24 Commits

Author SHA1 Message Date
Simon J. Gerraty
8df8b2d3e5 Enable veriexec for loader
This relies on libbearssl and libsecureboot
to verify files read by loader in a maner equivalent
to how mac_veriexec

Note: disabled by default.
Use is initially expected to be by embeded vendors

Reviewed by:	emaste, imp
Sponsored by:	Juniper Networks
Differential Revision:	D16336
2019-02-26 06:22:10 +00:00
Kirk McKusick
88640c0e8b Create new EINTEGRITY error with message "Integrity check failed".
An integrity check such as a check-hash or a cross-correlation failed.
The integrity error falls between EINVAL that identifies errors in
parameters to a system call and EIO that identifies errors with the
underlying storage media. EINTEGRITY is typically raised by intermediate
kernel layers such as a filesystem or an in-kernel GEOM subsystem when
they detect inconsistencies. Uses include allowing the mount(8) command
to return a different exit value to automate the running of fsck(8)
during a system boot.

These changes make no use of the new error, they just add it. Later
commits will be made for the use of the new error number and it will
be added to additional manual pages as appropriate.

Reviewed by:    gnn, dim, brueffer, imp
Discussed with: kib, cem, emaste, ed, jilles
Differential Revision: https://reviews.freebsd.org/D18765
2019-01-17 06:35:45 +00:00
Warner Losh
16633f3a2d Move LUA_ROOT to /boot/lua
While this is mostly unused today, this is a better place than
/usr/local/lua.
2018-10-28 02:57:50 +00:00
Kyle Evans
3078173c8d lualoader: Improve module loading diagnostics
Some fixes:

- Maintain historical behavior more accurately w.r.t verbose_loading;
  verbose_loading strictly prints "${module_name...}" and later "failed!"
  or "ok" based on load success
- With or without verbose_loading, dump command_errbuf on load failure.
  This usually happens prior to ok/failed if we're verbose_loading

Reviewed by:	imp
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D17694
2018-10-25 02:14:35 +00:00
Kyle Evans
e112e9d255 MFV r337586: lua: Update to 5.3.5
Bugfix release, nothing too major.

Tested with:	lualoader via userboot, lualoader live
Differential Revision:	https://reviews.freebsd.org/D16665
2018-08-14 18:58:01 +00:00
Warner Losh
eddbdee83d For our INT64 implementation, we can compare integers and numbers
directly because they are the same thing.

Reviewed by: kevans@
2018-08-14 18:45:25 +00:00
Warner Losh
e4eef18848 Use M. Warner Losh everywhere on my copyrights.
Remove 'All Rights Reserved' where I can.
2018-05-01 16:29:22 +00:00
Kyle Evans
697f127dd6 lualoader: Expose loader.parse and add cli_execute_unparsed
This will be used for scenarios where the command to execute is coming in
via the environment (from, for example, loader.conf(5)) and is thus not
necessarily trusted.

cli_execute_unparsed will immediately be used for handling
module_{before,after,error} as well as menu_timeout_command. We still want
to offer these variables the ability to execute Lua-intercepted loader
commands, but we don't want them to be able to execute arbitrary Lua.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D14580
2018-03-07 18:25:27 +00:00
Kyle Evans
dc4e028468 liblua: Add loader.interpret
This allows lua to pass back a command string to be executed as if it were
typed at the loader prompt- loader tries to execute the string first as pure
lua, then parses it and gives lua a chance to intercept before it tries to
execute it itself.

This will be used to implement menu_timeout_command, among other things,
which *should* be used to execute basic loader commands independent of the
chosen interpreter.
2018-03-03 17:13:12 +00:00
Kyle Evans
a16664ce8c liblua: Use putc instead of printf for printc
printc does not need the features or the overhead of printf. It does not
take formatting strings, and it pipes the single string argument through an
"%s" format.

Instead, use putc directly. This pipes the string through in its entirety as
a series of 'unsigned char's, generally straight to the console emulator.

Discussed with:	tsoome
2018-03-02 16:31:23 +00:00
Kyle Evans
59cccc5bce lualoader: Register loader.printc as global printc 2018-03-02 15:46:22 +00:00
Kyle Evans
82c85a42b4 liblua: Implement write support
Write support (even if it only works on UFS) will be needed for nextboot
functionality.

Reviewed by:	cem, imp
Differential Revision:	https://reviews.freebsd.org/D14478
2018-02-24 02:57:24 +00:00
Warner Losh
ff4cd9bfb1 Centralize lua defines
We need to ensure that we defined Numbers as int64_t everywhere we
build for lua. Previously, we were compiling part of the code with
Numbers as int64_t and part as double. Move lua number definition to a
more-central location
2018-02-23 04:04:03 +00:00
Kyle Evans
1ea2995427 lualoader: Remove nasty hack for not printing out ".0"
luaconf.h has a LUA_COMPAT_FLOATSTRING option that may be defined to do this
instead of needing intstring.

Reported by:	Dan Nelson
2018-02-21 21:39:47 +00:00
Conrad Meyer
f91f3926e0 loader.lua: Expose errno table to lua
Reviewed by:	kevans
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14454
2018-02-20 19:39:48 +00:00
Kyle Evans
2630b89b56 liblua: Add loader.machine and loader.machine_arch properties
Provisioned from MACHINE/MACHINE_ARCH on the system, expose loader.machine
and loader.machine_arch respectively.

These may be used to hide ACPI option on non-applicable archs.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D14446
2018-02-20 18:24:20 +00:00
Conrad Meyer
f2b32f473e Lua lfs.attributes: Provide a more consistent error return
In the remaining error case, return a 3-tuple consistent with the other
error return case.

Document how to invoke lfs.attributes() and detect/decode error return in
example comments.

Reviewed by:	kevans
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14451
2018-02-20 18:21:30 +00:00
Warner Losh
a83546e591 Implement loader.command
This is just like loader.perform, except it takes pre-parsed arguments.

Review: https://reviews.freebsd.org/D14448
2018-02-20 17:28:59 +00:00
Kyle Evans
929c9bd077 liblua: Fix missing '}' in lutil.c after r329499 2018-02-18 01:31:18 +00:00
Conrad Meyer
77d4be50c9 Lua loader: Add barebones "lfs" module
Add a Lua FileSystem module, an emulation of a subset of the permissively
licensed (MIT) Lua library of the same name[0], to our loader's Lua
environment.

[0]: https://github.com/keplerproject/luafilesystem/

Reviewed by:	kevans
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14418
2018-02-18 01:15:25 +00:00
Conrad Meyer
6771d4a815 interp_lua: Register io/loader with regular Lua module system
Reviewed by:	kevans
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14421
2018-02-18 01:13:58 +00:00
Conrad Meyer
b216e997af liblua: Emulate DIR, opendir, fdopendir, closedir
In a similar fashion to FILE, provide thin shims for the standard directory
manipulation functions.

Reviewed by:	imp
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14417
2018-02-17 22:18:39 +00:00
Conrad Meyer
f276951a4d liblua: Clean up io/loader C module registration
Utilize registration APIs Lua provides to make module definition a little
cleaner.

Discussed with:	imp
Sponsored by:	Dell EMC Isilon
2018-02-17 22:17:21 +00:00
Warner Losh
7cafeaa1fd Add Lua as a scripting langauge to /boot/loader
liblua glues the lua run time into the boot loader. It implements all
the runtime routines that lua expects. In addition, it has a few
standard 'C' headers that nueter various aspects of the LUA build that
are too specific to lua to be in libsa. Many refinements from the
original code to improve implementation and the number of included lua
libraries. Use int64_t for lua_Number. Have "/boot/lua" be the default
module path. Numerous cleanups from the original GSoC project,
including hacking libsa to allow lua to be built with only one change
outside luaconf.h.

Add the final bit of lua glue to bring in liblua and plug into the
multiple interpreter framework, previously committed.

Add LOADER_LUA option, currently off by default.

Presently, this is an experimental option. One must opt-in to using
this by defining WITH_LOADER_LUA and WITHOUT_FORTH. It's been
lightly tested, so keep a backup copy of your old loader handy.
The menu code, coming in the next commit, hasn't been exhaustively
tested. A LUA boot loader is 60k larger than a FORTH one, which is
80k larger than a no-interpreter one. Subtle changes in size
may tip things past some subtle limit (the binary is ~430k now
when built with LUA). A future version may offer coexistance.

Bump FreeBSD version to 1200058 to mark the milestone.

Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur,
Zakary Nafziger and Wojciech A. Koszek also contributed. Warner Losh
reworked it extensively into its current form.

Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader
Sponsored by: Google Summer of Code
Relnotes: Yes
MFC After: 1 month
Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 15:31:53 +00:00