Commit Graph

871 Commits

Author SHA1 Message Date
Toomas Soome
1309bed839 loader: zfs reader should not probe partitionless disks
First of all, normal setups can not boot such pools as the tools
do not support installing boot programs.

Secondly, for proper pool configuration detection, we need to checks all
four label copies on disk, 2 from front and 2 from the end of the disk,
but zfs label does not contain the size of the disk - so we depend on
firmware to report the correct disk size or use information from the
partition table.

Without partition table, we only can rely on firmware to report and support
disk IO properly.

There is a specific case: 8TB disks are reported by BIOS to have 4294967295
sectors (0x00000000ffffffff), the sectors reported by OS is 15628053168
(0x00000003a3812ab0), so the reported size is less than actual but is hitting
32-bit max. Unfortuantely the real limit must be even lower because probing
this disk in this system will wnd up with hung system.

UEFI boot of this system seems not to be affected.

Reviewed by:	imp
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D18558
2018-12-16 08:58:14 +00:00
Rebecca Cran
122229de87 Cast error message in efi_main.c to CHAR16* to avoid build error 2018-12-13 23:49:20 +00:00
Rebecca Cran
974df0a915 Print an error message in efi_main.c if we can't allocate memory for the heap
With the default Qemu parameters, only 128MB RAM gets given to a VM. This causes
the loader to be unable to allocate the 64MB it needs for the heap. This change
makes the cause of the error more obvious.

Differential Revision:	https://reviews.freebsd.org/D17958
2018-12-13 23:20:58 +00:00
Justin Hibbits
9471caaba7 powerpc/ubldr: Teach powerpc's ubldr to boot 64-bit kernels
This is just a copy of powerpc/ofw's ppc64_elf_freebsd.c modified to fit
ubldr's boot format.

MFC after:	1 week
2018-12-10 01:52:39 +00:00
Ian Lepore
9631ae8267 Don't reference zfs-specific variables if LOADER_ZFS_SUPPORT is undefined
because the variables will be undefined too.

Reported by:	sjg@
Pointy hat:	ian@
2018-12-06 20:28:09 +00:00
Kirk McKusick
fb14e73cb4 Normally when an attempt is made to mount a UFS/FFS filesystem whose
superblock has a check-hash error, an error message noting the
superblock check-hash failure is printed and the mount fails. The
administrator then runs fsck to repair the filesystem and when
successful, the filesystem can once again be mounted.

This approach fails if the filesystem in question is a root filesystem
from which you are trying to boot. Here, the loader fails when trying
to access the filesystem to get the kernel to boot. So it is necessary
to allow the loader to ignore the superblock check-hash error and make
a best effort to read the kernel. The filesystem may be suffiently
corrupted that the read attempt fails, but there is no harm in trying
since the loader makes no attempt to write to the filesystem.

Once the kernel is loaded and starts to run, it attempts to mount its
root filesystem. Once again, failure means that it breaks to its prompt
to ask where to get its root filesystem. Unless you have an alternate
root filesystem, you are stuck.

Since the root filesystem is initially mounted read-only, it is
safe to make an attempt to mount the root filesystem with the failed
superblock check-hash. Thus, when asked to mount a root filesystem
with a failed superblock check-hash, the kernel prints a warning
message that the root filesystem superblock check-hash needs repair,
but notes that it is ignoring the error and proceeding. It does
mark the filesystem as needing an fsck which prevents it from being
enabled for writing until fsck has been run on it. The net effect
is that the reboot fails to single user, but at least at that point
the administrator has the tools at hand to fix the problem.

Reported by:    Rick Macklem (rmacklem@)
Discussed with: Warner Losh (imp@)
Sponsored by:   Netflix
2018-12-06 00:09:39 +00:00
Ian Lepore
7297dc4441 Fix args cross-threading between gptboot(8) and loader(8) with zfs support.
When loader(8) is built with zfs support enabled, it assumes that any extarg
data present is a zfs_boot_args struct, but if the first-stage loader was
gptboot(8) the extarg data is actually a geli_boot_args struct.  Luckily,
zfsboot(8) and gptzfsboot(8) have always passed KARGS_FLAGS_ZFS along with
KARGS_FLAGS_EXTARG, so we can use KARGS_FLAGS_ZFS to decide whether the
extarg data is a zfs_boot_args struct.

To avoid similar problems in the future, gptboot(8) now passes a new
KARGS_FLAGS_GELI to indicate that extarg data is geli_boot_args.  In
loader(8), if the neither KARGS_FLAGS_ZFS nor KARGS_FLAGS_GELI is set but
extarg data is present (which will be the case for gptboot compiled before
this change), we now check for the known size of the geli_boot_args struct
passed by the older versions of gptboot as a way of confirming what type of
extarg data is present.

In a semi-related tidying up, since loader's main() has already decided
what type of extarg data is present and set the global 'zargs' var
accordingly, don't repeat the check in extract_currdev, just check whether
zargs is NULL or not.

X-MFC after:	a few days, along with prior related changes.
2018-12-04 16:43:50 +00:00
Ed Maste
f7eb23ee34 stand/i386: rename .s to .S to use Clang IAS
As part of the migration away from obsolete binutils we want to retire
GNU as.  Most assembly files used on amd64 have a .S extension and
(via rules in share/mk/bsd.suffixes.mk) are assembled with Clang's
Integrated Assembler (IAS).  Rename files in stand/i386 to .S to use
the integrated assembler.

Clang's IAS supports the defsym option (via -Wa,) but only with one
dash, not two.  As both -defsym and --defsym are accepted by GNU as,
use the former.

PR:		233611
Reviewed by:	tsoome
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D18369
2018-12-03 19:16:34 +00:00
Warner Losh
991699dbba Move inclusion of src.opts.mk later.
src.opts.mk includes bsd.own.mk. This in turn defines CTFCONVERT_CMD
depending on the MK_CTF value. We then set MK_CTF to no, which has no
real effect. The solution is to set all the MK_foo values before
including src.opts.mk.

This should stop the cdboot binary from exploding in size for releases
built WITH_CTF=yes in src.conf.

Sponsored by: Netflix
2018-12-03 17:51:10 +00:00
Ian Lepore
df108aafe9 Eliminate duplicated code and struct member definitions in the handoff
of args data between gptboot/zfsboot and loader(8).

Despite what seems like a lot of changes here, there are no actual
changes in behavior, or in the data layout in the structures involved.
This is just eliminating identical code pasted into multiple locations.

In detail, the changes are...

- Move struct zfs_boot_args definition from libsa/zfs/libzfs.h to
  i386/common/bootargs.h because it is specific to x86 booting and the
  handoff between zfsboot and loader, and has no relation to the zfs
  library code in general.

- The geli_boot_args and zfs_boot_args structs both contain an identical
  set of member variables containing geli information.  Extract this out
  to a new geli_boot_data struct, and embed it in the arg-passing structs.

- Provide new routines geli_import_boot_data() and geli_export_boot_data()
  that can be shared between gptboot, zfsboot, and loader instead of
  pasting identical code into several different .c files.

- Remove some checks for a NULL pointer that can never be true because the
  pointer being tested was set using pointer math (kargs + 1) and that can
  never result in NULL in this code.
2018-12-03 03:58:30 +00:00
Justin Hibbits
781dc30c1b ubldr: Force 'usefdt' variable to 1 for powerpc
The fdt is gated, on powerpc, with a 'usefdt' environment variable.  Force
enable it in ubldr, so that the fdt is passed through the metadata.
2018-12-02 02:20:35 +00:00
Toomas Soome
fb0df66629 loader.efi: fix EFI getchar() for multiple consoles
This fix is ported from illumos (issue #9970), the analysis and initial
implementation was done by John Levon.

See also: https://www.illumos.org/issues/9970

Currently, efi_cons_getchar() will wait for a key. While this seems to make
sense, the implementation of getchar() in common/console.c will loop across
getchar() for all consoles without doing ischar() first.

This means that if we've configured multiple consoles, we can't input into
the serial, as getchar() will be sat waiting for input only from efi_console.c

This patch does implement a bit more generic key buffer to support
translation of input keys, and we use generic efi_readkey() to reduce
duplication from calls from getchar() and poll().
2018-11-30 08:42:14 +00:00
Toomas Soome
cdff10360e loader: create separate lists for fd, cd and hd, merge bioscd with biosdisk
Create unified block IO implementation in BIOS version, like it is done in UEFI
side. Implement fd, disk and cd device lists, this will split floppy devices
from disks and will allow us to have consistent, predictable device naming
(modulo BIOS issues).

Differential Revision:	https://reviews.freebsd.org/D17888
2018-11-30 08:01:11 +00:00
Maxim Sobolev
d92fb78458 When handling CMD_CRIT error set command_errmsg to NULL after we dump it out,
so that it does not result in error message printed twice.

OK load doodoo
can't find 'doodoo'
can't find 'doodoo'
OK

MFC after:	2 weeks
2018-11-30 02:14:41 +00:00
Maxim Sobolev
55d5c94943 The libstand's panic() appends its own '\n' to the message, so that users of the API
don't need to supply one.

MFC after:	2 weeks
2018-11-29 18:37:48 +00:00
Toomas Soome
13dcff6bd8 loader: command_bcache() should print unsigned values
All bcache counters are unsigned.
2018-11-29 14:21:01 +00:00
Ian Lepore
b92c2c907e Add comments describing the bootargs handoff between loader(8) and gptboot
or zfsboot, when loader(8) is the BTX loader.  No functional changes.
2018-11-28 18:09:42 +00:00
Justin Hibbits
89797c881d powerpcspe: Don't crash the loader on ubldr with SPE instructions.
-msoft-float seems to be insufficient for disabling the SPE on powerpcspe.
Force it off with -mno-spe as well.  This prevents a crash in ubldr on
powerpcspe.
2018-11-28 01:47:01 +00:00
Ian Lepore
52c0ec1455 Restore the ability to override the disk unit/partition at the boot: prompt
in gptboot.

When arch-independent geli support was added, a new static 'gdsk' struct
was added, but there was still a static 'dsk' struct, and when you typed
in an alternate disk/partition, the string was parsed into that struct,
which was then never used for anything.  Now the string gets parsed into
gdsk.dsk, the struct that's actually used.

X-MFC after:	3 days
2018-11-27 16:16:38 +00:00
Guangyuan Yang
71cf0a4e29 Bump the date of pxeboot(8) manual page for r340917.
PR:		123484
MFC after:	5 days
2018-11-27 08:51:15 +00:00
Ed Maste
4f7c9c3e4e stand/i386/libi386: rename .s file to .S to use Clang IAS
As part of the migration away from obsolete binutils we want to retire
GNU as.  Most assembly files used on amd64 have a .S extension and are
assembled with Clang's Integrated Assembler (IAS); rename pxetram.s to
.S to use IAS as well.

The generated .text is identical (the entire .o file is not, as Clang
adds debug info.)

PR:		205250, 233094
Sponsored by:	The FreeBSD Foundation
2018-11-26 19:29:18 +00:00
Ed Maste
e5b8bced3f btx: rename .s files to .S to use Clang IAS
As part of the migration away from obsolete binutils we want to retire
GNU as.  Most assembly files used on amd64 have a .S extension and are
assembled with Clang's integrated assembler; rename two files in
stand/i386/btx/lib to .S to use IAS as well.

The generated .text is identical (the entire .o files are not, as Clang
adds debug info).

PR:		205250, 233094
Discussed with:	imp
Sponsored by:	The FreeBSD Foundation
2018-11-26 19:14:33 +00:00
Guangyuan Yang
2dfc267231 Update pxeboot(8) manual page to reflect the next-server change in the ISC DHCP v3 server.
PR:		123484
Submitted by:	edwin@mavetju.org
Reviewed by:	AllanJude
MFC after:	1 week
2018-11-25 09:37:57 +00:00
Maxim Sobolev
6c81fe160c Nuke out buffer overflow safety marker code, it duplicates similar code in
the malloc()/free() as well as having potential of softening the handling
in case error is detected down to a mere warning as compared to hard panic
in free().

Submitted by:	tsoome
Differential Revision:	https://reviews.freebsd.org/D18299
2018-11-23 22:36:56 +00:00
Ed Maste
76b6af6731 Disable build-id in i386 binary boot components
A user may enable build-id for all builds by adding
LDFLAGS=-Wl,--build-id=sha1 to /etc/make.conf.  In this case the build-id
note ends added up to mbr and pmbr's .text, which makes it too large (it
ends up being 532 bytes). To avoid this explicitly turn off build-id for
these components.

Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D15470
2018-11-23 13:50:18 +00:00
Ed Maste
02c4bf4391 stand: remove CLANG_NO_IAS from btx and gptboot
Many components under stand/ had CLANG_NO_IAS added when Clang's
Integrated Assembler (IAS) did not handle .codeNN directives.  Clang
gained support quite some time ago, and we can now build stand/ with
IAS.

Note that in some cases there are small differences in the generated
output, so CLANG_NO_IAS should be removed only after testing (or after
finding no differences in the output).

PR:		205250, 233094
Sponsored by:	The FreeBSD Foundation
2018-11-20 16:54:42 +00:00
Toomas Soome
a3fd276be0 loader: ptable_open() check for ptable_cd9660read result is wrong
The ptable_*read() functions return NULL on read errors (and partition table
closed as an side effect). The ptable_open must check the return value and
act properly.

PR:		232483
Reported by:	lev
Reviewed by:	lev,cem
Differential Revision:	https://reviews.freebsd.org/D17890
2018-11-07 21:36:52 +00:00
Toomas Soome
53e3fbee09 loader: always set media size from partition.
The disk access is validated by using partition table definitions, therefore
we have no need for if statements, just set the disk size.

Of course the partition table itself may be incorrect/inconsistent, but if
so, we are in trouble anyhow.

Differential Revision:	https://reviews.freebsd.org/D17822
2018-11-07 11:14:22 +00:00
Kyle Evans
bdf12807be lualoader: Add chainload menu entry
MFC after:	4 days
2018-11-05 16:20:07 +00:00
Toomas Soome
0d0ffe4faa loader: biosdisk should check if the media is present
The bd_print/bd_open/bd_strategy need to make sure the device does have
media, before getting into performing IO operations. Some systems can
hung if the device without a media is accessed.

Reported by:	yuripv
2018-11-02 11:41:58 +00:00
Toomas Soome
c50609fc32 loader: do not probe floppy devices for zfs
The subject is telling it all.
2018-11-02 09:47:18 +00:00
Kyle Evans
83f7a74cda lualoader: Implement boot-conf
MFC after:	3 days
2018-11-02 03:25:23 +00:00
Toomas Soome
3c3779dc20 libsa: cstyle cleanup tftp.c
No functinal changes intended.
2018-11-01 22:13:18 +00:00
Toomas Soome
c658866914 libsa: tftp should use calloc
instead of malloc() memset(), use calloc().
2018-11-01 13:29:55 +00:00
Toomas Soome
f442898fe7 libsa: tftp should not read past file end
When we have the file size via tsize option, use it to make sure we
will not attempt to read past file end.
2018-11-01 13:12:05 +00:00
Gleb Smirnoff
9319dded3d Remove unnecessary include from libstand. 2018-10-31 19:59:20 +00:00
Toomas Soome
09312399a7 loader: issue edd probe before legacy ah=08 and detect no media
while probing for drives, use int13 extended info before standard one and
provide workaround for case we are not getting needed information in case
of floppy drive.

In case of INT13 errors, there are (at least) 3 error codes appearing in case
of missin media - 20h, 31h and 80h. Flag the no media and do not print an
error.

Differential Revision:	https://reviews.freebsd.org/D17667
2018-10-31 16:42:40 +00:00
Kyle Evans
5beb550712 lualoader: Fix try_include error handling
The previous iteration of try_include attempted to be 'friendly' and error()
out if we hit an error that wasn't ENOENT. This was semi-OK, but fragile as
it relied on pattern matching the error message.

Move the responsibility for handling failure to the caller. Following
a common lua pattern, we'll return the return value of the underlying
require() on success, or false and an error message.

Reported by:	bcran
MFC after:	3 days
2018-10-29 02:58:30 +00:00
Warner Losh
16633f3a2d Move LUA_ROOT to /boot/lua
While this is mostly unused today, this is a better place than
/usr/local/lua.
2018-10-28 02:57:50 +00:00
Kyle Evans
e1f1ddeb35 lualoader: Always return a proper dictionary for blacklist
If module_blacklist isn't specified, we have an empty blacklist; effectively
the same as if module_blacklist="" were specified in loader.conf(5).

This was reported when switching to a BE that predated the module_blacklist
introduction, but the problem is valid all the same and likely to be tripped
over in other scenarios.

Reported by:	bwidawsk
MFC after:	3 days
2018-10-27 04:10:42 +00:00
Warner Losh
48f0136d52 Fix pointer arithmetic
Pointer math to find the size in bytes only works with char types.
Use correct pointer math to determine if we have enough of a header to
look at or not.

MFC After: 3 days
X-MFX-With: r339800
Noticed by: jhb@
Sponsored by: Netflix, Inc
2018-10-26 23:44:50 +00:00
Warner Losh
df65fbc569 Ensure we have a full EFI_DEVICE_PATH header before we try to look at
its length. Some BIOSes pad the length of the device path to an even
amount. When we had a device path that was somehow an odd length, we'd
wind up having 1 byte left that we were bogusly interpreting as a full
device path. We'd then dereference 2 bytes into that to get a length
of the node, which had undefined (and quite undesired) effects.

Sponsored by: Netflix, Inc
MFC After: 3 days
2018-10-26 23:08:22 +00:00
Rebecca Cran
9a815e0a58 Simplify the EFI delay() function by calling BS->Stall()
Differential Revision: https://reviews.freebsd.org/D16753
2018-10-26 21:57:22 +00:00
Kyle Evans
3078173c8d lualoader: Improve module loading diagnostics
Some fixes:

- Maintain historical behavior more accurately w.r.t verbose_loading;
  verbose_loading strictly prints "${module_name...}" and later "failed!"
  or "ok" based on load success
- With or without verbose_loading, dump command_errbuf on load failure.
  This usually happens prior to ok/failed if we're verbose_loading

Reviewed by:	imp
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D17694
2018-10-25 02:14:35 +00:00
Kyle Evans
041929aab1 menu.lua: Abort autoboot sequence on failed command
Currently, a timeout in the menu autoboot sequence would effectively do
nothing. We would return from the autoboot handling, then begin processing
the menu without redrawing it.

This change makes the behavior a little more friendly. Returning the user to
the menu can't have any good effects, so abort the autoboot sequence and
drop to the loader prompt.

MFC after:	3 days
2018-10-24 03:14:10 +00:00
Kyle Evans
e414851f3e lualoader: unload upon kernel change if a kernel was previously loaded
In the majority of cases, a kernel is not loaded before we hit the menu.
However, if a password is set, we'll trigger autoboot and have loadelf'd
beforehand. We also need to take into account one dropping to the loader
prompt and twiddling with things manually; if they try to toggle through
kernels, we'll assume they mean it.

Reported by:	trasz
MFC after:	 3 days
2018-10-24 02:02:37 +00:00
Konstantin Belousov
ad6f5f9ab5 Fix stand/ build after r339671.
ffs_subr.c requires calculate_crc32c() from libkern.  Unfortunately we
cannot just add libkern/crc32.c to libstand because crc32.o is already
compiled from contrib/zlib/crc32.c. Use the include trick to rename
the source.

Note that libstand also provides crc32.c which seems to be unused.

Reviewed by:	imp
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D17677
2018-10-23 23:11:38 +00:00
Toomas Soome
8b7db46557 loader: biosdisk interface should be able to cope with 4k sectors
The 4kn support in current bios specific biosdisk.c is broken, as the code
is only implementing the support for the 512B sector size.

This work is building the support for custom size sectors, we still do assume
the requested data to be multiple of 512B blocks and we only do address the
biosdisk.c interface here.

For reference, see also:
https://www.illumos.org/issues/8303
https://www.illumos.org/rb/r/547

As the GELI is moved above biosdisk "layer", the GELI should just work

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D11174
2018-10-23 14:44:32 +00:00
Toomas Soome
bb489cd7ad libsa: re-send ACK for older data packets in tftp
In current tftp code we drop out-of-order packets; however, we should play
nice and re-send ACK for older data packets we are receiving. This will
hopefully stop server repeating those packets we already have received.
Note we do not answer duplicates from "previous" session (that is, session
with different port number), those will eventually time out.

Differential Revision:	https://reviews.freebsd.org/D17087
2018-10-23 13:38:39 +00:00
Devin Teske
ff9154be8b Restore the ability to prevent the user from interrupting the boot process
without first entering the password stored in loader.conf(5).

PR:		kern/207069
Reported by:	david@dcrosstech.com
MFC after:	3 days
Sponsored by:	Smule, Inc.
2018-10-21 00:15:51 +00:00
Ed Maste
188b0da1ce libi386: remove CLANG_NO_IAS workaround
Clang's Integrated Assembler was previously disabled for i386 with the
note that it "doesn't grok .codeNN directives yet."  This is no longer
the case (and hasn't been for some time), and the assembled output .text
is identical between gas and IAS.

MFC after:	2 months
Sponsored by:	The FreeBSD Foundation
2018-10-20 22:35:06 +00:00
Toomas Soome
0f31e1e6a8 loader.efi: add poweroff command
Add poweroff command to make life a bit easier.

Reviewed by:	imp, allanjude
Approved by:	re (kib)
Differential Revision:	https://reviews.freebsd.org/D17535
2018-10-12 16:24:49 +00:00
Kyle Evans
e0a28d2492 Enable lualoader's kernel autodetection, disabled on install media
As documented in loader.conf(5), kernels_autodetect="YES" will cause the
Lua scripts to effectively scan /boot for directories with a "kernel" file
inside, to be listed in the loader menu.

Approved by:	re (kib)
2018-10-11 17:17:54 +00:00
Kyle Evans
76c75816cf lualoader: Provide a 'menu' command to redraw the menu at the loader prompt
Reported by:	allanjude
Approved by:	re (kib)
2018-10-11 17:16:39 +00:00
Glen Barber
dbffe0f105 Fix a minor typo in loader.conf(5).
Approved by:	re (kib)
Sponsored by:	The FreeBSD Foundation
2018-10-10 20:25:41 +00:00
Kyle Evans
1613f09199 lualoader: Honor boot_* variables at lua init
For non-UEFI systems, boot.config(5) may have -s or -v specified for
single-user and verbose boot respectively. These were not being properly
taken into account and reflected in the "Boot Options" submenu. When we
initialize core.lua, we'll record boot_single and boot_verbose as we do ACPI
and consider these the system defaults.

Reported by:	David Wolfskill <david@catwhisker.org>
Approved by:	re (kib)
2018-10-07 15:28:50 +00:00
Kyle Evans
532dc17243 lualoader: Create a module blacklist, add DRM modules to it
This is a step in the process of easing migration into the new world order
of DRM drivers. Strongly encourage users towards loading DRM modules via
rc.conf(5) instead of loader.conf(5) by failing the load from loader(8).
Users so inclined may wipe out the blacklist via module_blacklist="" in
loader.conf(5), and it is expected that these modules will eventually be
removed from the blacklist. They may still be loaded as dependencies of
other modules or explicitly via the loader prompt, but this should not be a
major problem.

Approved by:	re (rgrimes)
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D16914
2018-10-07 01:53:43 +00:00
Kyle Evans
c84dbc5329 lualoader: Don't draw loader menu with autoboot_delay=-1
This was mostly a cosmetic issue. autoboot_delay=-1 is documented to bypass
the loader menu and immediately execute the boot command, but lualoader
would draw the menu and immediately execute the boot command. No interaction
was possible with the menu.

The fix lifts autoboot_delay processing out of menu.autoboot, which now
takes a delay and does nothing if no delay is specified. This lines up with
my expectations of menu.autoboot's usage from a third party, which may
want more control over the process than the default behavior.

PR:		231610
Approved by:	re (gjb)
2018-10-05 17:07:10 +00:00
Edward Tomasz Napierala
6c8e9a8471 Improve loader passwords:
1. Be clear about which password is being requested
2. Remove extraneous whitespace between the prompt and the cursor
3. Move the twiddle to where the prompt is, instead of two characters to the right
4. Fix erasing the 'incorrect password' message when retrying; previously it was erased partially
5. Remove the unneeded exclamation mark

Reviewed by:	kevans
Approved by:	re (gjb)
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D17236
2018-09-22 13:14:44 +00:00
Toomas Soome
7e63e808d7 libsa: validate tftp_makereq() after we did reset the read
The name check referred in the comment is not the only possible error source,
we need to validate the result.

Reviewed by:	allanjude
Approved by:	re (kib)
Differential Revision:	https://reviews.freebsd.org/D17081
2018-09-09 06:30:15 +00:00
Toomas Soome
7ee96df3b3 libsa: memory leak in tftp_open()
tftpfile is allocated just above and needs to be freed.

Reviewed by:	imp
Approved by:	re (kib)
Differential Revision:	https://reviews.freebsd.org/D17058
2018-09-08 19:17:22 +00:00
Warner Losh
0125fb6352 Be a little conservative about when to force size optimizations.
Reports have come in that there's issue with powerpc and sparc64 since
we've switched to using -Oz / -Os. We don't strictly need them for
!x86, so be conservative about when we enable them.

Approved by: re@ (gjb)
Differential Revision: https://reviews.freebsd.org/D17016
2018-09-05 20:02:23 +00:00
Ruslan Bukin
888c8381ad Enable 'C'-compressed ISA extension.
This was disabled recently due to lack of support in KDB disassembler
and DTrace FBT provider. Support for 'C'-extension to both of these was
added, so we can now enable 'C'-extension.

This reduces size of the kernel important for low-end embedded devices,
and saves cache footprint for high perfomance machines.

Approved by:	re (kib)
Sponsored by:	DARPA, AFRL
2018-09-03 14:43:16 +00:00
Robert Watson
deea362c80 The kernel DTrace audit provider (dtaudit) relies on auditd(8) to load
/etc/security/audit_event to provide a list of audit event-number <->
name mappings.  However, this occurs too late for anonymous tracing.
With this change, adding 'audit_event_load="YES"' to /boot/loader.conf
will cause the boot loader to preload the file, and then the kernel
audit code will parse it to register an initial set of audit event-number
<-> name mappings.  Those mappings can later be updated by auditd(8) if
the configuration file changes.

Reviewed by:	gnn, asomers, markj, allanjude
Discussed with:	jhb
Approved by:	re (kib)
MFC after:	1 week
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16589
2018-09-03 14:26:43 +00:00
Kyle Evans
a500341916 lualoader: Handle comma-separated kernels as well
The format for kernels is documented as being space-delimited, but
forthloader was more lenient on this and so people began to depend on it.

A later pass will be made to document all of the fun features that forthloader
allowed that may not be immediately obvious.

Reported by:	mmacy
Approved by:	re (kib)
2018-09-03 03:23:09 +00:00
Kyle Evans
d3d381b2b1 userboot: handle guest interpreter mismatches more intelligently
The switch to lualoader creates a problem with userboot: the host is
inclined to build userboot with Lua, but the host userboot's interpreter
must match what's available on the guest. For almost all FreeBSD guests in
the wild, Lua is not yet available and a Lua-based userboot will fail.

This revision updates userboot protocol to version 5, which adds a
swap_interpreter callback to request a different interpreter, and tries to
determine the proper interpreter to be used based on how the guest
/boot/loader is compiled. This is still a bit of a guess, but it's likely
the best possible guess we can make in order to get it right. The
interpreter is now embedded in the resulting executable, so we can open
/boot/loader on the guest and hunt that down to derive the interpreter it
was built with.

Using -l with bhyveload will not allow an intepreter swap, even if the
loader specified happens to be a userboot with the wrong interpreter. We'll
simply complain about the mismatch and bail out.

For legacy guests without the interpreter marker, we assume they're 4th.
For new guests with the interpreter marker, we'll read it and swap over
to the proper interpreter if it doesn't match what the userboot we're using
was compiled with.

Both flavors of userboot are installed by default, userboot_4th.so and
userboot_lua.so. This fixes the build WITHOUT_FORTH as a coincidence, which
was broken by userboot being forced to 4th.

Reviewed by:	imp, jhb, araujo (earlier version)
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D16945
2018-09-01 02:23:45 +00:00
Kyle Evans
2ac6dfb0c2 lualoader: Print error messages from command failures at the prompt
Previously lualoader would remain silent, rather than printing
command_errmsg or noting that a command had failed or was not found.

Approved by:	re (gjb)
2018-08-31 15:02:53 +00:00
Kyle Evans
ca703fe987 lualoader: fix color usage
Resetting to the default color scheme was done prior to reading the config.
This is bogus; colors may only be declined by the user with the
loader.conf(5) variable "loader_color", so such a request for no color will
not be completely honored as we reset to the default color scheme
unconditionally.

Approved by:	re (rgrimes)
2018-08-30 13:29:32 +00:00
Mark Johnston
f6a0fd4490 Document the cpu_microcode_* tunables.
Reviewed by:	bcr (previous version), kib
Approved by:	re (gjb)
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D16923
2018-08-28 17:14:46 +00:00
Andrew Turner
78da604641 Ensure we have a large enough stack for the lua loader
Lua has a few places where it allocates a large buffer on the stack. This
is normally fine, except there are a few places where there can be multiple
frames with this buffer. This can cause a stack overflow on some arm64 SoCs.

Fix this by allocating our own stack in loader.efi large enough for these
objects. The required size has been found by tracing how the stack pointer
changes in a virtual machine and found to be no larger than 50kB. A
larger stack is allocated to reduce the likelihood of overflow from future
changes.

Reviewed by:	kevans
Approved by:	re (kib)
Differential Revision:	https://reviews.freebsd.org/D16886
2018-08-27 11:14:49 +00:00
Kyle Evans
5dd1b8342c lualoader: Fix override of module_path on loader prompt
Earlier changes setup a config.module_path variable that was populated upon
reading of loader.conf(5) and used for restoring module_path to pristine
condition if multiple kernels are attempted. This broke the ability to
override module_path at the loader prompt in case of emergency.

Approved by:	re (rgrimes)
2018-08-25 04:28:02 +00:00
Kyle Evans
13eade284e stand: fdt: Drop some write-only assignments/variables and leaked bits
Generally straightforward enough; a copy of argv[1] was being made in
command_fdt_internal, solely used for a comparison within the
handler-search, then promptly leaked.

Reported by:	ports gcc and clang's static analyzer
2018-08-23 18:01:34 +00:00
Kyle Evans
1ee89ab5dd lualoader: Accept that people use unquoted values in loader.conf
While loader.conf(5) suggests that all values should be quoted, reality is
that this was never strictly enforced and it is used. We already make some
concession to this in number values, which aren't strictly quoted either.

The compromise here is that multi-word values must be quoted. This lets
things like `foo_load=YES` work, while denying more complex expressions on
the right hand side. This likely catches the vast majority of current usage.

A bit of a kludge is needed to accomplish this since Lua regex doesn't
support branching. I had considered splitting up expressions and generating
the right-hand side of the expressions completely in config.parse, but
deemed this too large of an overhaul to take given the current timing. This
should be re-worked shortly after the thaw.

Reported by:	royger
2018-08-23 17:27:02 +00:00
Kyle Evans
0d7bee6a2a lualoader: Fix (add) Xen support
lualoader was not respecting the 'xen_kernel' environment variable, which
hints to the interpreter that it should load a Xen kernel prior to loading
any other kernel that might be specified. If a Xen kernel is specified and
we fail to load it, we should not proceed to boot.

Reported by:	royger
Tested by:	royger
2018-08-23 16:26:03 +00:00
Kyle Evans
35437b1f16 efiloader: Setup FDT in autoload to fix overlays clobbering kenv
manu found in the noted PR that overlays seemed to be clobbering the kenv
and killing the boot. Further inspection revealed that one can `fdt ls` at
the loader prompt for a successful boot, but autoboot breaks it.

In the autoboot case, first setup of FDT is happening in the middle of
bi_load, which triggers loading of the DTBO from /boot.

This is bad, bad, bad. Files in the loader are loaded somewhere in the
middle of the address space one after another. bi_load starts building the
needed kernel bootinfo immediately after the highest-addr loaded file. File
loads in the middle of bi_load suddenly clobber bootinfo and everything goes
off the rails.

The solution to this is to use take advantage of arch_autoload to setup FDT
in efiloader compiled with LOADER_FDT_SUPPORT. This matches how it works in
ubldr land, and is how it should have worked when overlay support was added
to efiloader since fdt_setup_fdtp now has the potential to load files
(courtesy of fdt_platform_load_dtb).

PR:		230804
Discussed with:	imp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D16858
2018-08-23 13:38:38 +00:00
Kyle Evans
98d0335366 fdt_fixups: relocate the /chosen node after applying fixups
As indicated by the comment, any fixups applied (which might include
overlays) can invalidate the previously located node by adding nodes or
setting/adding properties. The later fdt_setprop of fixup-applied property
would then fail because of the bad/wrong node offset.

This would have generally been harmless, but potentially caused multiple
applications of fixups and caused a little bit of bloat.

MFC after:	1 week
2018-08-23 01:22:13 +00:00
Kurt Lidl
cefee54838 Increase the size of the heap size available on sparc64 during
operation of "loader".  The dramatic increase in size of
SPA_MAXBLOCKSIZE in r304321 causes the heap space to be exhausted,
so malloc() fails, ultimately leading to a memcpy() with a
destination of 0x0.

MFC after:	3 days
2018-08-22 14:33:57 +00:00
Toomas Soome
45a3e13ca8 loader: bios loader should allow to chain load a file
The current chain command does accept only device, allow also a file to be used,
such as /boot/pmbr or /boot/mbr (or stored third party MBR/VBR block).

Also fix file descriptor leak.
2018-08-22 10:04:42 +00:00
Kyle Evans
9a16e110d0 lualoader: Fix loader.conf(5) EOL validation for 'exec' lines
This includes some light rework to simplify the line parsing, as well.  If
we hit a line match, we'll always either use the line and move on to the
next line, or we'll spew out malformed line errors.

We had multiple spots to output the error and set the status based on
whether we had a non-nil first capture group or failed EOL validation, but
it was always the same error.  Light rework entails a small label jump to
skip error handling and elimination of 'found' local.
2018-08-22 01:52:55 +00:00
Kyle Evans
058c692e15 lualoader: Refactor config line expressions
A couple of issues addressed:

1.) Modules with - in the name were not recognized as modules
2.) The module regex was repeated for each place a module name may appear
3.) The 'strip leading space' bits were repeated for each expression
4.) The trailing 'comment validation' stuff was repeated every expression

#4 still has some more work to be done. exec lines, for instance, don't
capture a 'value' -- there's only one capture pattern. This throws off the
'c' value that we match, so the trailing bits aren't *actually* being
validated. This isn't a new issue, though, so a future comit will address
this.
2018-08-21 23:42:20 +00:00
Kyle Evans
b83a355d70 lualoader: Just compare expression directly 2018-08-21 23:34:30 +00:00
Warner Losh
116c531459 Serial console menus for lua.
Remove a bunch of special cases for UEFI and serial consoles.  We do
want to do curses and menu things here. This makes us match what we do
in FORTH, with the possible exception of boxes around menus.

Differential Revision:  https://reviews.freebsd.org/D16816
2018-08-20 16:44:09 +00:00
Kyle Evans
b991b318d4 lualoader: Install all manpages
Now that a complete set is written, save for one describing loader.lua,
install all of them. This was not previously done as they were written to
hopefully avoid confusion as bits and pieces of the overall system were
undocumented.
2018-08-20 02:40:10 +00:00
Kyle Evans
75658c965c Add color.lua(8), password.lua(8), and screen.lua(8) 2018-08-20 02:37:24 +00:00
Kyle Evans
beacffb30d Add drawer.lua(8) 2018-08-20 02:08:39 +00:00
Kyle Evans
2c690e2a40 lualoader: Add drawer-exported variables for default logodefs
Uncovered while writing the documentation from this, we previously
explicitly fell back to orb or orbbw if an invalid or incompatible logodef
was selected -- in contrast to branddefs, which have an exported variable
that one can whip up a quick local.lua to override in a safe manner that
works regardless of whether or not loader.conf(5) successfully loads.
2018-08-19 18:43:10 +00:00
Kyle Evans
a9edc01b20 lualoader: Hide the rest of the private interfaces
These are less controversial than the others, thus done in a separate
commit. These are all used internally and ways to override are provided via
soon-to-be-documented API or loader.conf(5) variables.
2018-08-19 18:37:33 +00:00
Kyle Evans
12eaa305dd lualoader: Hide most of the internal drawing functions
Ideally, all of the functionality to revamp the loader screen has associated
APIs that are flexible enough that third-party scripts wouldn't need to
override these.
2018-08-19 18:22:01 +00:00
Warner Losh
295506bf9c Turn back the clock just a little: make userboot.so always be 4th
Turns out there was a hidden dependency we hasn't counted upon.  The
host load /boot/userboot.so to boot the VMs it runs. This means that
the change to lua meant suddently that nobody could run their older
VMs because LUA wasn't in 10.0, last month's HardenedBSD, 11.2 or
whatever.  Even more than for the /boot/loader* binaries, we need a
good coexistance strategy for this. While that's being designed and
implemented, drop back to always 4th for userboot.so. This will fail
safe in all but the most extreme environments (but lua-only hacks
to .lua files won't be processes in VMs until we fix it).

Differential Review: https://reviews.freebsd.org/D16805
2018-08-19 18:18:19 +00:00
Kyle Evans
6112ee09cb lualoader: Stop exporting drawer.draw
drawer.draw is the back-end for drawlogo and drawbrand and should not be
used directly.
2018-08-19 18:12:11 +00:00
Kyle Evans
088b5ad339 Add config.lua(8) to the tree
Reviewed by:	0mp, rpokala (earlier version)
Differential Revision:	https://reviews.freebsd.org/D14819
2018-08-19 15:07:39 +00:00
Kyle Evans
63d8b6ea21 libsa: Add lshrdi3.c for powerpc* and mips 2018-08-19 14:48:32 +00:00
Kyle Evans
f9f8ac94cd stand: Flip the default interpreter to Lua
After years in the making, lualoader is ready to make its debut. Both
flavors of loader are still built by default, and may be installed as
/boot/loader or /boot/loader.efi as appropriate either by manually creating
hard links or using LOADER_DEFAULT_INTERP as documented in build(7).

Discussed with:	imp
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D16795
2018-08-19 14:26:33 +00:00
John Baldwin
0b600ec4ae Fix casts between 64-bit physical addresses and pointers in EFI.
Compiling FreeBSD/i386 with modern GCC triggers warnings for various
places that convert 64-bit EFI_ADDRs to pointers and vice versa.
- Cast pointers to uintptr_t rather than to uint64_t when assigning
  to a 64-bit integer.
- Cast 64-bit integers to uintptr_t before a cast to a pointer.

Reviewed by:	kevans
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D16586
2018-08-18 20:28:25 +00:00
Warner Losh
bd7c104abf Add ashldi3 and ashrdi3 to mips.
Now that we're using -Os, mips needs these routines.
2018-08-16 19:39:02 +00:00
Warner Losh
4ad3fab635 Install links for loader.efi.
Submitted by: ben wilber
2018-08-16 16:30:23 +00:00
Toomas Soome
e7da951ee5 libi386: bd_io_workaround() is to be called for reads only
bd_io() can perform either reads or writes, we only need bd_io_workaround()
for reads.
2018-08-16 07:13:36 +00:00
Toomas Soome
8000f383bb libi386: small style updates in biosdisk
Use break instead of return in for loop, as done earlier. Insert and remove
some blank lines. No functional changes intended.
2018-08-16 06:50:53 +00:00
Toomas Soome
799bbc25b9 libi386: use BD_RD and BR_WR constants
Use BD_RD and BD_WR instead of 0 and 1.

Reported by:	ian
2018-08-15 22:40:09 +00:00
Toomas Soome
462d81dd3f libi386: remove bd_read() and bd_write() wrappers
Those wroappers are nice, but do not really add much value.
2018-08-15 22:25:05 +00:00
Toomas Soome
5257ddd31b libsa: zfs_probe() needs to set spa to NULL
Silence the warning about possibly uninitialized use of spa.
2018-08-15 21:38:06 +00:00
Toomas Soome
4273aef54d libi386: remove BD_SUPPORT_FRAGS
BD_SUPPORT_FRAGS is preprocessor knob to allow partial reads in bioscd/biosdisk
level. However, we already have support for partial reads in bcache, and there
is no need to have duplication via preprocessor controls.

Note that bioscd/biosdisk interface is assumed to perform IO in 512B blocks,
so the only translation we have to do is 512 <-> native block size.

Differential Revision:	https://reviews.freebsd.org/D16600
2018-08-15 21:21:16 +00:00
Kyle Evans
99a9cf5164 pkgfs_init: Initialize pkg
new_package may not set *pp if it errors out, leaving pkg uninitialized.

Reported by:	GCC
2018-08-15 21:13:10 +00:00
Warner Losh
f835d609b7 stand: Use -Oz/-Os for all loader/stand builds.
While we're not super size constrained, the x86 BIOS /boot/loader has
to be less than about 520k-530k to be reliable. The LUA loader is at
this size today. -Oz saves 15-20% on the size, keeping us safely small
enough (comparable to where we were with the 4th loader). This will
also help with sjg's work on bringing in bearssl, though we may again
be looking for space in the LUA loader.

Size table for clang 6.0.0:
	default		-O1		-Os		-Oz
4th	442368		417792		389120		376832
lua	524288		479232		446464		430080

Tested by: kevans91@ (ubldr on armv7), dhw@ (loader on amdy64)
Differential Revision: https://reviews.freebsd.org/D16724
2018-08-15 20:31:11 +00:00
Edward Tomasz Napierala
8cba5da75e Improve formatting.
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-15 11:39:13 +00:00
Edward Tomasz Napierala
5469cc0ee9 Add SECURITY section to loader(8).
Reviewed by:	bcr, jilles, imp (earlier version)
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16700
2018-08-15 08:45:05 +00:00
Kyle Evans
e112e9d255 MFV r337586: lua: Update to 5.3.5
Bugfix release, nothing too major.

Tested with:	lualoader via userboot, lualoader live
Differential Revision:	https://reviews.freebsd.org/D16665
2018-08-14 18:58:01 +00:00
Warner Losh
eddbdee83d For our INT64 implementation, we can compare integers and numbers
directly because they are the same thing.

Reviewed by: kevans@
2018-08-14 18:45:25 +00:00
Warner Losh
9d45c24cc4 Create a loader for each interpreter for x86 BIOS and all EFI
Create loader_{4th,lua,simp}{,.efi}. All of these are installed by
default. Create LOADER_DEFAULT_INTERP to specify the default
interpreter when no other is specified. LOADER_INTERP is the current
interpreter language building. Turn building of lua on by default to
match 4th. simploader is a simplified loader build w/o any interpreter
language (but with a simple loader).  This is the historic behavir you
got with WITHOUT_FORTH. Make a hard link to the default loader. This
has to be a hard link rather than the more desirable soft link because
older zfsboot blocks don't support symlinks.

RelNotes: Yes
Differential Revision: https://reviews.freebsd.org/D16705
2018-08-14 18:44:41 +00:00
Edward Tomasz Napierala
335fe94f90 Add init_exec kenv(1) variable, to make init(8) execute a file
after opening the console, replacing init as PID 1.

From the user point of view, it makes it possible to run eg the
shell as PID 1, using 'set init_exec=/bin/sh' at the loader(8)
prompt.

Reviewed by:	kib
MFC after:	2 weeks
Relnotes:	yes
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16625
2018-08-14 11:01:52 +00:00
Mark Johnston
40dfdf4382 Add microcode update configuration to the default loader.conf.
MFC after:	6 weeks
Sponsored by:	The FreeBSD Foundation
2018-08-13 17:14:06 +00:00
Kyle Evans
90486977de lualoader: Fix parsing of negative number loader.conf(5) variables
They would previously cause errors, as the regex for these did not tolerate
a leading negative sign, and the variable would simply not parse.
2018-08-13 14:49:07 +00:00
Edward Tomasz Napierala
684e907b17 Move around text in loader(8), in particular stuff related to ZFS,
to restore the usual section order.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-13 11:56:23 +00:00
Kyle Evans
456a4ad51e libi386: Fix typo in pxe.h
PR:		207337
Submitted by:	Tony Narlock <tony@git-pull.com>
MFC after:	1 week
2018-08-09 03:45:47 +00:00
Kyle Evans
77a52e3f15 libsa: exit on EOF in ngets
It was possible in some rare circumstances for ngets to behave terribly with
bhyveload and some form of redirecting user input over a pipe.

PR:		198706
Submitted by:	Ivan Krivonos <int0dster@gmail.com>
MFC after:	1 week
2018-08-09 02:55:48 +00:00
Kyle Evans
4e6c8e6d83 isoboot, gptboot: Fix WITHOUT_LOADER_GELI (gptboot) and isoboot in general
gptboot was broken when r316078 added the LOADER_GELI_SUPPORT #ifdef to
not pass geliargs via __exec.  KARGS_FLAGS_EXTARG must not be used if we're
not going to pass an additional argument to __exec.

PR:		228151
Submitted by:	guyyur@gmail.com
MFC after:	1 week
2018-08-09 02:06:25 +00:00
Edward Tomasz Napierala
fdfbf12784 Move description of init_shell, init_script, and init_chroot kenv
tunables from loader(8) to init(8), since it's init that actually
uses them.  Add .Xrs at their old place.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-07 19:23:03 +00:00
Toomas Soome
6938805f41 libsa: gzipfs.c converts pointers to integer types with different sign
Signed versus unsigned char.
2018-08-07 10:53:51 +00:00
Toomas Soome
513f7db592 libsa: dos_checksum() should take unsigned chars
Fix pointers to integers with different sign issue.
2018-08-07 10:48:36 +00:00
Toomas Soome
8750586c61 loader: bd_open() should cleanup from disk_open() error
Since bd_open() does early increment for reference counter and bcache
allocation, it also should undo those in case of the error.

Also remove unused variables rdev, g_err.
2018-08-05 19:17:07 +00:00
Toomas Soome
d1e22b8f08 loader: 337353 did miss to rename 2 write instances
2 write instances got somehow missed.
2018-08-05 18:24:35 +00:00
Toomas Soome
7bb45e615a loader: cstyle cleanup for biosdisk.c
Also switch u_int to uint32_t. Also replace "write" by "dowrite".
No functional changes intended.
2018-08-05 18:19:40 +00:00
Kristof Provost
5abe8cb6de zfsboot: Fix startup crash
On a FreeNAS mini XL, with geli encrypted drives the loader crashed in
geli_read().

When we iterate over the list of disks and allocate the zfsdsk structures we
don’t zero out the gdev pointer. In one case that resulted in geli_read()
(called on the bogus pointer) dividing by zero.

Use calloc() to ensure the zfsdsk structure is always zeroed, so the pointer is
initialised to NULL. As a side benefit it gets rid of one #ifdef
LOADER_GELI_SUPPORT.
2018-08-05 11:15:28 +00:00
Toomas Soome
d11ef379f0 loader: biosdisk.c has leftover geli header.
A small cleanup, remove unneeded #include.
2018-08-04 20:04:40 +00:00
Xin LI
3848ff5cac In r337271, we limited the sector number to the lower of calculated
number and CHS based number.  However, on some systems, BIOS would
report 0 in CHS fields, making the system to think there is 0 sectors.

Add a check before comparing the calculated total with bd_sectors.

Reviewed by:	tsoome, cy
Differential Revision:	https://reviews.freebsd.org/D16577
2018-08-04 14:13:09 +00:00
Kyle Evans
37528fb4fb efi-autoresizecons: Don't fail the boot w/o GOP or UGA
efi-autoresizecons is currently executed for every boot. If it fails, we
risk failing the boot, and we really shouldn't do that unless we absolutely
must.

Not being able to locate GOP or UGA is not a significant enough failure to
kill the boot. We always have the option to fall back to resizing ConOut to
a higher text mode resolution (if available), so do that.

This was detected by Doug [1] while attempting a bhyve + UEFI + PXE boot.
This patch was effectively also submitted by Doug, but I expanded the
comment he had originally sent me a little bit to indicate why this is an OK
idea.

Reported by:	Doug Ambrisko <ambrisko@ambrisko.com> [1]
2018-08-04 06:40:18 +00:00
Cy Schubert
ca237cc5e1 Some drives report a geometry that is inconsisetent with the total
number of sectors reported through the BIOS. Cylinders * heads *
sectors may not necessarily be equal to the total number of sectors
reported through int13h function 48h.

An example of this is when a Mediasonic HD3-U2B PATA to USB enclosure
with a 80 GB disk is attached. Loader hangs at line 506 of
stand/i386/libi386/biosdisk.c while attempting to read sectors beyond
the end of the disk, sector 156906855. I discovered that the Mediasonic
enclosure was reporting the disk with 9767 cylinders, 255 heads, 63
sectors/track. That's 156906855 sectors. However camcontrol and
Windows 10 both report report the disk having 156301488 sectors, not
the calculated value. At line 280 biosdisk.c sets the sectors to the
higher of either bd->bd_sectors or the total calculated at line 276
(156906855) instead of the lower and correct value of 156301488 reported
by int 13h 48h.

This was tested on all three of my Mediasonic HD3-U2B PATA to USB
enclosures.

Instead of using the higher of bd_sectors (returned by int13h) or the
calculated value, this patch uses the lower and safer of the values.

Reviewed by:	tsoome@
Differential Revision:	https://reviews.freebsd.org/D16577
2018-08-03 19:11:00 +00:00
Toomas Soome
3768af833b loader.efi: clean up misleading noise from missing block devices
If there are no block devices, there is no need to printout
error (ENOENT).

In case of netboot, our image path has no block device, no need to make
noise about it.
2018-08-03 07:59:29 +00:00
Toomas Soome
bcc7f4c221 loader.efi: efipart_inithandles() failure should not prevent devsw initialization
The efipart_inithandles() can return error code when there are no block devices,
however, we still should walk and initialize devsw.
2018-08-02 12:43:40 +00:00
Toomas Soome
17e2c2661b libsa: dereferencing type-punned pointer in cd9660
The warning is given by gcc build, but it is good to fix anyhow.
use bcopy instead of direct assignment.
2018-08-02 06:22:10 +00:00
Kyle Evans
bba8f1fe0e ubldr: Bump heap size, 1MB -> 2MB
1MB was leaving very little margin in some of the worse-case scenarios with
lualoader. 2MB is still low enough that we shouldn't have any problems with
UBoot-supported boards.

MFC after: 1 week
2018-08-01 20:08:20 +00:00
Toomas Soome
8696ce6e29 libsa: assignment to char * from u_char *
Cast to char * instead of u_char *
2018-08-01 12:14:10 +00:00
Toomas Soome
d07ea92f55 libsa: bootp is using pointers with different sign
Just change bp_file to char and same for variable s.
2018-08-01 12:06:39 +00:00
Toomas Soome
eba1bc411b libsa: pointer differs in signedness
A small cleanup, fix the argument type and while there, replace (char *)0 with
NULL.
2018-08-01 11:40:52 +00:00
Kyle Evans
1ddc8a8e68 Follow up to r336919 and r336921: s/efi.rt_disabled/efi.rt.disabled/
The latter matches the rest of the tree better [0]. The UPDATING entry has
been updated to reflect this, and the new tunable is now documented in
loader(8) [1].

Reported by:	imp [0], Shawn Webb [1]
2018-07-30 18:13:20 +00:00
Warner Losh
e78f6dd79f Be more conservative about setting hw.uart.console
Note when we've found a 8250 PNP node. Only try to set hw.uart.console
if we see one (otherwise ignore serial hints). The 8250 is the only
one known to have I/O ports, so limit the guessing to when we've
positively seen one.  And limit this to x86 since that's the only
platform where we have I/O ports. Otherwise, we'd set the serial port
to something crazy for the platform and fall off the cliff early in
boot.

Differential Revision:  https://reviews.freebsd.org/D16463
2018-07-28 19:44:20 +00:00
Warner Losh
08fa847abf Use % for printf, not a dollar sign 2018-07-27 22:35:07 +00:00
Warner Losh
0f0d65df7b Style nits noted by rpokala 2018-07-27 22:31:38 +00:00
Warner Losh
34b3f88f36 In the BootXXXX message, use the actual boot variable.
Fix stupid compile issue that crept in when I moved patches between trees.
2018-07-27 22:29:20 +00:00
Warner Losh
fb4c478715 Add some additional debug to loader.efi
Add some verbose debugging information to the loader's new
choices. I'll remove these / put them behind a DEBUG define at a later
time. This is to give additional information if there's any dangling
edge cases not contemplated by the code. r336789 had most of this
change, but had the wrong commit message. This refines it slightly.
2018-07-27 22:29:15 +00:00
Warner Losh
8c18b82b3d stand debug 2018-07-27 22:00:00 +00:00
Kyle Evans
be2050dab9 lualoader: "nextboot_file" should be spelled "nextboot_conf"
See: /boot/defaults/loader.conf

Reported by:	gtetlow (inadvertently)
2018-07-27 11:35:58 +00:00
Warner Losh
1e354803ee Ignore Device Paths in the Boot Info that don't have Media path
nodes. These show up in default entries on SuperMicro motherboards and
elsewhere. Before, we couldn't find a block device associated with the
device path and return BAD_CHOICE which was an instant
failure. However, a VendHw node isn't specifc, so when we don't find a
media path, return NOT_SPECIFIC so that the rest of the algorithms
work.

Sponsored by: Netflix.
2018-07-26 05:08:58 +00:00
Ruslan Bukin
8e8fbf193d Disable 'C'-compressed ISA extension.
It works excellent, but KDB disassembler and DTrace FBT provider for
RISC-V do lack support for it. They currently handle 4-byte instructions
only, while C-compressed ISA extension introduces 2-byte instructions
freely mixing them together.

So disable it for now.

Reviewed by:	markj@
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16436
2018-07-25 16:07:35 +00:00
Warner Losh
b43c6042c3 Finalize the boot manager protocol support for next-stage boot
loading.

If we are booting in a conforming UEFI Boot Manager Environment, then
use the BootCurrent variable to find the BootXXXX we're using. Once we
find that, then if it contains more than one EFI_DEVICE_PATH in its
what to boot section, try to use the last one as the kernel to
load. This will also set the default root partition as well. If
there's only one path, or if there's an error along the way, assume
that nothing specific was specified and revert to the old
algorithm. If something was specified, but not found, then fail the
boot. Otherwise you that, specific thing. On FreeBSD, this can be set
using efibootmgr -l <loader> -k <kernel>. We try a few variations of
kernel to cope with the fact that UEFI comes from a DOS world where
paths might be upper case and/or contain back-slashes.

Note: In an ideal world, we'd work out where we are in chain loading
by looking at the passed-in image handle and doing name
matching. However, that's unreliable since at least boot1.efi booted
images don't have that, hence the assumption that loader.efi needs to
load the last thing on the list, if possible.

The reason we fail for something specific is so that we can fully
participate in the UEFI Boot Manager Protocol and fail over to the
next item in the list of BootOrder choices when something goes wrong
at this stage.

This implements was was talked about in freebsd-arch@ last year
https://docs.freebsd.org/cgi/getmsg.cgi?fetch=3576+0+archive/2017/freebsd-arch/20171022.freebsd-arch
and documented in full (after changed resulting from the discussion) in
https://docs.google.com/document/d/1aK9IqF-60JPEbUeSAUAkYjF2W_8EnmczFs6RqCT90Jg/edit#
although one or two minor details may have been modified in this
implementation to make it work, and the ZFS MEDIA PATH extension isn't
implemented. This does not yet move things to ESP:\efi\freebsd\loader.efi.

RelNotes: Yes
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D16403
2018-07-23 20:36:59 +00:00
Warner Losh
00a47597a3 Implement efiblk_get_pdinfo_by_device_path
Lookup a block device by it's device path. We use a 'loose' lookup
whereby we scan forward to the first Media Path portion of the device
path, then look at all our handles for one whose first Media Path
matches. This will also work if the device path pointed to has a
following file path (or paths) as that's ignored. It assumes that
there's only one media path node that describes the entire device,
which is true as of the latest UEFI spec (2.7 Errata A) as far as I've
been able to determine.

Sponsored by: Netflix
2018-07-23 20:36:54 +00:00
Warner Losh
c6c2a73c0c Implement efi_devpath_length
Return the total length, in bytes, of the device path (including the
terminating node at the end).

Sponsored by: Netflix
2018-07-23 20:36:50 +00:00
Warner Losh
13850b362f Implement efi_devpath_match_node
Returns true if the first node pointed to by devpath1 is identical to
the first node pointed to by devpath2, with care taken to not read
past the end of the valid parts of either devpath1 or
devpath2. Otherwise, returns false.

Sponsored by: Netflix
2018-07-23 20:36:45 +00:00
Warner Losh
3ef81aa0f5 Store the number of handles we get back in efipart_nhandles rather
than the number of bytes. Don't divide by the element size every time
we have to iterate. Eliminate now-unused variables.

Sponsored by: Netflix
2018-07-23 20:36:41 +00:00
Warner Losh
ee4e1d5807 Implement efi_devpath_to_media_path
Takes a generic device path as its input. Scans through it to find the
first media_path node in it and returns a pointer to it. If none is
found, NULL is returned.

Sponsored by: Netflix
2018-07-23 20:36:25 +00:00
Warner Losh
afe7cf8749 Fix the attempt to see if we're overriding the console in the command
line args. I had thought console would be NULL, but it's efi. Set it
to efi (as a clue) before we initialize the console, then test it to
see if it changed on the command line to do the automatic
override. This gets my serial console back.
2018-07-23 06:38:48 +00:00
Warner Losh
3b74102205 Older zfs boot blocks don't support symlinks. install the link to
zfsloader as a hard link. While newer ones do, the whole point of the
link was to transition to the new world order smoothly. A hard link is
less flexible, but it works and will result in fewer bumps. Adjust
UPDATING entry to match.
2018-07-23 06:04:05 +00:00
Warner Losh
1f9bd5f67c Hoist EFI_TARGET and SOURCE_DATE_EPOCH up into efi/Makefile.inc 2018-07-20 05:18:03 +00:00
Warner Losh
fdcfd483e3 NM and OBJCOPY are already defined for all builds. There's no need to
conditionally define them here.
2018-07-20 05:17:56 +00:00
Warner Losh
1a14a0bfb7 Eliminate zfsloader man page.
Remove all cross references to zfsloader.8 and /boot/zfsloader.
Move ZFS specific info into loader.8.

Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D16361
2018-07-20 05:17:49 +00:00
Warner Losh
060679ef9c Collapse zfsloader functionality back down into loader.
We no longer really need a separate zfsloader. It was useful when we
were first supporting ZFS and had limited ability to properly boot off
of ZFS without the special boot loader. Now that the boot loader has
matured, go the way loader.efi pioneered and just build one
binary. Change the name of the loader to load in the secondary boot
blocks to be just /boot/loader. Provide a symbolic link from zfsloader
to loader so people who have not upgraded their boot blocks are not
affected. This has the happy benefit of making coexistence easier as
well (fewer binaries in the matrix).

Discussed with: allanjude@, kevans@
RelNotes: Yes
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D16361
2018-07-20 05:17:37 +00:00
Warner Losh
2168b18916 If the console is already set, don't override it.
If console=X is specified on the command line, it's effectively
overridden by the current code. It shouldn't do that.
2018-07-18 22:45:45 +00:00
Warner Losh
e39cc26762 If rootdev is set, use it as currdev.
Setting rootdev in the enviornment should specify things
completely. If it is set, then have it override everything else.

PR: 229770
Differential Review: https://reviews.freebsd.org/D16322
2018-07-18 22:45:26 +00:00
Warner Losh
5a399a1a39 Remove bogus attempt to simulate scrolling. It's not needed and messes
up serial output. Setting the cursor position after every character is
inefficient, and causes all lines to be over-printed in the serial
console for the boot loader. Allow the terminal to do the emulation.

This isn't completely perfect when the size of the terminal attached
to the serial port isn't the same as 80x25 to match the viedoe console
(or whatever the video console is). While imperfect still, these
changes make it much better.

This makes the serial port useful with UEFI.

Differential Revision: https://reviews.freebsd.org/D16309
2018-07-17 21:45:14 +00:00
Warner Losh
11df3a2881 More typos
Noticed by: ian@
2018-07-17 20:26:17 +00:00
Warner Losh
debf8b839b Fix typo in the command summary.
Of course, I can't get the command to work, but it's a start...
2018-07-17 20:11:52 +00:00
Li-Wen Hsu
ceab45b744 zfsboot: fix build with WITHOUT_LOADER_GELI
Reviewed by:	ian
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D16292
2018-07-16 19:21:50 +00:00
Warner Losh
d59db438cb Minor adjustments:
o Fix the parsing of the device path. a last minute change terminated
  it too soon.
o Kill setting LINES. We don't need to do it, and even if we did hard
  coding it to 24 is wrong.
o Now that the console is working again for the loader, adjust the
  printfs to be more in line with other platforms.
2018-07-14 06:43:37 +00:00
Warner Losh
a44c75739d Add reporting of whether or not a keyboard is detected. In addition,
note that r336270's commit message was slightly incorrect. It changed
the default setting of the console to honor the ConOut
variable. Overrides via the command line are still possible, and we
use the devices in ConOut to set the proper console. If, for example,
serial cosnole is specified, we'll set console to "efi" if ConOut has
a serial port list and to either "efi comconsole" or "comconsole efi"
if not depending on whether -D or -D -h was specified.

RelNotes: Yes
Sponsored by: Netflix
2018-07-14 01:46:19 +00:00
Warner Losh
3fecfbebe9 uefi stand: Guess the console better
For server machines, ComOut is set to the set of devices that the efi
console suppots. Parse it to see if we have serial, video or both.
Make that take precidence over the command line args. boot1.efi parses
them, but loader.efi doesn't. It's not clear where to read boot.conf
from, so we don't do that. The command line args can still be set via
efibootmgr, which is more inline with the UEFI boot manager to replace
that. These args are typically used only to set serial vs video and
the com speed line. We can infer that from ComOut, so do so.
Remember the com speed and hw.uart.console to match.

RelNotes: yes
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D15917
2018-07-14 00:40:38 +00:00
Warner Losh
f9ac902319 Define ADR subtype of ACPI type for a device path. 2018-07-13 21:03:32 +00:00
Warner Losh
bb50079093 Catch up to the inflate renaming. 2018-07-13 20:08:18 +00:00
Ian Lepore
949662216a Fix glitched indentation (and rewrap as needed due to deeper indent).
No functional changes.

Reported by:	rpokala@
2018-07-13 18:58:37 +00:00
Warner Losh
47bec71dd0 Use if rather than case for a simple boolean. gcc thinks blks is
undefined sometimes with the case, but enc is always 0 or 1, so
and if / else is better anyway.
2018-07-13 18:19:33 +00:00
Ian Lepore
c1418270b2 Extend loader(8) geli support to all architectures and all disk-like devices.
This moves the bulk of the geli support from lib386/biosdisk.c into a new
geli/gelidev.c which implements a devsw-type device whose dv_strategy()
function handles geli decryption. Support for all arches comes from moving
the taste-and-attach code to the devopen() function in libsa.

After opening any DEVT_DISK device, devopen() calls the new function
geli_probe_and_attach(), which will "attach" the geli code to the open_file
struct by creating a geli_devdesc instance to replace the disk_devdesc
instance in the open_file. That routes all IO for the device through the
geli code.

A new public geli_add_key() function is added, to allow arch/vendor-specific
code to add keys obtained from custom hardware or other sources.

With these changes, geli support will be compiled into all variations of
loader(8) on all arches because the default is WITH_LOADER_GELI.

Relnotes:	yes
Sponsored by:	Microchip Technology Inc
Differential Revision:	https://reviews.freebsd.org/D15743
2018-07-13 17:50:25 +00:00
Warner Losh
25bc561e68 There's two files in the sys tree named inflate.c, in addition
to it being a common name elsewhere. Rename the old kzip one
to subr_inflate.c.

This actually fixes the build issues on sparc64 that my inclusion of
.PATH ${SYSDIR}/kern created in r336244, so also revert the broken
workaround I committed in r336249.

This slipped passed me because apparently, I never did a clean build.
2018-07-13 17:41:28 +00:00
Warner Losh
623810105e Fix sparc64 builds
gcc is complaining about struct infate being defined in a parameter
list. It's inclear how long this has been broken, but the fix is
simple enough.
2018-07-13 17:15:14 +00:00
Warner Losh
c96ac12e5c Transition to boot_env_to_howto and boot_howto_to_env in the boot
loader.

Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D16205
2018-07-13 16:43:29 +00:00
Warner Losh
4569e91328 Eliminate boot loader copies of boot arg parsing.
Eliminate 4 of the copies of the arg parsing in /boot/laoder
by using boot_parse_cmdline.

Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D16205
2018-07-13 16:43:23 +00:00
Warner Losh
52379d36a9 Create helper functions for parsing boot args.
boot_parse_arg		to parse a single arg
boot_parse_cmdline	to parse a command line string
boot_parse_args		to parse all the args in a vector
boot_howto_to_env	Convert howto bits to env vars
boot_env_to_howto	Return howto mask mased on what's set in the environment.

All these routines return an int that's the bitmask of the args
translated to RB_* flags. As a special case, the 'S' flag sets the
comconsole_speed env var. Any arg that looks like a=b will set the env
key 'a' to value 'b'. If =b is omitted, 'a' is set to '1'.  This
should help us reduce the number of redundant copies of these routines
in the tree.  It should also give a more uniform experience between
platforms.

Also, invent a new flag RB_PROBE that's set when 'P' is parsed.  On
x86 + BIOS, this means 'probe for the keyboard, and if it's not there
set both RB_MULTIPLE and RB_SERIAL (which means show the output on
both video and serial consoles, but make serial primary).  Others it
may be some similar concept of probing, but it's loader dependent
what, exactly, it means.

These routines are suitable for /boot/loader and/or the kernel,
though they may not be suitable for the tightly hand-rolled-for-space
environments like boot2.

Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D16205
2018-07-13 16:43:05 +00:00
Warner Losh
007b82d7ab Stop using ../zfs/libzfs.h but instead use libzfs.h.
While ../zfs/libzfs.h mostly works, there are a few situations where
it does not. Eliminate the problem by using plain libzfs.h, like we do
for ufs support. This fixes the weird cases, and is easier to
understand. It also follows the general style convetion of avoiding
../ in #includes.
2018-07-08 07:42:58 +00:00
Warner Losh
b8902de147 Move ZFS files into libsa
Move the libzfs stuff into libsa. There's no need for it to be a
separate library. The separate library adds to the issues of build
ordering that we see from time to time. Move the filesystem support
into libsa, like all the other filesystem support rather than making
zfs the odd-duck out.

Discussed with: allanjude@
2018-07-08 07:42:49 +00:00
Emmanuel Vadot
7fcce9c487 loader: fdt: Try to load every possible DTB from u-boot
U-Boot setup a few variables :

 - fdt_addr which is the board static dtb (most of the time loaded before
   u-boot or coming from some hardware like a ROM)
 - fdt_addr_r which is a location in RAM that holds the DTB loaded by
   u-boot or before u-boot

In the case of u-boot + rpi firmware the DTB is loaded in RAM but the location
still end up in the fdt_addr variable and the fdt_addr_r variable exist.

Change the behavior so we test that a DTB exists for every possible variable :

 - fdt_addr_r is checked first as if u-boot needed to modify it the
   correct DTB will live there.
 - fdt_addr is checked second as if we run on a hardware with DTB in ROM
   it means that we what/need to run that
 - fdtaddr looks like a FreeBSD-ism but since I'm not sure leave it.

Reviewed by:	gonzo
Differential Revision:	https://reviews.freebsd.org/D16101
2018-07-04 07:37:45 +00:00
Allan Jude
436dbc4262 stand/common/disk.c: dev->d_offset still needs to be set to 0
With r335868, I thought this was no longer necessary. I was wrong.

Reported by:	ian
Sponsored by:	Klara Systems
2018-07-03 05:53:27 +00:00
Alexander Motin
5e2169bda1 Cut currdev dev and path fields for ZFS on the last colon.
Previously the code cut those fields on second colon, that prevented
boot from boot environments with colon in their names.  This change
moves the limitation from dev field to path, which is empty by default.

Reviewed by:	allanjude, tsoome
MFC after:	2 weeks
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D16068
2018-07-02 20:56:17 +00:00
Emmanuel Vadot
f127d86390 stand: uboot: Do not panic if we can't find a boot device
It is really anoying to panic when there is no boot device as you
cannot see the availables ones.
2018-07-02 18:23:43 +00:00
Allan Jude
32c52b4847 stand/common/disk.c: Read partition table relative to the start of the disk
If a disk is of an oddball size, like the 200mb + 512b used in rootgen.sh,
when disk_open() is called on a GELI encrypted partition, attempts to read
the partition table fail, as they pass through the decryption process which
turns the already plaintext data into jibberish.

When reading the partition table, always pass a slice and partition setting
of -1, and an offset of 0. Setting the slice to -1 prevents a false
positive when checking the slice against the cache of GELI encrypted
slices.

Reviewed by:	imp, ian
Sponsored by:	Klara Systems
Differential Revision:	https://reviews.freebsd.org/D15847
2018-07-02 18:19:08 +00:00
Warner Losh
b77bd037a1 Revert preference to be an int.
While in base we use it as a boolean (of the wrong spelling), there's
at least one out of tree user that needs it to be int since priorirty
is a small int, not a 0/1. In deference to the time it's wasted me and
my team, push this up into FreeBSD for whatever short life boot1 may
have in the tree.
2018-06-28 19:42:10 +00:00
Bryan Drewery
96a0acc4ce Don't use CCACHE for linking.
MFC after:	2 weeks
Sponsored by:	Dell EMC
2018-06-27 19:29:15 +00:00
Devin Teske
5cc9fabecf check-password.4th(8): Fix manual [in]accuracy
SVN r280384 updated the maximum password length from 16 bytes to 255. The
manual was not updated to reflect this. Found while working on kern/207069.

MFC after:	3 days
X-MFC-to:	stable/11 stable/10
Sponsored by:	Smule, Inc.
2018-06-24 19:29:29 +00:00
Allan Jude
ec82884e87 Revert r335276
This was causing issues for people booting.
I will likely bring this back as an optional feature, similar to
boot0sio, like gptboot-serial or something.

PR:		221526
Reported by:	O. Hartmann <ohartmann@walstatt.org>, Thomas Laus <lausts@acm.org>
2018-06-20 00:14:54 +00:00
Kyle Evans
80eb81f6f0 lualoader: Correct kernel_options handling
`kernel_options` were being passed as flags to load, rather than to the
kernel being loaded. This is the kernel_options counterpart to r335009.
2018-06-19 15:05:31 +00:00
Warner Losh
52666d3675 Remove stray debugging line.
Noticed by: ian@
2018-06-18 19:53:11 +00:00
Warner Losh
62bd02cee5 stand: move libgeliboot into libsa.
Reduce by 1 the number of crazy libraries we need in stand by moving
geli into libsa (where architecturally it belonged all along). This
just moves things around without any code changes.
2018-06-18 16:24:42 +00:00
Allan Jude
d48c0a685d stand/common/disk.c: Update debug printf
This was missed in r330809 because it is compiled out by default

Sponsored by:	Klara Systems
2018-06-17 19:31:35 +00:00
Allan Jude
6fee3bb8e1 gptboot, zfsboot, gptzfsboot: Enable the video and serial consoles early
Normally the serial console is not enabled until /boot.config is read and
we know how the serial console should be configured.  Initialize the
consoles early in 'dual' mode (serial & keyboard) with a default serial
rate of 115200. Then serial is re-initialized once the disk is decrypted
and the /boot.config file can be read.

This allows the GELIBoot passphrase to be provided via the serial console.

PR:		221526
Requested by:	many
Reviewed by:	imp
Sponsored by:	Klara Systems
Differential Revision:	https://reviews.freebsd.org/D15862
2018-06-17 03:18:56 +00:00
Warner Losh
02cff72a7b Many netboot scenarios don't have /boot/defaults/loader.conf. As
a fallback, also check /boot/kernel/kernel existing as well, since
that's the fallback behavior of the loader.
2018-06-17 01:26:57 +00:00
Allan Jude
71f0c895c1 Avoid reading past the end of the disk in zfsboot.c and biosdisk.c
The GELI boot code rounds reads up to 4k, since the encrypted sectors are
4k, and must be decrypted as a unit. With oddball sized disks (almost
always virtual), this can lead to reading past the end of the disk.

Reviewed by:	imp, tsoome
Sponsored by:	Klara Systems
Differential Revision:	https://reviews.freebsd.org/D15844
2018-06-16 15:16:02 +00:00
Allan Jude
f567034d1b biosdisk.c: fix type in debug printf
Sponsored by:	Klara Systems
2018-06-16 06:23:07 +00:00
Allan Jude
23e7fe13ee biosdisk.c: add missing \n to error message
Sponsored by:	Klara Systems
2018-06-16 05:58:33 +00:00
Allan Jude
bdeee1b234 biosdisk.c remove redundant variable
`rdev` and `disk` serve the same purpose, read the partition table without
the `d_offset` or `d_slice` set, so the read is relative to the start of
the disk. Reuse the already initialized `disk` instead of making another
copy later.

Sponsored by:	Klara Systems
2018-06-16 04:50:40 +00:00
Allan Jude
86981e426d Correct logic error in biosdisk.c:bd_realstrategy()
The wrong condition is used when evaluating the return of disk_ioctl()
This results in reaching the 'We should not get here' branch in most casts

Reviewed by:	imp
Sponsored by:	Klara Systems
Differential Revision:	https://reviews.freebsd.org/D15839
2018-06-16 02:50:29 +00:00
Warner Losh
ab80f5423d There's no need to walk through the tables looking for the smbios
table if we're just going to ignore it on arm, so expand, slightly,
the reach of the ifdef. Move the buffer to the inner block so we
don't have a separate #ifdef far away from these lines.

The issue on arm is that smbios_detect does unaligned accesses, which
in the u-boot implementing EFI context causes a crash.
2018-06-15 19:07:37 +00:00
Warner Losh
e8282eabad Move arg parsing into its own routine for possible later reuse. 2018-06-15 19:07:31 +00:00
Warner Losh
c2bac3e1ba Provide a more direct interface to tell ZFS what the preferred handle
is. We tell the ZFS code now, and it checks rather than having a
callback to do the checks.

This will allow us to have a more graceful fallback code. In the
future, it's anticipated that we may fallback to a more global search
(or implement a command to do so) when reqeusted by the user, or we
detect a violation of the UEFI Boot Manager protocol severe enough to
warrant this backstop. For now, it just allows us to get rid of img as
a global.

Sponsored by: Netflix
2018-06-15 19:07:26 +00:00