Commit Graph

10 Commits

Author SHA1 Message Date
Allan Jude
b996592c3e Implement GELI (AES-XTS and AES-CBC only) in gptboot and gptzfsboot
Allows booting from a GELI encrypted root file system, via UFS or ZFS

Reviewed by:	gnn, smh (previous version), delphij (previous version)
Relnotes:	yes
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D4593
2016-03-16 23:12:19 +00:00
Warner Losh
5063232c10 RBX_ defines are in rbx.h, move it there.
Differential Revision: https://reviews.freebsd.org/D5038
2016-01-26 06:26:44 +00:00
John Baldwin
179fa75e6e Reassign copyright statements on several files from Advanced
Computing Technologies LLC to Hudson River Trading LLC.

Approved by:	Hudson River Trading LLC (who owns ACT LLC)
MFC after:	1 week
2015-04-23 14:22:20 +00:00
Andriy Gapon
4efe2886a5 boot: use packed attribute for edd_params* structures and their substructures
The sole purpose of this change is to make sure that sizeof produces
"canonical" sizes for these structures.  This is to avoid triggering
bugs in the BIOSes that properly handle only the canonical values of
input length provided to INT 13h AH=48h.
The canonical sizes are: 30 for v2, 66 for v3, etc.
Buggy BIOS code probably looks like:
if (input_length > 30) {   /* > v2 */
	assume that input length is 66 /* assume v3 or later */
}

This should fix boot problems at least on Supermicro X8DT6 and possibly
on P410i Smart Array Controller (as found in e.g. HP DL360 G7).

Reported by:	gnn, np, rstone
Debugged by:	rstone
Discussed with:	ae, np, rstone
MFC after:	4 days
2012-11-14 11:05:16 +00:00
Andriy Gapon
29c8c4b0f5 btxldr: future-proof argument passing from boot1/2-ish to loader
Place the arguments at a fixed offset of 0x800 withing the argument area
(of size 0x1000).  Allow variable size extended arguments first of which
should be a size of the extended arguments (including the size
parameter).

Consolidate all related definitions in a new i386/common/bootargs.h header.

Many thanks to jhb and bde for their guidance and reviews.

Reviewed by:	jhb, bde
Approved by:	jhb
MFC after:	1 month
2012-05-09 08:04:29 +00:00
John Baldwin
5b9e248af5 - Add a new header for the x86 boot code that defines various structures
and constants related to the BIOS Enhanced Disk Drive Specification.
- Use this header instead of magic numbers and various duplicate structure
  definitions for doing I/O.
- Use an actual structure for the request to fetch drive parameters in
  drvsize() rather than a gross hack of a char array with some magic
  size.  While here, change drvsize() to only pass the 1.1 version of
  the structure and not request device path information.  If we want
  device path information you have to set the length of the device
  path information as an input (along with probably checking the actual
  EDD version to see which size one should use as the device path
  information is variable-length).  This fixes data smashing problems
  from passing an EDD 3 structure to BIOSes supporting EDD 4.

Reviewed by:	avg
Tested by:	Dennis Koegel  dk neveragain.de
MFC after:	1 week
2011-10-25 19:54:06 +00:00
John Baldwin
4f88092408 Consolidate duplicate definitions of V86_CY() and V86_ZR() which check for
the carry and zero flags being set, respectively, in <btxv86.h> and use
them throughout the x86 boot code.
2011-10-25 19:45:12 +00:00
John Baldwin
ed10c810db Due to space constraints, the UFS boot2 and boot1 use an evil hack where
boot2 calls back into boot1 to perform disk reads.  The ZFS MBR boot blocks
do not have the same space constraints, so remove this hack for ZFS.
While here, remove commented out code to support C/H/S addressing from
zfsldr.  The ZFS and GPT bootstraps always just use EDD LBA addressing.

MFC after:	2 weeks
2011-04-28 17:44:24 +00:00
Andrey V. Elsukov
fa3c0ecda2 Set control flags in putc(). This should fix zfsboot hangs in drvread().
PR:		kern/153552
Reviewed by:	jhb
MFC after:	1 week
2011-03-16 20:04:56 +00:00
Pawel Jakub Dawidek
a0e2fdedd1 - Split code shared by almost any boot loader into separate files and
clean up most layering violations:

	sys/boot/i386/common/rbx.h:

		RBX_* defines
		OPT_SET()
		OPT_CHECK()

	sys/boot/common/util.[ch]:

		memcpy()
		memset()
		memcmp()
		bcpy()
		bzero()
		bcmp()
		strcmp()
		strncmp() [new]
		strcpy()
		strcat()
		strchr()
		strlen()
		printf()

	sys/boot/i386/common/cons.[ch]:

		ioctrl
		putc()
		xputc()
		putchar()
		getc()
		xgetc()
		keyhit() [now takes number of seconds as an argument]
		getstr()

	sys/boot/i386/common/drv.[ch]:

		struct dsk
		drvread()
		drvwrite() [new]
		drvsize() [new]

	sys/boot/common/crc32.[ch] [new]

	sys/boot/common/gpt.[ch] [new]

- Teach gptboot and gptzfsboot about new files. I haven't touched the
  rest, but there is still a lot of code duplication to be removed.

- Implement full GPT support. Currently we just read primary header and
  partition table and don't care about checksums, etc. After this change we
  verify checksums of primary header and primary partition table and if
  there is a problem we fall back to backup header and backup partition
  table.

- Clean up most messages to use prefix of boot program, so in case of an
  error we know where the error comes from, eg.:

	gptboot: unable to read primary GPT header

- If we can't boot, print boot prompt only once and not every five
  seconds.

- Honour newly added GPT attributes:

	bootme - this is bootable partition
	bootonce - try to boot from this partition only once
	bootfailed - we failed to boot from this partition

- Change boot order of gptboot to the following:

	1. Try to boot from all the partitions that have both 'bootme'
	   and 'bootonce' attributes one by one.
	2. Try to boot from all the partitions that have only 'bootme'
	   attribute one by one.
	3. If there are no partitions with 'bootme' attribute, boot from
	   the first UFS partition.

- The 'bootonce' functionality is implemented in the following way:

	1. Walk through all the partitions and when 'bootonce'
	   attribute is found without 'bootme' attribute, remove
	   'bootonce' attribute and set 'bootfailed' attribute.
	   'bootonce' attribute alone means that we tried to boot from
	   this partition, but boot failed after leaving gptboot and
	   machine was restarted.
	2. Find partition with both 'bootme' and 'bootonce' attributes.
	3. Remove 'bootme' attribute.
	4. Try to execute /boot/loader or /boot/kernel/kernel from that
	   partition. If succeeded we stop here.
	5. If execution failed, remove 'bootonce' and set 'bootfailed'.
	6. Go to 2.

   If whole boot succeeded there is new /etc/rc.d/gptboot script coming
   that will log all partitions that we failed to boot from (the ones with
   'bootfailed' attribute) and will remove this attribute. It will also
   find partition with 'bootonce' attribute - this is the partition we
   booted from successfully. The script will log success and remove the
   attribute.

   All the GPT updates we do here goes to both primary and backup GPT if
   they are valid. We don't touch headers or partition tables when
   checksum doesn't match.

Reviewed by:	arch (Message-ID: <20100917234542.GE1902@garage.freebsd.pl>)
Obtained from:	Wheel Systems Sp. z o.o. http://www.wheelsystems.com
MFC after:	2 weeks
2010-09-24 19:49:12 +00:00