1. 50+% of NO_PIE use is fixed by adding -fPIC to INTERNALLIB and other
build-only utility libraries.
2. Another 40% is fixed by generating _pic.a variants of various libraries.
3. Some of the NO_PIE use is a bit absurd as it is disabling PIE (and ASLR)
where it never would work anyhow, such as csu or loader. This suggests
there may be better ways of adding support to the tree. Many of these
cases can be fixed such that -fPIE will work but there is really no
reason to have it in those cases.
4. Some of the uses are working around hacks done to some Makefiles that are
really building libraries but have been using bsd.prog.mk because the code
is cleaner. Had they been using bsd.lib.mk then NO_PIE would not have
been needed.
We likely do want to enable PIE by default (opt-out) for non-tree consumers
(such as ports). For in-tree though we probably want to only enable PIE
(opt-in) for common attack targets such as remote service daemons and setuid
utilities. This is also a great performance compromise since ASLR is expected
to reduce performance. As such it does not make sense to enable it in all
utilities such as ls(1) that have little benefit to having it enabled.
Reported by: kib
percentage of machines has a 16550. Disable it for pc98 since only a
tiny fraction of them have one. These changes save 293 bytes when
building with clang, but preserves the ability to build with serial if
you really want. We now have 92 bytes free (412 with the in-tree gcc).
This is currently an opt-in build flag. Once ASLR support is ready and stable
it should changed to opt-out and be enabled by default along with ASLR.
Each application Makefile uses opt-out to ensure that ASLR will be enabled by
default in new directories when the system is compiled with PIE/ASLR. [2]
Mark known build failures as NO_PIE for now.
The only known runtime failure was rtld.
[1] http://www.bsdcan.org/2014/schedule/events/452.en.html
Submitted by: Shawn Webb <lattera@gmail.com>
Discussed between: des@ and Shawn Webb [2]
thicket of .if ${COMPILER_TYPE} == "clang" that controls
warnings. Also, use CFLAGS.clang in a couple places in preference to
having a similar construct that's related to the CWARNFLAGS changes.
directly to the linker (LD_FLAGS) from flags passed indirectly, via the
compiler driver (LDFLAGS).
This is because several Makefiles under sys/boot/i386 and sys/boot/pc98
use ${LD} directly to link, and the normal LDFLAGS value should not be
used in these cases.
MFC after: 3 days
sio.S. This is not particularly needed for head right now, but it is
intended to merge to stable/9, to fix boot2 build with clang there.
Reviewed by: avg
MFC after: 3 days
a loader or kernel. Specifically, kname cannot be pointed at cmd[] since
it's value is change to be an empty string after the initial call to
parse, and cmd[]'s value can be changed (thus losing a prior setting for
kname) due to user input at the boot prompt. While here, ensure that that
initial boot config file text is nul-terminated, that ops is initialized
to zero, and that kname is always initialized to a valid string.
Tested by: Domagoj Smolcic rank1seeker of gmail
MFC after: 1 week
get rid of testing explicitly for clang (using ${CC:T:Mclang}) in
individual Makefiles.
Instead, use the following extra macros, for use with clang:
- NO_WERROR.clang (disables -Werror)
- NO_WCAST_ALIGN.clang (disables -Wcast-align)
- NO_WFORMAT.clang (disables -Wformat and friends)
- CLANG_NO_IAS (disables integrated assembler)
- CLANG_OPT_SMALL (adds flags for extra small size optimizations)
As a side effect, this enables setting CC/CXX/CPP in src.conf instead of
make.conf! For clang, use the following:
CC=clang
CXX=clang++
CPP=clang-cpp
MFC after: 2 weeks
CFLAGS having '-g' in it, clang outputs several assembly directives that
are too new for our version of binutils.
Therefore, assemble the resulting .s files with clang instead. A more
general solution can be implemented when a GNU as-compatible driver for
clang's integrated assembler appears.
Reported by: dougb
boot2 calls back into boot1 to perform disk reads. The ZFS MBR boot blocks
do not have the same space constraints, so remove this hack for ZFS.
While here, remove commented out code to support C/H/S addressing from
zfsldr. The ZFS and GPT bootstraps always just use EDD LBA addressing.
MFC after: 2 weeks
This modifies CFLAGS and tweaks sio.S to use the new calling convention.
The sio_init() and sio_putc() prototypes are modified so that other
users of this code know the correct calling convention.
This makes the code smaller when compiled with clang.
Reviewed by: jhb
Tested by: me and Freddie Cash <fjwcash gmail com>
o bunch of variables are turned into uint8_t
o initial setting of namep[] in lookup() is removed
as it's only overwritten a few lines down
o kname is explicitly initialized in main() as BSS
in boot2 is not zeroed
o the setting and reading of "fmt" in load() is removed
o buf in printf() is made static to save space
Reviewed by: jhb
Tested by: me and Fabian Keil <freebsd-listen fabiankeil de>
o It switches kname to be just a pointer instead of an array
thus avoiding a couple of memcpy()s.
o It changes ioctl to unsigned from uint8_t.
o It changes the second keyhit limit to 3 seconds from 5
so that constant propagation can take place.
o It changes the ticks overflow computation as suggested by bde@.
o It removes bi_basemem/bi_extmem/bi_memsizes_valid setting from
bootinfo as it is unused.
Reviewed by: jhb
on space for clang and a.out support is only needed for /boot/loader,
they are excess bytes that serve no useful purpose other than to
support really old kernels (FreeBSD < 3.2 or so). Prefer clang
support over support for these old kernels and remove this code. We
gain about 100 bytes of space this way.
Reviewed by: rdivacky@
little further. This gets us further on the way to be able to build it
successfully with clang. Using in-tree gcc, this shrinks boot2.bin with
60 bytes, the in-tree clang shaves off 72 bytes, and ToT clang 84 bytes.
Submitted by: rdivacky
Reviewed by: imp
This is the same change that was made in rev 1.33 of boot/i386/btx/btx/btx.S
PR: i386/91871
Submitted by: Bjorn Konig <bkoenig at cs.tu-berlin.de>
MFC after: 1 week
and sys/boot/pc98/boot2, do not simply assign 'gcc' to CC, since compile
flags are sometimes passed via this variable, for example during the
build32 stage on amd64. This caused the 32-bit libobjc build on amd64
to fail.
Instead, only replace the first instance of clang (if any, including
optional path) with gcc, and leave the arguments alone.
Approved-by: rpaulo (mentor)
gnu/lib/libobjc and sys/boot/i386/boot2, so it also works when using
absolute paths and/or options, as in CC="/absolute/path/clang -foo".
Approved by: rpaulo (mentor)
problems compiling it, but it just gets too big at the moment, even
with -Os. This is not applicable to gptboot, though.
Submitted by: Dimitry Andric <dimitry at andric.com>
the disklabel in the 2nd sector for boot code. Even with both UFS1
and UFS2 supported, there's enough bytes left that we don't have to
nibble from the disklabel.
Thus, the entire 2nd sector is now reserved for the disklabel, which
makes the bootcode compatible again with disklabels that have more
than 8 partitions -- such as those created and supported by gpart.
i386: 135 bytes available
amd64: 151 bytes available
Ok'd by: jhb
set the %eflags used during a BIOS call via BTX to 0x202. Previously
the flags field was uninitialized garbage, and thus it was "random" if
interrupts were enabled or not during BIOS calls.
- Use constants from <machine/psl.h> for fields in %eflags.
MFC after: 3 days
weren't displayed on the new console. However, the config string has been
altered as part of being parsed so we only display the first option. Fix
this by saving a copy of /boot.config before parsing it and displaying the
saved copy after parsing.
MFC after: 1 week
PR: i386/103972
Submitted by: Alexandre Belloni alexandre.belloni of netasq.com
defined. This lets each boot program choose which version of cgbase() it
wants to use rather than forcing ufsread.c to have that knowledge.
MFC after: 1 week
Discussed with: imp
macros to treat the 'slice' field as a real part of the bootdev instead
of as hack that spans two other fields (adaptor (sic) and controller)
that are not used in any modern FreeBSD boot code.
MFC after: 1 week
to get the physical address doesn't work for all values of KVA_PAGES,
while masking 8 MSBs works for all values of KVA_PAGES that are
multiple of 4 for non-PAE and 8 for PAE. (This leaves us limited
with 12MB for non-PAE kernels and 14MB for PAE kernels.)
To get things right, we'd need to subtract the KERNBASE from the
virtual address (but KERNBASE is not easy to figure out from here),
or have physical addresses set properly in the ELF headers.
Discussed with: jhb
are no longer limited to a virtual address space of 16 megabytes,
only mask high two bits of a virtual address. This allows to load
larger kernels (up to 1 gigabyte). Not masking addresses at all
was a bad idea on machines with less than >3G of memory -- kernels
are linked at 0xc0xxxxxx, and that would attempt to load a kernel
at above 3G. By masking only two highest bits we stay within the
safe limits while still allowing to boot larger kernels.
(This is a safer reimplmentation of sys/boot/i386/boot2/boot.2.c
rev. 1.71.)
Prodded by: jhb
Tested by: nyan (pc98)
