Commit Graph

696 Commits

Author SHA1 Message Date
Kyle Evans
f6e00525db lualoader: Return status in cli_execute_unparsed properly
cli_execute was changed to return the status, cascade that to
cli_execute_unparsed.

This fixes a lot of false "Failed to execute" errors following r330620; no
failures actually occurred, but [module]_error would've then promptly
executed (and also "failed")
2018-03-07 22:05:23 +00:00
Kyle Evans
dec08e67e4 loader.conf(5): Document some other settings
These tend to have less coverage in other places and they don't have
defaults as of yet, so mention them here:
- fdt_overlays
- kernels_autodetect (lualoader only)
2018-03-07 18:45:24 +00:00
Kyle Evans
9ab2d3c5f8 lualoader: Use cli_execute_unparsed for commands passed in via loader.conf
This applies to:
- exec
- [module]_before
- [module]_error
- [module]_after

Before this commit, these used loader.perform to execute them as a pure,
unsalted loader command. This means that they were not able to take
advantage of any Lua-salted loader commands, like boot and autoboot, or pure
Lua loader commands (functions attached to the 'cli' module).

They now have access to the full arsenal, just shy of being able to execute
arbitrary Lua.
2018-03-07 18:37:04 +00:00
Kyle Evans
e9c3ceb159 lualoader: Use cli_execute_unparsed instead of loader.interpret
loader.interpret should not be used for executing loader commands from an
untrusted source (e.g. environment vars) as it will allow execution of
arbitrary Lua. Replace it with a call to the recently introduced
cli_execute_unparsed, which parses it out as a loader command and then
dispatches it as a loader command. This effectively filters out arbitrary
Lua.
2018-03-07 18:31:01 +00:00
Kyle Evans
ca3b8c9fc4 lualoader: Fix name, cli.execute_unparsed -> cli_execute_unparsed 2018-03-07 18:28:41 +00:00
Kyle Evans
697f127dd6 lualoader: Expose loader.parse and add cli_execute_unparsed
This will be used for scenarios where the command to execute is coming in
via the environment (from, for example, loader.conf(5)) and is thus not
necessarily trusted.

cli_execute_unparsed will immediately be used for handling
module_{before,after,error} as well as menu_timeout_command. We still want
to offer these variables the ability to execute Lua-intercepted loader
commands, but we don't want them to be able to execute arbitrary Lua.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D14580
2018-03-07 18:25:27 +00:00
Kyle Evans
14a2bd52f7 stand/ficl: Fix testmain
testmain is a userland application intended to be built with standard
headers and whatnot, which we broke.

Fix it by having the testmain build clobber cflags, reducing it to just the
set of defines/includes it needs to build.

Discussed with:	imp
MFC after:	3 days
2018-03-07 17:18:46 +00:00
Kyle Evans
a2a7830eb1 lualoader: Only loadelf before boot/autoboot if no kernel loaded
Back when I "fixed" the loading of kernel/modules to be deferred until
booting, I inadvertently broke the ability to manually load a set of kernels
and modules in case of something bad having happened. lualoader would
instead happily load whatever is specified in loader.conf(5) and go about
the boot, leading to a panic loop as you try to rediscover a way to stop the
panicky efirt module from loading and fail miserably.

Reported by:	me, sadly
2018-03-07 04:11:14 +00:00
Kyle Evans
15920907ba lualoader: Use FILESDIR instead of BINDIR
Minor nit: We're not installing binaries, we're installing scripts/files
that are documented to be installed based on FILESDIR.
2018-03-05 01:18:32 +00:00
Kyle Evans
ee15e552d0 lualoader: Add note about importance of including the cli module early 2018-03-05 00:59:55 +00:00
Nathan Whitehorn
18a119d74c Where we can, pass the kernel an FDT facsimile of the OF device tree rather
than a pointer to Open Firmware by default. This eliminates a number of
potentially unsafe calls to firmware from the kernel and provides better
performance.

This feature is meant to be expanded until it is on by default
unconditionally and, ideally, we can then garbage-collect the
nightmare pile of hacks required to call into Open Firmware from a live
kernel.

Reviewed by:	jhibbits
2018-03-04 04:49:09 +00:00
Kyle Evans
2ed9eb5dae lualoader: logdef -> logodef typo 2018-03-04 03:23:19 +00:00
Kyle Evans
c6d9f133b3 lualoader: Return meaningful value in cli_execute
loader.command(...) will return whatever the executed function returns, so
follow suit and return whatever loader.command() returned or whatever the
Lua function returns.
2018-03-04 03:21:12 +00:00
Nathan Whitehorn
e05bc4f98f Move "common" Open Firmware parts of the loader used only on PowerPC to
the powerpc/ subdirectory. These have never used by SPARC and we have
no other (and almost certainly will have no other) Open Firmware platforms.
This makes the directory structure simpler and lets us avoid some
cargo-cult MI patterns on code that is, and always was,
architecture-specific.
2018-03-03 23:39:07 +00:00
Kyle Evans
2d36799a7e lualoader: Shift menu+brand even for logo=none with customized pos 2018-03-03 18:25:50 +00:00
Kyle Evans
1495c98f0b lualoader: Tweak positioning and fix an off-by-one
- All of our default positions were offset from forth
- Our menu frame size was smaller than in forth
- Logo/brand drawing had an off-by-one, drawing one column lower on the
  screen than they should have been.
- While here, switch a print() to printc() as it's expected that logos may
  contain color and other escpae sequences that we'll need to honor.
2018-03-03 18:13:14 +00:00
Kyle Evans
b435332653 lualoader: Respect loader_menu_title_align
It may be set to "left" or "right" -- any other value will cause the title
to be centered.

I've chosen to position these things just inside the vertical borders,
rather than overlapping the corners. This is an arbitrary choice and easily
amendable if this looks terrible.
2018-03-03 17:38:25 +00:00
Kyle Evans
953d8937d5 lualoader: Respect loader_menu_title, prepare for align 2018-03-03 17:25:49 +00:00
Kyle Evans
a76f8a5bc2 lualoader: Execute menu_timeout_command at the end of menu autoboot
Instead of hardcoding "boot", respect menu_timeout_command from Forth. It
still defaults to 'boot', so this will not be a functional change for most.
2018-03-03 17:18:40 +00:00
Kyle Evans
dc4e028468 liblua: Add loader.interpret
This allows lua to pass back a command string to be executed as if it were
typed at the loader prompt- loader tries to execute the string first as pure
lua, then parses it and gives lua a chance to intercept before it tries to
execute it itself.

This will be used to implement menu_timeout_command, among other things,
which *should* be used to execute basic loader commands independent of the
chosen interpreter.
2018-03-03 17:13:12 +00:00
Kyle Evans
decacd9170 lualoader: Reset the cursor position after the menu is drawn
Rather than before the menu is drawn. The drawer is going to reset the
crusor position as soon as it draws anything anyways, so doing it before
serves no purpose. Setting it after is needed so we don't clobber the menu
when we start booting.
2018-03-02 17:07:08 +00:00
Kyle Evans
a16664ce8c liblua: Use putc instead of printf for printc
printc does not need the features or the overhead of printf. It does not
take formatting strings, and it pipes the single string argument through an
"%s" format.

Instead, use putc directly. This pipes the string through in its entirety as
a series of 'unsigned char's, generally straight to the console emulator.

Discussed with:	tsoome
2018-03-02 16:31:23 +00:00
Kyle Evans
223e9874b6 lualoader: Use global printc instead of loader.printc
r330282 registered loader.printc as printc, so use it instead. This makes
sense for a couple reasons, the major point being that it reads a little bit
easier and pairs nicely with the global 'print'.

Similar cases can not really be made for other loader.* functions as most of
them are either highly specific to our use-case or usually available in
other modules, such as `os`. printc does not have a standard implementation
in the Lua world(*), so we have a little more leeway with it, and it's kind
of a special case of the globally available 'print'.

(*) I've been in the Lua world for all of two weeks, so this could be wrong.
2018-03-02 16:06:20 +00:00
Kyle Evans
59cccc5bce lualoader: Register loader.printc as global printc 2018-03-02 15:46:22 +00:00
Kyle Evans
379e652e1b lualoader: Steamroll the box-drawing
- Add drawer.frame_styles to map out the kinds of characters we need for the
  different loader_menu_frame values
- Respect loader_menu_frame, default to double[*]
- (imp) Use loader.printc instead of print- print adds a newline to the
  output, which is not the right thing we want to be doing.
- (imp) Draw horizontal frames a little more efficiently- setting the cursor
  after every line segment is horribly inefficient, especially on serial
  consoles. Halve the number of characters written at the expense of an
  additional loop to draw the bottom frame, which is likely more efficient
  in the long run for some of less ideal scenarios.

[*] menu.4th(8) claims that the default here was single, but unset
loader_menu_frame yielded double and we didn't have any overrides in the
default loader.conf(5), so double it is.
2018-03-02 15:28:08 +00:00
Kyle Evans
9eded7f476 core.lua(8): Add missing note about core.KEYSTR_CSI 2018-03-02 05:38:08 +00:00
Kyle Evans
f520b4afd2 Add menu.lua(8), but do not add to distribution
Distribution will be done after all of the lualoader manpages are created.

Reviewed by:	rpokala
Differential Revision:	https://reviews.freebsd.org/D14480
2018-03-02 05:36:04 +00:00
Kyle Evans
913bd09810 Add core.lua(8), but do not add to distribution
Distribution will be done after all of the lualoader manpages are created.

Reviewed by:	rpokala
Differential Revision:	https://reviews.freebsd.org/D14479
2018-03-02 05:35:14 +00:00
Kirk McKusick
efbf396426 This change is some refactoring of Mark Johnston's changes in r329375
to fix the memory leak that I introduced in r328426. Instead of
trying to clear up the possible memory leak in all the clients, I
ensure that it gets cleaned up in the source (e.g., ffs_sbget ensures
that memory is always freed if it returns an error).

The original change in r328426 was a bit sparse in its description.
So I am expanding on its description here (thanks cem@ and rgrimes@
for your encouragement for my longer commit messages).

In preparation for adding check hashing to superblocks, r328426 is
a refactoring of the code to get the reading/writing of the superblock
into one place. Unlike the cylinder group reading/writing which
ends up in two places (ffs_getcg/ffs_geom_strategy in the kernel
and cgget/cgput in libufs), I have the core superblock functions
just in the kernel (ffs_sbfetch/ffs_sbput in ffs_subr.c which is
already imported into utilities like fsck_ffs as well as libufs to
implement sbget/sbput). The ffs_sbfetch and ffs_sbput functions
take a function pointer to do the actual I/O for which there are
four variants:

    ffs_use_bread / ffs_use_bwrite for the in-kernel filesystem

    g_use_g_read_data / g_use_g_write_data for kernel geom clients

    ufs_use_sa_read for the standalone code (stand/libsa/ufs.c
	but not stand/libsa/ufsread.c which is size constrained)

    use_pread / use_pwrite for libufs

Uses of these interfaces are in the UFS filesystem, geoms journal &
label, libsa changes, and libufs. They also permeate out into the
filesystem utilities fsck_ffs, newfs, growfs, clri, dump, quotacheck,
fsirand, fstyp, and quot. Some of these utilities should probably be
converted to directly use libufs (like dumpfs was for example), but
there does not seem to be much win in doing so.

Tested by: Peter Holm (pho@)
2018-03-02 04:34:53 +00:00
Kyle Evans
972c7fcd3f lualoader: Use string literal \xNN instead of string.char() 2018-03-02 03:05:36 +00:00
Kyle Evans
cb4fbe4ebb lualoader: Use #str instead of tracking length with 'n'
We really gain almost nothing by tracking length separately, especially when
it's as easy as "#str", so reduce complexity.
2018-03-02 02:39:41 +00:00
Kyle Evans
2f3ecc87bf lualoader: Fix some lint-mentioned errors
- nextbootfile is not a variable, but nextboot_file is
- pstatus was explicitly initialized but later clobbered, so don't
  initialize it.
2018-03-02 02:39:16 +00:00
Kyle Evans
81fa17d177 stand: Fix build after r330249
One does not simply convert to SUBDIR.yes in stand without making everything
else in the affected files SUBDIR.yes -- there are better ways to do this.
2018-03-01 21:46:01 +00:00
Kyle Evans
27132543a0 stand: Makefile SUBDIR cleanup
Use SUBDIR.${MK_*} where appropriate. r330248 eliminated most of the
offenders, sweep the rest under the rug.

Differential Revision:	https://reviews.freebsd.org/D14545
2018-03-01 19:59:49 +00:00
Warner Losh
f86dd99686 Create LOADER_UBOOT, and LOADER_OFW. Move these options out of
Makefile.${MACHINE_ARCH} and remove the now-empty files. Generate the
*32 directories on the necessary architectures (well, currently only
amd64) on the fly. Remove LOADER_EFI variable and co-locate it with
EFI.

Differential Review: https://reviews.freebsd.org/D14546
2018-03-01 19:50:55 +00:00
Kyle Evans
fdabb5f55e lualoader: config: Pull some messages out into constants
Rather than hardcoding these things. This could lead to some form of loader
localization later, but the main goal at the moment is to get a clear view
of the strings we're outputting and strive to use more string.format() and
less wild concatenation all over the place.
2018-03-01 02:31:28 +00:00
Kyle Evans
43f7d9d1b2 lualoader: Dedup these "Return to main menu" entries 2018-03-01 02:04:26 +00:00
Ian Lepore
7feea4075b Fix module loading on arm after the metadata.c unification in r329190.
Arm modules need an additional address fixup not needed by other platforms.
2018-02-28 21:51:51 +00:00
Kyle Evans
230061c53d lualoader: Add note that \027 is a decimal representation
We've included an extra '0' in there (which might get removed later, but
it's maintained for the moment for legacy purposes) which oftentimes
indicate that the following number should be treated as octal. This is not
the case, so note that to prevent future confusion (of myself and others).
2018-02-28 05:11:10 +00:00
Kyle Evans
eda2d36b18 lualoader: Remove debug function
Our module bits ended up more stable than I anticipated, so this turns out
to be no longer useful.

If things like this need to come back, we should do it in a separate 'debug'
module to serve as a collection of debugging aides. As a rule, this 'debug'
module would *not* be allowed as a requirement of any other modules in-tree.
2018-02-28 05:02:05 +00:00
Kyle Evans
ed1d0954ca lualoader: Further screen cleanup
- Add screen.default_x and screen.default_y to determine where
  screen.defcursor resets the cursor to.
- Use screen.setcursor in screen.defcursor instead of rewriting the escape
  sequence.
- Use screen.default_y when resetting the cursor after writing the new
  twiddle character, add a comment verbally describing the position just in
  case.
2018-02-28 04:31:19 +00:00
Kyle Evans
0901ba3aa1 lualoader: Re-do twiddle
It worked on my test setup, but is clearly non-functional on others.

Further examination of check-password.4th showed that it actually reset the
cursor to 0,25 every time and overwrote the previous password prompt. Do
that, and also clear the "Incorrect Password" text if the correct password
gets entered.
2018-02-28 04:23:28 +00:00
Kyle Evans
fb7275bedb lualoader: Correct test sense, comments, and add some more comments 2018-02-27 22:07:41 +00:00
Kyle Evans
2bb86aefec lualoader: Convert instances of KEYSTR_ESCAPE .. "[" -> KEYSTR_CSI 2018-02-27 22:02:39 +00:00
Kyle Evans
d5b2439e5d lualoader: Replace instances of \027 with KEYSTR_ESCAPE
With exception to drawing bits, which should probably be kept as-is to not
make a mess out of things.

Reported by:	rpokala (a while ago)
2018-02-27 21:52:22 +00:00
Kyle Evans
8620ae0187 lualoader: Remove remnants of testing...
twiddle_pos didn't need to be a module-scope local, since it's going to get
reset with every read anyways- it was left-over from other things.

screen.movecursor with a y=-1 setting was from a test of movecursor,
resulting in the twiddle characters being drawn going up the console and
looking quite funky.
2018-02-27 21:30:24 +00:00
Kyle Evans
a6f1506f1a lualoader: Add a twiddle at password prompt
This gives some form of feedback while typing, and matches-(ish*) Forth
behavior. The cursor generally rests two column after the password prompt,
then the twiddle is drawn three columns later and the cursor reset to
resting position after being drawn.

I've removed the note about re-evaluating it for security considerations and
instead set it up as a module-local variable that we can set later depending
on environment or something. It's set to false with no chance of changing at
the moment.

*As close as I can tell from reading check-password.4th, because I don't
have an easy test (or deployed) setup for forth loader to check how close
it is. Please do mention if it's not close enough.
2018-02-27 21:22:57 +00:00
Warner Losh
9e74797f30 Move EFI up to common makefile. There's no need for all these .if's
based on architecture.

Sponsored by: Netflix
2018-02-27 17:35:29 +00:00
Toomas Soome
468b6c536a libsa: replace remaining _write callbacks by null_write
There are some _write callbacks left only returning EROFS, replace them
by null_write. return EROFS from null_write().

Reviewed by:	cem, imp, kan
Differential Revision:	https://reviews.freebsd.org/D14523
2018-02-27 12:53:25 +00:00
John Baldwin
96378b0821 Fix a typo: "now" -> "no". 2018-02-26 18:50:39 +00:00
Kyle Evans
ba37055c96 libsa: Partially revert r330023
The removal of tmo >= MAXTMO check should not have been done; this is
specifically what handles timeout if MAXWAIT == 0.

MFC after:	1 week
2018-02-26 18:24:24 +00:00
Kyle Evans
fae9c380ce libsa: Move MAXWAIT from net.h to net.c
It's not a setting that has any effect or use outside of the net.c context.
2018-02-26 18:14:37 +00:00
Kyle Evans
95c61459f3 libsa: Add MAXWAIT to net for establishing max total timeout
Current timeout behavior is to progress in timeout values from MINTMO to
MAXTMO in MINTMO steps before finally timing out. This results in a fairly
long time before operations finally timeout, which may not be ideal for some
use-cases.

Add MAXWAIT that may be configured along with MINTMO/MAXTMO. If we attempt
to start our send/recv cycle over again but MAXWAIT > 0 and MAXWAIT seconds
have already passed, then go ahead and timeout.

This is intended for those that just want to say "timeout after 180 seconds"
rather than calculate and tweak MINTMO/MAXTMO to get their desired timeout.
The default is 0, or "progress from MINTMO to MAXTMO with no exception."

This has been modified since review to allow for it to be defined via CFLAGS
and doing appropriate error checking. Future work may add some Makefile foo
to respect LOADER_NET_MAXWAIT if it's specified in the environment and pass
it in as MAXWAIT accordingly.

Reviewed by:	imp, sbruno, tsoome (all previous version)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D14389
2018-02-26 18:01:35 +00:00
Warner Losh
89181f2038 These two directories build man pages, so it's incorrect to tag them
NO_OBJ. Also, make sure the loader.conf.5 man gets built and installed.
2018-02-26 15:41:20 +00:00
Kyle Evans
9937e97979 lualoader: Re-work menu skipping bits
This is motivated by a want to reduce heap usage if the menu is being
skipped. Currently, the menu module must be loaded regardless of whether
it's being skipped or not, which adds a cool ~50-100KB worth of memory
usage.

Move the menu skip logic out to core (and remove a debug print), then check
in loader.lua if we should be skipping the menu and avoid loading the menu
module entirely if so. This keeps our memory usage below ~115KB for a boot
with the menu stripped.

Also worth noting: with this change, we no longer explicitly invoke autoboot
if we're skipping the menu. Instead, we let the standard loader behavior
apply: try to autoboot if we need to, then drop to a loader prompt if not or
if the autoboot sequence is interrupted. The only thing we still handle
before dropping to the loader autoboot sequence is loadelf(), so that we can
still apply any of our kernel loading behavior.
2018-02-26 15:37:32 +00:00
Kyle Evans
5495d73c35 lualoader: screen argument fixes
screen was also guilty of not-so-great argument names, but it was also
guilty of handling color sequences on its own. Change those bits to using
the color module instead.

As a side note, between color and screen, I'm not 100% sure that returning
the color_value is the right thing to do if we won't generate the escape
sequences. This should be re-evaluated at a later time, and they should
likely return nil instead.
2018-02-26 04:12:54 +00:00
Kyle Evans
04af422907 lualoader: More argument name expansion, part 2
screen also has some instances, but it also has other cleanup to go with it.
Because of this, I will be committing the screen changes separately.
2018-02-26 04:08:54 +00:00
Kyle Evans
2a11b81090 lualoader: A little more general menu cleanup
Instead of a single-letter parameter ('m'), use something a little more
descriptive and meaningful: 'menudef' ("menu definition") -- these functions
expect to be passed a menudef, so call it what it is.

While here, throw an assertion in that we have a handler for the selected
menu item. This is more of a debugging aide so that it's more obvious when
one is testing a menudef that they've added an entry item that we don't
handle.

This is an improvement over the past behavior of ignoring the unknown menu
entry.
2018-02-26 03:46:17 +00:00
Warner Losh
fcd13be6e2 loader.conf is loader agnostic, so remove 4th references. 2018-02-26 03:16:57 +00:00
Warner Losh
3929cadb65 Take a meat cleaver to defaults/loader.conf
Remove almost all of the _load=XXX options (kept only those relevant
to splash screens, since there were other settings).
Remove the excessively cutesy comment blocks.
Remove excessive comments and replace with similar content
Remove gratuitous blank lines (while leaving some)

We have too many modules to list them all here. There's no purpose in
doing so and it's a giant hassle to maintain. In addition the extra
~500 lines slow this down on small platforms. It slowed it down
so much small platforms forked, which caused other issues...
This is a compromise between those two extremes.
2018-02-26 03:16:53 +00:00
Warner Losh
b6955dfd92 Go back to one loader.conf
We really only need one loader.conf. The other loader.conf was created
because the current one took forever to parse in FORTH. That will be
fixed in the next commit.
2018-02-26 03:16:47 +00:00
Warner Losh
0c38f15ac7 Add NO_OBJ to those directories that don't make anything.
For directories that don't many anything, add NO_OBJ=t just before we
include bsd.init.mk. This prevents them from creating an OBJ
directory. In addition, prevent defs.mk from creating the machine
related links in these cases. They aren't needed and break, at least
on stable, the read-only src tree build.
2018-02-26 03:16:04 +00:00
Kyle Evans
beafe96147 lualoader: Track the menu currently drawn, instead of validity
This cleans up the odd approach to menu drawing. Instead of tracking
validity, we track the menu that was drawn on the screen. Whenever we draw a
menu, we'll set this to that menu.

Anything that invalidates the screen should go ahead and trigger an explicit
redraw, rather than finding a wy to set screen_invalid.

The currently drawn menu is then reset in menu.run as we exit the menu
system, so that dropping to the loader prompt or leaving menu.run() will
just behave as expected without doing redundant work every time we leave a
menu.
2018-02-25 17:02:50 +00:00
Kyle Evans
fe226a72cb lualoader: Invalidate the screen from menu perspective upon mnu exit
In the common case, this will effectively do nothing as the menu will get
redrawn as we leave submenus regardless of whether the screen has been
marked invalid or not

However, upon escape to the loader prompt, one could do either of the
following to re-enter the menu system:

-- Method 1
require('menu').run()

-- Method 2
require('menu').process(menu.default)

With method 1, the menu will get redrawn anyways as we do this before
autoboot checking upon entry. With method 2, however, the menu will not be
redrawn without this invalidation.

Both methods are acceptable for re-entering the menu system, although the
latter method in the local module for processing new and interesting menus
is more expected.
2018-02-25 16:29:02 +00:00
Kyle Evans
22ae8ae1f4 lualoader: Explain deviation from naming guidelines
cli_execute is likely the only exception that we should make, due to it
being a global. We don't really need other globals, so this won't really end
up an epidemic.
2018-02-25 05:14:06 +00:00
Kyle Evans
ca16d83fd4 lualoader: Pull autoboot handling out into menu.run()
There's no reason for autoboot handling to be mixed in with menu processing.
It is a distinct process that should only be done once when entering the
menu system.

menu.process has been modified to take an initial keypress to process and to
only draw the screen initially if it's been invalidated. The keypress is
kind of a kludge, although it could be argued to be a potentially useful
kludge if there are other processes that may need to feed a keypress into
the menu system.
2018-02-25 05:00:54 +00:00
Kyle Evans
28384160a7 lualoader: Pull menu redrawing specifics out of menu.process
In general, every menu redraw is going to require a screen clear and cursor
reset. Each redraw also has the potential to invalidate the alias table, so
we move the alias table being used out into a module variable. This allows
third party consumers to also inspect or update the alias table if they need
to.

While here, stop searching the alias table once we've found a match.
2018-02-25 04:44:45 +00:00
Kyle Evans
da9ab82706 lualoader: Clean up menu handling a little bit
This is driven by an urge to separate out the bits that really only need to
happen when the menu system starts up. Key points:

- menu.process now does the bulk of menu handling. It retains autoboot
  handling for dubious reasons, and it no longer accepts a 'nil' menu to
  process as 'the default'. Its return value is insignificant.
- The MENU_SUBMENU handler now returns nothing. If menu.process has exited,
  then we continue processing menu items on the parent menu as expected.
- menu.run is now the entry point of the menu system. It checks whether the
  menu should be skipped, processes the default menu, then returns.
2018-02-25 04:11:08 +00:00
Kyle Evans
3cd5547b1b lualoader: menu: Terminate final values in tables with a comma 2018-02-25 03:33:25 +00:00
Kyle Evans
e1a8835aa8 lualoader: Don't explicitly index tables without reason
These indices were assigned the same values as they would've been implicitly
assigned anyways.

While here, throw terminating commas after the last value of tables.
2018-02-25 03:30:24 +00:00
Kyle Evans
67eae5035b lualoader: Remove inaccurate part of comment 2018-02-24 20:24:57 +00:00
Kyle Evans
322a2dddba lualoader: Clean up naming conventions a little bit
We mostly use camel case for function names, but some local functions got
mixed in using internal underscores. Doubles down on camel case.
2018-02-24 20:21:21 +00:00
Kyle Evans
ddfae7e314 lualoader: throw out nextboot's usage of standard config processing
It should use the common parser, but it should not be processed like a
standard file. Rewite check_nextboot to read the file in, check whether it
should continue, then parse as needed.

This allows us to throw the recently introduced check_and_halt callback
swiftly out the window.
2018-02-24 20:07:39 +00:00
Kyle Evans
4adde50db2 lualoader: Strip config.parse of its I/O privileges
config.parse is now purely a parser, rather than a whole proccessor. The
standard process for loading a config file has been split out into
config.processFile.

This clears the way for having nextboot read its own config file and decide
there whether it should parse the rest of the file.
2018-02-24 20:00:31 +00:00
Kyle Evans
164b58fdd3 lualoader: Split config file I/O out into a separate function
This is step 1 towards revoking config.parse of it I/O privileges. Ideally,
all reading would be done before config.parse and config.parse would just
take text and parse it rather than being charged with the entire process.
2018-02-24 19:51:18 +00:00
Kyle Evans
eed91cae68 lualoader: Explain nextboot stuff a little bit more 2018-02-24 04:02:06 +00:00
Kyle Evans
d709f254c2 lualoader: Remove unused variable; we now use the effective line number 2018-02-24 03:48:52 +00:00
Kyle Evans
d930cdc295 lualoader: Add comment on trailing space, don't operate on nil
Functionally, the latter error wouldn't necessarily hurt anything. io.write
will just error out as it's not passed a valid file handle. Still, we can do
better than that.
2018-02-24 03:47:04 +00:00
Kyle Evans
483f0a33f3 lualoader: Correct test and name
The functionality was correct, but our style guidelines tend to request that
we shy away from using boolean operations in place of explicit comparisons
to nil.
2018-02-24 03:43:10 +00:00
Kyle Evans
e83d7bf208 lualoader: Plug file handle not properly closed 2018-02-24 03:38:51 +00:00
Kyle Evans
3dcb764877 lualoader: Add nextboot support
config.parse now takes an extra callback that is invoked on the full text of
the config file. This callback dictates where we should actually try to
parse this file or not.

For nextboot, we use this to halt parsing if we see 'nextboot_enable="NO"'.
If we don't, parse it and write 'nextboot_enable="NO" ' to it. The same
caveat as with forth still applies- writing is only supported by UFS.
2018-02-24 03:35:35 +00:00
Kyle Evans
82c85a42b4 liblua: Implement write support
Write support (even if it only works on UFS) will be needed for nextboot
functionality.

Reviewed by:	cem, imp
Differential Revision:	https://reviews.freebsd.org/D14478
2018-02-24 02:57:24 +00:00
Conrad Meyer
061577c5fe libsa: Change write(2)-alike prototype to match definition
Broken in r329879.

Apparently old GCC detects this, but modern GCC didn't.  Mea culpa.

Reported by:	np
Sponsored by:	Dell EMC Isilon
2018-02-24 01:58:53 +00:00
Conrad Meyer
2e7e6fbce5 libsa: Const-ify buffer argument of write(2) analog
Reported by:	kevans
Reviewed by:	delphij, eadler, imp, kevans
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14482
2018-02-23 20:18:09 +00:00
Kyle Evans
1afbc37a1f lualoader: Track effective line number, use it for drawing
Takes into account hidden entries, so that we don't draw blank lines in
place of a hidden item.
2018-02-23 04:12:19 +00:00
Warner Losh
e52cfb3eff Floaty McFloatface is funnier...
Submitted by: emaste@
2018-02-23 04:06:15 +00:00
Warner Losh
ef1fcaf0f5 Do not include float interfaces when using libsa.
We don't support float in the boot loaders, so don't include
interfaces for float or double in systems headers. In addition, take
the unusual step of spiking double and float to prevent any more
accidental seepage.
2018-02-23 04:04:25 +00:00
Warner Losh
ff4cd9bfb1 Centralize lua defines
We need to ensure that we defined Numbers as int64_t everywhere we
build for lua. Previously, we were compiling part of the code with
Numbers as int64_t and part as double. Move lua number definition to a
more-central location
2018-02-23 04:04:03 +00:00
Kyle Evans
9ed6f9efda lualoader: Use "local function x()" instead of "local x = function()"
The latter is good, but the former is more elegant and clear about what 'x'
is. Adopt it, preferably only using the latter kind of notation where needed
as values for tables.
2018-02-23 04:03:07 +00:00
Kyle Evans
ee4e69f1b9 lualoader: shallowCopyTable => deepCopyTable
I called it a shallow copy, but it wasn't really a shallow copy at all.
2018-02-23 03:18:24 +00:00
Kyle Evans
beaafe4f86 Add copyright notice to core.lua
I've also made some not-insignificant changes/additions to this file, to
include the added constants, ACPI changes, boot environment listing, and
some utility functions.
2018-02-23 02:53:50 +00:00
Kyle Evans
72e39d711d Add SPDX tags to lua files 2018-02-23 02:51:35 +00:00
Kyle Evans
5144243aca lualoader: Drop unused return values; we'll only use the first 2018-02-23 02:47:51 +00:00
Kyle Evans
66964bbc36 lualoader: Attend to some 80-col issues, pointed out by luacheck
Graphics have a tendency to cause 80-col issues, so make an exception to our
standard indentation guidelines for these graphics. This does not hamper
readability too badly.

Two 40-column strings of spaces is trivially replaced with
string.rep(" ", 80)
2018-02-22 20:10:23 +00:00
Kyle Evans
b0d9fbf070 Fix userboot w/ ZFS after r329725
r329725 cleaned up ZFS commands duplicated in multiple places, but userboot
was not setting HAVE_ZFS when MK_ZFS != "no". This resulted in a failure to
boot (as seen in PR 226118) in bhyve, with the following message:

/boot/userboot.so: Undefined symbol "ldi_get_size"

PR:		226118
Glanced at by:	imp
2018-02-22 18:49:53 +00:00
Kyle Evans
3c6b387ad1 lualoader: Clear up an empty conditional branch
We will likely uncomment this whole monster in the near future.
2018-02-22 04:30:52 +00:00
Kyle Evans
e2df27e363 lualoader: Address some 'luacheck' concerns
luacheck pointed out an assortment of issues, ranging from non-standard
globals being created as well as unused parameters, variables, and redundant
assignments.

Using '_' as a placeholder for values unused (whether it be parameters
unused or return values unused, assuming multiple return values) feels clean
and gets the point across, so I've adopted it. It also helps flag candidates
for cleanup later in some of the lambdas I've created, giving me an easy way
to re-evaluate later if we're still not using some of these features.
2018-02-22 04:15:02 +00:00
Kyle Evans
011eae6c57 lualoader: Consistently use double quotes 2018-02-22 03:55:02 +00:00
Kyle Evans
4ab039b57f lualoader: Eliminate some unused locals 2018-02-22 03:53:49 +00:00
Kyle Evans
2e4dad82c7 lualoader: Attach cli command functions to cli module
Instead of the global namespace, let's attach these to the cli module. Other
users, including the "local" module, can attach functions to the cli module
at will to add other cli commands and things will still Just Work.

This distills down the candidates for functions that may be invoked via the
cli to a minimal set (boot, autoboot, arguments), rather than any function
that happens to live in the global lua namespace.
2018-02-22 01:57:38 +00:00
Kyle Evans
eca5ca66d0 lualoader: Pull argument extraction for cli functions into cli.arguments
This will be the translation layer for varargs -> cmd_name, argv for cli
commands. We reserve the right to break exactly what the varargs inclulde,
but this gives us a stable way to pull the arguments out of varargs.
2018-02-22 01:44:30 +00:00
Kyle Evans
3e6c7d5436 lualoader: Unbreak 'boot [kernel]' by including config 2018-02-22 01:31:05 +00:00
Kyle Evans
e37f4622df lualoader: Split cli bits out into a cli module
This module will, in the not-so-distant future, grow functionality for
reducing boilerplate in functions that implement cli commands. It will
likely also house most in-tree cli commands.
2018-02-22 01:21:39 +00:00
Marius Strobl
603fe87c56 Fix compilation with LOADER_DEBUG defined after r329725. 2018-02-21 22:24:49 +00:00
Kyle Evans
1ea2995427 lualoader: Remove nasty hack for not printing out ".0"
luaconf.h has a LUA_COMPAT_FLOATSTRING option that may be defined to do this
instead of needing intstring.

Reported by:	Dan Nelson
2018-02-21 21:39:47 +00:00
Kyle Evans
a5e2e5c724 lualoader: Drop password length restrictions
This seems to have been arbitrary; bootlock_password and password don't seem
to have any documented length restrictions, and loader(8) probably shouldn't
care about whatever GELI passphrase length restrictions might exist.

Reported by:	Kalle Carlbark <kalle.carlbark+freebsd@kcbark.net>
2018-02-21 20:17:08 +00:00
Kyle Evans
1f6c6d86e0 lualoader: Replace 8-space indentation with a single tab 2018-02-21 19:56:34 +00:00
Ed Maste
6b6324985a load_elf.c: Use consistent indentation
As noted in D14267 load_elf.c has a variety of indentation styles.  Move
to standard 8 column hard tab indents, 4 space second level indents.
Also includes some whitespace cleanups found by clang-format.
2018-02-21 19:42:54 +00:00
Benno Rice
921b60da6f Further style(9) changes.
Tested by:	objdump -d | md5 (both in-tree clang and lang/gcc6)
2018-02-21 18:32:06 +00:00
Benno Rice
50d519d9fb Purely whitespace changes bringing this file closer to style(9).
Curiously, changing whitespace seems to cause the md5 of the .o files to differ
these days hence the following testing strategy:

Tested by:	objdump -d | md5 (both in-tree clang and lang/gcc6)
2018-02-21 18:10:50 +00:00
Kyle Evans
7dcffa9042 lualoader: Don't execute menu.autoboot() for every opened menu
Attempt to autoboot when we open the default menu, and only when we open the
default menu. This alleviates the need for checking menu.already_autoboot,
because we're not trying to autoboot every time we open a submenu.

I note that escaping to loader prompt and going back to the menu (by running
require('menu').run() at the loader prompt) will happily work and not
re-initiate the autoboot sequence since "Escape to loader prompt" disables
the autoboot_delay.
2018-02-21 17:33:01 +00:00
Kyle Evans
3889e6cd04 lualoader: Make kernel autodetection contingent on loader.conf(5) var
Instead of based it off of whether 'kernels' was specified, base it off of a
new variable: kernels_autodetect. If set to yes, we'll run the autodetection
bits and add any detected kernels to the already existing list *after* both
'kernel' and 'kernels'.
2018-02-21 16:57:03 +00:00
Kyle Evans
7efc058f76 lualoader: Add boot environment support
This looks a little bit differently than the forth version for the time
being, just to get off the ground- rather than a paging system, it's
implemented as a simple carousel like the kernel selector.

Reviewed by:	cem
Differential Revision:	https://reviews.freebsd.org/D14436
2018-02-21 16:50:41 +00:00
Kyle Evans
a39d359d85 stand/zfs: Unbreak build, 'truct' ~= 'struct' 2018-02-21 16:33:08 +00:00
Kyle Evans
97875f4aa9 stand/zfs: Add all bootenvs to environment
For the benefit of lualoader, add all bootenvs to environment when
init_zfs_bootenv is invoked. All of the boot environment logic can then be
implemented in pure lua, rather than going back and forth with C to
implement paging.

This stores all boot environments in bootenvs[idx] and the final count of
bootenvs in bootenvs_count.

While here, make a copy of currdev for init_zfs_bootenv since it will be
modifying it and the caller may not necessarily want that. Some of the logic
was shifted around so that the 'currdev' pointer remains at the beginning of
the string and 'beroot' is moved around as needed to modify it or ultimately
store it in zfs_be_root.

The original zfs_bootenv that this was copied from will be able to go away
only if/when forth eventually goes away.

Tested with:	lualoader (and local changes to add boot env. support)
Tested with:	forth
Reviewed by:	cem (earlier version), imp
Differential Revision:	https://reviews.freebsd.org/D14435
2018-02-21 16:26:16 +00:00
Warner Losh
8f46043b21 Honor settings for including / excluding cd9660, ufs, ext2fs and msdos.
The Makefile gives the impression that ext2fs and msdos were excluded
(they weren't) and that you could exclude cd9660 and ufs support (you
couldn't). Allow those to be excluded.

We need to look, in the future, at trimming the number of supported
filesystems, and this will make that easier.
2018-02-21 15:58:00 +00:00
Warner Losh
4784aef9f5 Consolidate three copies of ZFS commands into a central location.
There's no reason to have multiple copies of lszfs and
reloadbe. Consolidate them into one location. Also ldi_get_size is the
same everywhere (except sparc64). Make it the same everywhere as the
common definition is more general and will work on spar64.
2018-02-21 15:57:36 +00:00
Kyle Evans
12b95c8489 lualoader: Use the key that interrupts autoboot as a menu choice
This matches forth behavior. Hitting "6" when autobooting at the welcome
menu will now take you directly to the "Boot Options" menu.

We likely have some slight optimizations we should make, like not checking
autoboot every time we open a new menu and things of this nature. Further
work will go towards this end.
2018-02-21 14:37:49 +00:00
Kyle Evans
3f4eb56bde lualoader: Don't autodetect kernels if 'kernels' is explicitly set 2018-02-21 14:07:53 +00:00
Kyle Evans
4f437f9eab lualoader: Allow carousel 'items' to be a table as well as a function
We don't have any in-tree users of this, but for a static set of carousel
options having to define a callback is excessive.
2018-02-21 05:04:58 +00:00
Kyle Evans
a51f9f0c48 lualoader: Simplify menu definitions a little further
Allow "name" entries to be simple strings, instead of just functions. We
know whether we support colors or not by the time any of this is setup, so
all menu names that are basically static with colors sprinkled in are good
candidates for simplification.

Also simplify "func" in many cases where it's just invoking another function
with no arguments. The downside to this simplification is that the functions
called can no longer be trivially replaced by a local module. The upside is
that it removes another layer of indirection that we likely don't need.

These can be re-evaluated later if a compelling argument is raised, on a
case-by-case basis, for replacement.
2018-02-21 04:48:37 +00:00
Kyle Evans
9a28f948ee lualoader: Directly reference submenu definition with submenu key 2018-02-21 04:23:13 +00:00
Kyle Evans
dd65496a04 lualoader: Drop name requirement for menu separators 2018-02-21 04:14:32 +00:00
Kyle Evans
20a8167664 lualoader: Add "menu.default", initialized to menu.welcome
The intent here is to abstract away the name of the default menu. The
default menu is still the welcome menu, but this detail doesn't need to
matter to things outside of the menu module. You may change the default
menu, but one would need to modify a specific menu.
2018-02-21 03:37:46 +00:00
Kyle Evans
1d38e553eb lualoader: Return only argstr if with_kernel not requested 2018-02-21 03:06:36 +00:00
Kyle Evans
48230b85ac lualoader: Bring in local.lua module if it exists
Provide a way for out-of-tree users of lualoader to patch into the loader
system without having to modify our distributed scripts.

Do note that we can't really offer any API compatibility guarantees at this
time due to the evolving nature of lualoader right now.

This still has some utility as local modules may add commands at the loader
prompt without relying heavily on lualoader features- this specific
functionality is less likely to change without more careful consideration.

Reviewed by:	cem (earlier version)
Differential Revision:	https://reviews.freebsd.org/D14439
2018-02-21 02:35:13 +00:00
Kyle Evans
d66c741396 lualoader: Output "Failed to parse" messages
I can't find any good reason these aren't enabled, so enable them.

The silent runs will only return false on actual parse errors, so it's ok to
be loud about those failures.
2018-02-21 01:52:42 +00:00
Kyle Evans
062d62c9b3 lualoader: Don't return false for failure to open config on silent parse 2018-02-21 01:50:46 +00:00
Kyle Evans
4955048946 lualoader: Drop explicit boolean tests; b or not b 2018-02-21 01:39:33 +00:00
Kyle Evans
9f71d421c8 lualoader: Drop excessive parenthesizing
This was also a convenience convention (for me) that is not very lua-tic.
Drop it.

I've maintained some parentheses where I'd prefer them, for example,
'if x or y or (z and w) then', but these situations are far and few between.
2018-02-21 01:35:19 +00:00
Kyle Evans
aedd6be5c7 lualoader: Drop terminating semicolons
This was previously chosen out of convenience, as we had a mixed style and
needed to be consistent. I started learning Lua on Friday, so I switched
everything over. It is not a very lua-nic convention, though, so drop it.

Excessive parenthesizing around conditionals is next on the chopping block.
2018-02-21 01:10:03 +00:00
Kyle Evans
e73c944fc0 lualoader: When restoring environment, only restore unchanged vars
Track the latest value we've set an environment variable to, and only
restore those that are unchanged from that.

This gives us some leeway to make sure we're not clobbering variables
overwritten by menu changes.
2018-02-20 22:47:49 +00:00
Kyle Evans
6d3bcc06e2 lualoader: Intercept the 'autoboot' cli command 2018-02-20 21:37:55 +00:00
Kyle Evans
f0cb3b6b25 lualoader: Intercept boot cli command
This should be functional and roughly equivalent to the Forth version.

Stop doing a loadelf() on menu exit now that we can DTRT with boot
invocations. autoboot interception will follow not long after.
2018-02-20 21:32:36 +00:00
Kyle Evans
6d4ed94d98 lualoader: Prepare for interception of "boot" CLI cmd
core.boot and core.autoboot may both take arguments; add a helper to cleanly
append an argstring to the given loader command.

Also provide a popFrontTable() that we'll use pop the command name off of an
argv table. We don't have the table library included, and including it is
non-trivial, so we'll implement this one function that we need in lua for
the time being.
2018-02-20 21:23:01 +00:00
Kyle Evans
df9e50a99c lualoader: Don't try so hard to load a kernel
If the user's selected a kernel, we really should be trying to load that one
instead of falling back to some default kernel.

This should generally be a no-op and most desirable, unless you really
enjoyed surprises.
2018-02-20 21:15:43 +00:00
Kyle Evans
ebddeb04e2 lualoader: Prefer selected kernel to currently loaded 2018-02-20 21:13:21 +00:00
Kyle Evans
62daefa548 lualoader: Replace invalid construct with valid construct
It only worked by coincidence, but it did work. Store varargs in a table
instead and work off of that.
2018-02-20 20:29:41 +00:00
Conrad Meyer
f91f3926e0 loader.lua: Expose errno table to lua
Reviewed by:	kevans
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14454
2018-02-20 19:39:48 +00:00
Kyle Evans
c1ab36f54d lualoader: Ignore ACPI bits on !i386 2018-02-20 19:21:34 +00:00
Kyle Evans
2630b89b56 liblua: Add loader.machine and loader.machine_arch properties
Provisioned from MACHINE/MACHINE_ARCH on the system, expose loader.machine
and loader.machine_arch respectively.

These may be used to hide ACPI option on non-applicable archs.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D14446
2018-02-20 18:24:20 +00:00
Conrad Meyer
f2b32f473e Lua lfs.attributes: Provide a more consistent error return
In the remaining error case, return a 3-tuple consistent with the other
error return case.

Document how to invoke lfs.attributes() and detect/decode error return in
example comments.

Reviewed by:	kevans
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14451
2018-02-20 18:21:30 +00:00
Kyle Evans
2765f3ac26 lualoader: Eliminate global namespace pollution in loader.lua 2018-02-20 18:05:21 +00:00
Kyle Evans
25c4c7a5f3 lualoader: Move carousel storage out into config
Carousel storage doesn't need to happen in the menu module, and indeed
storing it there introduces a circular reference between drawer and menu
that only works because of global pollution in loader.lua.

Carousel choices generally map to config entries anyways, making it as good
of place as any to store these. Move {get,set}CarouselIndex functionality
out into config so that drawer and menu may both use it. If we had more
carousel functionality, it might make sense to create a carousel module, but
this is not the case.
2018-02-20 18:04:08 +00:00
Kyle Evans
afad05b233 lualoader: Add ability to intercept cli commands
If we failed to execute the input line as pure lua, run the command through
parse for consistent argument parsing. Pass the parsed arguments through to
a global "cli_execute" written in Lua, which is expected to either handle it
or pass it back through to interp_builtin_cmd (via loader.command).

lua-handled cli commands will then exist as globals in whatever module they
most belong in, and invocations at the loader prompt will magically dispatch
to them if they exist.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D14450
2018-02-20 17:46:50 +00:00
Warner Losh
a83546e591 Implement loader.command
This is just like loader.perform, except it takes pre-parsed arguments.

Review: https://reviews.freebsd.org/D14448
2018-02-20 17:28:59 +00:00
Kyle Evans
b57465454b stand/lua: Consistently organize modules
We follow pretty closely the following structure of a module:

1. Copyright notice
2. Module requires
3. Module local declarations
4. Module local definitions
5. Module exports
6. return

Re-organize the one-offs (config/drawer) and denote the start of module
exports with a comment.
2018-02-20 14:45:58 +00:00
Kyle Evans
e15abd1f16 stand/lua: Consistently declare local functions at module scope
Declare these adjacent to the local definitions at the top of the module,
and make sure they're actually declared local to pollute global namespace a
little bit less.
2018-02-20 14:36:28 +00:00
Kyle Evans
699578a6b8 stand/lua: Insert helpful comment for drawer.branddefs 2018-02-20 05:12:39 +00:00
Kyle Evans
df74a61f09 stand/lua: Stick a copyright notice on drawer.lua 2018-02-20 05:11:17 +00:00
Kyle Evans
752b2d40e4 stand/lua: Use 'graphic' instead of 'logo' for table depicting graphics
This is a more sensible name that offers less redundancy when referring to
it (vs. logodef.logo). Switch to it while the getting is good.
2018-02-20 05:10:26 +00:00
Kyle Evans
29aa5794d0 stand/lua: Refactor brands into drawer.branddefs 2018-02-20 05:06:11 +00:00
Kyle Evans
bb26c57ded stand/lua: Refactor logos into drawer.logodefs table
This refactor makes it straightforward to add new logos for drawing and
organizes logo definitions in a logical manner.

The graphic to be drawn for each logo may again be modified outside of
drawer, but it must be done on a case-by-case basis as a modification to the
loader_logo.
2018-02-20 04:56:03 +00:00
Kyle Evans
02122e53a8 stand/lua: Reduce exposure of the drawer module
As part of an effort to slowly reduce our exports overall to a set of stable
properties/functions, go ahead and reduce what drawer exposes to others.

The graphics should generally not be modified on their own, but their
position could be modified if additional grahics also need to be drawn.
Export position/shift information, but leave the actual graphic local to
the module.

The next step will be to create a 'menudef' that gets exported instead, with
each entry in the menudef table describing the graphic to be drawn along
with specific positioning information.
2018-02-20 04:23:43 +00:00
Kyle Evans
da56fe38d5 stand/lua: Move drawer.menu_name_handlers further up
As a good candidate for modification, move this table further up in the
module to improve visibility.
2018-02-20 04:11:48 +00:00
Kyle Evans
2413c411f8 stand/lua: Add and use drawer.menu_name_handlers
Pull out specialized naming behavior into drawer.menu_name_handlers. This is
currently only needed for the carousel entry, where naming is based on the
current choice and the menu item purposefully does not store this state.

The setup was designed so that every type can have a special name handler,
and the default action is to simply use the result of entry.name().
2018-02-20 03:58:45 +00:00
Kyle Evans
8d415029e1 stand/lua: Extract menu handlers out into menu.handlers table
This is a bit cleaner than our former method of an if ... else chain of
handlers. Store handlers in the menu.handlers table so that they may be
added to or removed dynamically.

All handlers take the current menu and selected entry as parameters, and
their return value indicates whether the menu processor should continue or
not. An omitted return value or 'true' will indicate that we should
continue, while returning 'false' will indicate that we should exit the
current menu.

The omitted return value behavior is due to continuing the loop being the
more common situation.
2018-02-20 03:40:16 +00:00
Kyle Evans
6f412147b2 stand/lua: Don't set ACPI off just because we can't detect it.
This should unbreak EFI/!i386 cases.

Reported by:	Peter Lei <peter.lei@ieee.org>
2018-02-20 02:03:29 +00:00
Kyle Evans
4b6da14cfa stand/lua: Wrap tuple assignment earlier for readability 2018-02-19 22:56:04 +00:00
Kyle Evans
9a0904b0e0 stand/lua: Cache swapped menu, and don't create locals for swapping
Building the swapped welcome menu (first two items swapped) is kind of a
sluggish, because it requires a full (recrusive) shallow copy of the welcome
menu. Cache the result of that and re-use it later, instead of building it
everytime.

While here, don't create temporary locals just for swapping. The following
is just as good:

x, y = y, x;

Reported by:	Alexander Nasonov <alnsn@yandex.ru> (swapping)
2018-02-19 22:29:16 +00:00
Kyle Evans
21d5bcbe67 stand/lua: Add copyright notice in places
I've made some not-insignificant changes to config, menu, and password bits
of our lua scripts. Add a copyright notice to them to reflect.
2018-02-19 18:11:35 +00:00
Kyle Evans
c851839897 stand/lua: Re-order locals after copyright notice; require comes first 2018-02-19 17:54:22 +00:00
Kyle Evans
1f5696c7fd stand/lua: Round up some more style.lua(9) concerns 2018-02-19 17:51:33 +00:00
Kyle Evans
5c1b516581 stand/lua: Change boot menu items' names when swapped
[Enter] should be moved to the single user menu item when we swap them.

Define a non-standard menu entry function "alternate_name" to use for this
purpose for ultimate flexibility if we change our minds later. When we're
booting single user, make a shallow copy of the menu that we'd normally
display and swap the items and their name functions to use alternate_name
instead. Toggling single user in the options menu and going back to the main
menu will now correctly reflect the current boot setting with the first two
menu options and "[Enter]" will always be on the right one.

This shallow copy technique has the chance of being quite slow since it's
done on every redraw, but in my testing it does not seem to make any obvious
difference.

shallowCopyTable could likely belong better in a general-purpose utility
module, but this (and the key constnats) are the only candidates we have at
the moment so we'll drop it into our core stuff for the moment and consider
re-organization at a later date.
2018-02-19 17:40:19 +00:00
Kyle Evans
e6db469bfa stand/lua: Remove inaccurate comment after r329590
lualoader does a pretty good job of reverting any environment changes now.
It will even wipe out boot_verbose if it's set explicitly in loader.conf(5)
and overwritten in the boot options menu.

Future work will likely change this, as explicit choices made in the menu
should probably override the new loader.conf(5). I don't suspect this will
cause much grief, though, so it is not a high priority until boot
environment support actually lands.
2018-02-19 17:09:29 +00:00
Kyle Evans
ce4a5da5a9 stand/lua: Restore environment upon config reload
This restores environment to whatever defaults we had coming into lualoader.
2018-02-19 17:01:21 +00:00
Kyle Evans
df8a9d464a stand/lua: Track env changes that come in via loader.conf(5)
This will be used when boot environment support lands to make a good-faith
effort to apply any new loader.conf(5) environment settings atop the default
configuration that we started with.
2018-02-19 16:59:28 +00:00
Kyle Evans
fd2b19b3ee stand/lua: Re-wrap menu.lua now that I've added indentation... 2018-02-19 16:42:06 +00:00
Kyle Evans
303253e55c stand/lua: Swap single-/multi- user boot entries as needed 2018-02-19 16:36:29 +00:00
Kyle Evans
2e716cec23 stand/lua: Call menu_entries if it's a function
If we've fetched menu.entries and it turns out it's a function, call it to
get the actual menu entries.

This will be used to swap multi-/single- user boot options if we're booting
single user by default (boot_single="YES" in loader.conf(5)). It can also be
used fairly easily for other non-standard situations.
2018-02-19 16:35:46 +00:00
Kyle Evans
e07fc39c14 stand/lua: Add core.isSingleUserBoot 2018-02-19 16:34:23 +00:00
Kyle Evans
d87577468f stand/lua: Store menu entries in an "entries" table
Instead of directly listing them in menu.welcome and menu.boot_options,
store them at menu.welcome.entries and welcome.boot_options.entries.

This will come into play later when we need to re-order the welcome menu if
boot_single is specified.
2018-02-19 16:25:43 +00:00
Kyle Evans
280e990ba7 stand/lua: Remove some unused local declarations
Menus are actually defined as entries in the 'menu' table. These local
declarations have not been used in the history of our in-tree lua scripts,
so give them the boot.
2018-02-19 15:49:27 +00:00
Kyle Evans
57099121d5 stand/lua: Menu style.lua(9) nits 2018-02-19 15:47:09 +00:00
Kyle Evans
b140d14b02 stand/lua: Rename bootserial for clarity 2018-02-19 15:42:20 +00:00
Kyle Evans
fa4a2394a7 stand/lua: Defer kernel/module loading until boot or menu escape
Loading the kernel and modules can be really slow. Loading before the menu
draws and every time one changes kernel/boot environment is even more
painful.

Defer loading until we either boot, auto-boot, or escape to loader prompt.
We still need to deal with configuration changes as the boot environment
changes, but this is generally much quicker.

This commit strips all ELF loading out of config.load/config.reload so that
these are purely for configuration. config.loadelf has been created to deal
with kernel/module loads. Unloading logic has been ripped out, as we won't
need to deal with it in the menu anymore.

Discussed in part with:	allanjude
2018-02-19 14:21:56 +00:00
Kyle Evans
27dd7ddf99 stand/lua: reload previously loaded kernel at config-load/reload
r329550 introduced config.kernel_loaded. config.load() doesn't provide a
means of overriding the kernel to load, but that likely isn't necessary as
it will not be a common case. When loading the kernel, just attempt to load
the kernel previously loaded and specified in config.kernel_loaded.

If we haven't loaded a kernel yet, config.kernel_loaded will be unset/nil
and the "default"/first kernel found will be loaded. If we've loaded a
kernel, we'll try to load that same kernel again and fallback to the default
kernel if we need to.

This in also in support of upcoming boot environment support.
2018-02-19 03:59:26 +00:00
Kyle Evans
d45913016b stand/lua: Store the loaded kernel as config.kernel_loaded
'nil' means the 'first kernel found in module_path', which is the same
interpretation as passing 'nil' to loadkernel.

Otherwise, it denotes the name of a kernel that we've successfully loaded.
When reloaded later, we will still need to do the full search again to
locate the actual kernel in case things have changed, so just the name is
good enough.

This is in support of upcoming boot environment support. vfs.root.mountfrom
and currdev will be changed, then we will reload configuration and attempt
to reload the currently chosen kernel unless we shouldn't.
2018-02-19 03:52:02 +00:00
Kyle Evans
40bbffdb11 stand/lua: Clear the screen before prompting for passwords
In the worst case scenario, we have no passwords to prompt for and we end up
just clearing the screen twice before we draw the menu or proceed with boot.

In the best case scenario, we don't try drawing password prompts amidst a
bunch of kernel/module loading.
2018-02-19 02:09:10 +00:00
Kyle Evans
ddb76e073e stand/lua: Addres style.lua(9) concern 2018-02-19 02:01:49 +00:00
Kyle Evans
4a4fb4f8d6 stand/lua: Allow menu items to be conditionally (in)visible
This will be used to conditionally show/hide the boot environment menu.
2018-02-19 01:59:41 +00:00
Emmanuel Vadot
ff727b9a1d efi: Do not pad the efi devpath structure
This solve problem when booting with efi on armv7
Reviewed by:	imp, tsoome
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D14415
2018-02-18 11:17:39 +00:00
Kyle Evans
e402cd1307 stand/lua: More style nits, config.lua
Some other points I think we need to be consistent on:
- Spacing around string concatenation (always)
- Test against 'nil' explicitly rather than relying on 'not' for things that
  reasonably won't be returning a boolean. e.g. loader.getenv

Eventually this will all get formalized somewhere.
2018-02-18 01:35:46 +00:00
Kyle Evans
929c9bd077 liblua: Fix missing '}' in lutil.c after r329499 2018-02-18 01:31:18 +00:00
Conrad Meyer
a108046f58 lua loader: Auto detect eligible list of kernels to boot
Reviewed by:	imp, kevans
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14419
2018-02-18 01:16:37 +00:00
Conrad Meyer
77d4be50c9 Lua loader: Add barebones "lfs" module
Add a Lua FileSystem module, an emulation of a subset of the permissively
licensed (MIT) Lua library of the same name[0], to our loader's Lua
environment.

[0]: https://github.com/keplerproject/luafilesystem/

Reviewed by:	kevans
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14418
2018-02-18 01:15:25 +00:00
Conrad Meyer
6771d4a815 interp_lua: Register io/loader with regular Lua module system
Reviewed by:	kevans
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14421
2018-02-18 01:13:58 +00:00
Kyle Evans
faf2ee299c stand/lua: Remove some debugging bits that snuck in... gr... 2018-02-18 01:01:15 +00:00
Kyle Evans
15d8e03c32 stand/lua: Fix module_path handling with multiple kernels
Once we've successfully loaded a kernel, we add its directory to
module_path. If we switch kernels with the kernel selector, we again prepend
the kernel directory to the current module_path and end up with multiple
kernel paths, potentially with mismatched kernel/modules, added to
module_path.

Fix it by caching module_path at load() time and using the cached version
whenever we load a new kernel.
2018-02-18 00:56:12 +00:00
Kyle Evans
7fc96e380a stand/lua: Fix verbiage and some typos
"other_kernel" is decidedly not spelled "other_kern"
2018-02-18 00:44:09 +00:00
Conrad Meyer
b216e997af liblua: Emulate DIR, opendir, fdopendir, closedir
In a similar fashion to FILE, provide thin shims for the standard directory
manipulation functions.

Reviewed by:	imp
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14417
2018-02-17 22:18:39 +00:00
Conrad Meyer
f276951a4d liblua: Clean up io/loader C module registration
Utilize registration APIs Lua provides to make module definition a little
cleaner.

Discussed with:	imp
Sponsored by:	Dell EMC Isilon
2018-02-17 22:17:21 +00:00
Kyle Evans
4afa0076c5 stand/lua: dumpModules => lsModules
rgrimes@ notes that this behavior is more befitting of the latter name than
the former, and I'm inclined to agree.

Reported by:	rgrimes
2018-02-17 14:30:39 +00:00
Kyle Evans
32a5a33ec5 stand/lua: Debugging string snuck in... 2018-02-17 05:53:41 +00:00
Kyle Evans
24a1bd54dc stand/lua: Style pass
These are the style points that I'd like to try and maintain in our lua
scripts:
- Parentheses around conditionals
- Trailing semicolons, except on block terminators
- s:method(...) instead of string.method(s, ...) where applicable

There's likely more, but that'll get hammered out as we continue.
2018-02-17 05:52:25 +00:00
Kyle Evans
c959454232 stand/lua: Check for nil (GELI prompt) 2018-02-17 05:28:06 +00:00
Kyle Evans
11cac43197 stand/lua: Add optional GELI passphrase prompt
Prompt for GELI passphrase when geom_eli_passphrase_prompt has been set to
"YES" in loader.conf(5).

This entailed breaking out the password prompt into its own function that
can be reused between the password compare bits and this prompt that simply
takes the entered password and passes it along in the environment as
kern.geom.eli.passphrase.

I've also added a TODO to re-evaluate later if we want the "password
masking" -- it is currently not functional, so one still can't observe the
length of the password typed at the prompt.
2018-02-17 05:26:28 +00:00
Kyle Evans
18c286a0ac stand/lua: Try to load alternate kernels as directories first
This is the procedure that config.loadkernel tries to go through, but
reloading kernel config didn't use this function. Amend config.loadkernel to
take an optional other_kernel.

While here, be a little more verbose ("Trying to load kernel") so that it's
easy to follow where we've gone wrong.
2018-02-17 05:02:38 +00:00
Kyle Evans
4d290ffb2d stand/lua: Correct test sense, this should have been 'not nil' 2018-02-17 04:46:06 +00:00
Kyle Evans
7104917375 stand/lua: Address some nits
1.) Instead of string.function(s, ...), use s:function(...)
2.) Don't try to concatenate `res`, it was just tested to be nil
3.) Note that "Loading configuration" is configured modules, and be a little
more precise in mentioning what failed ("loading of one or more modules")
2018-02-17 04:43:41 +00:00
Kyle Evans
41e77b5399 stand/lua: Add debug method to dump modules 2018-02-17 04:33:37 +00:00
Kyle Evans
c990f0a990 stand/lua: Correct some trivial errors in config
An empty module_path to start with isn't ideal, but if all modules are
contained within a kernel directory (which is what we just tested) then it
isn't strictly an error. Don't assume that module_path has a value already.

When we fail to load the kernel, printing the result (which is guaranteed to
be nil) is not intended; print the name of the kernel.
2018-02-17 04:22:36 +00:00
Kyle Evans
bcf48a159e stand/lua: Color non-default kernels blue 2018-02-17 04:07:16 +00:00
Kyle Evans
702b460d41 stand/lua: Correct interpretation of autoboot_delay
autoboot_delay=NO is documented to wait for input and *not* autoboot, which
is the exact opposite of the current behavior.

Additionally, autoboot_delay=-1 is documented to disallow the user from
interrupting the boot (i.e. autoboot immediately), which was not previously
honored.

This also fixes the case insensitive comparison to be truly case
insensitive. This is kind of nit-picky, but the previous version would only
accept "no" and "NO".
2018-02-17 03:39:55 +00:00
Kyle Evans
3a0a07d0ea stand/lua: Enable menu autoboot; it seems to work 2018-02-17 03:13:05 +00:00
Kyle Evans
afa61e1c77 stand/lua: Don't set autoboot_delay=NO in menu autoboot sequence
We'll set it later if "Escape to loader prompt" is actually chosen, there's
no need to be setting it here.
2018-02-17 03:12:35 +00:00
Benno Rice
5857eb21be Revert r329269.
I tried to rework a section to fit inside 80 columns but the change ended
up being functional. Back this out so I can readdress.
2018-02-17 00:12:30 +00:00
Kyle Evans
5d1e2f83d0 stand/lua: Make CAROUSEL_ENTRY func parameters consistent with name
We have no need for the index yet, but add it anyways to keep signatures
consistent.
2018-02-16 23:59:50 +00:00
Kyle Evans
84f82e468c stand/lua: Don't reload kernel config if we only have one kernel
Don't move this into config.reload because we may want to force reloads if
/boot changes out from under us later.

As a caution: changing kernels in lualoader at the moment might not be
loading all of your modules (in my testing, at least) from loader.conf(5).
This is a known problem.
2018-02-16 22:57:52 +00:00
Kyle Evans
aefcaa7e85 stand/lua: Don't try to divide by 0; do nothing 2018-02-16 22:51:08 +00:00
Kyle Evans
ef62584580 stand/lua: Allow MENU_RETURN items to have a func, fix escape to prompt 2018-02-16 22:17:30 +00:00
Kyle Evans
5f9d54f4da stand/lua: Use escaped dot instead of single character class 2018-02-16 18:50:06 +00:00
Kyle Evans
901d96e3fb stand/lua: Chop off the decimal for numbers passed to setcursor
Decimals screw up the escape sequence and the cursor will not get set. Right
now this only affects setting the cursor for drawing "Welcome to FreeBSD" --
the resulting number after our (x+(w/2)-9) calculation gets output as
"14.0."

This should be fixed at the interpreter level, rather than here, but this is
not a widespread problem at the moment so we'll fix it up in further work.

Reported by:	David Wolfskill <david@catwhisker.org>
Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D14375
2018-02-16 17:46:07 +00:00
Kyle Evans
1504bce32d stand/lua: Correct usage and acceptance of BACKSPACE/DELETE keys 2018-02-16 17:42:38 +00:00
Mark Johnston
16759360d4 Fix a memory leak introduced in r328426.
ffs_sbget() may return a superblock buffer even if it fails, so the
caller must be prepared to free it in this case. Moreover, when tasting
alternate superblock locations in a loop, ffs_sbget()'s readfunc
callback must free the previously allocated buffer.

Reported and tested by:	pho
Reviewed by:		kib (previous version)
Differential Revision:	https://reviews.freebsd.org/D14390
2018-02-16 15:41:03 +00:00
Kyle Evans
f35b4e7e97 stand/lua: Remove sneaky kernel assignment 2018-02-16 14:59:11 +00:00
Kyle Evans
a7cf056239 stand/lua: Create/use some MENU_ constants where applicable 2018-02-16 14:57:42 +00:00
Kyle Evans
ada26c4a88 stand/lua: Create a "carousel" menu entry type
This is a pre-cursor to boot environment support in lualoader. Create a new
menu item type, "carousel_entry", that generally provides a callback to get
the list of items, a carousel_id for storing the current value, and the
standard name/func functions that an entry has.

The difference between this and a normal menu item, functionally, is that
selecting a carousel item will automatically rotate through available items
and wrap back at the beginning when the list is exhausted.

The 'name' function takes the choice index, current choice, and the list of
choices as parameters so that the menu item can decorate the name freely as
desired.

The 'func' function takes the current choice as a parameter, so it can act
accordingly.

The kernel menu item has been rewritten to use the carousel_entry type as
both an example and initial test of its functionality before it is used for
boot environment options.
2018-02-16 14:39:41 +00:00
Kyle Evans
ecdc734299 stand/lua: Set ACPI's default the proper way (setACPI) 2018-02-16 13:57:43 +00:00
Kyle Evans
39006570a4 stand/lua: Remove a magic number/string (not a trivial literal)
We'll arbitrarily use KEYSTR_ for string representations of non-trivial
characters.
2018-02-16 04:59:21 +00:00
Kyle Evans
e908401285 stand/lua: Say "loader prompt" instead of "lua interpreter"
Noting that we're in lualoader is nice, but it's not a difference we raelly
need to expose to Fred. Re-word it to match the 4th wording and reduce
differences.
2018-02-16 04:50:14 +00:00
Kyle Evans
1666dfc03e stand/lua: Remove explicit alias from "Back to main menu"
This removes a redundant alias that has since been converted into a global
alias. It was converted to a global alias before to ensure that we always
have a way to go up one level in the menu.
2018-02-16 04:45:53 +00:00
Kyle Evans
196ba16663 stand/lua: Allow menu items to not have explicit aliases
This will generally be used for cases like "Back to main menu" that already
have global aliases installed.
2018-02-16 04:44:47 +00:00
Kyle Evans
b1b1f2b8fd stand/lua: Move kernel selection into main menu
This matches the corresponding 4th behavior.
2018-02-16 04:31:09 +00:00
Kyle Evans
27fac8ff4c stand/lua: Consistently use semicolons for line endings 2018-02-16 04:10:10 +00:00
Kyle Evans
6401094f62 stand/lua: Set reasonable ACPI default based on presence
Set it based on hint.acpi.0.rsdp. Initially, hint.acpi.0.disabled will be
respected. "Using System Defaults" will override whether it's explicitly
disabled by hint and re-load it based on whether it's present on the system.

Unlike the 4th version, this is not restricted to x86. I have no strong
reasoning for this, so this is definitely open to change.
2018-02-16 04:03:15 +00:00
Kyle Evans
6a5a7e8a53 stand/lua: Don't descend into an empty kernels submenu
This submenu is likely going to go away in favor of kernel selection as it
is done in forth at the moment, but for the time being don't descend into it
if we have no kernels available for listing.
2018-02-16 03:14:23 +00:00
Kyle Evans
fe672a15db stand/lua: Reduce magic numbers
Enter/backspace values are hardcoded in both the menu and password scripts.
Separate these out to core for reuse between the two.
2018-02-16 03:12:24 +00:00
Warner Losh
fcdb1f0317 Eliminate bsd.stand.mk and -fPIC 32-bit intel builds
OK. We don't really need a bsd.stand.mk, and it was causing a -fPIC
for the toolchain to be added (bogusly) when building on amd64. Pull
all relevant defs back into defs.mk and delete bsd.stand.mk.

This saves about 15-20k on i386 loader and zfsloader which when
combined with Lua give us a lot more stack space in those constrained
environments.
2018-02-16 00:17:32 +00:00
Kyle Evans
c5b86c3b76 libsa: Consolidate tftp sendrecv into net.c sendrecv
bootp/arp/rarp/rpc all use the sendrecv implementation in net.c. tftp has
its own implementation because it passes an extra parameter into the recv
callback for the received payload type to be held.

These sendrecv implementations are otherwise equivalent, so consolidate
them. The other users of sendrecv won't be using the extra argument to recv,
but this gives us only one place to worry about respecting timeouts and one
consistent timeout behavior.

Tested by:	sbruno
Reviewed by:	sbruno, tsoome
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D14373
2018-02-15 19:49:15 +00:00
Kyle Evans
b458bf0da1 stand/lua: Always boot on 'enter' keypress in menus 2018-02-15 18:16:16 +00:00
Kyle Evans
4daa199d7b stand: Fix ubldr after r329190
metadata load files were consolidated in r329190, and these relocation fixup
bits were inadvertently dropped in the process. Re-add them to fix boot with
ubldr.

Glanced over by:	jhibbits
X-MFC-With:	r329190
2018-02-15 15:01:07 +00:00
Kyle Evans
abc4f7e735 stand/lua: Exit sub-menus on backspace 2018-02-14 20:18:23 +00:00
Benno Rice
3283c08f3e Reformat to come significantly closer to style(9).
Reviewed by:		imp, jhibbits
Differential Revision:	https://reviews.freebsd.org/D14366
2018-02-14 18:07:27 +00:00
Emmanuel Vadot
8b75269237 efi: Only scan the BLKIO MEDIA once
Scan only the BLOCK IO MEDIA once instead of each time for each type of
device (fd, cd and hdd).
Leave the mechanism to free and reprobe all devices if one day we want
to implement a "dev rescan" thing.

Reviewed by:	imp, tsoome
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D14334
2018-02-14 18:05:37 +00:00
Kyle Evans
502b7cf99b libsa: Fix IP recv timeout
readip() doesn't, at the moment, properly indicate to callers that it has
timed out. One can tell that it's timed out if errno == EAGAIN when it
returns, but this is not ideal. Restructure it a little bit to explicitly
set errno to ETIMEDOUT if we've exhausted tleft.

I found two places that care about where it timed out or not: sendrecv in
net.c and sendrecv_tftp. Both are structured to pass smaller timeout values
to readip while tracking a larger timeout. Neither of them were able to do
this properly with readip not indicating ETIMEDOUT, so fix it.

While here, straighten out the time (t/t1) usage in sendrecv_tftp.

This would have manifested itself in periodic failures to NFS/TFTP boot for
no apparent reason because MINTMO/MAXTMO were not actually being respected
properly. Problems were not reported with NFS, only TFTP.

Reported by:	sbruno
Reviewed by:	sbruno, tsoome
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D14350
2018-02-14 15:40:13 +00:00
Justin Hibbits
d3e1307bf5 Unify metadata load files for arm, mips, powerpc, sparc64
Summary:
All metadata.c files are very similar, with only trivial changes.  Unify them
into a single common file, with minor special-casing where needed.

Reviewed By: imp
Differential Revision: https://reviews.freebsd.org/D13978
2018-02-13 03:44:50 +00:00
Warner Losh
088b4f5f32 Add the lua scripts from the lua-bootloader SoC
These are the .lua files from from Pedro Souza's 2014 Summer of Code
project. Rui Paulo, Pedro Arthur and Wojciech A. Koszek also
contributed.

Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader
Sponsored by: Google Summer of Code

Improve the SoC lua menu code to bring it in line with forth
menu functionality

Submitted by: Zakary Nafziger
Sponsored by: FreeBSD Foundation

Use loader.setenv and loader.unsetenv instead of loader.perform

Convert from include("/boot/foo.lua") to foo = require("foo");
to bring in line with latest lua module conventions.

Enforce a uniform style for the new .lua files:
	o hard tab indenation for 8 spaces
	o don't have if foo then bar; else bas; end on one line

MFC After: 1 month
Relnotes: yes
Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 15:32:00 +00:00
Warner Losh
7cafeaa1fd Add Lua as a scripting langauge to /boot/loader
liblua glues the lua run time into the boot loader. It implements all
the runtime routines that lua expects. In addition, it has a few
standard 'C' headers that nueter various aspects of the LUA build that
are too specific to lua to be in libsa. Many refinements from the
original code to improve implementation and the number of included lua
libraries. Use int64_t for lua_Number. Have "/boot/lua" be the default
module path. Numerous cleanups from the original GSoC project,
including hacking libsa to allow lua to be built with only one change
outside luaconf.h.

Add the final bit of lua glue to bring in liblua and plug into the
multiple interpreter framework, previously committed.

Add LOADER_LUA option, currently off by default.

Presently, this is an experimental option. One must opt-in to using
this by defining WITH_LOADER_LUA and WITHOUT_FORTH. It's been
lightly tested, so keep a backup copy of your old loader handy.
The menu code, coming in the next commit, hasn't been exhaustively
tested. A LUA boot loader is 60k larger than a FORTH one, which is
80k larger than a no-interpreter one. Subtle changes in size
may tip things past some subtle limit (the binary is ~430k now
when built with LUA). A future version may offer coexistance.

Bump FreeBSD version to 1200058 to mark the milestone.

Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur,
Zakary Nafziger and Wojciech A. Koszek also contributed. Warner Losh
reworked it extensively into its current form.

Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader
Sponsored by: Google Summer of Code
Relnotes: Yes
MFC After: 1 month
Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 15:31:53 +00:00
Roger Pau Monné
12363d8ea3 loader: fix endianness conversion
r328536 broke symbol loading on amd64 at least (and probably other
arches). r328826 contained the problem to ppc only by adding
pre-processors guards.

Fix this properly by moving the endianness conversion to separate
helper functions, and make the conversion more robust by using sizeof
instead of having to manually code the size of each field.

Finally list the fields in each structure in a macro in order to avoid
code repetition.

Sponsored by:		Citrix Systems R&D
Reviewed by:		kib emaste wma
Differential revision:	https://reviews.freebsd.org/D14267
2018-02-09 10:20:16 +00:00
Warner Losh
86411ec1d7 Set script.lang in the environment to either 'forth' or 'simple' to
reflect what scripting language was compiled into the loader. I
anticipate that being able to find this out quickly from the OK prompt
will be useful in troubleshooting in the future.
2018-02-09 00:36:55 +00:00
Warner Losh
11421c37f0 Fix build of userboot.so
Since it's not possible to unset a variable easily, create a new
variable 'PIC' to signal that we are creating a shared object that we
want to install. defs.mk refains from defining NO_PIC and ITNERALLIB
when PIC is defined. This unbreaks userboot.so building.
2018-02-08 22:59:51 +00:00
Warner Losh
16bb6523bc Move to tabs for indentation and to 8-space notches, per style(9).
4 space indentation with a mix of tabs and spaces is a hassle. Update
to project-standard hard-tabs with 8-space indentation in these files.
This matches the new code coming in better as well.
2018-02-08 17:07:27 +00:00
Warner Losh
3a4a3639d2 Move simple interpreter 'perform' into interp.c and call it
interp_builtin_cmd().
2018-02-07 23:27:38 +00:00
Warner Losh
44eebfff73 Fix indentation to FreeBSD standard for interp files 2018-02-07 23:27:25 +00:00
Hans Petter Selasky
05890ca018 Move the stand/usb test loader into its own directory.
Fix its Makefile to build correctly.

MFC after:	1 week
Sponsored by:	Mellanox Technologies
2018-02-07 19:20:59 +00:00
Hans Petter Selasky
9b5cc8a3a5 A more definitions to kernel emulation shim in order to build stand/usb.
MFC after:	1 week
Sponsored by:	Mellanox Technologies
2018-02-07 18:50:36 +00:00
Hans Petter Selasky
0cd0d30a31 Fix relative location of USB sources after recent move.
MFC after:	1 week
Sponsored by:	Mellanox Technologies
2018-02-07 18:49:06 +00:00
John Baldwin
15746ef43a Ignore relocation tables for non-memory-resident sections.
As a followup to r328101, ignore relocation tables for ELF object
sections that are not memory resident.  For modules loaded by the
loader, ignore relocation tables whose associated section was not
loaded by the loader (sh_addr is zero).  For modules loaded at runtime
via kldload(2), ignore relocation tables whose associated section is
not marked with SHF_ALLOC.

Reported by:	Mori Hiroki <yamori813@yahoo.co.jp>, adrian
Tested on:	mips, mips64
MFC after:	1 month
Sponsored by:	DARPA / AFRL
2018-02-05 23:35:33 +00:00
Kyle Evans
003c70ff3c Remove now-unused variable after r328809
Fixed already in stable/11 by r328836 (emaste); remove now-unused variable.
2018-02-04 17:31:50 +00:00
Nathan Whitehorn
861a0b4808 Fix regression introduced in r328806, preventing boot at least on all
PowerPC Apple hardware, and likely all Open Firmware systems.

The loader would allocate memory for its heap at whatever address Open
Firmware gave it, which would in general be the lowest unallocated address,
usually starting a page or two above 0. As the kernel is linked at 1 MB,
and loader insists on running the kernel at its link address, any heap
larger than 1 MB would overlap the kernel, causing loader memory allocations
to corrupt the kernel and vice versa.

Although r328806 made this problem much worse by increasing the heap size
to 8 MB, causing 88% of the loader heap to overlap with the kernel, the
problem has always existed. The old heap size was 1 MB and, unless that
started exactly at zero, which would cause other problems, some number of
pages of the loader heap still overlapped with the kernel.

This patch solves the issue in two ways and cleans up some related code:
- Moves the loader heap inside of the loader. This guarantees that the
  heap will be contiguous with the loader and simplifies the heap
  allocation code at no cost, since the heap lives in BSS.
- Moves the loader, previously at 28 MB and dangerously close to the kernel
  it loads, a bit higher to 44 MB. This has the effect of breaking loader
  on non-embedded PPC machines with < 48 MB of RAM, but we did not support
  those anyway.

The fundamental problem is that the way loader loads ELF files is
incredibly fragile, but that can't be fixed without fundamental
architectural changes.

MFC after:	10 days
2018-02-03 23:49:21 +00:00
Ed Maste
5cca46a92c Make cross-endian loader changes apply only to powerpc
The cross-endian loader change in r328536 (review D12422) broke symbol
loading on (at least) amd64 kernels.  Temporarily paper over the issue
by restricting the cross-endian support to only powerpc, until a proper
fix arrives.

Submitted by:	royger
2018-02-03 01:23:48 +00:00
Warner Losh
c7b46ba446 Implement strcoll as strcmp. 2018-02-02 21:18:32 +00:00
Warner Losh
e240d1cfeb We need more heap space to properly load newer powerpc kernels.
PR: 225323
2018-02-02 19:42:02 +00:00
Warner Losh
891b84a3aa Invent new LDR_INTERP for the loader interpreter to use. Use this in
preference to LIBFICL{,32}. LIBFICL{,32} are now always defined, but
LDR_INTERP{,32} is defined empty when building w/o forth (aka the
simple interpreter) and defined to LIBFICL{,32} when we are building
forth.
2018-02-02 15:40:49 +00:00
Warner Losh
d958e1323d Now that we no longer conditionally compile some files outside of ficl
with BOOT_FORTH, retire it from here.
2018-02-02 15:01:54 +00:00
Warner Losh
c15e695270 Remove pcibios forth support.
I had thought that this would be useful. However it was committed too
late, and wound up being unused. It's in the way of future work now,
so retire it rather than bring it forward.
2018-02-02 15:01:49 +00:00
Warner Losh
b28421d5f1 These 4th words were an attempt to allow integration into the boot
loader scripts. However, that path won't be taken after all it
seems. Remove this code before it decays into uselessness. Also remove
build dependencies on forth no longer needed.
2018-02-02 15:01:44 +00:00
Warner Losh
74bb0b0e9a Retire pnp.4th and the code needed only for 4th words used here.
This has never been installed. It was added to the tree disconnected
to the build in FreeBSD 5 (17 years ago) and has never been used as
far as I can tell. The desired improvements never really happened
(despite a couple minor cleanups along the way). It's relevance is
long past, so better to retire it.
2018-02-02 15:01:33 +00:00
Warner Losh
8299b37f85 Centralize several variables.
MK_CTF, MK_SSP, MK_PROFILE, NO_PIC, and INTERNALLIB are always the
same, so set them in defs.mk. MAN= is common, so set it here too.
This removes a lot of boring repetition from the Makefiles that added
almost no value.
2018-02-02 06:32:26 +00:00
Kyle Evans
7dd7c3d5ee D14130: stand/fdt: Rip out FDT VA tracking
Whether we should be overwriting the loaded FDT module with the 'fixed up'
version or not was questionable when this was added, and now that overlays
are possible this is downright wrong.

Overlays can increase the size of the blob, so writing it back to the
original VA will generally write past the end of the block and start
clobbering other things in memory.

Rip it out- it was questionable to begin with, it's doing bad things now,
and it serves no purpose since the modified blob will be copied into place
rather than relying on this to reflect the changes.

Reviewed by:	gonzo
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D14130
2018-02-01 14:31:12 +00:00
Warner Losh
79a6a17abd Break out the interpreters (simple and forth) w/o ifdefs. This is
akin to what Pedro Souza and Wojciech Koszek did in the lua GSoC with
interp.h, interp_simple.c and changes to interp.c and interp_forth.c,
but completely redone from scratch.

This effectively restores the spirit of r326712 (my first attempt to
bring in Pedro's and Wojciech's work) updated for new requirements
that had silently broke their original work.  This change also differs
by using fixed function names instead of function pointers to simply
things. Only one interpreter at a time may be compiled in.

Also of note: we take a mutable string, pass it in via a const char *
pointer into intrp_forth's interp_run(). We then cast away the const
to pass into ficlExec since ficl would require extensive changes to
properly const-poison. See Sections 6.5.2.5 and 6.7.3 of C11 standard
noting it's only UB if you modify a const object through a non-const
pointer, but not char [] -> const char * -> char * as here.
2018-01-31 22:46:05 +00:00
Warner Losh
3a8a081b9d Update stand.h for changes for strto*l
Move prototypes to proper section now that we don't have modified
versions of strtol and strtoul in libsa. Add prototypes for new
strtoll and strtoull. Use prototypes copied from stdlib.h instead of
the old hand-rolled ones.

(I forgot to move this file form my lua branch in r328613)
2018-01-31 05:07:43 +00:00
Warner Losh
3a7d8294f0 Move libstand.3 to libsa.3. Update libsa.3 to include functions
recently added. More are likely missing.
2018-01-31 04:29:05 +00:00
Warner Losh
afa643ba9a Kill copies of strtol and strtoul. Use the ones that are in libc,
since they suffice. Create xlocale_private.h which provides the most
minimal locale implementation we can get away with. Add strtoll and
strtoull from libc.
2018-01-31 04:29:00 +00:00
Sean Bruno
71e9130584 Add missing non-POWERPC case to give the scr value something non-zero.
This fixes the instant reboot of netbooting after r328536 on x86 systems.

Reviewed by:	peter
Sponsored by:	Limelight Networks
2018-01-30 20:00:12 +00:00
Kyle Evans
e7ca72db2b stand/fdt: Remove unused write-only new_fdtp, correct comment
MFC after:	3 days
2018-01-30 03:31:40 +00:00
Wojciech Macek
8de1ad0b9b loader: support for mixed-endianness ELF/loader and POWER8
On POWER8 with current petitpoot, the loader.kboot might be
run as little-endian application. The FreeBSD kernel is
always big-endian, so the load_elf_* routines must be aware
of proper endianness of all fields.

Submitted by:          Wojciech Macek <wma@semihalf.com>
Obtained from:         Semihalf
Sponsored by:          IBM, QCM Technologies
Differential revision: https://reviews.freebsd.org/D12422
2018-01-29 09:24:28 +00:00
Kyle Evans
1dff72eb82 stand/fdt: Check /compatible property on overlay if it exists
Example overlays seen in other places use a compatible property on root node
of an overlay to specify SOC compatibility. These don't get merged into base
FDT as they're not part of a fragment, but it's expected that consumers of
the overlay may want to check it.

If /compatible on the overlay is missing, just apply it. This is the "I know
what I'm doing" mode for those wanting to whip up a quick overlay and apply
it. An overlay intended for distribution should include /compatible so as
not to break a user's system.

If /compatible on the overlay exists, honor it and cross-check it with
/compatible on the base FDT. If /compatible on the base FDT is missing in
this case, don't apply the overlay rather than risk breaking the system.

Move the COPYOUT of overlay material to before we allocate space for
next_fdtp so that we can avoid the allocation and copy into next_fdtp if we
already know that the overlay can't apply.

This gives way to the possibility of autoloading overlays found in
/boot/overlays, since this provides a means of filtering out overlays not
applicable to the current board.

Reviewed by:	gonzo
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D13969
2018-01-28 03:07:22 +00:00
Kyle Evans
8a613444b5 stand/fdt: Consolidate overlay handling a little further
This should have been done as part of r327350, but due to lack of foresight
it came later. In the different places we apply overlays, we duplicate the
bits that check for fdt_overlays in the environment and supplement that with
any other places we need to check for overlays to load. These "other places"
will be loader specific and are not candidates for consolidation.

Provide an fdt_load_dtb_overlays to capture the common logic, allow passing
in an additional list of overlays to be loaded. This additional list of
overlays is used in practice for ubldr to pull in any fdt_overlays passed to
it from U-Boot environment, but it can be used for any other source of
overlays.

These additional overlays supplement loader.conf(5) fdt_overlays, rather
than replace, so that we're not restricted to specifying overlays in only
one place. This is a change from previous behavior where loader.conf(5)
supplied fdt_overlays would cause us to ignore U-Boot environment, and this
seems nonsensical- user should have sufficient control over both of these
aspects, or lack of control for good reasons.

A knob could be considered in the future to ignore U-Boot supplied overlays,
but the supplemental treatment seems like a good start.

Reviewed by:	imp (earlier version), gonzo (earlier version)
Differential Revision:	https://reviews.freebsd.org/D13993
2018-01-28 01:22:15 +00:00
Warner Losh
47940d8594 Tag unreachable places as such. I left the while (1); in place since
in this context we want to busy wait to stop.

Suggested by: pfg@
2018-01-26 22:22:21 +00:00
Warner Losh
71710c12d6 Make exit() never return until host_exit can be written. 2018-01-26 21:51:13 +00:00
Warner Losh
fe4709c915 BERI isn't BTX, so we don't have to provide exit(). Just remove it
since it's unused.
2018-01-26 21:51:09 +00:00
Warner Losh
39bdddcd8c Now that exit is __dead2, we need to tag ub_exit() as __dead2. To do
that, we have to put a while (1); after the syscall that will never
return to fake out the compiler....
2018-01-26 21:50:59 +00:00
Warner Losh
30883627ed abort() should be marked __dead2 since it won't return. 2018-01-26 17:40:13 +00:00
Warner Losh
24dfa658e4 Provide abs form stdlib.h.
Sponsored by: Netflix
2018-01-26 17:13:09 +00:00
Warner Losh
2b0268cf0d Implement abort() as a call to panic.
Sponsored by: Netflix
2018-01-26 17:13:04 +00:00
Warner Losh
86bb84d576 Split panic routine
Split panic routine so that the 'Hit Any Key to continue' behavior can
be overriden.

Sponsored by: Netflix
2018-01-26 17:13:00 +00:00
Kirk McKusick
dffce2150e Refactoring of reading and writing of the UFS/FFS superblock.
Specifically reading is done if ffs_sbget() and writing is done
in ffs_sbput(). These functions are exported to libufs via the
sbget() and sbput() functions which then used in the various
filesystem utilities. This work is in preparation for adding
subperblock check hashes.

No functional change intended.

Reviewed by: kib
2018-01-26 00:58:32 +00:00
Ed Maste
9b2ff7db9d loader.efi: add missing EFI GUIDs
These were found during bring-up on a new arm64 platform and in an
amd64 VM.

Submitted by:	Arshan Khanifar <arshankhanifar_gmail.com>
Reviewed by:	imp
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D14036
2018-01-25 20:09:51 +00:00
Kyle Evans
13811ec82e stand/fdt: Fallback to name + ".dtbo" if we fail to load name
This behavior also matches a Linux-ism by allowing fdt_overlays to specify
names of overlays without an extension, e.g. fdt-overlays="sunxi-h3-h5-emac"

If we fail to load the file given by a name in fdt_overlays, try again with
".dtbo" appended to it. This still allows overlays to lack .dtbo extension
if user prefers it and just adds a fallback cushion.

Future work could move this from a hard-coded ".dtbo" to a loader.conf(5)
configuration option.

Reviewed by:	gonzo
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D13968
2018-01-23 18:03:13 +00:00
Warner Losh
f9a20b8fc1 There's no tainted data here, tag it as such to avoid the slew of
false positives. The files the boot loader reads are assumed to be
good.

CID: 1006663,1006665,1265013, 1265014 (possibly more)
Sponsored by: Netflix
2018-01-23 18:01:40 +00:00
Warner Losh
e77c9f0c3d getenv does not return tainted data in the boot loader. Attempt to
clue Coverity into that fact.

Sponsored by: Netflix
2018-01-23 18:01:36 +00:00
Warner Losh
4baa8d7ebd On malloc failure, be sure to close the include file that triggered
it.

CID: 1007775
Sponsored by: Netflix
2018-01-23 18:01:32 +00:00
Warner Losh
74ecc44117 Don't leak memory when displaying help.
Right now, we'll leak memory when we display a help topic because we
don't free t, s, d that we've just used when breaking out of the loop.
NB: coverity just reported t, but s and d also leak.

CID: 1007776
2018-01-23 18:01:27 +00:00
Warner Losh
1065f77afb Fix some resource leaks.
Always free dev and fstyp before strduping new values to assign to
them. Free them at the end of the loop. This keeps them from leaking
for mal-formed /etc/fstab lines.

CID: 1007777, 1007778, 1007779
Sponsored by: Netflix
2018-01-23 18:01:17 +00:00
Warner Losh
cec2b30645 Remove extra copy of bootinfo.c. It's a bit rotted copy of the one in
efi/loader.

Differential Review: https://reviews.freebsd.org/D13986
2018-01-19 19:09:17 +00:00
Kyle Evans
62821e5720 stand: Move sections around to fix stand/ build with ld.lld on armv7
When building loader bits, lld fails with the following error:
"ld: error: section: .dynamic is not contiguous with other relro sections"
on both ubldr and EFI loader.

Move .dynamic up to make ld.lld happy, adjust .got as necessary for ubldr.

Tested on:	OrangePi One (ld.lld, ubldr)
Tested on:	Banana Pi-M3 (ld.lld, ubldr)
Tested on:	qemu-armv7 (ld.lld, EFI)
Tested on:	qemu-armv7 (ld.bfd, EFI)
Tested on:	Raspberry Pi 2 (ld.bfd, ubldr) [manu]
Tested on:	Banana Pi-M2 (ld.bfd, ubldr) [manu]
Reviewed by:	andrew, emaste, imp
Differential Revision:	https://reviews.freebsd.org/D13942
2018-01-18 22:46:47 +00:00
Kyle Evans
db180ae55c stand: Add /boot/overlays to allow separation of overlays from base FDT
This matches directory structure used commonly in Linux-land, and it's
cleaner than mixing overlays into the existing module paths. Overlays are
still mixed in by specifying fdt_overlays in loader.conf(5).

Reviewed by:	manu
Differential Revision:	https://reviews.freebsd.org/D13922
2018-01-18 04:58:54 +00:00
Kyle Evans
6780e684d4 libfdt: Update to 1.4.6, switch to using libfdt for overlay support
libfdt highlights since 1.4.3:

- fdt_property_placeholder added to create a property without specifying its
value at creation time
- stringlist helper functions added to libfdt
- Improved overlay support
- Various internal cleanup

Also switch stand/fdt over to using libfdt for overlay support with this
update. Our current overlay implementation works only for limited use cases
with overlays generated only by some specific versions of our dtc(1). Swap
it out for the libfdt implementation, which supports any properly generated
overlay being applied to a properly generated base.

This will be followed up fairly soon with an update to dtc(1) in tree to
properly generate overlays.

MFC note: the <stdlib.h> include this update introduces in libfdt_env.h is
apparently not necessary in the context we use this in. It's not immediately
clear to me the motivation for it being introduced, but it came in with
overlay support. I've left it in for the sake of accuracy and because it's
not harmful here on HEAD, but MFC'ing this to stable/11 will require
wrapping the #include in an `#ifndef _STANDALONE` block or else it will
cause build failures.

Tested on:	Banana Pi-M3 (ARMv7)
Tested on:	Pine64 (aarch64)
Tested on:	PowerPC [nwhitehorn]
Reviewed by:	manu, nwhitehorn
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D13893
2018-01-18 04:39:09 +00:00
John Baldwin
58c4aee0d7 Require the SHF_ALLOC flag for program sections from kernel object modules.
ELF object files can contain program sections which are not supposed
to be loaded into memory (e.g. .comment).  Normally the static linker
uses these flags to decide which sections are allocated to loadable
program segments in ELF binaries and shared objects (including kernels
on all architectures and kernel modules on architectures other than
amd64).

Mapping ELF object files (such as amd64 kernel modules) into memory
directly is a bit of a grey area.  ELF object files are intended to be
used as inputs to the static linker.  As a result, there is not a
standardized definition for what the memory layout of an ELF object
should be (none of the section headers have valid virtual memory
addresses for example).

The kernel and loader were not checking the SHF_ALLOC flag but loading
any program sections with certain types such as SHT_PROGBITS.  As a
result, the kernel and loader would load into RAM some sections that
weren't marked with SHF_ALLOC such as .comment that are not loaded
into RAM for kernel modules on other architectures (which are
implemented as ELF shared objects).  Aside from possibly requiring
slightly more RAM to hold a kernel module this does not affect runtime
correctness as the kernel relocates symbols based on the layout it
uses.

Debuggers such as gdb and lldb do not extract symbol tables from a
running process or kernel.  Instead, they replicate the memory layout
of ELF executables and shared objects and use that to construct their
own symbol tables.  For executables and shared objects this works
fine.  For ELF objects the current logic in kgdb (and probably lldb
based on a simple reading) assumes that only sections with SHF_ALLOC
are memory resident when constructing a memory layout.  If the
debugger constructs a different memory layout than the kernel, then it
will compute different addresses for symbols causing symbols in the
debugger to appear to have the wrong values (though the kernel itself
is working fine).  The current port of mdb does not check SHF_ALLOC as
it replicates the kernel's logic in its existing kernel support.

The bfd linker sorts the sections in ELF object files such that all of
the allocated sections (sections with SHF_ALLOCATED) are placed first
followed by unallocated sections.  As a result, when kgdb composed a
memory layout using only the allocated sections, this layout happened
to match the layout used by the kernel and loader.  The lld linker
does not sort the sections in ELF object files and mixed allocated and
unallocated sections.  This resulted in kgdb composing a different
memory layout than the kernel and loader.

We could either patch kgdb (and possibly in the future lldb) to use
custom handling when generating memory layouts for kernel modules that
are ELF objects, or we could change the kernel and loader to check
SHF_ALLOCATED.  I chose the latter as I feel we shouldn't be loading
things into RAM that the module won't use.  This should mostly be a
NOP when linking with bfd but will allow the existing kgdb to work
with amd64 kernel modules linked with lld.

Note that we only require SHF_ALLOC for "program" sections for types
like SHT_PROGBITS and SHT_NOBITS.  Other section types such as symbol
tables, string tables, and relocations must also be loaded and are not
marked with SHF_ALLOC.

Reported by:	np
Reviewed by:	kib, emaste
MFC after:	1 month
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D13926
2018-01-17 22:51:59 +00:00
Toomas Soome
981887b970 utf8_to_ucs2() should check for malloc failure
utf8_to_ucs2() is calling malloc() without checking the result.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D13933
2018-01-16 20:35:54 +00:00
Warner Losh
082f2fb1a6 Need to free uv after we're done using it.
Reported by: andrew@
Sponsored by: Netflix
2018-01-15 22:17:39 +00:00
Warner Losh
96c4f2c537 Check the return value from utf8_to_ucs2 instead of whether or not uv
is NULL. That's more correct and doesn't depend on the error behavior
of utf8_to_ucs2. In practice, we'll never see this though since we
pass utf8_to_ucs2 a well formed string.

Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D13918
2018-01-15 22:17:34 +00:00
Warner Losh
27d95c1a03 When returning an error and freeing allocated memory from ucs2_to_utf8
and utf8_to_ucs2, be sure to NULL out the return pointer too, rather
than return a pointer to free memory.

Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D13917
2018-01-15 22:17:15 +00:00
Kyle Evans
67a3bb4e34 stand/fdt: Don't leak next_fdtp if we fail to open overlay
MFC after:	1 week
X-MFC-With:	r327991
2018-01-15 18:08:01 +00:00
Andrew Turner
2c18ede691 Fix booting on some arm64 systems after r327879 by fixing the call to
utf8_to_ucs2 in boot1.efi. We need to initialise the ucs2 output string
so it will allocate space, and use the return value to determine if the
call was successful.

Reviewed by:	imp
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D13915
2018-01-15 16:58:07 +00:00
Kyle Evans
e9ca5fa5d7 stand/fdt: don't send clobbered FDT to the kernel
If fdt_overlay_apply fails at some stage to apply the overlay to the base,
both the base and overlay may be in an inconsistent state (some fixups
applied, some phandles adjusted, some symbols merged). These can be bad for
a number of reasons, to include user frustration if some fixups applied and
not others. Fail a little safer by making a clean copy of the base FDT for
every overlay that we can simply discard if things go awry.

This also allows us the luxury of simply discarding overlays if we hit some
kind of memory limit or if they're malformed and extremely large for some
reason. We'll now leave a nice error message indicating that some overlays
could not be applied due to size restrictions and we apply what we can.

I note that our overlay implementation has some flaws that might still leave
your system in an unbootable state even if an overlay applies correctly;
please exercise caution in using overlays until we can swap it out for
libfdt's implementation.

Tested on:	BananaPi-M3 (armv7)
Tested on:	Pine64 (aarch64)
Differential Revision:	https://reviews.freebsd.org/D13709
2018-01-15 05:00:26 +00:00
Warner Losh
1d28802f0c Allow this file to be included
Use simple "foo" rather than "${.CURDIR}/foo" to include Makefile.fat
since the former works when including this Makefile from else
where. Also, use full path from ${BOOTSRC} to the FAT templates for
similar reasons. It doesn't change anything in base FreeBSD, but
allows us to have a custom boot1.efi more easily (though that will be
short-lived for us, it may also be helpful for others).

Sponsored by: Netflix
2018-01-12 17:21:48 +00:00
Warner Losh
31d0558678 Move getsecs() prototype to stand.h from net.h so it can be used
everywhere.

Sponsored by: Netflix
2018-01-12 16:28:51 +00:00
Warner Losh
8d578b39fd Report the boot order and where we are in that boot order. Add
ability to create a boot1.efi that always fails for testing purposes
and failover scenarios.

Sponsored by: Netflix
2018-01-12 15:30:56 +00:00
Warner Losh
1e13416bb9 Add GUID for UEFI boot manager variables.
Sponsoered by: Netflix
2018-01-12 15:30:52 +00:00
Konstantin Belousov
85f794e126 Skip IRELATIVE relocations when loader processes ELF files.
ifuncs can be only called in the (early boot) kernel environment, so
postpone resolving until early stage of the kernel boot.  This commit
is performed in advance to make loaders on most machines updated
before ifuncs appear in the kernels.

Reviewed by:	emaste, jhb
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D13838
2018-01-11 13:57:30 +00:00
John Baldwin
349b6dad63 Use <stand.h> instead of <inttypes.h> and <stdio.h> in boot code.
In the freestanding boot compile environment, standard headers are not
available.  Curiously, only building with clang exposed this as compiles
with external GCC still succeeded.

Sponsored by:	DARPA / AFRL
2018-01-08 18:47:35 +00:00
John Baldwin
9bd8ae10e3 Fix printf missing format variables warnings.
Include the failing kernel file name for errors in beri_elf64_exec().

Sponsored by:	DARPA / AFRL
2018-01-08 18:46:10 +00:00
John Baldwin
9433594417 Define __dmadat after #include'ing ufsread.c.
The __dmadat variable is a statically allocated I/O buffer.  The type is
declared in the ufsread.c source file and clang warns if a variable is
defined before it's type is declared.

Sponsored by:	DARPA / AFRL
2018-01-08 18:44:36 +00:00
Warner Losh
388199e5bb Invent new #defines for the biospci_{read,write}_config function to
specify the width and use them everywhere.

Sponsored by: Netflix
2018-01-06 06:00:45 +00:00
Sean Bruno
cb1103025d Handle misconfigured/nonexistent pcidev for comconsole instead of BTX panic.
PR:		203319
Reviewed by:	imp jhb
MFC after:	2 weeks
Sponsored by:	Limelight Networks
Differential Revision:	https://reviews.freebsd.org/D13776
2018-01-05 23:50:50 +00:00
John Baldwin
48ccf80238 Use 'extern uint8_t' instead of 'extern void' for external symbols.
The beri boot loaders depend on symbols defined in linker scripts or
assembly files.  The boot loaders do not care about the type of these
symbols but just want to extract a pointer to them.  Older versions of
GCC permitted external symbols to be declared of type 'void' and then
'&foo' generated a void pointer to the memory at the symbol's address.
However, void objects are not valid C and newer versions of GCC error if
these are used.  Instead, declare these symbols as being bytes (or
an array of bytes in the cheri_sdcard_vaddr case).

Sponsored by:	DARPA / AFRL
2018-01-03 17:40:51 +00:00
John Baldwin
a9ca11cb39 Don't clobber system LDFLAGS for beri boot loaders.
Prior to r325114, bsd.init.mk was included after assignments to CFLAGS and
LDFLAGS in these Makefiles.  After r325114, bare assignments (= rather than
+=) lost system-assigned default values that are needed when compiling with
an external toolchain.  CFLAGS in both Makefiles already uses +=.  This
commit changes LDFLAGS to use +=.  While here, depend on the LDFLAGS update
in the parent Makefile.inc to set -nostdlib.

Sponsored by:	DARPA / AFRL
2018-01-03 17:35:38 +00:00
Ian Lepore
b6f4732cb3 Add a validbcd() routine that uses the bcd2bin_data[] array and returns a
bool indicating whether the input value represents a valid BCD byte.

The existing bcd2bin() routine will KASSERT if asked to convert a bad value,
but sometimes the kernel has to handle BCD data from untrusted sources, so
this will provide a mechanism to validate data before attempting conversion.

This would be have easier/cleaner if the bcd2bin_data[] array contained an
out-of-range value (such as 0xff) in the infill locations that aren't valid,
but it's a global symbol that might be referenced by out-of-tree code
relying on the current scheme, so I'm leaving that alone.
2017-12-31 22:43:24 +00:00
Kyle Evans
24888292cd stand/fdt: Make fdt_overlay_apply signature-compatible with libfdt
libfdt will assume a writable fdt overlay blob has been passed in, so make
ours compatible to allow easier review when we try to drop libfdt into
place. overlay from the calling context is writable, making it safe to
simply rip out everything related to copying the overlay blob in
fdt_overlay_apply.

I note here that we still have problems: fdt_overlay_apply, both our version
and libfdt's, may fail and have already clobbered the base fdt to some
extent. Future work will make sure we don't apply a potentially bogus fdt,
instead discarding the base fdt if we had an error.

Reviewed by:	gonzo
Differential Revision:	https://reviews.freebsd.org/D13695
2017-12-31 05:22:26 +00:00
Nathan Whitehorn
3159111ed6 Garbage-collect loader.ps3. It is currently disconnected from the build and
is superseded by either direct loading of the kernel by petitboot (soon to
become the installer default) or loader.kboot.
2017-12-30 20:27:13 +00:00
Kyle Evans
37cb59c8ac libsa: Pull in strnlen from libc
strnlen is not used at the moment, but it will be when libfdt gets updated.
Prepare for the not-so-distant future by pulling in strnlen.

Noticed because:	segfault in ld.bfd due to strnlen missing
2017-12-30 07:03:52 +00:00
Kyle Evans
d2084bf608 stand/fdt: Swap libfdt include order
libfdt.h should be included before fdt.h, as hinted at by all of libfdt/;
standard include order being libfdt.h, libfdt_env.h, fdt.h.

The current include order also causes problems when libfdt gets updated, as
fdt.h requires some definitions from libfdt.h.

Differential Revision:	https://reviews.freebsd.org/D13688
2017-12-30 06:53:27 +00:00
Warner Losh
8701bb8fae Fix ubldr. uboot/lib uses defines for the loader. It's part of the
loader, but not compile as loader (it's building a library), so we
can't just include loader.mk for the defines. Move LOADER_DISK_SUPPORT
back to defs.mk for the moment.

Sponsored by: Netflix
2017-12-29 18:08:35 +00:00
Kyle Evans
06d6750e0d stand/fdt: Consistently apply fdt_overlays
Overlays were previously not applied when U-Boot provides FDT or EFI
provides FDT, only when we load FDT from /boot/dtb given name from U-Boot.

Make all three paths lead to loading fdt_overlays and applying them, so that
fdt_overlays can be expected to Just Work.

Reviewed by:	gonzo, imp, manu
Differential Revision:	https://reviews.freebsd.org/D13664
2017-12-29 18:08:30 +00:00
Kyle Evans
5c0700f692 stand/fdt: Avoid bailout when dtbo has no fixups
In the case of a simple dtbo where fragment uses target-path and the overlay
contains no references, /__fixups__ will not be included by either our dtc
or dtc from ports, but the file still has valid fragments to be applied.

Additional testing found that /__symbols__ might also be omitted if it's
empty, which is not necessarily an error.

Reviewed by:	gonzo, imp
Differential Revision:	https://reviews.freebsd.org/D13663
2017-12-28 21:12:27 +00:00
Kyle Evans
a609d03b04 stand/fdt: Fix loading of multiple fdt_overlays
fdt_load_dtb_overlays was written to unload previous overlay when a new
valid one is come across. fdt_apply_overlays further down is written to
iterate over all .dtbo's currently loaded and apply them one-by-one. Correct
fdt_load_dtb_overlays to stop dropping valid overlays that were previously
loaded and match expectations.

Reviewed by:	gonzo, imp
Differential Revision:	https://reviews.freebsd.org/D13659
2017-12-28 21:09:36 +00:00
Michael Zhilin
5e6e2d38c1 [boot/efi] scan all display modes rather than sequential try-fail way
This patch allows to scan all display modes in boot1 as loader does.

Before system tried to select optimal display mode by sequential scan of
modes and if error then stop scanning. This way is not good, because
if mode N is not present, mode N+1 may exist.

In loader we use conout->Mode->MaxMode to identify maximum number of modes.
This commit is to use same way in boot1 as in loader.

Reported by:	Andrey Pustovetov <andrey.pustovetov@gmail.com>
Reviewed by:	tsoome
Differential Revision:	https://reviews.freebsd.org/D13541
2017-12-21 12:21:35 +00:00
Warner Losh
fc1340fb40 No need to use relative paths like this here.
Sponsored by: Netflix
2017-12-19 04:06:07 +00:00
Warner Losh
ca481bffc2 Hoist btx include stuff to i386/Makefile.inc
Sponsored by: Netflix
2017-12-19 04:06:02 +00:00
Warner Losh
6bc860372d Interact is always called with NULL. Simplify code a little by
removing this argument, and expanding when rc is NULL. This
effectively completes the back out of custom scripts for tftp booted
loaders from r269153 that was started in r292344 with the new path
tricks that obsoleted it.

Submitted by: Netflix
2017-12-19 04:05:55 +00:00
Warner Losh
0ff3f28b2d Simplify things a little. The RETURN macro isn't required. It's only
used once, inside an #ifdef where it would be defined to be return.

Sponsored by: Netflix
2017-12-19 04:05:43 +00:00
Warner Losh
76a8f5b0be libficl is only ever used in a loader (never a boot) program. Move it
to loader.mk.

Sponsored by: Netflix
2017-12-18 04:51:45 +00:00
Warner Losh
25c2f4cb95 Move loader help file definitions to being 100% inside of loader.mk.
HELP_FILES is a loader only thing, so move it to loader.mk. Only
generate the help file if HELP_FILES is defined. Adjust Makefiles to
new convention. Fix a few cases where ${.CURDIR}/ was missing
resulting in missing bits from the help files.

Sponsored by: Netflix
2017-12-18 04:51:34 +00:00
Warner Losh
4927bbce9d Move loader-only defines to loader.mk from defs.mk
Produces the same .o's, verified with md5.

Sponsored by: Netflix
2017-12-16 21:33:21 +00:00
Warner Losh
6562843997 Remove the 'mini libstand in libstand' that util.[ch] provided. These
weren't needed, and their existance interfered with things in subtle
ways. One of these subtle ways was that malloc could be different
based on what files were included when (even within the same .c file,
it turns out). Move to a single malloc implementation as well by
adding the calls to setheap() to gptboot.c and zfsboot.c. Once upon a
time, these boot loaders strove to not use libstand. However, with the
proliferation of features, that striving is too hard for too little
gain and lead to stupid mistakes.

This fixes the GELI-enabled (but not even using) boot environment. The
geli routines were calling libstand malloc but zfsboot.c and gptboot.c
were using the mini libstand malloc, so this failed when we tried to
probe for GELI partitions. Subtle changes in build order when moving
to self-contained stand build in r326593 toggled what it used from one
type to another due to odd nesting of the zfs implementation code that
differed subtly between zfsloader and zfsboot.

Sponsored by: Netflix
2017-12-15 23:16:53 +00:00
Warner Losh
9a7c084993 Panic in sbrk if setheap hasn't been called yet. This is preferable to
a mysterious crash.

Sponsored by: Netflix
2017-12-15 23:16:47 +00:00
Warner Losh
65b8a300df Revert r326855: Cargo cut a fix for the regressions r326585 caused.
This was an experiment that landed in the wrong branch and was pushed
accidentally. It's best if it is ignored because the difference was
due to vers.o being different, not float.o... And it was confirmed to
not fix anything...

Pointy Hat to: imp
2017-12-14 18:57:17 +00:00
Warner Losh
86375a7ea9 Turn loader GELI support in the boot loaders off by default as a
temporary workaround. This fixes zfs booting generally, but breaks all
GELI booting by default. Add note to UPDATING to this effect. When the
GELI issues are resolved, this will be reverted.
2017-12-14 17:00:24 +00:00
Warner Losh
bcee07a1af Fix comments after bump in size. 2017-12-14 16:51:43 +00:00
Warner Losh
108bcd504e Cargo cut a fix for the regressions r326585 caused.
We need to include ficl.h after the standard includes, rather than
before them. It changes the generated code in ways that haven't been
completely analyized. This restores the old code generation (as
verified by md5 changing back for zfsloader).

This should restore GPT + ZFS and GPT + ZFS + GELI booting that was
broken in r326585 (or would have been if r326584 hadn't broken the
build).

Sponsored by: Netflix
2017-12-14 16:51:26 +00:00
Toomas Soome
9f9b430b19 libefi: make efichar.h more usable in stand code
Use _STANDALONE for guard expression in efichar.[ch] and add efi_char typedef.
clean up boot1.c, and replace for loop in efipart.c with ucs2len().

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D13488
2017-12-14 16:41:52 +00:00
Warner Losh
ba25195ebf Revert r326792, r326784, r326772, r326712
Something subtle is creating problems for disk access on ubldr. Back
it out unti that can be sorted out.

Sponsored by: Netflix
2017-12-12 22:06:22 +00:00
Antoine Brodin
435680d2d8 Attempt to unbreak buildworld 2017-12-12 09:46:53 +00:00
Warner Losh
2ccd1dd900 Revert part of 362772. It was causing problems for includes and making
the menus disappear.

Sponsored by: Netflix
2017-12-11 23:15:43 +00:00
Warner Losh
c83457486b Fix regression with lua import
Don't print when we can't find a file. Copy it instead to the error
buffer. Higher level routines determine if it's appropriate to print
the error message.

Also, remove dead code (labeled bogusly lost functionality) since we
never used that functionality. Remove unused arg from interact() too.

Sponsored by: Netflix
2017-12-11 16:18:05 +00:00
Warner Losh
5ba722fe30 Fix a comment to be more accurate 2017-12-11 14:47:23 +00:00
Ian Lepore
5fa28b3d97 When building for arm arches, set PKGALIGN to the max cache line size
supported by the arch, to meet u-boot's requirement that I/O be done
in cache-aligned chunks.

PR:		223977
2017-12-10 23:06:45 +00:00
Ian Lepore
12b92a343c Save and restore r9 register in arm ubldr. In old gcc 4.2, r9 was a callee-
saved register, but in arm EABI it may be either callee-saved or dedicated
to some special purpose (such as a TLS pointer).  It appears clang does not
treat it as a callee-saved register (instead using it as another work
register, similar to r12).

Another important side effect of these changes is that saving an extra
register in the push/pop statements keeps the stack aligned to an 8-byte
boundary during the self_reloc() call, as it always should have been.

As stated in the PR...

Essentially the important caller-saved registers are pushed (r0, r1, r9, lr)
before the relocation call, and popped after.  Then r8/r9 are saved as usual
for the syscall trampoline, and lr is stored in r8 (now free) as a
callee-saved value before calling into `main`.

The call to `main` can no longer be a tail call because we must restore r9
especially after main returns (although since we have used r8 to hold lr we
must also restore this).

PR:		224008
2017-12-10 21:51:27 +00:00
Warner Losh
29374678a6 This path belongs in ficl/Makefile, not the common defines for users
of ficl.

Sponsored by: Netflix
2017-12-08 22:19:41 +00:00
Warner Losh
f0408ed054 boot1.c needs EFI_ZFS_BOOT too, so add it globally. Otherwise we'll
not be able to actually read ZFS partitions.

Submitted by: kevans@
2017-12-08 19:57:26 +00:00
Warner Losh
fb5af39a82 Create interp class.
Create an interp class. Use it to separate out the different types of
interpreters: forth and simple with function pointers rather than
via #ifdefs.

Obtained from: lua boot loader project
    (via https://bsdimp@github.com/bsdimp/freebsd.git lua-bootloader)
Sponsored by: Netflix
2017-12-08 19:57:16 +00:00
Warner Losh
bd04a914bc Const poison a couple of interfaces.
Obtained from: lua boot project
Sponsored by: Netflix
2017-12-08 19:57:11 +00:00
Warner Losh
c5095910a0 Put the files we're copying over into a few variables and add them to
CLEANDIRS and CLEANFILES so make clean removes any divots.

Sponsored by: Netflix
2017-12-08 19:57:06 +00:00
Warner Losh
6856cf6893 Provide implementations for iscntrl, ispunct and isgraph.
Sponsored by: Netflix
2017-12-08 19:57:02 +00:00
Warner Losh
c008ab0879 Remove _KERNEL hack now that errno.h does the right thing when
_STANDALONE is defined.

Sponsored By: Netflix
2017-12-08 19:56:57 +00:00
Warner Losh
49cb01302c Add partial support signal.h functioanlity. Pull in machine/signal.h
to define sig_atomic_t.

Sponsored by: Netflix
2017-12-08 19:56:35 +00:00
Mark Johnston
2dbeaed483 Avoid setting -Wno-tentative-definition-incomplete-type with gcc.
No version of gcc that I've tried accepts this flag.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D13415
2017-12-07 22:11:23 +00:00