- It is opt-out for now so as to give it maximum testing, but it may be
turned opt-in for stable branches depending on the consensus. You
can turn it off with WITHOUT_SSP.
- WITHOUT_SSP was previously used to disable the build of GNU libssp.
It is harmless to steal the knob as SSP symbols have been provided
by libc for a long time, GNU libssp should not have been much used.
- SSP is disabled in a few corners such as system bootstrap programs
(sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves.
- It should be safe to use -fstack-protector-all to build world, however
libc will be automatically downgraded to -fstack-protector because it
breaks rtld otherwise.
- This option is unavailable on ia64.
Enable GCC stack protection (aka Propolice) for kernel:
- It is opt-out for now so as to give it maximum testing.
- Do not compile your kernel with -fstack-protector-all, it won't work.
Submitted by: Jeremie Le Hen <jeremie@le-hen.org>
libi386's time(), caused by a qemu bug. The bug might
be present in other BIOSes, too.
qemu either does not simulate the AT RTC correctly or
has a broken BIOS 1A/02 implementation, and will return
an incorrect value if the RTC is read while it is being
updated.
The effect is worsened by the fact that qemu's INT 15/86
function ("wait" a.k.a. usleep) is non-implmeneted or
broken and returns immediately, causing beastie.4th to
spin in a tight loop calling the "read RTC" function
millions of times, triggering the problem quickly.
Therefore, we keep reading the BIOS value until we get
the same result twice. This change fixes beastie.4th's
countdown under qemu.
Approved by: des (mentor)
entry in the SMAP is a 20 byte structure and they are queried from the
BIOS via sucessive BIOS calls. Due to an apparent bug in the R900's
BIOS, for some SMAP requests the BIOS overflows the 20 byte buffer
trashing a few bytes of memory immediately after the SMAP structure. As
a workaround, add 8 bytes of padding after the SMAP structure used in
the loader for SMAP queries.
PR: i386/122668
Submitted by: Mike Hibler mike flux.utah.edu, silby
MFC after: 3 days
routines (V86 requests from the client and hardware interrupt handlers):
- Install trampoline real mode interrupt handlers at IDT vectors 0x20-0x2f
to handle hardware interrupts by invoking the appropriate vector (0x8-0xf
or 0x70-0x78). This allows the 8259As to use vectors 0x20-0x2f in real
mode as well as protected mode will ensuring that the master 8259A
doesn't share IDT space with CPU exceptions in protected mode.
- Since we don't need to reserve space for page tables and a page directory
anymore since dropping paging support, move the TSS and protected mode
IDT up by 16k. Grow the ring 1 link stack by 16k as a result.
- Repurpose the ring 1 link stack to be used as a real mode stack when
invoking real mode routines either via a V86 request or a hardware
interrupts. This simplifies a few things as we avoid disturbing the
original user stack.
- Add some more block comments to explain how the code interacts with the
V86 structure as this wasn't immediately obvious from the prior comments
(e.g. that we explicitly copy the seg regs for real mode out of the V86
struct onto the stack to be popped off when going into real mode, etc.).
Also, document some of the stack frames we create going to real mode and
back.
- Remove all of the virtual 86 related code including having to simulate
various instructions and BIOS calls on a trap from virtual 86 mode.
- Explicitly panic if a user client attempts to perform a V86 CALL
request that isn't a far call.
- Bump version to 1.2.
Assuming this works ok this should fix some of the long standing issues
with USB booting as well as etherboot.
MFC after: 2 weeks
Submitted by: kib (some parts from his original real mode patch)
- Consolidate the code to humanize the size of a disk partition into a
single function based on the code for GPT partitions and use it for
GPT partitions, BSD slices, and BSD partitions.
- Teach the humanize code to use KB for small partitions (e.g. GPT boot
partitions now show up as 64KB rather than 0MB).
- Pad a few partition type names out so that things line up in the
common case.
MFC after: 1 week
weren't displayed on the new console. However, the config string has been
altered as part of being parsed so we only display the first option. Fix
this by saving a copy of /boot.config before parsing it and displaying the
saved copy after parsing.
MFC after: 1 week
PR: i386/103972
Submitted by: Alexandre Belloni alexandre.belloni of netasq.com
Enhanced Disk Drive Specification Ver 3.0 defines that the version
of extension in AH would be 30h.
Correct the check for that to be >=30h instead of >3h.
MFC after: 2 months
defined. This lets each boot program choose which version of cgbase() it
wants to use rather than forcing ufsread.c to have that knowledge.
MFC after: 1 week
Discussed with: imp
on i386 and amd64 machines. The overall process is that /boot/pmbr lives
in the PMBR (similar to /boot/mbr for MBR disks) and is responsible for
locating and loading /boot/gptboot. /boot/gptboot is similar to /boot/boot
except that it groks GPT rather than MBR + bsdlabel. Unlike /boot/boot,
/boot/gptboot lives in its own dedicated GPT partition with a new
"FreeBSD boot" type. This partition does not have a fixed size in that
/boot/pmbr will load the entire partition into the lower 640k. However,
it is limited in that it can only be 545k. That's still a lot better than
the current 7.5k limit for boot2 on MBR. gptboot mostly acts just like
boot2 in that it reads /boot.config and loads up /boot/loader. Some more
details:
- Include uuid_equal() and uuid_is_nil() in libstand.
- Add a new 'boot' command to gpt(8) which makes a GPT disk bootable using
/boot/pmbr and /boot/gptboot. Note that the disk must have some free
space for the boot partition.
- This required exposing the backend of the 'add' function as a
gpt_add_part() function to the rest of gpt(8). 'boot' uses this to
create a boot partition if needed.
- Don't cripple cgbase() in the UFS boot code for /boot/gptboot so that
it can handle a filesystem > 1.5 TB.
- /boot/gptboot has a simple loader (gptldr) that doesn't do any I/O
unlike boot1 since /boot/pmbr loads all of gptboot up front. The
C portion of gptboot (gptboot.c) has been repocopied from boot2.c.
The primary changes are to parse the GPT to find a root filesystem
and to use 64-bit disk addresses. Currently gptboot assumes that the
first UFS partition on the disk is the / filesystem, but this algorithm
will likely be improved in the future.
- Teach the biosdisk driver in /boot/loader to understand GPT tables.
GPT partitions are identified as 'disk0pX:' (e.g. disk0p2:) which is
similar to the /dev names the kernel uses (e.g. /dev/ad0p2).
- Add a new "freebsd-boot" alias to g_part() for the new boot UUID.
MFC after: 1 month
Discussed with: marcel (some things might still change, but am committing
what I have so far)
on duplicated code and support 64-bit LBAs for GPT.
- The code to manage an EDD or C/H/S I/O request are now in their own
routines. The EDD routine now handles a full 64-bit LBA instead of
truncating LBAs to the lower 32-bits. (MBRs and BSD labels only
have 32-bit LBAs anyway, so the only LBAs ever passed down were 32-bit).
- All of the bounce buffer and retry logic duplicated in bd_read() and
bd_write() are merged into a single bd_io() routine that takes an
extra direction argument. bd_read() and bd_write() are now simple
wrappers around bd_io().
- If a disk supports EDD then always use it rather than only using it if
the cylinder is > 1023. Other parts of the boot code already do
something similar to this. Also, GPT just uses LBAs, so for a GPT disk
it's probably best to ignore C/H/S completely. Always using EDD when
it is supported by a disk is an easy way to accomplish this.
MFC after: 1 week
macros to treat the 'slice' field as a real part of the bootdev instead
of as hack that spans two other fields (adaptor (sic) and controller)
that are not used in any modern FreeBSD boot code.
MFC after: 1 week
It is disabled by default. You need to put
LOADER_FIREWIRE_SUPPORT=yes in /etc/make.conf
and rebuild loader to enable it.
(cd /sys/boot/i386 && make clean && make && make install)
You can find a short introduction of dcons at
http://wiki.freebsd.org/DebugWithDcons
bioscom is called to set up serial port parameters because COMSPEED
was treated as an address instead of an immediate value, causing
serial port parameters to never be set.
PR: i386/110828
Reviewed by: jhb
MFC after: 2 weeks
I created and tested this with a custom FreeSBIE cd-image.
PR: i386/96452
Submitted by: Yuichiro Goto <y7goto at gmail dot com>
MFC after: 3 days
Approved by: imp (mentor)
rather than treating them as a fatal exception and halting. At least one
storage BIOS (some newer mpt(4) parts) have a breakpoint instruction in
their disk read routine.
MFC after: 3 days
to get the physical address doesn't work for all values of KVA_PAGES,
while masking 8 MSBs works for all values of KVA_PAGES that are
multiple of 4 for non-PAE and 8 for PAE. (This leaves us limited
with 12MB for non-PAE kernels and 14MB for PAE kernels.)
To get things right, we'd need to subtract the KERNBASE from the
virtual address (but KERNBASE is not easy to figure out from here),
or have physical addresses set properly in the ELF headers.
Discussed with: jhb
device (kind) specific unit field to the common field. This change
allows a future version of libefi to work without requiring anything
more than what is defined in struct devdesc and as such makes it
possible to compile said version of libefi for different platforms
without requiring that those platforms have identical derivatives
of struct devdesc.
are no longer limited to a virtual address space of 16 megabytes,
only mask high two bits of a virtual address. This allows to load
larger kernels (up to 1 gigabyte). Not masking addresses at all
was a bad idea on machines with less than >3G of memory -- kernels
are linked at 0xc0xxxxxx, and that would attempt to load a kernel
at above 3G. By masking only two highest bits we stay within the
safe limits while still allowing to boot larger kernels.
(This is a safer reimplmentation of sys/boot/i386/boot2/boot.2.c
rev. 1.71.)
Prodded by: jhb
Tested by: nyan (pc98)
commits. For some reason I thought the scale factor was a shift count
rather than the multiplicand (that is, I thought leal (%eax,%edx,4) was
going to generate %eax + %edx << 4 rather than %eax + %edx * 4). What
I need is to multiply by 16 to convert a real-mode (seg, offset) tuple
into a flat address. However, the max multiplicand for scaled/index
addressing on i386 is 8, so go back to using a shl and an add.
- Convert two more inter-register mov instructions where we don't need to
preserve the source register to xchg instructions to keep our space
savings.
Tested by: Ian FREISLICH if at hetzner.co.za
MFC after: 1 week
another 16 bytes off of BTX (and thus boot2):
- Compare against the value of %eax that is saved on the stack instead of
loading it into %eax (which requires saving the current %eax on the
stack).
- Use %ch to examine the keyboard flag state in the BIOS to see if
Ctrl-Alt-Del is pressed instead of %al so we don't have to save %eax on
the stack anymore.
MFC after: 1 week
BTX (and thus boot2):
- Don't bother saving %eax, %ebx, or %ecx as it is not necessary.
- Use a more compact sequence to load the base value out of a GDT entry
by loading the contiguous low 24 bits into the upper 24 bits of %eax,
loading the high 8 bits into %al, and using a ror to rotate the bits
(2 mov's and a ror) rather than loading the pieces in smaller chunks
(3 mov's and a shl).
- Use movzwl + leal instead of movl + movw + shll + addl.
- Use 'xchgl %eax,%foo' rather than 'movl %eax,%foo' for cases where
it's ok to trash %eax. xchgl %eax, foo is a 1-byte opcode whereas the
mov is a 2-byte opcode.
- Use movzwl rather than xorl + movw.
MFC after: 1 week
rather than just emulating mov cr0, eax. This fixes some Compaq/HP BIOS
with DMA (as the BIOS tried to read cr3 so it could translate addresses
if paging was enabled).
MFC after: 1 week
- Make the PROBE_KEYBOARD option better resemble the -P option in
boot2, i.e., if keyboard isn't present then boot with both
RB_SERIAL and RB_MULTIPLE set.
Reviewed by: jhb
