src/config/fault.h

#ifndef CONFIG_FAULT_H
#define CONFIG_FAULT_H

/** @file
 *
 * Fault injection
 *
 */

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
FILE_SECBOOT ( PERMITTED );

#include <config/defaults.h>

/* Drop every N transmitted or received network packets */
#define	NETDEV_DISCARD_RATE 0

/* Delay transmissions to neighbour-resolved destinations (in ms) */
#define NEIGHBOUR_DELAY_MS 0

/* Drop every N transmitted or received PeerDist discovery packets */
#define PEERDISC_DISCARD_RATE 0

/* Annul every N PeerDist download attempts */
#define PEERBLK_ANNUL_RATE 0

/* Stall every N PeerDist download attempts */
#define PEERBLK_STALL_RATE 0

/* Abort every N PeerDist download attempts */
#define PEERBLK_ABORT_RATE 0

/* Corrupt every N received PeerDist packets */
#define PEERBLK_CORRUPT_RATE 0

/* Experience virtual machine migration on every N watchdog checks */
#define VM_MIGRATED_RATE 0

/* Poison .bss section before early execution */
#define POISON_BSS 0

#include <config/local/fault.h>

#endif /* CONFIG_FAULT_H */
[fault] Generalise NETDEV_DISCARD_RATE fault injection mechanism Provide a generic inject_fault() function that can be used to inject random faults with configurable probabilities. Signed-off-by: Michael Brown <mcb30@ipxe.org> 2015-07-22 02:56:49 +01:00			`#ifndef CONFIG_FAULT_H`
			`#define CONFIG_FAULT_H`

			`/** @file`
			`*`
			`* Fault injection`
			`*`
			`*/`

			`FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );`
[build] Mark core files as permitted for UEFI Secure Boot Mark all files used in a standard build of bin-x86_64-efi/snponly.efi as permitted for UEFI Secure Boot. These files represent the core functionality of iPXE that is guaranteed to have been included in every binary that was previously subject to a security review and signed by Microsoft. It is therefore legitimate to assume that at least these files have already been reviewed to the required standard multiple times. Signed-off-by: Michael Brown <mcb30@ipxe.org> 2026-01-14 13:25:34 +00:00			`FILE_SECBOOT ( PERMITTED );`
[fault] Generalise NETDEV_DISCARD_RATE fault injection mechanism Provide a generic inject_fault() function that can be used to inject random faults with configurable probabilities. Signed-off-by: Michael Brown <mcb30@ipxe.org> 2015-07-22 02:56:49 +01:00
			`#include <config/defaults.h>`

			`/* Drop every N transmitted or received network packets */`
			`#define NETDEV_DISCARD_RATE 0`

[neighbour] Add the ability to artificially delay outbound packets Add a fault-injection mechanism that allows an arbitrary delay (configured via config/fault.h) to be added to any packets transmitted via the neighbour resolution mechanism, as a way of reproducing symptoms that occur only on high-latency connections such as a satellite uplink. The neighbour discovery mechanism is not a natural conceptual fit for this artficial delay, since neighbour discovery has nothing to do with transmit latency. However, the neighbour discovery mechanism happens to already include a deferred transmission queue that can be (ab)used to implement this artifical delay in a minimally intrusive way. In particular, there is zero code size impact on a standard build with no artificial delay configured. Implementing the delay only for packets transmitted via neighbour resolution has the side effect that broadcast packets (such as DHCP and ARP) are unaffected. This is likely in practice to produce a better emulation of a high-latency uplink scenario, where local network traffic such as DHCP and ARP will complete quickly and only the subsequent TCP/UDP traffic will experience delays. Signed-off-by: Michael Brown <mcb30@ipxe.org> 2026-01-06 14:04:00 +00:00			`/* Delay transmissions to neighbour-resolved destinations (in ms) */`
			`#define NEIGHBOUR_DELAY_MS 0`

[peerdist] Add segment discovery mechanism Signed-off-by: Michael Brown <mcb30@ipxe.org> 2015-08-17 13:16:33 +01:00			`/* Drop every N transmitted or received PeerDist discovery packets */`
			`#define PEERDISC_DISCARD_RATE 0`

[peerdist] Add individual block download mechanism Signed-off-by: Michael Brown <mcb30@ipxe.org> 2015-08-17 13:16:37 +01:00			`/* Annul every N PeerDist download attempts */`
			`#define PEERBLK_ANNUL_RATE 0`

			`/* Stall every N PeerDist download attempts */`
			`#define PEERBLK_STALL_RATE 0`

			`/* Abort every N PeerDist download attempts */`
			`#define PEERBLK_ABORT_RATE 0`

			`/* Corrupt every N received PeerDist packets */`
			`#define PEERBLK_CORRUPT_RATE 0`

[gve] Add driver for Google Virtual Ethernet NIC The Google Virtual Ethernet NIC (GVE or gVNIC) is found only in Google Cloud instances. There is essentially zero documentation available beyond the mostly uncommented source code in the Linux kernel. Signed-off-by: Michael Brown <mcb30@ipxe.org> 2024-07-24 14:30:58 +01:00			`/* Experience virtual machine migration on every N watchdog checks */`
			`#define VM_MIGRATED_RATE 0`

[riscv] Allow for poisoning .bss section before early initialisation On startup, we may be running from read-only memory, and therefore cannot zero the .bss section (or write to the .data section) until we have parsed the system memory map and relocated ourselves to somewhere suitable in RAM. The code that runs during this early initialisation stage must be carefully written to avoid writing to the .data section and to avoid reading from or writing to the .bss section. Detecting code that erroneously writes to the .data or .bss sections is relatively easy since running from read-only memory (e.g. via QEMU's -pflash option) will immediately reveal the bug. Detecting code that erroneously reads from the .bss section is harder, since in a freshly powered-on machine (or in a virtual machine) there is a high probability that the contents of the memory will be zero even before we explicitly zero out the section. Add the ability to fill the .bss section with an invalid non-zero value to expose bugs in early initialisation code that erroneously relies upon variables in .bss before the section has been zeroed. We use the value 0xeb55eb55eb55eb55 ("EBSS") since this is immediately recognisable as a value in a crash dump, and will trigger a page fault if dereferenced since the address is in a non-canonical form. Poisoning the .bss can be done only when the image is known to already reside in writable memory. It will overwrite the relocation records, and so can be done only on a system where relocation is known to be unnecessary (e.g. because paging is supported). We therefore do not enable this behaviour by default, but leave it as a configurable option via the config/fault.h header. Signed-off-by: Michael Brown <mcb30@ipxe.org> 2025-07-30 11:11:00 +01:00			`/* Poison .bss section before early execution */`
			`#define POISON_BSS 0`

[fault] Generalise NETDEV_DISCARD_RATE fault injection mechanism Provide a generic inject_fault() function that can be used to inject random faults with configurable probabilities. Signed-off-by: Michael Brown <mcb30@ipxe.org> 2015-07-22 02:56:49 +01:00			`#include <config/local/fault.h>`

			`#endif /* CONFIG_FAULT_H */`