Powerpc is currently the only architecture that we support more than one
endian. It's the only one that benefits from this swapping, so restrict
the code to there. This saves about 1k in the i386 BIOS loader.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D36577
This saves 80 bytes (the new bootinfo structure was 84 bytes, and a
pointer is 4 bytes). The bi_load32 code is the same size.
Sponsored by: Netflix
Reviewed by: tsoome
Differential Revision: https://reviews.freebsd.org/D36575
FreeBSD 4.x and earlier used the bi_bios_geom to get the geometry of the
device. Starting in 5.x, with the wdc -> ata rewrite, it was used only
in pc98 kernels to report geometry of the drives. It can be safely
removed as booting kernels this old is no longer supported. This saves
176 bytes in the BIOS loader.
Sponsored by: Netflix
Reviewed by: adrian, emaste
Differential Revision: https://reviews.freebsd.org/D36543
We set this value twice: once to 0 and once to the VA that has the name
of the kernel. The first store is redundant. In addition, these two
stores of 0 are also redundant. Since we never set them, they will
always be zero, even if we're called multiple times. This saves 21
bytes on BIOS loader.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D36541
Use the efi's bi_copyenv to md_copyenv and place it in modinfo.c. Remove
all other nearly identical and efi's has the best error handling.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D36574
Now that MOD_xxx macros are modinfo.c, they don't need to be in
modinfo.h.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D36573
md_copymodules, bi_copymdoules, bi_copymodules32 (x2) and
bi_copymodules64 (x2) are all the same routine... Replace them all with
md_copymodules. This saves about 800 bytes on i386 BIOS loader, which is
a nice bonus.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D36572
Move all the MOD_xxx macros to this header. Each user of this interface
is currently required to define MOD_ALIGNMENT(l). modinfo was selected
because it sits inbetween modules and metadata and will make it easier
to migrate to new, shared intefaces.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D36571
To further reduce the differences between the different MOD_xxx macros,
use MOD_ALIGN to do the proper alignment for the given use.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D36570
This replaces the CALLBACK(copyin, ...) with a call to
archsw.arch_copyin which points to a function that does the
callback. More diff reduction for the multiple copies of these routines
in the tree.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D36569
Since archsw.arch_copyin is always i386_copyin, this will be a nop in
terms of functionality. This is a diff reduction against other copies of
the code that differ only by what copyin routine they call.
Sponsored by: Netflix
Reviewed by: tsoome
Differential Revision: https://reviews.freebsd.org/D36568
disk_blocks assumes BIOSDISK_SECSIZE, but the media may not be using
it. In particular, bioscd on Parallels presents a 2K sector size, so
we end up with a short disk_blocks and subsequent validation fails when
trying to read /boot/lua.
PR: 233098
Reviewed by: imp, tsoome
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D36490
This corrects an issue introduced in b4cb3fe0e3, where a freshly
allocated `DOS_FS` structure would not be initialized properly before
use in `dos_open`.
In case of FAT32 file systems, this would leave `fs->dirents`
uninitialized and - depending on its content and due to checks in
`parsebs` - prevent mounting the file system successfully.
This particularily impacted the EFI loader, as it was sometimes not
able to read files from a FAT32-formatted EFI partition, including
LoaderEnv (`/efi/freebsd/loader.env`).
Accepted by: imp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D36482
Reviewed by: imp
Discussed with: gbe (man pages)
English wording help by: rpokala
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Differential revision: https://reviews.freebsd.org/D36435
Normally in the boot loader, we key off of MACHINE since that specifies
the kernel and the loader is very tuned to each type of MACHINE in
general. In this case, however, we're producing a Linux binary, with
Linux system calls encoded in it. These align better along the
MACHINE_ARCH axis of FreeBSD. For PowerPC the system calls are radically
different for each of our MACHINE_ARCHes, with only powerpc64 and
powerpc64le sharing the same numbers and memory layout. The same was
true about mips when it was in the tree. 32-bit arm uses the same
layout, however, for both armv6 and armv7 ports: that can be easily
shared in the unlikely event we support that in the future.
Sponsored by: Netflix
This allows the "Multi user" in "[B]oot Multi user" to be substituted
with another string, for example with "Installer" in installer media.
Note that this is lua-only at the moment, since loader.4th's menu.rc
defines the alternate name as Boot [M]ulti User, unlike lualoader which
leaves it as [B]oot Multi user. Ideally loader.4th would adopt the newer
and simpler lualoader behaviour and then it could gain support for this
option, but loader.4th is on the way out and isn't used by any official
installer media so this is not a significant concern.
Reviewed by: kevans, rpokala
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D36418
Add a smbios.bios.revision kenv, which contains the system BIOS revision
as defined in SMBIOS specification, section 3.3.1.
Since the revision is stored in two separate byte fields,
the smbios_setenv helper can't be used.
Read and construct the kenv manually instead.
Approved by: mw(mentor)
Sponsored by: Stormshield
Obtained from: Semihalf
Differential Revision: https://reviews.freebsd.org/D36413
It is desirable to run kboot as the first program in some LinuxBoot
environments. This is the traditional "pid 1" or "init" program. When
running as pid 1. rovide a minimal environment based on what sysvinit,
u-root, initramfs-tools and other like projects do. We mount /dev, /sys,
/proc, make symlinks from /dev/fd to /dev/proc, and create /tmp, /run,
and /var. We also setup stdin/out/err to the console, set the tty
characteristics of same and block the appropriate signals.
This is indended as an environment that never does a fork/exec. If
that's required, the process groups, session leaders and all things
POSIX terminal handlers will need to be added.
Unlike the general purpose linux projects in this area, no attempt is
made to support very old kernels.
When not pid 1, we skip all of the above.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D36368
Give scripts the ability to determine if the currently running loader
has provided a command.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D36365
interp_has_builtin_cmd() will try to lookup the passed in command and
returns true if it was found, false otherwise.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D36364
Factor out interp_lookup_cmd to search for a command from
interp_builtin_cmd. This simplifies the latter and can be used to expand
lua to ask if a command exists.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D36363
Document how EFI consoles work, at least on x86. There's a number of
weird quirks and limitations that are generally known, but not
documented until now. Include information on how EFI decides what the
defualt console is, how to set it and how to cope with common
situations. Note limitations and mismatch between ACPI (which uses UID
to identify a device) and our console code (which uses a raw address)
and explain why we can't translate between them in the loader.
Sponsored by: Netflix
Reviewed by: manu, kevans, rpokala, pauamma
Differential Revision: https://reviews.freebsd.org/D36286
And thus has a limited range of supported baud rates. Also add that
setting BOOT_BOOT0_COMCONSOLE_SPEED=0 will leave it unchanged which
sometimes can give you 115200 if the BIOS initialized things outside of
the normal BIOS baud rates (which many x86 enbedded-targetted boards
do).
Sponsored by: Netflix
Reviewed by: emaste, manu (earlier versions)
Suggestions by: jhb
Differential Revision: https://reviews.freebsd.org/D36300
When ConOut is missing, we used to default to serial. Except we did it
in the worst way possible by just setting the howto bits and not
updating the console setting, which lead to weird behavior where we'd
get some things on the video port, others on serial.
Instead, set console to "efi,comconsole" for this case. Also set
RB_MULTIPLE always (so we get dual consoles from the kernel) and or in
RB_SERIAL when we can't find GOPs that suggest the precense of a video
console. This will put output in the most places and have a sensible
default for 'primary' console.
Sponsored by: Netflix
Reviewed by: emaste, manu
Differential Revision: https://reviews.freebsd.org/D36299
The boot loader should look in the standard places for the UFS
superblock, but not go too far into the speculative realm. Supress
errors about hash being invalid, which will allow us to boot, even when
the superblock looks good, but fails the hash test. This defers any
policy decisions about booting and/or recovery to userland. This also
has the side effect of eliminating some rather spammy messages when UFS
searches devices with filesystems that are not UFS...
Sponsored by: Netflix
Reviewed by: mckusick
Differential Revision: https://reviews.freebsd.org/D36253
The commit message documented it as /etc/src.conf but the comment in the
source mentioned the non-existent /etc/loader.conf.
Fixes: f8a199f28f ("stand: Raise limit to 550,000 bytes for loader")
into ffs_sbsearch() to allow use by other parts of the system.
Historically only fsck_ffs(8), the UFS filesystem checker, had code
to track down and use alternate UFS superblocks. Since fsdb(8) used
much of the fsck_ffs(8) implementation it had some ability to track
down alternate superblocks.
This change extracts the code to track down alternate superblocks
from fsck_ffs(8) and puts it into a new function ffs_sbsearch() in
sys/ufs/ffs/ffs_subr.c. Like ffs_sbget() and ffs_sbput() also found
in ffs_subr.c, these functions can be used directly by the kernel
subsystems. Additionally they are exported to the UFS library,
libufs(8) so that they can be used by user-level programs. The new
functions added to libufs(8) are sbfind(3) that is an alternative
to sbread(3) and sbsearch(3) that is an alternative to sbget(3).
See their manual pages for further details.
The utilities that have been changed to search for superblocks are
dumpfs(8), fsdb(8), ffsinfo(8), and fsck_ffs(8). Also, the prtblknos(8)
tool found in tools/diag/prtblknos searches for superblocks.
The UFS specific mount code uses the superblock search interface
when mounting the root filesystem and when the administrator doing
a mount(8) command specifies the force flag (-f). The standalone UFS
boot code (found in stand/libsa/ufs.c) uses the superblock search
code in the hope of being able to get the system up and running so
that fsck_ffs(8) can be used to get the filesystem cleaned up.
The following utilities have not been changed to search for
superblocks: clri(8), tunefs(8), snapinfo(8), fstyp(8), quot(8),
dump(8), fsirand(8), growfs(8), quotacheck(8), gjournal(8), and
glabel(8). When these utilities fail, they do report the cause of
the failure. The one exception is the tasting code used to try and
figure what a given disk contains. The tasting code will remain
silent so as not to put out a slew of messages as it trying to taste
every new mass storage device that shows up.
Reviewed by: kib
Reviewed by: Warner Losh
Tested by: Peter Holm
Differential Revision: https://reviews.freebsd.org/D36053
Sponsored by: The FreeBSD Foundation
We don't need the compress rotuines, nor zstd_opt.c. Remove them.
Expand the number of places we omit code for IN_LIBSA (which are FreeBSD
specific). Due to the agressive optimization, though, this doesn't
reduce the size of the loader. It does reduce the number of 'false
positives' for places to omit to reduce the size as well as reducing the
build time slightly.
Sponsored by: Netflix
Reviewed by: tsoome, delphij
Differential Revision: https://reviews.freebsd.org/D36145
The BIOS loader operates in a very constrained environment. The messages
for the super block integrity tests take up about 12k of space. Compile
them out for the BIOS loader, while leaving it intact for all other
loaders that aren't space constrained. These aren't used in the 'super
tiny' *boot* programs, so no adjustment is needed there.
We reply on the fact that (a) i386 doesn't support 32-bit UEFI booting
and (b) LIBSA_CPUARCH is "i386" when building on both i386 and when
we're building the 32-bit libsa32 library.
This saves about 12k of space for this constrained envrionment and will
take a bit of the pressure off some machines where the loader has grown
too big for their BIOS (see comments in i386/loader/Makefile for
details).
Sponsored by: Netflix
Reviewed by: mckusick
Differential Revision: https://reviews.freebsd.org/D36175
Raise the limit for /boot/loader to be 550k. The IBM PC imposes a limit
of 640k of RAM below 1MB, which is needed for real mode calls. BTX takes
40k of that. The BIOS takes some amount (25k seems a good "99% take less
than or equal to this" estimate for that, though some systems consume
more). Most typical setups need 25k of stack. This leaves 550k for
code. We set the limit to 550,000 which gives about an extra 13,000
bytes of buffer for machines that whose setups use a little more stack
or whose BIOS reserves a bit more...
Add this derivation in the Makefile. Also recommend setting LOADERSIZE
lower in /etc/src.conf when the loader has to run on a system whose BIOS
takes up more space, or for a complex setup. Add a recipe for how to
find how much RAM your BIOS uses as well (thanks to jhb@ for the
trick). Network cards that boot via PXE and HBAs with their BIOS enabled
are known to be large consumers of lomem space.
Sponsored by: Netflix
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D36152
Turns out there's two hidden a.out dependencies. pxeldr.S assumes it has
access to the a.out header from /boot/loader and cdboot.S assumes that
/boot/loader is also a.out and doesn't use boot2.
So, go back to making a.out files for these and adjust the size checks
to use ls, but we only need to check loader.bin. Trim the size we check
against by 2,000. The difference in size between loader and loader.bin
is about 3000 bytes, but clang15 produces binaries that are a smidge
bigger so we need to relax the check just a little and accept some
additional risk for the moment.
Add some comments to loader's Makefile about this.
Sponsored by: Netflix
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D36142
It's sometimes desirable to override the size limit: It's a soft limit
and there are times we exceed the limit by just a little bit and don't
want the build to fail (or we are hitting runtime failures below the
510,000 byte limit).
Sponsored by: Netflix
devformat produces the same output as i386_fmtdev, so just use it to
reduce on the dependencies.
Sponsored by: Netflix
Reviewed by: tsoome
Differential Revision: https://reviews.freebsd.org/D35927
devformat produces the same output as uboot_fmtdev, so just use it to
reduce on the dependencies.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D35926
devformat produces the same output as userboot_fmtdev, so just use it to
reduce on the dependencies. In addition, we don't need to use the
incomplete struct userboot_devdesc type, we can use struct devdesc
instead (in fact, there's no userboot_devdesc defined anywhere).
Sponsored by: Netflix
Reviewed by: jhb (prior version)
Differential Revision: https://reviews.freebsd.org/D35925
devformat produces the same output as efi_fmtdev, so just use it to
reduce on the dependencies.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D35924
Add a generic way to get the string representation of a zfs device / mount.
Sponsored by: Netflix
Reviewed by: tsoome (prior version)
Differential Revision: https://reviews.freebsd.org/D35923
Use devformat instead of disk_devfmt. This allows us to avoid knowing
the details of the device that's underneath us. Remove disk.h include
and the -I${LDRSRC} from the build of ufs.c since they are no longer
needed.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D35922
Fix layering violation and use devformat to get the string
representation of the device to see if we're mounted yet or not. Remove
added include to pickup disk.h.
Sponsored by: Netflix
Reviewed by: tsoome (prior version)
Differential Revision: https://reviews.freebsd.org/D35919
All of the archsw fmtdev functions treat DEVT_DISK as a call to
disk_fmtdev. Set all disks' dv_fmtdev to disk_fmtdev so devformat
will return the same thing.
Sponsored by: Netflix
Reviewed by: tsoome (prior version)
Differential Revision: https://reviews.freebsd.org/D35917
Use dv_fmtdev to return a formatted string for a device. If this is a
null pointer, return the device name and unit followed by a colon (eg
disk3:).
Sponsored by: Netflix
Reviewed by: tsoome (prior version)
Differential Revision: https://reviews.freebsd.org/D35916
Add a new pointer, dv_devfmt, to allow devices to format themselves. We
will use this to simplify many of the fmtdev functions in the tree as
they are all almost the same, or all are isomorphic to each other.
Sponsored by: Netflix
Reviewed by: tsoome (prior version)
Differential Revision: https://reviews.freebsd.org/D35915
We do a number of games with ploymorphism for different types struct
*devdesc. Adjust one place that this affects to take the address of the
base class (most others have void * at the moment). This is more type
safe than a bare void *.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D35914
Rather than have the magic, hand-crafted fields that have to align with
fields in other structures at the end of i386_devdesc, make it into
anonymous union and adjust the code accordingly. This is safer and
similar to what CAM does.
Sponsored by: Netflix
Reviewed by: kevans, tsoome (prior version)
Differential Revision: https://reviews.freebsd.org/D35965
The BIOS method of booting imposes an absolute limit of 640k for the
size of the program being run due to btx. In practice, this means that
programs larger than about 500kiB will fail in odd ways as the stack /
heap will overflow.
Pick 510,000 as the cutoff line semi-arbitrarily. loader_lua is now
almost too big and we want to break the build when it crosses this
threshold. In my experience, below 500,000 always works, above 520,000
always seems to fail with things getting bad somewhere between 512,000
to 515,000. 510,000 is as close to the line as I think we can go, though
experience may dictate we need to lower this in the future.
This is at-best a stop-breakage until we have a better way to subset the
boot loader for BIOS booting to allow better, more fined-tuned
/boot/loaders for the many different environments they have to run
in. This likely means we'll have a graphical loader than understands a
few filesystmes for installation, and a non-graphical loader that
understands the most filesystems possible for everything else in the
future. Our build infrastructure needs some work before we can do that,
however.
At this late date, it likely isn't worth the efforts to move parts of
the loader into high memory. There's a number of assumptions about where
the stack is, where buffers reside, etc that are fulfilled when it lives
in the first 640k that would need bounce buffers and/or other counter
measures if we were to split it up. All BIOS calls are done in 16-bit
mode with SEG:OFF addresses, requiring them to be in the first 640k of
RAM. And nearly all machines in the last decade can boot with UEFI
(though there's some exceptions, so it isn't worth killing outright
yet).
Sponsored by: Netflix
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D36129
The first level boot blocks have understood how to load ELF code since
1999. Switch /boot/loader and /boot/pxeldr over to being ELF format so
that in-tree tools can examine them more closely. In addition, one
could, in theory, now have a 'lo-mem' and a 'hi-mem' segment (though a
lot of work would need to be done with bounce buffers, btx, code segment
marking, etc for an arrangement like that to work).
As far as I can tell, this is the last a.out binary in the tree. There
are several raw binaries left, but everything else is ELF.
Reviewed by: emaste, kevans
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D36130
geliboot.c and geliboot_crypto.c don't need anything from stand/common,
so remove them from the list of things to add it.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D35921
bootstrap.h isn't needed at all by geil, so remove it.
Sponsored by: Netflix
Reviewed by: tsoome (earlier version)
Differential Revision: https://reviews.freebsd.org/D35920
This code was written prior to snprintf being in the then libstand (now
libsa). Since we have it, use it for extra safety. The code already
tries to be safe, but since we have snprintf as well, the added layer of
protection will suffice. The current code reserves 16 bytes (plus a NUL)
at the end for worst case of inet_ntoa, which is still a little
pessimal, but safe from overflow.
Sponsored by: Netflix
Reviewed by: tsoome
Differential Revision: https://reviews.freebsd.org/D35102
Rather than trying to shoehorn flags into the requested superblock
address, create a separate flags parameter to the ffs_sbget()
function in sys/ufs/ffs/ffs_subr.c. The ffs_sbget() function is
used both in the kernel and in user-level utilities through export
to the sbget() function in the libufs(3) library (see sbget(3)
for details). The kernel uses ffs_sbget() when mounting UFS
filesystems, in the glabel(8) and gjournal(8) GEOM utilities,
and in the standalone library used when booting the system
from a UFS root filesystem.
The ffs_sbget() function reads the superblock located at the byte
offset specified by its sblockloc parameter. The value UFS_STDSB
may be specified for sblockloc to request that the standard
location for the superblock be read.
The two existing options are now flags:
UFS_NOHASHFAIL will note if the check hash is wrong but will still
return the superblock. This is used by the bootstrap code to
give the system a chance to come up so that fsck can be run to
correct the problem.
UFS_NOMSG indicates that superblock inconsistency error messages
should not be printed. It is used by programs like fsck that
want to print their own error message and programs like glabel(8)
that just want to know if a UFS filesystem exists on a partition.
One additional flag is added:
UFS_NOCSUM causes only the superblock itself to be returned, but does
not read in any auxiliary data structures like the cylinder group
summary information. It is used by clients like glabel(8) that
just want to check for possible filesystem types. Using UFS_NOCSUM
skips the superblock checks for csum data which allows superblocks
that have corrupted csum data to be read and used.
The validate_sblock() function checks that the superblock has not
been corrupted in a way that can crash or hang the system. Unless
the UFS_NOMSG flag is specified, it will print out any errors that
it finds. Prior to this commit, validate_sblock() returned as soon
as it found an inconsistency so would print at most one message.
It now does all its checks so when UFS_NOMSG has not been specified
will print out everything that it finds inconsistent.
Sponsored by: The FreeBSD Foundation
Add a shortcut for invokging ${SRCTOP}/tools/boot/universe.sh by
creating a 'universe' target in src/stand. This will make it easier to
test out all the different combinations of boot loaders that we build.
Sponsored by: Netflix
Since both EFI and the future kboot will benefit from a 'quit' command,
move it from efi/loader/main.c to common/commands.c. In EFI this command
exits back to the boot loader (which will cause the next BootXXXX in the
BootOrder list to be attempted). In kboot, this will exit back to
whatever called loader.kboot. In uboot this will cause a reset (which
will restart uboot, not quite a simple exit, but will look similar)
and in OFW it will execute OF_exit which should return to the
openfirmware prompt.
Sponsored by: Netflix
This is similar to 5d48fb3b16.
With LLVM14 the .data.rel.ro ELF section appears after .data,
making loader behave erractly and kernel is not loaded.
This patch makes ensures the correct order.
Based on discussion at:
https://github.com/llvm/llvm-project/issues/56306
MFC after: 1 day
Sponsored by: Instituto de Pesquisas Eldorado (eldorado.org.br)
Put the console into raw mode on startup. This allows the menus to work
as expected. Boot is now interruptable.
Note: Likely should restore the terminal settings on most exists. It's
not clear the best way to do this, and most shells have an auto stty
sane anyway, so note it for future improvement.
Sponsored by: Netflix
Implement a stripped down termios, obtained from various files in musl
and HOST_ or host_ prepended to most things and a few unavoidable style
tweaks. Only implements the bits of termios we need for the boot loader:
put the terminal into raw mode, restore terminal settings and speed
stuff.
Sponsored by: Netflix
Clients of libsa are expected to implement exit(). The current exit just
loops forever. It is better to really exit: when running as init that
will reboot the system. When not running as init, other programs can
recover (not that we support running as init, but when we do in the
future, this is still the rigtht thing).
Sponsored by: Netflix
Add support for aarch64. exec.c and ldscript are copied from the EFI
version with #ifdefs for the differences. Once complete, I'll refactor
them. host_syscall.S implements a generic system call. tramp.S is a
first attempt to create a tramoline that we can use to jump to the
aarch64 kernel. Add aarch64-specific startup and stat files as well.
exec.c tweaked slightly to avoid bringing in bi_load(), which will come
in later. Includes tweaks to stat due to name differences between names
on different Linux architectures.
Sponsored by: Netflix
conf.c is the same now between powerpc64 and amd64, so move it up to
kboot. Move powerpc file formats defines to ppc64_elf_freebsd.c
Sponsored by: Netflix
This was copied from powerpc/ofw and has never been used. We also don't
care about -DAIM. It's only relevant for in-kernel structures, which we
don't use in this userland program.
Sponsored by: Netflix
Linux 2.4 introduced getdents64. Switch to using it because aarch64
doesn't have getdents as that syscall was obsoleted before that port was
created.
Sponsored by: Netflix
tftp.c includes bootinfo.h, but doesn't need it. Remove it, and remove
the -Istand/common from CFALGS since that's the only reason we had it.
Sponsored by: Netflix
Reviewed by: tsoome
Differential Revision: https://reviews.freebsd.org/D35928
dv_cleanup is specified almost everywhere. Use nullsys instead of NULL
to indicate 'do nothing'. Also, be consistent in trailing commas that
were missing before.
Sponsored by: Netflix
Reviewed by: tsoome
Differential Revision: https://reviews.freebsd.org/D35913
While in theory, once upon a time, dv_type was arch specific, that's
never been the case in FreeBSD (and certaintly isn't in the surviving
drivers). Remove that notation.
Sponsored by: Netflix
Reviewed by: tsoome
Differential Revision: https://reviews.freebsd.org/D35911
Rather than hard coding 8 for the device name length, create a #define for it.
Sponsored by: Netflix
Reviewed by: tsoome
Differential Revision: https://reviews.freebsd.org/D35910
Fix a typo by reworking the comment for blake3_impl_hack.c and amplify
the nature of the hack and its temporary reason for existing.
Sponsored by: Netflix
Reviewed by: delphij
Differential Revision: https://reviews.freebsd.org/D35895
Now that the minor issues preventing zfs.c from using CFLAGS_EARLY have
been fixed, use that mechanism like everything else that needs the
OpenZFS spl headers. This simplifies things somewhat. Update comments to
document why zfs.c is still special, though in different ways.
Note: We also use the fact that NEED_SOLARIS_BOOLEAN is only defined in
an environment where the solaris compat boolean stuff will be defined
prior to this point (eg, when we're building zfs.c in libsa), but not in
other environments (like when we're building mkimage and stand-alone
boot loaders that don't use libsa). These latter uses should be changed
to use the same ZFS compile env, but aren't as part of this commit.
This has to be done in the same change as the ZFS_EARLY change to not
break zfs.c building for one commit affecting bisectabiltiy.
Sponsored by: Netflix
Reviewed by: tsoome, delphij
Differential Revision: https://reviews.freebsd.org/D35894
Constrain CFLAGS for ZFS: don't add anything globally. Add the includes
to only the files that need them. Add -DHAS_ZSTD_ZFS to zfs.c (which
includes zfsimpl.c which includes zfssubr.c both of which need this
defined). Also add it to efi/boot1/Makefile since zfs_module.c also
includes zfsimple.c.
Sponsored by: Netflix
Reviewed by: tsoome
Differential Revision: https://reviews.freebsd.org/D35887
Various GELI sources need bootstrap.h and disk.h. In theory they
shouldn't need anything outside of libsa, but disk.h and bootstrap.h are
currently required.
This fixes the build with MK_LOADER_ZFS=no.
Obtained from: CheriBSD
Fixes: eaf7aabddc stand: geli CFLAGS tightening
Sponsored by: DARPA
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D35861
In theory they shouldn't need anything outside of libsa, but disk.h and
bootstrap.h are currently required. Future work wil address this issue.
This fixes the build with MK_LOADER_ZFS=no. ZFS's Makefile.inc adds
these flags globally to CFLAGS when it should not. This masked the
problem because the tools/boot/universe.sh didn't build MK_LOADER_ZFS=no
as part of its regressions. Future work will also fix this.
Obtained from: CheriBSD
Fixes: 84bf2bbbec stand: constrain zlib/gzip CFLAGS better
Sponsored by: DARPA
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D35860
With clang 15, the following -Werror warning is produced:
stand/i386/boot2/boot2.c:358:6: error: a function declaration without a prototype is deprecated in all versions of C [-Werror,-Wstrict-prototypes]
This is because parse() is declared with a (void) argument list, and
defined with an empty argument list. Make the definition match the
declaration.
MFC after: 3 days
Create a wrapper for the mount system call. To ensure a sane early boot
environment and to gather data we need for kexec, we may need to mount
some special filesystems.
Sponsored by: Netflix
Early in boot, we need to create the normal stdin/out/err env for the
boot loader to run in. To do that, we need to open the console and
duplicate the file descriptors which requires dup(2). Implement a
wrapper as host_dup.
Sponsored by: Netflix
Linux's /dev/fd is implemented inside of /proc/self/fd, so we may need
to create a symlink to it early in boot. "/dev/fd" and "/dev/std*" might
not be strictly required for the boot loader, but should be present for
maximum flexibility.
Sponsored by: Netflix
Add host_getpid() so we can know if we're running as init(8) or not. If
we are, we may chose to do early system setup / sanity operations.
Sponsored by: Netflix
Implement stat(2) and fstat(2) in terms of newfstatat and newfstat
system calls respectively (assume we have a compat #define when
there's no newfstat and just a regular fstat and do so for ppc).
Snag struct kstat (the Linux kernel stat(2), et al interface) from musl
and attribute properly.
Sponsored by: Netflix
Add the common O_ constants for the open, fcntl, etc system calls. They
are different than FreeBSD's. While they can differ based on
architecture, they are constant for architectures we care about, and
those architectures use the 'generic' version so future architectures
will also work.
Sponsored by: Netflix
Fallback to currdev when NULL is passed in when 'rootdev' is NULL. Other
getdevs do this. Additional features are needed here still, though.
Sponsored by: Netflix
Split _start into _start and _start_c (inspired by musl and the powerpc
impl is copied from there). This allows us to actually get the command
line arguments on all the platforms. We have a very simplified startup
that supports only static linking.
Sponsored by: Netflix
with grab_faults, we can try to print out the trace of function calls.
Without symbol table, we can not translate addresses to function names,
but even addresses can help to track the bugs.
For loader functions, print out absolute address, so it could be
searched from objdump -d output.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D35433
Add comments describing the weird nesting things we have to do to live
inside the ZFS world. Also fix a stale comment by moving nvlist.c to an
early user.
Sponsored by: Netflix
Add the necessary glue to get blake3 building for the boot loaded as
well as connected to the ZFS system so it is useful.
On some platforms, we create references to blake3_sse2_impl and
blake3_sse41_impl ops structs to utilize SIMD. These aren't present on
x86 (since we dind't ask for them), but are on aarch64 with no
implementation. Since we don't want SIMD in the boot loader, have these
all return 'unsupported' always. This should be fixed upstream to allow
more flexibility in this selection, but for now we use this hack to not
modify the sys/contrib/openzfs with difficult to maintain hacks while
an upstreamable solution is found.
tsoome@ did the implementation bits in sys/cddl/boot, and I did the
Makefile work and the aweful blake3_impl_hack.c.
Co-author: tsoome@freebsd.org
Sponsored by: Netflix
Reviewed by: kevans (earlier version)
Differential Revision: https://reviews.freebsd.org/D35750
We no longer need to use this to get zfs_zstd.c compiling, so delete it.
Sponsored by: Netflix
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D35750
Now that we have the ability to work around all the issues that
zstd_stub.c worked around, compile zfs_std.c directly.
Sponsored by: Netflix
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D35750
sys/blake3.h is not safe to include in a standalone environment. It
assumes, unwisely, that there's only kernel or userland. The userland
choice is bad due to imperfections in how we handle stdlib.h in this
environment (we wind up including the host's stdlib.h, it expects a
standard FreeBSD setup which the gymnastics we've done to create a
OpenSolaris/Illumos-like environment interfere with). Thankfully, in
this case we can just pretend to be the kernel for a little bit by
defining _KERNEL and the undefing it after we exit.
Sponsored by: Netflix
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D35750
There's a number of issues with including zfs_context.h from a
standalone environment. First, sys/uio_imp.h isn't at all safe for this
environment, so define its guard #defines so that its contents are
skipped. Next, there's a problem including string.h to get the mem*
routines, so just define them here. ZFS_MODULE_PARAM_ARGS isn't defined
properly. I had wanted to define it when I was upstreaming changes to
include/os/freebsd/spl/sys/zfs_context.h, but they ran into resistance
so I'm defining that here now (it is also defined in zstd_shim.c, but
that will disappear once the issues it works around are
cleared). Finally, sys/sysmacros.h has to be included now before
sys/atomic.h, but upstream includes it after so include it here so that
the guards make the out-of-order includes in upstream irrelevant.
Sponsored by: Netflix
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D35750
OpenZFS is based on having a number of layers of include files that
define things and include the next layer. Insert a later at the start
for files in libsa/zfs/spl so we can override issues with upstream
OpenZFS while we work to get the issues corrected upstream.
Sponsored by: Netflix
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D35750
Add a note that veriexec / bearssl builds will pollute the CFLAGS in a
way that's somewhat hard to fix, so I'm just noting it for now.
Sponsored by: Netflix
Only add -DWEAK_REFS to sha256.c and sha512.c instead of
everything. Remove redundant include that's not needed.
Minor formatting tweak.
Sponsored by: Netflix
CFLAGS+= here affects *ALL* libsa files being built. However, this is
only needed for zfs.c, so define it only for this. Also, use the defines
from defs.mk. Move all the zfs.c include hacks together. Also, move the
-Wformat -Wall warnings that were added to CFLAGS+= to the individual
files instead for the same reason.
Sponsored by: Netflix
ZFSSRC is the top level directory where the ZFS sources come from. Don't
reuse it for a list of ZFS sources. Instead, use ZFS_SRC
Sponsored by: Netflix
Given that hints set this way don't work when a static kenv is compiled
into the kernel. acpi.rsdp has been set for this for the past 6 years,
and all kernels in that time have used it in preference to the hints. As
such, we no longer hints.*, so remove them.
Sponsored by: Netflix
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D35634
Several years ago, x86 moved from using hints to communicate this
information to using the simpler acpi.rsdp variables. If one compiles
static hints into the kernel, then these hints are ignored. We can
remove this when we branch FreeBSD 15. Thought about BURN_BRIDGES
here, but it's too messy.
Sponsored by: Netflix
Reviewed by: andrew, jhb
Differential Revision: https://reviews.freebsd.org/D35632
With the introduction of llvm14, the powerpc* loader used on ofw/pseries
for 32 and 64 bit architectures puts the .data.rel.ro section after
.data section. This caused a crash kernel didn't boot. Bisect pointed to
change https://reviews.llvm.org/D111717 but problem could be fixed by
adding a section description to make it appear in the expected order.
This patch is based on discussion at:
https://github.com/llvm/llvm-project/issues/56306
MFC after: 1 day
Sponsored by: Instituto de Pesquisas Eldorado (eldorado.org.br)
In some cases ubldr would try to mount a disk device before
the archsw struct was filled with functions pointers.
This would result in a NULL pointer derefrence of the arch_getdev field.
Fix that filling the archsw functions earlier.
Note that this matches the EFI behavoiur.
Reviewed by: imp, mw
Sponsored by: Stormshield
Obtained from: Semihalf
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D35670
geli_probe_and_attach() does pick geli_devsw structure for
encrypted disks, the implementation depends on device
name "disk" when device type is DEVT_DISK, but geli_devsw is
setting name field "gelidisk".
PR: 264282
Submitted by: yamagi@yamagi.org
Reported by: yamagi@yamagi.org
MFC after: 2 weeks
Detect the end of the disk condition. This may happpen when
disk image is truncated and the reads are addressing blocks past
image end.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D35432
panic() is using multiple services - attempting to read
keyboard, accessing time functions and finally, exiting the loader.
Protect all the accessed listed above. Note, when BS are off,
we really can not just exit the loader, we only can reboot.
MFC after: 1 week
The check fails in kernels compiled with KASAN because AddressSanitizer
inserts redzones around global variables, so the size of the "kernphys"
symbol is 32 rather than 8. Thus we fall back to copying even though
it's not necessary.
Simply remove the size check. I didn't want to extend the symbol size
check since there's no guarantee that AddressSanitizer will always emit
32 bytes for "kernphys".
Reviewed by: kib
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D35448
Notable upstream pull request merges:
#12321 Fix inflated quiesce time caused by lwb_tx during zil_commit()
#13244 zstd early abort
#13360 Verify BPs as part of spa_load_verify_cb()
#13452 More speculative prefetcher improvements
#13466 Expose zpool guids through kstats
#13476 Refactor Log Size Limit
#13484 FreeBSD: libspl: Add locking around statfs globals
#13498 Cancel in-progress rebuilds when we finish removal
#13499 zed: Take no action on scrub/resilver checksum errors
#13513 Remove wrong assertion in log spacemap
Obtained from: OpenZFS
OpenZFS commit: b9d98453f9
When reading the UEFI memory map we pass in a pointer to the memory to
hold the map. Unfortunately it wasn't initialised before the first use
so clang decided it was undefined behaviour so the entire loop was
removed. This leads to everything in bi_load after this to also be
removed as dead code.
The next function after bi_load in the binary is efi_copy_init. The
above caused us to enter efi_copy_init with a return address of the
start of the function. Because of this it would enter an infinite
loop of calling the function, allocating memory, then returning to
the start of the function.
PR: 264021
head_errlog is new format for errlog, but we do not really
use errlog, so we can just mark it supported, to enable reading
from pool.
MFC after: 1 week
Move declarations into a new nvlist.h rather than putting everything in
libzfs.h. This makes this nvlist code easier to reuse elsewhere. In
particular, the nvlist implementation in sys/contrib/libnv does not
provide XDR encoding, but this is needed when reading from or writing to
ZFS pools.
Also:
- Remove references to boolean_t. It has to be a 32-bit int here, so
just reference the underlying type.
- Add includes needed when compiling the nvlist code outside of stand/.
No functional change intended.
Reviewed by: tsoome
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D35255
When adding an entry to an nvlist, the data buffer might need to be
resized. When this happens, the XDR encoder's notion of the buffer size
also needs to be updated, otherwise the operation may erroneously fail.
Reviewed by: tsoome, imp
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D35254
The loader.efi man page describes UEFI-specific loader details, but not
general loader information.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Get amd64 compiling. However, the current kboot supports an old way of
enumerating memory and the new way needs to be incorporated as well. The
powerpc folks could use either, it seems and newer powerpc platforms
need some changes for kboot to work anyway.
This commit includes the linker script, trampoline code to start the new
kernel, Linux system calls and the necessary configuration glue needed
to build the binaries.
This includes a quick hack to get multiboot support, but we need to
really share these defines. The multiiboot2.h is the minimum needed to
build. We have multiboot information in three places now, so a
refactoring is in order.
This should be considered, at best, preliminary and experimental for
anybody wishing to try it out.
Sponsored by: Netflix
Reviewed by: tsoome
Differential Revision: https://reviews.freebsd.org/D35100
Turns out there is a libsa.3. It's a bit out of date, but we reference
it in a number of places so we should install it. We need to do the DO32
dance because this Makefile is included twice and we don't want it
installing twice.
Sponsored by: Netflix
This mirrors dmu_read_impl(), zeroing out the tail end of the buffer and
clipping the read to what's contained by the block that exists.
This fixes an issue that arose during the 13.1 release process; in
13.1-RC1 and later, setting up GELI+ZFS will result in a failure to
boot. The culprit is this, which causes us to fail to load geom_eli.ko
as there's a residual portion after the single datablk that should be
zeroed out.
PR: 263407
Reviewed by: tsoome
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D35019
We don't need it for userboot, but it avoids issues with BIND_NOW, so
just provide it. time(3) isn't defined but ends up being provided by
libc linked into the host process, which is generally fine.
PR: 262920
Reviewed by: imp, jhb
MFC after: 3 days
Diferential Revision: https://reviews.freebsd.org/D34758
Printing device followed by interface matches, e.g., edk2. Note that
this is only a fallback, many firmware implementations will provide the
protocol that we'll use to format device paths.
Reviewed by: imp, tsoome
Sponsored by: Ampere Computing
Submitted by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D34539
- Add SPDX tag
- Add a files section describing different locations related to the
loader
- Add an example explaining how to install a new loader.efi to ESP
- Reference uefi(8)
Reviewed by: tsoome
Reviewed by: Pau Amma <pauamma@gundo.com>
Reviewed by: Jose Luis Duran <jlduran@gmail.com>
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D34592
The console escape code standard (ECMA-48) specifies color #3 (escape
code 33) as yellow. A brown console color is an artifact of the VGA
palette, which replaces dim (but not bright) yellow with brown.
Reviewed by: adrian, imp
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34531
For historical reasons console color number 3 may be either yellow (most
consoles) or brown (VGA palette). The console escape code standard
uses "yellow", but teken color name constants appear to be based on the
VGA scheme and use TC_BROWN for color 3. Even so, the palette table
used 50,50,0 as the RGB percentage tuple, resulting in a dim yellow for
framebuffer consoles at the time teken was introduced.
Amusingly, in 19e2ce2d83 the comment on the palette entry was changed
from "brown" to "dark yellow" but the colour itself was changed from
a pure yellow to being somewhat brown.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Accept "bright" or "light" prefix for named colors.
For numeric colors, update error message to specify that values 0 to 15
are allowed, and verify that values are in that range.
Reviewed by: imp, tsoome (both earlier version)
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34512
Notable upstream pull request merges:
#9078: log xattr=sa create/remove/update to ZIL
#11919: Cross-platform xattr user namespace compatibility
#13014: Report dnodes with faulty bonuslen
#13016: FreeBSD: Fix zvol_cdev_open locking
#13019: spl: Don't check FreeBSD rwlocks for double initialization
#13027: Fix clearing set-uid and set-gid bits on a file when
replying a write
#13031: Add enumerated vdev names to 'zpool iostat -v' and
'zpool list -v'
#13074: Enable encrypted raw sending to pools with greater ashift
#13076: Receive checks should allow unencrypted child datasets
#13098: Avoid dirtying the final TXGs when exporting a pool
#13172: Fix ENOSPC when unlinking multiple files from full pool
Obtained from: OpenZFS
OpenZFS commit: a86e089415
If module_verbose is set to a value below MODULE_VERBOSE_TWIDDLE
call twiddle_divisor(UINT_MAX).
This makes more sense here than when we are loading the kernel.
Sponsored by: Juniper Networks, Inc.
UEFI provides a protocol for accessing randomness. This is a good way
to gather early entropy, especially when there's no driver for the RNG
on the platform (as is the case on the Marvell Armada8k (MACCHIATObin)
for now).
If the entropy_efi_seed option is enabled in loader.conf (default: YES)
obtain 2048 bytes of entropy from UEFI and pass is to the kernel as a
"module" of name "efi_rng_seed" and type "boot_entropy_platform"; if
present, ingest it into the kernel RNG.
Submitted by: Greg V
Reviewed by: markm, kevans
Approved by: csprng (markm)
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D20780
Set module_verbose to control the printing of information
about loaded modules and kernel:
0 MODULE_VERBOSE_SILENT None
1 MODULE_VERBOSE_SIZE Pathname and size
2 MODULE_VERBOSE_TWIDDLE as for 1 but also twiddle for progress
3 MODULE_VERBOSE_FULL extra detail
When the loader is verifying modules we already have a
running indication of progress and module_verbose=0 makes sense.
Reviewed by: rpokala
Differential Revision: https://reviews.freebsd.org/D34245
ld.bfd in binutils 2.34+ now reports an error in more cases for custom
ldscripts that do not place PHDRs in a LOAD segment. However, EFI
binaries are not dynamic binaries which need PHDRs, so pass
--no-dynamic-linker to disable this check.
Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D34124
The text after .error et al is emitted verbatim.
Reviewed by: sjg
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33904
- Use AES_XTS_IV_LEN instead of the key length as the IV length.
- Use G_ELI_IVKEYLEN as the size of the zeroed iv[] array in
g_eli_crypto_cipher() to match geli_io().
PR: 261172
Reported by: Malcolm Matalka <mmatalka@gmail.com>, mikael
Reviewed by: markj
Sponsored by: FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33884
This helps mesuring what's happening when we load the kernel/modules/mfsroot.
This also adds TSENTER2 which uses the third argument of TSRAW, same
as in the kernel.
MFC after: 2 weeks
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D33699
The saf1761 OTG support was only for mips targets (BERI?). Retire it.
Sponsored by: Netflix
Reviewed by: brooks
Differential Revision: https://reviews.freebsd.org/D33706
Shortlinks occupy the space of both di_db and di_ib when used. However,
everywhere that wants to read or write a shortlink takes a pointer do
di_db and promptly runs off the end of it into di_ib. This is fine on
most architectures, if a little dodgy. However, on CHERI, the compiler
can optionally restrict the bounds on pointers to subobjects to just
that subobject, in order to mitigate intra-object buffer overflows, and
this is enabled in CheriBSD's pure-capability kernels.
Instead, clean this up by inserting a union such that a new di_shortlink
can be added with the right size and element type, avoiding the need to
cast and allowing the use of the DIP macro to access the field. This
also mirrors how the ext2fs code implements extents support, with the
exact same structure other than having a uint32_t i_data[] instead of a
char di_shortlink[].
Reviewed by: mckusick, jhb
Differential Revision: https://reviews.freebsd.org/D33650
Just have the MD code provide syscall and have generic code for the
rest.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D33515
Split the powerpc specific parts into kboot/arch/powerpc64. More may be
needed here.
Sponsored by: Netflix
Reviewed by: jhibbits
Differential Revision: https://reviews.freebsd.org/D33514
As the first step at making this more generic, move kboot to top level.
Sponsored by: Netflix
Reviewed by: luporl, tsoome
Differential Revision: https://reviews.freebsd.org/D33513
tftp_open reads the first block so copy it in the cached data.
If we have more than one block (i.e. we called tftp_read before
tftp_preload) simply just reset the transfer.
Reported by: mmel
Reviewed by: mmel, tsoome
MFC after: 2 weeks
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D33697
shadow FB size could be rather large and depends on resolution,
instead of using heap, allocate dedicated space outside of heap.
Reviewed by: manu
Differential Revision: https://reviews.freebsd.org/D33600
MFC after: 2 weeks