Commit Graph

24 Commits

Author SHA1 Message Date
sjg
ba2d36703f Enable veriexec for loader
This relies on libbearssl and libsecureboot
to verify files read by loader in a maner equivalent
to how mac_veriexec

Note: disabled by default.
Use is initially expected to be by embeded vendors

Reviewed by:	emaste, imp
Sponsored by:	Juniper Networks
Differential Revision:	D16336
2019-02-26 06:22:10 +00:00
mckusick
72a21ba0f6 Create new EINTEGRITY error with message "Integrity check failed".
An integrity check such as a check-hash or a cross-correlation failed.
The integrity error falls between EINVAL that identifies errors in
parameters to a system call and EIO that identifies errors with the
underlying storage media. EINTEGRITY is typically raised by intermediate
kernel layers such as a filesystem or an in-kernel GEOM subsystem when
they detect inconsistencies. Uses include allowing the mount(8) command
to return a different exit value to automate the running of fsck(8)
during a system boot.

These changes make no use of the new error, they just add it. Later
commits will be made for the use of the new error number and it will
be added to additional manual pages as appropriate.

Reviewed by:    gnn, dim, brueffer, imp
Discussed with: kib, cem, emaste, ed, jilles
Differential Revision: https://reviews.freebsd.org/D18765
2019-01-17 06:35:45 +00:00
imp
0465b9a350 Move LUA_ROOT to /boot/lua
While this is mostly unused today, this is a better place than
/usr/local/lua.
2018-10-28 02:57:50 +00:00
kevans
c49982f645 lualoader: Improve module loading diagnostics
Some fixes:

- Maintain historical behavior more accurately w.r.t verbose_loading;
  verbose_loading strictly prints "${module_name...}" and later "failed!"
  or "ok" based on load success
- With or without verbose_loading, dump command_errbuf on load failure.
  This usually happens prior to ok/failed if we're verbose_loading

Reviewed by:	imp
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D17694
2018-10-25 02:14:35 +00:00
kevans
48babfba2e MFV r337586: lua: Update to 5.3.5
Bugfix release, nothing too major.

Tested with:	lualoader via userboot, lualoader live
Differential Revision:	https://reviews.freebsd.org/D16665
2018-08-14 18:58:01 +00:00
imp
0c28afb46f For our INT64 implementation, we can compare integers and numbers
directly because they are the same thing.

Reviewed by: kevans@
2018-08-14 18:45:25 +00:00
imp
4056e4727b Use M. Warner Losh everywhere on my copyrights.
Remove 'All Rights Reserved' where I can.
2018-05-01 16:29:22 +00:00
kevans
65fc5d5c2e lualoader: Expose loader.parse and add cli_execute_unparsed
This will be used for scenarios where the command to execute is coming in
via the environment (from, for example, loader.conf(5)) and is thus not
necessarily trusted.

cli_execute_unparsed will immediately be used for handling
module_{before,after,error} as well as menu_timeout_command. We still want
to offer these variables the ability to execute Lua-intercepted loader
commands, but we don't want them to be able to execute arbitrary Lua.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D14580
2018-03-07 18:25:27 +00:00
kevans
59eb711faf liblua: Add loader.interpret
This allows lua to pass back a command string to be executed as if it were
typed at the loader prompt- loader tries to execute the string first as pure
lua, then parses it and gives lua a chance to intercept before it tries to
execute it itself.

This will be used to implement menu_timeout_command, among other things,
which *should* be used to execute basic loader commands independent of the
chosen interpreter.
2018-03-03 17:13:12 +00:00
kevans
473219b554 liblua: Use putc instead of printf for printc
printc does not need the features or the overhead of printf. It does not
take formatting strings, and it pipes the single string argument through an
"%s" format.

Instead, use putc directly. This pipes the string through in its entirety as
a series of 'unsigned char's, generally straight to the console emulator.

Discussed with:	tsoome
2018-03-02 16:31:23 +00:00
kevans
987a7e7836 lualoader: Register loader.printc as global printc 2018-03-02 15:46:22 +00:00
kevans
9ad97faf9e liblua: Implement write support
Write support (even if it only works on UFS) will be needed for nextboot
functionality.

Reviewed by:	cem, imp
Differential Revision:	https://reviews.freebsd.org/D14478
2018-02-24 02:57:24 +00:00
imp
0326683caf Centralize lua defines
We need to ensure that we defined Numbers as int64_t everywhere we
build for lua. Previously, we were compiling part of the code with
Numbers as int64_t and part as double. Move lua number definition to a
more-central location
2018-02-23 04:04:03 +00:00
kevans
19bba2cde9 lualoader: Remove nasty hack for not printing out ".0"
luaconf.h has a LUA_COMPAT_FLOATSTRING option that may be defined to do this
instead of needing intstring.

Reported by:	Dan Nelson
2018-02-21 21:39:47 +00:00
cem
59b8107947 loader.lua: Expose errno table to lua
Reviewed by:	kevans
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14454
2018-02-20 19:39:48 +00:00
kevans
9982f75418 liblua: Add loader.machine and loader.machine_arch properties
Provisioned from MACHINE/MACHINE_ARCH on the system, expose loader.machine
and loader.machine_arch respectively.

These may be used to hide ACPI option on non-applicable archs.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D14446
2018-02-20 18:24:20 +00:00
cem
0ff4ecf5bb Lua lfs.attributes: Provide a more consistent error return
In the remaining error case, return a 3-tuple consistent with the other
error return case.

Document how to invoke lfs.attributes() and detect/decode error return in
example comments.

Reviewed by:	kevans
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14451
2018-02-20 18:21:30 +00:00
imp
e0264d9ff8 Implement loader.command
This is just like loader.perform, except it takes pre-parsed arguments.

Review: https://reviews.freebsd.org/D14448
2018-02-20 17:28:59 +00:00
kevans
c981f03e78 liblua: Fix missing '}' in lutil.c after r329499 2018-02-18 01:31:18 +00:00
cem
063978146b Lua loader: Add barebones "lfs" module
Add a Lua FileSystem module, an emulation of a subset of the permissively
licensed (MIT) Lua library of the same name[0], to our loader's Lua
environment.

[0]: https://github.com/keplerproject/luafilesystem/

Reviewed by:	kevans
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14418
2018-02-18 01:15:25 +00:00
cem
c94a7f06aa interp_lua: Register io/loader with regular Lua module system
Reviewed by:	kevans
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14421
2018-02-18 01:13:58 +00:00
cem
0a4cda7bf6 liblua: Emulate DIR, opendir, fdopendir, closedir
In a similar fashion to FILE, provide thin shims for the standard directory
manipulation functions.

Reviewed by:	imp
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14417
2018-02-17 22:18:39 +00:00
cem
68bc0c038d liblua: Clean up io/loader C module registration
Utilize registration APIs Lua provides to make module definition a little
cleaner.

Discussed with:	imp
Sponsored by:	Dell EMC Isilon
2018-02-17 22:17:21 +00:00
imp
974e9d9ccc Add Lua as a scripting langauge to /boot/loader
liblua glues the lua run time into the boot loader. It implements all
the runtime routines that lua expects. In addition, it has a few
standard 'C' headers that nueter various aspects of the LUA build that
are too specific to lua to be in libsa. Many refinements from the
original code to improve implementation and the number of included lua
libraries. Use int64_t for lua_Number. Have "/boot/lua" be the default
module path. Numerous cleanups from the original GSoC project,
including hacking libsa to allow lua to be built with only one change
outside luaconf.h.

Add the final bit of lua glue to bring in liblua and plug into the
multiple interpreter framework, previously committed.

Add LOADER_LUA option, currently off by default.

Presently, this is an experimental option. One must opt-in to using
this by defining WITH_LOADER_LUA and WITHOUT_FORTH. It's been
lightly tested, so keep a backup copy of your old loader handy.
The menu code, coming in the next commit, hasn't been exhaustively
tested. A LUA boot loader is 60k larger than a FORTH one, which is
80k larger than a no-interpreter one. Subtle changes in size
may tip things past some subtle limit (the binary is ~430k now
when built with LUA). A future version may offer coexistance.

Bump FreeBSD version to 1200058 to mark the milestone.

Pedro Souza's 2014 Summer of Code project. Rui Paulo, Pedro Arthur,
Zakary Nafziger and Wojciech A. Koszek also contributed. Warner Losh
reworked it extensively into its current form.

Obtained from: https://wiki.freebsd.org/SummerOfCode2014/LuaLoader
Sponsored by: Google Summer of Code
Relnotes: Yes
MFC After: 1 month
Differential Review: https://reviews.freebsd.org/D14295
2018-02-12 15:31:53 +00:00