Commit Graph

1287 Commits

Author SHA1 Message Date
Toomas Soome
dfdeb45425 zfsboot: cstyle cleanup
No functional changes intended.

Sponsored by:	Netflix, Klara Inc.
2020-06-14 20:57:24 +00:00
Toomas Soome
7f3d93b55b loader.efi: update console after gfx mode change
The gfx mode change should be coordinated with console setup.
2020-06-14 10:13:40 +00:00
Simon J. Gerraty
005ff484b9 Minor cleanup of initialized variables
Sort the list and cleanup trailing white-space

Reviewed by:	stevek
MFC after:	1 week
2020-06-12 21:48:46 +00:00
Andrew Turner
0e281c4f0d Fix the efi serial console in the Arm models.
On some UEFI implementations the ConsOut EFI variable is not a device
path end type so we never move to the next node. Fix this by always
incrementing the device path node pointer, with a sanity check that
the node length is large enough so no two nodes overlap.

While here return failure on malloc failure rather than a NULL pointer
dereference.

Reviewed by:	tsoome, imp (previous version)
Sponsored by:	Innovate UK
Differential Revision:	https://reviews.freebsd.org/D25202
2020-06-10 09:31:37 +00:00
Simon J. Gerraty
eff7aa697e loader: install allow for more complete device spec in url
Rework to simplify and impose sane url syntax.
That is we allow for file://[devname[:fstype]]/package

Reviewed by:	stevek
MFC after:	1 week
Sponsored by:	Juniper Networks
Differential Revision: https://reviews.freebsd.org//D25134
2020-06-08 18:13:38 +00:00
Kyle Evans
48260b4b53 lualoader: drop the filename and word "LUA" from errors
The filename is nearly always wrong since it's /boot/lua/loader.lua, which
is not useful for diagnostics. The actual errmsg will include a lua filename
if this is relevant.

Dropping "LUA" while we're here because that's almost universally
irrelevant to whatever error follows, unless the error states that it's
actually a lua problem.

Both of these are minor nits that just detract from identifying the
pertinent information.

MFC after:	3 days
2020-06-03 18:29:32 +00:00
Mitchell Horne
cadd7992e2 gptboot.efi: align secbuf to 4K
The u-boot EFI implementation of the ReadBlocks and WriteBlocks methods
requires that the provided buffer meet the IO alignment requirements of
the underlying disk. Unlike loader.efi, gptboot.efi doesn't check this
requirement, and therefore fails to perform a successful read. Adjust
secbuf's alignment to 4K in hopes that we will always meet this
requirement.

Reviewed by:	imp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D25111
2020-06-03 16:38:16 +00:00
Simon J. Gerraty
7ea9eb9f7c stand/uboot: fix setting of gateip.s_addr
Missplaced paren.

Reviewed by:	imp
MFC after:	1 week
2020-06-01 23:44:03 +00:00
Kyle Evans
6697f577d1 lualoader: improve drawer error handling
At least one user has landed in a scenario where logo files appear to be
misnamed, and we failed to find them. Our fallback for missing logodefs is
orb/orbbw, based on the color status. In a scenario where we can't locate
the logos, though, this is not ideal. Add in one more layer of fallback
to properly just don't draw any logo if the fan has been jam packed with
foreign material.

PR:		246046
MFC after:	3 days
2020-06-01 23:26:37 +00:00
John Baldwin
4f98ffdd1d Fix libstand build breakage after r361298.
- Use enc_xform_aes_xts.setkey() directly instead of duplicating the code
  now that it no longer calls malloc().
- Rather than bringing back all of xform_userland.h, add a conditional
  #include of <stand.h> to xform_enc.h.
- Update calls to encrypt/decrypt callbacks in enc_xform_aes_xts for
  separate input/output pointers.

Pointy hat to:	jhb
2020-05-20 22:25:41 +00:00
Kyle Evans
2583c3374d loader: fix userboot's ability to detect a guest's interpreter
Some time after r338418, I believe with -Os/-Oz -ffunction-sections
-fdata-sections, the bootprog_interp variable that held our "$Interpreter:"
marker started getting strip from all loaders, with exception to userboot
since it used bootprog_interp to determine what flavor of userboot it was.

At some point, it had been brought to my attention that this was no longer
working and I had worked up some potential solutions to use the variable
that involved printing it out. My vague recollection is that this was
rejected, and I forgot to explore the alternatives; I cannot find records of
this discussion anymore.

Fast forward to present day, Andrew reported that it was non-functional and
offered (effectively) this patch (sans comment) to stop the compiler from
optimizing it out by assigning it to a volatile variable. This removes
concerns about user-facing change while retaining the interpreter marker.
Furthermore, it could certainly be uglier.

Reported and tested by:	Andrew Gierth <andrew_tao173.riddles.org.uk>
MFC after:	3 days
2020-05-20 21:02:08 +00:00
Eric van Gyzen
fac6dee9eb Remove tests for obsolete compilers in the build system
Assume gcc is at least 6.4, the oldest xtoolchain in the ports tree.
Assume clang is at least 6, which was in 11.2-RELEASE.  Drop conditions
for older compilers.

Reviewed by:	imp (earlier version), emaste, jhb
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D24802
2020-05-12 15:22:40 +00:00
Alex Richardson
87c5e64c64 Avoid using non-portable dd conv=osync option
The same thing can be achieved using the bs=$SIZE and conv=sync options.
Unlike conv=osync, conv=sync is support on both Linux and macOS.

Reviewed By:	imp, jhb (earlier version)
Obtained from:	CheriBSD
Differential Revision: https://reviews.freebsd.org/D24788
2020-05-11 08:40:33 +00:00
Toomas Soome
4a2d7cee02 loader: vdev_read() can corrupt memory
When reading less than sector size but from sector boundary,
the vdev_read() will read full sector into the provided buffer
and therefore corrupting memory past buffer end.

MFC after:	2 days
2020-05-09 06:25:20 +00:00
Andrew Turner
4495f36874 Fix the EFI_DEBUG case, prio_str is only used when EFI_DEBUG is unset.
Sponsored by:	Innovate UK
2020-05-05 10:01:10 +00:00
Andrew Turner
3d5e12ebce As with r352446 align blocks in boot1.efi
We need to ensure the buffers are aligned before passing them to ReadBlocks.
Assume 512 bytes is enough for now.

Reviewed by:	imp
MFC after:	1 month
Sponsored by:	Innovate UK
2020-05-05 09:42:26 +00:00
Warner Losh
272a882b37 Redo r360540 to retain the ifndef sparc code, not delete it.
Also undo the BROKEN stuff, since it was based on the same misreading.

Noticed by: Jens Schweikhardt
2020-05-01 18:36:48 +00:00
Warner Losh
9053d5b70c Remove more stray sparc64 ifdefs.
Also, dmabuf appears to only be set for sparc64 case, but there was a
comment at its only use that says it was broken for some apple
adapters. #ifdef it all of that out now that nothing sets it.
2020-05-01 17:50:21 +00:00
Brandon Bergren
a10ed08fe0 [PowerPC] Set fixed boot1.elf load address
Due to the way claiming works, we need to ensure on AIM OFW machines that
we don't have overlapping ranges on any step of the load.

Load boot1.elf at 0x38000 so it will not overlap with anything even if the
entire PReP partition gets loaded by OFW.

Tested on an iBook G4, a PowerBook G4, a PowerMac G5, and qemu pseries.
(qemu pseries is broken without this patch due to the high address used
by lld10.)

Reviewed by:	adalava
Sponsored by:	Tag1 Consulting, Inc.
Differential Revision:	https://reviews.freebsd.org/D24623
2020-05-01 16:56:36 +00:00
Brandon Bergren
892df83817 Remove sparc relocation support from reloc_elf.c.
It got missed in the sparc64 removal.
2020-05-01 16:47:54 +00:00
Kyle Evans
3fe0ac6aa5 lualoader: config: improve readConfFiles, rename to readConf
The previous interface was pretty bad, and required the caller to get some
implementation details correct that it really shouldn't need to (e.g.
loader_conf_files handling) and pass in an empty table for it to use.

The new and much improved interface, readConf, is much less of a hack;
hiding these implementation details and just doing the right thing.
config.lua will now use it to process /boot/defaults/loader.conf and the
subsequent loader_conf_files from there, and read-conf will also use it.

This improvement submitted by Olivier (cited below), loader_conf_files
handling from the original patch was changed to just clobber it before
processing and not bother restoring it after the fact following r360505
where it's now guaranteed to evade the loader environment.

PR:		244640
Submitted by:	Olivier Certner (olivier freebsd free fr>
2020-04-30 21:04:39 +00:00
Kyle Evans
bf832717cf lualoader: config: add a table for restricted environment vars
This new table should be used for transient values that don't need to end up
in the loader environment. Generally, these will be things that are internal
details that really aren't needed or interesting outside of the config
module (e.g. if we changed how ${module}_* directives work, they might use
this instead).

To start, populate it with loader_conf_files. Any specific value of
loader_conf_files isn't all that interesting; if we're going to export it,
we should really instead export a loader_conf_files that indicates all of
the configuration files we processed. This will be used to reduce
bookkeeping overhead in a future commit that cleans up readConfFiles.
2020-04-30 20:58:58 +00:00
Kyle Evans
80a623bf52 loader.conf(5): document that loader_conf_files may be clobbered
A future change in lualoader may take some liberties with the
loader_conf_files in the name of efficiency; namely, it may start omitting
it from the loader environment entirely so that it doesn't need to worry
about maintaining any specific value.

This variable has historically been incredibly volatile anyways, as it may
get set to completely different values in any given configuration file to
trigger a load of more files.

Document now that we may not maintain it in the future, but perhaps we'll
reserve the right to change our minds and eventually formally export all of
the loader configuration files that were read using this variable.

MFC after:	3 days
2020-04-30 02:50:58 +00:00
Kyle Evans
60a2823c66 config.lua(8): catch up to recently added hooks
While we're here, let's stylize these as functions instead of just raw text.
A future change may allow arbitrary data arguments to be passed some of
these, and the distinction is useful.
2020-04-28 03:43:55 +00:00
Kyle Evans
aa3d34de88 config.lua(8): "may should" is not proper grammar
Reported by:	rpokala
X-MFC-With:	r360421
2020-04-28 02:13:17 +00:00
Kyle Evans
cc0380718e lualoader: cli: clobber loader_conf_files before proceeding
This makes sure that config.readConfFiles doesn't see a stale
loader_conf_files from before, in case the newly loaded file doesn't set it.

MFC after:	3 days
2020-04-28 02:08:55 +00:00
Kyle Evans
e40d2a04ea lualoader: cli: add read-conf
This is a straightforward match to the command used by many in forthloader;
it uses the newly-exported config.readConfFiles() to make sure that any
loader_conf_files gets done as appropriate.

PR:		244640
Submitted by:	Olivier Certner <olivier freebsd free fr>
MFC after:	3 days
2020-04-28 02:04:51 +00:00
Kyle Evans
7a5c6c8bfe lualoader: config: start exporting readConfFiles
In the process, change it slightly: readConfFiles will take a string like
loader_conf_files in addition to the loaded_files table that it normally
takes. This is to facilitate the addition of a read-conf CLI command, which
will just pass in the single file to read and an empty table.

MFC after:	3 days
2020-04-28 02:03:03 +00:00
Kyle Evans
ecacf5ff1e lualoader config: don't call loader.getenv() as much
We don't actually need to fetch loader_conf_files as much as we do; we've
already fetched it once at the beginning, we only really need to fetch it
again after each file we've processed. If it changes, then we can stash that
off into our local prefiles.

While here, drop a note about the recursion so that I stop trying to
change it. It may very well make redundant some of the work we're doing, but
that's OK.

MFC after:	3 days
2020-04-28 01:39:34 +00:00
Mark Johnston
5c17092568 Stop setting PG_U in bootstrap mappings.
These mappings are never visible to userspace as they get replaced when
the amd64 pmap is bootstrapped, but there is no need to set PG_U in the
first place.

Reviewed by:	alc, kib
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D24547
2020-04-24 13:53:40 +00:00
Andrew Turner
a2e2311a40 Build the arm64 loader with -ffixed-x18
This stops the compiler from using the x18 register. Some UEFI
implementations assume this will be preserved when calling the Boot
Services.

MFC after:	2 weeks
Sponsored by:	Innovate UK
2020-04-24 10:03:11 +00:00
Ryan Moeller
d2187b39cf menu.lua: Give names to menu entries
Make menu customizations easier by naming the entries and using the
names to build the table entries.

Reviewed by:	kevans
Approved by:	mav (mentor)
MFC after:	1 week
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D24527
2020-04-22 17:04:31 +00:00
Adrian Chadd
6c88ef1c81 [libsa] Fix typecast of pointer for st_dev
This code was trying to use a pointer value for st_dev, which is definitely
not a pointer.  Instead, cast to uintptr_t so it becomes a non-pointer value
before casting it.

Tested: mips-gcc cross compile, mips32 build
2020-04-16 23:29:49 +00:00
Kyle Evans
c318828929 Preload hostuuid for early-boot use
prison0's hostuuid will get set by the hostid rc script, either after
generating it and saving it to /etc/hostid or by simply reading /etc/hostid.

Some things (e.g. arbitrary MAC address generation) may use the hostuuid as
a factor in early boot, so providing a way to read /etc/hostid (if it's
available) and using it before userland starts up is desirable. The code is
written such that the preload doesn't *have* to be /etc/hostid, thus not
assuming that there will be newline at the end of the buffer or even the
exact shape of the newline. White trailing whitespace/non-printables
trimmed, the result will be validated as a valid uuid before it's used for
early boot purposes.

The preload can be turned off with hostuuid_load="NO" in /boot/loader.conf,
just as other preloads; it's worth noting that this is a 37-byte file, the
overhead is believed to be generally minimal.

It doesn't seem necessary at this time to be concerned with kern.hostid.

One does wonder if we should consider validating hostuuids coming in
via jail_set(2); some bits seem to care about uuid form and we bother
validating format of smbios-provided uuid and in-fact whatever uuid comes
from /etc/hostid.

Reviewed by:	karels, delphij, jamie
MFC after:	1 week (don't preload by default, probably)
Differential Revision:	https://reviews.freebsd.org/D24288
2020-04-16 00:54:06 +00:00
Leandro Lupori
0660bb6fa5 Add support to MSDOS FS in PPC loader
Although PPC OFW loader already had a LOADER_MSDOS_SUPPORT option, a few lines
were missing in conf.c, in order to support FAT filesystems.

This is useful when running FreeBSD under QEMU, to be able to easily change the
kernel and modules when running on hosts without UFS read/write support.

Reviewed by:	jhibbits
Sponsored by:	Eldorado Research Institute (eldorado.org.br)
Differential Revision:	https://reviews.freebsd.org/D24328
2020-04-07 19:46:00 +00:00
Simon J. Gerraty
723f904176 Improve interaction of vectx and tftp
On slow platforms, it helps to spread the hashing load
over time so that tftp does not timeout.

Also, some .4th files are too big to fit in cache of pkgfs,
so increase cache size and ensure fully populated.

Reviewed by:	stevek
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D24287
2020-04-07 16:56:34 +00:00
Kyle Evans
ed648b3f39 stand: -fno-common fixes for !x86 loaders
- beriloader: archsw is declared extern and defined elsewhere
- ofwloader: ofw_elf{,64} are defined in elf_freebsd.c and
  ppc64_elf_freebsd.c respectively
- ubldr: syscall_ptr is defined in start.S for whichever ubldr platform is
  building

-fno-common will become the default in GCC10/LLVM11.

MFC after:	3 days
2020-04-07 12:57:50 +00:00
Leandro Lupori
8883b17065 [PPC] Fix loader call to instantiate-rtas
OpenFirmware (OF) method instantiate-rtas was being called with a wrong
rtas-base-address argument. It must use the memory that is already being
allocated to this end instead. This issue was causing QEMU netboot to hang
when building the FDT from OF DT.

Reviewed by:	jhibbits
Sponsored by:	Eldorado Research Institute (eldorado.org.br)
Differential Revision:	https://reviews.freebsd.org/D24313
2020-04-07 12:46:26 +00:00
Toomas Soome
5292d0a7f3 loader: use #elif defined() in stand.h
Small cleanup.

Reported by:	imp
2020-03-29 06:48:59 +00:00
Kyle Evans
b3a1768824 userboot: mark host_fsops as extern
This is already defined elsewhere; mark this declaration extern to the fix
the -fno-common build.

MFC after:	3 days
2020-03-29 02:29:06 +00:00
Toomas Soome
a536ed419e loader.efi: restore the init and fix the color setup
The efi console init is avoided since conin setup was moved to probe.
In case the console is re-initialized, we need to pick up colors
from environment.
2020-03-28 22:37:50 +00:00
Toomas Soome
6c01b7102d loader: typo did slip into 359408
somehow r was lost from 'char'.
2020-03-28 21:55:42 +00:00
Toomas Soome
215597f05f loader: strdup name strings from dataset walker
The removal of zfs scratch buffer did miss the fact the dataset
lookup was picking up the names from zap list.
2020-03-28 21:50:27 +00:00
Toomas Soome
c907ec9e16 loader: add knob to build with user malloc
This option is intended to aid development, to allow building with user malloc.
The use case would be to build userboot & test with libc (or other) malloc and
use extra malloc debug features.
2020-03-28 21:47:44 +00:00
Toomas Soome
db31623660 loader.efi: conout->QueryMode() can fail to return screen dimensions
Some systems are reported to fail to report screen dimensions unless the
screen mode is set first.
2020-03-27 18:01:01 +00:00
Ryan Moeller
73531a2abd loader: Fully reset terminal settings, not just colors
Reviewed by:	kevans
Reviewed by:	tsoome
Approved by:	mav (mentor)
MFC after:	1 week
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D21733
2020-03-27 17:37:31 +00:00
Brandon Bergren
a04ec978b3 [PowerPC] Switch powerpc and powerpcspe to lld
Now that LLD 10 is out, and required patches have landed, we are now ready
to finally switch away from the ancient in-tree ld.bfd.

Special thanks to Fangrui Song for many hours of work on getting the
32-bit powerpc lld ready for prime-time.

Reviewed by:	emaste (earlier revision), jhibbits
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D24111
2020-03-27 01:00:03 +00:00
Simon J. Gerraty
53f151f906 Fix pkgfs stat so it satisfies libsecureboot
We need a valid st_dev, st_ino and st_mtime
to correctly track which files have been verified
and to update our notion of time.

ve_utc_set(): ignore utc if it would jump our current time
by more than VE_UTC_MAX_JUMP (20 years).

Allow testing of install command via userboot.
Need to fix its stat implementation too.

bhyveload also needs stat fixed - due to change to userboot.h

Call ve_error_get() from vectx_close() when hash is wrong.

Track the names of files we have hashed into pcr

For the purposes of measured boot, it is important
to be able to reproduce the hash reflected in
loader.ve.pcr
so loader.ve.hashed provides a list of names in the order they
were added.

Reviewed by:	imp
MFC after:	1 week
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org//D24027
2020-03-25 19:12:19 +00:00
Toomas Soome
27bae6150a loader: remove libsa/crc32.c and use version from zlib
we have crc32(const void *, size_t) in libsa. Unfortunately zlib has
crc32(long, const unigned char *, unsigned) and we have conflict.

Since we do build libsa with zlib, we can use zlib version instead.

Reviewed by:	allanjude
Differential Revision:	https://reviews.freebsd.org/D24068
2020-03-19 21:05:11 +00:00
Toomas Soome
87d8d5ea3d loader: misaligned access of dos_partition structure
armv7 crash due to misligned access of dos_partition dp_start field.

Allocate and make copy of dos_partition array to make sure the data
is aligned.

Reported by:	marklmi at yahoo.com
2020-03-19 17:27:08 +00:00
Toomas Soome
34edaae605 loader.efi: handle efi_cons_init() failure cases better
if we fail to allocate buffer, set up the TERM_EMU and continue.
On output, use TERM_EMU in case we did fail to allocate buffer.
2020-03-18 22:21:42 +00:00
Ryan Moeller
4bee618957 Fixup line lost from previous commit (r359072)
Reviewed by:	kevans
Approved by:	mav (mentor)
MFC after:	1 week
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D24115
2020-03-18 17:01:03 +00:00
Ryan Moeller
79c20f2260 loader: Add a "kernel.loaded" hook
This hook can be useful, for example to run a local function to choose
different modules to load when a user has picked a different kernel
from the menu.

Reviewed by:	kevans
Approved by:	mav (mentor)
MFC after:	1 week
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D24115
2020-03-18 16:21:11 +00:00
Toomas Soome
ebe8cd79d2 loader: add comconsole implementation on top of SIO protocol
Provide comconsole on top of SIO for arm platforms (x86 does use bios version).
2020-03-14 06:36:03 +00:00
Toomas Soome
7f505e7f79 test if port does exist via using scratch register
The SCR, scratch register was not present on the 8250 and 8250B UART, so we
can use to test if we actually do have serial port.

We need this test because some systems will get long delays while attempting
to write to non-existing port and this will slow down the console IO
to extreme.

MFC after:	1 week
2020-03-12 06:45:08 +00:00
Simon J. Gerraty
91cd69ee2c veloader use vectx API for kernel and modules
The vectx API, computes the hash for verifying a file as it is read.
This avoids the overhead of reading files twice - once to verify, then
again to load.

For doing an install via loader, avoiding the need to rewind
large files is critical.

This API is only used for modules, kernel and mdimage as these are the
biggest files read by the loader.
The reduction in boot time depends on how expensive the I/O is
on any given platform.  On a fast VM we see 6% improvement.

For install via loader the first file to be verified is likely to be the
kernel, so some of the prep work (finding manifest etc) done by
verify_file() needs to be factored so it can be reused for
vectx_open().

For missing or unrecognized fingerprint entries, we fail
in vectx_open() unless verifying is disabled.

Otherwise fingerprint check happens in vectx_close() and
since this API is only used for files which must be verified
(VE_MUST) we panic if we get an incorrect hash.

Reviewed by:	imp,tsoome
MFC after:	1 week
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org//D23827
2020-03-09 16:02:54 +00:00
Simon J. Gerraty
212e103f2f veloader use vectx API for kernel and modules
The vectx API, computes the hash for verifying a file as it is read.
This avoids the overhead of reading files twice - once to verify, then
again to load.

For doing an install via loader, avoiding the need to rewind
large files is critical.

This API is only used for modules, kernel and mdimage as these are the
biggest files read by the loader.
The reduction in boot time depends on how expensive the I/O is
on any given platform.  On a fast VM we see 6% improvement.

For install via loader the first file to be verified is likely to be the
kernel, so some of the prep work (finding manifest etc) done by
verify_file() needs to be factored so it can be reused for
vectx_open().

For missing or unrecognized fingerprint entries, we fail
in vectx_open() unless verifying is disabled.

Otherwise fingerprint check happens in vectx_close() and
since this API is only used for files which must be verified
(VE_MUST) we panic if we get an incorrect hash.

Reviewed by:	imp,tsoome
MFC after:	1 week
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org//D23827
2020-03-09 15:48:53 +00:00
Simon J. Gerraty
fbcf3b4fad veloader use vectx API for kernel and modules
The vectx API, computes the hash for verifying a file as it is read.
This avoids the overhead of reading files twice - once to verify, then
again to load.

For doing an install via loader, avoiding the need to rewind
large files is critical.

This API is only used for modules, kernel and mdimage as these are the
biggest files read by the loader.
The reduction in boot time depends on how expensive the I/O is
on any given platform.  On a fast VM we see 6% improvement.

For install via loader the first file to be verified is likely to be the
kernel, so some of the prep work (finding manifest etc) done by
verify_file() needs to be factored so it can be reused for
vectx_open().

For missing or unrecognized fingerprint entries, we fail
in vectx_open() unless verifying is disabled.

Otherwise fingerprint check happens in vectx_close() and
since this API is only used for files which must be verified
(VE_MUST) we panic if we get an incorrect hash.

Reviewed by:	imp,tsoome
MFC after:	1 week
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org//D23827
2020-03-08 18:48:01 +00:00
Simon J. Gerraty
afc571b1a6 veloader use vectx API for kernel and modules
The vectx API, computes the hash for verifying a file as it is read.
This avoids the overhead of reading files twice - once to verify, then
again to load.

For doing an install via loader, avoiding the need to rewind
large files is critical.

This API is only used for modules, kernel and mdimage as these are the
biggest files read by the loader.
The reduction in boot time depends on how expensive the I/O is
on any given platform.  On a fast VM we see 6% improvement.

For install via loader the first file to be verified is likely to be the
kernel, so some of the prep work (finding manifest etc) done by
verify_file() needs to be factored so it can be reused for
vectx_open().

For missing or unrecognized fingerprint entries, we fail
in vectx_open() unless verifying is disabled.

Otherwise fingerprint check happens in vectx_close() and
since this API is only used for files which must be verified
(VE_MUST) we panic if we get an incorrect hash.

Reviewed by:	imp,tsoome
MFC after:	1 week
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org//D23827
2020-03-08 17:42:42 +00:00
Dimitry Andric
a2037dba7e Link stand/i386 components using a linker script
LLD 10.0.0 changed the behavior of the -Ttext option, so that using
-Ttext=0x0 now causes linking of the loaders to fail with:

ld: error: output file too large: 18446744073707016908 bytes

I reported this in https://bugs.llvm.org/show_bug.cgi?id=44715, and
initially reverted the upstream change in r357259 to work around it.

However, after some discussion with Fangrui Song in the upstream ticket,
I think we can classify this as an unfortunate interaction between using
-Ttext=0 in combination with --no-rosegment.  (We added the latter
in r332090, because btxld does not correctly handle input with more
than 2 PT_LOAD segments.)

Fangrui suggested to use a linker script instead, and Warner was already
attempting this in r305353, but had to revert it due to "crypto-using
boot problems" (not sure what those were :).

This review updates the stand/i386/boot.ldscript to handle more
sections, inserts some symbols like _edata and such that we use in
libsa, and also discards any .interp section.

It uses ORG which is defined on the linker command line using
--defsym ORG=value to set the start of all the sections.

Reviewed by:	imp
MFC after:	2 weeks
Differential Revision: https://reviews.freebsd.org/D23952
2020-03-04 21:01:22 +00:00
Toomas Soome
ca25195805 loader: crc32 is provided by libsa
Seems like leftover from moving crc32.c to libsa.
2020-03-04 18:38:09 +00:00
Toomas Soome
c1c4c81fd7 loader: replace zfs_alloc/zfs_free with malloc/free
Use common memory management.
2020-02-26 18:12:12 +00:00
Brandon Bergren
20ae0afeac [PowerPC] Fix LLD10 linking of ofw loader on ppc
Before this change, LLD10 was creating several extra PT_LOAD sections,
which OFW does not understand.

Like we do for the kernel already, specify the program headers manually.

Additionally, to work around a crash in our base ld.bfd, we need to
actually assign something to the output section. LLD does not need this.

One side effect of this change is the removal of the GNU_STACK header.
This is more correct, since we are using a statically-allocated stack and
RWX mappings across the board this early in boot.

Reviewed by:	jhibbits, Fangrui Song <i@maskray.me>
Sponsored by:	Tag1 Consulting, Inc.
Differential Revision:	https://reviews.freebsd.org/D23778
2020-02-25 00:45:09 +00:00
Toomas Soome
91e697162c loader: alloc_pread() should set errno if malloc fails
We may want to find out why alloc_pread() failed.
2020-02-23 15:21:15 +00:00
Toomas Soome
4a82db5fe7 efi_register_handles() is missing NULL pointer check
Add missing check of malloc() result.
2020-02-20 09:02:59 +00:00
Toomas Soome
7afa0d95e2 insert_zfs() is missing NULL pointer check
Add missing check of malloc() result.
2020-02-20 09:00:20 +00:00
Toomas Soome
79cbcdcf3e efipart_inithandles() is missing NULL pointer check
Add missing check of malloc() result.
2020-02-20 08:56:56 +00:00
Toomas Soome
ef91a071ac connect_controllers() is missing NULL pointer check
Add missing check of malloc() result.
2020-02-20 08:55:18 +00:00
Toomas Soome
8abc11f65c efihttp_fs_seek() is missing NULL pointer check
Add missing check of malloc() result.
2020-02-20 08:53:04 +00:00
Toomas Soome
860545e20b efinet_dev_init() is missing NULL pointer check
Add missing check of malloc() result.
2020-02-20 08:48:34 +00:00
Warner Losh
a64f0b83e5 Move smbios.c to libsa.
smbios used to be an i386 only kinda weird quirk to the x86
architecture. But UEFI picked it up, dusted it off and now it's many
other locations. Make it base technology by moving it to libsa and
fixing up the compliation. The code has issues with unaligned access
still, but that will be addressed in a followup commit.

Differential Revision: https://reviews.freebsd.org/D23660
2020-02-20 00:46:22 +00:00
Warner Losh
ed2a65769a Create ptov() function.
Create a ptov() function. It's basically the same as the btx PTOV
macro, but works everywhere. smbios needs this to translate addresses,
but the translation differs between BIOS booting and EFI booting. Make
it a function so one smbios.o can be used everywhere. Provide
definitions for it in the two loaders affected.

Differential Revision: https://reviews.freebsd.org/D23660
2020-02-20 00:46:16 +00:00
Kyle Evans
6b197e58f6 efiloader: don't execute hooks when setting currdev/loaddev
We still need to set the hooks to prevent improper manipulations thereafter
at the loader prompt, but as it is we're actively preventing loaddev from
being set correctly in some circumstances (ZFS in particular) and doing more
work than needed with currdev -- that hook in particular validates it as a
correct device, which we can assume isn't needed in this context.

Reviewed by:	imp, sigsys@gmail.com
Submitted/Diagnosed by:	sigsys@gmail.com
Differential Revision:	https://reviews.freebsd.org/D23390
2020-02-12 22:29:08 +00:00
Kyle Evans
8e173ae7f4 interp_lua: fix bogus indentation, NFC 2020-02-12 16:10:00 +00:00
Kyle Evans
17f0dc77a4 lualoader: disable autoboot on high-level interpreter errors
If we hit an error at this level, we are almost certainly not in any kind
of sane state where autoboot can do the right thing. Instead of letting it
try and probably failing, disable autoboot so they immediately get kicked
into a loader prompt for manual remediation/diagnosis.

Reviewed by:	tsoome
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D23611
2020-02-12 16:09:01 +00:00
Toomas Soome
380977d557 followup on r357497: clean obsolete comment and use shift instead of multiplication
Based on illumos review feedback: leftover comment, but also
have consistent block size calculation and add missing else leg to if
statement.
2020-02-05 13:08:24 +00:00
Toomas Soome
7503958e4c zfsboot: vdev_read_pad2 does allocate buffer with wrong size
vdev_read_pad2() does read VDEV_PAD_SIZE of data, and will copy size bytes
of it, hence, we need buffer of VDEV_PAD_SIZE bytes.

Issue introduced in r357497.

Reported by:	se
2020-02-05 11:02:00 +00:00
Toomas Soome
a1746b2583 vdev_read_pad2: freeing wrong pointer
Shoud free previously allocated tmp buffer instead. Issue introduced in
r357497.

Reported by:	rpokala
2020-02-05 05:42:42 +00:00
Toomas Soome
4d297e7035 loader: rewrite zfs reader zap code to use malloc
First step on removing zfs_alloc.

Reviewed by:	delphij
Differential Revision:	https://reviews.freebsd.org/D23433
2020-02-04 07:37:55 +00:00
Warner Losh
eb24e1491f Remove sparc64 support from the boot loader.
Remove all the sparc64 specific bits, both files and ifdefs.
2020-02-03 17:34:57 +00:00
Toomas Soome
b0af1e20e6 loader: bc_add can not use any other probes than ah=0x4b
CD boot is broken for some systems since bioscd and biosdisk merge. The issue is that we can not use anything else than int 13 ah=0x4b to query cd information.

The patch does restore the same probe as was originally used in bioscd.c. Additionally extra buffer padding is used to avoid memory corruption caused by some systems.

PR:		234031
Reported by:	ultramage and others
MFC after:	1 day
2020-02-03 11:33:33 +00:00
Dimitry Andric
ae55765309 Work around assembler error from clang 10.0.0 in gptboot:
stand/i386/gptboot/gptldr.S:141:3: error: value of 36878 is too large for field of 2 bytes.
  jmp MEM_JMP # Start BTX
  ^

Use the same construct as in stand/i386/boot2/boot1.S, which ensures the
jump distance does not become too large.

MFC after:	3 days
2020-01-28 21:41:37 +00:00
Kyle Evans
0db2ca0c31 lua: add modules.loaded hook
This may be used for the local module to hook in and load any additional
modules that it wants, since it can't modify the modules table internal to
config. We may consider adding API to do so at a later time, but I suspect
it will be more complicated to use with little return.

status is captured but ignored for the purpose of loading the hook. status
will be false if *any* module failed to load, but we typically don't let
that halt the boot so there's no reason to let it halt hooks. Some vendors
or setups may have expected fails that would be actively thwarted by
checking it.

We may, at a later date, consider adding an API for letting non-config
modules check which modules have successfully (or not) loaded in case an
unexpected failure *should* halt whatever they are doing.

MFC after:	3 days
2020-01-25 03:52:16 +00:00
Kyle Evans
59ba5b1dc2 loader.lua: re-arrange to load local.lua *after* config loading
The major problem with the current ordering is that loader.conf may contain
all of the magic we need to actually setup the console, so loading local.lua
prior to that can make it excessively difficult and annoying to debug
(whoops, sorry Ravi & Warner).

The new ordering has some implications, but I suspect they are a non-issue.
The first is that it's no longer possible for the local module to inject any
logic prior to loading config -- I suspect no one has relied on this. The
second implication is that the config.loaded hook is now useless, as the
local module will always be included after that hook would have fired.

For config.loaded, I will opt to leave it in, just in case we add an early
point for local lua to get injected or in case one wants to schedule some
deferred logic in a custom loader.lua. The overhead of having it if no hooks
will be invoked is relatively minimal.

Diagnosed by:	imp
Reported by:	imp, rpokala (most likely)
MFC after:	3 days
2020-01-25 03:02:45 +00:00
Hans Petter Selasky
8427dd0899 Fix build of stand/usb .
MFC after:	1 week
Sponsored by:	Mellanox Technologies
2020-01-23 10:40:34 +00:00
Konstantin Belousov
2ee49fac82 Add support for Hygon Dhyana Family 18h processor.
As a new x86 CPU vendor, Chengdu Haiguang IC Design Co., Ltd (Hygon)
is a joint venture between AMD and Haiguang Information Technology Co.,
Ltd., aims at providing x86 processors for China server market.

The first generation Hygon processor(Dhyana) shares most architecture
with AMD's family 17h, but with different CPU vendor ID("HygonGenuine")
and PCI vendor ID(0x1d94) and family series number 18h(Hygon negotiated
with AMD to confirm that only Hygon use family 18h).

To enable Hygon Dhyana support in FreeBSD, add new definitions
HYGON_VENDOR_ID("HygonGenuine") and X86_VENDOR_HYGON(0x1d94) to identify
Hygon Dhyana CPU.

Initialize the CPU features(topology, local APIC ext, MSI, TSC, hwpstate,
MCA, DEBUG_CTL, etc) for amd64 and i386 mode by sharing the code path of
AMD family 17h.

The changes have been applied on FreeBSD 13.0-CURRENT and tested
successfully on Hygon Dhyana processor.

References:
[1] Linux kernel patches for Hygon Dhyana, merged in 4.20:

https://git.kernel.org/tip/c9661c1e80b609cd038db7c908e061f0535804ef

[2] MSR and CPUID definition:

https://www.amd.com/system/files/TechDocs/54945_PPR_Family_17h_Models_00h-0Fh.pdf

Submitted by:	Pu Wen <puwen@hygon.cn>
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D23163
2020-01-21 13:22:35 +00:00
Brandon Bergren
a8614f0eec [PowerPC] Fix 32-bit ubldr calling convention
Due to the way u-boot for 32-bit powerpc is compiled, the interrupt code
assumes that the GOT pointer (r30) on u-boot is always intact.

When making syscalls to u-boot, ensure that we have restored r30 like we
found it before we enable interrupts to prevent u-boot from crashing if a
timer interrupt was pending.

This fixes ubldr on e500 qemu (assuming you have recompiled qemu's u-boot
with API support!)

Reviewed by:	jhibbits
Sponsored by:	Tag1 Consulting, Inc.
Differential Revision:	https://reviews.freebsd.org/D23258
2020-01-19 04:13:19 +00:00
Toomas Soome
aaeffe5b70 Backout 356693. The libsa malloc does provide necessary alignment and
memalign by 4 will reduce alignment for some platforms. Thanks for Ian for
pointing this out.
2020-01-13 20:02:27 +00:00
Toomas Soome
659bf32dfc loader: allocate properly aligned buffer for network packet
Use memalign(4, size) to ensure we have properly aligned buffer.

MFC after:	2 weeks
2020-01-13 18:22:54 +00:00
Toomas Soome
20698d1531 loader: bioscd probe can get sector size 0
With buggy BIOS, it may happen we get sector size reported 0 for cd, and then
the default 512 is used, which is quite wrong.

PR:		238749
2020-01-09 21:21:08 +00:00
Kyle Evans
cc03366097 stand/fdt: Scale blob size better as overlays apply
Currently, our overlay blob will grow to include the size of the complete
overlay blob we're applying. This doesn't scale very well with a lot of
overlays- they tend to include a lot of overhead, and they will generally
only add a fraction of their total size to the blob they're being applied
to.

To combat this, pack the blob as we apply new overlays and keep track of how
many overlays we've applied. Only ubldr has any fixups to be applied after
overlays, so we only need to re-pad the blob in ubldr. Presumably the
allocation won't fail since we just did a lot worse in trying to apply
overlays and succeeded.

I have no intention of removing the padding in make_dtb.sh. There might be
an argument to be had over whether it should be configurable, since ubldr
*is* the only loader that actually has fixups to be applied and we can do
this at runtime, but I'm not too concerned about this.

This diff has been sitting in Phabricator for a year and a half, but I've
decided to flush it as it does make sure that we're scaling the blob
appropriately and leave room at the end for fixups in case of some freak
circumstance where applying overlays leaves us with a blob of insufficient
size.

Reviewed by:	gonzo (a long time ago)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D14133
2020-01-09 04:34:42 +00:00
Toomas Soome
653c3383c7 loader: update zfsimpl.c from illumos review suggestions
Add extra comments and update error handling.

MFH:		1 week
2020-01-06 19:35:22 +00:00
Brandon Bergren
475008d6ca Move stand/ofw/libofw to stand/libofw.
Since rS330365, there has been no particular reason for libofw to be in a
subdirectory of ofw. Move libofw up a level to make it fit in better with
the other top level libraries.

Also add a LIBOFWSRC to stand/defs.mk to match what all the other
libraries are doing.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D23000
2020-01-02 04:34:22 +00:00
Justin Hibbits
b451cd4544 [PowerPC64] Use ld.bfd to build LIB32 and STAND - when using llvm
Summary:
This patch is to support ongoing work for replacing "GCC/BFD" by "CLANG/LLD" on
target PowerPC64 [1], by proposing a way to specify and/or locate a secondary
ld.bfd linker.
This is necessary as LLD currently doesn't support PowerPC 32 bits, so we keep
using BFD for the 32 bit stuff on PowePC64(LIB32 compatibility and
STAND/slof/loader.)

- creates LD_BFD variable pointing to ld.bfd
- use LD_BFD as linker for LIB32/compat
- Default behavior for other platforms aren't changed.

[1] https://wiki.freebsd.org/powerpc/llvm-elfv2

Submitted by:	alfredo.junior_eldorado.org.br
Reviewed by:	imp
Differential Revision: https://reviews.freebsd.org/D20261
2019-12-24 16:03:33 +00:00
Ian Lepore
42e08952bb In gptboot, don't assume a partition number is a single digit, 1-9. GPT
partitions can have 128 partitions, so parse contiguous digits and then
validate that the number is between 1-128 inclusive.

I'm not sure 128 is a hard limit in the GPT standard, but it's the common
number in use, and it's a better upper limit than 9.
2019-12-22 22:33:22 +00:00
Dimitry Andric
0b57cec536 Move all sources from the llvm project into contrib/llvm-project.
This uses the new layout of the upstream repository, which was recently
migrated to GitHub, and converted into a "monorepo".  That is, most of
the earlier separate sub-projects with their own branches and tags were
consolidated into one top-level directory, and are now branched and
tagged together.

Updating the vendor area to match this layout is next.
2019-12-20 19:53:05 +00:00
Toomas Soome
ade8a0f1d1 loader.efi: efi_readkey_ex needs to key despite the shift status or toggle status
From UEFI specification 2.8, page 434:
"It should also be noted that certain input devices may not be able to produce
shift or toggle state information, and in those cases the high order bit in
the respective Toggle and Shift state fields should not be active."

But we still need to check for ScanCode and UnicodeChar.

PR:		242660
Reported by:	Trond Endrestol
MFC after:	1 week
2019-12-17 08:30:11 +00:00
Warner Losh
7f5499972e Use symbolic names for int13 calls
For all the INT13 calls, use symbolic names instead of magic numbers. This makes
it easier to understand what the code is doing w/o a trip to google to find what
these numbers mean.
2019-12-16 21:52:12 +00:00
Toomas Soome
3c2db0ef43 loader: rewrite zfs vdev initialization
In some cases the pool discovery will get stuck in infinite loop while setting
up the vdev children.

To fix, we split the vdev setup into two parts, first we create vdevs based on
configuration we do get from pool label, then, we process pool config from MOS
and update the pool config if needed.

Testing done: confirm previously hung loader is not hung any more.

MFC after:	1 week
2019-12-15 21:52:40 +00:00
Toomas Soome
2e6bb6553b loader: zfsimpl.c cstyle cleanup
No functional changes intended.

MFC after:	1 week
2019-12-15 14:09:49 +00:00
Andriy Gapon
c527e92004 zfs boot: fix a crash in a rarely taken path in fzap_lookup
Instead of passing NULL to fzap_name_equal and crashing, just return
ENOENT.  This happened when higher bits of a hash of the searched key
(its hash prefix) matched a hash prefix of some key in the ZAP, but the
full hash value of the searched key did not match any key in the ZAP.

I observerved this problem when loader tried to look up
"features_for_read" in a particular old pool that predates pool
features.

MFC after:	2 weeks
Sponsored by:	Panzura
2019-12-13 22:04:13 +00:00
Toomas Soome
8ac66965f5 loader: cd9660_open() warn: is 'buf' large enough for 'struct iso_primary_descriptor'?
We do allocate amount of memory (void * or char *), and then assign this
buffer to struct iso_primary_descriptor *vd. Make sure we do
allocate enough bytes.

In fact we do allocate enough, but it is good idea to make sure this really
is so.

MFC after:	1 week
2019-12-13 12:36:16 +00:00
Toomas Soome
0c48989582 loader: clean up devopen and devclose a bit
devopen should undo setup of f->f_dev in case of error.
devclose can just call free().

MFC after:	1 week
2019-12-13 08:41:37 +00:00
Toomas Soome
68031519c9 loader: vdisk dereference after free
print out the information and then free the memory used.

MFC after:	1 week
2019-12-13 08:20:20 +00:00
Kyle Evans
bf47132605 stand: liblua: drop default buffer size to 128
Lua allocates LUAL_BUFFERSIZE buffers on the stack for various string
functions (string.format, string.gsub) -- this works out to be somewhat
significant and not necessary, based on how we use string operations.
Dropping it risks having to allocate per call to format/gsub, but this is
not the case for our usage. This simply stops allocating 8K buffers on the
stack when luaL_Buffer is used.

Reviewed by:	imp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D22500
2019-12-12 01:35:56 +00:00
Simon J. Gerraty
2c9a9dfc18 Update Makefile.depend files
Update a bunch of Makefile.depend files as
a result of adding Makefile.depend.options files

Reviewed by:	 bdrewery
MFC after:	1 week
Sponsored by:   Juniper Networks
Differential Revision:  https://reviews.freebsd.org/D22494
2019-12-11 17:37:53 +00:00
Justin Hibbits
9e319462a0 powerpc: Use builtins for fls/flsl
Summary:
There's no need to use the fallback fls() and flsl() libkern functions
when the PowerISA includes instructions that already do the bulk of the
work.  Take advantage of this through the GCC builtins __builtin_clz()
and __builtin_clzl().

Reviewed by:	luporl
Differential Revision:	https://reviews.freebsd.org/D22340
2019-12-08 04:36:42 +00:00
Toomas Soome
fed13eb3e8 loader.efi: print ImageBase so we know where we are
Output a bit of debugging aid.
2019-12-06 09:50:29 +00:00
Warner Losh
f86e60008b Regularize my copyright notice
o Remove All Rights Reserved from my notices
o imp@FreeBSD.org everywhere
o regularize punctiation, eliminate date ranges
o Make sure that it's clear that I don't claim All Rights reserved by listing
  All Rights Reserved on same line as other copyright holders (but not
  me). Other such holders are also listed last where it's clear.
2019-12-04 16:56:11 +00:00
Toomas Soome
b2665fe327 loader: clean up efipart filter expressions
Small cleanup based on illumos review.
2019-12-04 16:41:00 +00:00
Kyle Evans
366f9979bb lualoader: correct a typo from r354247
r354247 converted try_include to lfs + dofile with the loader.lua_path added
just before. Fortunately, there was a hardcoded /boot/lua fallback in case
loader.lua_path wasn't being set yet- I typo'd it as loader.lua_paths.

Fix the typo.

X-MFC-With:	r354247
MFC after:	3 days
2019-12-03 18:44:19 +00:00
Toomas Soome
0aff5f3934 loader: ReadKeyStrokeEx may return partial keystrokes
In some systems we can receive no scancode nor unicodechar values.

PR:		240760
Reported by:	Ariel Millennium Thornton
MFC after:	1 week
2019-12-03 18:36:39 +00:00
Toomas Soome
5b60810654 loader.efi: fix cd boot for cisco C220M3
Reported by:	Chris Ross
MFC after:	1w
2019-12-02 21:08:59 +00:00
Toomas Soome
523a713ffb loader.efi: efipart needs better support detecting nested partitions
Just as disks can have nested partitions, the same happens with cd devices,
so we need to detect device paths and make sure we will not mix the handles.

To address this:

we fetch handle array and create linked list of block devices.
we walk the list and detect parent devices and set children pd_parent.
for {fd, cd, hd}, we walk device list and pick up our devices and store to
corresponding list. We make sure we store parent device first.

For sorting we use 3 steps: We check for floppy, we check for cd and then
everything else must be hd.

In general, it seems the floppy devices have no parent.
CD can have both parents and children (multiple boot entries, partitions
from the hybrid disk image).

Tested by: cross+freebsd@distal.com on Cisco UCS systems, C200 series (C220M5, C240M4).
Also on MBP with UEFI 1.10

Reported by:	Chriss Ross
MFC after:	1w
Differential Revision:	https://reviews.freebsd.org/D22553
2019-11-30 09:11:28 +00:00
Warner Losh
3c5a4af6e9 Also turn of teken for RB_MULTIPLE
RB_MULTIPLE without RB_SERIAL set is valid, and means 'Video first, then serial'
to the kernel (so kernel messages go to both, but /etc/rc uses video console
(this should be fixed, btw, but another day)). Check for RB_MULTIPLE as well as
RB_SERIAL where we want to to serial things. This means we'll use the old code
for emulation in these situations, which is likely best since we're outputing to
both and the old code is ligher weight allowing both to keep up w/o weird
scrolling things.
2019-11-28 05:40:15 +00:00
Warner Losh
79cb1bf26f Remove comment. We're just going to the next node here. 2019-11-28 05:40:10 +00:00
Andrew Turner
e6bb174c50 Support kernels larger than EFI_STAGING_SIZE in loader.efi
With a very large kernel or module the staging area may be too small to
hold it. When this is the case try to allocate more space before failing
in the efi copyin/copyout/readin functions.

Reviewed by:	imp, tsoome
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D22569
2019-11-27 16:52:46 +00:00
Andriy Gapon
489912da7b MFV r354382,r354385: 10601 10757 Pool allocation classes
illumos/illumos-gate@663207adb1
663207adb1

10601 Pool allocation classes
https://www.illumos.org/issues/10601
  illumos port of ZoL Pool allocation classes. Includes at least these two
  commits:
  441709695 Pool allocation classes misplacing small file blocks
  cc99f275a Pool allocation classes

10757 Add -gLp to zpool subcommands for alt vdev names
https://www.illumos.org/issues/10757
  Port from ZoL of
  d2f3e292d Add -gLp to zpool subcommands for alt vdev names
  Note that a subsequent ZoL commit changed -p to -P
  a77f29f93 Change full path subcommand flag from -p to -P

Portions contributed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Portions contributed by: Håkan Johansson <f96hajo@chalmers.se>
Portions contributed by: Richard Yao <ryao@gentoo.org>
Portions contributed by: Chunwei Chen <david.chen@nutanix.com>
Portions contributed by: loli10K <ezomori.nozomu@gmail.com>
Author: Don Brady <don.brady@delphix.com>

11541 allocation_classes feature must be enabled to add log device

illumos/illumos-gate@c1064fd7ce
c1064fd7ce

https://www.illumos.org/issues/11541
  After the allocation_classes feature was integrated, one can no longer add a
  log device to a pool unless that feature is enabled. There is an explicit check
  for this, but it is unnecessary in the case of log devices, so we should handle
  this better instead of forcing the feature to be enabled.

Author: Jerry Jelinek <jerry.jelinek@joyent.com>

FreeBSD notes.
I faithfully added the new -g, -L, -P flags, but only -g does something:
vdev GUIDs are displayed instead of device names.  -L, resolve symlinks,
and -P, display full disk paths, do nothing at the moment.
The use of special vdevs is backward compatible for read-only access, so
root pools should be bootable, but exercise caution.

MFC after:	4 weeks
2019-11-21 08:20:05 +00:00
Kyle Evans
506f364029 Add flua to the base system, install to /usr/libexec
FreeBSDlua ("flua") is a FreeBSD-private lua, flavored with whatever
extensions we need for base system operations. We currently support a subset
of lfs and lposix that are used in the rewrite of makesyscall.sh into lua,
added in r354786.

flua is intentionally written such that one can install standard lua and
some set of lua modules from ports and achieve the same effect.

linit_flua is a copy of linit.c from contrib/lua with lfs and lposix added
in. This is similar to what we do in stand/. linit.c has been renamed to
make it clear that this has flua-specific bits.

luaconf has been slightly obfuscated to make extensions more difficult. Part
of the problem is that flua is already hard enough to use as a bootstrap
tool because it's not in PATH- attempting to do extension loading would
require a special bootstrap version of flua with paths changed to protect
the innocent.

src.lua.mk has been added to make it easy for in-tree stuff to find flua,
whether it's bootstrap-flua or relying on PATH frobbing by Makefile.inc1.

Reviewed by:	brooks, emaste (both earlier version), imp
Differential Revision:	https://reviews.freebsd.org/D21893
2019-11-18 23:21:13 +00:00
Toomas Soome
182d1b7133 loader: remove unused variable from efipart.c 2019-11-16 08:16:50 +00:00
Toomas Soome
2e2844645f loader: add support for hybrid PMBR for GPT partition table
Note hybrid table is nor really UEFI specification compliant.

Sample hybrid partition table:
> ::mbr
Format: unknown
Signature: 0xaa55 (valid)
UniqueMBRDiskSignature: 0

PART TYPE                  ACTIVE  STARTCHS    ENDCHS      SECTOR     NUMSECT
0    EFI_PMBR:0xee         0       1023/254/63 1023/254/63 1          409639
1    0xff                  0       1023/254/63 1023/254/63 409640     978508408
2    FDISK_EXT_WIN:0xc     0       1023/254/63 1023/254/63 978918048  31250000
3    0xff                  0       1023/254/63 1023/254/63 1010168048 32
>
2019-11-15 20:43:39 +00:00
Toomas Soome
254fe63897 loader: r354415 did miss to sort subpaths below the partitions
Tested on actual system (MBP with UEFI 1.10).
2019-11-15 18:57:00 +00:00
Ravi Pokala
7951fbc23d Logging improvements to loader::nfs
Include the server IP address when logging nfs_open(), add a few missing
"\n"s, and correct a typo.

Reviewed by:	kevans
MFC after:	2 weeks
Sponsored by:	Panasas
Differential Revision:	https://reviews.freebsd.org/D22346
2019-11-13 03:56:51 +00:00
Toomas Soome
c082b391b0 reverting r354594
In our case the structure is more complex and simple static initializer
will upset compiler diagnostics - using memset is still better than building
more complext initializer.
2019-11-12 10:02:39 +00:00
Toomas Soome
e5d9d07948 loader: use struct initializer in vdev_probe().
Hopefully it is a bit more clear this way.
2019-11-10 15:07:36 +00:00
Toomas Soome
3cac32d147 loader: memory leak in vdev_label_read_config()
We need to free the allocated buffer for label.
2019-11-10 15:03:59 +00:00
Emmanuel Vadot
14fb9485a4 loader.efi: Default to serial if we don't have a ConOut variable
In the EFI implementation in U-Boot no ConOut efi variable is created,
this cause loader to fallback to TERM_EMU implementation which is very
very very slow (and uses the ConOut device in the system table anyway).
The UEFI spec aren't clear as if this variable needs to exists or not.

Reviewed by:	imp, kevans
2019-11-08 20:08:44 +00:00
Toomas Soome
1113c41fef cstyle cleanup for i386_copy.c
No functional changes are intended.
2019-11-08 12:19:03 +00:00
Toomas Soome
5403ae8448 loader: implement fallback efi_devpath_to_name()
UEFI 1.10 on macs does not seem to provide devpath to name translation,
provide our own (limited) version, so we can get information about commmon
devices.

MFC after:	1 week
2019-11-07 11:17:03 +00:00
Toomas Soome
f6689bce79 loader.efi: HARDDRIVE_DEVICE_PATH may have subpaths
The macos does create Vendor Media devices on top of APFS container
(like partition table inside the partition), so we need to collect such
devices into respective device tree.

MFC after:	1 week
2019-11-06 21:13:10 +00:00
Toomas Soome
ae3f74e763 loader: clean up the noise around log device
We are ignoring log device but we also do want to have clean code.
2019-11-05 18:35:13 +00:00
Toomas Soome
9a3ea7594b loader: populate nvl with data even when label_txg is 0
We actually do not use that data, at least not now, but we want to
avoid possible surprises.
2019-11-05 18:07:30 +00:00
Toomas Soome
124003d587 loader: show APFS partition type name
Add small visual aid in lsdev output.
2019-11-04 12:20:19 +00:00
Toomas Soome
f331eb7d34 loader: allow booting from pool with log device
Apparently people are using log with boot pool, so we can not just
error out there. Still we will need to investigate how to handle
log properly.
2019-11-03 21:36:29 +00:00
Toomas Soome
79a4bf8975 loader: factor out label and uberblock load from vdev_probe, add MMP checks
Clean up the label read.
2019-11-03 21:19:52 +00:00
Toomas Soome
21da9f14f6 loader: zfs.c is missing malloc checks, fix it
malloc() can return NULL, we need to check the return value.
2019-11-03 14:36:16 +00:00
Toomas Soome
0c0a882c7a loader: we do not support booting from pool with log device
If pool has log device, stop there and tell about it.
2019-11-03 13:25:47 +00:00
Toomas Soome
f4ed004573 loader: should check malloc in zfs_dev_open
malloc can return NULL.
2019-11-03 13:03:47 +00:00
Toomas Soome
abca0bd501 loader: calculate physical vdev psize from asize
Since physical device asize is calculated from psize and the asize is stored
in pool label, we can use asize to set the value of psize, which is used to
calculate the location of the pool labels.

MFC after:	1 week
2019-11-03 11:09:06 +00:00
Toomas Soome
bcbb1e60a1 loader: userboot/test should accept more than one disk
allow to specify multiple -d options, test -d disk1 -d disk2 ..
2019-11-03 09:14:29 +00:00
Toomas Soome
e499793e76 Remove duplicate lz4 implementations
Port illumos change: https://www.illumos.org/issues/11667

Move lz4.c out of zfs tree to opensolaris/common/lz4, adjust it to be
usable from kernel/stand/userland builds, so we can use just one single
source. Add lz4.h to declare lz4_compress() and lz4_decompress().

MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D22037
2019-11-02 12:28:04 +00:00
Toomas Soome
0060947db1 loader: libi386/comconsole.c cstyle cleanup
Only cstyle, no functional changes.
2019-11-02 10:53:23 +00:00
Toomas Soome
b9f745fdb1 loader: fall back to term_emu on efi console with serial backend
In case of efi console having serial backend (video + serial or only serial),
we need to stick with old emulator till we can draw console.

Eventually we would need to get console terminal emulator to be removed
from serial console because the serial link already has the terminal.

However, we need to implement comconsole on all efi platforms first, then
we need the ability to draw console, so we do not have to use SimpleTextOutput
protocol (which will write both on video and serial in case of multiplexed
ComOut).

Differential Revision:	https://reviews.freebsd.org/D22161
2019-11-02 09:50:36 +00:00
Kyle Evans
bac5966e2d lualoader: rewrite try_include using lfs + dofile
Actual modules get require()'d in, rather than try_include(). All instances
of try_include should be provided with proper hooks/API in the rest of
loader to do the work they need to do, since we can't rely on them to exist.
Convert this now to lfs + dofile since we won't really be treating them as
modules.

lfs is required because dofile will properly throw an error if the file
doesn't exist, which is not in the spirit of 'optionally included'.

Getting out of the pcall game allows us to provide a loader.exit() style
call that backs out to the common bits of loader (autoboot sequence unless
disabled with a loader.setenv("autoboot_delay", "NO")). The most ideal way
identified so far to implement loader.exit() is to throw a special
abort-style error that indicates to the caller in interp_lua that we've not
actually errored out, just continue execution. Otherwise, we have to hack in
logic to bubble up and return from loader.lua without continuing further,
which gets kind of ugly depending on the context in which we're aborting.

A compat shim is provided temporarily in case the executing loader doesn't
yet have loader.lua_path, which was just added in r354246.
2019-11-02 04:01:39 +00:00
Kyle Evans
63172bf68b liblua: add loader.lua_path
As described previously, loader.lua_path is absolute path where scripts are
installed. A future commit will use this to build paths for dofile in
try_include, rather than the current pcall/require setup that makes it more
difficult to coordinate loader aborts from local.lua -- we do not need the
flexibility of require(), and local.lua is in-fact not a 'module-like' file
as we will not be referencing anything from it.
2019-11-02 03:41:30 +00:00
Kyle Evans
ee74c23624 stand: consolidate knowledge of lua path
Multiple places coordinate to 'know' where lua scripts are installed. Knock
this down to being formally defined (and overridable) in exactly one spot,
defs.mk, and spread the knowledge to loaders and liblua alike. A future
commit will expose this to lua as loader.lua_path, so it can build absolute
paths to lua scripts as needed.

MFC after:	1 week
2019-11-02 03:37:58 +00:00
Warner Losh
08b86a1a8a We don't support configuring serial PCI cards in EFI. Make this clearer in the
source rather than obfuscaring it behind NO_PCI (nothing else declares that,
so it's not making the ifdefs clearer).
2019-11-01 21:26:43 +00:00
Toomas Soome
98e28b71b2 loader: asprinf does crash arm64 due to missing NULL pointer check
PCHAR macro needs to check if d is NULL.

MFC after:	3 days
2019-11-01 06:54:07 +00:00
Toomas Soome
4efce32a51 loader: rs_alloc() may return NULL
rs_alloc() in zfs reader code may return NULL, so we need to check the return value and error out if needed.
MFC after:	1 week
2019-10-26 18:29:02 +00:00
Simon J. Gerraty
21686d9e64 Guard reference to x86_hypervisor
Obviously we only want x86_hypervisor on x86
Guard reference to x86_hypervisor

Obviously we only want x86_hypervisor on x86
2019-10-24 22:26:06 +00:00
Simon J. Gerraty
e9b148a318 Add support for hypervisor check on x86
Add ficl words for isvirtualized
and move ficl inb and outb words to ficl/x86/sysdep.c
so can be shared by i386 and amd64

Reviewed by:	imp bdrewery
MFC after:	1 week
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org/D22069
2019-10-24 20:02:48 +00:00
Simon J. Gerraty
78cd72c914 Allow loader.efi to identify non-standard boot setup
PATH_BOOTABLE_TOKEN can be set to a non-standard
path that identifies a device as bootable.

Reviewed by: kevans, bcran
Differential Revision:  https://reviews.freebsd.org/D22062
2019-10-24 19:52:41 +00:00
Toomas Soome
96b2f9c996 userboot/test should use PRIx64 as one would expect from prefix 0x
Test is printing decimal value after prefix 0x.
2019-10-24 07:49:33 +00:00
Kyle Evans
1ce57df231 lualoader: fix setting of loader_color=NO in loader.conf(5)
Previously color.disabled would be calculated at color module load time,
then never touched again. We can detect serial boots beyond just what we're
told by loader.conf(5) so this works out in many cases, but we must
re-evaluate the situation after the config is loaded to make sure we're not
supposed to be forcing it enabled/disabled.

Discovered while trying to test r353872.
2019-10-21 20:17:31 +00:00
Kyle Evans
a6cf4be042 lualoader: don't botch disabling of color
When colors are disabled, color.escape{fg,bg} would return the passed in
color rather than the proper ANSI sequence for the color.
color.escape{fg,bg} would be wrong.

Instead return '', as the associated reset* functions will also return ''.
This should get rid of the funky '2' and '4' in the kernel selector if
you're booting serial.

Reported by:	npn
2019-10-21 20:09:43 +00:00
Toomas Soome
6b74887f03 loader: zfs_fmtdev can crash when pool discovery did fail and we have no spa
When zfs probe did fail and no spa was created, but zfs_fmtdev() is called,
we will crash while dereferencing spa (NULL pointer dereference).

MFC after:	1 week
2019-10-19 08:08:06 +00:00
Simon J. Gerraty
c7e6f9dcf5 Allow loader.efi to identify non-standard boot setup
PATH_BOOTABLE_TOKEN can be set to a non-standard
path that identifies a device as bootable.

Reviewed by: kevans, bcran
Differential Revision:  https://reviews.freebsd.org/D22062
2019-10-17 20:40:06 +00:00
Toomas Soome
abc23d5932 boot1.efi: provide generic exit() and stub getchar()
panic() is expecting us to have exit and getchar, lets provide those.
2019-10-15 08:33:05 +00:00
Justin Hibbits
dbef5f7155 loader/powerpc64: Include generic PVR values in CAS architecture list
Add generic PVR values for PowerISA 2.07 and 3.00.  This allows booting pseries
in QEMU with compatibilty mode enabled.

Submitted by:	Shawn Anastasio <shawn@anastas.io>
2019-10-08 02:36:53 +00:00
Kyle Evans
605261992c Revert r352557: powerpc/loader: Install ubldr without stripping
This was committed due to what was later diagnosed as an msdosfs bug
preventing in-place strip. This bug was fixed in r352564, and we agreed to
keep the workaround in for a bit to allow the driver fix a suitable amount
of propagation time for folks building/installing powerpc/ubldr, seeing as
how we were not in any hurry to revert.
2019-10-07 03:28:11 +00:00
Justin Hibbits
cd51f7df9c loader/powerpc64: Fix HV check for CAS usage
Logic was backwards.  The function returns true if it *is* running as a
hypervisor, whereas we want to only call the CAS utility if we're running as a
guest.

Reported by:	Shawn Anastasio <shawn@anastas.io>
2019-10-07 03:05:32 +00:00
Toomas Soome
03c9cdf71d loader.efi: for text mode, use STM to scroll the whole screen
Since local UEFI console is implemented on top of framebuffer,
we need to avoid redrawing the whole screen ourselves, but let
Simple Text Mode to do the scroll for us.
2019-10-06 18:38:58 +00:00
Kyle Evans
e12ff89136 Further normalize copyright notices
- s/C/c/ where I've been inconsistent about it
- +SPDX tags
- Remove "All rights reserved" where possible

Requested by:	rgrimes (all rights reserved)
2019-09-26 16:19:22 +00:00
Toomas Soome
8074c5cc86 loader: fix indentation in efi_console and vidconsole
Remove extra tab.

Reported by:	yuripv
2019-09-25 07:36:35 +00:00
Toomas Soome
233ab015c0 loader: add teken.fg_color and teken.bg_color variables
Add settable variables to control teken default color attributes.
The supported colors are 0-7 or basic color names:
black, red, green, brown, blue, magenta, cyan, white.

The current implementation does add some duplication which will be addressed
later.
2019-09-25 07:09:25 +00:00
Toomas Soome
6dd078df19 loader_lua: lua color changes should end with reset
The color change should have reset sequence, not switch to white.
2019-09-22 17:39:20 +00:00
Toomas Soome
2de5a21edc loader_4th: menu items need to reset color attribute, not switch to white
Forth menu kernel and BE entries, instead of resetting the color attribute,
are switching to white color.
2019-09-22 16:10:25 +00:00
Kyle Evans
bb7b569d36 loader: Respect loader_color=YES for serial consoles
It's not uncommon these days for the terminals attached to serial consoles
to support ANSI escape sequences. However, we assume escape sequences may
break some serial consoles and default to not using them when boot_serial or
boot_multicons (or if console contains "comconsole" in the forth loader) for
broader compatibility. We also have loader_color which can be explicitly set
to "NO" to disable the use of ANSI escape sequences.

The problem is that loader_color=YES gets ignored when boot_serial=YES or
boot_multicons=YES (or when console contains "comconsole" in the forth
loader).

To fix, the existing default behavior remains unchanged when loader_color is
unset, loader_color=NO explicitly disables the use of ANSI escape sequences
still, and the change is that loader_color=YES can now be used to explicitly
allow ANSI escapes when a serial console is enabled.

Submitted by:	Ryan Moeller <ryan@ixsystems.com>
Reviewed by:	tsoome (forth), kevans (lua)
MFC after:	1 week
Sponsored by:	iXsystems, Inc. (Ryan)
Differential Revision:	https://reviews.freebsd.org/D21732
2019-09-20 19:43:40 +00:00
Justin Hibbits
39404490b7 powerpc/loader: Install ubldr without stripping
Summary:
Install's strip capability, by way of strip(1), doesn't seem to work
correctly on msdosfs, and instead ends up truncating the resulting
binary to 0-length.  As a workaround, don't strip ubldr(8).  This
fixes installworld on Book-E ubldr-based platforms, which prior to this
would need to manually install ubldr separately after installworld, in
order to have a functional ubldr.

The same thing could be done on PowerNV platforms that use msdosfs /boot
volumes, since loader and loader.kboot, etc, all get truncated to 0 on
install.  However, PowerNV does not use loader, instead loading from
petitboot, so it's not really necessary at this time.

Reviewed by:	kevans
Differential Revision: https://reviews.freebsd.org/D21725
2019-09-20 13:35:28 +00:00
Toomas Soome
23883413d4 loader: fix typo in zalloc. 2019-09-20 05:22:34 +00:00
Kyle Evans
8b2195605b mips: ubldr: use truncated load address for mips32
BFD appears to silently truncate 0xffffffff80800000 when it processes the
ldscript for 32-bit mips, but LLD chokes on it as the linker script tries to
place elements above 32-bit range. It's unclear to me if silent truncation
is kosher or not and whether this patch is really what we want to do, but it
is one approach at least.

Reviewed by:	imp, mizhka
Differential Revision:	https://reviews.freebsd.org/D21487
2019-09-18 01:33:17 +00:00
Toomas Soome
68861a62f5 loader: provide u> and xemit words if needed
We have external interpreter (userboot.so) which may be lagging behind
with updates and may be missing u> xemit words.
2019-09-17 18:05:33 +00:00
Toomas Soome
d6b090d1d4 loader: revert r352421
As insisted by kib, malloc(0) is quite legal.
2019-09-17 16:16:46 +00:00
Toomas Soome
840fa0f86d loader.efi: efipart needs to use ioalign
UEFI specification 2.7A, EFI_BLOCK_IO_PROTOCOL, page 566.

The ioalign property does define the alignment of data buffer.

If the alignment is required and our buffer is not aligned, or if
the data buffer is not multiple of Blocksize, we need to use bounce buffer
to perform the block IO. This is much like with BIOS version, except
there the INT13 needs buffer to be located in low memory.

Additionally, we need to handle disk writes properly.
2019-09-17 13:50:25 +00:00
Toomas Soome
11db1a1654 loader: add memalign() to libsa
Implement memalign(size_t alignment, size_t size) to allocate aligned memory.
2019-09-17 13:15:27 +00:00
Toomas Soome
62ea4c11d5 loader: stand.h should define reallocf as Reallocf
Use the same approach as other zalloc functions.
2019-09-17 13:07:02 +00:00
Toomas Soome
e57c0c2afb loader: cstyle cleanup libsa zalloc sources
Clean up libstand zalloc* sources. Note that it is not 100% whitespace cleanup.
I also reduced block in znalloc and zfree as those were obvious simplifications
and did help to save one level of indent.
2019-09-17 11:35:53 +00:00
Toomas Soome
144c4ca039 loader: factor out guard location setup from Realloc
To simplify and make it easier to read, use ga_Bytes field from guard
structure.
2019-09-17 09:47:35 +00:00
Toomas Soome
41e2c61669 loader: Malloc(0) should return NULL.
We really should not allocate anything with size 0.
2019-09-16 20:28:08 +00:00
Toomas Soome
1781ad707e loader_4th: scan_buffer can leave empty string on stack
When the file processing is done, we will have string with lenght 0 in stack and we will attempt to
allocate 0 bytes.
2019-09-16 20:26:53 +00:00
Kyle Evans
af876563d1 lualoader: Add reload-conf loader command
This command will trigger a reload of the configuration from disk. This is
useful if you've changed currdev from recovery media to local disk as much
as I have over the past ~2 hours and are tired of the extra keystrokes.

This is really just a glorified shortcut, but reload-conf is likely easier
to remember for other people and does save some keystrokes when reloading
the configuration. It is also resilient to the underlying config method
changing interface, but this is unlikely to happen.

MFC after:	1 week
2019-09-14 03:38:18 +00:00
Toomas Soome
e7da26b6ca loader: vidconsole should set LINES and COLUMNS
Set LINES and COLUMNS based on terminal dimensions.
2019-09-10 21:53:42 +00:00
Kyle Evans
90a2541772 lualoader: Revert to ASCII menu frame for serial console
The box drawing characters we use aren't necessarily safe with a serial
console; for instance, in the report by npn@, these were causing his xterm
to send back a sequence that lua picked up as input and halted the boot.
This is less than ideal.

Fallback to ASCII frames for console with 'comconsole' in it.  This is a
partial revert r338108 by imp@ -- instead of removing the menu entirely and
disabling color/cursor sequences, just reverting the default frame to ASCII
is enough to not break in this setup.

Reported by:	npn
Triaged and recommended by:	tsoome
2019-09-10 21:30:38 +00:00
Toomas Soome
094b40659f loader: --gc-sections needs sections to work with
--gc-sections is not really useful unless we generate sections with
-ffunction-sections -fdata-sections

While there, i386/loader would win from --gc-sections too.
2019-09-08 19:39:45 +00:00
Toomas Soome
21388f5cf8 loader.efi: UEFI text mode background colors are only using 3 bits
Need to mask background colors to pass allowed value.
2019-09-06 19:30:23 +00:00
Justin Hibbits
2f6823d4c1 Loader: Add load offset to powerpc kernel entry point
Summary:
There is logic in ELF loadimage() to relocate kernels, but currently
only type ET_EXEC.  PowerPC kernels are ET_DYN, and can be relocated anywhere.
Add the load offset to kernel entry points on this platform.

Reviewed by:	imp, ian
Differential Revision:	https://reviews.freebsd.org/D21286
2019-09-06 02:28:03 +00:00
Toomas Soome
56758831fe loader: use teken teminal emulator for x86 and uefi
Replace mini cons25 emulator with teken, this does enable us proper console
terminal for loader and will make it possible to implement different
back end callbacks to draw to screen.

At this time we still only "draw" in text mode.
2019-09-05 22:15:50 +00:00
Toomas Soome
938cae327c ficl: add xemit word
While emit will output one byte on screen, the xemit will output xchar.

See: http://forth-standard.org/standard/xchar/XEMIT
2019-09-05 15:06:30 +00:00
Toomas Soome
0bd5d36798 ficl: add uIsGreater word
For some reason we have u< but not u>, fix it.
2019-09-05 09:04:48 +00:00
Rebecca Cran
9a2b7c5fce The efifat files are no longer used: remove the code to build them
Reviewed by:	imp, tsoome, emaste
Differential Revision:	https://reviews.freebsd.org/D20562
2019-09-04 20:55:48 +00:00
Toomas Soome
05b24e8617 loader.efi: use and prefer coninex interface
Add support for EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL.
2019-09-02 11:04:17 +00:00
Toomas Soome
591d5f0ef5 loader.efi: some systems do not translate scan code 0x8 to backspace
Add scancode translation for backspace.
2019-09-02 10:45:10 +00:00
Brandon Bergren
9ae631858e Move CAS check in powerpc64 ofw loader until after the PVR check.
This unbreaks using the powerpc64 loader on a 32-bit processor.

Approved by: jhibbits (mentor)
Differential Revision: https://reviews.freebsd.org/D21297
2019-09-01 18:26:21 +00:00
Toomas Soome
fd7e6079bc loader.efi: use shift 16 in efipart as it is max ashift supported by zfs 2019-08-31 06:24:09 +00:00
Toomas Soome
9f7b00f230 qemu-system-aarch64 does list block device with very large block size
Also insert Vendor device as "parent" disk (found in
qemu-system-aarch64 -cpu cortex-a57).

This does fix lsdev in loader.efi on this platform.
2019-08-30 20:54:30 +00:00
Kyle Evans
e1aa7047af stand: boot2: fix amd64-xtoolchain-gcc build
-Wno-missing-declarations is the GCC equivalent of
-Wno-missing-prototypes... this was overlooked in r351135.

MFC after:	3 days
X-MFC-With:	r351135
2019-08-23 01:16:12 +00:00
Kyle Evans
da8147c3c5 libsa: mips: fix typo that had slipped into the diff on local machine
MFC after:	1 week
X-MFC-With:	r351408
2019-08-22 21:49:13 +00:00
Kyle Evans
428925b5f2 libsa: mips: use _JB_* from machine/asm.h, remove regnum dep
This brings the libsa/mips _setjmp implementation closer to parity with the
libc version.

Reviewed by:	imp, jhb
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D21330
2019-08-22 21:42:11 +00:00
Toomas Soome
a15a23234d loader.efi: efipart should be more careful about constructing block device lists
The cd handles should be collected as list of partitions. Some systems also
provide base name for block device (like PciRoot(0x0)/Pci(0x5,0x0)), we need
to be careful about those.

To make out life a bit easier, we prepare not just an array of handles, but we
allocate pdinfo struct for each handle and devicepath, then we can simplify
our work to sort the devices.

Differential Revision:	https://reviews.freebsd.org/D21187
2019-08-20 19:31:11 +00:00
Tom Jones
ec18da7c04 Reduce size of EFI_STAGING_SIZE to 32 on arm
Reduce the size of the EFI_STAGING area we allocate on arm to 32. On arm SBC
such as the NanoPi-NEOLTS the staging area allocation will fail on the 256MB
model with a staging size of 64.

Reviewed by:    bcran, manu
Approved by:    bz (mentor)
MFC after:      2 weeks
Differential Revision: https://reviews.freebsd.org/D21016
2019-08-17 06:47:43 +00:00
Kyle Evans
80746f9f83 stand: gptboot: fix build with xtoolchain-llvm90
ufsread.c grows a dependency on __ashldi3 with llvm90. For gptboot, just
start pulling in ashldi3.c ashrdi3.c lshrdi3.c into libsa for all archs as
the number of archs requiring one or more of them keeps growing. qdivrem.c
and quad.h can be trivially kicked out of libsa if we start pulling these
from compiler-rt as qdivrem was only used to implement umoddi3, divdi3,
moddi3 (also in qdivrem.c).

Reviewed by:	imp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D21291
2019-08-16 20:09:20 +00:00
Kyle Evans
37ac567ea7 stand: boot2: fix build with xtoolchain-llvm90
ufsread.c grows a dependency on __ashldi3 with llvm90. Grab ashldi3.c out of
compiler-rt rather than trying to link against libsa (for now).
-Wno-missing-prototypes is necessary to compile ashldi3.c standalone.

Reviewed by:	imp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D21291
2019-08-16 20:07:43 +00:00
Kyle Evans
80335781ad stand: push LIBC_SRC up into defs.mk
Other parts of stand/ that don't use libsa will need to grab bits from libc
shortly. Push LIBC_SRC up to defs.mk in advance of this so that they can use
it, and rename it to LIBCSRC to match the convention of the rest of the *SRC
variables in this file.

Reviewed by:	imp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D21282
2019-08-16 13:22:57 +00:00
Ed Maste
0a062e5ff6 gptzfsboot: remove CLANG_NO_IAS
Many components under stand/ had CLANG_NO_IAS added when Clang's
Integrated Assembler did not handle .codeNN directives.  Clang gained
support quite some time ago, so we can build stand/ with IAS.

In some cases there were small differences in generated object output.
In the case of gptzfsboot however using GNU as or Clang IAS to assemble
gptldr.S resulted in identical final gptzfsboot binary output.

Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D11115
2019-08-15 18:43:01 +00:00
Ed Maste
aa2dd958b4 stand: remove CLANG_NO_IAS from pxeldr
Many components under stand/ had CLANG_NO_IAS added when Clang's
Integrated Assembler (IAS) did not handle .codeNN directives.  Clang
gained support quite some time ago, and we can now build stand/ with
IAS.  In most cases IAS- and GNU as-assembled boot components were
identical, and CLANG_NO_IAS was already removed from other components.

Clang IAS produces different output for some components, including
pxeldr, so CLANG_NO_IAS was not previously removed for those.

In the case of pxeldr the difference is that IAS adds a size override
prefix (67h) to three instructions to specify a 32-bit address, even
though the two high bytes are zero and the address fits in 16 bits.
this wastes three bytes per instruction and causes some additional nop
npadding to be required elsewhere in the object, but pxeboot is not
size-constrained so it doesn't matter.

Sponsored by:	The FreeBSD Foundation
2019-08-15 17:59:22 +00:00
Ed Maste
1596e9a43c stand: remove CLANG_NO_IAS from cdboot
Many components under stand/ had CLANG_NO_IAS added when Clang's
Integrated Assembler (IAS) did not handle .codeNN directives.  Clang
gained support quite some time ago, and we can now build stand/ with
IAS.  In most cases IAS- and GNU as-assembled boot components were
identical, and CLANG_NO_IAS was already removed from other components.

Clang IAS produces different output for some components, including
cdboot, so CLANG_NO_IAS was not previously removed for those.

In the case of cdboot the difference is that IAS adds a size override
prefix (67h) to many instructions to specify a 32-bit address, even
though the two high bytes are zero.  This wastes three bytes per
instance, but as cdboot is not size-constrained it doesn't matter.
Padding is also different in one case; Clang used two one-byte nops
while GNU as used a single two-byte xchg %eax, %eax.  In any case, there
is no functional change.

Sponsored by:   The FreeBSD Foundation
2019-08-15 17:32:39 +00:00
Kyle Evans
a78c1027d7 Revert r351078, r351085: stand/quad.h eviction
It did not go well; further examination is required...
2019-08-15 17:15:32 +00:00
Kyle Evans
7ddaee2559 stand: kick out quad.h
Use quad.h from libc instead for the time being. This reduces the number of
nearly-identical-quad.h we have in tree to two with only minor changes.

Prototypes for some *sh*di3 have been added to match the copy in libkern.
The differences between the two are likely few enough that they can perhaps
be merged with little additional effort to bring us down to 1.

MFC after:	3 days
2019-08-15 15:47:48 +00:00
Ed Maste
3a6c85abcb stand: remove CLANG_NO_IAS from boot2
Many components under stand/ had CLANG_NO_IAS added when Clang's
Integrated Assembler (IAS) did not handle .codeNN directives.  Clang
gained support quite some time ago, and we can now build stand/ with
IAS.  In most cases IAS- and GNU as-assembled boot components were
identical, and CLANG_NO_IAS was already removed from other components.

Clang IAS produces different output for some components, including
boot2, so CLANG_NO_IAS was not previously removed for those.

In the case of boot2 the difference is that IAS produces a larger
encoding for one instruction (the testb at the beginning of read).

GNU as produces:

    2e    f6 06 b0 08       80

while IAS includes an address size override prefix (67) and produces:

    2e 67 f6 05 b3 08 00 00 80

This results in three fewer NOPs elsewhere in boot2 but no functional
change, so switch to IAS for boot2.

(We can separately pursue improved 16-bit IAS support with the LLVM
developers.)

Sponsored by:	The FreeBSD Foundation
2019-08-15 14:54:18 +00:00
Toomas Soome
6e5555adb1 loader: add error check for vdev_indirect calls
We can error out due to memory allocation errors, we can not recover from
those and need to get out.
2019-08-09 19:09:05 +00:00
Toomas Soome
b1b9326846 loader: support com.delphix:removing
We should support removing vdev from boot pool. Update loader zfs reader
to support com.delphix:removing.

Reviewed by:	allanjude
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D18901
2019-08-08 18:08:13 +00:00
Marcin Wojtas
435672e322 Verify files loaded in chain command.
The chain command can be used to chain load another binary.
If veriexec is enabled we should verify it first.
Note that on EFI systems the verification was already done
through firmware, assuming that Secure Boot was enabled there.

Submitted by: Kornel Duleba <mindal@semihalf.com>
Reviewed by: sjg
MFC after: 1 week
Obtained from: Semihalf
Differential Revision: https://reviews.freebsd.org/D20952
2019-08-08 17:03:30 +00:00
Toomas Soome
9cb069b552 loader.efi: efilib.h and libefi.c were left out of 350654
And this is second followup for 350654
2019-08-06 20:13:28 +00:00
Toomas Soome
cefffc0b45 loader.efi: boot1.c was left out of 350654
Followup for 350654.
2019-08-06 20:08:01 +00:00
Toomas Soome
110d56cbf4 loader.efi: replace HandleProtocol() with OpenProtocol()
The HandleProtocol() is deprecated interface and we should use OpenProtocol()
instead. Moreover, in some firmware implementation(s), the HandleProtocol()
does return device path using static storage, so we can not keep the value
returned there. With same firmware, the OpenProtocol() does return data we
do not need to clone.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D21162
2019-08-06 19:27:27 +00:00
Leandro Lupori
83e356c3c9 [PPC64] Implement CAS
Guest PPC OSs running under a hypervisor may communicate the features they
support, in order for the hypervisor to expose a virtualized machine in the way
the client (guest OS) expects (see LoPAPR 1.1 - B.6.2.3).

This is done by calling the "/ibm,client-architecture-support" (CAS) method,
informing supported features in option vectors.  Until now, FreeBSD wasn't
using CAS, but instead relied on hypervisor/QEMU's defaults.

The problem is that, without CAS, it is very inconvenient to run POWER9 VMs on
a POWER9 host running with radix enabled.  This happens because, in this case,
the QEMU default is to present the guest OS a dual MMU (HPT/RPT), instead of
presenting a regular HPT MMU, as FreeBSD expects, resulting in an early panic.
The known workarounds required either changing the host to disable radix or
passing a flag to QEMU to run in a POWER8 compatible mode.

With CAS, FreeBSD is now able to communicate that it wants an HPT MMU,
independent of the host setup, which now makes FreeBSD work on POWER9/pseries,
with KVM enabled and without hugepages (support added in a previous commit).

As CAS is invoked through OpenFirmware's call-method interface, it needs to be
performed early, when OpenFirmware is still operational. Besides, now that FDT
is the default way to inspect the device tree on PPC, OFW call-method feature
will be unavailable by default, when control is passed to the kernel. Because
of this, the call to CAS is being performed at the loader, instead of at the
kernel.

To avoid regressions with old platforms, this change uses CAS only on
POWER8/POWER9.

Reviewed by:	jhibbits
Differential Revision:	https://reviews.freebsd.org/D20827
2019-07-31 20:31:36 +00:00
Ruslan Bukin
be4890f75e Fix EFI loader build when LOADER_NET_SUPPORT=no.
Sponsored by:	DARPA, AFRL
2019-07-30 14:54:18 +00:00
Simon J. Gerraty
bbac74ca3c loader: ignore some variable settings if input unverified
libsecureboot can tell us if the most recent file opened was
verfied or not.
If it's state is VE_UNVERIFIED_OK, skip if variable
matches one of the restricted prefixes.

Reviewed by:	stevek
MFC after:	1 week
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org//D20909
2019-07-17 23:33:14 +00:00
Justin Hibbits
1ea717577f Allow efi loader to get network params from uboot
Summary:
efi loader does not work with static network parameters. It always uses
BOOTP/DHCP and also uses RARP as a fallback.  Problems with DHCP servers can
cause the loader to fail to populate network parameters.

Submitted by:	Siddharth Tuli <siddharthtuli_gmail.com>
Reviewed by:	imp
Sponsored by:	Juniper Networks, Inc.
Differential Revision:	https://reviews.freebsd.org/D20811
2019-07-12 00:54:20 +00:00
Toomas Soome
21b2840e7d efihttp: mac and err can be used uninitialized
While there, also check if mac != NULL, and use pointer compare for ipv4
and dns.
2019-07-02 20:32:35 +00:00
Toomas Soome
8136db2894 efihttp: mark unused arguments with __unused
we do have __unused, lets use it.
2019-06-30 20:21:27 +00:00
Toomas Soome
f7ae06cb5e efihttp: comparison of integers of different signs
message.HeaderCount is UINTN (unsigned int), so should be i.
2019-06-30 20:18:31 +00:00
Toomas Soome
5bca29b882 Clean efihttp pointer-sign warnings
The Http protocol structure is using unsigned char strings, Use type casts
where needed.
2019-06-30 20:15:02 +00:00
Rebecca Cran
94e8f7c65f Increase EFI_STAGING_SIZE to 100MB on x64
To avoid failures when the large 18MB nvidia.ko module is being loaded,
increase EFI_STAGING_SIZE from 64MB to 100MB on x64 systems.
Leave the other platforms at 64MB.
2019-06-27 22:06:41 +00:00
Rebecca Cran
1ee03da25e Re-enable loader efi http boot and fix dv_open bug if dv_init failed
The code in efihttp.c was assuming that dv_open wouldn't be called if
dv_init failed. But the dv_init return value is currently ignored.

Add a new variable, `efihttp_init_done` and only proceed in dv_open if
it's true. This fixes the loader on systems without efi http support.
2019-06-26 03:06:57 +00:00
Rebecca Cran
519346ce8c Disconnect EFI HTTP support
The EFI HTTP code has been causing boot failures for people, so disable it
while a fix is being worked on.
2019-06-25 21:26:57 +00:00
Warner Losh
f5a95d9a07 Remove NAND and NANDFS support
NANDFS has been broken for years. Remove it. The NAND drivers that
remain are for ancient parts that are no longer relevant. They are
polled, have terrible performance and just for ancient arm
hardware. NAND parts have evolved significantly from this early work
and little to none of it would be relevant should someone need to
update to support raw nand. This code has been off by default for
years and has violated the vnode protocol leading to panics since it
was committed.

Numerous posts to arch@ and other locations have found no actual users
for this software.

Relnotes:	Yes
No Objection From: arch@
Differential Revision: https://reviews.freebsd.org/D20745
2019-06-25 04:50:09 +00:00
Rebecca Cran
da4961c796 loader: add HTTP support using UEFI
Add support for an HTTP "network filesystem" using the UEFI's HTTP
stack.

This also supports HTTPS, but TianoCore EDK2 implementations currently
crash while fetching loader files.
Only IPv4 is supported at the moment. IPv6 support is planned for a
follow-up changeset.

Note that we include some headers from the TianoCore EDK II project in
stand/efi/include/Protocol verbatim, including links to the license instead
of including the full text because that's their preferred way of
communicating it, despite not being normal FreeBSD project practice.

Submitted by:	scottph
Reviewed by:	imp, bcran
Differential Revision:	https://reviews.freebsd.org/D20643
2019-06-24 23:18:42 +00:00
Warner Losh
ec9abc1843 Move to using a common kernel path between the boot / laoder bits and
the kernel.
2019-06-24 20:34:53 +00:00
Matt Macy
6459a61ea7 Tell loader to ignore newer features enabled on the root pool.
There are many new features in ZoF. Most, if not all, do not effect read only usage.
Encryption in particular is enabled at the pool level but used at the dataset level.
The loader obviously will not be able to boot if the boot dataset is encrypted, but
should not care if some other dataset in the root pool is encrypted.

Reviewed by:	allanjude
MFC after:	1 week
2019-06-19 21:10:13 +00:00
Rebecca Cran
3109cebc22 efinet: Defer exclusively opening the network handles
Don't commit to exclusive access to the network device handle by
efinet until the loader has decided to load something through the
network. This allows for the possibility of other users of the
network device.

Submitted by:	scottph
Reviewed by:	tsoome, emaste
Tested by: 	tsoome, bcran
Differential Revision:	https://reviews.freebsd.org/D20642
2019-06-19 18:47:44 +00:00
Leandro Lupori
68ed5ad2d5 [PPC] Fix loader input with newer QEMU versions
At least since version 4.0.0, QEMU became bug-compatible with PowerVM's
vty, by inserting a \0 after every \r. As this confuses loader's
interpreter and as a \0 coming from the console doesn't seem reasonable,
it's now being filtered at OFW console input.

Reviewed by:	jhibbits
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D20676
2019-06-19 11:37:43 +00:00
Xin LI
f89d207279 Separate kernel crc32() implementation to its own header (gsb_crc32.h) and
rename the source to gsb_crc32.c.

This is a prerequisite of unifying kernel zlib instances.

PR:		229763
Submitted by:	Yoshihiro Ota <ota at j.email.ne.jp>
Differential Revision:	https://reviews.freebsd.org/D20193
2019-06-17 19:49:08 +00:00
Li-Wen Hsu
3aa9258286 Fix gcc build by removing redeclaration
Reviewed by:	imp
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D20622
2019-06-13 03:48:36 +00:00
Warner Losh
5698b5c2b7 Add stuff to disable warning for %S
Add the customary warnings to disable format checking on armv7. Code
move to new files, and the unconditional setting of WARNS to 6
provoked it on tinerbox...
2019-06-08 19:58:58 +00:00
Warner Losh
f61f5a0b2d Create gptboot.efi
This is a primary boot loader that is intended to implement the
gptboot partition selection algorithm just like we did for BIOS
booting. While the preferred method for UEFI is to use the UEFI Boot
Manager protocol, there are situations where that can't be done: some
BIOS makers interfere with the protocol in unhelpful ways, there's a
new standard for a zero variable write from the client OS, and finally
for USB drives that might be mobile between systems with multiple
partitions there needs to be a media stable way to select.

Reviewed by: tsoome, bcran
Differential Revision: https://reviews.freebsd.org/D20547
2019-06-08 19:02:17 +00:00
Warner Losh
f46eb75217 Break out the disk selection protocol from the rest of boot1.
Segregate the disk probing and selection protocol from the rest of the
boot loader.

Reviewed by: tsoome, bcran
Differential Revision: https://reviews.freebsd.org/D20547
2019-06-08 18:59:50 +00:00
Warner Losh
31927bd4ad Rework the reporting of the priority.
Simplify the code a bit and rework how we report the results
of the probing.

Reviewed by: tsoome@
Differential Revision: https://reviews.freebsd.org/D20537
2019-06-07 02:05:22 +00:00
Warner Losh
52a662514d Remove left-over status variables 2019-06-07 00:02:02 +00:00
Warner Losh
55de7f3406 Fix when NOFAT is defined
We need to add the *efi file to the list of things that get built,
even if we're not creating the efifat stuff.
2019-06-06 22:56:55 +00:00
Warner Losh
fef7bfef6f Use simple malloc/free instead of dropping down to the UEFI
BootServices AllocatePool/FreePool calls. They are simpler to use and
result in the same thing happening.

Reviewed by: tsoome@
Differential Revision: https://reviews.freebsd.org/D20540
2019-06-06 21:04:37 +00:00
Toomas Soome
ed29b75ca3 loader: disk_open() should honor D_PARTNONE
The D_PARTNONE is documented to make it possible to open raw MBR
partition, but the current disk_open() does not really implement this
statement.

The current code is checking partition against -1 (D_PARTNONE) but does
attempt to open partition table in case we do have FreeBSD MBR partition type.
Instead, we should check -2 (D_PARTWILD).

In case we do have MBR + BSD label, this code is only working because
by default, the first BSD partiton is created starting with relative sector
0, and we can still access the BSD table from that MBR slice.

Reviewed by:	imp
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D20501
2019-06-06 16:27:05 +00:00
Warner Losh
175e3aa56e Don't make the efifat thing if NOFAT is defined. 2019-06-06 03:07:10 +00:00
Warner Losh
de357a736d Eliminate unused uuid parameters from gptread and gptread_table. We
only need it for the gptfind() function, where it's used.
2019-06-05 02:34:58 +00:00
Warner Losh
92fb04661f ufs_module.c can't currently be compiled with -Wcast-align, but the
code is safe enough. Turn off the warning for now until I can find the
right construct to silence it in the code.
2019-06-05 00:08:30 +00:00
Warner Losh
cf461fdb1d Don't shadow a global zfsmount variable. 2019-06-05 00:04:21 +00:00
Warner Losh
b5f3ad3ad1 Use newly minted efi_devpath_same_disk() instead of
efi_devpath_match(). This fixes a regression in r347193.

Reported by: Tomoaki AOKI
Differential Revision: https://reviews.freebsd.org/D20513
2019-06-04 18:36:12 +00:00
Warner Losh
83ffeb8b52 Introduce efi_devpath_same_disk
This is like efi_devpath_match, but allows differing device media
paths. Those just specify the partition information.

Differential Revision: https://reviews.freebsd.org/D20513
2019-06-04 18:36:07 +00:00
Warner Losh
63acab6a5b [zfsboot] Fix boot env back compat (#190)
* Fix boot env back compat

zfsboot must try zfsloader before loader in order to remain compatible
with boot environments created prior to zfs functionality being rolled
into loader proper.

* Improve comments in zfsboot

Explain the significance of the load path order, and put the comment
about looping through the paths in the appropriate scope.

Obtained From:  TrueNAS commit 4c60c62fcf0b6b6eac98ee8d46e7bbea64bc86f5
Submitted by: Ryan Moeller <ryan@freqlabs.com>
2019-06-03 19:10:46 +00:00
Rebecca Cran
ea13a93166 Fix comment parsing in interp_simple.c
loader.rc has comment lines without a trailing space, which get
interpreted as commands. Avoid this by only matching against the
backslash character.

Reviewed by:	imp, tsoome
Differential Revision:	https://reviews.freebsd.org/D20491
2019-06-01 19:47:15 +00:00