The project is moving away from CTASSERT in favor of
_Static_assert. Cleanup the few instances in the loader proactively.
Sponsored by: Netflix
Reviewed by: manu, tsoome
Differential Revision: https://reviews.freebsd.org/D44006
This wasn't updated when the other copies were updated. Make it
identical to efi code. We should likely refactor this (with userboot),
but they are all not quite identical.
Sponsored by: Netflix
To make it easier to port lua and some of the lua modules, we have a
series of routines to implement the stdio routines, even though we don't
normally implement them in the boot loader. Add a comment to this effect.
Also, some tools, like sanitizers and static analysis tools, make
unwarranted assumptions about these, so #define them to a different name
so they stop.
Sponsored by: Netflix
At present OF_ioctl first multiplies, then casts to 64-bit, meaning at
the asm level it truncates the result to 32-bit, then zero-extends it to
64-bit to return. Cast `n` to 64-bit before multiplying, so that the
correct result is returned.
Select between text-only and graphical frame buffer consoles for the
BIOS boot loader. Pull one or the other in with #ifdef in conf.c. Add
gfx_bios.c for the few routines that are needed for the BIOS support of
gfx. These are stubbed out for text-only mode. Move bi_load_vbe_data
here since it's only used for the graphical frame buffer.
Note: This setup also allows us to build multiple BIOS loaders if we
have to, some with text-only and some graphical. We don't do this today.
We may be forced to turn this on in the future if ZFS keeps growing.
The size savings is 41k, which helps a lot with some of our users that
want to enable more options in the BIOS boot loader than are normally
safe to do, and they don't need graphics.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D43917
Bring back vidconsole.c as textvidc.c from 2a0e2c88db. This console
does no graphics stuff at all, supports no fancy logos, has known bugs
in the terminal emulation, etc. However, it is small. It will be a
build-time option to select between the two. The BIOS loader is running
out of space when too many options are selected, so this allows people
to select the smaller one to spend the space elsewhere. This is only the
verbatim copy of the old vidconsole.c. It's not yet connected to the
build.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D43911
Further experience suggests we do not need as much margin. This was
mistakenly bumped to 570,000 in a prior commit, so this undoes that.
Sponsored by: Netflix
Confine -DDISK_DEBUG to biosdisc.c, the only file it affects.
Use modern variable arrays instead of alloca and add a sanity
size minimum for biospnp nodes. These nodes are tiny enough that
we needn't do a malloc/free pair: the stack is fine.
Sponsored by: Netflix
Reviewed by: tsoome
Differential Revision: https://reviews.freebsd.org/D43914
Create a small wrapper around the new flua hash module so we can use it
here too. There's no 4th bindings, nor will they be created.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D43874
Drawer.lua is the only bit of lua code in the base that uses any of the
functons moved from the loader table to the gfx table. Move the main
code to using the gfx dispatch. Add compat code for running on old
loaders that creates the newer-style gfx table with the term_* functions
we call in it populated. This will even work on the super old versions
of the loader that don't have them (we'll still skip using them).
Sponsored by: Netflix
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D43908
Now that the fb_* and term_* functions are available in the gfx table,
move the documentation to gfx.lua.8. Add information about backwards
compatibility.
Sponsored by: Netflix
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D43907
The graphics stuff is optional. When it is pulled into the system, we
use a linker set to initialize the lua bindings for it now.
Sponsored by: Netflix
Reviewed by: kevans, jhb
Differential Revision: https://reviews.freebsd.org/D43906
Now that we draw in the gfx bindings for all our interpreters only when
graphics support is compiled in, we can eliminate this from all the
loaders that don't have graphics support.
Sponsored by: Netflix
Reviewed by: kevans, jhb
Differential Revision: https://reviews.freebsd.org/D43905
Only create the gfx bindings for 4th when it's compiled into the
loader. We do this with a linker set that only gets brought in to those
loaders that call gfx_framework_init. This calls gfx_interp_md() will
will drag in gfx_loader.c which will add to the linker set that
registers these bindings.
Sponsored by: Netflix
Reviewed by: kevans, jhb
Differential Revision: https://reviews.freebsd.org/D43904
This function will be used to draw in the graphics bindings when the
loader is compiled with graphics (gfx) support. Provide definitions
for lua and the simple interpreter. 4th support is forthcoming.
Sponsored by: Netflix
Reviewed by: kevans, jhb
Differential Revision: https://reviews.freebsd.org/D43903
Create a new gfx global table. Put into it all the graphics bindings
that we have in loader today. For now, have compatability binding for
loader. Remove them from loader.
Sponsored by: Netflix
Reviewed by: kevans, jhb
Differential Revision: https://reviews.freebsd.org/D43902
Move registration of the gfx stuff to separate function. However, no
change in functionality is intended.
Sponsored by: Netflix
Reviewed by: kevans, jhb
Differential Revision: https://reviews.freebsd.org/D43900
luaL_checkstring already checks for the right number of
arguments. There's no need to do that by hand here. Now an exception
will be thrown like any other function with the wrong args. Also,
push a boolean instead of an int.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D43820
It's currently unused outside of vidconsole.c. Gerald Hicks' fix to the
beep code from de37e4a6d2333/1998 introduced the funciton as
static. Maxim Sobolev (sobomax) made it non-static since his spinconsole
called it in c4c3b35172d67/2009. When sobomax dropped the direct call
after making spinconsole console independent in b35172d67/2017,
vidc_biosputchar remained a harmless unreferenced global. Make it static
once again.
Fixes: c7e10205ae
Sponsored by: Netflix
Export the CMD_OK, etc constants in the loader table. They are the
return values of loader.perform, etc.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D43821
Sometimes it is nice to override the initial script that we run. Make it
possible by fetching loader_lua from the env and using that instead of
the default if prsent.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D43819
By default only report unverified files at severity VE_WANT
and above. This inlcudes *.conf but not *.hints, *.cookie
or *.tgz which get VE_TRY as their severity.
If Verbose is set to 0, then VerifyFlags should default to 0 too.
Thus the combination of
module_verbose=0
VE_VEBOSE=0
is sufficient to make the loader almost totally silent.
When verify_prep has to find_manifest and it is verified ok
return VE_NOT_CHECKED to verify_file so that it can skip
repeating verify_fd
Also add better debugging output for is_verified and add_verify_status.
vectx handle compressed modules
When verifying a compressed module (.ko.gz or .ko.bz2)
stat() reports the size as -1 (unknown).
vectx_lseek needs to spot this during closing - and just read until
EOF is hit.
Note: because of the way libsa's open() works, verify_prep will see
the path to be verified as module.ko not module.ko.bz2 etc. This is
actually ok, because we need a separate module.ko.bz2 entry so that
the package can be verified, and the hash for module.ko is of the
uncompressed file which is what vectx will see.
Re-work local.trust.mk so site.trust.mk need only set
VE_SIGN_URL_LIST (if using the mentioned signing server)
interp.c: restrict interactive input
Apply the same restrictions to interactive input as for
unverified conf and hints files.
Use version.veriexec when LOADER_VERIEXEC is yes
Reviewed by: kevans
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D43810
Document all the public functions from the "loader" table.
Sponsored by: Netflix
Reviewed by: pauamma_gundo.com, tsoome, kevans
Differential Revision: https://reviews.freebsd.org/D43701
Try ConIn if we don't have a ConOut variable. ConIn will contain HID
devices and/or serial devices. We currently just search for serial
devices and will use them instead of video with the current code. While
ConIn w/o ConOut is fairly common on laptops, is kinda rare on servers.
Some refinement may be needed in the future if servers come to
light. This is also minimal to allow possible integration into 13.3
release.
MFC After: 1 week
Sponsored by: Netflix
Reviewed by: dab, tsoome
Differential Revision: https://reviews.freebsd.org/D43714
The font module is part of the gfx_fb support. Since we share this file
between EFI and kboot, we only want to pass the font data to the kernel
when we're booting from EFI, not kboot.
Sponsored by: Netflix
This should have no functional change. Move compiling the sha256, sha512
and md5 hash functions up into libsa to allow them to be used elsewhere
in the boot loader when geli isn't configured. Since libsa is a .a, these
won't wind up in any boot loader that doesn't reference them, so should
be a nop.
Sponsored by: Netflix
The include file symblic links, etc are out of place where they
are. Move them to the end of the file. No functional change intended.
Sponsored by: Netflix
Loader now also read configuration files listed in local_loader_conf_files.
Files listed here are the last ones read. And /boot/loader.conf.local was
moved from loader_conf_files to local_loader_conf_files leaving only
loader.conf and device.hints in loader_conf_files by default.
The idea is to ensure local_loader_conf_files, i.e., /boot/loader.conf.local,
can always be used to override other user defined settings.
So the sequencing is now as follow:
1. Bootstrap:
/boot/defaults/loader.conf
2. Read loader_conf_files files:
/boot/device.hints
/boot/loader.conf
3. Read loader_conf_dirs files:
/boot/loader.conf.d/*.conf
4. And finally, rread local_loader_conf_files files:
/boot/loader.conf.local
Reviewed by: imp, kevans
Pull Request: https://github.com/freebsd/freebsd-src/pull/759
If product_vars is set, it must be a space separated list of environment
variable names to walk through to guess the product. Each time a product can be
guessed (i.e., the corresponding variable is defined), prepend
/boot/loader.conf.d/PRODUCT/ to loader_conf_dirs.
It can be typically used as follow:
smbios.system.planar.maker="PLANAR_MAKER"
smbios.system.planar.product="PLANAR_PRODUCT"
smbios.system.product="PRODUCT"
uboot.m_product="M_PRODUCT"
product_vars="smbios.system.planar.maker smbios.system.planar.product smbios.system.product uboot.m_product"
to read files found in the following directories, in that order:
/boot/loader.conf.d/PLANAR_MAKER
/boot/loader.conf.d/PLANAR_PRODUCT
/boot/loader.conf.d/PRODUCT
/boot/loader.conf.d/M_PRODUCT
Reviewed by: imp, kevans
Pull Request: https://github.com/freebsd/freebsd-src/pull/759
Loader now also read configuration files listed in local_loader_conf_files.
Files listed here are the last ones read. And /boot/loader.conf.local was
moved from loader_conf_files to local_loader_conf_files leaving only
loader.conf and device.hints in loader_conf_files by default.
The idea is to ensure local_loader_conf_files, i.e., /boot/loader.conf.local,
can always be used to override other user defined settings.
So the sequencing is now as follow:
1. Bootstrap:
/boot/defaults/loader.conf
2. Read loader_conf_files files:
/boot/device.hints
/boot/loader.conf
3. Read loader_conf_dirs files:
/boot/loader.conf.d/*.conf
4. And finally, rread local_loader_conf_files files:
/boot/loader.conf.local
If product_vars is set, it must be a space separated list of environment
variable names to walk through to guess the product. Each time a product can be
guessed (i.e., the corresponding variable is defined), prepend
/boot/loader.conf.d/PRODUCT/ to loader_conf_dirs.
It can be typically used as follow:
smbios.system.planar.maker="PLANAR_MAKER"
smbios.system.planar.product="PLANAR_PRODUCT"
smbios.system.product="PRODUCT"
uboot.m_product="M_PRODUCT"
product_vars="smbios.system.planar.maker smbios.system.planar.product smbios.system.product uboot.m_product"
to read files found in the following directories, in that order:
/boot/loader.conf.d/PLANAR_MAKER
/boot/loader.conf.d/PLANAR_PRODUCT
/boot/loader.conf.d/PRODUCT
/boot/loader.conf.d/M_PRODUCT
host_syscalls.c: I've written, so put Netflix copyright on. It's
possible in the confusion that Nathan wrote the host_gettimeofday
implementation.
syscall_nr: These files likely can't enjoy copyright protection since
they are just facts (the per-arch Linux system calls), so add a note
they are in the public domain.
Sponsored by: Netflix
According to git blame I've 95%+ rewritten this file. Update copyright to
reflect that, but give nod to Nathan for the original I started with.
Sponsored by: Netflix
For aarch64 and amd64, we don't pull in anything from libkern, so we
don't need it in our path. However, powerpc needs ucmpdi2 from libkern,
so bring it into libkboot's build and omit it from loader.kboot.
Sponsored by: Netflix
Move the startup code from kboot/kboot to kboot/libkboot and add the
necessary infrastructure for it to build. move start_arch.h, a private
header for libkboot, over as well.
Sponsored by: Netflix
In anticipation of separating the library elements from the kboot
prorgam elements, move kboot down a level into a subdirectory. There
will be libkboot and include directories in subsequent commits,
mirroring other subsystems like i386 and efi.
Sponsored by: Netflix
The `kernel` env var provides the default kernel, usually "kernel". It
may be the case that the user doesn't have a "kernel" kernel, just
"kernel.*" kernels, but have left `kernel` to the default because we
autodetect entries by default anyways.
If we're doing autodetection, take note of whether the default kernel
exists or not and remove it from the list if it doesn't and we had found
any other kernels. We avoid it in the #kernels == 1 case because
something fishy has likely happened and we should just trust the
configuration.
Reviewed by: imp, manu
Differential Revision: https://reviews.freebsd.org/D42967
This was originally used (along with FREEBSD_AOUT) to prefer the use
of ELF in various tools instead of a.out as part of the a.out to ELF
transition in the 3.x days. The last use of it was removed from
<link.h> in commit 66422f5b7a back in
2002, but various files still #define it.
Reviewed by: kevans, imp, emaste
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D42964
While we're here, enable the feature in the places we detect ACPI. This
lets us side-step the existing issues and provide a path forward for
folks upgrading from previous releases that haven't updated their ESP
yet.
Let's also fix core.setACPI: the hint already indicates that the
user's disabled it more consistently than loader.acpi_disabled_by_user.
Even more, the latter is wrong because we set it by default if we did
not detect ACPI. The ACPI hint remains even when we're setting defaults
because ACPI loaded into the kernel will make some noise if it's not
hinted off, even when we didn't detect it.
imp notes that this will result in some relatively harmless noise on
platforms that don't support ACPI but aren't using the UEFI loader, as
we would enable the ACPI module for loading on them and then loader
would not be able to find it. These are non-fatal, but should probably
be fixed by just declaring support for EARLY_ACPI in those loaders since
we know they won't have ACPI early on -- punting on this for the time
being, though, in favor of providing a safer upgrade path sooner.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D42727
liblua now provides a loader.has_feature() function to probe the loader
binary for features advertised. name => desc mappings are provided in
loader.features to get a list of all of the features loader *can*
support. core.hasFeature is provided as a shim to loader.has_feature
so that individual consumers don't need to think about the logic of the
loader module not providing has_feature; we know that means the feature
isn't enabled.
The first consumer of this will be EARLY_ACPI to advertise that the
loader binary probes for ACPI presence before the interpreter has
started, so that we know whether we can trust the presence of acpi.rsdp
as relatively authoritative. In general, it's intended to be used to
avoid breaking new scripts on older loaders within reason.
This will be used in lua as `core.hasFeature("EARLY_ACPI")`, while the
C bits of loader will `feature_enable(FEATURE_EARLY_ACPI)`.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D42695
It would be nice to have larger boot partitions for ESPs to live in one
day. It's trivial to carve out 5M 10M or 200M when provisioning, but
logistical issues may make it hard to do it after the fact. So only warn
when the partition is > 545k. If we ever grow the boot loader larger
than that, then it will be responsible for loading the rest anyway.
Sponsored by: Netflix
Reviewed by: tsoome
Differential Revision: https://reviews.freebsd.org/D42774
Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.
Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/
Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/
Remove /\n+#if.*\n#endif.*\n+/
Remove /^#if.*\n#endif.*\n/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/
Sponsored by: Netflix
Remove ancient SCCS tags from the tree, automated scripting, with two
minor fixup to keep things compiling. All the common forms in the tree
were removed with a perl script.
Sponsored by: Netflix
hw.ata.wc was disconnected as part ot the 2013 cam-ification of ata. No
need to continue setting it. It's been unused in FreeBSD 10.x and newer.
Sponsored by: Netflix
When the eisa code was removed in 2017, prior to the stable/12 branch,
setting hw.eisa_slots became a nop. The oldest supported branch doesn't
have eisa at all. The need to set it manually on boot disappeared
largely by 2000...
Sponsored by: Netflix
We have no need for 5 different copies of these.
Sponsored by: Netflix
Reviewed by: rcm, kevans, andrew
Differential Revision: https://reviews.freebsd.org/D42699
To avoid a redefinition warning... This needs to be redone correctly,
but this gets amd64 building again... My amd64 environment is polluted
with something that caues earlier failures which I ignored...
Fixes: 488bc7e9a7
Sponsored by: Netflix
Old binaries do not set acpi.rsdp early enough. So when we boot with an
older loader.efi from an ESP that's not been updated, we assume there's
no ACPI on this system. This is unwise. Put a band-aide on this until we
can implement a proper 'feature' variable that the binary reports so we
can do conditionals for things like this in the future.
This is at best a rapid-response stop-gap.
Glanced at by: kevans
Sponsored by: Netflix
This is a follow-up patch to https://reviews.freebsd.org/D42459
that modifies the loader lua to use the correct loader variables
for determining ACPI availability.
This also fixes a bug where ACPI can be inadvertently disabled when
setting System Defaults at the loader menu.
Reviewed by: imp, kevans
Approved by: kp
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D42483
lua was previously unable to determine ACPI presence because this
probing was postponed until the final loading and execution of the
kernel.
This patch resolves that by detecting ACPI early (similar to
the order of operations in the legacy i386 loader).
Reviewed by: kevans
Approved by: kp
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D42459
Preemptively address a collision with LIBFDT (to be added in the future)
from src.libnames.mk, which gets included via bsd.progs.mk. No
functional change intended.
Reviewed by: imp
MFC after: 1 week
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D42486
This feature is marked as ZFEATURE_FLAG_READONLY_COMPAT and so
irrelevant for read-only pool imports by the loader:
"com.delphix:spacemap_v2"
This should cause no functional changes, just a code cleanup.
I'm sorry, missed it in previous commit.
MFC after: 2 months
These features are marked as ZFEATURE_FLAG_READONLY_COMPAT and so
irrelevant for read-only pool imports by the loader:
"com.datto:resilver_defer",
"com.delphix:obsolete_counts",
"com.delphix:spacemap_histogram",
"com.delphix:zpool_checkpoint",
"com.intel:allocation_classes",
"org.zfsonlinux:allocation_classes"
This should cause no functional changes, just a code cleanup.
MFC after: 2 months
To read/update the boot loader nvstore, we always need to call
zfs_attach_nvstore() regardless of whether we use bootonce key
in nvstore or the bootfs property of the pool. The call was
unintentionally left in the block of code that is processed
only when bootonce key is present.
In particular this fixes broken 'nextboot -k'.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D41795
Fixes: e3e2681d0e
The module entries should generally allow whatever is allowed as an
env_var in the pattern table. Notably, we're missing periods which
would allow proper entries for .dtb files in loader.conf that don't need
to specify a module_name entry for it.
%d in this expression is actually redundant as %w is actually
"all alphanumerics," but I've included it for now to match the env_var
entry. We should really remove it from both.
Reported by: "aribi" on the forums via allanjude@
MFC after: 1 week
9600 was a standard baud rate decades ago, but 115200 is now more common
so choose defaults that are useful to the largest number of users.
Note that boot0sio does not support rates above 9600 so it remains
unchanged.
Reviewed by: bz, imp, manu
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D36295
We plan to increase the default serial rate to 115200 (see review
D36295) but early boot components that use BIOS interfaces do not
support higher rates. Add a note to that effect.
Reported by: imp
Sponsored by: The FreeBSD Foundation
By not exporting _start, we get various warnings of the form:
ld: warning: cannot find entry symbol _start
Note that in practice these don't matter because we manually construct
our PE header and use objcopy -O binary, so the entry point is set to
whatever we put explicitly in the PE header, but we should still do the
right thing and silence these warnings.
This was found in CheriBSD, where bsd.prog.mk has similar logic to
bsd.lib.mk and sets -Wl,--(no-)fatal-warnings based on LD_FATAL_WARNINGS
(unlike FreeBSD which only does so in the latter).
The removal of the sparc64 support in February 2020 obsoleted the
VTOC8 partitioning scheme as no other FreeBSD platform makes use
of it. Moreover, the code is bitrotting as nothing defines e. g.
LOADER_VTOC8_SUPPORT any more and, thus, should go now, too. With
this change, the following commits are reverted as far as VTOC8
is concerned and parts haven't already previously been deleted
along with prior sparc64 removals:
094fcb157da7d366e958ba8d50d08b
The alignment example d9711c28ef
added to the VTOC8 section of gpart.8 is folded into the MBR one.
This should finally conclude the deorbit of sparc64-specific bits.
We had joy, we had fun
we ran Unix on a Sun.
But that source and the song
of FreeBSD have all gone.
Credits to Michael Bueker for the original "Unix on a Sun" and Rod
McKuen for the "Seasons in the Sun" lyrics.
In most cases, usage does not return, so mark them as __dead2. For the
cases where they do return, they have not been marked __dead2.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/735
As a result, it is only really checking for the word Drive, making
"Drive" appended to anything else considered for efi env.
Reviewed by: imp, kevans
Pull Request: https://github.com/freebsd/freebsd-src/pull/738
Before this change we would only pass the bootonce dataset name
to the environment for the next loader, while actually reading
the next stage loader from the 'bootfs' dataset, not the bootonce
dataset.
Another problem fixed by this change is a boot from a configuration
when bootonce attribute is present, but 'bootfs' property is not set.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D40389