earlier migration away from sloppy mode-endings (r280925,280974-280976)
due to a red-herring in diagnosing HardenedBSD boot lockup.
Thanks to: lattera (shawn.webb@hardenedbsd<dot>org)
MFC after: 3 days
X-MFC-to: stable/10
X-MFC-with: r280925,280974-280976,281176-281179
NB: This deeply effected HardenedBSD which had a default value set.
Embarassingly, I allowed the `type' primitive to be passed -1/-1 for
c-addr/u stack input (the effect of which is to pull INT_MAX bytes
from character address negative one in which hilarity ensues over a
black screen in full-on bootlock). Much thanks to Shawn Webb [lattera]
for helping me diagnose.
NB: The mode-ending revisions were initially suspected (and reverted)
but proved to be a red-herring. Proper mode endings will be returning.
Thanks to: lattera (@HardenedBSD [<dot><com>])
Reported by: lattera
MFC after: 3 days
X-MFC-to: stable/10
loader.efi still needs work, but boot1.efi now builds.
Differential Revision: https://reviews.freebsd.org/D2244
Reviewed by: rpaulo
Sponsored by: The FreeBSD Foundation
Much of this file is common to the architectures we support, so share
an implementation by adding a little #ifdef-ery.
Differential Revision: https://reviews.freebsd.org/D2241
Reviewed by: imp
Sponsored by: The FreeBSD Foundation
It's necessary to reset the screen to make sure any vendor pixels are
gone when we start boot1. In the Lenovo X1 (3rd gen), this is the
only way to clear the screen. Previously, the Lenovo logo would only
disappear after the kernel started scrolling the display.
After resetting the screen, EFI could put us in the worst LCD mode
(oversized characters), so we now find the largest mode we can use and
hope it's the most appropriate one (it's not trivial to tell what's
the correct LCD resolution at this point). It's worth noting that the
final stage loader has a 'mode' command that can be used to switch
text modes.
While there, enable the software cursor, just like in the legacy boot
mode.
MFC after: 1 week
This was not (and still is not) connected to the build, but the EFI
loader is in the process of being built for other than amd64 so these
files ought to live in their eventual MD location.
stage, just like for the regular world stage.
Reviewed by: rodrigc, imp, bapt, emaste
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D2187
Return EINVAL instead of EFTYPE if we have a multiboot kernel loaded but
failed to load the modules. This makes it clear that the kernel/module
should be handled by the multiboot handler but something went wrong.
Sponsored by: Citrix Systems R&D
Zero the list of modules array before using it, or else we might pass
uninitialized data in unused fields of the struct that will make Xen choke.
Also add a check to make sure malloc succeeds.
Sponsored by: Citrix Systems R&D
support for booting arm and arm64 from UEFI.
Differential Revision: https://reviews.freebsd.org/D2164
Reviewed by: emaste, imp (previous version)
Sponsored by: The FreeBSD Foundation
Summary:
Add "GELI Passphrase:" prompt to boot loader.
A new loader.conf(5) option of geom_eli_passphrase_prompt="YES" will now
allow you to enter your geli(8) root-mount credentials prior to invoking
the kernel.
See check-password.4th(8) for details.
Differential Revision: https://reviews.freebsd.org/D2105
Reviewed by: (your name[s] here)
MFC after: 3 days
X-MFC-to: stable/10
Relnotes: yes
Test Plan:
Drop a head copy of check-password.4th into /boot and then apply the patch
(only the patch to /boot/check-password.4th is required; no other changes are
required but you do have to have a HEAD copy of check-password.4th to
apply the patch).
NB: The rest of your /boot files can be up to 2 years old but no older.
NB: The test won't work unless your kernel has the following change
https://svnweb.freebsd.org/base?view=revision&revision=273489
Now, put into /boot/loader.conf:
geom_eli_passphrase_prompt="YES"
and reboot.
You should be prompted for a GELI passphrase before the menu (if enabled),
just after loading loader.conf(5).
NB: It doesn't matter if you're using GELI or not. However if you are using
GELI and a sufficiently new enough release (has SVN r273489) and you entered
the proper passphrase to mount your GELI encrypted root device(s), you should
notice that the boot process did not stop (you went from loader all the way to login).
Reviewers: cperciva, allanjude, scottl, kmoore
Subscribers: jkh, imp
Differential Revision: https://reviews.freebsd.org/D2105
