Add loader.exit(status). While one can get alomst this behavior with
loader.perform("quit"), quit doesn't allow a value to be returned to the
firmware. The interpretation of 'status' is firmware specific. This can
be used when autobooting doesn't work in scripts, for example, to allow
the firmware to try something else...
Sponsored by: Netflix
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D44094
After the linker set cleanup in ldscripts, there's now only one place we
need to know the linkerset name, so go ahead and change the lua
interpreter augmentation linker set to be uniquely named.
Sponsored by: Netflix
Reviewed by: tsoome, kevans
Differential Revision: https://reviews.freebsd.org/D44062
We have the call to gfx_interp_ref to bring in the .o so that we get the
linker set item to add the language bindings at the right time. Where we
call it is not the right time... So the _ref name is better. Change it
before we have too many others like it.
Sponsored by: Netflix
To make it easier to port lua and some of the lua modules, we have a
series of routines to implement the stdio routines, even though we don't
normally implement them in the boot loader. Add a comment to this effect.
Also, some tools, like sanitizers and static analysis tools, make
unwarranted assumptions about these, so #define them to a different name
so they stop.
Sponsored by: Netflix
Create a small wrapper around the new flua hash module so we can use it
here too. There's no 4th bindings, nor will they be created.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D43874
The graphics stuff is optional. When it is pulled into the system, we
use a linker set to initialize the lua bindings for it now.
Sponsored by: Netflix
Reviewed by: kevans, jhb
Differential Revision: https://reviews.freebsd.org/D43906
This function will be used to draw in the graphics bindings when the
loader is compiled with graphics (gfx) support. Provide definitions
for lua and the simple interpreter. 4th support is forthcoming.
Sponsored by: Netflix
Reviewed by: kevans, jhb
Differential Revision: https://reviews.freebsd.org/D43903
Create a new gfx global table. Put into it all the graphics bindings
that we have in loader today. For now, have compatability binding for
loader. Remove them from loader.
Sponsored by: Netflix
Reviewed by: kevans, jhb
Differential Revision: https://reviews.freebsd.org/D43902
Move registration of the gfx stuff to separate function. However, no
change in functionality is intended.
Sponsored by: Netflix
Reviewed by: kevans, jhb
Differential Revision: https://reviews.freebsd.org/D43900
luaL_checkstring already checks for the right number of
arguments. There's no need to do that by hand here. Now an exception
will be thrown like any other function with the wrong args. Also,
push a boolean instead of an int.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D43820
Export the CMD_OK, etc constants in the loader table. They are the
return values of loader.perform, etc.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D43821
liblua now provides a loader.has_feature() function to probe the loader
binary for features advertised. name => desc mappings are provided in
loader.features to get a list of all of the features loader *can*
support. core.hasFeature is provided as a shim to loader.has_feature
so that individual consumers don't need to think about the logic of the
loader module not providing has_feature; we know that means the feature
isn't enabled.
The first consumer of this will be EARLY_ACPI to advertise that the
loader binary probes for ACPI presence before the interpreter has
started, so that we know whether we can trust the presence of acpi.rsdp
as relatively authoritative. In general, it's intended to be used to
avoid breaking new scripts on older loaders within reason.
This will be used in lua as `core.hasFeature("EARLY_ACPI")`, while the
C bits of loader will `feature_enable(FEATURE_EARLY_ACPI)`.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D42695
Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.
Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/
Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/
Remove /\n+#if.*\n#endif.*\n+/
Remove /^#if.*\n#endif.*\n/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/
Sponsored by: Netflix
Use 1000 * major + minor when calculating the version number that
gets set in the Ficl environment or lua loader property. This allows
for more room if the minor number needs to go above 9.
Add loader.version property to lua loader.
Reviewed by: imp
Obtained from: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D39631
Merge commit '755d9301ca89f02956fd17858b9d4d821ab5c972' from the
vendor branch. This updates us from lua 5.4.2 to 5.4.4.
In addition, it switches around how we flavor liblua for the boot loader
and flua. This is done to reduce diffs with upstream and make it easier
to import new versions (the current method has too many conflicts to
resolve by hand): we include luaconf.local.h from luaconf.h (the only
change to this file is now that #include at the end). We then define
what we need to: for flua (which does very little) and one for stand
(which creates the new FLOAT type out of int64).
Sponsored by: Netflix
Upstream luaconf.h is contrib/lua/src/luaconf.h.dist, while userland lua
and loader lua have copies in lib/liblua/luaconf.h and
stand/liblua/luaconf.h.
Adjust whitespace, VCS tags, etc. to match upstream's version, for ease
of comparison.
Reviewed By: imp
Sponsored By: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D38206
Give scripts the ability to determine if the currently running loader
has provided a command.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D36365
When VECTX is enabled as a kernel option and non-EFI loaders are
built, many reads will fail due to the mis-match of whether
LOADER_VERIEXEC_VECTX or not in readin.h. Source that includes
bootstrap.h must ensure the kernel option agrees with the compile
time CFLAGS in the various make related files.
Submitted by: bret_ketchum@dell.com (original revision)
Reviewed by: sjg, bdrewery, dab, bret_ketchum@dell.com
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D29993
Draw console on efi.
Add vbe framebuffer for BIOS loader (vbe off, vbe on, vbe list,
vbe set xxx).
autoload font (/boot/fonts) based on resolution and font size.
Add command loadfont (set font by file) and
variable screen.font (set font by size). Pass loaded font to kernel.
Export variables:
screen.height
screen.width
screen.depth
Add gfx primitives to draw the screen and put png image on the screen.
Rework menu draw to iterate list of consoles to enamble device specific
output.
Probably something else I forgot...
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D27420
This is nearly a 1:1 mapping of the pager API from libsa. The only real
difference is that pager.output() will accept any number of arguments and
coerce all of them to strings for output using luaL_tolstring (i.e. the
__tostring metamethod will be used).
The only consumer planned at this time is the upcoming "show-module-options"
implementation.
MFC after: 1 week
This would allow interested parties to do experimental runs with an
environment set appropriately to raise all the warnings throughout the
build; e.g. env WARNS=6 NO_WERROR=yes buildworld.
Not currently touching the numerous instances in ^/tools.
MFC after: 1 week
The vectx API, computes the hash for verifying a file as it is read.
This avoids the overhead of reading files twice - once to verify, then
again to load.
For doing an install via loader, avoiding the need to rewind
large files is critical.
This API is only used for modules, kernel and mdimage as these are the
biggest files read by the loader.
The reduction in boot time depends on how expensive the I/O is
on any given platform. On a fast VM we see 6% improvement.
For install via loader the first file to be verified is likely to be the
kernel, so some of the prep work (finding manifest etc) done by
verify_file() needs to be factored so it can be reused for
vectx_open().
For missing or unrecognized fingerprint entries, we fail
in vectx_open() unless verifying is disabled.
Otherwise fingerprint check happens in vectx_close() and
since this API is only used for files which must be verified
(VE_MUST) we panic if we get an incorrect hash.
Reviewed by: imp,tsoome
MFC after: 1 week
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org//D23827
Lua allocates LUAL_BUFFERSIZE buffers on the stack for various string
functions (string.format, string.gsub) -- this works out to be somewhat
significant and not necessary, based on how we use string operations.
Dropping it risks having to allocate per call to format/gsub, but this is
not the case for our usage. This simply stops allocating 8K buffers on the
stack when luaL_Buffer is used.
Reviewed by: imp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D22500
o Remove All Rights Reserved from my notices
o imp@FreeBSD.org everywhere
o regularize punctiation, eliminate date ranges
o Make sure that it's clear that I don't claim All Rights reserved by listing
All Rights Reserved on same line as other copyright holders (but not
me). Other such holders are also listed last where it's clear.
FreeBSDlua ("flua") is a FreeBSD-private lua, flavored with whatever
extensions we need for base system operations. We currently support a subset
of lfs and lposix that are used in the rewrite of makesyscall.sh into lua,
added in r354786.
flua is intentionally written such that one can install standard lua and
some set of lua modules from ports and achieve the same effect.
linit_flua is a copy of linit.c from contrib/lua with lfs and lposix added
in. This is similar to what we do in stand/. linit.c has been renamed to
make it clear that this has flua-specific bits.
luaconf has been slightly obfuscated to make extensions more difficult. Part
of the problem is that flua is already hard enough to use as a bootstrap
tool because it's not in PATH- attempting to do extension loading would
require a special bootstrap version of flua with paths changed to protect
the innocent.
src.lua.mk has been added to make it easy for in-tree stuff to find flua,
whether it's bootstrap-flua or relying on PATH frobbing by Makefile.inc1.
Reviewed by: brooks, emaste (both earlier version), imp
Differential Revision: https://reviews.freebsd.org/D21893
As described previously, loader.lua_path is absolute path where scripts are
installed. A future commit will use this to build paths for dofile in
try_include, rather than the current pcall/require setup that makes it more
difficult to coordinate loader aborts from local.lua -- we do not need the
flexibility of require(), and local.lua is in-fact not a 'module-like' file
as we will not be referencing anything from it.
Multiple places coordinate to 'know' where lua scripts are installed. Knock
this down to being formally defined (and overridable) in exactly one spot,
defs.mk, and spread the knowledge to loaders and liblua alike. A future
commit will expose this to lua as loader.lua_path, so it can build absolute
paths to lua scripts as needed.
MFC after: 1 week
This relies on libbearssl and libsecureboot
to verify files read by loader in a maner equivalent
to how mac_veriexec
Note: disabled by default.
Use is initially expected to be by embeded vendors
Reviewed by: emaste, imp
Sponsored by: Juniper Networks
Differential Revision: D16336
An integrity check such as a check-hash or a cross-correlation failed.
The integrity error falls between EINVAL that identifies errors in
parameters to a system call and EIO that identifies errors with the
underlying storage media. EINTEGRITY is typically raised by intermediate
kernel layers such as a filesystem or an in-kernel GEOM subsystem when
they detect inconsistencies. Uses include allowing the mount(8) command
to return a different exit value to automate the running of fsck(8)
during a system boot.
These changes make no use of the new error, they just add it. Later
commits will be made for the use of the new error number and it will
be added to additional manual pages as appropriate.
Reviewed by: gnn, dim, brueffer, imp
Discussed with: kib, cem, emaste, ed, jilles
Differential Revision: https://reviews.freebsd.org/D18765
Some fixes:
- Maintain historical behavior more accurately w.r.t verbose_loading;
verbose_loading strictly prints "${module_name...}" and later "failed!"
or "ok" based on load success
- With or without verbose_loading, dump command_errbuf on load failure.
This usually happens prior to ok/failed if we're verbose_loading
Reviewed by: imp
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D17694
This will be used for scenarios where the command to execute is coming in
via the environment (from, for example, loader.conf(5)) and is thus not
necessarily trusted.
cli_execute_unparsed will immediately be used for handling
module_{before,after,error} as well as menu_timeout_command. We still want
to offer these variables the ability to execute Lua-intercepted loader
commands, but we don't want them to be able to execute arbitrary Lua.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D14580
This allows lua to pass back a command string to be executed as if it were
typed at the loader prompt- loader tries to execute the string first as pure
lua, then parses it and gives lua a chance to intercept before it tries to
execute it itself.
This will be used to implement menu_timeout_command, among other things,
which *should* be used to execute basic loader commands independent of the
chosen interpreter.
printc does not need the features or the overhead of printf. It does not
take formatting strings, and it pipes the single string argument through an
"%s" format.
Instead, use putc directly. This pipes the string through in its entirety as
a series of 'unsigned char's, generally straight to the console emulator.
Discussed with: tsoome
Write support (even if it only works on UFS) will be needed for nextboot
functionality.
Reviewed by: cem, imp
Differential Revision: https://reviews.freebsd.org/D14478
We need to ensure that we defined Numbers as int64_t everywhere we
build for lua. Previously, we were compiling part of the code with
Numbers as int64_t and part as double. Move lua number definition to a
more-central location
Provisioned from MACHINE/MACHINE_ARCH on the system, expose loader.machine
and loader.machine_arch respectively.
These may be used to hide ACPI option on non-applicable archs.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D14446
