From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.groups.io with SMTP id smtpd.web11.130106.1598001080353306430 for ; Fri, 21 Aug 2020 02:11:20 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=HTB9MOkU; spf=pass (domain: redhat.com, ip: 216.205.24.124, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1598001079; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=X/cjG1MaNlsz60z0iw1CCmtuLXfRFEYLvbN/lpCJi2w=; b=HTB9MOkUV8jElHHrWw1gOlINtnnuuvXFbxU5hPrfCgUzKQiEUry4mgPau+T0KYmcwCeSlU O5YcnDeCTo6hbbU3Iwdsa+A8MiYdXnat010JcWWyaL9DPiWDhYX11nTh1wRlGdhctzhsMJ ApOSA7OI3T2ptmgzOzP4Vg/7LLDBqlY= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-401-87p3oVRjPc2C_kdsus8qBg-1; Fri, 21 Aug 2020 05:11:11 -0400 X-MC-Unique: 87p3oVRjPc2C_kdsus8qBg-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 3C2491015C9D; Fri, 21 Aug 2020 09:11:09 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-113-164.ams2.redhat.com [10.36.113.164]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0F93A60BF1; Fri, 21 Aug 2020 09:11:03 +0000 (UTC) Subject: Re: [edk2-devel] [PATCH v1] NetworkPkg/UefiPxeBcDxe: Fix PXE_BOOT_SERVERS usage in boot info parse flow To: Michael Brown , devel@edk2.groups.io, maciej.rabeda@linux.intel.com Cc: Jiaxin Wu , Siyuan Fu , Seven.ding@lcfuturecenter.com References: <20200819165338.681-1-maciej.rabeda@linux.intel.com> <2dde2087-e291-0232-62e2-a30cdf4e09b2@redhat.com> <590e1de9-9f8c-72df-205e-c767f788ecf3@redhat.com> <4c5fc5c2-6acb-76d9-e8d7-d2743e547627@ipxe.org> From: "Laszlo Ersek" Message-ID: <11640b08-6f42-e4d8-356d-91d4bdf86c2c@redhat.com> Date: Fri, 21 Aug 2020 11:11:03 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <4c5fc5c2-6acb-76d9-e8d7-d2743e547627@ipxe.org> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit On 08/20/20 15:41, Michael Brown wrote: > On 20/08/2020 11:44, Maciej Rabeda wrote: >> @Michael >> I am now wondering whether bit 3 is actually relevant to server choice. >> >> Bit 3: >> == 0 -> prompt user to choose a boot file. Which means to me: show >> minimal menu with prompt (tag 10 - PXE_MENU_PROMPT) and options (tag 9 >> - PXE_BOOT_MENU). >> == 1 -> do not prompt user. If boot file name is present (option 67), >> download that boot file. >> >> Bit 3 does not seem to specify/regulate which server to use. >> >> Choice of server IP might look like: >> >> if (option 43 is present, tag 6 is present, tag_6.bit_2 is set and tag >> 8 is present and valid) >>          take server IP from tag 8 (PXE_BOOT_SERVERS) >> >> else if (option 66 is present) >>          take server IP from option 66 (TFTP server name) >> >> else if (option 54 is present) >>          take server IP from option 54 (Server Identifier) >> >> else >>          failure > > RFC 2132 defines option 66 as a hostname (not an IP address): it is the > equivalent of the non-option "sname" field. > > RFC 2132 defines option 54 as the DHCP server identifier, which is > unrelated to the TFTP server. > > In the simple case (with no PXE menus involved), the TFTP server IP is > provided by the non-option "siaddr" field. > > If option 60 is set to "PXEClient" and option 43 tag 9 is present and > option 43 tag 6 bit 3 is clear then this initiates a convoluted process > in which the user is first presented with an interactive menu > (constructed from the contents of option 43 tag 9) in order to select a > "boot server type", after which a second convoluted process is performed > to query the network using a protocol that is almost, but not quite, > entirely unlike DHCP.  The TFTP server IP and boot filename are > eventually taken from the selected response packet in this final > almost-DHCP exchange. *shudder* I'll 100% defer to you and Maciej on this -- this is very complicated. To begin with, I'm not fully clear what the purpose of edk2 git commit ecec42044078 ("Update PXE driver to support PXE forced mode.", 2014-01-06) was. What on Earth is "PXE forced mode"? Siyuan, can you please explain? And then I don't know whether the bug report at https://bugzilla.tianocore.org/show_bug.cgi?id=2876 really has merit. In the words of the reporter, the presently discussed patch would still qualify as a "work-around", for making the PXE client ignore PXE_BOOT_SERVERS, via clearing option#43 tag#6 bit#2 in the DHCP server response. But IMO the more important question is whether it is valid for the DHCP server (config) at their site to (a) populate PXE_BOOT_SERVERS, (b) put (apparently!) the ProxyDHCP IP address in PXE_BOOT_SERVERS. Like, I'd like to be convinced that the server config at the reporter's site is not *invalid* in the first place. If it's invalid, then we shouldn't be complicating the edk2 client code with a workaround. Even if we adopted the workaround, the reporter would still have to *activate* it, by manually clearing the bit in question (see at the very end of ). For me one big difficulty is that the PXE config options are scattered about a forest of specs. Last time I spent more than an hour cursing and hunting for them. At Red Hat, over the last few years I've received an immense amount of bug reports related to PXEv4/PXEv6 booting with edk2. In almost every case, it was a bug in the reporter's server configuration. Yes, anecdotal evidence. It makes me very reluctant to change the edk2 code, especially that the reporter of TianoCore#2876 has seemingly stopped communications. Note how the bug report makes references to various attachments, such as RAR files and one "Serva32.exe", regarding a reproducer. But until now, with the latest comment being #9, those files have *not* been attached. So it's not like we can set up some virtual machines on a virtual network and fire up wireshark or tcpdump, to see the actual traffic. I'm happy to pull out of this review session, as I trust you Michael and Maciej to do the right here. I'm happy to offer some level of regression testing, if you got new patches. I'd also be OK to simply close TianoCore#2876 as INVALID (due to insufficient data). Thanks Laszlo