed 's|.*DOWNLOAD_PROTO_HTTPS|#define DOWNLOAD_PROTO_HTTPS|g' "$(project_dir)/src/config/general.h" > "$(project_dir)/src/config/general.h.tmp" + mv "$(project_dir)/src/config/general.h.tmp" "$(project_dir)/src/config/general.h" +endif

build: config $(CONFIG_SCRIPT) ifeq ($(CONFIG_HAS_SCRIPT),y)

-- To view, visit https://review.coreboot.org/c/coreboot/+/31086 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Gerrit-Change-Number: 31086 Gerrit-PatchSet: 10 Gerrit-Owner: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Krystian Hebel krystian.hebel@3mdeb.com Gerrit-Reviewer: Martin Roth martinroth@google.com Gerrit-Reviewer: Michał Żygowski michal.zygowski@3mdeb.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Patrick Georgi pgeorgi@google.com Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com Gerrit-Reviewer: Piotr Król piotr.krol@3mdeb.com Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-MessageType: merged

9elements QA (Code Review)

1 May 1 May

4:45 p.m.

New subject: Change in coreboot[master]: payloads/ipxe: Enable HTTPS support

9elements QA has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/31086 )

Change subject: payloads/ipxe: Enable HTTPS support ......................................................................

Patch Set 10:

Automatic boot test returned (PASS/FAIL/TOTAL): 4/0/4 Emulation targets: "QEMU x86 q35/ich9" using payload TianoCore : SUCCESS : https://lava.9esec.io/r/2926 "QEMU x86 q35/ich9" using payload SeaBIOS : SUCCESS : https://lava.9esec.io/r/2925 "QEMU x86 i440fx/piix4" using payload SeaBIOS : SUCCESS : https://lava.9esec.io/r/2924 "QEMU AArch64" using payload LinuxBoot_u-root_kexec : SUCCESS : https://lava.9esec.io/r/2923

Please note: This test is under development and might not be accurate at all!

-- To view, visit https://review.coreboot.org/c/coreboot/+/31086 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Gerrit-Change-Number: 31086 Gerrit-PatchSet: 10 Gerrit-Owner: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Felix Singer felixsinger@posteo.net Gerrit-Reviewer: Krystian Hebel krystian.hebel@3mdeb.com Gerrit-Reviewer: Martin Roth martinroth@google.com Gerrit-Reviewer: Michał Żygowski michal.zygowski@3mdeb.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Patrick Georgi pgeorgi@google.com Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com Gerrit-Reviewer: Piotr Król piotr.krol@3mdeb.com Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-CC: 9elements QA hardwaretestrobot@gmail.com Gerrit-Comment-Date: Fri, 01 May 2020 14:45:33 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: No Gerrit-MessageType: comment

1666

days inactive

2128

days old

coreboot-gerrit@coreboot.org

18 comments

6 participants

tags (0)

participants (6)

9elements QA (Code Review)
Felix Singer (Code Review)
Krystian Hebel (Code Review)
Michał Żygowski (Code Review)
Nico Huber (Code Review)
Piotr Król (Code Review)