[crypto] Allow multiplicand and multiplier to differ in size

Big integer multiplication is currently used only as part of modular
exponentiation, where both multiplicand and multiplier will be the
same size.

Relax this requirement to allow for the use of big integer
multiplication in other contexts.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

.github/workflows/build.yml

@@ -49,7 +49,8 @@ jobs:
           sudo apt update
           sudo apt install -y -o Acquire::Retries=50 \
                            mtools syslinux isolinux \
-                           libc6-dev-i386 libc6-dbg:i386 valgrind
+                           libc6-dev-i386 valgrind \
+                           libgcc-s1:i386 libc6-dbg:i386
       - name: Build (BIOS)
         run: |
           make -j 4 -C src

contrib/cloud/aws-import

@@ -46,11 +46,19 @@ def create_snapshot(region, description, image):
     return snapshot_id
 
 
-def import_image(region, name, architecture, image, public):
+def import_image(region, name, architecture, image, public, overwrite):
     """Import an AMI image"""
     client = boto3.client('ec2', region_name=region)
     resource = boto3.resource('ec2', region_name=region)
     description = '%s (%s)' % (name, architecture)
+    images = client.describe_images(Filters=[{'Name': 'name',
+                                              'Values': [description]}])
+    if overwrite and images['Images']:
+        images = images['Images'][0]
+        image_id = images['ImageId']
+        snapshot_id = images['BlockDeviceMappings'][0]['Ebs']['SnapshotId']
+        resource.Image(image_id).deregister()
+        resource.Snapshot(snapshot_id).delete()
     snapshot_id = create_snapshot(region=region, description=description,
                                   image=image)
     client.get_waiter('snapshot_completed').wait(SnapshotIds=[snapshot_id])
@@ -88,6 +96,8 @@ parser.add_argument('--name', '-n',
                     help="Image name")
 parser.add_argument('--public', '-p', action='store_true',
                     help="Make image public")
+parser.add_argument('--overwrite', action='store_true',
+                    help="Overwrite any existing image with same name")
 parser.add_argument('--region', '-r', action='append',
                     help="AWS region(s)")
 parser.add_argument('--wiki', '-w', metavar='FILE',
@@ -115,7 +125,8 @@ with ThreadPoolExecutor(max_workers=len(imports)) as executor:
                                name=args.name,
                                architecture=architectures[image],
                                image=image,
-                               public=args.public): (region, image)
+                               public=args.public,
+                               overwrite=args.overwrite): (region, image)
                for region, image in imports}
     results = {futures[future]: future.result()
                for future in as_completed(futures)}

contrib/cloud/aws-int13con

@@ -0,0 +1,68 @@
+#!/usr/bin/env python3
+
+import argparse
+
+import boto3
+
+BLOCKSIZE = 512 * 1024
+
+IPXELOG_OFFSET = 16 * 1024
+
+IPXELOG_MAGIC = b'iPXE LOG'
+
+
+def create_snapshot(region, instance_id):
+    """Create root volume snapshot"""
+    client = boto3.client('ec2', region_name=region)
+    resource = boto3.resource('ec2', region_name=region)
+    instance = resource.Instance(instance_id)
+    volumes = list(instance.volumes.all())
+    snapshot = volumes[0].create_snapshot()
+    snapshot.wait_until_completed()
+    return snapshot.id
+
+
+def get_snapshot_block(region, snapshot_id, index):
+    """Get block content from snapshot"""
+    client = boto3.client('ebs', region_name=region)
+    blocks = client.list_snapshot_blocks(SnapshotId=snapshot_id,
+                                         StartingBlockIndex=index)
+    token = blocks['Blocks'][0]['BlockToken']
+    block = client.get_snapshot_block(SnapshotId=snapshot_id,
+                                      BlockIndex=index,
+                                      BlockToken=token)
+    return block['BlockData'].read()
+
+
+def get_block0_content(region, instance_id):
+    """Get content of root volume block zero from instance"""
+    client = boto3.client('ec2', region_name=region)
+    resource = boto3.resource('ec2', region_name=region)
+    snapshot_id = create_snapshot(region, instance_id)
+    block = get_snapshot_block(region, snapshot_id, 0)
+    resource.Snapshot(snapshot_id).delete()
+    return block
+
+
+def get_int13con_output(region, instance_id):
+    """Get INT13 console output"""
+    block = get_block0_content(region, instance_id)
+    logpart = block[IPXELOG_OFFSET:]
+    magic = logpart[:len(IPXELOG_MAGIC)]
+    if magic != IPXELOG_MAGIC:
+        raise ValueError("Invalid log magic signature")
+    log = logpart[len(IPXELOG_MAGIC):].split(b'\0')[0]
+    return log.decode()
+
+
+# Parse command-line arguments
+parser = argparse.ArgumentParser(description="Get AWS INT13 console output")
+parser.add_argument('--region', '-r', help="AWS region")
+parser.add_argument('id', help="Instance ID")
+args = parser.parse_args()
+
+# Get console output from INT13CON partition
+output = get_int13con_output(args.region, args.id)
+
+# Print console output
+print(output)

src/.gitignore

@@ -1,4 +1,4 @@
 .toolcheck
 .echocheck
 TAGS*
-bin*
+bin-*

src/Makefile.efi

@@ -50,6 +50,10 @@ $(BIN)/efidrv.cab : $(BIN)/alldrv.efis # $(ALL_drv.efi) is not yet defined
 	$(QM)$(ECHO) "  [CAB] $@"
 	$(Q)$(LCAB) -n -q $(ALL_drv.efi) $@
 
-$(BIN)/%.iso $(BIN)/%.usb : $(BIN)/%.efi util/genfsimg
+$(BIN)/%.iso : $(BIN)/%.efi util/genfsimg
+	$(QM)$(ECHO) "  [GENFSIMG] $@"
+	$(Q)util/genfsimg -o $@ $<
+
+$(BIN)/%.usb : $(BIN)/%.efi util/genfsimg
 	$(QM)$(ECHO) "  [GENFSIMG] $@"
 	$(Q)util/genfsimg -o $@ $<

src/Makefile.housekeeping

@@ -502,6 +502,13 @@ LDFLAGS		+= --gc-sections
 #
 LDFLAGS		+= -static
 
+# Use separate code segment if supported by linker
+#
+ZSC_TEST	= $(LD) -z separate-code --version 2>&1 > /dev/null
+ZSC_FLAGS	:= $(shell [ -z "`$(ZSC_TEST)`" ] && \
+		     $(ECHO) '-z separate-code -z max-page-size=4096')
+LDFLAGS		+= $(ZSC_FLAGS)
+
 # compiler.h is needed for our linking and debugging system
 #
 CFLAGS		+= -include include/compiler.h
@@ -1002,6 +1009,7 @@ endif
 # Device ID tables (using IDs from ROM definition file)
 #
 define obj_pci_id_asm
+	.section ".note.GNU-stack", "", $(ASM_TCHAR)progbits
 	.section ".pci_devlist.$(1)", "a", $(ASM_TCHAR)progbits
 	.globl pci_devlist_$(1)
 pci_devlist_$(1):
@@ -1171,7 +1179,7 @@ BLIB		= $(BIN)/blib.a
 $(BLIB) : $(BLIB_OBJS) $(BLIB_LIST) $(MAKEDEPS)
 	$(Q)$(RM) $(BLIB)
 	$(QM)$(ECHO) "  [AR] $@"
-	$(Q)$(AR) rD $@ $(sort $(BLIB_OBJS))
+	$(Q)$(AR) rcD $@ $(sort $(BLIB_OBJS))
 	$(Q)$(OBJCOPY) --enable-deterministic-archives \
 		       --prefix-symbols=$(SYMBOL_PREFIX) $@
 	$(Q)$(RANLIB) -D $@

src/arch/arm/Makefile

@@ -9,4 +9,5 @@ INCDIRS		+= arch/arm/include
 
 # ARM-specific directories containing source files
 #
+SRCDIRS		+= arch/arm/core
 SRCDIRS		+= arch/arm/interface/efi

src/arch/arm/core/arm_io.c

@@ -46,7 +46,7 @@ union arm32_io_qword {
  *
  * This is not atomic for ARM32.
  */
-static uint64_t arm32_readq ( volatile uint64_t *io_addr ) {
+static __unused uint64_t arm32_readq ( volatile uint64_t *io_addr ) {
 	volatile union arm32_io_qword *ptr =
 		container_of ( io_addr, union arm32_io_qword, qword );
 	union arm32_io_qword tmp;
@@ -64,7 +64,8 @@ static uint64_t arm32_readq ( volatile uint64_t *io_addr ) {
  *
  * This is not atomic for ARM32.
  */
-static void arm32_writeq ( uint64_t data, volatile uint64_t *io_addr ) {
+static __unused void arm32_writeq ( uint64_t data,
+				    volatile uint64_t *io_addr ) {
 	volatile union arm32_io_qword *ptr =
 		container_of ( io_addr, union arm32_io_qword, qword );
 	union arm32_io_qword tmp;
@@ -82,7 +83,6 @@ PROVIDE_IOAPI_INLINE ( arm, readl );
 PROVIDE_IOAPI_INLINE ( arm, writeb );
 PROVIDE_IOAPI_INLINE ( arm, writew );
 PROVIDE_IOAPI_INLINE ( arm, writel );
-PROVIDE_IOAPI_INLINE ( arm, iodelay );
 PROVIDE_IOAPI_INLINE ( arm, mb );
 #ifdef __aarch64__
 PROVIDE_IOAPI_INLINE ( arm, readq );
@@ -91,3 +91,4 @@ PROVIDE_IOAPI_INLINE ( arm, writeq );
 PROVIDE_IOAPI ( arm, readq, arm32_readq );
 PROVIDE_IOAPI ( arm, writeq, arm32_writeq );
 #endif
+PROVIDE_DUMMY_PIO ( arm );

src/arch/arm/include/bits/entropy.h

@@ -1,12 +0,0 @@
-#ifndef _BITS_ENTROPY_H
-#define _BITS_ENTROPY_H
-
-/** @file
- *
- * ARM-specific entropy API implementations
- *
- */
-
-FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
-
-#endif /* _BITS_ENTROPY_H */

src/arch/arm/include/bits/pci_io.h

@@ -9,6 +9,4 @@
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 
-#include <ipxe/io.h>
-
 #endif /* _BITS_PCI_IO_H */

src/arch/arm/include/ipxe/arm_io.h

@@ -15,6 +15,8 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #define IOAPI_PREFIX_arm __arm_
 #endif
 
+#include <ipxe/dummy_pio.h>
+
 /*
  * Memory space mappings
  *
@@ -77,55 +79,6 @@ ARM_WRITEX ( w, uint16_t, "h", "" );
 ARM_WRITEX ( l, uint32_t, "", "" );
 #endif
 
-/*
- * Dummy PIO reads and writes up to 32 bits
- *
- * There is no common standard for I/O-space access for ARM, and
- * non-MMIO peripherals are vanishingly rare.  Provide dummy
- * implementations that will allow code to link and should cause
- * drivers to simply fail to detect hardware at runtime.
- *
- */
-
-#define ARM_INX( _suffix, _type )					      \
-static inline __always_inline _type					      \
-IOAPI_INLINE ( arm, in ## _suffix ) ( volatile _type *io_addr __unused) {     \
-	return ~( (_type) 0 );						      \
-}									      \
-static inline __always_inline void					      \
-IOAPI_INLINE ( arm, ins ## _suffix ) ( volatile _type *io_addr __unused,      \
-				       _type *data, unsigned int count ) {    \
-	memset ( data, 0xff, count * sizeof ( *data ) );		      \
-}
-ARM_INX ( b, uint8_t );
-ARM_INX ( w, uint16_t );
-ARM_INX ( l, uint32_t );
-
-#define ARM_OUTX( _suffix, _type )					      \
-static inline __always_inline void					      \
-IOAPI_INLINE ( arm, out ## _suffix ) ( _type data __unused,		      \
-				       volatile _type *io_addr __unused ) {   \
-	/* Do nothing */						      \
-}									      \
-static inline __always_inline void					      \
-IOAPI_INLINE ( arm, outs ## _suffix ) ( volatile _type *io_addr __unused,     \
-					const _type *data __unused,	      \
-					unsigned int count __unused ) {	      \
-	/* Do nothing */						      \
-}
-ARM_OUTX ( b, uint8_t );
-ARM_OUTX ( w, uint16_t );
-ARM_OUTX ( l, uint32_t );
-
-/*
- * Slow down I/O
- *
- */
-static inline __always_inline void
-IOAPI_INLINE ( arm, iodelay ) ( void ) {
-	/* Nothing to do */
-}
-
 /*
  * Memory barrier
  *
@@ -140,4 +93,7 @@ IOAPI_INLINE ( arm, mb ) ( void ) {
 #endif
 }
 
+/* Dummy PIO */
+DUMMY_PIO ( arm );
+
 #endif /* _IPXE_ARM_IO_H */

src/arch/arm32/core/arm32_bigint.c

@@ -36,19 +36,23 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
  * Multiply big integers
  *
  * @v multiplicand0	Element 0 of big integer to be multiplied
+ * @v multiplicand_size	Number of elements in multiplicand
  * @v multiplier0	Element 0 of big integer to be multiplied
+ * @v multiplier_size	Number of elements in multiplier
  * @v result0		Element 0 of big integer to hold result
- * @v size		Number of elements
  */
 void bigint_multiply_raw ( const uint32_t *multiplicand0,
+			   unsigned int multiplicand_size,
 			   const uint32_t *multiplier0,
-			   uint32_t *result0, unsigned int size ) {
-	const bigint_t ( size ) __attribute__ (( may_alias )) *multiplicand =
-		( ( const void * ) multiplicand0 );
-	const bigint_t ( size ) __attribute__ (( may_alias )) *multiplier =
-		( ( const void * ) multiplier0 );
-	bigint_t ( size * 2 ) __attribute__ (( may_alias )) *result =
-		( ( void * ) result0 );
+			   unsigned int multiplier_size,
+			   uint32_t *result0 ) {
+	unsigned int result_size = ( multiplicand_size + multiplier_size );
+	const bigint_t ( multiplicand_size ) __attribute__ (( may_alias ))
+		*multiplicand = ( ( const void * ) multiplicand0 );
+	const bigint_t ( multiplier_size ) __attribute__ (( may_alias ))
+		*multiplier = ( ( const void * ) multiplier0 );
+	bigint_t ( result_size ) __attribute__ (( may_alias ))
+		*result = ( ( void * ) result0 );
 	unsigned int i;
 	unsigned int j;
 	uint32_t multiplicand_element;
@@ -62,9 +66,9 @@ void bigint_multiply_raw ( const uint32_t *multiplicand0,
 	memset ( result, 0, sizeof ( *result ) );
 
 	/* Multiply integers one element at a time */
-	for ( i = 0 ; i < size ; i++ ) {
+	for ( i = 0 ; i < multiplicand_size ; i++ ) {
 		multiplicand_element = multiplicand->element[i];
-		for ( j = 0 ; j < size ; j++ ) {
+		for ( j = 0 ; j < multiplier_size ; j++ ) {
 			multiplier_element = multiplier->element[j];
 			result_elements = &result->element[ i + j ];
 			/* Perform a single multiply, and add the
@@ -73,7 +77,7 @@ void bigint_multiply_raw ( const uint32_t *multiplicand0,
 			 * never overflow beyond the end of the
 			 * result, since:
 			 *
-			 *     a < 2^{n}, b < 2^{n} => ab < 2^{2n}
+			 *     a < 2^{n}, b < 2^{m} => ab < 2^{n+m}
 			 */
 			__asm__ __volatile__ ( "umull %1, %2, %5, %6\n\t"
 					       "ldr %3, [%0]\n\t"

src/arch/arm32/include/bits/bigint.h

@@ -310,7 +310,9 @@ bigint_done_raw ( const uint32_t *value0, unsigned int size __unused,
 }
 
 extern void bigint_multiply_raw ( const uint32_t *multiplicand0,
+				  unsigned int multiplicand_size,
 				  const uint32_t *multiplier0,
-				  uint32_t *value0, unsigned int size );
+				  unsigned int multiplier_size,
+				  uint32_t *value0 );
 
 #endif /* _BITS_BIGINT_H */

src/arch/arm32/libgcc/lldivmod.S

@@ -1,7 +1,6 @@
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
 	.section ".note.GNU-stack", "", %progbits
-	.text
 	.thumb
 
 /**

src/arch/arm32/libgcc/llshift.S

@@ -1,7 +1,6 @@
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
 	.section ".note.GNU-stack", "", %progbits
-	.text
 	.arm
 
 /**

src/arch/arm64/core/arm64_bigint.c

@@ -36,19 +36,23 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
  * Multiply big integers
  *
  * @v multiplicand0	Element 0 of big integer to be multiplied
+ * @v multiplicand_size	Number of elements in multiplicand
  * @v multiplier0	Element 0 of big integer to be multiplied
+ * @v multiplier_size	Number of elements in multiplier
  * @v result0		Element 0 of big integer to hold result
- * @v size		Number of elements
  */
 void bigint_multiply_raw ( const uint64_t *multiplicand0,
+			   unsigned int multiplicand_size,
 			   const uint64_t *multiplier0,
-			   uint64_t *result0, unsigned int size ) {
-	const bigint_t ( size ) __attribute__ (( may_alias )) *multiplicand =
-		( ( const void * ) multiplicand0 );
-	const bigint_t ( size ) __attribute__ (( may_alias )) *multiplier =
-		( ( const void * ) multiplier0 );
-	bigint_t ( size * 2 ) __attribute__ (( may_alias )) *result =
-		( ( void * ) result0 );
+			   unsigned int multiplier_size,
+			   uint64_t *result0 ) {
+	unsigned int result_size = ( multiplicand_size + multiplier_size );
+	const bigint_t ( multiplicand_size ) __attribute__ (( may_alias ))
+		*multiplicand = ( ( const void * ) multiplicand0 );
+	const bigint_t ( multiplier_size ) __attribute__ (( may_alias ))
+		*multiplier = ( ( const void * ) multiplier0 );
+	bigint_t ( result_size ) __attribute__ (( may_alias ))
+		*result = ( ( void * ) result0 );
 	unsigned int i;
 	unsigned int j;
 	uint64_t multiplicand_element;
@@ -63,9 +67,9 @@ void bigint_multiply_raw ( const uint64_t *multiplicand0,
 	memset ( result, 0, sizeof ( *result ) );
 
 	/* Multiply integers one element at a time */
-	for ( i = 0 ; i < size ; i++ ) {
+	for ( i = 0 ; i < multiplicand_size ; i++ ) {
 		multiplicand_element = multiplicand->element[i];
-		for ( j = 0 ; j < size ; j++ ) {
+		for ( j = 0 ; j < multiplier_size ; j++ ) {
 			multiplier_element = multiplier->element[j];
 			result_elements = &result->element[ i + j ];
 			/* Perform a single multiply, and add the
@@ -74,7 +78,7 @@ void bigint_multiply_raw ( const uint64_t *multiplicand0,
 			 * never overflow beyond the end of the
 			 * result, since:
 			 *
-			 *     a < 2^{n}, b < 2^{n} => ab < 2^{2n}
+			 *     a < 2^{n}, b < 2^{m} => ab < 2^{n+m}
 			 */
 			__asm__ __volatile__ ( "mul %1, %6, %7\n\t"
 					       "umulh %2, %6, %7\n\t"

src/arch/arm64/core/setjmp.S

@@ -1,5 +1,6 @@
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
+	.section ".note.GNU-stack", "", %progbits
 	.text
 
 	/* Must match jmp_buf structure layout */

src/arch/arm64/include/bits/bigint.h

@@ -311,7 +311,9 @@ bigint_done_raw ( const uint64_t *value0, unsigned int size __unused,
 }
 
 extern void bigint_multiply_raw ( const uint64_t *multiplicand0,
+				  unsigned int multiplicand_size,
 				  const uint64_t *multiplier0,
-				  uint64_t *value0, unsigned int size );
+				  unsigned int multiplier_size,
+				  uint64_t *value0 );
 
 #endif /* _BITS_BIGINT_H */

src/arch/i386/core/gdbidt.S

@@ -9,6 +9,7 @@
  * Interrupt handlers
  ****************************************************************************
  */
+	.section ".note.GNU-stack", "", @progbits
 	.section ".text", "ax", @progbits
 	.code32
 

src/arch/i386/core/setjmp.S

@@ -1,8 +1,9 @@
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
+	.section ".note.GNU-stack", "", @progbits
 	.text
-	.arch i386
 	.code32
+	.arch i386
 
 	/* Must match jmp_buf structure layout */
 	.struct	0

src/arch/i386/tests/gdbstub_test.S

@@ -1,3 +1,5 @@
+	.section ".note.GNU-stack", "", @progbits
+	.code32
 	.arch i386
 
 	.section ".data", "aw", @progbits

src/arch/loong64/Makefile

@@ -20,6 +20,7 @@ CFLAGS		+= -fshort-wchar
 
 # LoongArch64-specific directories containing source files
 SRCDIRS		+= arch/loong64/core
+SRCDIRS		+= arch/loong64/interface/efi
 
 # Include platform-specific Makefile
 MAKEDEPS	+= arch/loong64/Makefile.$(PLATFORM)

src/arch/loong64/Makefile.efi

@@ -0,0 +1,14 @@
+# -*- makefile -*- : Force emacs to use Makefile mode
+
+# Specify EFI image builder
+#
+ELF2EFI		= $(ELF2EFI64)
+
+# Specify EFI boot file
+#
+EFI_BOOT_FILE	= bootloongarch64.efi
+
+# Include generic EFI Makefile
+#
+MAKEDEPS	+= Makefile.efi
+include Makefile.efi

src/arch/loong64/core/loong64_bigint.c

@@ -37,19 +37,23 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
  * Multiply big integers
  *
  * @v multiplicand0	Element 0 of big integer to be multiplied
+ * @v multiplicand_size	Number of elements in multiplicand
  * @v multiplier0	Element 0 of big integer to be multiplied
+ * @v multiplier_size	Number of elements in multiplier
  * @v result0		Element 0 of big integer to hold result
- * @v size		Number of elements
  */
 void bigint_multiply_raw ( const uint64_t *multiplicand0,
+			   unsigned int multiplicand_size,
 			   const uint64_t *multiplier0,
-			   uint64_t *result0, unsigned int size ) {
-	const bigint_t ( size ) __attribute__ (( may_alias )) *multiplicand =
-		( ( const void * ) multiplicand0 );
-	const bigint_t ( size ) __attribute__ (( may_alias )) *multiplier =
-		( ( const void * ) multiplier0 );
-	bigint_t ( size * 2 ) __attribute__ (( may_alias )) *result =
-		( ( void * ) result0 );
+			   unsigned int multiplier_size,
+			   uint64_t *result0 ) {
+	unsigned int result_size = ( multiplicand_size + multiplier_size );
+	const bigint_t ( multiplicand_size ) __attribute__ (( may_alias ))
+		*multiplicand = ( ( const void * ) multiplicand0 );
+	const bigint_t ( multiplier_size ) __attribute__ (( may_alias ))
+		*multiplier = ( ( const void * ) multiplier0 );
+	bigint_t ( result_size ) __attribute__ (( may_alias ))
+		*result = ( ( void * ) result0 );
 	unsigned int i;
 	unsigned int j;
 	uint64_t multiplicand_element;
@@ -64,9 +68,9 @@ void bigint_multiply_raw ( const uint64_t *multiplicand0,
 	memset ( result, 0, sizeof ( *result ) );
 
 	/* Multiply integers one element at a time */
-	for ( i = 0 ; i < size ; i++ ) {
+	for ( i = 0 ; i < multiplicand_size ; i++ ) {
 		multiplicand_element = multiplicand->element[i];
-		for ( j = 0 ; j < size ; j++ ) {
+		for ( j = 0 ; j < multiplier_size ; j++ ) {
 			multiplier_element = multiplier->element[j];
 			result_elements = &result->element[ i + j ];
 			/* Perform a single multiply, and add the
@@ -75,7 +79,7 @@ void bigint_multiply_raw ( const uint64_t *multiplicand0,
 			 * never overflow beyond the end of the
 			 * result, since:
 			 *
-			 *     a < 2^{n}, b < 2^{n} => ab < 2^{2n}
+			 *     a < 2^{n}, b < 2^{m} => ab < 2^{n+m}
 			 */
 			__asm__ __volatile__ ( "mul.d   %1, %6, %7\n\t"
 					       "mulh.du %2, %6, %7\n\t"

src/arch/loong64/core/loong64_io.c

@@ -0,0 +1,46 @@
+/*
+ * Copyright (c) 2023, Xiaotian Wu <wuxiaotian@loongson.cn>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/io.h>
+#include <ipxe/loong64_io.h>
+
+/** @file
+ *
+ * iPXE I/O API for LoongArch64
+ *
+ */
+
+PROVIDE_IOAPI_INLINE ( loong64, phys_to_bus );
+PROVIDE_IOAPI_INLINE ( loong64, bus_to_phys );
+PROVIDE_IOAPI_INLINE ( loong64, readb );
+PROVIDE_IOAPI_INLINE ( loong64, readw );
+PROVIDE_IOAPI_INLINE ( loong64, readl );
+PROVIDE_IOAPI_INLINE ( loong64, readq );
+PROVIDE_IOAPI_INLINE ( loong64, writeb );
+PROVIDE_IOAPI_INLINE ( loong64, writew );
+PROVIDE_IOAPI_INLINE ( loong64, writel );
+PROVIDE_IOAPI_INLINE ( loong64, writeq );
+PROVIDE_IOAPI_INLINE ( loong64, mb );
+PROVIDE_DUMMY_PIO ( loong64 );

src/arch/loong64/include/bits/bigint.h

@@ -330,7 +330,9 @@ bigint_done_raw ( const uint64_t *value0, unsigned int size __unused,
 }
 
 extern void bigint_multiply_raw ( const uint64_t *multiplicand0,
+				  unsigned int multiplicand_size,
 				  const uint64_t *multiplier0,
-				  uint64_t *value0, unsigned int size );
+				  unsigned int multiplier_size,
+				  uint64_t *value0 );
 
 #endif /* _BITS_BIGINT_H */

src/arch/loong64/include/bits/entropy.h

@@ -1,12 +0,0 @@
-#ifndef _BITS_ENTROPY_H
-#define _BITS_ENTROPY_H
-
-/** @file
- *
- * LoongArch64-specific entropy API implementations
- *
- */
-
-FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
-
-#endif /* _BITS_ENTROPY_H */

src/arch/loong64/include/bits/io.h

@@ -12,4 +12,6 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 /** Page shift */
 #define PAGE_SHIFT 12
 
+#include <ipxe/loong64_io.h>
+
 #endif /* _BITS_IO_H */

src/arch/loong64/include/bits/nap.h

@@ -9,4 +9,6 @@
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 
-#endif /* _BITS_MAP_H */
+#include <ipxe/efi/efiloong64_nap.h>
+
+#endif /* _BITS_NAP_H */

src/arch/loong64/include/ipxe/efi/efiloong64_nap.h

@@ -0,0 +1,18 @@
+#ifndef _IPXE_EFILOONG64_NAP_H
+#define _IPXE_EFILOONG64_NAP_H
+
+/** @file
+ *
+ * EFI CPU sleeping
+ *
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#ifdef NAP_EFILOONG64
+#define NAP_PREFIX_efiloong64
+#else
+#define NAP_PREFIX_efiloong64 __efiloong64_
+#endif
+
+#endif /* _IPXE_EFILOONG64_NAP_H */

src/arch/loong64/include/ipxe/loong64_io.h

@@ -0,0 +1,82 @@
+#ifndef _IPXE_LOONG64_IO_H
+#define _IPXE_LOONG64_IO_H
+
+/** @file
+ *
+ * iPXE I/O API for LoongArch64
+ *
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#ifdef IOAPI_LOONG64
+#define IOAPI_PREFIX_loong64
+#else
+#define IOAPI_PREFIX_loong64 __loong64_
+#endif
+
+#include <ipxe/dummy_pio.h>
+
+/*
+ * Memory space mappings
+ *
+ */
+
+/*
+ * Physical<->Bus address mappings
+ *
+ */
+
+static inline __always_inline unsigned long
+IOAPI_INLINE ( loong64, phys_to_bus ) ( unsigned long phys_addr ) {
+	return phys_addr;
+}
+
+static inline __always_inline unsigned long
+IOAPI_INLINE ( loong64, bus_to_phys ) ( unsigned long bus_addr ) {
+	return bus_addr;
+}
+
+/*
+ * MMIO reads and writes up to native word size
+ *
+ */
+
+#define LOONG64_READX( _suffix, _type, _insn_suffix )			      \
+static inline __always_inline _type					      \
+IOAPI_INLINE ( loong64, read ## _suffix ) ( volatile _type *io_addr ) {	      \
+	_type data;							      \
+	__asm__ __volatile__ ( "ld." _insn_suffix " %0, %1"		      \
+			       : "=r" ( data ) : "m" ( *io_addr ) );	      \
+	return data;							      \
+}
+LOONG64_READX ( b, uint8_t, "bu");
+LOONG64_READX ( w, uint16_t, "hu");
+LOONG64_READX ( l, uint32_t, "wu");
+LOONG64_READX ( q, uint64_t, "d");
+
+#define LOONG64_WRITEX( _suffix, _type, _insn_suffix )			      \
+static inline __always_inline void					      \
+IOAPI_INLINE ( loong64, write ## _suffix ) ( _type data,		      \
+					     volatile _type *io_addr ) {      \
+	__asm__ __volatile__ ( "st." _insn_suffix " %0, %1"		      \
+			       : : "r" ( data ), "m" ( *io_addr ) );	      \
+}
+LOONG64_WRITEX ( b, uint8_t, "b");
+LOONG64_WRITEX ( w, uint16_t, "h");
+LOONG64_WRITEX ( l, uint32_t, "w" );
+LOONG64_WRITEX ( q, uint64_t, "d");
+
+/*
+ * Memory barrier
+ *
+ */
+static inline __always_inline void
+IOAPI_INLINE ( loong64, mb ) ( void ) {
+	__asm__ __volatile__ ( "dbar 0" );
+}
+
+/* Dummy PIO */
+DUMMY_PIO ( loong64 );
+
+#endif /* _IPXE_LOONG64_IO_H */

src/arch/loong64/interface/efi/efiloong64_nap.c

@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) 2023, Xiaotian Wu <wuxiaotian@loongson.cn>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/nap.h>
+#include <ipxe/efi/efi.h>
+
+/** @file
+ *
+ * iPXE CPU sleeping API for EFI
+ *
+ */
+
+/**
+ * Sleep until next interrupt
+ *
+ */
+static void efiloong64_cpu_nap ( void ) {
+	/*
+	 * I can't find any EFI API that allows us to put the CPU to
+	 * sleep.  The CpuSleep() function is defined in CpuLib.h, but
+	 * isn't part of any exposed protocol so we have no way to
+	 * call it.
+	 *
+	 * The EFI shell doesn't seem to bother sleeping the CPU; it
+	 * just sits there idly burning power.
+	 *
+	 */
+	__asm__ __volatile__ ( "idle 0" );
+}
+
+PROVIDE_NAP ( efiloong64, cpu_nap, efiloong64_cpu_nap );

src/arch/x86/Makefile.pcbios

@@ -13,6 +13,13 @@ LDSCRIPT_PREFIX	= arch/x86/scripts/prefixonly.lds
 #
 LDFLAGS		+= -N --no-check-sections
 
+# Do not warn about RWX segments (required by most prefixes)
+#
+WRWX_TEST	= $(LD) --warn-rwx-segments --version 2>&1 > /dev/null
+WRWX_FLAGS	:= $(shell [ -z "`$(WRWX_TEST)`" ] && \
+		     $(ECHO) '--no-warn-rwx-segments')
+LDFLAGS		+= $(WRWX_FLAGS)
+
 # Media types.
 #
 MEDIA		+= rom
@@ -54,9 +61,15 @@ LIST_NAME_mrom := ROMS
 LIST_NAME_pcirom := ROMS
 LIST_NAME_isarom := ROMS
 
-# ISO or FAT filesystem images
+# ISO images
 NON_AUTO_MEDIA	+= iso
-$(BIN)/%.iso $(BIN)/%.sdsk: $(BIN)/%.lkrn util/genfsimg
+$(BIN)/%.iso : $(BIN)/%.lkrn util/genfsimg
+	$(QM)$(ECHO) "  [GENFSIMG] $@"
+	$(Q)util/genfsimg -o $@ $<
+
+# FAT filesystem images (via syslinux)
+NON_AUTO_MEDIA	+= sdsk
+$(BIN)/%.sdsk : $(BIN)/%.lkrn util/genfsimg
 	$(QM)$(ECHO) "  [GENFSIMG] $@"
 	$(Q)util/genfsimg -o $@ $<
 

src/arch/x86/core/patch_cf.S

@@ -22,9 +22,9 @@
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
-	.text
-	.arch i386
+	.section ".note.GNU-stack", "", @progbits
 	.code16
+	.arch i386
 
 /****************************************************************************
  * Set/clear CF on the stack as appropriate, assumes stack is as it should

src/arch/x86/core/rdrand.c

@@ -0,0 +1,103 @@
+/*
+ * Copyright (C) 2023 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+/** @file
+ *
+ * Hardware random number generator
+ *
+ */
+
+#include <errno.h>
+#include <ipxe/cpuid.h>
+#include <ipxe/entropy.h>
+#include <ipxe/drbg.h>
+
+struct entropy_source rdrand_entropy __entropy_source ( ENTROPY_PREFERRED );
+
+/** Number of times to retry RDRAND instruction */
+#define RDRAND_RETRY_COUNT 16
+
+/** Colour for debug messages */
+#define colour &rdrand_entropy
+
+/**
+ * Enable entropy gathering
+ *
+ * @ret rc		Return status code
+ */
+static int rdrand_entropy_enable ( void ) {
+	struct x86_features features;
+
+	/* Check that RDRAND is supported */
+	x86_features ( &features );
+	if ( ! ( features.intel.ecx & CPUID_FEATURES_INTEL_ECX_RDRAND ) ) {
+		DBGC ( colour, "RDRAND not supported\n" );
+		return -ENOTSUP;
+	}
+
+	/* Data returned by RDRAND is theoretically full entropy, up
+	 * to a security strength of 128 bits, so assume that each
+	 * sample contains exactly 8 bits of entropy.
+	 */
+	if ( DRBG_SECURITY_STRENGTH > 128 )
+		return -ENOTSUP;
+	entropy_init ( &rdrand_entropy, MIN_ENTROPY ( 8.0 ) );
+
+	return 0;
+}
+
+/**
+ * Get noise sample
+ *
+ * @ret noise		Noise sample
+ * @ret rc		Return status code
+ */
+static int rdrand_get_noise ( noise_sample_t *noise ) {
+	unsigned int result;
+	unsigned int discard_c;
+	unsigned int ok;
+
+	/* Issue RDRAND, retrying until CF is set */
+	__asm__ ( "\n1:\n\t"
+		  "rdrand %0\n\t"
+		  "sbb %1, %1\n\t"
+		  "loopz 1b\n\t"
+		  : "=r" ( result ), "=r" ( ok ), "=c" ( discard_c )
+		  : "2" ( RDRAND_RETRY_COUNT ) );
+	if ( ! ok ) {
+		DBGC ( colour, "RDRAND failed to become ready\n" );
+		return -EBUSY;
+	}
+
+	*noise = result;
+	return 0;
+}
+
+/** Hardware random number generator entropy source */
+struct entropy_source rdrand_entropy __entropy_source ( ENTROPY_PREFERRED ) = {
+	.name = "rdrand",
+	.enable = rdrand_entropy_enable,
+	.get_noise = rdrand_get_noise,
+};

src/arch/x86/core/stack.S

@@ -1,6 +1,6 @@
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
-	.arch i386
+	.section ".note.GNU-stack", "", @progbits
 
 #ifdef __x86_64__
 #define STACK_SIZE 8192

src/arch/x86/core/stack16.S

@@ -1,6 +1,6 @@
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
-	.arch i386
+	.section ".note.GNU-stack", "", @progbits
 
 /****************************************************************************
  * Internal stack

src/arch/x86/core/x86_bigint.c

@@ -36,19 +36,23 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
  * Multiply big integers
  *
  * @v multiplicand0	Element 0 of big integer to be multiplied
+ * @v multiplicand_size	Number of elements in multiplicand
  * @v multiplier0	Element 0 of big integer to be multiplied
+ * @v multiplier_size	Number of elements in multiplier
  * @v result0		Element 0 of big integer to hold result
- * @v size		Number of elements
  */
 void bigint_multiply_raw ( const uint32_t *multiplicand0,
+			   unsigned int multiplicand_size,
 			   const uint32_t *multiplier0,
-			   uint32_t *result0, unsigned int size ) {
-	const bigint_t ( size ) __attribute__ (( may_alias )) *multiplicand =
-		( ( const void * ) multiplicand0 );
-	const bigint_t ( size ) __attribute__ (( may_alias )) *multiplier =
-		( ( const void * ) multiplier0 );
-	bigint_t ( size * 2 ) __attribute__ (( may_alias )) *result =
-		( ( void * ) result0 );
+			   unsigned int multiplier_size,
+			   uint32_t *result0 ) {
+	unsigned int result_size = ( multiplicand_size + multiplier_size );
+	const bigint_t ( multiplicand_size ) __attribute__ (( may_alias ))
+		*multiplicand = ( ( const void * ) multiplicand0 );
+	const bigint_t ( multiplier_size ) __attribute__ (( may_alias ))
+		*multiplier = ( ( const void * ) multiplier0 );
+	bigint_t ( result_size ) __attribute__ (( may_alias ))
+		*result = ( ( void * ) result0 );
 	unsigned int i;
 	unsigned int j;
 	uint32_t multiplicand_element;
@@ -62,9 +66,9 @@ void bigint_multiply_raw ( const uint32_t *multiplicand0,
 	memset ( result, 0, sizeof ( *result ) );
 
 	/* Multiply integers one element at a time */
-	for ( i = 0 ; i < size ; i++ ) {
+	for ( i = 0 ; i < multiplicand_size ; i++ ) {
 		multiplicand_element = multiplicand->element[i];
-		for ( j = 0 ; j < size ; j++ ) {
+		for ( j = 0 ; j < multiplier_size ; j++ ) {
 			multiplier_element = multiplier->element[j];
 			result_elements = &result->element[ i + j ];
 			/* Perform a single multiply, and add the
@@ -73,7 +77,7 @@ void bigint_multiply_raw ( const uint32_t *multiplicand0,
 			 * never overflow beyond the end of the
 			 * result, since:
 			 *
-			 *     a < 2^{n}, b < 2^{n} => ab < 2^{2n}
+			 *     a < 2^{n}, b < 2^{m} => ab < 2^{n+m}
 			 */
 			__asm__ __volatile__ ( "mull %5\n\t"
 					       "addl %%eax, (%6,%2,4)\n\t"

src/arch/x86/drivers/net/undiisr.S

@@ -10,9 +10,9 @@ FILE_LICENCE ( GPL2_OR_LATER )
 #define PIC1_ICR 0x20
 #define PIC2_ICR 0xa0
 	
-	.text
-	.arch i386
+	.section ".note.GNU-stack", "", @progbits
 	.code16
+	.arch i386
 
 	.section ".text16", "ax", @progbits
 	.globl undiisr

src/arch/x86/image/bzimage.c

@@ -355,8 +355,8 @@ static size_t bzimage_load_initrd ( struct image *image,
 	size_t offset;
 	size_t pad_len;
 
-	/* Do not include kernel image itself as an initrd */
-	if ( initrd == image )
+	/* Skip hidden images */
+	if ( initrd->flags & IMAGE_HIDDEN )
 		return 0;
 
 	/* Create cpio header for non-prebuilt images */
@@ -406,10 +406,6 @@ static int bzimage_check_initrds ( struct image *image,
 	/* Calculate total loaded length of initrds */
 	for_each_image ( initrd ) {
 
-		/* Skip kernel */
-		if ( initrd == image )
-			continue;
-
 		/* Calculate length */
 		len += bzimage_load_initrd ( image, initrd, UNULL );
 		len = bzimage_align ( len );

src/arch/x86/image/multiboot.c

@@ -204,8 +204,8 @@ static int multiboot_add_modules ( struct image *image, physaddr_t start,
 			break;
 		}
 
-		/* Do not include kernel image itself as a module */
-		if ( module_image == image )
+		/* Skip hidden images */
+		if ( module_image->flags & IMAGE_HIDDEN )
 			continue;
 
 		/* Page-align the module */

src/arch/x86/include/bits/bigint.h

@@ -323,7 +323,9 @@ bigint_done_raw ( const uint32_t *value0, unsigned int size __unused,
 }
 
 extern void bigint_multiply_raw ( const uint32_t *multiplicand0,
+				  unsigned int multiplicand_size,
 				  const uint32_t *multiplier0,
-				  uint32_t *value0, unsigned int size );
+				  unsigned int multiplier_size,
+				  uint32_t *value0 );
 
 #endif /* _BITS_BIGINT_H */

src/arch/x86/include/bits/entropy.h

@@ -1,14 +0,0 @@
-#ifndef _BITS_ENTROPY_H
-#define _BITS_ENTROPY_H
-
-/** @file
- *
- * x86-specific entropy API implementations
- *
- */
-
-FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
-
-#include <ipxe/rtc_entropy.h>
-
-#endif /* _BITS_ENTROPY_H */

src/arch/x86/include/bits/errfile.h

@@ -28,6 +28,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #define ERRFILE_cpuid		( ERRFILE_ARCH | ERRFILE_CORE | 0x00110000 )
 #define ERRFILE_rdtsc_timer	( ERRFILE_ARCH | ERRFILE_CORE | 0x00120000 )
 #define ERRFILE_acpi_timer	( ERRFILE_ARCH | ERRFILE_CORE | 0x00130000 )
+#define ERRFILE_rdrand		( ERRFILE_ARCH | ERRFILE_CORE | 0x00140000 )
 
 #define ERRFILE_bootsector     ( ERRFILE_ARCH | ERRFILE_IMAGE | 0x00000000 )
 #define ERRFILE_bzimage	       ( ERRFILE_ARCH | ERRFILE_IMAGE | 0x00010000 )

src/arch/x86/include/ipxe/cpuid.h

@@ -39,6 +39,9 @@ struct x86_features {
 /** Get standard features */
 #define CPUID_FEATURES 0x00000001UL
 
+/** RDRAND instruction is supported */
+#define CPUID_FEATURES_INTEL_ECX_RDRAND 0x40000000UL
+
 /** Hypervisor is present */
 #define CPUID_FEATURES_INTEL_ECX_HYPERVISOR 0x80000000UL
 

src/arch/x86/include/ipxe/rtc_entropy.h

@@ -1,62 +0,0 @@
-#ifndef _IPXE_RTC_ENTROPY_H
-#define _IPXE_RTC_ENTROPY_H
-
-/** @file
- *
- * RTC-based entropy source
- *
- */
-
-FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
-
-#include <stdint.h>
-
-#ifdef ENTROPY_RTC
-#define ENTROPY_PREFIX_rtc
-#else
-#define ENTROPY_PREFIX_rtc __rtc_
-#endif
-
-/**
- * min-entropy per sample
- *
- * @ret min_entropy	min-entropy of each sample
- */
-static inline __always_inline min_entropy_t
-ENTROPY_INLINE ( rtc, min_entropy_per_sample ) ( void ) {
-
-	/* The min-entropy has been measured on several platforms
-	 * using the entropy_sample test code.  Modelling the samples
-	 * as independent, and using a confidence level of 99.99%, the
-	 * measurements were as follows:
-	 *
-	 *    qemu-kvm		: 7.38 bits
-	 *    VMware		: 7.46 bits
-	 *    Physical hardware	: 2.67 bits
-	 *
-	 * We choose the lowest of these (2.67 bits) and apply a 50%
-	 * safety margin to allow for some potential non-independence
-	 * of samples.
-	 */
-	return MIN_ENTROPY ( 1.3 );
-}
-
-extern uint8_t rtc_sample ( void );
-
-/**
- * Get noise sample
- *
- * @ret noise		Noise sample
- * @ret rc		Return status code
- */
-static inline __always_inline int
-ENTROPY_INLINE ( rtc, get_noise ) ( noise_sample_t *noise ) {
-
-	/* Get sample */
-	*noise = rtc_sample();
-
-	/* Always successful */
-	return 0;
-}
-
-#endif /* _IPXE_RTC_ENTROPY_H */

src/arch/x86/include/librm.h

@@ -250,8 +250,10 @@ extern void remove_user_from_rm_stack ( userptr_t data, size_t size );
 /* CODE_DEFAULT: restore default .code32/.code64 directive */
 #ifdef __x86_64__
 #define CODE_DEFAULT ".code64"
+#define STACK_DEFAULT "q"
 #else
 #define CODE_DEFAULT ".code32"
+#define STACK_DEFAULT "l"
 #endif
 
 /* LINE_SYMBOL: declare a symbol for the current source code line */
@@ -268,7 +270,7 @@ extern void remove_user_from_rm_stack ( userptr_t data, size_t size );
 
 /* REAL_CODE: declare a fragment of code that executes in real mode */
 #define REAL_CODE( asm_code_str )			\
-	"push $1f\n\t"					\
+	"push" STACK_DEFAULT " $1f\n\t"			\
 	"call real_call\n\t"				\
 	TEXT16_CODE ( "\n1:\n\t"			\
 		      asm_code_str			\
@@ -277,7 +279,7 @@ extern void remove_user_from_rm_stack ( userptr_t data, size_t size );
 
 /* PHYS_CODE: declare a fragment of code that executes in flat physical mode */
 #define PHYS_CODE( asm_code_str )			\
-	"push $1f\n\t"					\
+	"push" STACK_DEFAULT " $1f\n\t"			\
 	"call phys_call\n\t"				\
 	".section \".text.phys\", \"ax\", @progbits\n\t"\
 	"\n" LINE_SYMBOL "\n\t"				\

src/arch/x86/interface/pcbios/bios_console.c

@@ -290,29 +290,38 @@ static const char *bios_ansi_input = "";
 struct bios_key {
 	/** Scancode */
 	uint8_t scancode;
-	/** Key code */
-	uint16_t key;
+	/** Relative key value */
+	uint16_t rkey;
 } __attribute__ (( packed ));
 
+/**
+ * Define a BIOS key mapping
+ *
+ * @v scancode		Scancode
+ * @v key		iPXE key code
+ * @v bioskey		BIOS key mapping
+ */
+#define BIOS_KEY( scancode, key ) { scancode, KEY_REL ( key ) }
+
 /** Mapping from BIOS scan codes to iPXE key codes */
 static const struct bios_key bios_keys[] = {
-	{ 0x53, KEY_DC },
-	{ 0x48, KEY_UP },
-	{ 0x50, KEY_DOWN },
-	{ 0x4b, KEY_LEFT },
-	{ 0x4d, KEY_RIGHT },
-	{ 0x47, KEY_HOME },
-	{ 0x4f, KEY_END },
-	{ 0x49, KEY_PPAGE },
-	{ 0x51, KEY_NPAGE },
-	{ 0x3f, KEY_F5 },
-	{ 0x40, KEY_F6 },
-	{ 0x41, KEY_F7 },
-	{ 0x42, KEY_F8 },
-	{ 0x43, KEY_F9 },
-	{ 0x44, KEY_F10 },
-	{ 0x85, KEY_F11 },
-	{ 0x86, KEY_F12 },
+	BIOS_KEY ( 0x53, KEY_DC ),
+	BIOS_KEY ( 0x48, KEY_UP ),
+	BIOS_KEY ( 0x50, KEY_DOWN ),
+	BIOS_KEY ( 0x4b, KEY_LEFT ),
+	BIOS_KEY ( 0x4d, KEY_RIGHT ),
+	BIOS_KEY ( 0x47, KEY_HOME ),
+	BIOS_KEY ( 0x4f, KEY_END ),
+	BIOS_KEY ( 0x49, KEY_PPAGE ),
+	BIOS_KEY ( 0x51, KEY_NPAGE ),
+	BIOS_KEY ( 0x3f, KEY_F5 ),
+	BIOS_KEY ( 0x40, KEY_F6 ),
+	BIOS_KEY ( 0x41, KEY_F7 ),
+	BIOS_KEY ( 0x42, KEY_F8 ),
+	BIOS_KEY ( 0x43, KEY_F9 ),
+	BIOS_KEY ( 0x44, KEY_F10 ),
+	BIOS_KEY ( 0x85, KEY_F11 ),
+	BIOS_KEY ( 0x86, KEY_F12 ),
 };
 
 /**
@@ -323,7 +332,7 @@ static const struct bios_key bios_keys[] = {
  */
 static const char * bios_ansi_seq ( unsigned int scancode ) {
 	static char buf[ 5 /* "[" + two digits + terminator + NUL */ ];
-	unsigned int key;
+	unsigned int rkey;
 	unsigned int terminator;
 	unsigned int n;
 	unsigned int i;
@@ -338,9 +347,9 @@ static const char * bios_ansi_seq ( unsigned int scancode ) {
 			continue;
 
 		/* Construct escape sequence */
-		key = bios_keys[i].key;
-		n = KEY_ANSI_N ( key );
-		terminator = KEY_ANSI_TERMINATOR ( key );
+		rkey = bios_keys[i].rkey;
+		n = KEY_ANSI_N ( rkey );
+		terminator = KEY_ANSI_TERMINATOR ( rkey );
 		*(tmp++) = '[';
 		if ( n )
 			tmp += sprintf ( tmp, "%d", n );
@@ -479,6 +488,7 @@ struct console_driver bios_console __console_driver = {
 static __asmcall __used void bios_inject ( struct i386_all_regs *ix86 ) {
 	unsigned int discard_a;
 	unsigned int scancode;
+	unsigned int rkey;
 	unsigned int i;
 	uint16_t keypress;
 	int key;
@@ -521,9 +531,10 @@ static __asmcall __used void bios_inject ( struct i386_all_regs *ix86 ) {
 
 		/* Handle special keys */
 		if ( key >= KEY_MIN ) {
+			rkey = KEY_REL ( key );
 			for ( i = 0 ; i < ( sizeof ( bios_keys ) /
 					    sizeof ( bios_keys[0] ) ) ; i++ ) {
-				if ( bios_keys[i].key == key ) {
+				if ( bios_keys[i].rkey == rkey ) {
 					scancode = bios_keys[i].scancode;
 					keypress = ( scancode << 8 );
 					break;

src/arch/x86/interface/pcbios/bios_smbios.c

@@ -44,11 +44,11 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
  * @v smbios		SMBIOS entry point descriptor structure to fill in
  * @ret rc		Return status code
  */
-static int bios_find_smbios ( struct smbios *smbios ) {
+static int bios_find_smbios2 ( struct smbios *smbios ) {
 	struct smbios_entry entry;
 	int rc;
 
-	/* Scan through BIOS segment to find SMBIOS entry point */
+	/* Scan through BIOS segment to find SMBIOS 32-bit entry point */
 	if ( ( rc = find_smbios_entry ( real_to_user ( BIOS_SEG, 0 ), 0x10000,
 					&entry ) ) != 0 )
 		return rc;
@@ -62,4 +62,55 @@ static int bios_find_smbios ( struct smbios *smbios ) {
 	return 0;
 }
 
+/**
+ * Find SMBIOS
+ *
+ * @v smbios		SMBIOS entry point descriptor structure to fill in
+ * @ret rc		Return status code
+ */
+static int bios_find_smbios3 ( struct smbios *smbios ) {
+	struct smbios3_entry entry;
+	int rc;
+
+	/* Scan through BIOS segment to find SMBIOS 64-bit entry point */
+	if ( ( rc = find_smbios3_entry ( real_to_user ( BIOS_SEG, 0 ), 0x10000,
+					 &entry ) ) != 0 )
+		return rc;
+
+	/* Check that address is accessible */
+	if ( entry.smbios_address > ~( ( physaddr_t ) 0 ) ) {
+		DBG ( "SMBIOS3 at %08llx is inaccessible\n",
+		      ( ( unsigned long long ) entry.smbios_address ) );
+		return -ENOTSUP;
+	}
+
+	/* Fill in entry point descriptor structure */
+	smbios->address = phys_to_user ( entry.smbios_address );
+	smbios->len = entry.smbios_len;
+	smbios->count = 0;
+	smbios->version = SMBIOS_VERSION ( entry.major, entry.minor );
+
+	return 0;
+}
+
+/**
+ * Find SMBIOS
+ *
+ * @v smbios		SMBIOS entry point descriptor structure to fill in
+ * @ret rc		Return status code
+ */
+static int bios_find_smbios ( struct smbios *smbios ) {
+	int rc;
+
+	/* Use 32-bit table if present */
+	if ( ( rc = bios_find_smbios2 ( smbios ) ) == 0 )
+		return 0;
+
+	/* Otherwise, use 64-bit table if present and accessible */
+	if ( ( rc = bios_find_smbios3 ( smbios ) ) == 0 )
+		return 0;
+
+	return rc;
+}
+
 PROVIDE_SMBIOS ( pcbios, find_smbios, bios_find_smbios );

src/arch/x86/interface/pcbios/e820mangler.S

@@ -23,9 +23,9 @@
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
-	.text
-	.arch i386
+	.section ".note.GNU-stack", "", @progbits
 	.code16
+	.arch i386
 
 #define SMAP 0x534d4150
 

src/arch/x86/interface/pcbios/pcicloud.c

@@ -165,24 +165,27 @@ static void pcicloud_init ( void ) {
 	static struct pci_api *apis[] = {
 		&ecam_api, &pcibios_api, &pcidirect_api
 	};
-	struct pci_range range;
+	struct pci_device pci;
+	uint32_t busdevfn;
 	unsigned int i;
+	int rc;
 
-	/* Select first API that successfully discovers an address range */
+	/* Select first API that successfully discovers a PCI device */
 	for ( i = 0 ; i < ( sizeof ( apis ) / sizeof ( apis[0] ) ) ; i++ ) {
 		pcicloud = apis[i];
-		pcicloud_discover ( 0, &range );
-		if ( range.count != 0 ) {
-			DBGC ( pcicloud, "PCICLOUD selected %s API\n",
-			       pcicloud->name );
-			break;
+		busdevfn = 0;
+		if ( ( rc = pci_find_next ( &pci, &busdevfn ) ) == 0 ) {
+			DBGC ( pcicloud, "PCICLOUD selected %s API (found "
+			       PCI_FMT ")\n", pcicloud->name,
+			       PCI_ARGS ( &pci ) );
+			return;
 		}
 	}
 
-	/* The PCI direct API can never fail discovery since the range
-	 * is hardcoded.
-	 */
-	assert ( range.count != 0 );
+	/* Fall back to using final attempted API if no devices found */
+	pcicloud = apis[ i - 1 ];
+	DBGC ( pcicloud, "PCICLOUD selected %s API (nothing detected)\n",
+	       pcicloud->name );
 }
 
 /** Cloud VM PCI configuration space access initialisation function */

src/arch/x86/interface/pcbios/rtc_entropy.c

@@ -39,6 +39,8 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <ipxe/cpuid.h>
 #include <ipxe/entropy.h>
 
+struct entropy_source rtc_entropy __entropy_source ( ENTROPY_NORMAL );
+
 /** Maximum time to wait for an RTC interrupt, in milliseconds */
 #define RTC_MAX_WAIT_MS 100
 
@@ -203,6 +205,21 @@ static int rtc_entropy_enable ( void ) {
 	if ( ( rc = rtc_entropy_check() ) != 0 )
 		goto err_check;
 
+	/* The min-entropy has been measured on several platforms
+	 * using the entropy_sample test code.  Modelling the samples
+	 * as independent, and using a confidence level of 99.99%, the
+	 * measurements were as follows:
+	 *
+	 *    qemu-kvm		: 7.38 bits
+	 *    VMware		: 7.46 bits
+	 *    Physical hardware	: 2.67 bits
+	 *
+	 * We choose the lowest of these (2.67 bits) and apply a 50%
+	 * safety margin to allow for some potential non-independence
+	 * of samples.
+	 */
+	entropy_init ( &rtc_entropy, MIN_ENTROPY ( 1.3 ) );
+
 	return 0;
 
  err_check:
@@ -226,11 +243,12 @@ static void rtc_entropy_disable ( void ) {
 }
 
 /**
- * Measure a single RTC tick
+ * Get noise sample
  *
- * @ret delta		Length of RTC tick (in TSC units)
+ * @ret noise		Noise sample
+ * @ret rc		Return status code
  */
-uint8_t rtc_sample ( void ) {
+static int rtc_get_noise ( noise_sample_t *noise ) {
 	uint32_t before;
 	uint32_t after;
 	uint32_t temp;
@@ -265,10 +283,14 @@ uint8_t rtc_sample ( void ) {
 		: "=a" ( after ), "=d" ( before ), "=Q" ( temp )
 		: "2" ( 0 ) );
 
-	return ( after - before );
+	*noise = ( after - before );
+	return 0;
 }
 
-PROVIDE_ENTROPY_INLINE ( rtc, min_entropy_per_sample );
-PROVIDE_ENTROPY ( rtc, entropy_enable, rtc_entropy_enable );
-PROVIDE_ENTROPY ( rtc, entropy_disable, rtc_entropy_disable );
-PROVIDE_ENTROPY_INLINE ( rtc, get_noise );
+/** RTC entropy source */
+struct entropy_source rtc_entropy __entropy_source ( ENTROPY_NORMAL ) = {
+	.name = "rtc",
+	.enable = rtc_entropy_enable,
+	.disable = rtc_entropy_disable,
+	.get_noise = rtc_get_noise,
+};

src/arch/x86/interface/pxe/pxe_call.c

@@ -375,9 +375,10 @@ int pxe_start_nbp ( void ) {
  * Notify BIOS of existence of network device
  *
  * @v netdev		Network device
+ * @v priv		Private data
  * @ret rc		Return status code
  */
-static int pxe_notify ( struct net_device *netdev ) {
+static int pxe_notify ( struct net_device *netdev, void *priv __unused ) {
 
 	/* Do nothing if we already have a network device */
 	if ( pxe_netdev )

src/arch/x86/interface/pxe/pxe_entry.S

@@ -26,6 +26,8 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
 #include <librm.h>
 
+	.section ".note.GNU-stack", "", @progbits
+	.code16
 	.arch i386
 
 /****************************************************************************

src/arch/x86/interface/syslinux/com32_wrapper.S

@@ -21,6 +21,7 @@ FILE_LICENCE ( GPL2_OR_LATER )
 
 #include "librm.h"
 
+	.section ".note.GNU-stack", "", @progbits
 	.text
 
 	.code32

src/arch/x86/interface/vmware/guestinfo.c

@@ -207,65 +207,35 @@ struct init_fn guestinfo_init_fn __init_fn ( INIT_NORMAL ) = {
  * Create per-netdevice GuestInfo settings
  *
  * @v netdev		Network device
+ * @v priv		Private data
  * @ret rc		Return status code
  */
-static int guestinfo_net_probe ( struct net_device *netdev ) {
-	struct settings *settings;
+static int guestinfo_net_probe ( struct net_device *netdev, void *priv ) {
+	struct settings *settings = priv;
 	int rc;
 
 	/* Do nothing unless we have a GuestInfo channel available */
 	if ( guestinfo_channel < 0 )
 		return 0;
 
-	/* Allocate and initialise settings block */
-	settings = zalloc ( sizeof ( *settings ) );
-	if ( ! settings ) {
-		rc = -ENOMEM;
-		goto err_alloc;
-	}
-	settings_init ( settings, &guestinfo_settings_operations, NULL, NULL );
-
-	/* Register settings */
+	/* Initialise and register settings */
+	settings_init ( settings, &guestinfo_settings_operations,
+			&netdev->refcnt, NULL );
 	if ( ( rc = register_settings ( settings, netdev_settings ( netdev ),
 					"vmware" ) ) != 0 ) {
 		DBGC ( settings, "GuestInfo %p could not register for %s: %s\n",
 		       settings, netdev->name, strerror ( rc ) );
-		goto err_register;
+		return rc;
 	}
 	DBGC ( settings, "GuestInfo %p registered for %s\n",
 	       settings, netdev->name );
 
 	return 0;
-
- err_register:
-	free ( settings );
- err_alloc:
-	return rc;
-}
-
-/**
- * Remove per-netdevice GuestInfo settings
- *
- * @v netdev		Network device
- */
-static void guestinfo_net_remove ( struct net_device *netdev ) {
-	struct settings *parent = netdev_settings ( netdev );
-	struct settings *settings;
-
-	list_for_each_entry ( settings, &parent->children, siblings ) {
-		if ( settings->op == &guestinfo_settings_operations ) {
-			DBGC ( settings, "GuestInfo %p unregistered for %s\n",
-			       settings, netdev->name );
-			unregister_settings ( settings );
-			free ( settings );
-			return;
-		}
-	}
 }
 
 /** GuestInfo per-netdevice driver */
 struct net_driver guestinfo_net_driver __net_driver = {
 	.name = "GuestInfo",
+	.priv_len = sizeof ( struct settings ),
 	.probe = guestinfo_net_probe,
-	.remove = guestinfo_net_remove,
 };

src/arch/x86/prefix/bootpart.S

@@ -5,10 +5,10 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 #define STACK_SEG 	0x0200
 #define STACK_SIZE	0x2000
 	
-	.text
+	.section ".note.GNU-stack", "", @progbits
+	.code16
 	.arch i386
 	.section ".prefix", "awx", @progbits
-	.code16
 
 /*
  * Find active partition

src/arch/x86/prefix/dskprefix.S

@@ -24,11 +24,11 @@ FILE_LICENCE ( GPL2_ONLY )
 
 .equ	SYSSEG, 0x1000			/* system loaded at SYSSEG<<4 */
 
+	.section ".note.GNU-stack", "", @progbits
 	.org	0
-	.arch i386
-	.text
-	.section ".prefix", "ax", @progbits
 	.code16
+	.arch i386
+	.section ".prefix", "ax", @progbits
 	.globl	_dsk_start
 _dsk_start:
 

src/arch/x86/prefix/exeprefix.S

@@ -36,10 +36,10 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 #define PSP_CMDLINE_LEN 0x80
 #define PSP_CMDLINE_START 0x81
 
-	.text
+	.section ".note.GNU-stack", "", @progbits
+	.code16
 	.arch i386
 	.org 0
-	.code16
 	.section ".prefix", "awx", @progbits
 
 signature:

src/arch/x86/prefix/hdprefix.S

@@ -2,10 +2,10 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
 #include <librm.h>
 
-	.text
+	.section ".note.GNU-stack", "", @progbits
+	.code16
 	.arch i386
 	.section ".prefix", "awx", @progbits
-	.code16
 	.org 0
 	.globl	_hd_start
 _hd_start:

src/arch/x86/prefix/libprefix.S

@@ -26,6 +26,8 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
 #include <librm.h>
 
+	.section ".note.GNU-stack", "", @progbits
+	.code16
 	.arch i386
 
 /* Image compression enabled */

src/arch/x86/prefix/lkrnprefix.S

@@ -4,9 +4,9 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
 #define BZI_LOAD_HIGH_ADDR 0x100000
 
-	.text
-	.arch i386
+	.section ".note.GNU-stack", "", @progbits
 	.code16
+	.arch i386
 	.section ".prefix", "ax", @progbits
 	.globl	_lkrn_start
 _lkrn_start:

src/arch/x86/prefix/mbr.S

@@ -1,9 +1,9 @@
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
-	.text
+	.section ".note.GNU-stack", "", @progbits
+	.code16
 	.arch i386
 	.section ".prefix", "awx", @progbits
-	.code16
 	.org 0
 
 	.globl mbr

src/arch/x86/prefix/mromprefix.S

@@ -41,9 +41,9 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 #define _pcirom_start _mrom_start
 #include "pciromprefix.S"
 
-	.text
-	.arch i386
+	.section ".note.GNU-stack", "", @progbits
 	.code16
+	.arch i386
 
 /* Obtain access to payload by exposing the expansion ROM BAR at the
  * address currently used by a suitably large memory BAR on the same

src/arch/x86/prefix/nbiprefix.S

@@ -2,9 +2,9 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
 #include <librm.h>
 
-	.text
-	.arch i386
+	.section ".note.GNU-stack", "", @progbits
 	.code16
+	.arch i386
 	.section ".prefix", "ax", @progbits
 	.org 0
 

src/arch/x86/prefix/nullprefix.S

@@ -1,11 +1,11 @@
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
+	.section ".note.GNU-stack", "", @progbits
 	.org	0
-	.text
+	.code16
 	.arch i386
 
 	.section ".prefix", "ax", @progbits
-	.code16
 _prefix:
 
 	.section ".text16", "ax", @progbits

src/arch/x86/prefix/pxeprefix.S

@@ -11,10 +11,10 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
 #define PXE_HACK_EB54			0x0001
 
-	.text
+	.section ".note.GNU-stack", "", @progbits
+	.code16
 	.arch i386
 	.org 0
-	.code16
 
 #include <librm.h>
 #include <undi.h>

src/arch/x86/prefix/rawprefix.S

@@ -8,10 +8,10 @@
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
-	.text
+	.section ".note.GNU-stack", "", @progbits
+	.code16
 	.arch i386
 	.org 0
-	.code16
 
 #include <librm.h>
 

src/arch/x86/prefix/romprefix.S

@@ -54,7 +54,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 #define BUSTYPE "PCIR"
 #endif
 
-	.text
+	.section ".note.GNU-stack", "", @progbits
 	.code16
 	.arch i386
 	.section ".prefix", "ax", @progbits

src/arch/x86/prefix/undiloader.S

@@ -2,7 +2,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
 #include <librm.h>
 
-	.text
+	.section ".note.GNU-stack", "", @progbits
 	.code16
 	.arch i386
 	.section ".prefix", "ax", @progbits

src/arch/x86/prefix/unlzma.S

@@ -43,7 +43,8 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
  ****************************************************************************
  */
 
-	.text
+	.section ".note.GNU-stack", "", @progbits
+	.code32
 	.arch i486
 	.section ".prefix.lib", "ax", @progbits
 

src/arch/x86/prefix/usbdisk.S

@@ -2,10 +2,10 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
 #include <config/console.h>
 
-	.text
+	.section ".note.GNU-stack", "", @progbits
+	.code16
 	.arch i386
 	.section ".prefix", "awx", @progbits
-	.code16
 	.org 0
 
 #include "mbr.S"

src/arch/x86/transitions/liba20.S

@@ -24,6 +24,8 @@
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
+	.section ".note.GNU-stack", "", @progbits
+	.code16
 	.arch i386
 
 /****************************************************************************

src/arch/x86/transitions/libkir.S

@@ -31,10 +31,10 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 /* Breakpoint for when debugging under bochs */
 #define BOCHSBP xchgw %bx, %bx
 
-	.text
+	.section ".note.GNU-stack", "", @progbits
+	.code16
 	.arch i386
 	.section ".text16", "awx", @progbits
-	.code16
 	
 /****************************************************************************
  * init_libkir (real-mode or 16:xx protected-mode far call)

src/arch/x86/transitions/librm.S

@@ -83,6 +83,8 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 #define if64 if 0
 #endif
 
+	.section ".note.GNU-stack", "", @progbits
+
 /****************************************************************************
  * Global descriptor table
  *

src/arch/x86_64/core/gdbidt.S

@@ -38,6 +38,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #define SIGFPE 8
 #define SIGSTKFLT 16
 
+	.section ".note.GNU-stack", "", @progbits
 	.section ".text.gdbmach_interrupt", "ax", @progbits
 	.code64
 

src/arch/x86_64/core/setjmp.S

@@ -1,5 +1,6 @@
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )
 
+	.section ".note.GNU-stack", "", @progbits
 	.text
 	.code64
 

src/bin/.gitignore

@@ -1 +1,2 @@
 *
+!.gitignore

src/config/config.c

@@ -290,6 +290,9 @@ REQUIRE_OBJECT ( cert_cmd );
 #ifdef IMAGE_MEM_CMD
 REQUIRE_OBJECT ( image_mem_cmd );
 #endif
+#ifdef SHIM_CMD
+REQUIRE_OBJECT ( shim_cmd );
+#endif
 
 /*
  * Drag in miscellaneous objects
@@ -352,6 +355,9 @@ REQUIRE_OBJECT ( vram_settings );
 #ifdef ACPI_SETTINGS
 REQUIRE_OBJECT ( acpi_settings );
 #endif
+#ifdef EFI_SETTINGS
+REQUIRE_OBJECT ( efi_settings );
+#endif
 
 /*
  * Drag in selected keyboard map

src/config/config_entropy.c

@@ -1,10 +1,8 @@
 /*
- * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.
- *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License as
  * published by the Free Software Foundation; either version 2 of the
- * License, or any later version.
+ * License, or (at your option) any later version.
  *
  * This program is distributed in the hope that it will be useful, but
  * WITHOUT ANY WARRANTY; without even the implied warranty of
@@ -23,18 +21,31 @@
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 
+#include <config/entropy.h>
+
 /** @file
  *
- * Nonexistent entropy source
+ * Entropy configuration options
  *
- *
- * This source provides no entropy and must NOT be used in a
- * security-sensitive environment.
  */
 
-#include <ipxe/entropy.h>
+PROVIDE_REQUIRING_SYMBOL();
 
-PROVIDE_ENTROPY_INLINE ( null, min_entropy_per_sample );
-PROVIDE_ENTROPY_INLINE ( null, entropy_enable );
-PROVIDE_ENTROPY_INLINE ( null, entropy_disable );
-PROVIDE_ENTROPY_INLINE ( null, get_noise );
+/*
+ * Drag in entropy sources
+ */
+#ifdef ENTROPY_RTC
+REQUIRE_OBJECT ( rtc_entropy );
+#endif
+#ifdef ENTROPY_EFITICK
+REQUIRE_OBJECT ( efi_entropy );
+#endif
+#ifdef ENTROPY_EFIRNG
+REQUIRE_OBJECT ( efi_rng );
+#endif
+#ifdef ENTROPY_LINUX
+REQUIRE_OBJECT ( linux_entropy );
+#endif
+#ifdef ENTROPY_RDRAND
+REQUIRE_OBJECT ( rdrand );
+#endif

src/config/defaults/efi.h

@@ -19,7 +19,8 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #define SMBIOS_EFI
 #define SANBOOT_EFI
 #define BOFM_EFI
-#define ENTROPY_EFI
+#define ENTROPY_EFITICK
+#define ENTROPY_EFIRNG
 #define TIME_EFI
 #define REBOOT_EFI
 #define ACPI_EFI
@@ -47,9 +48,12 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 
 #define	REBOOT_CMD		/* Reboot command */
 
+#define EFI_SETTINGS		/* EFI variable settings */
+
 #if defined ( __i386__ ) || defined ( __x86_64__ )
 #define IOAPI_X86
 #define NAP_EFIX86
+#define ENTROPY_RDRAND
 #define	CPUID_CMD		/* x86 CPU feature detection command */
 #define	UNSAFE_STD		/* Avoid setting direction flag */
 #endif
@@ -63,4 +67,9 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #define	IMAGE_GZIP		/* GZIP image support */
 #endif
 
+#if defined ( __loongarch__ )
+#define IOAPI_LOONG64
+#define NAP_EFILOONG64
+#endif
+
 #endif /* CONFIG_DEFAULTS_EFI_H */

src/config/defaults/linux.h

@@ -33,4 +33,8 @@ FILE_LICENCE ( GPL2_OR_LATER );
 #define SANBOOT_PROTO_FCP
 #define SANBOOT_PROTO_HTTP
 
+#if defined ( __i386__ ) || defined ( __x86_64__ )
+#define ENTROPY_RDRAND
+#endif
+
 #endif /* CONFIG_DEFAULTS_LINUX_H */

src/config/defaults/pcbios.h

@@ -20,6 +20,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #define SMBIOS_PCBIOS
 #define SANBOOT_PCBIOS
 #define ENTROPY_RTC
+#define ENTROPY_RDRAND
 #define TIME_RTC
 #define REBOOT_PCBIOS
 #define ACPI_RSDP

src/config/general.h

@@ -150,7 +150,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 //#define POWEROFF_CMD		/* Power off command */
 //#define IMAGE_TRUST_CMD	/* Image trust management commands */
 //#define PCI_CMD		/* PCI commands */
-//#define PARAM_CMD		/* Form parameter commands */
+//#define PARAM_CMD		/* Request parameter commands */
 //#define NEIGHBOUR_CMD		/* Neighbour management commands */
 //#define PING_CMD		/* Ping command */
 //#define CONSOLE_CMD		/* Console command */
@@ -160,6 +160,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 //#define CERT_CMD		/* Certificate management commands */
 //#define IMAGE_MEM_CMD		/* Read memory command */
 #define IMAGE_ARCHIVE_CMD	/* Archive image management commands */
+#define SHIM_CMD		/* EFI shim command (or dummy command) */
 
 /*
  * ROM-specific options

src/config/local/.gitignore

@@ -1 +1,2 @@
 *
+!.gitignore

src/config/settings.h

@@ -9,6 +9,8 @@
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 
+#include <config/defaults.h>
+
 #define	PCI_SETTINGS	/* PCI device settings */
 //#define	CPUID_SETTINGS	/* CPUID settings */
 //#define	MEMMAP_SETTINGS	/* Memory map settings */

src/core/cachedhcp.c

@@ -295,9 +295,10 @@ struct startup_fn cachedhcp_startup_fn __startup_fn ( STARTUP_LATE ) = {
  * Apply cached DHCPACK to network device, if applicable
  *
  * @v netdev		Network device
+ * @v priv		Private data
  * @ret rc		Return status code
  */
-static int cachedhcp_probe ( struct net_device *netdev ) {
+static int cachedhcp_probe ( struct net_device *netdev, void *priv __unused ) {
 
 	/* Apply cached DHCPACK to network device, if applicable */
 	return cachedhcp_apply ( &cached_dhcpack, netdev );

src/core/image.c

@@ -56,8 +56,15 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 /** List of registered images */
 struct list_head images = LIST_HEAD_INIT ( images );
 
+/** Image selected for execution */
+struct image_tag selected_image __image_tag = {
+	.name = "SELECTED",
+};
+
 /** Currently-executing image */
-struct image *current_image;
+struct image_tag current_image __image_tag = {
+	.name = "CURRENT",
+};
 
 /** Current image trust requirement */
 static int require_trusted_images = 0;
@@ -72,8 +79,13 @@ static int require_trusted_images_permanent = 0;
  */
 static void free_image ( struct refcnt *refcnt ) {
 	struct image *image = container_of ( refcnt, struct image, refcnt );
+	struct image_tag *tag;
 
 	DBGC ( image, "IMAGE %s freed\n", image->name );
+	for_each_table_entry ( tag, IMAGE_TAGS ) {
+		if ( tag->image == image )
+			tag->image = NULL;
+	}
 	free ( image->name );
 	free ( image->cmdline );
 	uri_put ( image->uri );
@@ -261,12 +273,6 @@ int register_image ( struct image *image ) {
 			return rc;
 	}
 
-	/* Avoid ending up with multiple "selected" images on
-	 * re-registration
-	 */
-	if ( image_find_selected() )
-		image->flags &= ~IMAGE_SELECTED;
-
 	/* Add to image list */
 	image_get ( image );
 	image->flags |= IMAGE_REGISTERED;
@@ -312,7 +318,7 @@ void unregister_image ( struct image *image ) {
 struct image * find_image ( const char *name ) {
 	struct image *image;
 
-	list_for_each_entry ( image, &images, list ) {
+	for_each_image ( image ) {
 		if ( strcmp ( image->name, name ) == 0 )
 			return image;
 	}
@@ -320,6 +326,23 @@ struct image * find_image ( const char *name ) {
 	return NULL;
 }
 
+/**
+ * Find image by tag
+ *
+ * @v tag		Image tag
+ * @ret image		Executable image, or NULL
+ */
+struct image * find_image_tag ( struct image_tag *tag ) {
+	struct image *image;
+
+	for_each_image ( image ) {
+		if ( tag->image == image )
+			return image;
+	}
+
+	return NULL;
+}
+
 /**
  * Execute image
  *
@@ -346,14 +369,13 @@ int image_exec ( struct image *image ) {
 	if ( image->uri )
 		churi ( image->uri );
 
-	/* Preserve record of any currently-running image */
-	saved_current_image = current_image;
+	/* Set as currently running image */
+	saved_current_image = image_tag ( image, &current_image );
 
-	/* Take out a temporary reference to the image.  This allows
-	 * the image to unregister itself if necessary, without
-	 * automatically freeing itself.
+	/* Take out a temporary reference to the image, so that it
+	 * does not get freed when temporarily unregistered.
 	 */
-	current_image = image_get ( image );
+	image_get ( image );
 
 	/* Check that this image can be executed */
 	if ( ! ( image->type && image->type->exec ) ) {
@@ -371,6 +393,9 @@ int image_exec ( struct image *image ) {
 	/* Record boot attempt */
 	syslog ( LOG_NOTICE, "Executing \"%s\"\n", image->name );
 
+	/* Temporarily unregister the image during its execution */
+	unregister_image ( image );
+
 	/* Try executing the image */
 	if ( ( rc = image->type->exec ( image ) ) != 0 ) {
 		DBGC ( image, "IMAGE %s could not execute: %s\n",
@@ -387,6 +412,10 @@ int image_exec ( struct image *image ) {
 			 image->name, strerror ( rc ) );
 	}
 
+	/* Re-register image (unless due to be replaced) */
+	if ( ! image->replacement )
+		register_image ( image );
+
 	/* Pick up replacement image before we drop the original
 	 * image's temporary reference.  The replacement image must
 	 * already be registered, so we don't need to hold a temporary
@@ -413,7 +442,7 @@ int image_exec ( struct image *image ) {
 	image_put ( image );
 
 	/* Restore previous currently-running image */
-	current_image = saved_current_image;
+	image_tag ( saved_current_image, &current_image );
 
 	/* Reset current working directory */
 	churi ( old_cwuri );
@@ -436,7 +465,7 @@ int image_exec ( struct image *image ) {
  * registered until the currently-executing image returns.
  */
 int image_replace ( struct image *replacement ) {
-	struct image *image = current_image;
+	struct image *image = current_image.image;
 	int rc;
 
 	/* Sanity check */
@@ -472,37 +501,17 @@ int image_replace ( struct image *replacement ) {
  * @ret rc		Return status code
  */
 int image_select ( struct image *image ) {
-	struct image *tmp;
-
-	/* Unselect all other images */
-	for_each_image ( tmp )
-		tmp->flags &= ~IMAGE_SELECTED;
 
 	/* Check that this image can be executed */
 	if ( ! ( image->type && image->type->exec ) )
 		return -ENOEXEC;
 
 	/* Mark image as selected */
-	image->flags |= IMAGE_SELECTED;
+	image_tag ( image, &selected_image );
 
 	return 0;
 }
 
-/**
- * Find selected image
- *
- * @ret image		Executable image, or NULL
- */
-struct image * image_find_selected ( void ) {
-	struct image *image;
-
-	for_each_image ( image ) {
-		if ( image->flags & IMAGE_SELECTED )
-			return image;
-	}
-	return NULL;
-}
-
 /**
  * Change image trust requirement
  *

src/core/interface.c

@@ -285,6 +285,7 @@ void intf_shutdown ( struct interface *intf, int rc ) {
 	intf_nullify ( intf );
 
 	/* Transfer destination to temporary interface */
+	intf_temp_init ( &tmp, intf );
 	tmp.dest = intf->dest;
 	intf->dest = &null_intf;
 

src/core/params.c

@@ -25,7 +25,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 
 /** @file
  *
- * Form parameters
+ * Request parameters
  *
  */
 
@@ -37,7 +37,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 static LIST_HEAD ( parameters );
 
 /**
- * Free form parameter list
+ * Free request parameter list
  *
  * @v refcnt		Reference count
  */
@@ -60,7 +60,7 @@ static void free_parameters ( struct refcnt *refcnt ) {
 }
 
 /**
- * Find form parameter list by name
+ * Find request parameter list by name
  *
  * @v name		Parameter list name (may be NULL)
  * @ret params		Parameter list, or NULL if not found
@@ -78,7 +78,7 @@ struct parameters * find_parameters ( const char *name ) {
 }
 
 /**
- * Create form parameter list
+ * Create request parameter list
  *
  * @v name		Parameter list name (may be NULL)
  * @ret params		Parameter list, or NULL on failure
@@ -118,15 +118,17 @@ struct parameters * create_parameters ( const char *name ) {
 }
 
 /**
- * Add form parameter
+ * Add request parameter
  *
  * @v params		Parameter list
  * @v key		Parameter key
  * @v value		Parameter value
+ * @v flags		Parameter flags
  * @ret param		Parameter, or NULL on failure
  */
 struct parameter * add_parameter ( struct parameters *params,
-				   const char *key, const char *value ) {
+				   const char *key, const char *value,
+				   unsigned int flags ) {
 	struct parameter *param;
 	size_t key_len;
 	size_t value_len;
@@ -147,11 +149,14 @@ struct parameter * add_parameter ( struct parameters *params,
 	param->key = key_copy;
 	strcpy ( value_copy, value );
 	param->value = value_copy;
+	param->flags = flags;
 
 	/* Add to list of parameters */
 	list_add_tail ( &param->list, &params->entries );
 
-	DBGC ( params, "PARAMS \"%s\" added \"%s\"=\"%s\"\n",
-	       params->name, param->key, param->value );
+	DBGC ( params, "PARAMS \"%s\" added \"%s\"=\"%s\"%s%s\n",
+	       params->name, param->key, param->value,
+	       ( ( param->flags & PARAMETER_FORM ) ? " (form)" : "" ),
+	       ( ( param->flags & PARAMETER_HEADER ) ? " (header)" : "" ) );
 	return param;
 }

src/core/parseopt.c

@@ -28,6 +28,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
+#include <ctype.h>
 #include <errno.h>
 #include <getopt.h>
 #include <ipxe/netdevice.h>
@@ -35,6 +36,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <ipxe/settings.h>
 #include <ipxe/params.h>
 #include <ipxe/timer.h>
+#include <ipxe/keys.h>
 #include <ipxe/parseopt.h>
 #include <config/branding.h>
 
@@ -213,6 +215,7 @@ int parse_flag ( char *text __unused, int *flag ) {
  * @ret rc		Return status code
  */
 int parse_key ( char *text, unsigned int *key ) {
+	int rc;
 
 	/* Interpret single characters as being a literal key character */
 	if ( text[0] && ! text[1] ) {
@@ -221,7 +224,17 @@ int parse_key ( char *text, unsigned int *key ) {
 	}
 
 	/* Otherwise, interpret as an integer */
-	return parse_integer ( text, key );
+	if ( ( rc = parse_integer ( text, key ) ) < 0 )
+		return rc;
+
+	/* For backwards compatibility with existing scripts, treat
+	 * integers between the ASCII range and special key range as
+	 * being relative special key values.
+	 */
+	if ( ( ! isascii ( *key ) ) && ( *key < KEY_MIN ) )
+		*key += KEY_MIN;
+
+	return 0;
 }
 
 /**
@@ -302,7 +315,7 @@ int parse_autovivified_setting ( char *text, struct named_setting *setting ) {
 }
 
 /**
- * Parse form parameter list name
+ * Parse request parameter list name
  *
  * @v text		Text
  * @ret params		Parameter list

src/core/random.c

@@ -6,8 +6,9 @@
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 
+#include <stddef.h>
 #include <stdlib.h>
-#include <ipxe/timer.h>
+#include <time.h>
 
 static int32_t rnd_seed = 0;
 
@@ -30,8 +31,9 @@ void srandom ( unsigned int seed ) {
 long int random ( void ) {
 	int32_t q;
 
-	if ( ! rnd_seed ) /* Initialize linear congruential generator */
-		srandom ( currticks() );
+	/* Initialize linear congruential generator */
+	if ( ! rnd_seed )
+		srandom ( time ( NULL ) );
 
 	/* simplified version of the LCG given in Bruce Schneier's
 	   "Applied Cryptography" */

src/core/xfer.c

@@ -60,7 +60,7 @@ static struct xfer_metadata dummy_metadata;
  * @ret rc		Return status code
  */
 int xfer_vredirect ( struct interface *intf, int type, va_list args ) {
-	struct interface tmp = INTF_INIT ( null_intf_desc );
+	struct interface tmp;
 	struct interface *dest;
 	xfer_vredirect_TYPE ( void * ) *op =
 		intf_get_dest_op_no_passthru ( intf, xfer_vredirect, &dest );
@@ -85,6 +85,7 @@ int xfer_vredirect ( struct interface *intf, int type, va_list args ) {
 		 * If redirection fails, then send intf_close() to the
 		 * parent interface.
 		 */
+		intf_temp_init ( &tmp, intf );
 		intf_plug ( &tmp, dest );
 		rc = xfer_vreopen ( dest, type, args );
 		if ( rc == 0 ) {

src/crypto/asn1.c

@@ -589,6 +589,32 @@ int asn1_signature_algorithm ( const struct asn1_cursor *cursor,
 	return 0;
 }
 
+/**
+ * Check ASN.1 OID-identified algorithm
+ *
+ * @v cursor		ASN.1 object cursor
+ * @v expected		Expected algorithm
+ * @ret rc		Return status code
+ */
+int asn1_check_algorithm ( const struct asn1_cursor *cursor,
+			   struct asn1_algorithm *expected ) {
+	struct asn1_algorithm *actual;
+	int rc;
+
+	/* Parse algorithm */
+	if ( ( rc = asn1_algorithm ( cursor, &actual ) ) != 0 )
+		return rc;
+
+	/* Check algorithm matches */
+	if ( actual != expected ) {
+		DBGC ( cursor, "ASN1 %p algorithm %s does not match %s\n",
+		       cursor, actual->name, expected->name );
+		return -ENOTTY_ALGORITHM;
+	}
+
+	return 0;
+}
+
 /**
  * Parse ASN.1 GeneralizedTime
  *

src/crypto/entropy.c

@@ -51,59 +51,33 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 	__einfo_uniqify ( EINFO_EPIPE, 0x02, "Adaptive proportion test failed" )
 
 /**
- * Calculate cutoff value for the repetition count test
+ * Initialise repetition count test
  *
- * @ret cutoff		Cutoff value
- *
- * This is the cutoff value for the Repetition Count Test defined in
- * ANS X9.82 Part 2 (October 2011 Draft) Section 8.5.2.1.2.
+ * @v source		Entropy source
  */
-static inline __attribute__ (( always_inline )) unsigned int
-repetition_count_cutoff ( void ) {
-	double max_repetitions;
-	unsigned int cutoff;
+static void repetition_count_test_init ( struct entropy_source *source ) {
+	struct entropy_repetition_count_test *test =
+		&source->repetition_count_test;
 
-	/* The cutoff formula for the repetition test is:
-	 *
-	 *   C = ( 1 + ( -log2(W) / H_min ) )
-	 *
-	 * where W is set at 2^(-30) (in ANS X9.82 Part 2 (October
-	 * 2011 Draft) Section 8.5.2.1.3.1).
-	 */
-	max_repetitions = ( 1 + ( MIN_ENTROPY ( 30 ) /
-				  min_entropy_per_sample() ) );
-
-	/* Round up to a whole number of repetitions.  We don't have
-	 * the ceil() function available, so do the rounding by hand.
-	 */
-	cutoff = max_repetitions;
-	if ( cutoff < max_repetitions )
-		cutoff++;
-	linker_assert ( ( cutoff >= max_repetitions ), rounding_error );
-
-	/* Floating-point operations are not allowed in iPXE since we
-	 * never set up a suitable environment.  Abort the build
-	 * unless the calculated number of repetitions is a
-	 * compile-time constant.
-	 */
-	linker_assert ( __builtin_constant_p ( cutoff ),
-			repetition_count_cutoff_not_constant );
-
-	return cutoff;
+	/* Sanity checks */
+	assert ( test->repetition_count == 0 );
+	assert ( test->cutoff > 0 );
 }
 
 /**
  * Perform repetition count test
  *
+ * @v source		Entropy source
  * @v sample		Noise sample
  * @ret rc		Return status code
  *
  * This is the Repetition Count Test defined in ANS X9.82 Part 2
  * (October 2011 Draft) Section 8.5.2.1.2.
  */
-static int repetition_count_test ( noise_sample_t sample ) {
-	static noise_sample_t most_recent_sample;
-	static unsigned int repetition_count = 0;
+static int repetition_count_test ( struct entropy_source *source,
+				   noise_sample_t sample ) {
+	struct entropy_repetition_count_test *test =
+		&source->repetition_count_test;
 
 	/* A = the most recently seen sample value
 	 * B = the number of times that value A has been seen in a row
@@ -116,158 +90,71 @@ static int repetition_count_test ( noise_sample_t sample ) {
 	 * the initial value of most_recent_sample is treated as being
 	 * undefined.)
 	 */
-	if ( ( sample == most_recent_sample ) && ( repetition_count > 0 ) ) {
+	if ( ( sample == test->most_recent_sample ) &&
+	     ( test->repetition_count > 0 ) ) {
 
 		/* a) If the new sample = A, then B is incremented by one. */
-		repetition_count++;
+		test->repetition_count++;
 
 		/*    i.  If B >= C, then an error condition is raised
 		 *        due to a failure of the test
 		 */
-		if ( repetition_count >= repetition_count_cutoff() )
+		if ( test->repetition_count >= test->cutoff ) {
+			DBGC ( source, "ENTROPY %s excessively repeated "
+			       "value %d (%d/%d)\n", source->name, sample,
+			       test->repetition_count, test->cutoff );
 			return -EPIPE_REPETITION_COUNT_TEST;
+		}
 
 	} else {
 
 		/* b) Else:
 		 *    i.  A = new sample
 		 */
-		most_recent_sample = sample;
+		test->most_recent_sample = sample;
 
 		/*    ii. B = 1 */
-		repetition_count = 1;
+		test->repetition_count = 1;
 	}
 
 	return 0;
 }
 
 /**
- * Window size for the adaptive proportion test
+ * Initialise adaptive proportion test
  *
- * ANS X9.82 Part 2 (October 2011 Draft) Section 8.5.2.1.3.1.1 allows
- * five possible window sizes: 16, 64, 256, 4096 and 65536.
- *
- * We expect to generate relatively few (<256) entropy samples during
- * a typical iPXE run; the use of a large window size would mean that
- * the test would never complete a single cycle.  We use a window size
- * of 64, which is the smallest window size that permits values of
- * H_min down to one bit per sample.
+ * @v source		Entropy source
  */
-#define ADAPTIVE_PROPORTION_WINDOW_SIZE 64
+static void adaptive_proportion_test_init ( struct entropy_source *source ) {
+	struct entropy_adaptive_proportion_test *test =
+		&source->adaptive_proportion_test;
 
-/**
- * Combine adaptive proportion test window size and min-entropy
- *
- * @v n			N (window size)
- * @v h			H (min-entropy)
- * @ret n_h		(N,H) combined value
- */
-#define APC_N_H( n, h ) ( ( (n) << 8 ) | (h) )
+	/* Sanity checks */
+	assert ( test->sample_count == 0 );
+	assert ( test->repetition_count == 0 );
+	assert ( test->cutoff > 0 );
 
-/**
- * Define a row of the adaptive proportion cutoff table
- *
- * @v h			H (min-entropy)
- * @v c16		Cutoff for N=16
- * @v c64		Cutoff for N=64
- * @v c256		Cutoff for N=256
- * @v c4096		Cutoff for N=4096
- * @v c65536		Cutoff for N=65536
- */
-#define APC_TABLE_ROW( h, c16, c64, c256, c4096, c65536)	   \
-	case APC_N_H ( 16, h ) :	return c16;		   \
-	case APC_N_H ( 64, h ) :	return c64;   		   \
-	case APC_N_H ( 256, h ) :	return c256;		   \
-	case APC_N_H ( 4096, h ) :	return c4096;		   \
-	case APC_N_H ( 65536, h ) :	return c65536;
-
-/** Value used to represent "N/A" in adaptive proportion cutoff table */
-#define APC_NA 0
-
-/**
- * Look up value in adaptive proportion test cutoff table
- *
- * @v n			N (window size)
- * @v h			H (min-entropy)
- * @ret cutoff		Cutoff
- *
- * This is the table of cutoff values defined in ANS X9.82 Part 2
- * (October 2011 Draft) Section 8.5.2.1.3.1.2.
- */
-static inline __attribute__ (( always_inline )) unsigned int
-adaptive_proportion_cutoff_lookup ( unsigned int n, unsigned int h ) {
-	switch ( APC_N_H ( n, h ) ) {
-		APC_TABLE_ROW (  1, APC_NA,     51,    168,   2240,  33537 );
-		APC_TABLE_ROW (  2, APC_NA,     35,    100,   1193,  17053 );
-		APC_TABLE_ROW (  3,     10,     24,     61,    643,   8705 );
-		APC_TABLE_ROW (  4,      8,     16,     38,    354,   4473 );
-		APC_TABLE_ROW (  5,      6,     12,     25,    200,   2321 );
-		APC_TABLE_ROW (  6,      5,      9,     17,    117,   1220 );
-		APC_TABLE_ROW (  7,      4,      7,     15,     71,    653 );
-		APC_TABLE_ROW (  8,      4,      5,      9,     45,    358 );
-		APC_TABLE_ROW (  9,      3,      4,      7,     30,    202 );
-		APC_TABLE_ROW ( 10,      3,      4,      5,     21,    118 );
-		APC_TABLE_ROW ( 11,      2,      3,      4,     15,     71 );
-		APC_TABLE_ROW ( 12,      2,      3,      4,     11,     45 );
-		APC_TABLE_ROW ( 13,      2,      2,      3,      9,     30 );
-		APC_TABLE_ROW ( 14,      2,      2,      3,      7,     21 );
-		APC_TABLE_ROW ( 15,      1,      2,      2,      6,     15 );
-		APC_TABLE_ROW ( 16,      1,      2,      2,      5,     11 );
-		APC_TABLE_ROW ( 17,      1,      1,      2,      4,      9 );
-		APC_TABLE_ROW ( 18,      1,      1,      2,      4,      7 );
-		APC_TABLE_ROW ( 19,      1,      1,      1,      3,      6 );
-		APC_TABLE_ROW ( 20,      1,      1,      1,      3,      5 );
-	default:
-		return APC_NA;
-	}
-}
-
-/**
- * Calculate cutoff value for the adaptive proportion test
- *
- * @ret cutoff		Cutoff value
- *
- * This is the cutoff value for the Adaptive Proportion Test defined
- * in ANS X9.82 Part 2 (October 2011 Draft) Section 8.5.2.1.3.1.2.
- */
-static inline __attribute__ (( always_inline )) unsigned int
-adaptive_proportion_cutoff ( void ) {
-	unsigned int h;
-	unsigned int n;
-	unsigned int cutoff;
-
-	/* Look up cutoff value in cutoff table */
-	n = ADAPTIVE_PROPORTION_WINDOW_SIZE;
-	h = ( min_entropy_per_sample() / MIN_ENTROPY_SCALE );
-	cutoff = adaptive_proportion_cutoff_lookup ( n, h );
-
-	/* Fail unless cutoff value is a build-time constant */
-	linker_assert ( __builtin_constant_p ( cutoff ),
-			adaptive_proportion_cutoff_not_constant );
-
-	/* Fail if cutoff value is N/A */
-	linker_assert ( ( cutoff != APC_NA ),
-			adaptive_proportion_cutoff_not_applicable );
-
-	return cutoff;
+	/* Ensure that a new test run starts immediately */
+	test->sample_count = ADAPTIVE_PROPORTION_WINDOW_SIZE;
 }
 
 /**
  * Perform adaptive proportion test
  *
+ * @v source		Entropy source
  * @v sample		Noise sample
  * @ret rc		Return status code
  *
  * This is the Adaptive Proportion Test for the Most Common Value
  * defined in ANS X9.82 Part 2 (October 2011 Draft) Section 8.5.2.1.3.
  */
-static int adaptive_proportion_test ( noise_sample_t sample ) {
-	static noise_sample_t current_counted_sample;
-	static unsigned int sample_count = ADAPTIVE_PROPORTION_WINDOW_SIZE;
-	static unsigned int repetition_count;
+static int adaptive_proportion_test ( struct entropy_source *source,
+				      noise_sample_t sample ) {
+	struct entropy_adaptive_proportion_test *test =
+		&source->adaptive_proportion_test;
 
 	/* A = the sample value currently being counted
-	 * B = the number of samples examined in this run of the test so far
+	 * S = the number of samples examined in this run of the test so far
 	 * N = the total number of samples that must be observed in
 	 *     one run of the test, also known as the "window size" of
 	 *     the test
@@ -284,37 +171,41 @@ static int adaptive_proportion_test ( noise_sample_t sample ) {
 	 */
 
 	/* 2.  If S = N, then a new run of the test begins: */
-	if ( sample_count == ADAPTIVE_PROPORTION_WINDOW_SIZE ) {
+	if ( test->sample_count == ADAPTIVE_PROPORTION_WINDOW_SIZE ) {
 
 		/* a.  A = the current sample */
-		current_counted_sample = sample;
+		test->current_counted_sample = sample;
 
 		/* b.  S = 0 */
-		sample_count = 0;
+		test->sample_count = 0;
 
 		/* c. B = 0 */
-		repetition_count = 0;
+		test->repetition_count = 0;
 
 	} else {
 
 		/* Else: (the test is already running)
 		 * a.  S = S + 1
 		 */
-		sample_count++;
+		test->sample_count++;
 
 		/* b.  If A = the current sample, then: */
-		if ( sample == current_counted_sample ) {
+		if ( sample == test->current_counted_sample ) {
 
 			/* i.   B = B + 1 */
-			repetition_count++;
+			test->repetition_count++;
 
 			/* ii.  If S (sic) > C then raise an error
 			 *      condition, because the test has
 			 *      detected a failure
 			 */
-			if ( repetition_count > adaptive_proportion_cutoff() )
+			if ( test->repetition_count > test->cutoff ) {
+				DBGC ( source, "ENTROPY %s excessively "
+				       "repeated value %d (%d/%d)\n",
+				       source->name, sample,
+				       test->repetition_count, test->cutoff );
 				return -EPIPE_ADAPTIVE_PROPORTION_TEST;
-
+			}
 		}
 	}
 
@@ -324,62 +215,180 @@ static int adaptive_proportion_test ( noise_sample_t sample ) {
 /**
  * Get entropy sample
  *
+ * @v source		Entropy source
  * @ret entropy		Entropy sample
  * @ret rc		Return status code
  *
  * This is the GetEntropy function defined in ANS X9.82 Part 2
  * (October 2011 Draft) Section 6.5.1.
  */
-static int get_entropy ( entropy_sample_t *entropy ) {
-	static int rc = 0;
+static int get_entropy ( struct entropy_source *source,
+			 entropy_sample_t *entropy ) {
 	noise_sample_t noise;
+	int rc;
 
 	/* Any failure is permanent */
-	if ( rc != 0 )
-		return rc;
+	if ( ( rc = source->rc ) != 0 )
+		goto err_broken;
 
 	/* Get noise sample */
-	if ( ( rc = get_noise ( &noise ) ) != 0 )
-		return rc;
+	if ( ( rc = get_noise ( source, &noise ) ) != 0 )
+		goto err_get_noise;
 
 	/* Perform Repetition Count Test and Adaptive Proportion Test
 	 * as mandated by ANS X9.82 Part 2 (October 2011 Draft)
 	 * Section 8.5.2.1.1.
 	 */
-	if ( ( rc = repetition_count_test ( noise ) ) != 0 )
-		return rc;
-	if ( ( rc = adaptive_proportion_test ( noise ) ) != 0 )
-		return rc;
+	if ( ( rc = repetition_count_test ( source, noise ) ) != 0 )
+		goto err_repetition_count_test;
+	if ( ( rc = adaptive_proportion_test ( source, noise ) ) != 0 )
+		goto err_adaptive_proportion_test;
 
 	/* We do not use any optional conditioning component */
 	*entropy = noise;
 
 	return 0;
+
+ err_adaptive_proportion_test:
+ err_repetition_count_test:
+ err_get_noise:
+	source->rc = rc;
+ err_broken:
+	return rc;
 }
 
 /**
- * Calculate number of samples required for startup tests
+ * Initialise startup test
  *
- * @ret num_samples	Number of samples required
- *
- * ANS X9.82 Part 2 (October 2011 Draft) Section 8.5.2.1.5 requires
- * that at least one full cycle of the continuous tests must be
- * performed at start-up.
+ * @v source		Entropy source
  */
-static inline __attribute__ (( always_inline )) unsigned int
-startup_test_count ( void ) {
-	unsigned int num_samples;
+static void startup_test_init ( struct entropy_source *source ) {
+	struct entropy_startup_test *test = &source->startup_test;
 
-	/* At least max(N,C) samples shall be generated by the noise
-	 * source for start-up testing.
-	 */
-	num_samples = repetition_count_cutoff();
-	if ( num_samples < adaptive_proportion_cutoff() )
-		num_samples = adaptive_proportion_cutoff();
-	linker_assert ( __builtin_constant_p ( num_samples ),
-			startup_test_count_not_constant );
+	/* Sanity check */
+	assert ( test->tested == 0 );
+	assert ( test->count > 0 );
+}
 
-	return num_samples;
+/**
+ * Perform startup test
+ *
+ * @v source		Entropy source
+ * @ret rc		Return status code
+ */
+static int startup_test ( struct entropy_source *source ) {
+	struct entropy_startup_test *test = &source->startup_test;
+	entropy_sample_t sample;
+	int rc;
+
+	/* Perform mandatory number of startup tests */
+	for ( ; test->tested < test->count ; test->tested++ ) {
+		if ( ( rc = get_entropy ( source, &sample ) ) != 0 ) {
+			DBGC ( source, "ENTROPY %s failed: %s\n",
+			       source->name, strerror ( rc ) );
+			return rc;
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * Enable entropy gathering
+ *
+ * @v source		Entropy source
+ * @ret rc		Return status code
+ */
+int entropy_enable ( struct entropy_source *source ) {
+	int rc;
+
+	/* Refuse to enable a previously failed source */
+	if ( ( rc = source->rc ) != 0 )
+		return rc;
+
+	/* Enable entropy source */
+	if ( ( rc = source->enable() ) != 0 ) {
+		DBGC ( source, "ENTROPY %s could not enable: %s\n",
+		       source->name, strerror ( rc ) );
+		source->rc = rc;
+		return rc;
+	}
+
+	/* Sanity check */
+	assert ( source->min_entropy_per_sample > 0 );
+
+	/* Initialise test state if this source has not previously been used */
+	if ( source->startup_test.tested == 0 ) {
+		repetition_count_test_init ( source );
+		adaptive_proportion_test_init ( source );
+		startup_test_init ( source );
+	}
+
+	DBGC ( source, "ENTROPY %s enabled\n", source->name );
+	return 0;
+}
+
+/**
+ * Enable and test entropy source
+ *
+ * @v source		Entropy source
+ * @ret rc		Return status code
+ */
+static int entropy_enable_and_test ( struct entropy_source *source ) {
+	int rc;
+
+	/* Enable source */
+	if ( ( rc = entropy_enable ( source ) ) != 0 )
+		goto err_enable;
+
+	/* Test source */
+	if ( ( rc = startup_test ( source ) ) != 0 )
+		goto err_test;
+
+	DBGC ( source, "ENTROPY %s passed %d startup tests\n",
+	       source->name, source->startup_test.count );
+	return 0;
+
+ err_test:
+	entropy_disable ( source );
+ err_enable:
+	assert ( source->rc == rc );
+	return rc;
+}
+
+/**
+ * Enable first working entropy source
+ *
+ * @v source		Entropy source to fill in
+ * @ret rc		Return status code
+ */
+static int entropy_enable_working ( struct entropy_source **source ) {
+	int rc;
+
+	/* Find the first working source */
+	rc = -ENOENT;
+	for_each_table_entry ( *source, ENTROPY_SOURCES ) {
+		if ( ( rc = entropy_enable_and_test ( *source ) ) == 0 )
+			return 0;
+	}
+
+	DBGC ( *source, "ENTROPY has no working sources: %s\n",
+	       strerror ( rc ) );
+	return rc;
+}
+
+/**
+ * Disable entropy gathering
+ *
+ * @v source		Entropy source
+ */
+void entropy_disable ( struct entropy_source *source ) {
+
+	/* Disable entropy gathering, if applicable */
+	if ( source->disable )
+		source->disable();
+
+	DBGC ( source, "ENTROPY %s disabled\n", source->name );
 }
 
 /**
@@ -402,7 +411,7 @@ static uint32_t make_next_nonce ( void ) {
 /**
  * Obtain entropy input temporary buffer
  *
- * @v num_samples	Number of entropy samples
+ * @v min_entropy	Min-entropy required
  * @v tmp		Temporary buffer
  * @v tmp_len		Length of temporary buffer
  * @ret rc		Return status code
@@ -412,47 +421,41 @@ static uint32_t make_next_nonce ( void ) {
  * and condensing each entropy source output after each GetEntropy
  * call) as defined in ANS X9.82 Part 4 (April 2011 Draft) Section
  * 13.3.4.2.
- *
- * To minimise code size, the number of samples required is calculated
- * at compilation time.
  */
-int get_entropy_input_tmp ( unsigned int num_samples, uint8_t *tmp,
+int get_entropy_input_tmp ( min_entropy_t min_entropy, uint8_t *tmp,
 			    size_t tmp_len ) {
-	static unsigned int startup_tested = 0;
+	struct entropy_source *source;
 	struct {
 		uint32_t nonce;
 		entropy_sample_t sample;
 	} __attribute__ (( packed )) data;;
 	uint8_t df_buf[tmp_len];
+	min_entropy_t entropy_total;
+	unsigned int num_samples;
 	unsigned int i;
 	int rc;
 
 	/* Enable entropy gathering */
-	if ( ( rc = entropy_enable() ) != 0 )
-		return rc;
+	if ( ( rc = entropy_enable_working ( &source ) ) != 0 )
+		goto err_enable_working;
 
-	/* Perform mandatory startup tests, if not yet performed */
-	for ( ; startup_tested < startup_test_count() ; startup_tested++ ) {
-		if ( ( rc = get_entropy ( &data.sample ) ) != 0 )
-			goto err_get_entropy;
-	}
+	/* Sanity checks */
+	assert ( source->startup_test.count > 0 );
+	assert ( source->startup_test.tested >= source->startup_test.count );
 
-	/* 3.  entropy_total = 0
-	 *
-	 * (Nothing to do; the number of entropy samples required has
-	 * already been precalculated.)
-	 */
+	/* 3.  entropy_total = 0 */
+	entropy_total = MIN_ENTROPY ( 0 );
 
 	/* 4.  tmp = a fixed n-bit value, such as 0^n */
 	memset ( tmp, 0, tmp_len );
 
 	/* 5.  While ( entropy_total < min_entropy ) */
-	while ( num_samples-- ) {
+	for ( num_samples = 0 ; entropy_total < min_entropy ; num_samples++ ) {
 		/* 5.1.  ( status, entropy_bitstring, assessed_entropy )
 		 *       = GetEntropy()
 		 * 5.2.  If status indicates an error, return ( status, Null )
 		 */
-		if ( ( rc = get_entropy ( &data.sample ) ) != 0 )
+		if ( ( rc = get_entropy ( source, &data.sample ) ) != 0 )
 			goto err_get_entropy;
 
 		/* 5.3.  nonce = MakeNextNonce() */
@@ -466,19 +469,26 @@ int get_entropy_input_tmp ( unsigned int num_samples, uint8_t *tmp,
 		for ( i = 0 ; i < tmp_len ; i++ )
 			tmp[i] ^= df_buf[i];
 
-		/* 5.5.  entropy_total = entropy_total + assessed_entropy
-		 *
-		 * (Nothing to do; the number of entropy samples
-		 * required has already been precalculated.)
-		 */
+		/* 5.5.  entropy_total = entropy_total + assessed_entropy */
+		entropy_total += source->min_entropy_per_sample;
 	}
 
 	/* Disable entropy gathering */
-	entropy_disable();
+	entropy_disable ( source );
 
+	DBGC ( source, "ENTROPY %s gathered %d bits in %d samples\n",
+	       source->name, ( min_entropy / MIN_ENTROPY_SCALE ), num_samples );
 	return 0;
 
  err_get_entropy:
-	entropy_disable();
+	entropy_disable ( source );
+	assert ( source->rc == rc );
+ err_enable_working:
 	return rc;
 }
+
+/* Drag in objects via entropy_enable */
+REQUIRING_SYMBOL ( entropy_enable );
+
+/* Drag in entropy configuration */
+REQUIRE_OBJECT ( config_entropy );

src/crypto/gcm.c

@@ -472,10 +472,10 @@ void gcm_setiv ( struct gcm_context *context, const void *iv, size_t ivlen ) {
 	union gcm_block *check = ( ( void * ) context );
 
 	/* Sanity checks */
-	linker_assert ( &context->hash == check, gcm_bad_layout );
-	linker_assert ( &context->len == check + 1, gcm_bad_layout );
-	linker_assert ( &context->ctr == check + 2, gcm_bad_layout );
-	linker_assert ( &context->key == check + 3, gcm_bad_layout );
+	build_assert ( &context->hash == check );
+	build_assert ( &context->len == check + 1 );
+	build_assert ( &context->ctr == check + 2 );
+	build_assert ( &context->key == check + 3 );
 
 	/* Reset non-key state */
 	memset ( context, 0, offsetof ( typeof ( *context ), key ) );

src/crypto/md4.c

@@ -155,11 +155,11 @@ static void md4_digest ( struct md4_context *context ) {
 
 	/* Sanity checks */
 	assert ( ( context->len % sizeof ( context->ddd.dd.data ) ) == 0 );
-	linker_assert ( &u.ddd.dd.digest.h[0] == a, md4_bad_layout );
-	linker_assert ( &u.ddd.dd.digest.h[1] == b, md4_bad_layout );
-	linker_assert ( &u.ddd.dd.digest.h[2] == c, md4_bad_layout );
-	linker_assert ( &u.ddd.dd.digest.h[3] == d, md4_bad_layout );
-	linker_assert ( &u.ddd.dd.data.dword[0] == w, md4_bad_layout );
+	build_assert ( &u.ddd.dd.digest.h[0] == a );
+	build_assert ( &u.ddd.dd.digest.h[1] == b );
+	build_assert ( &u.ddd.dd.digest.h[2] == c );
+	build_assert ( &u.ddd.dd.digest.h[3] == d );
+	build_assert ( &u.ddd.dd.data.dword[0] == w );
 
 	DBGC ( context, "MD4 digesting:\n" );
 	DBGC_HDA ( context, 0, &context->ddd.dd.digest,

src/crypto/md5.c

@@ -178,11 +178,11 @@ static void md5_digest ( struct md5_context *context ) {
 
 	/* Sanity checks */
 	assert ( ( context->len % sizeof ( context->ddd.dd.data ) ) == 0 );
-	linker_assert ( &u.ddd.dd.digest.h[0] == a, md5_bad_layout );
-	linker_assert ( &u.ddd.dd.digest.h[1] == b, md5_bad_layout );
-	linker_assert ( &u.ddd.dd.digest.h[2] == c, md5_bad_layout );
-	linker_assert ( &u.ddd.dd.digest.h[3] == d, md5_bad_layout );
-	linker_assert ( &u.ddd.dd.data.dword[0] == w, md5_bad_layout );
+	build_assert ( &u.ddd.dd.digest.h[0] == a );
+	build_assert ( &u.ddd.dd.digest.h[1] == b );
+	build_assert ( &u.ddd.dd.digest.h[2] == c );
+	build_assert ( &u.ddd.dd.digest.h[3] == d );
+	build_assert ( &u.ddd.dd.data.dword[0] == w );
 
 	DBGC ( context, "MD5 digesting:\n" );
 	DBGC_HDA ( context, 0, &context->ddd.dd.digest,

src/crypto/rsa.c

@@ -164,7 +164,7 @@ static int rsa_parse_mod_exp ( struct asn1_cursor *modulus,
 	int is_private;
 	int rc;
 
-	/* Enter subjectPublicKeyInfo/RSAPrivateKey */
+	/* Enter subjectPublicKeyInfo/privateKeyInfo/RSAPrivateKey */
 	memcpy ( &cursor, raw, sizeof ( cursor ) );
 	asn1_enter ( &cursor, ASN1_SEQUENCE );
 
@@ -177,6 +177,23 @@ static int rsa_parse_mod_exp ( struct asn1_cursor *modulus,
 		/* Skip version */
 		asn1_skip_any ( &cursor );
 
+		/* Enter privateKey, if present */
+		if ( asn1_check_algorithm ( &cursor,
+					    &rsa_encryption_algorithm ) == 0 ) {
+
+			/* Skip privateKeyAlgorithm */
+			asn1_skip_any ( &cursor );
+
+			/* Enter privateKey */
+			asn1_enter ( &cursor, ASN1_OCTET_STRING );
+
+			/* Enter RSAPrivateKey */
+			asn1_enter ( &cursor, ASN1_SEQUENCE );
+
+			/* Skip version */
+			asn1_skip ( &cursor, ASN1_INTEGER );
+		}
+
 	} else {
 
 		/* Public key */

src/crypto/sha1.c

@@ -145,12 +145,12 @@ static void sha1_digest ( struct sha1_context *context ) {
 
 	/* Sanity checks */
 	assert ( ( context->len % sizeof ( context->ddd.dd.data ) ) == 0 );
-	linker_assert ( &u.ddd.dd.digest.h[0] == a, sha1_bad_layout );
-	linker_assert ( &u.ddd.dd.digest.h[1] == b, sha1_bad_layout );
-	linker_assert ( &u.ddd.dd.digest.h[2] == c, sha1_bad_layout );
-	linker_assert ( &u.ddd.dd.digest.h[3] == d, sha1_bad_layout );
-	linker_assert ( &u.ddd.dd.digest.h[4] == e, sha1_bad_layout );
-	linker_assert ( &u.ddd.dd.data.dword[0] == w, sha1_bad_layout );
+	build_assert ( &u.ddd.dd.digest.h[0] == a );
+	build_assert ( &u.ddd.dd.digest.h[1] == b );
+	build_assert ( &u.ddd.dd.digest.h[2] == c );
+	build_assert ( &u.ddd.dd.digest.h[3] == d );
+	build_assert ( &u.ddd.dd.digest.h[4] == e );
+	build_assert ( &u.ddd.dd.data.dword[0] == w );
 
 	DBGC ( context, "SHA1 digesting:\n" );
 	DBGC_HDA ( context, 0, &context->ddd.dd.digest,