Commit Graph

132 Commits

Author SHA1 Message Date
ru
8735fdbd4c Enable GCC stack protection (aka Propolice) for userland:
- It is opt-out for now so as to give it maximum testing, but it may be
  turned opt-in for stable branches depending on the consensus.  You
  can turn it off with WITHOUT_SSP.
- WITHOUT_SSP was previously used to disable the build of GNU libssp.
  It is harmless to steal the knob as SSP symbols have been provided
  by libc for a long time, GNU libssp should not have been much used.
- SSP is disabled in a few corners such as system bootstrap programs
  (sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves.
- It should be safe to use -fstack-protector-all to build world, however
  libc will be automatically downgraded to -fstack-protector because it
  breaks rtld otherwise.
- This option is unavailable on ia64.

Enable GCC stack protection (aka Propolice) for kernel:
- It is opt-out for now so as to give it maximum testing.
- Do not compile your kernel with -fstack-protector-all, it won't work.

Submitted by:	Jeremie Le Hen <jeremie@le-hen.org>
2008-06-25 21:33:28 +00:00
marcel
9ef7e5e3af Major rework of the ia64 loaders. The two primary objectives are:
1. Make libefi portable by removing ia64 specific code and build
   it on i386 and amd64 by default to prevent regressions. These
   changes include fixes and improvements over previous code to
   establish or improve APIs where none existed or when the amount
   of kluging was unacceptably high.
2. Increase the amount of sharing between the efi and ski loaders
   to improve maintainability of the loaders and simplify making
   changes to the loader-kernel handshaking in the future.

The version of the efi and ski loaders are now both changed to 1.2
as user visible improvements and changes have been made.
2006-11-05 22:03:04 +00:00
marcel
5478f7099d Make this compile on EFI32. The EFI_PHYSICAL_ADDRESS type is always
64-bit, even when sizeof(void *) is 32-bit.
2006-11-03 04:19:31 +00:00
marcel
2904312753 Sync the EFI headers with version 1.10.14.62 of the Intel sample EFI
implementation. This re-introduces C99 style comments that previously
were replaced by original C comments.
2006-11-02 02:42:48 +00:00
marcel
dc91b1990a Extend struct devdesc with a unit field, called d_unit. Promote the
device (kind) specific unit field to the common field. This change
allows a future version of libefi to work without requiring anything
more than what is defined in struct devdesc and as such makes it
possible to compile said version of libefi for different platforms
without requiring that those platforms have identical derivatives
of struct devdesc.
2006-11-02 01:23:18 +00:00
jhb
6ecdc538b9 Remove more Alpha bits from the boot code including fixing several
stale comments.
2006-05-12 04:09:53 +00:00
ru
a3403464c0 Add loader(8) variables for RB_DFLTROOT, RB_MUTE, and RB_PAUSE:
"boot_dfltroot", "boot_mute", and "boot_pause" respectively.
2005-09-22 15:06:58 +00:00
stefanf
125089227d Don't try to use 'typedef struct foo' if just 'struct foo' makes more sense
and works on all compilers.  This also removes the need for
__CC_SUPPORTS_FORWARD_REFERENCE_CONSTRUCT in <sys/cdefs.h>.

OK'ed by:	marcel, dfr
2005-03-07 15:38:37 +00:00
stefanf
2066001e45 Fix typos in a comment. 2005-03-06 13:53:05 +00:00
joerg
c85a3e95f7 netchild's mega-patch to isolate compiler dependencies into a central
place.

This moves the dependency on GCC's and other compiler's features into
the central sys/cdefs.h file, while the individual source files can
then refer to #ifdef __COMPILER_FEATURE_FOO where they by now used to
refer to #if __GNUC__ > 3.1415 && __BARC__ <= 42.

By now, GCC and ICC (the Intel compiler) have been actively tested on
IA32 platforms by netchild.  Extension to other compilers is supposed
to be possible, of course.

Submitted by:	netchild
Reviewed by:	various developers on arch@, some time ago
2005-03-02 21:33:29 +00:00
imp
bd77e02714 Start each of the license/copyright comments with /*- 2005-01-05 22:16:58 +00:00
scottl
3b185ba05b Remove the last vestiges of the userconfig option. None of this actually
did anything, so this commit should be considered a NO-OP.
2004-12-01 04:59:33 +00:00
marcel
e1b8c62f9a o Introduce efimd_va2pa() to translate addresses in efi_copy{in|out}()
and efi_readin(). This removes MD code from copy.c.
o  Don't unconditionally add pal.S to SRCS. It's specific to ia64.
2004-11-28 00:30:22 +00:00
marcel
a73c9ef46a This file was repocopied to src/sys/boot/ia64/efi. 2004-11-23 18:55:24 +00:00
marcel
63baa64f51 Unhook the loader subdirectory. The ia64 EFI loader is now build
under ../ia64/efi.
2004-11-23 06:04:51 +00:00
marcel
480c409ecf Remove struct ia64_itir and use a plain old uint64_t instead. 2004-11-21 21:40:08 +00:00
ru
5db2b9d5b3 For variables that are only checked with defined(), don't provide
any fake value.
2004-10-24 15:33:08 +00:00
marcel
6834d51c5f Redefine a PTE as a 64-bit integral type instead of a struct of
bit-fields. Unify the PTE defines accordingly and update all
uses.
2004-09-23 18:37:36 +00:00
marcel
fdaf05cb90 Catch up with change to <machine/pte.h>. 2004-08-10 02:08:57 +00:00
marcel
e8e2b20db9 o Support the REL32LSB relocation. It's in the ELF file from which
we construct the EFI image. It doesn't seem to actually end up
   in the EFI image, AFAICT.
o  Replace .quad, .long and .short with data8, data4 and data2 resp.
   The former are gnuisms.
o  Redefine _start_plabel as a data16 with @iplt(_start) as its
   value. This is the preferred way to create user PLT entries.
2004-07-20 07:11:14 +00:00
marcel
8b3a02d853 Fix the creation of EFI images that got broken by the import of
binutils 2.15. The linker now creates a .rela.dyn section for
dynamic relocations, while our script created a .rela section.
Likewise, we copied the .rela section to the EFI image, but not
the .rela.dyn section. The fix is to rename .rela to .rela.dyn
in the linker script so that all relocations end up in the same
section again. This we copy into the EFI image.
2004-07-20 07:01:02 +00:00
imp
cbc58cf8a6 Remove advertising clause from University of California Regent's license,
per letter dated July 22, 1999.

Approved by: core
2004-04-05 23:41:29 +00:00
marcel
4c2f4222e3 Reset the text attributes when initializing the console. The EFI
loader typically doesn't do this so that we end up booting the
with whatever the EFI loader has set it to last.
2004-03-09 04:00:33 +00:00
marcel
275a1bc68b Don't create a mapfile during link. It's not needed for the build. 2004-02-13 04:45:41 +00:00
marcel
9ce72c836f o Don't build with -fpic. It's not needed and inconsistent with how
other constributions are compiled.
o  Remove powerpc specific additions to CFLAGS.
2004-02-13 04:43:41 +00:00
ru
29e2565062 Tidy up makefiles.
Tested by:	marcel
2004-02-12 08:10:34 +00:00
obrien
84dcced1d5 Convert to __FBSDID. 2004-01-04 23:30:47 +00:00
jhb
9935d1f62b Fix typo in comment. 2003-12-10 19:08:09 +00:00
marcel
108e5926e2 Don't hardcode unit 0 for the current device if we're loaded from an
EFI file system. When booting from a CD and there's already an EFI
system partition on the disk, setting the current device to unit 0
will select the harddisk. This invariably breaks installing FreeBSD
when other operating systems have been installed before.

We obviously want to do the same when we're booting over the network.
Maybe later.

Based on a patch (from memory) from: arun
2003-08-02 08:22:03 +00:00
marcel
492a0ca73b Have the linker script look more like the default linker script
on ia64. This fixes the breakage caused by the gcc upgrade that
resulted in a broken executable.
2003-07-17 00:32:08 +00:00
ru
074981f0b9 sys/ia64/ia64/pal.s has been repocopied to pal.S.
Approved by:	marcel
Repocopied by:	joe
2003-07-02 11:53:55 +00:00
peter
fb5fbfc750 Enable the i386 loader to load and run an amd64 kernel. If this puts
things over floppy size limits, I can exclude it for release builds or
something like that.  Most of the changes are to get the load_elf.c file
into a seperate elf32_ or elf64_ namespace so that you can have two
ELF loaders present at once.  Note that for 64 bit kernels, it actually
starts up the kernel already in 64 bit mode with paging enabled.  This
is really easy because we have a known minimum feature set.

Of note is that for amd64, we have to pass in the bios int 15 0xe821
memory map because once in long mode, you absolutely cannot make VM86
calls.  amd64 does not use 'struct bootinfo' at all.  It is a pure loader
metadata startup, just like sparc64 and powerpc.  Much of the
infrastructure to support this was adapted from sparc64.
2003-05-01 03:56:30 +00:00
obrien
96d4258af9 Use __FBSDID rather than rcsid[]. 2003-04-03 21:36:33 +00:00
marcel
b945595d09 Speed up debugging in the context of unexpected traps by printing
the address of the image base of the loader. Given cr.iip, we can
use the symbol table to figure out what function caused the trap.
2003-03-01 05:18:28 +00:00
marcel
b6d91ca893 Paranoia: Don't use the length of the option string alone to
determine whether we have command line options. We expect a
valid string pointer as well.
2003-03-01 05:13:59 +00:00
marcel
73e39b57bc Increase the block size for reading and writing from 8KB to 1MB and
introduce a preprocessor define for it. The larger block size
significantly speeds up the loading of the kernel.

Submitted by: Arun Sharma <arun.sharma@intel.com>
2003-02-26 09:13:05 +00:00
obrien
de20c1280d Consistently use NOFORTH to control the usage of ficl. 2003-02-26 06:18:52 +00:00
marcel
a46312efdc Simplify page alignment. 2003-02-20 06:47:54 +00:00
jake
081cb688ba Renamed the loader's zipfs to gzipfs. zipfs.c was repo-copied to gzipfs.c. 2002-12-19 19:34:59 +00:00
marcel
61e39e41d0 Add command `hcdp'. This command dumps the DIG64 HCDP table if one
exists.
2002-12-18 08:13:03 +00:00
marcel
9050c80f1d Pass the HCDP table address to the kernel. If no such table exists,
NULL is passed. The address of the HCDP table can be found by
iterating over the configuration tables in the EFI system table.
To avoid more duplication, a function can be called with the GUID
of interest. The function will do the scanning. Use the function
in all places where we iterate over the configuration tables in
an attempt to find a specific one.

Bump the loader version number as the result of this.

Approved by: re (blanket)
2002-12-10 20:11:20 +00:00
marcel
9ca0668125 The exit() function has been moved to libefi.c to better deal with
cleaning up after ourselves.

Approved by: re (blankoscheck)
German corrections: Alexander (both :-)
2002-12-10 06:27:32 +00:00
marcel
2b58aefd52 Change the startup code to fix a memory leak and to allow us to
accept load options (=command line options).

The call graph changes from *entry*->efi_main->efi_init, where
efi_main is the EFI equivalent of main to *entry*->efi_main->main,
where main is what you'd expect. efi_main now is what efi_init was.
The prototype of main follows that of C. The first argument is argc
and the second is argv. There is no third argument.
Allocation of heap pages is now handled by the EFI library and it
now deallocates the pages when main() returns or when exit() is
called. This allows us to safely return to the boot manager (or
EFI shell) without leaks. EFI applications are responsible to free
all memory themselves.

Handling of the load options is a bit tricky. There are either no
load options, load options in ASCII or load options in Unicode.
The EFI library will translate the ASCII options to Unicode options
as to simplify user code. Since the load options are passed as a
single string (if present) and main() accepts argc and argv, the
startup code also has to split the string into words and build the
argv vector. Here the trickiness starts. When the loader is started
from the EFI shell, argv[0] will automaticly load the program name.
In all other cases (ie through the boot manager), this is not the
case. Unfortunately, there's no trivial way to check. Hence, a
set of conditions is checked to determine if we need to fill in
argv[0] ourselves or not. This checking is not perfect. There are
known cases where it fails to do the right thing. The logic works
for most expected cases, though. This includes the case where no
options are given.

Approved by: re (blanket)
2002-12-10 06:22:25 +00:00
marcel
f4623ed867 o Make all GUID variables global to maximize reuse.
o  Recognize the HCDP configuration table.
o  Dump the GUID of tables we don't recognize.

Approved by: re (carte blanche)
2002-12-10 04:55:25 +00:00
marcel
2d2da6e200 Build EFI with -fshort-wchar so that L"some string" works with the
EFI has defined CHAR16.
2002-12-10 04:20:15 +00:00
marcel
68a001789e Remove _putchar, _puts and _puthex. These functions are unused.
Approved by: re (blanket)
2002-12-10 04:14:01 +00:00
marcel
5745230c62 Add the GUID of the DIG64 HCDP table. 2002-12-08 20:47:44 +00:00
marcel
b6c9fbe053 The boot manager sets the watchdog timer to 5 minutes before invoking
a boot option. When the timer expires the machine is rebooted.
Disable the watchdog timer for 2 reasons:
o  We're an interactive program. We cannot guarantee that we've
   booted the kernel in the time available to us. There have been
   situations where netbooting the right kernel took 2 tries and
   more time than given. Not to speak of the normal behaviour to
   have the loader sitting at the prompt while the user is off
   doing other things (such as figuring out what to type next ;-)
o  We may not boot a kernel at all. We may exit as the result of
   the user typing quit (assuming it took less than 5 minutes to
   type it :-). It is documented that loaders should have disabled
   the watchdog timer if they return to the boot manager. Not doing
   so would cause a reboot while in the boot manager. This appears
   to be harmless, besides of course the actual reboot.

Approved by: re (weisse karte)
2002-12-08 20:04:00 +00:00
marcel
cc1323fd66 In efi_cons_poll we check if a key is present (pending) by checking
the signaled state of the apropriate event. As a side-effect of
checking the event, it's signaled state is cleared if it was set.
In efi_cons_getchar we used to wait for the apropriate event to be
signaled before reading a character. This however does not work if
we poll before reading the characteri, such as during autoboot. On
a more compliant EFI implementation this resulted in the behaviour
that hitting a key during autoboot would stop the countdown, but
would then wait for a new character to arrive instead of reading
the already pending key that stopped the countdown.

The correct behaviour for efi_cons_getchar is to try to read a key
and if none is pending, to wait for the apropriate event to signal
the arrival of a new key.

Note that with the previous behaviour, the second key would determine
how the autoboot was interrupted. This would indicate that the first
key got lost. This indicates that EFI does not necessarily maintain
a queue of pending keys. FWIW...

Approved by: re (carte blanche)
French corrected by: various people :-)
2002-12-08 19:46:11 +00:00
marcel
99d4b2d8ed Remove a left-over virtual mapping of uncached I/O port space.
Previous kernels unwantingly depended on this mapping, but as
of version 1.123 of src/sys/ia64/ia64/machdep.c this dependency
has been removed. Consequently, one has to update the kernel
before updating the loader. The documented/recommended upgrade
will suffice in this case.

Due to a visible (from the kernels point of view) change in
behaviour, bump the loader version number from 0.3 to 1.0.

Approved by: re (carte blanc)
2002-11-28 03:25:51 +00:00