2 * Copyright (c) 1998 Robert Nordier
5 * Redistribution and use in source and binary forms are freely
6 * permitted provided that the above copyright notice and this
7 * paragraph and the following disclaimer are duplicated in all
10 * This software is provided "AS IS" and without any express or
11 * implied warranties, including, without limitation, the implied
12 * warranties of merchantability and fitness for a particular
16 #include <sys/cdefs.h>
17 __FBSDID("$FreeBSD$");
19 #include <sys/param.h>
20 #include <sys/errno.h>
21 #include <sys/diskmbr.h>
25 #include <sys/reboot.h>
26 #include <sys/queue.h>
28 #include <machine/bootinfo.h>
29 #include <machine/elf.h>
30 #include <machine/pc/bios.h>
47 #define SECOND 18 /* Circa that many ticks in a second. */
49 #define RBX_ASKNAME 0x0 /* -a */
50 #define RBX_SINGLE 0x1 /* -s */
51 /* 0x2 is reserved for log2(RB_NOSYNC). */
52 /* 0x3 is reserved for log2(RB_HALT). */
53 /* 0x4 is reserved for log2(RB_INITNAME). */
54 #define RBX_DFLTROOT 0x5 /* -r */
55 #define RBX_KDB 0x6 /* -d */
56 /* 0x7 is reserved for log2(RB_RDONLY). */
57 /* 0x8 is reserved for log2(RB_DUMP). */
58 /* 0x9 is reserved for log2(RB_MINIROOT). */
59 #define RBX_CONFIG 0xa /* -c */
60 #define RBX_VERBOSE 0xb /* -v */
61 #define RBX_SERIAL 0xc /* -h */
62 #define RBX_CDROM 0xd /* -C */
63 /* 0xe is reserved for log2(RB_POWEROFF). */
64 #define RBX_GDB 0xf /* -g */
65 #define RBX_MUTE 0x10 /* -m */
66 /* 0x11 is reserved for log2(RB_SELFTEST). */
67 /* 0x12 is reserved for boot programs. */
68 /* 0x13 is reserved for boot programs. */
69 #define RBX_PAUSE 0x14 /* -p */
70 #define RBX_QUIET 0x15 /* -q */
71 #define RBX_NOINTR 0x1c /* -n */
72 /* 0x1d is reserved for log2(RB_MULTIPLE) and is just misnamed here. */
73 #define RBX_DUAL 0x1d /* -D */
74 /* 0x1f is reserved for log2(RB_BOOTINFO). */
76 /* pass: -a, -s, -r, -d, -c, -v, -h, -C, -g, -m, -p, -D */
77 #define RBX_MASK (OPT_SET(RBX_ASKNAME) | OPT_SET(RBX_SINGLE) | \
78 OPT_SET(RBX_DFLTROOT) | OPT_SET(RBX_KDB ) | \
79 OPT_SET(RBX_CONFIG) | OPT_SET(RBX_VERBOSE) | \
80 OPT_SET(RBX_SERIAL) | OPT_SET(RBX_CDROM) | \
81 OPT_SET(RBX_GDB ) | OPT_SET(RBX_MUTE) | \
82 OPT_SET(RBX_PAUSE) | OPT_SET(RBX_DUAL))
84 /* Hint to loader that we came from ZFS */
85 #define KARGS_FLAGS_ZFS 0x4
87 #define PATH_CONFIG "/boot.config"
88 #define PATH_BOOT3 "/boot/zfsloader"
89 #define PATH_KERNEL "/boot/kernel/kernel"
94 #define V86_CY(x) ((x) & 1)
95 #define V86_ZR(x) ((x) & 0x40)
102 #define TYPE_MAXHARD TYPE_DA
105 #define OPT_SET(opt) (1 << (opt))
106 #define OPT_CHECK(opt) ((opts) & OPT_SET(opt))
108 extern uint32_t _end;
111 static const uuid_t freebsd_zfs_uuid = GPT_ENT_TYPE_FREEBSD_ZFS;
113 static const char optstr[NOPT] = "DhaCcdgmnpqrsv"; /* Also 'P', 'S' */
114 static const unsigned char flags[NOPT] = {
131 static const char *const dev_nm[NDEV] = {"ad", "da", "fd"};
132 static const unsigned char dev_maj[NDEV] = {30, 4, 2};
143 static char cmd[512];
144 static char kname[1024];
145 static uint32_t opts;
146 static int comspeed = SIOSPD;
147 static struct bootinfo bootinfo;
148 static uint32_t bootdev;
149 static uint8_t ioctrl = IO_KEYBOARD;
151 vm_offset_t high_heap_base;
152 uint32_t bios_basemem, bios_extmem, high_heap_size;
154 static struct bios_smap smap;
157 * The minimum amount of memory to reserve in bios_extmem for the heap.
159 #define HEAP_MIN (3 * 1024 * 1024)
161 static char *heap_next;
162 static char *heap_end;
164 /* Buffers that must not span a 64k boundary. */
165 #define READ_BUF_SIZE 8192
167 char rdbuf[READ_BUF_SIZE]; /* for reading large things */
168 char secbuf[READ_BUF_SIZE]; /* for MBR/disklabel */
170 static struct dmadat *dmadat;
173 static void load(void);
174 static int parse(void);
175 static void printf(const char *,...);
176 static void putchar(int);
177 static void bios_getmem(void);
178 static int drvread(struct dsk *, void *, daddr_t, unsigned);
179 static int keyhit(unsigned);
180 static int xputc(int);
181 static int xgetc(int);
182 static int getc(int);
184 static void memcpy(void *, const void *, int);
186 memcpy(void *dst, const void *src, int len)
196 strcpy(char *dst, const char *src)
204 strcat(char *dst, const char *src)
214 strcmp(const char *s1, const char *s2)
216 for (; *s1 == *s2 && *s1; s1++, s2++);
217 return (unsigned char)*s1 - (unsigned char)*s2;
221 strchr(const char *s, char ch)
230 memcmp(const void *p1, const void *p2, size_t n)
232 const char *s1 = (const char *) p1;
233 const char *s2 = (const char *) p2;
234 for (; n > 0 && *s1 == *s2; s1++, s2++, n--);
236 return (unsigned char)*s1 - (unsigned char)*s2;
242 memset(void *p, char val, size_t n)
244 char *s = (char *) p;
253 if (p + n > heap_end) {
254 printf("malloc failure\n");
264 strlen(const char *s)
273 strdup(const char *s)
275 char *p = malloc(strlen(s) + 1);
283 * Read from a dnode (which must be from a ZPL filesystem).
286 zfs_read(spa_t *spa, const dnode_phys_t *dnode, off_t *offp, void *start, size_t size)
288 const znode_phys_t *zp = (const znode_phys_t *) dnode->dn_bonus;
293 if (*offp + n > zp->zp_size)
294 n = zp->zp_size - *offp;
296 rc = dnode_read(spa, dnode, *offp, start, n);
310 * A wrapper for dskread that doesn't have to worry about whether the
311 * buffer pointer crosses a 64k boundary.
314 vdev_read(vdev_t *vdev, void *priv, off_t off, void *buf, size_t bytes)
319 struct dsk *dsk = (struct dsk *) priv;
321 if ((off & (DEV_BSIZE - 1)) || (bytes & (DEV_BSIZE - 1)))
325 lba = off / DEV_BSIZE;
327 nb = bytes / DEV_BSIZE;
328 if (nb > READ_BUF_SIZE / DEV_BSIZE)
329 nb = READ_BUF_SIZE / DEV_BSIZE;
330 if (drvread(dsk, dmadat->rdbuf, lba, nb))
332 memcpy(p, dmadat->rdbuf, nb * DEV_BSIZE);
335 bytes -= nb * DEV_BSIZE;
342 xfsread(const dnode_phys_t *dnode, off_t *offp, void *buf, size_t nbyte)
344 if ((size_t)zfs_read(spa, dnode, offp, buf, nbyte) != nbyte) {
345 printf("Invalid %s\n", "format");
356 /* Parse system memory map */
360 v86.addr = 0x15; /* int 0x15 function 0xe820*/
362 v86.ecx = sizeof(struct bios_smap);
364 v86.es = VTOPSEG(&smap);
365 v86.edi = VTOPOFF(&smap);
367 if ((v86.efl & 1) || (v86.eax != SMAP_SIG))
369 /* look for a low-memory segment that's large enough */
370 if ((smap.type == SMAP_TYPE_MEMORY) && (smap.base == 0) &&
371 (smap.length >= (512 * 1024)))
372 bios_basemem = smap.length;
373 /* look for the first segment in 'extended' memory */
374 if ((smap.type == SMAP_TYPE_MEMORY) && (smap.base == 0x100000)) {
375 bios_extmem = smap.length;
379 * Look for the largest segment in 'extended' memory beyond
382 if ((smap.type == SMAP_TYPE_MEMORY) && (smap.base > 0x100000) &&
383 (smap.base < 0x100000000ull)) {
387 * If this segment crosses the 4GB boundary, truncate it.
389 if (smap.base + size > 0x100000000ull)
390 size = 0x100000000ull - smap.base;
392 if (size > high_heap_size) {
393 high_heap_size = size;
394 high_heap_base = smap.base;
397 } while (v86.ebx != 0);
399 /* Fall back to the old compatibility function for base memory */
400 if (bios_basemem == 0) {
402 v86.addr = 0x12; /* int 0x12 */
405 bios_basemem = (v86.eax & 0xffff) * 1024;
408 /* Fall back through several compatibility functions for extended memory */
409 if (bios_extmem == 0) {
411 v86.addr = 0x15; /* int 0x15 function 0xe801*/
414 if (!(v86.efl & 1)) {
415 bios_extmem = ((v86.ecx & 0xffff) + ((v86.edx & 0xffff) * 64)) * 1024;
418 if (bios_extmem == 0) {
420 v86.addr = 0x15; /* int 0x15 function 0x88*/
423 bios_extmem = (v86.eax & 0xffff) * 1024;
427 * If we have extended memory and did not find a suitable heap
428 * region in the SMAP, use the last 3MB of 'extended' memory as a
429 * high heap candidate.
431 if (bios_extmem >= HEAP_MIN && high_heap_size < HEAP_MIN) {
432 high_heap_size = HEAP_MIN;
433 high_heap_base = bios_extmem + 0x100000 - HEAP_MIN;
445 switch (c = xgetc(0)) {
460 if (s - cmd < sizeof(cmd) - 1)
471 v86.eax = 0xe00 | (c & 0xff);
477 * Try to detect a device supported by the legacy int13 BIOS
480 int13probe(int drive)
488 if (!(v86.efl & 0x1) && /* carry clear */
489 ((v86.edx & 0xff) != (drive & DRV_MASK))) { /* unit # OK */
490 if ((v86.ecx & 0x3f) == 0) { /* absurd sector size */
491 return(0); /* skip device */
499 * We call this when we find a ZFS vdev - ZFS consumes the dsk
500 * structure so we must make a new one.
503 copy_dsk(struct dsk *dsk)
507 newdsk = malloc(sizeof(struct dsk));
513 probe_drive(struct dsk *dsk, spa_t **spap)
519 unsigned part, entries_per_sec;
521 struct dos_partition *dp;
526 * If we find a vdev on the whole disk, stop here. Otherwise dig
527 * out the MBR and probe each slice in turn for a vdev.
529 if (vdev_probe(vdev_read, dsk, spap) == 0)
532 sec = dmadat->secbuf;
537 * First check for GPT.
539 if (drvread(dsk, sec, 1, 1)) {
542 memcpy(&hdr, sec, sizeof(hdr));
543 if (memcmp(hdr.hdr_sig, GPT_HDR_SIG, sizeof(hdr.hdr_sig)) != 0 ||
544 hdr.hdr_lba_self != 1 || hdr.hdr_revision < 0x00010000 ||
545 hdr.hdr_entsz < sizeof(*ent) || DEV_BSIZE % hdr.hdr_entsz != 0) {
550 * Probe all GPT partitions for the presense of ZFS pools. We
551 * return the spa_t for the first we find (if requested). This
552 * will have the effect of booting from the first pool on the
555 entries_per_sec = DEV_BSIZE / hdr.hdr_entsz;
556 slba = hdr.hdr_lba_table;
557 elba = slba + hdr.hdr_entries / entries_per_sec;
558 while (slba < elba) {
560 if (drvread(dsk, sec, slba, 1))
562 for (part = 0; part < entries_per_sec; part++) {
563 ent = (struct gpt_ent *)(sec + part * hdr.hdr_entsz);
564 if (memcmp(&ent->ent_type, &freebsd_zfs_uuid,
565 sizeof(uuid_t)) == 0) {
566 dsk->start = ent->ent_lba_start;
567 if (vdev_probe(vdev_read, dsk, spap) == 0) {
569 * We record the first pool we find (we will try
570 * to boot from that one).
575 * This slice had a vdev. We need a new dsk
576 * structure now since the vdev now owns this one.
588 if (drvread(dsk, sec, DOSBBSECTOR, 1))
590 dp = (void *)(sec + DOSPARTOFF);
592 for (i = 0; i < NDOSPART; i++) {
595 dsk->start = dp[i].dp_start;
596 if (vdev_probe(vdev_read, dsk, spap) == 0) {
598 * We record the first pool we find (we will try to boot
604 * This slice had a vdev. We need a new dsk structure now
605 * since the vdev now owns this one.
622 if (high_heap_size > 0) {
623 heap_end = PTOV(high_heap_base + high_heap_size);
624 heap_next = PTOV(high_heap_base);
626 heap_next = (char *) dmadat + sizeof(*dmadat);
627 heap_end = (char *) PTOV(bios_basemem);
630 dmadat = (void *)(roundup2(__base + (int32_t)&_end, 0x10000) - __base);
633 dsk = malloc(sizeof(struct dsk));
634 dsk->drive = *(uint8_t *)PTOV(ARGS);
635 dsk->type = dsk->drive & DRV_HARD ? TYPE_AD : TYPE_FD;
636 dsk->unit = dsk->drive & DRV_MASK;
637 dsk->slice = *(uint8_t *)PTOV(ARGS + 1) + 1;
642 bootinfo.bi_version = BOOTINFO_VERSION;
643 bootinfo.bi_size = sizeof(bootinfo);
644 bootinfo.bi_basemem = bios_basemem / 1024;
645 bootinfo.bi_extmem = bios_extmem / 1024;
646 bootinfo.bi_memsizes_valid++;
647 bootinfo.bi_bios_dev = dsk->drive;
649 bootdev = MAKEBOOTDEV(dev_maj[dsk->type],
650 dsk->slice, dsk->unit, dsk->part),
652 /* Process configuration file */
659 * Probe the boot drive first - we will try to boot from whatever
660 * pool we find on that drive.
662 probe_drive(dsk, &spa);
665 * Probe the rest of the drives that the bios knows about. This
666 * will find any other available pools and it may fill in missing
667 * vdevs for the boot pool.
669 for (i = 0; i < 128; i++) {
670 if ((i | DRV_HARD) == *(uint8_t *)PTOV(ARGS))
673 if (!int13probe(i | DRV_HARD))
676 dsk = malloc(sizeof(struct dsk));
677 dsk->drive = i | DRV_HARD;
678 dsk->type = dsk->drive & TYPE_AD;
688 * If we didn't find a pool on the boot drive, default to the
689 * first pool we found, if any.
692 spa = STAILQ_FIRST(&zfs_pools);
694 printf("No ZFS pools located, can't boot\n");
702 if (zfs_lookup(spa, PATH_CONFIG, &dn) == 0) {
704 zfs_read(spa, &dn, &off, cmd, sizeof(cmd));
710 if (!OPT_CHECK(RBX_QUIET))
711 printf("%s: %s", PATH_CONFIG, cmd);
712 /* Do not process this command twice */
717 * Try to exec stage 3 boot loader. If interrupted by a keypress,
718 * or in case of failure, try to load a kernel directly instead.
721 if (autoboot && !*kname) {
722 memcpy(kname, PATH_BOOT3, sizeof(PATH_BOOT3));
723 if (!keyhit(3*SECOND)) {
725 memcpy(kname, PATH_KERNEL, sizeof(PATH_KERNEL));
729 /* Present the user with the boot2 prompt. */
732 if (!autoboot || !OPT_CHECK(RBX_QUIET))
733 printf("\nFreeBSD/i386 boot\n"
736 spa->spa_name, kname);
737 if (ioctrl & IO_SERIAL)
739 if (!autoboot || keyhit(5*SECOND))
741 else if (!autoboot || !OPT_CHECK(RBX_QUIET))
751 /* XXX - Needed for btxld to link the boot2 binary; do not remove. */
764 static Elf32_Phdr ep[2];
765 static Elf32_Shdr es[2];
772 if (zfs_lookup(spa, kname, &dn)) {
776 if (xfsread(&dn, &off, &hdr, sizeof(hdr)))
778 if (N_GETMAGIC(hdr.ex) == ZMAGIC)
780 else if (IS_ELF(hdr.eh))
783 printf("Invalid %s\n", "format");
787 addr = hdr.ex.a_entry & 0xffffff;
790 if (xfsread(&dn, &off, p, hdr.ex.a_text))
792 p += roundup2(hdr.ex.a_text, PAGE_SIZE);
793 if (xfsread(&dn, &off, p, hdr.ex.a_data))
795 p += hdr.ex.a_data + roundup2(hdr.ex.a_bss, PAGE_SIZE);
796 bootinfo.bi_symtab = VTOP(p);
797 memcpy(p, &hdr.ex.a_syms, sizeof(hdr.ex.a_syms));
798 p += sizeof(hdr.ex.a_syms);
800 if (xfsread(&dn, &off, p, hdr.ex.a_syms))
803 if (xfsread(&dn, &off, p, sizeof(int)))
808 if (xfsread(&dn, &off, p, x))
813 off = hdr.eh.e_phoff;
814 for (j = i = 0; i < hdr.eh.e_phnum && j < 2; i++) {
815 if (xfsread(&dn, &off, ep + j, sizeof(ep[0])))
817 if (ep[j].p_type == PT_LOAD)
820 for (i = 0; i < 2; i++) {
821 p = PTOV(ep[i].p_paddr & 0xffffff);
822 off = ep[i].p_offset;
823 if (xfsread(&dn, &off, p, ep[i].p_filesz))
826 p += roundup2(ep[1].p_memsz, PAGE_SIZE);
827 bootinfo.bi_symtab = VTOP(p);
828 if (hdr.eh.e_shnum == hdr.eh.e_shstrndx + 3) {
829 off = hdr.eh.e_shoff + sizeof(es[0]) *
830 (hdr.eh.e_shstrndx + 1);
831 if (xfsread(&dn, &off, &es, sizeof(es)))
833 for (i = 0; i < 2; i++) {
834 memcpy(p, &es[i].sh_size, sizeof(es[i].sh_size));
835 p += sizeof(es[i].sh_size);
836 off = es[i].sh_offset;
837 if (xfsread(&dn, &off, p, es[i].sh_size))
842 addr = hdr.eh.e_entry & 0xffffff;
844 bootinfo.bi_esymtab = VTOP(p);
845 bootinfo.bi_kernelname = VTOP(kname);
846 __exec((caddr_t)addr, RB_BOOTINFO | (opts & RBX_MASK),
849 (uint32_t) spa->spa_guid,
850 (uint32_t) (spa->spa_guid >> 32),
863 while ((c = *arg++)) {
864 if (c == ' ' || c == '\t' || c == '\n')
866 for (p = arg; *p && *p != '\n' && *p != ' ' && *p != '\t'; p++);
871 while ((c = *arg++)) {
873 if (*(uint8_t *)PTOV(0x496) & 0x10) {
876 opts |= OPT_SET(RBX_DUAL) | OPT_SET(RBX_SERIAL);
879 printf("Keyboard: %s\n", cp);
881 } else if (c == 'S') {
883 while ((unsigned int)(i = *arg++ - '0') <= 9)
885 if (j > 0 && i == -'0') {
889 /* Fall through to error below ('S' not in optstr[]). */
891 for (i = 0; c != optstr[i]; i++)
894 opts ^= OPT_SET(flags[i]);
896 ioctrl = OPT_CHECK(RBX_DUAL) ? (IO_SERIAL|IO_KEYBOARD) :
897 OPT_CHECK(RBX_SERIAL) ? IO_SERIAL : IO_KEYBOARD;
898 if (ioctrl & IO_SERIAL)
899 sio_init(115200 / comspeed);
903 if (zfs_lookup(spa, arg, &dn) == 0) {
911 * Report pool status if the comment is 'status'. Lets
912 * hope no-one wants to load /status as a kernel.
914 if (!strcmp(arg, "status")) {
920 * If there is a colon, switch pools.
922 q = (char *) strchr(arg, ':');
927 newspa = spa_find_by_name(arg);
932 printf("\nCan't find ZFS pool %s\n", arg);
937 if ((i = ep - arg)) {
938 if ((size_t)i >= sizeof(kname))
940 memcpy(kname, arg, i + 1);
949 printf(const char *fmt,...)
954 unsigned long long u;
963 while ((c = *fmt++)) {
984 prec = 10 * prec + (c - '0');
987 putchar(va_arg(ap, int));
993 s = va_arg(ap, char *);
1016 u = va_arg(ap, unsigned long long);
1019 u = va_arg(ap, unsigned long);
1022 u = va_arg(ap, unsigned);
1027 *s++ = '0' + u % 10U;
1059 drvread(struct dsk *dsk, void *buf, daddr_t lba, unsigned nblk)
1062 static unsigned c = 0x2d5c7c2f;
1064 if (!OPT_CHECK(RBX_QUIET))
1065 printf("%c\b", c = c << 8 | c >> 24);
1067 packet.count = nblk;
1068 packet.off = VTOPOFF(buf);
1069 packet.seg = VTOPSEG(buf);
1070 packet.lba = lba + dsk->start;
1071 v86.ctl = V86_FLAGS;
1074 v86.edx = dsk->drive;
1075 v86.ds = VTOPSEG(&packet);
1076 v86.esi = VTOPOFF(&packet);
1078 if (V86_CY(v86.efl)) {
1079 printf("error %u lba %u\n", v86.eax >> 8 & 0xff, lba);
1084 static unsigned c = 0x2d5c7c2f;
1087 if (!OPT_CHECK(RBX_QUIET))
1088 printf("%c\b", c = c << 8 | c >> 24);
1089 v86.ctl = V86_ADDR | V86_CALLF | V86_FLAGS;
1090 v86.addr = XREADORG; /* call to xread in boot1 */
1091 v86.es = VTOPSEG(buf);
1093 v86.ebx = VTOPOFF(buf);
1094 v86.ecx = lba >> 32;
1095 v86.edx = nblk << 8 | dsk->drive;
1097 v86.ctl = V86_FLAGS;
1098 if (V86_CY(v86.efl)) {
1099 printf("error %u lba %u\n", v86.eax >> 8 & 0xff, lba);
1107 keyhit(unsigned ticks)
1111 if (OPT_CHECK(RBX_NOINTR))
1117 t1 = *(uint32_t *)PTOV(0x46c);
1120 if (t1 < t0 || t1 >= t0 + ticks)
1128 if (ioctrl & IO_KEYBOARD)
1130 if (ioctrl & IO_SERIAL)
1138 if (OPT_CHECK(RBX_NOINTR))
1141 if (ioctrl & IO_KEYBOARD && getc(1))
1142 return fn ? 1 : getc(0);
1143 if (ioctrl & IO_SERIAL && sio_ischar())
1144 return fn ? 1 : sio_getc();
1154 * The extra comparison against zero is an attempt to work around
1155 * what appears to be a bug in QEMU and Bochs. Both emulators
1156 * sometimes report a key-press with scancode one and ascii zero
1157 * when no such key is pressed in reality. As far as I can tell,
1158 * this only happens shortly after a reboot.
1163 return fn == 0 ? v86.eax & 0xff : (!V86_ZR(v86.efl) && (v86.eax & 0xff));