Only accept 'net' and 'pxe' devices as underlying transport
in tftp.c on x86. Prior to this change tftp code would attempt
to send packets over any boot device, including zfs one with
predictably sad results.
Approved by: re (gjb)
MFC After: 1 month
Based on r134760:
Reset the seek pointer to 0 when a file is successfully opened,
since otherwise the initial seek offset will contain the directory
offset of the filesystem block that contained its directory entry.
This bug was mostly harmless because typically the directory is
less than one filesystem block in size so the offset would be zero.
It did however generally break loading a kernel from the (large)
kernel compile directory.
Also reset the seek pointer when a new inode is opened in read_inode(),
though this is not actually necessary now because all callers set
it afterwards.
PR: 177328
Submitted by: Eric van Gyzen
Reviewed by: iedowse
MFC after: 5 days
is a bit obfuscated here, as ia64 adds string source files elsewhere, so
simply exclude it here.
Reviewed by: imp
MFC after: 3 days
Sponsored by: DARPA, AFRL
Trim two now-unneeded (and likely harmful) lines from the libstand
setjmp/longjmp for MIPS.
Spotted by: jmallett
MFC after: 3 days
Sponsored by: DARPA, AFRL
and 64-bit MIPS. Don't use the floating-point coprocessor in the libstand
context for MIPS.
Reviewed by: imp
MFC after: 3 days
Sponsored by: DARPA, AFRL
buffer. For now it fixes bug when following `ls` command will return data
from previous one aborted by pager. Also it should allow to read several
directories same time, for example, for recursive tracerse.
(x86 assembler optimization disabled for now because it
requires the new .cfi_* directives that is not supported
by base system binutils).
MFC after: 1 week
The NAND Flash environment consists of several distinct components:
- NAND framework (drivers harness for NAND controllers and NAND chips)
- NAND simulator (NANDsim)
- NAND file system (NAND FS)
- Companion tools and utilities
- Documentation (manual pages)
This work is still experimental. Please use with caution.
Obtained from: Semihalf
Supported by: FreeBSD Foundation, Juniper Networks
The index() and rindex() functions were marked LEGACY in the 2001
revision of POSIX and were subsequently removed from the 2008 revision.
The strchr() and strrchr() functions are part of the C standard.
This makes the source code a lot more consistent, as most of these C
files also call into other str*() routines. In fact, about a dozen
already perform strchr() calls.
As I looked through the C library, I noticed the FreeBSD MIPS port has a
hand-written version of index(). This is nice, if it weren't for the
fact that most applications call strchr() instead.
Also, on the other architectures index() and strchr() are identical,
meaning we have two identical pieces of code in the C library and
statically linked applications.
Solve this by naming the actual file strchr.[cS] and let it use
__strong_reference()/STRONG_ALIAS() to provide the index() routine. Do
the same for rindex()/strrchr().
This seems to make the C libraries and static binaries slightly smaller,
but this reduction in size seems negligible.
At work we have a single tftp server that provides installation data for
a variety of operating systems. I'd rather place our FreeBSD-related
files in a subdirectory, instead of the root.
It would be nice if this setting could be run-time configurable, but at
least in our specific case, this is not possible, as pxeboot is
chainloaded through pxelinux.
Sponsored by: Kumina bv
In C90, NULL is guaranteed to be declared in <stddef.h> and also in
<string.h>. Though the correct way to define NULL in FreeBSD is to
include <sys/_null.h>, other parts of libstand still require <string.h>
to build; therefore, we keep <string.h> in stand.h and add a note about
this;
- Removing no longer used 'Prototype' definition. Quote from bde@:
'Cruft related to getting incomplete struct declarations within
prototypes forward-declared before the structs. It doesn't mean
"prototype" but only part of a prototype-related hack. No longer
used.'
- Replacing iaddr_t with uintptr_t;
- Removing use of long double to determine alignment. Use a fixed 16 byte
alignment instead;
Reviewed by: bde
Obtained from: DragonFlyBSD (partially)
MFC after: 1 month
this fix only applies to zalloc.c, the other part of libstand such like
qdivrem.c still gives compilation warnings on sparc64 tinderbox builds;
therefore, WARNS level isn't changed for now.
Submitted by: Garrett Cooper <yanegomi@gmail.com>
Reviewed by: bde
(1) Coding style changes.
(2) If the server does not acknowledge any blocksize option,
revert to the default blocksize of 512 bytes.
(3) Send ACK if the first packet happens to be the last packet.
(4) Do not accept blocksize greater than what was requested.
(5) Drop any unwanted OACK received if a tftp transfer is already
in progress.
(6) Terminate incomplete transfers with a special no-error ERROR packet.
Otherwise we rely on the tftp server to time out, which it does
eventually, after re-sending the last packet several times and spamming
the system log about it every time. This idea is borrowed from the
PXE client, which does exactly that.
Submitted by: Alexander Kabaev <kan@FreeBSD.org>
Reviewed and Tested by: Santhanakrishnan Balraj <sbalraj at juniper dot net>
------------------------------------------------------------------------
r172854 | marius | 2007-10-21 10:03:18 -0700 (Sun, 21 Oct 2007) | 16 lines
Changed paths:
M /head/lib/libstand/tftp.c
- Given that we tell the compiler that struct ip is packed and 32-bit
aligned, GCC 4.2.1 also generates code for sendudp() that assumes
this alignment. GCC 4.2.1 however doesn't 32-bit align wbuf, causing
the loader to crash due to an unaligned access of wbuf in sendudp()
when netbooting sparc64. Solve this by specifying wbuf as packed and
32-bit aligned, too. As for lastdata and readudp() this currently is
no issue when compiled with GCC 4.2.1, though give lastdata the same
treatment as wbuf for consistency and possibility of being affected
in the future. [1]
- Sprinkle const on a lookup table.
------------------------------------------------------------------------
send along the "blksize" option specified in RFC2348,
and the "tsize" option specified in RFC2349.
Add code to parse the TFTP Option Acknowledgement (OACK) packet as
specified in RFC2347.
For TFTP servers which support the "blksize" option, we can
specify a TFTP Data block size larger than the default 512 bytes
specified in RFC1350. This offers greater read performance when
downloading files.
We request an initial size of 1428 bytes, which is less than the
Ethernet MTU of 1500 bytes. If the TFTP server sends back an OACK
packet, then use the block size specified in the OACK packet.
Most times it is usually the same value as what we request.
If the TFTP server supports RFC2348, we will see performance improvements
by transferring files over TFTP with larger block sizes.
If we do not get back an OACK packet, then we most likely we
are interoperating with a legacy TFTP server that does not
support TFTP extension options, so default to the block size of
512 bytes.
(2) If the "tftp.blksize" environment variable is set, then
take that value and use it when sending the TFTP RRQ packet,
instead of 1428. This allows us to set different values of
"tftp.blksize" in the loader, so that we can test out different
TFTP block sizes at run time.
Obtained from: Juniper Networks
Fixed by: rodrigc
unwanted packet(non-tftp). Change this to retransmit the packet(request or ack) only after
a timeout.
Obtained from: Juniper Networks
Fixed by: Santhanakrishnan Balraj <sbalraj at juniper dot net>
In sendrecv_tftp:
* Upon receving an unexpected block of data or error, resend the ACK
immediately instead of waiting till the expiry of receive data timeout
to resend the ACK.
* change the receive timeout value between retries to be 2xMINTMO.
Obtained from: Juniper Networks
Fixed by: Santhanakrishnan Balraj <sbalraj at juniper dot net>
to increase in steps of MINTMO, instead of doubling the timeout for every
retry.
Obtained from: Juniper Networks
Fixed by: Santhanakrishnan Balraj <sbalraj at juniper dot net>
This allows the nfs_getrootfh() function to return the
correct file handle size to pxe.c for pxeboot. It also
results in NFSv2 no longer being used by default anywhere
in FreeBSD. If built with OLD_NFSV2 defined, the old
code that predated this patch will be built and NFSv2
will be used.
Tested by: danny at cs.huji.ac.il
MFC after: 2 weeks
CVS r1.94 jhb:
Cast the integer read as the first argument for %b to an unsigned integer
so it's value is not sign extended when assigned to the uintmax_t variable
used internally by printf. For example, if bit 31 is set in the cpuid
feature word, then %b would print out the initial value as a 16 character
hexadecimal value. Now it only prints out an 8 character value.
CVS r1.109 njl:
Add support for 'h' and 'hh' modifiers for printf(9).
CVS r1.117 phk:
If we ignore an unknown % sequence, we must stop interpreting the remaining
% arguments because the varargs are now out of sync and there is a risk that
we might for instance dereference an integer in a %s argument.
SVN r209836 jkim:
Implement optional 'precision' for numbers. Previously, it was parsed but
ignored. Some third-party modules (e.g., APCICA) prefer this format over
zero padding flag '0'.
implement assert() instead of relying on a non-required exit(). The exit()
invocation also did not match the semantics of the exit() routine that
current boot environments happen to require.
PR: kern/144749
Discussed with: bde
MFC after: 1 week
Similar to libexec/, do the same with lib/. Make WARNS=6 the norm and
lower it when needed.
I'm setting WARNS?=0 for secure/. It seems secure/ includes the
Makefile.inc provided by lib/. I'm not going to touch that directory.
Most of the code there is contributed anyway.
support to bzip2fs. This fixes problems with loading compressed amd64
kernel modules containing debug symbols.
Submitted by: David Naylor naylor.b.david (gmail)
MFC after: 1 week
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
revised/modified by me) to store dhcp options into kenv variables,
so the information is available to the boot loader and can be used
to customize the boot process.
The change is totally unintrusive, essentially made of a single
function to be called while parsing a dhcp response, and a couple
of tables to classify options. The values extracted from dhcp
options are stored in the kenv environment in one of these forms:
+ options whose name and type is known are saved as
dhcp.name = value (string, or number/ip addresses lists)
+ unknown options are assumed to be strings and saved as
dhcp.option-NNN = "value"
+ options listed as '__INDIR' and sent on the wire as e.g.
option unknown-252 "some.name=the actual value"
are saved as
some.name = "the actual value"
+ options listed as '__ILIST' and sent on the wire as e.g.
option unknown-249 "a.b=foo bar; c.d= 123; e.f=done"
are saved as multiple values
a.b="foo bar"
c.d="123"
e.f="done"
As you can see there is quite a bit of flexibility on what can
be passed to the loader or the kernel.
For the time being the vendor-specific table is mostly disabled,
because there is no standard set of options for FreeBSD, and I don't
know all the pxe-specific vendor options.
Also, applications using libstand may live in memory-constrained
environments, so it makes sense to keep these tables as small as
possible, especially considering that one can generate arbitrary
name=value pairs using site-specific options of type __INDIR or
__ILIST (there are 4 __ILIST and 5 __INDIR in the table, numbered
246..249 and 250..254).
Actually, considering that probably 75% of the standard dhcp options
are totally useless, it might make sense to remove them as well.
Submitted by: Danny Braniss
MFC after: 4 weeks
- It is opt-out for now so as to give it maximum testing, but it may be
turned opt-in for stable branches depending on the consensus. You
can turn it off with WITHOUT_SSP.
- WITHOUT_SSP was previously used to disable the build of GNU libssp.
It is harmless to steal the knob as SSP symbols have been provided
by libc for a long time, GNU libssp should not have been much used.
- SSP is disabled in a few corners such as system bootstrap programs
(sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves.
- It should be safe to use -fstack-protector-all to build world, however
libc will be automatically downgraded to -fstack-protector because it
breaks rtld otherwise.
- This option is unavailable on ia64.
Enable GCC stack protection (aka Propolice) for kernel:
- It is opt-out for now so as to give it maximum testing.
- Do not compile your kernel with -fstack-protector-all, it won't work.
Submitted by: Jeremie Le Hen <jeremie@le-hen.org>
returned on a perfectly valid bzip2 stream whose decompressed size
is multiple of read-ahead buffer size. Reproduce the problem is easy:
create some power-of-two sized file (truncate -s 1m file will do),
bzip2 it and try to load it as md_image from loader. See how it fails.
The bug doesn't affect gzip code (which most of bzip2-reading code was
copied from) probably due to the fact that libgzip doesn't report
Z_STREAM_END with the last block, but requires extra call to inflate()
to retrieve it and has some extra data in the input stream at that time.
However, apply similar fix to gzipfs.c just in the case the API will
change in the future to do what bzip2 code does.
Add some ifdef'ed code to enable testing bzipfs.c from witin normal
FreeBSD environment as opposed to the restricted loader one, so that
one can use gdb and whatnot.
Sponsored by: Sippy Software, Inc., http://www.sippysoft.com/
MFC in: 7 days
on i386 and amd64 machines. The overall process is that /boot/pmbr lives
in the PMBR (similar to /boot/mbr for MBR disks) and is responsible for
locating and loading /boot/gptboot. /boot/gptboot is similar to /boot/boot
except that it groks GPT rather than MBR + bsdlabel. Unlike /boot/boot,
/boot/gptboot lives in its own dedicated GPT partition with a new
"FreeBSD boot" type. This partition does not have a fixed size in that
/boot/pmbr will load the entire partition into the lower 640k. However,
it is limited in that it can only be 545k. That's still a lot better than
the current 7.5k limit for boot2 on MBR. gptboot mostly acts just like
boot2 in that it reads /boot.config and loads up /boot/loader. Some more
details:
- Include uuid_equal() and uuid_is_nil() in libstand.
- Add a new 'boot' command to gpt(8) which makes a GPT disk bootable using
/boot/pmbr and /boot/gptboot. Note that the disk must have some free
space for the boot partition.
- This required exposing the backend of the 'add' function as a
gpt_add_part() function to the rest of gpt(8). 'boot' uses this to
create a boot partition if needed.
- Don't cripple cgbase() in the UFS boot code for /boot/gptboot so that
it can handle a filesystem > 1.5 TB.
- /boot/gptboot has a simple loader (gptldr) that doesn't do any I/O
unlike boot1 since /boot/pmbr loads all of gptboot up front. The
C portion of gptboot (gptboot.c) has been repocopied from boot2.c.
The primary changes are to parse the GPT to find a root filesystem
and to use 64-bit disk addresses. Currently gptboot assumes that the
first UFS partition on the disk is the / filesystem, but this algorithm
will likely be improved in the future.
- Teach the biosdisk driver in /boot/loader to understand GPT tables.
GPT partitions are identified as 'disk0pX:' (e.g. disk0p2:) which is
similar to the /dev names the kernel uses (e.g. /dev/ad0p2).
- Add a new "freebsd-boot" alias to g_part() for the new boot UUID.
MFC after: 1 month
Discussed with: marcel (some things might still change, but am committing
what I have so far)
aligned, GCC 4.2.1 also generates code for sendudp() that assumes
this alignment. GCC 4.2.1 however doesn't 32-bit align wbuf, causing
the loader to crash due to an unaligned access of wbuf in sendudp()
when netbooting sparc64. Solve this by specifying wbuf as packed and
32-bit aligned, too. As for lastdata and readudp() this currently is
no issue when compiled with GCC 4.2.1, though give lastdata the same
treatment as wbuf for consistency and possibility of being affected
in the future. [1]
- Sprinkle const on a lookup table.
Reported by: marcel [1]
Submitted by: yongari [1]
Reviewed by: marcel [1]
MFC after: 5 days
BZ_NO_COMPRESS support to the bzip2 sources directly (yes, this takes file
off the vendor branch, but looks like bzip2 maintainer doesn't care), so that
it will not be removed when the next upgrade is performed. Also, add a short
note on how to test bzip2 support.
Pointy hat to: obrien
Correct comment (libz -> libbz2) and remove useless full path to zutil.h
while I am here.
bzip2 support provided, and amd64 depended on. Amd64 has a custom
${.OBJDIR}/machine symlink in it and the -I. picked this up. Without
it, the libstand code was being compiled in 32 bit mode, but with 64 bit
machine headers.
since otherwise the initial seek offset will contain the directory
offset of the filesystem block that contained its directory entry.
This bug was mostly harmless because typically the directory is
less than one filesystem block in size so the offset would be zero.
It did however generally break loading a kernel from the (large)
kernel compile directory.
Also reset the seek pointer when a new inode is opened in read_inode(),
though this is not actually necessary now because all callers set
it afterwards.
- bzipfs and gzipfs now properly return errno values directly from their
read routines rather than returning -1.
- missing errno values on error returns for the seek routines on almost
all filesystems were added.
- fstat() now returns -1 if an error occurs rather than ignoring it.
- nfs's readdir() routine now reports valid errno values if an error or
EOF occurs rather than EPERM (It was just returning 0 for success and
1 for failure).
- nullfs used the wrong semantics for every function besides close() and
seek(). Getting it right for close() appears to be an accident at that.
- read() for buffered files no longer returns 0 (EOF) if an error occurs,
but returns -1 instead.
associated floppy if needed into a static split_openfile() function.
- Use this function in splitfs_open() to open the first chunk rather
than using open() directly. This allows the first chunk to be located
on a different disk than the actual foo.split file.
file in the NFS file system when the underlying device is not a
network device. A Sparc64 specific hack for this exact problem was
already present (nfs.c:1.9, tftp.c:1.10), but the problem is not
specific to Sparc64. The hack has been promoted to a non-i386 test
because on non-i386 architectures it's either impossible to have
non-network devices coexist in the same loader with the NFS FS, or
network and non-network device coexist and NFS filesystems can only
be used on top of network devices. I believe i386 pxeboot is where
this does not hold.
The root cause of this problem is in open.c where each file system
is tried until no more file systems exist or a file system returns
success. There's no notion of a list of valid file systems given
the underlying device and the non-existence of a file can cause
the invalid combination to be tried.
