Commit Graph

211 Commits

Author SHA1 Message Date
Warner Losh
a64f0b83e5 Move smbios.c to libsa.
smbios used to be an i386 only kinda weird quirk to the x86
architecture. But UEFI picked it up, dusted it off and now it's many
other locations. Make it base technology by moving it to libsa and
fixing up the compliation. The code has issues with unaligned access
still, but that will be addressed in a followup commit.

Differential Revision: https://reviews.freebsd.org/D23660
2020-02-20 00:46:22 +00:00
Warner Losh
ed2a65769a Create ptov() function.
Create a ptov() function. It's basically the same as the btx PTOV
macro, but works everywhere. smbios needs this to translate addresses,
but the translation differs between BIOS booting and EFI booting. Make
it a function so one smbios.o can be used everywhere. Provide
definitions for it in the two loaders affected.

Differential Revision: https://reviews.freebsd.org/D23660
2020-02-20 00:46:16 +00:00
Toomas Soome
380977d557 followup on r357497: clean obsolete comment and use shift instead of multiplication
Based on illumos review feedback: leftover comment, but also
have consistent block size calculation and add missing else leg to if
statement.
2020-02-05 13:08:24 +00:00
Toomas Soome
4d297e7035 loader: rewrite zfs reader zap code to use malloc
First step on removing zfs_alloc.

Reviewed by:	delphij
Differential Revision:	https://reviews.freebsd.org/D23433
2020-02-04 07:37:55 +00:00
Warner Losh
eb24e1491f Remove sparc64 support from the boot loader.
Remove all the sparc64 specific bits, both files and ifdefs.
2020-02-03 17:34:57 +00:00
Toomas Soome
653c3383c7 loader: update zfsimpl.c from illumos review suggestions
Add extra comments and update error handling.

MFH:		1 week
2020-01-06 19:35:22 +00:00
Dimitry Andric
0b57cec536 Move all sources from the llvm project into contrib/llvm-project.
This uses the new layout of the upstream repository, which was recently
migrated to GitHub, and converted into a "monorepo".  That is, most of
the earlier separate sub-projects with their own branches and tags were
consolidated into one top-level directory, and are now branched and
tagged together.

Updating the vendor area to match this layout is next.
2019-12-20 19:53:05 +00:00
Toomas Soome
3c2db0ef43 loader: rewrite zfs vdev initialization
In some cases the pool discovery will get stuck in infinite loop while setting
up the vdev children.

To fix, we split the vdev setup into two parts, first we create vdevs based on
configuration we do get from pool label, then, we process pool config from MOS
and update the pool config if needed.

Testing done: confirm previously hung loader is not hung any more.

MFC after:	1 week
2019-12-15 21:52:40 +00:00
Toomas Soome
2e6bb6553b loader: zfsimpl.c cstyle cleanup
No functional changes intended.

MFC after:	1 week
2019-12-15 14:09:49 +00:00
Andriy Gapon
c527e92004 zfs boot: fix a crash in a rarely taken path in fzap_lookup
Instead of passing NULL to fzap_name_equal and crashing, just return
ENOENT.  This happened when higher bits of a hash of the searched key
(its hash prefix) matched a hash prefix of some key in the ZAP, but the
full hash value of the searched key did not match any key in the ZAP.

I observerved this problem when loader tried to look up
"features_for_read" in a particular old pool that predates pool
features.

MFC after:	2 weeks
Sponsored by:	Panzura
2019-12-13 22:04:13 +00:00
Toomas Soome
8ac66965f5 loader: cd9660_open() warn: is 'buf' large enough for 'struct iso_primary_descriptor'?
We do allocate amount of memory (void * or char *), and then assign this
buffer to struct iso_primary_descriptor *vd. Make sure we do
allocate enough bytes.

In fact we do allocate enough, but it is good idea to make sure this really
is so.

MFC after:	1 week
2019-12-13 12:36:16 +00:00
Warner Losh
f86e60008b Regularize my copyright notice
o Remove All Rights Reserved from my notices
o imp@FreeBSD.org everywhere
o regularize punctiation, eliminate date ranges
o Make sure that it's clear that I don't claim All Rights reserved by listing
  All Rights Reserved on same line as other copyright holders (but not
  me). Other such holders are also listed last where it's clear.
2019-12-04 16:56:11 +00:00
Andriy Gapon
489912da7b MFV r354382,r354385: 10601 10757 Pool allocation classes
illumos/illumos-gate@663207adb1
663207adb1

10601 Pool allocation classes
https://www.illumos.org/issues/10601
  illumos port of ZoL Pool allocation classes. Includes at least these two
  commits:
  441709695 Pool allocation classes misplacing small file blocks
  cc99f275a Pool allocation classes

10757 Add -gLp to zpool subcommands for alt vdev names
https://www.illumos.org/issues/10757
  Port from ZoL of
  d2f3e292d Add -gLp to zpool subcommands for alt vdev names
  Note that a subsequent ZoL commit changed -p to -P
  a77f29f93 Change full path subcommand flag from -p to -P

Portions contributed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Portions contributed by: Håkan Johansson <f96hajo@chalmers.se>
Portions contributed by: Richard Yao <ryao@gentoo.org>
Portions contributed by: Chunwei Chen <david.chen@nutanix.com>
Portions contributed by: loli10K <ezomori.nozomu@gmail.com>
Author: Don Brady <don.brady@delphix.com>

11541 allocation_classes feature must be enabled to add log device

illumos/illumos-gate@c1064fd7ce
c1064fd7ce

https://www.illumos.org/issues/11541
  After the allocation_classes feature was integrated, one can no longer add a
  log device to a pool unless that feature is enabled. There is an explicit check
  for this, but it is unnecessary in the case of log devices, so we should handle
  this better instead of forcing the feature to be enabled.

Author: Jerry Jelinek <jerry.jelinek@joyent.com>

FreeBSD notes.
I faithfully added the new -g, -L, -P flags, but only -g does something:
vdev GUIDs are displayed instead of device names.  -L, resolve symlinks,
and -P, display full disk paths, do nothing at the moment.
The use of special vdevs is backward compatible for read-only access, so
root pools should be bootable, but exercise caution.

MFC after:	4 weeks
2019-11-21 08:20:05 +00:00
Ravi Pokala
7951fbc23d Logging improvements to loader::nfs
Include the server IP address when logging nfs_open(), add a few missing
"\n"s, and correct a typo.

Reviewed by:	kevans
MFC after:	2 weeks
Sponsored by:	Panasas
Differential Revision:	https://reviews.freebsd.org/D22346
2019-11-13 03:56:51 +00:00
Toomas Soome
c082b391b0 reverting r354594
In our case the structure is more complex and simple static initializer
will upset compiler diagnostics - using memset is still better than building
more complext initializer.
2019-11-12 10:02:39 +00:00
Toomas Soome
e5d9d07948 loader: use struct initializer in vdev_probe().
Hopefully it is a bit more clear this way.
2019-11-10 15:07:36 +00:00
Toomas Soome
3cac32d147 loader: memory leak in vdev_label_read_config()
We need to free the allocated buffer for label.
2019-11-10 15:03:59 +00:00
Toomas Soome
ae3f74e763 loader: clean up the noise around log device
We are ignoring log device but we also do want to have clean code.
2019-11-05 18:35:13 +00:00
Toomas Soome
9a3ea7594b loader: populate nvl with data even when label_txg is 0
We actually do not use that data, at least not now, but we want to
avoid possible surprises.
2019-11-05 18:07:30 +00:00
Toomas Soome
f331eb7d34 loader: allow booting from pool with log device
Apparently people are using log with boot pool, so we can not just
error out there. Still we will need to investigate how to handle
log properly.
2019-11-03 21:36:29 +00:00
Toomas Soome
79a4bf8975 loader: factor out label and uberblock load from vdev_probe, add MMP checks
Clean up the label read.
2019-11-03 21:19:52 +00:00
Toomas Soome
21da9f14f6 loader: zfs.c is missing malloc checks, fix it
malloc() can return NULL, we need to check the return value.
2019-11-03 14:36:16 +00:00
Toomas Soome
0c0a882c7a loader: we do not support booting from pool with log device
If pool has log device, stop there and tell about it.
2019-11-03 13:25:47 +00:00
Toomas Soome
f4ed004573 loader: should check malloc in zfs_dev_open
malloc can return NULL.
2019-11-03 13:03:47 +00:00
Toomas Soome
abca0bd501 loader: calculate physical vdev psize from asize
Since physical device asize is calculated from psize and the asize is stored
in pool label, we can use asize to set the value of psize, which is used to
calculate the location of the pool labels.

MFC after:	1 week
2019-11-03 11:09:06 +00:00
Toomas Soome
e499793e76 Remove duplicate lz4 implementations
Port illumos change: https://www.illumos.org/issues/11667

Move lz4.c out of zfs tree to opensolaris/common/lz4, adjust it to be
usable from kernel/stand/userland builds, so we can use just one single
source. Add lz4.h to declare lz4_compress() and lz4_decompress().

MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D22037
2019-11-02 12:28:04 +00:00
Toomas Soome
98e28b71b2 loader: asprinf does crash arm64 due to missing NULL pointer check
PCHAR macro needs to check if d is NULL.

MFC after:	3 days
2019-11-01 06:54:07 +00:00
Toomas Soome
4efce32a51 loader: rs_alloc() may return NULL
rs_alloc() in zfs reader code may return NULL, so we need to check the return value and error out if needed.
MFC after:	1 week
2019-10-26 18:29:02 +00:00
Simon J. Gerraty
e9b148a318 Add support for hypervisor check on x86
Add ficl words for isvirtualized
and move ficl inb and outb words to ficl/x86/sysdep.c
so can be shared by i386 and amd64

Reviewed by:	imp bdrewery
MFC after:	1 week
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org/D22069
2019-10-24 20:02:48 +00:00
Toomas Soome
6b74887f03 loader: zfs_fmtdev can crash when pool discovery did fail and we have no spa
When zfs probe did fail and no spa was created, but zfs_fmtdev() is called,
we will crash while dereferencing spa (NULL pointer dereference).

MFC after:	1 week
2019-10-19 08:08:06 +00:00
Toomas Soome
23883413d4 loader: fix typo in zalloc. 2019-09-20 05:22:34 +00:00
Toomas Soome
d6b090d1d4 loader: revert r352421
As insisted by kib, malloc(0) is quite legal.
2019-09-17 16:16:46 +00:00
Toomas Soome
11db1a1654 loader: add memalign() to libsa
Implement memalign(size_t alignment, size_t size) to allocate aligned memory.
2019-09-17 13:15:27 +00:00
Toomas Soome
62ea4c11d5 loader: stand.h should define reallocf as Reallocf
Use the same approach as other zalloc functions.
2019-09-17 13:07:02 +00:00
Toomas Soome
e57c0c2afb loader: cstyle cleanup libsa zalloc sources
Clean up libstand zalloc* sources. Note that it is not 100% whitespace cleanup.
I also reduced block in znalloc and zfree as those were obvious simplifications
and did help to save one level of indent.
2019-09-17 11:35:53 +00:00
Toomas Soome
144c4ca039 loader: factor out guard location setup from Realloc
To simplify and make it easier to read, use ga_Bytes field from guard
structure.
2019-09-17 09:47:35 +00:00
Toomas Soome
41e2c61669 loader: Malloc(0) should return NULL.
We really should not allocate anything with size 0.
2019-09-16 20:28:08 +00:00
Kyle Evans
da8147c3c5 libsa: mips: fix typo that had slipped into the diff on local machine
MFC after:	1 week
X-MFC-With:	r351408
2019-08-22 21:49:13 +00:00
Kyle Evans
428925b5f2 libsa: mips: use _JB_* from machine/asm.h, remove regnum dep
This brings the libsa/mips _setjmp implementation closer to parity with the
libc version.

Reviewed by:	imp, jhb
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D21330
2019-08-22 21:42:11 +00:00
Kyle Evans
80746f9f83 stand: gptboot: fix build with xtoolchain-llvm90
ufsread.c grows a dependency on __ashldi3 with llvm90. For gptboot, just
start pulling in ashldi3.c ashrdi3.c lshrdi3.c into libsa for all archs as
the number of archs requiring one or more of them keeps growing. qdivrem.c
and quad.h can be trivially kicked out of libsa if we start pulling these
from compiler-rt as qdivrem was only used to implement umoddi3, divdi3,
moddi3 (also in qdivrem.c).

Reviewed by:	imp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D21291
2019-08-16 20:09:20 +00:00
Kyle Evans
80335781ad stand: push LIBC_SRC up into defs.mk
Other parts of stand/ that don't use libsa will need to grab bits from libc
shortly. Push LIBC_SRC up to defs.mk in advance of this so that they can use
it, and rename it to LIBCSRC to match the convention of the rest of the *SRC
variables in this file.

Reviewed by:	imp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D21282
2019-08-16 13:22:57 +00:00
Kyle Evans
a78c1027d7 Revert r351078, r351085: stand/quad.h eviction
It did not go well; further examination is required...
2019-08-15 17:15:32 +00:00
Kyle Evans
7ddaee2559 stand: kick out quad.h
Use quad.h from libc instead for the time being. This reduces the number of
nearly-identical-quad.h we have in tree to two with only minor changes.

Prototypes for some *sh*di3 have been added to match the copy in libkern.
The differences between the two are likely few enough that they can perhaps
be merged with little additional effort to bring us down to 1.

MFC after:	3 days
2019-08-15 15:47:48 +00:00
Toomas Soome
6e5555adb1 loader: add error check for vdev_indirect calls
We can error out due to memory allocation errors, we can not recover from
those and need to get out.
2019-08-09 19:09:05 +00:00
Toomas Soome
b1b9326846 loader: support com.delphix:removing
We should support removing vdev from boot pool. Update loader zfs reader
to support com.delphix:removing.

Reviewed by:	allanjude
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D18901
2019-08-08 18:08:13 +00:00
Justin Hibbits
1ea717577f Allow efi loader to get network params from uboot
Summary:
efi loader does not work with static network parameters. It always uses
BOOTP/DHCP and also uses RARP as a fallback.  Problems with DHCP servers can
cause the loader to fail to populate network parameters.

Submitted by:	Siddharth Tuli <siddharthtuli_gmail.com>
Reviewed by:	imp
Sponsored by:	Juniper Networks, Inc.
Differential Revision:	https://reviews.freebsd.org/D20811
2019-07-12 00:54:20 +00:00
Warner Losh
f5a95d9a07 Remove NAND and NANDFS support
NANDFS has been broken for years. Remove it. The NAND drivers that
remain are for ancient parts that are no longer relevant. They are
polled, have terrible performance and just for ancient arm
hardware. NAND parts have evolved significantly from this early work
and little to none of it would be relevant should someone need to
update to support raw nand. This code has been off by default for
years and has violated the vnode protocol leading to panics since it
was committed.

Numerous posts to arch@ and other locations have found no actual users
for this software.

Relnotes:	Yes
No Objection From: arch@
Differential Revision: https://reviews.freebsd.org/D20745
2019-06-25 04:50:09 +00:00
Rebecca Cran
da4961c796 loader: add HTTP support using UEFI
Add support for an HTTP "network filesystem" using the UEFI's HTTP
stack.

This also supports HTTPS, but TianoCore EDK2 implementations currently
crash while fetching loader files.
Only IPv4 is supported at the moment. IPv6 support is planned for a
follow-up changeset.

Note that we include some headers from the TianoCore EDK II project in
stand/efi/include/Protocol verbatim, including links to the license instead
of including the full text because that's their preferred way of
communicating it, despite not being normal FreeBSD project practice.

Submitted by:	scottph
Reviewed by:	imp, bcran
Differential Revision:	https://reviews.freebsd.org/D20643
2019-06-24 23:18:42 +00:00
Matt Macy
6459a61ea7 Tell loader to ignore newer features enabled on the root pool.
There are many new features in ZoF. Most, if not all, do not effect read only usage.
Encryption in particular is enabled at the pool level but used at the dataset level.
The loader obviously will not be able to boot if the boot dataset is encrypted, but
should not care if some other dataset in the root pool is encrypted.

Reviewed by:	allanjude
MFC after:	1 week
2019-06-19 21:10:13 +00:00
Xin LI
f89d207279 Separate kernel crc32() implementation to its own header (gsb_crc32.h) and
rename the source to gsb_crc32.c.

This is a prerequisite of unifying kernel zlib instances.

PR:		229763
Submitted by:	Yoshihiro Ota <ota at j.email.ne.jp>
Differential Revision:	https://reviews.freebsd.org/D20193
2019-06-17 19:49:08 +00:00
Warner Losh
de357a736d Eliminate unused uuid parameters from gptread and gptread_table. We
only need it for the gptfind() function, where it's used.
2019-06-05 02:34:58 +00:00
Kyle Evans
9892cc9ad4 stand: zfs: Free bouncebuf on error path in vdev_read
r344226 inadvertently added this path in which we return from failure on an
lseek and do not free bouncebuf on the way out.

MFC after:	3 days
2019-05-31 17:44:22 +00:00
Xin LI
12d62cc2d7 Unexpand be32dec().
MFC after:	2 weeks
2019-05-30 02:23:57 +00:00
Toomas Soome
93a2d4c92f loader: malloc+memset is calloc in spa_create
Replace malloc + memset pair with calloc.
2019-05-29 07:33:51 +00:00
Toomas Soome
51e5c6b89e loader: zfs_alloc and zfs_free should use panic
The zfs alloc and free code print out the error and get stuck in infinite loop; use panic() instead.
2019-05-29 07:24:10 +00:00
Simon J. Gerraty
2ef9ff7dd3 ficl pfopen: verify file
If the file is verified - do not allow write
otherwise do not allow read.

Add O_ACCMODE to stand.h

Reviewed by:	stevek, mindal_semihalf.com
MFC after:	3 days
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org/D20387
2019-05-24 19:43:38 +00:00
Xin LI
c9083b850a Move contrib/zlib to sys/contrib/zlib so that we can use it in kernel.
This is a prerequisite of unifying kernel zlib instances.

Submitted by:	Yoshihiro Ota <ota at j.email.ne.jp>
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D20191
2019-05-08 08:43:15 +00:00
Ian Lepore
14243f8de7 Distinguish between "no partition" and "choose best partition" with a constant.
The values of the d_slice and d_partition fields of a disk_devdesc have a
few values with special meanings in the disk_open() routine. Through various
evolutions of the loader code over time, a d_partition value of -1 has
meant both "use the first ufs partition found in the bsd label" and "don't
open a bsd partition at all, open the raw slice."

This defines a new special value of -2 to mean open the raw slice, and it
gives symbolic names to all the special values used in d_slice and
d_partition, and adjusts all existing uses of those fields to use the new
constants.

The phab review for this timed out without being accepted, but I'm still
citing it below because there is useful commentary there.

Differential Revision:	https://reviews.freebsd.org/D19262
2019-03-24 18:51:52 +00:00
Simon J. Gerraty
8df8b2d3e5 Enable veriexec for loader
This relies on libbearssl and libsecureboot
to verify files read by loader in a maner equivalent
to how mac_veriexec

Note: disabled by default.
Use is initially expected to be by embeded vendors

Reviewed by:	emaste, imp
Sponsored by:	Juniper Networks
Differential Revision:	D16336
2019-02-26 06:22:10 +00:00
Toomas Soome
6cea60aef5 loader: really fix cd9660 dirmatch
The cd9660_open() does pass whole path to dirmatch() and we need to
compare only the current path component, not full path.

Additinally, skip over duplicate / (if any) and check if the last component
in the path was meant to be directory (having trailing /). If it is in fact
a file, error out.
2019-02-20 21:07:09 +00:00
Toomas Soome
61250f78c4 cd9660: dirmatch fails to unmatch when name is prefix for directory record
Loader does fail to properly match the file name in directory record and
does open file based on prefix match.

For fix, we check the name lengths first.

Reviewed by:	allanjude
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D19213
2019-02-18 08:26:18 +00:00
Patrick Kelsey
a070559721 It turns out r344226 narrowed the overrun bug but did not eliminate it entirely
This commit fixes a remaining output buffer overrun in the
single-sector case when there is a non-zero tail.

Reviewed by:	allanjude, tsoome
MFC after:	3 months
MFC with:	r344226
Differential Revision:	https://reviews.freebsd.org/D19220
2019-02-17 17:47:08 +00:00
Patrick Kelsey
07362361e0 Fix memory corruption bug introduced in r325310
The bug occurred when a bounce buffer was used and the requested read
size was greater than the size of the bounce buffer.  This commit also
rewrites the read logic so that it is easier to systematically verify
all alignment and size cases.

Reviewed by:	allanjude, tsoome
MFC after:	3 months
Differential Revision:	https://reviews.freebsd.org/D19140
2019-02-17 03:35:15 +00:00
Warner Losh
52467047aa Regularize the Netflix copyright
Use recent best practices for Copyright form at the top of
the license:
1. Remove all the All Rights Reserved clauses on our stuff. Where we
   piggybacked others, use a separate line to make things clear.
2. Use "Netflix, Inc." everywhere.
3. Use a single line for the copyright for grep friendliness.
4. Use date ranges in all places for our stuff.

Approved by: Netflix Legal (who gave me the form), adrian@ (pmc files)
2019-02-04 21:28:25 +00:00
Toomas Soome
5e84b57828 libsa: add asprintf()
asprintf() is a nice tool for string processing.

MFC after:	2 weeks
2019-01-17 22:00:02 +00:00
Toomas Soome
7c52f914db loader should ignore active multi_vdev_crash_dump feature on zpool
Since the loader zfs reader does not need to read the dump zvol, we can
just enable the feature.

illumos issue #9051 https://www.illumos.org/issues/9051

MFC after:	2 weeks
2019-01-17 21:52:41 +00:00
Matt Macy
fbeb31a26b MK_ZFS -> {MK_ZFS|MK_LOADER_ZFS}, this is so we can diable userland / kernel
ZFS but keep the boot-loaders when using ZoL port.

MFC after: 1 week
Reviewed by: rgrimes
Differential Revision: https://reviews.freebsd.org/D18739
2019-01-05 22:45:20 +00:00
Rebecca Cran
d5cee48f3e Wait a maximum of 300 seconds for network send/recv in libsa
The reason for this change is that currently, a send/recv
takes many hours to time out.
This is suboptimal in the bootloader because it means for example
that NFS will take hours to fail before allowing subsequent access
methods such as gzip to be tried.

Setting MAXWAIT to 300 seconds (5 minutes) still allows slow
connections of 1Mb to be used to download a 30MB kernel file.

Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D18544
2018-12-20 19:27:46 +00:00
Toomas Soome
4f22b40a32 loader: zfs reader should not probe partitionless disks (UEFI case)
With r342151 I did fix the BIOS version of zfs_probe_dev() from accessing
the whole disk, but the fix was not complete - we actually did not check
if the device name was really for whole disk. Since UEFI version
is only calling the zfs_probe_dev() with partitions and not with whole
disk, the UEFI loader was not able to find the zfs pools.

This update does correct the issue by calling archsw.arch_getdev() to
translate the device name back to dev_desc, and we have whole disk when both
partition and slice values are -1.

Reported by:	alvisen_gmail.com
Differential Revision:	https://reviews.freebsd.org/D18558
2018-12-17 07:43:29 +00:00
Toomas Soome
1309bed839 loader: zfs reader should not probe partitionless disks
First of all, normal setups can not boot such pools as the tools
do not support installing boot programs.

Secondly, for proper pool configuration detection, we need to checks all
four label copies on disk, 2 from front and 2 from the end of the disk,
but zfs label does not contain the size of the disk - so we depend on
firmware to report the correct disk size or use information from the
partition table.

Without partition table, we only can rely on firmware to report and support
disk IO properly.

There is a specific case: 8TB disks are reported by BIOS to have 4294967295
sectors (0x00000000ffffffff), the sectors reported by OS is 15628053168
(0x00000003a3812ab0), so the reported size is less than actual but is hitting
32-bit max. Unfortuantely the real limit must be even lower because probing
this disk in this system will wnd up with hung system.

UEFI boot of this system seems not to be affected.

Reviewed by:	imp
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D18558
2018-12-16 08:58:14 +00:00
Kirk McKusick
fb14e73cb4 Normally when an attempt is made to mount a UFS/FFS filesystem whose
superblock has a check-hash error, an error message noting the
superblock check-hash failure is printed and the mount fails. The
administrator then runs fsck to repair the filesystem and when
successful, the filesystem can once again be mounted.

This approach fails if the filesystem in question is a root filesystem
from which you are trying to boot. Here, the loader fails when trying
to access the filesystem to get the kernel to boot. So it is necessary
to allow the loader to ignore the superblock check-hash error and make
a best effort to read the kernel. The filesystem may be suffiently
corrupted that the read attempt fails, but there is no harm in trying
since the loader makes no attempt to write to the filesystem.

Once the kernel is loaded and starts to run, it attempts to mount its
root filesystem. Once again, failure means that it breaks to its prompt
to ask where to get its root filesystem. Unless you have an alternate
root filesystem, you are stuck.

Since the root filesystem is initially mounted read-only, it is
safe to make an attempt to mount the root filesystem with the failed
superblock check-hash. Thus, when asked to mount a root filesystem
with a failed superblock check-hash, the kernel prints a warning
message that the root filesystem superblock check-hash needs repair,
but notes that it is ignoring the error and proceeding. It does
mark the filesystem as needing an fsck which prevents it from being
enabled for writing until fsck has been run on it. The net effect
is that the reboot fails to single user, but at least at that point
the administrator has the tools at hand to fix the problem.

Reported by:    Rick Macklem (rmacklem@)
Discussed with: Warner Losh (imp@)
Sponsored by:   Netflix
2018-12-06 00:09:39 +00:00
Ian Lepore
df108aafe9 Eliminate duplicated code and struct member definitions in the handoff
of args data between gptboot/zfsboot and loader(8).

Despite what seems like a lot of changes here, there are no actual
changes in behavior, or in the data layout in the structures involved.
This is just eliminating identical code pasted into multiple locations.

In detail, the changes are...

- Move struct zfs_boot_args definition from libsa/zfs/libzfs.h to
  i386/common/bootargs.h because it is specific to x86 booting and the
  handoff between zfsboot and loader, and has no relation to the zfs
  library code in general.

- The geli_boot_args and zfs_boot_args structs both contain an identical
  set of member variables containing geli information.  Extract this out
  to a new geli_boot_data struct, and embed it in the arg-passing structs.

- Provide new routines geli_import_boot_data() and geli_export_boot_data()
  that can be shared between gptboot, zfsboot, and loader instead of
  pasting identical code into several different .c files.

- Remove some checks for a NULL pointer that can never be true because the
  pointer being tested was set using pointer math (kargs + 1) and that can
  never result in NULL in this code.
2018-12-03 03:58:30 +00:00
Maxim Sobolev
55d5c94943 The libstand's panic() appends its own '\n' to the message, so that users of the API
don't need to supply one.

MFC after:	2 weeks
2018-11-29 18:37:48 +00:00
Toomas Soome
3c3779dc20 libsa: cstyle cleanup tftp.c
No functinal changes intended.
2018-11-01 22:13:18 +00:00
Toomas Soome
c658866914 libsa: tftp should use calloc
instead of malloc() memset(), use calloc().
2018-11-01 13:29:55 +00:00
Toomas Soome
f442898fe7 libsa: tftp should not read past file end
When we have the file size via tsize option, use it to make sure we
will not attempt to read past file end.
2018-11-01 13:12:05 +00:00
Gleb Smirnoff
9319dded3d Remove unnecessary include from libstand. 2018-10-31 19:59:20 +00:00
Konstantin Belousov
ad6f5f9ab5 Fix stand/ build after r339671.
ffs_subr.c requires calculate_crc32c() from libkern.  Unfortunately we
cannot just add libkern/crc32.c to libstand because crc32.o is already
compiled from contrib/zlib/crc32.c. Use the include trick to rename
the source.

Note that libstand also provides crc32.c which seems to be unused.

Reviewed by:	imp
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D17677
2018-10-23 23:11:38 +00:00
Toomas Soome
bb489cd7ad libsa: re-send ACK for older data packets in tftp
In current tftp code we drop out-of-order packets; however, we should play
nice and re-send ACK for older data packets we are receiving. This will
hopefully stop server repeating those packets we already have received.
Note we do not answer duplicates from "previous" session (that is, session
with different port number), those will eventually time out.

Differential Revision:	https://reviews.freebsd.org/D17087
2018-10-23 13:38:39 +00:00
Toomas Soome
7e63e808d7 libsa: validate tftp_makereq() after we did reset the read
The name check referred in the comment is not the only possible error source,
we need to validate the result.

Reviewed by:	allanjude
Approved by:	re (kib)
Differential Revision:	https://reviews.freebsd.org/D17081
2018-09-09 06:30:15 +00:00
Toomas Soome
7ee96df3b3 libsa: memory leak in tftp_open()
tftpfile is allocated just above and needs to be freed.

Reviewed by:	imp
Approved by:	re (kib)
Differential Revision:	https://reviews.freebsd.org/D17058
2018-09-08 19:17:22 +00:00
Kyle Evans
63d8b6ea21 libsa: Add lshrdi3.c for powerpc* and mips 2018-08-19 14:48:32 +00:00
Warner Losh
bd7c104abf Add ashldi3 and ashrdi3 to mips.
Now that we're using -Os, mips needs these routines.
2018-08-16 19:39:02 +00:00
Toomas Soome
5257ddd31b libsa: zfs_probe() needs to set spa to NULL
Silence the warning about possibly uninitialized use of spa.
2018-08-15 21:38:06 +00:00
Kyle Evans
99a9cf5164 pkgfs_init: Initialize pkg
new_package may not set *pp if it errors out, leaving pkg uninitialized.

Reported by:	GCC
2018-08-15 21:13:10 +00:00
Kyle Evans
77a52e3f15 libsa: exit on EOF in ngets
It was possible in some rare circumstances for ngets to behave terribly with
bhyveload and some form of redirecting user input over a pipe.

PR:		198706
Submitted by:	Ivan Krivonos <int0dster@gmail.com>
MFC after:	1 week
2018-08-09 02:55:48 +00:00
Toomas Soome
6938805f41 libsa: gzipfs.c converts pointers to integer types with different sign
Signed versus unsigned char.
2018-08-07 10:53:51 +00:00
Toomas Soome
513f7db592 libsa: dos_checksum() should take unsigned chars
Fix pointers to integers with different sign issue.
2018-08-07 10:48:36 +00:00
Toomas Soome
17e2c2661b libsa: dereferencing type-punned pointer in cd9660
The warning is given by gcc build, but it is good to fix anyhow.
use bcopy instead of direct assignment.
2018-08-02 06:22:10 +00:00
Toomas Soome
8696ce6e29 libsa: assignment to char * from u_char *
Cast to char * instead of u_char *
2018-08-01 12:14:10 +00:00
Toomas Soome
d07ea92f55 libsa: bootp is using pointers with different sign
Just change bp_file to char and same for variable s.
2018-08-01 12:06:39 +00:00
Toomas Soome
eba1bc411b libsa: pointer differs in signedness
A small cleanup, fix the argument type and while there, replace (char *)0 with
NULL.
2018-08-01 11:40:52 +00:00
Warner Losh
47bec71dd0 Use if rather than case for a simple boolean. gcc thinks blks is
undefined sometimes with the case, but enc is always 0 or 1, so
and if / else is better anyway.
2018-07-13 18:19:33 +00:00
Ian Lepore
c1418270b2 Extend loader(8) geli support to all architectures and all disk-like devices.
This moves the bulk of the geli support from lib386/biosdisk.c into a new
geli/gelidev.c which implements a devsw-type device whose dv_strategy()
function handles geli decryption. Support for all arches comes from moving
the taste-and-attach code to the devopen() function in libsa.

After opening any DEVT_DISK device, devopen() calls the new function
geli_probe_and_attach(), which will "attach" the geli code to the open_file
struct by creating a geli_devdesc instance to replace the disk_devdesc
instance in the open_file. That routes all IO for the device through the
geli code.

A new public geli_add_key() function is added, to allow arch/vendor-specific
code to add keys obtained from custom hardware or other sources.

With these changes, geli support will be compiled into all variations of
loader(8) on all arches because the default is WITH_LOADER_GELI.

Relnotes:	yes
Sponsored by:	Microchip Technology Inc
Differential Revision:	https://reviews.freebsd.org/D15743
2018-07-13 17:50:25 +00:00
Warner Losh
25bc561e68 There's two files in the sys tree named inflate.c, in addition
to it being a common name elsewhere. Rename the old kzip one
to subr_inflate.c.

This actually fixes the build issues on sparc64 that my inclusion of
.PATH ${SYSDIR}/kern created in r336244, so also revert the broken
workaround I committed in r336249.

This slipped passed me because apparently, I never did a clean build.
2018-07-13 17:41:28 +00:00
Warner Losh
623810105e Fix sparc64 builds
gcc is complaining about struct infate being defined in a parameter
list. It's inclear how long this has been broken, but the fix is
simple enough.
2018-07-13 17:15:14 +00:00
Warner Losh
52379d36a9 Create helper functions for parsing boot args.
boot_parse_arg		to parse a single arg
boot_parse_cmdline	to parse a command line string
boot_parse_args		to parse all the args in a vector
boot_howto_to_env	Convert howto bits to env vars
boot_env_to_howto	Return howto mask mased on what's set in the environment.

All these routines return an int that's the bitmask of the args
translated to RB_* flags. As a special case, the 'S' flag sets the
comconsole_speed env var. Any arg that looks like a=b will set the env
key 'a' to value 'b'. If =b is omitted, 'a' is set to '1'.  This
should help us reduce the number of redundant copies of these routines
in the tree.  It should also give a more uniform experience between
platforms.

Also, invent a new flag RB_PROBE that's set when 'P' is parsed.  On
x86 + BIOS, this means 'probe for the keyboard, and if it's not there
set both RB_MULTIPLE and RB_SERIAL (which means show the output on
both video and serial consoles, but make serial primary).  Others it
may be some similar concept of probing, but it's loader dependent
what, exactly, it means.

These routines are suitable for /boot/loader and/or the kernel,
though they may not be suitable for the tightly hand-rolled-for-space
environments like boot2.

Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D16205
2018-07-13 16:43:05 +00:00
Warner Losh
b8902de147 Move ZFS files into libsa
Move the libzfs stuff into libsa. There's no need for it to be a
separate library. The separate library adds to the issues of build
ordering that we see from time to time. Move the filesystem support
into libsa, like all the other filesystem support rather than making
zfs the odd-duck out.

Discussed with: allanjude@
2018-07-08 07:42:49 +00:00
Warner Losh
52666d3675 Remove stray debugging line.
Noticed by: ian@
2018-06-18 19:53:11 +00:00
Warner Losh
62bd02cee5 stand: move libgeliboot into libsa.
Reduce by 1 the number of crazy libraries we need in stand by moving
geli into libsa (where architecturally it belonged all along). This
just moves things around without any code changes.
2018-06-18 16:24:42 +00:00