freebsd-skq/stand/defs.mk
ian ee0f4764cc Extend loader(8) geli support to all architectures and all disk-like devices.
This moves the bulk of the geli support from lib386/biosdisk.c into a new
geli/gelidev.c which implements a devsw-type device whose dv_strategy()
function handles geli decryption. Support for all arches comes from moving
the taste-and-attach code to the devopen() function in libsa.

After opening any DEVT_DISK device, devopen() calls the new function
geli_probe_and_attach(), which will "attach" the geli code to the open_file
struct by creating a geli_devdesc instance to replace the disk_devdesc
instance in the open_file. That routes all IO for the device through the
geli code.

A new public geli_add_key() function is added, to allow arch/vendor-specific
code to add keys obtained from custom hardware or other sources.

With these changes, geli support will be compiled into all variations of
loader(8) on all arches because the default is WITH_LOADER_GELI.

Relnotes:	yes
Sponsored by:	Microchip Technology Inc
Differential Revision:	https://reviews.freebsd.org/D15743
2018-07-13 17:50:25 +00:00

193 lines
4.9 KiB
Makefile

# $FreeBSD$
.include <src.opts.mk>
WARNS?=1
.if !defined(__BOOT_DEFS_MK__)
__BOOT_DEFS_MK__=${MFILE}
MK_CTF= no
MK_SSP= no
MK_PROFILE= no
MAN=
.if !defined(PIC)
NO_PIC=
INTERNALLIB=
.endif
BOOTSRC= ${SRCTOP}/stand
EFISRC= ${BOOTSRC}/efi
EFIINC= ${EFISRC}/include
EFIINCMD= ${EFIINC}/${MACHINE}
FDTSRC= ${BOOTSRC}/fdt
FICLSRC= ${BOOTSRC}/ficl
LDRSRC= ${BOOTSRC}/common
LIBLUASRC= ${BOOTSRC}/liblua
LUASRC= ${SRCTOP}/contrib/lua/src
SASRC= ${BOOTSRC}/libsa
SYSDIR= ${SRCTOP}/sys
UBOOTSRC= ${BOOTSRC}/uboot
ZFSSRC= ${SASRC}/zfs
BOOTOBJ= ${OBJTOP}/stand
# BINDIR is where we install
BINDIR?= /boot
LIBSA= ${BOOTOBJ}/libsa/libsa.a
.if ${MACHINE} == "i386"
LIBSA32= ${LIBSA}
.else
LIBSA32= ${BOOTOBJ}/libsa32/libsa32.a
.endif
# Standard options:
CFLAGS+= -nostdinc
.if ${MACHINE_ARCH} == "amd64" && ${DO32:U0} == 1
CFLAGS+= -I${BOOTOBJ}/libsa32
.else
CFLAGS+= -I${BOOTOBJ}/libsa
.endif
CFLAGS+= -I${SASRC} -D_STANDALONE
CFLAGS+= -I${SYSDIR}
# Spike the floating point interfaces
CFLAGS+= -Ddouble=jagged-little-pill -Dfloat=floaty-mcfloatface
# GELI Support, with backward compat hooks (mostly)
.if defined(LOADER_NO_GELI_SUPPORT)
MK_LOADER_GELI=no
.warning "Please move from LOADER_NO_GELI_SUPPORT to WITHOUT_LOADER_GELI"
.endif
.if defined(LOADER_GELI_SUPPORT)
MK_LOADER_GELI=yes
.warning "Please move from LOADER_GELI_SUPPORT to WITH_LOADER_GELI"
.endif
.if ${MK_LOADER_GELI} == "yes"
CFLAGS+= -DLOADER_GELI_SUPPORT
CFLAGS+= -I${SASRC}/geli
.endif # MK_LOADER_GELI
# These should be confined to loader.mk, but can't because uboot/lib
# also uses it. It's part of loader, but isn't a loader so we can't
# just include loader.mk
.if ${LOADER_DISK_SUPPORT:Uyes} == "yes"
CFLAGS+= -DLOADER_DISK_SUPPORT
.endif
# Machine specific flags for all builds here
# All PowerPC builds are 32 bit. We have no 64-bit loaders on powerpc
# or powerpc64.
.if ${MACHINE_ARCH} == "powerpc64"
CFLAGS+= -m32 -mcpu=powerpc
.endif
# For amd64, there's a bit of mixed bag. Some of the tree (i386, lib*32) is
# build 32-bit and some 64-bit (lib*, efi). Centralize all the 32-bit magic here
# and activate it when DO32 is explicitly defined to be 1.
.if ${MACHINE_ARCH} == "amd64" && ${DO32:U0} == 1
CFLAGS+= -m32
# LD_FLAGS is passed directly to ${LD}, not via ${CC}:
LD_FLAGS+= -m elf_i386_fbsd
AFLAGS+= --32
.endif
SSP_CFLAGS=
# Add in the no float / no SIMD stuff and announce we're freestanding
# aarch64 and riscv don't have -msoft-float, but all others do. riscv
# currently has no /boot/loader, but may soon.
CFLAGS+= -ffreestanding ${CFLAGS_NO_SIMD}
.if ${MACHINE_CPUARCH} == "aarch64"
CFLAGS+= -mgeneral-regs-only -fPIC
.elif ${MACHINE_CPUARCH} == "riscv"
CFLAGS+= -march=rv64imac -mabi=lp64
.else
CFLAGS+= -msoft-float
.endif
.if ${MACHINE_CPUARCH} == "i386" || (${MACHINE_CPUARCH} == "amd64" && ${DO32:U0} == 1)
CFLAGS+= -march=i386
CFLAGS.gcc+= -mpreferred-stack-boundary=2
.endif
.if ${MACHINE_CPUARCH} == "amd64" && ${DO32:U0} == 0
CFLAGS+= -fPIC -mno-red-zone
.endif
.if ${MACHINE_CPUARCH} == "arm"
# Do not generate movt/movw, because the relocation fixup for them does not
# translate to the -Bsymbolic -pie format required by self_reloc() in loader(8).
# Also, the fpu is not available in a standalone environment.
.if ${COMPILER_VERSION} < 30800
CFLAGS.clang+= -mllvm -arm-use-movt=0
.else
CFLAGS.clang+= -mno-movt
.endif
CFLAGS.clang+= -mfpu=none
CFLAGS+= -fPIC
.endif
# The boot loader build uses dd status=none, where possible, for reproducible
# build output (since performance varies from run to run). Trouble is that
# option was recently (10.3) added to FreeBSD and is non-standard. Only use it
# when this test succeeds rather than require dd to be a bootstrap tool.
DD_NOSTATUS!=(dd status=none count=0 2> /dev/null && echo status=none) || true
DD=dd ${DD_NOSTATUS}
.if ${MACHINE_CPUARCH} == "mips"
CFLAGS+= -G0 -fno-pic -mno-abicalls
.endif
.if ${MK_LOADER_FORCE_LE} != "no"
.if ${MACHINE_ARCH} == "powerpc64"
CFLAGS+= -mlittle-endian
.endif
.endif
# Make sure we use the machine link we're about to create
CFLAGS+=-I.
all: ${PROG}
.if !defined(NO_OBJ)
_ILINKS=machine
.if ${MACHINE} != ${MACHINE_CPUARCH} && ${MACHINE} != "arm64"
_ILINKS+=${MACHINE_CPUARCH}
.endif
.if ${MACHINE_CPUARCH} == "i386" || ${MACHINE_CPUARCH} == "amd64"
_ILINKS+=x86
.endif
CLEANFILES+=${_ILINKS}
beforedepend: ${_ILINKS}
beforebuild: ${_ILINKS}
# Ensure that the links exist without depending on it when it exists which
# causes all the modules to be rebuilt when the directory pointed to changes.
.for _link in ${_ILINKS}
.if !exists(${.OBJDIR}/${_link})
${OBJS}: ${_link}
.endif # _link exists
.endfor
.NOPATH: ${_ILINKS}
${_ILINKS}:
@case ${.TARGET} in \
machine) \
if [ ${DO32:U0} -eq 0 ]; then \
path=${SYSDIR}/${MACHINE}/include ; \
else \
path=${SYSDIR}/${MACHINE:C/amd64/i386/}/include ; \
fi ;; \
*) \
path=${SYSDIR}/${.TARGET:T}/include ;; \
esac ; \
path=`(cd $$path && /bin/pwd)` ; \
${ECHO} ${.TARGET:T} "->" $$path ; \
ln -fhs $$path ${.TARGET:T}
.endif # !NO_OBJ
.endif # __BOOT_DEFS_MK__