libsa: Remove redundant sys/cdefs.h

Sponsored by: Netflix

Remove $FreeBSD$: one-line .c pattern

Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/

stand: Create common gen_setcurrdev and replace code

Replace 4 identical copies of *_setcurrdev with gen_setcurrdev to avoid
having to create a 5th copy. uboot_setcurrdev is actually different and
needs to remain separate (even though it's quite similar).

Sponsored by: Netflix
Reviewed by: fuz@fuz.su, kevans
Differential Revision: https://reviews.freebsd.org/D38003

stand/zfs: Add a third argument to zfs_probe_dev: part_too

Pass in 'true' if you'd like to search this device's partitions or
'false' if you should just search the device. EFI and (in the future)
kboot have discrete partitions that aren't accessed via the full disk
device. Weird things happen if you try to search in these cases.

Sponsored by: Netflix

stand: parsedev API change: devspec now points to start of full device name

To support more flexible device matching, we now pass in the full
devspec to the parsedev routines. For everything execpt uboot, this is
just a drop in (since everything except uboot and openfirmware always
uses disk...: and/or zfs:, but openfirmware isn't really affected).

uboot we kludge around it by subtracting 4 from where the rest of the
device name starts. This is unforunate, and can compute the address one
before the string. But we never dereference that address. uboot needs
more work, and this is an acceptable UB until that other work happens.

OFW doesn't really use the parsedev routines these days (since none of
the supported device uses this... yet). It too needs more work, but it
needs device matching support first.

Sponsored by: Netflix
Reviewed by: delphij
Differential Revision: https://reviews.freebsd.org/D37553

stand: create devinit

devinit() marches through all the devices, calling the inint routines if
any exist. Replace all the identical copies of this code.

Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D37349

stand: Change disk_parsedev() API

Change the first argument to disk_parsedev() to be a pointer to a struct
devdesc *. This now gets filled in with a malloc'd structure that's
returned to the caller that the caller is repsonsible for freeing. Most
places in the tree passed in a malloc'd pointer anyway, and this moves
knowledge of disk_devdesc more firmly into the disk.[ch] code.

Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D37335

stand: Replace zfs_fmtdev with generic devformat()

Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D35973

stand: Change zfs_fmtdev to take a struct devdesc *

Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D35974

stand: Move i386_devdesc to a union

Rather than have the magic, hand-crafted fields that have to align with
fields in other structures at the end of i386_devdesc, make it into
anonymous union and adjust the code accordingly. This is safer and
similar to what CAM does.

Sponsored by: Netflix
Reviewed by: kevans, tsoome (prior version)
Differential Revision: https://reviews.freebsd.org/D35965

loader: implement mount/unmount rootfs

We want to keep our root file system open to preserve bcache segment
between file accesses, thus reducing physical disk IO.

Reviewed by: imp, allanjude, kevans (previous version)
Differential Revision: https://reviews.freebsd.org/D30848
MFC after: 1 month

zfsboot: add prototype for main()

Some compilers are complaining about missing prototype.

PR: 251150
Reported by: markiyan.kushnir@gmail.com

loader: fix non-zfs build

We can not include zfs headers while building without zfs.

Reported by: Oscar Holmlund

loader: zfs should support bootonce an nextboot

bootonce feature is temporary, one time boot, activated by
"bectl activate -t BE", "bectl activate -T BE" will reset the bootonce flag.

By default, the bootonce setting is reset on attempt to boot and the next
boot will use previously active BE.

By setting zfs_bootonce_activate="YES" in rc.conf, the bootonce BE will
be set permanently active.

bootonce dataset name is recorded in boot pool labels, bootenv area.

in case of nextboot, the nextboot_enable boolean variable is recorded in
freebsd:nvstore nvlist, also stored in boot pool label bootenv area.
On boot, the loader will process /boot/nextboot.conf if nextboot_enable
is "YES", and will set nextboot_enable to "NO", preventing /boot/nextboot.conf
processing on next boot.

bootonce and nextboot features are usable in both UEFI and BIOS boot.

To use bootonce/nextboot features, the boot loader needs to be updated on disk;
if loader.efi is stored on ESP, then ESP needs to be updated and
for BIOS boot, stage2 (zfsboot or gptzfsboot) needs to be updated
(gpart or other tools).

At this time, only lua loader is updated.

Sponsored by: Netflix, Klara Inc.
Differential Revision: https://reviews.freebsd.org/D25512

When we have a command returned by zfs_nextboot() that is longer
than command in the loader.conf, the latter needs to be nul terminated,
otherwise garbage trailer left from zfs_nextboot() will be passed to
parse_cmd() together with loader.conf command.

While here, reset cmd to empty string if read() returns error.

Reviewed by: tsoome

loader: create single zfs nextboot implementation

We should have nextboot feature implemented in libsa zfs code.
To get there, I have created zfs_nextboot() implementation based on
two sources, our current simple textual string based approach with added
structured boot label PAD structure from OpenZFS.

Secondly, all nvlist details are moved to separate source file and
restructured a bit. This is done to provide base support to add nvlist
add/update feature in followup updates.

And finally, the zfsboot/gptzfsboot disk access functions are swapped to use
libi386 and libsa.

Sponsored by: Netflix, Klara Inc.
Differential Revision: https://reviews.freebsd.org/D25324

zfsboot: cstyle cleanup

No functional changes intended.

Sponsored by: Netflix, Klara Inc.

zfsboot: vdev_read_pad2 does allocate buffer with wrong size

vdev_read_pad2() does read VDEV_PAD_SIZE of data, and will copy size bytes
of it, hence, we need buffer of VDEV_PAD_SIZE bytes.

Issue introduced in r357497.

Reported by: se

vdev_read_pad2: freeing wrong pointer

Shoud free previously allocated tmp buffer instead. Issue introduced in
r357497.

Reported by: rpokala

loader: rewrite zfs reader zap code to use malloc

First step on removing zfs_alloc.

Reviewed by: delphij
Differential Revision: https://reviews.freebsd.org/D23433

[zfsboot] Fix boot env back compat (#190)

* Fix boot env back compat

zfsboot must try zfsloader before loader in order to remain compatible
with boot environments created prior to zfs functionality being rolled
into loader proper.

* Improve comments in zfsboot

Explain the significance of the load path order, and put the comment
about looping through the paths in the appropriate scope.

Obtained From: TrueNAS commit 4c60c62fcf0b6b6eac98ee8d46e7bbea64bc86f5
Submitted by: Ryan Moeller <ryan@freqlabs.com>

zfsboot: to detect disk size, use GPT information first

If we do have GPT on disk, read the disk size from it and do not
call int13.

Since int13 does report bogus informatiopn too often, rather trust the
partition table. We are using the same strategy with loader.

MFC after: 1 month

Remove whole-disk vdev support from zfsboot

This is consistent with the removal of whole-disk vdev support from
libsa/zfs/zfs.c in r342151, and is part way to having the LBAs read
during probe be fully constrained by partition tables when present.

Reviewed by: tsoome
MFC after: 3 months
Differential Revision: https://reviews.freebsd.org/D19142

Eliminate duplicated code and struct member definitions in the handoff
of args data between gptboot/zfsboot and loader(8).

Despite what seems like a lot of changes here, there are no actual
changes in behavior, or in the data layout in the structures involved.
This is just eliminating identical code pasted into multiple locations.

In detail, the changes are...

- Move struct zfs_boot_args definition from libsa/zfs/libzfs.h to
i386/common/bootargs.h because it is specific to x86 booting and the
handoff between zfsboot and loader, and has no relation to the zfs
library code in general.

- The geli_boot_args and zfs_boot_args structs both contain an identical
set of member variables containing geli information. Extract this out
to a new geli_boot_data struct, and embed it in the arg-passing structs.

- Provide new routines geli_import_boot_data() and geli_export_boot_data()
that can be shared between gptboot, zfsboot, and loader instead of
pasting identical code into several different .c files.

- Remove some checks for a NULL pointer that can never be true because the
pointer being tested was set using pointer math (kargs + 1) and that can
never result in NULL in this code.

Add comments describing the bootargs handoff between loader(8) and gptboot
or zfsboot, when loader(8) is the BTX loader. No functional changes.

zfsboot: Fix startup crash

On a FreeNAS mini XL, with geli encrypted drives the loader crashed in
geli_read().

When we iterate over the list of disks and allocate the zfsdsk structures we
don’t zero out the gdev pointer. In one case that resulted in geli_read()
(called on the bogus pointer) dividing by zero.

Use calloc() to ensure the zfsdsk structure is always zeroed, so the pointer is
initialised to NULL. As a side benefit it gets rid of one #ifdef
LOADER_GELI_SUPPORT.

Collapse zfsloader functionality back down into loader.

We no longer really need a separate zfsloader. It was useful when we
were first supporting ZFS and had limited ability to properly boot off
of ZFS without the special boot loader. Now that the boot loader has
matured, go the way loader.efi pioneered and just build one
binary. Change the name of the loader to load in the secondary boot
blocks to be just /boot/loader. Provide a symbolic link from zfsloader
to loader so people who have not upgraded their boot blocks are not
affected. This has the happy benefit of making coexistence easier as
well (fewer binaries in the matrix).

Discussed with: allanjude@, kevans@
RelNotes: Yes
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D16361

zfsboot: fix build with WITHOUT_LOADER_GELI

Reviewed by: ian
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D16292

Extend loader(8) geli support to all architectures and all disk-like devices.

This moves the bulk of the geli support from lib386/biosdisk.c into a new
geli/gelidev.c which implements a devsw-type device whose dv_strategy()
function handles geli decryption. Support for all arches comes from moving
the taste-and-attach code to the devopen() function in libsa.

After opening any DEVT_DISK device, devopen() calls the new function
geli_probe_and_attach(), which will "attach" the geli code to the open_file
struct by creating a geli_devdesc instance to replace the disk_devdesc
instance in the open_file. That routes all IO for the device through the
geli code.

A new public geli_add_key() function is added, to allow arch/vendor-specific
code to add keys obtained from custom hardware or other sources.

With these changes, geli support will be compiled into all variations of
loader(8) on all arches because the default is WITH_LOADER_GELI.

Relnotes: yes
Sponsored by: Microchip Technology Inc
Differential Revision: https://reviews.freebsd.org/D15743

Revert r335276

This was causing issues for people booting.
I will likely bring this back as an optional feature, similar to
boot0sio, like gptboot-serial or something.

PR: 221526
Reported by: O. Hartmann <ohartmann@walstatt.org>, Thomas Laus <lausts@acm.org>

gptboot, zfsboot, gptzfsboot: Enable the video and serial consoles early

Normally the serial console is not enabled until /boot.config is read and
we know how the serial console should be configured. Initialize the
consoles early in 'dual' mode (serial & keyboard) with a default serial
rate of 115200. Then serial is re-initialized once the disk is decrypted
and the /boot.config file can be read.

This allows the GELIBoot passphrase to be provided via the serial console.

PR: 221526
Requested by: many
Reviewed by: imp
Sponsored by: Klara Systems
Differential Revision: https://reviews.freebsd.org/D15862

Avoid reading past the end of the disk in zfsboot.c and biosdisk.c

The GELI boot code rounds reads up to 4k, since the encrypted sectors are
4k, and must be decrypted as a unit. With oddball sized disks (almost
always virtual), this can lead to reading past the end of the disk.

Reviewed by: imp, tsoome
Sponsored by: Klara Systems
Differential Revision: https://reviews.freebsd.org/D15844

Remove the 'mini libstand in libstand' that util.[ch] provided. These
weren't needed, and their existance interfered with things in subtle
ways. One of these subtle ways was that malloc could be different
based on what files were included when (even within the same .c file,
it turns out). Move to a single malloc implementation as well by
adding the calls to setheap() to gptboot.c and zfsboot.c. Once upon a
time, these boot loaders strove to not use libstand. However, with the
proliferation of features, that striving is too hard for too little
gain and lead to stupid mistakes.

This fixes the GELI-enabled (but not even using) boot environment. The
geli routines were calling libstand malloc but zfsboot.c and gptboot.c
were using the mini libstand malloc, so this failed when we tried to
probe for GELI partitions. Subtle changes in build order when moving
to self-contained stand build in r326593 toggled what it used from one
type to another due to odd nesting of the zfs implementation code that
differed subtly between zfsloader and zfsboot.

Sponsored by: Netflix

Fix all warnings related to geli and ZFS support on x86.

Default WARNS to 0 still, since there's still some warnings on other
architectures.

Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D13301

Move sys/boot to stand. Fix all references to new location

Sponsored by: Netflix