i386.c revision 1.41.2.1
1 1.41.2.1 christos /* $NetBSD: i386.c,v 1.41.2.1 2019/06/10 22:10:30 christos Exp $ */ 2 1.1 dsl 3 1.1 dsl /*- 4 1.1 dsl * Copyright (c) 2003 The NetBSD Foundation, Inc. 5 1.1 dsl * All rights reserved. 6 1.1 dsl * 7 1.1 dsl * This code is derived from software contributed to The NetBSD Foundation 8 1.1 dsl * by David Laight. 9 1.1 dsl * 10 1.1 dsl * Redistribution and use in source and binary forms, with or without 11 1.1 dsl * modification, are permitted provided that the following conditions 12 1.1 dsl * are met: 13 1.1 dsl * 1. Redistributions of source code must retain the above copyright 14 1.1 dsl * notice, this list of conditions and the following disclaimer. 15 1.1 dsl * 2. Redistributions in binary form must reproduce the above copyright 16 1.1 dsl * notice, this list of conditions and the following disclaimer in the 17 1.1 dsl * documentation and/or other materials provided with the distribution. 18 1.1 dsl * 19 1.1 dsl * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 1.1 dsl * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 1.1 dsl * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 1.1 dsl * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 1.1 dsl * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 1.1 dsl * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 1.1 dsl * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 1.1 dsl * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 1.1 dsl * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 1.1 dsl * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 1.1 dsl * POSSIBILITY OF SUCH DAMAGE. 30 1.1 dsl */ 31 1.1 dsl 32 1.12 lukem #if HAVE_NBTOOL_CONFIG_H 33 1.12 lukem #include "nbtool_config.h" 34 1.12 lukem #endif 35 1.12 lukem 36 1.1 dsl #include <sys/cdefs.h> 37 1.12 lukem #if !defined(__lint) 38 1.41.2.1 christos __RCSID("$NetBSD: i386.c,v 1.41.2.1 2019/06/10 22:10:30 christos Exp $"); 39 1.13 lukem #endif /* !__lint */ 40 1.1 dsl 41 1.1 dsl #include <sys/param.h> 42 1.23 dsl #ifndef HAVE_NBTOOL_CONFIG_H 43 1.23 dsl #include <sys/ioctl.h> 44 1.23 dsl #include <sys/dkio.h> 45 1.23 dsl #endif 46 1.1 dsl 47 1.1 dsl #include <assert.h> 48 1.23 dsl #include <errno.h> 49 1.1 dsl #include <err.h> 50 1.5 bjh21 #include <md5.h> 51 1.1 dsl #include <stddef.h> 52 1.1 dsl #include <stdio.h> 53 1.1 dsl #include <stdlib.h> 54 1.1 dsl #include <string.h> 55 1.1 dsl #include <unistd.h> 56 1.1 dsl 57 1.1 dsl #include "installboot.h" 58 1.1 dsl 59 1.26 christos static const struct console_name { 60 1.26 christos const char *name; /* Name of console selection */ 61 1.26 christos const int dev; /* value matching CONSDEV_* from sys/arch/i386/stand/lib/libi386.h */ 62 1.26 christos } consoles[] = { 63 1.26 christos { "pc", 0 /* CONSDEV_PC */ }, 64 1.26 christos { "com0", 1 /* CONSDEV_COM0 */ }, 65 1.26 christos { "com1", 2 /* CONSDEV_COM1 */ }, 66 1.26 christos { "com2", 3 /* CONSDEV_COM2 */ }, 67 1.26 christos { "com3", 4 /* CONSDEV_COM3 */ }, 68 1.26 christos { "com0kbd", 5 /* CONSDEV_COM0KBD */ }, 69 1.26 christos { "com1kbd", 6 /* CONSDEV_COM1KBD */ }, 70 1.26 christos { "com2kbd", 7 /* CONSDEV_COM2KBD */ }, 71 1.26 christos { "com3kbd", 8 /* CONSDEV_COM3KBD */ }, 72 1.26 christos { "auto", -1 /* CONSDEV_AUTO */ }, 73 1.26 christos }; 74 1.19 dsl 75 1.22 dsl static int i386_setboot(ib_params *); 76 1.22 dsl static int i386_editboot(ib_params *); 77 1.22 dsl 78 1.41.2.1 christos struct ib_mach ib_mach_i386 = { 79 1.41.2.1 christos .name = "i386", 80 1.41.2.1 christos .setboot = i386_setboot, 81 1.41.2.1 christos .clearboot = no_clearboot, 82 1.41.2.1 christos .editboot = i386_editboot, 83 1.41.2.1 christos .valid_flags = IB_RESETVIDEO | IB_CONSOLE | IB_CONSPEED | 84 1.41.2.1 christos IB_CONSADDR | IB_KEYMAP | IB_PASSWORD | 85 1.41.2.1 christos IB_TIMEOUT | IB_MODULES | IB_BOOTCONF | 86 1.41.2.1 christos IB_STAGE1START 87 1.41.2.1 christos }; 88 1.41.2.1 christos 89 1.41.2.1 christos struct ib_mach ib_mach_amd64 = { 90 1.41.2.1 christos .name = "amd64", 91 1.41.2.1 christos .setboot = i386_setboot, 92 1.41.2.1 christos .clearboot = no_clearboot, 93 1.41.2.1 christos .editboot = i386_editboot, 94 1.41.2.1 christos .valid_flags = IB_RESETVIDEO | IB_CONSOLE | IB_CONSPEED | 95 1.41.2.1 christos IB_CONSADDR | IB_KEYMAP | IB_PASSWORD | 96 1.41.2.1 christos IB_TIMEOUT | IB_MODULES | IB_BOOTCONF | 97 1.41.2.1 christos IB_STAGE1START 98 1.41.2.1 christos }; 99 1.22 dsl 100 1.23 dsl /* 101 1.23 dsl * Attempting to write the 'labelsector' (or a sector near it - within 8k?) 102 1.23 dsl * using the non-raw disk device fails silently. This can be detected (today) 103 1.23 dsl * by doing a fsync() and a read back. 104 1.23 dsl * This is very likely to affect installboot, indeed the code may need to 105 1.23 dsl * be written into the 'labelsector' itself - especially on non-512 byte media. 106 1.23 dsl * We do all writes with a read verify. 107 1.23 dsl * If EROFS is returned we also try to enable writes to the label sector. 108 1.23 dsl * (Maybe these functions should be in the generic part of installboot.) 109 1.23 dsl */ 110 1.23 dsl static int 111 1.23 dsl pwrite_validate(int fd, const void *buf, size_t n_bytes, off_t offset) 112 1.23 dsl { 113 1.23 dsl void *r_buf; 114 1.23 dsl ssize_t rv; 115 1.23 dsl 116 1.23 dsl r_buf = malloc(n_bytes); 117 1.23 dsl if (r_buf == NULL) 118 1.23 dsl return -1; 119 1.23 dsl rv = pwrite(fd, buf, n_bytes, offset); 120 1.23 dsl if (rv == -1) { 121 1.23 dsl free(r_buf); 122 1.23 dsl return -1; 123 1.23 dsl } 124 1.23 dsl fsync(fd); 125 1.31 christos if (pread(fd, r_buf, rv, offset) == rv && memcmp(r_buf, buf, rv) == 0) { 126 1.31 christos free(r_buf); 127 1.23 dsl return rv; 128 1.31 christos } 129 1.31 christos free(r_buf); 130 1.23 dsl errno = EROFS; 131 1.23 dsl return -1; 132 1.23 dsl } 133 1.23 dsl 134 1.23 dsl static int 135 1.37 christos write_boot_area(ib_params *params, uint8_t *buf, size_t len) 136 1.23 dsl { 137 1.23 dsl int rv, i; 138 1.23 dsl 139 1.23 dsl /* 140 1.23 dsl * Writing the 'label' sector (likely to be bytes 512-1023) could 141 1.23 dsl * fail, so we try to avoid writing that area. 142 1.23 dsl * Unfortunately, if we are accessing the raw disk, and the sector 143 1.23 dsl * size is larger than 512 bytes that is also doomed. 144 1.23 dsl * See how we get on.... 145 1.23 dsl * 146 1.23 dsl * NB: Even if the physical sector size is not 512, the space for 147 1.23 dsl * the label is 512 bytes from the start of the disk. 148 1.23 dsl * So all the '512' constants in these functions are correct. 149 1.23 dsl */ 150 1.23 dsl 151 1.23 dsl /* Write out first 512 bytes - the pbr code */ 152 1.23 dsl rv = pwrite_validate(params->fsfd, buf, 512, 0); 153 1.23 dsl if (rv == 512) { 154 1.23 dsl /* That worked, do the rest */ 155 1.23 dsl if (len == 512) 156 1.23 dsl return 1; 157 1.23 dsl len -= 512 * 2; 158 1.23 dsl rv = pwrite_validate(params->fsfd, buf + 512 * 2, len, 512 * 2); 159 1.37 christos if (rv != (ssize_t)len) 160 1.23 dsl goto bad_write; 161 1.23 dsl return 1; 162 1.23 dsl } 163 1.23 dsl if (rv != -1 || (errno != EINVAL && errno != EROFS)) 164 1.23 dsl goto bad_write; 165 1.23 dsl 166 1.23 dsl if (errno == EINVAL) { 167 1.23 dsl /* Assume the failure was due to to the sector size > 512 */ 168 1.23 dsl rv = pwrite_validate(params->fsfd, buf, len, 0); 169 1.37 christos if (rv == (ssize_t)len) 170 1.23 dsl return 1; 171 1.23 dsl if (rv != -1 || (errno != EROFS)) 172 1.23 dsl goto bad_write; 173 1.23 dsl } 174 1.23 dsl 175 1.23 dsl #ifdef DIOCWLABEL 176 1.23 dsl /* Pesky label is protected, try to unprotect it */ 177 1.23 dsl i = 1; 178 1.23 dsl rv = ioctl(params->fsfd, DIOCWLABEL, &i); 179 1.23 dsl if (rv != 0) { 180 1.23 dsl warn("Cannot enable writes to the label sector"); 181 1.23 dsl return 0; 182 1.23 dsl } 183 1.23 dsl /* Try again with label write-enabled */ 184 1.23 dsl rv = pwrite_validate(params->fsfd, buf, len, 0); 185 1.23 dsl 186 1.23 dsl /* Reset write-protext */ 187 1.23 dsl i = 0; 188 1.23 dsl ioctl(params->fsfd, DIOCWLABEL, &i); 189 1.37 christos if (rv == (ssize_t)len) 190 1.23 dsl return 1; 191 1.23 dsl #endif 192 1.23 dsl 193 1.23 dsl bad_write: 194 1.23 dsl if (rv == -1) 195 1.23 dsl warn("Writing `%s'", params->filesystem); 196 1.40 msaitoh else 197 1.23 dsl warnx("Writing `%s': short write, %u bytes", 198 1.23 dsl params->filesystem, rv); 199 1.23 dsl return 0; 200 1.23 dsl } 201 1.23 dsl 202 1.19 dsl static void 203 1.19 dsl show_i386_boot_params(struct x86_boot_params *bpp) 204 1.19 dsl { 205 1.26 christos size_t i; 206 1.19 dsl 207 1.19 dsl printf("Boot options: "); 208 1.19 dsl printf("timeout %d, ", le32toh(bpp->bp_timeout)); 209 1.19 dsl printf("flags %x, ", le32toh(bpp->bp_flags)); 210 1.19 dsl printf("speed %d, ", le32toh(bpp->bp_conspeed)); 211 1.19 dsl printf("ioaddr %x, ", le32toh(bpp->bp_consaddr)); 212 1.37 christos for (i = 0; i < __arraycount(consoles); i++) { 213 1.32 lukem if (consoles[i].dev == (int)le32toh(bpp->bp_consdev)) 214 1.26 christos break; 215 1.26 christos } 216 1.37 christos if (i == __arraycount(consoles)) 217 1.26 christos printf("console %d\n", le32toh(bpp->bp_consdev)); 218 1.19 dsl else 219 1.26 christos printf("console %s\n", consoles[i].name); 220 1.19 dsl if (bpp->bp_keymap[0]) 221 1.19 dsl printf(" keymap %s\n", bpp->bp_keymap); 222 1.19 dsl } 223 1.19 dsl 224 1.19 dsl static int 225 1.23 dsl is_zero(const uint8_t *p, unsigned int len) 226 1.23 dsl { 227 1.23 dsl return len == 0 || (p[0] == 0 && memcmp(p, p + 1, len - 1) == 0); 228 1.23 dsl } 229 1.23 dsl 230 1.23 dsl static int 231 1.19 dsl update_i386_boot_params(ib_params *params, struct x86_boot_params *bpp) 232 1.19 dsl { 233 1.19 dsl struct x86_boot_params bp; 234 1.32 lukem uint32_t bplen; 235 1.26 christos size_t i; 236 1.19 dsl 237 1.19 dsl bplen = le32toh(bpp->bp_length); 238 1.19 dsl if (bplen > sizeof bp) 239 1.19 dsl /* Ignore pad space in bootxx */ 240 1.19 dsl bplen = sizeof bp; 241 1.19 dsl 242 1.19 dsl /* Take (and update) local copy so we handle size mismatches */ 243 1.19 dsl memset(&bp, 0, sizeof bp); 244 1.19 dsl memcpy(&bp, bpp, bplen); 245 1.19 dsl 246 1.19 dsl if (params->flags & IB_TIMEOUT) 247 1.19 dsl bp.bp_timeout = htole32(params->timeout); 248 1.19 dsl if (params->flags & IB_RESETVIDEO) 249 1.19 dsl bp.bp_flags ^= htole32(X86_BP_FLAGS_RESET_VIDEO); 250 1.19 dsl if (params->flags & IB_CONSPEED) 251 1.19 dsl bp.bp_conspeed = htole32(params->conspeed); 252 1.19 dsl if (params->flags & IB_CONSADDR) 253 1.19 dsl bp.bp_consaddr = htole32(params->consaddr); 254 1.19 dsl if (params->flags & IB_CONSOLE) { 255 1.37 christos for (i = 0; i < __arraycount(consoles); i++) 256 1.26 christos if (strcmp(consoles[i].name, params->console) == 0) 257 1.19 dsl break; 258 1.26 christos 259 1.37 christos if (i == __arraycount(consoles)) { 260 1.26 christos warnx("invalid console name, valid names are:"); 261 1.26 christos (void)fprintf(stderr, "\t%s", consoles[0].name); 262 1.39 gson for (i = 1; i < __arraycount(consoles); i++) 263 1.26 christos (void)fprintf(stderr, ", %s", consoles[i].name); 264 1.26 christos (void)fprintf(stderr, "\n"); 265 1.26 christos return 1; 266 1.19 dsl } 267 1.26 christos bp.bp_consdev = htole32(consoles[i].dev); 268 1.19 dsl } 269 1.19 dsl if (params->flags & IB_PASSWORD) { 270 1.19 dsl if (params->password[0]) { 271 1.19 dsl MD5_CTX md5ctx; 272 1.19 dsl MD5Init(&md5ctx); 273 1.19 dsl MD5Update(&md5ctx, params->password, 274 1.19 dsl strlen(params->password)); 275 1.19 dsl MD5Final(bp.bp_password, &md5ctx); 276 1.19 dsl bp.bp_flags |= htole32(X86_BP_FLAGS_PASSWORD); 277 1.19 dsl } else { 278 1.19 dsl memset(&bp.bp_password, 0, sizeof bp.bp_password); 279 1.19 dsl bp.bp_flags &= ~htole32(X86_BP_FLAGS_PASSWORD); 280 1.19 dsl } 281 1.19 dsl } 282 1.19 dsl if (params->flags & IB_KEYMAP) 283 1.19 dsl strlcpy(bp.bp_keymap, params->keymap, sizeof bp.bp_keymap); 284 1.35 drochner if (params->flags & IB_MODULES) 285 1.36 drochner bp.bp_flags ^= htole32(X86_BP_FLAGS_NOMODULES); 286 1.35 drochner if (params->flags & IB_BOOTCONF) 287 1.36 drochner bp.bp_flags ^= htole32(X86_BP_FLAGS_NOBOOTCONF); 288 1.19 dsl 289 1.19 dsl if (params->flags & (IB_NOWRITE | IB_VERBOSE)) 290 1.19 dsl show_i386_boot_params(&bp); 291 1.19 dsl 292 1.19 dsl /* Check we aren't trying to set anything we can't save */ 293 1.23 dsl if (!is_zero((char *)&bp + bplen, sizeof bp - bplen)) { 294 1.19 dsl warnx("Patch area in stage1 bootstrap is too small"); 295 1.19 dsl return 1; 296 1.19 dsl } 297 1.19 dsl memcpy(bpp, &bp, bplen); 298 1.19 dsl return 0; 299 1.19 dsl } 300 1.19 dsl 301 1.22 dsl static int 302 1.1 dsl i386_setboot(ib_params *params) 303 1.1 dsl { 304 1.23 dsl unsigned int u; 305 1.1 dsl ssize_t rv; 306 1.23 dsl uint32_t *magic, expected_magic; 307 1.23 dsl union { 308 1.23 dsl struct mbr_sector mbr; 309 1.23 dsl uint8_t b[8192]; 310 1.23 dsl } disk_buf, bootstrap; 311 1.1 dsl 312 1.1 dsl assert(params != NULL); 313 1.1 dsl assert(params->fsfd != -1); 314 1.1 dsl assert(params->filesystem != NULL); 315 1.1 dsl assert(params->s1fd != -1); 316 1.1 dsl assert(params->stage1 != NULL); 317 1.1 dsl 318 1.2 dsl /* 319 1.33 lukem * There is only 8k of space in a FFSv1 partition (and ustarfs) 320 1.2 dsl * so ensure we don't splat over anything important. 321 1.2 dsl */ 322 1.32 lukem if (params->s1stat.st_size > (off_t)(sizeof bootstrap)) { 323 1.23 dsl warnx("stage1 bootstrap `%s' (%u bytes) is larger than 8192 bytes", 324 1.23 dsl params->stage1, (unsigned int)params->s1stat.st_size); 325 1.23 dsl return 0; 326 1.23 dsl } 327 1.23 dsl if (params->s1stat.st_size < 3 * 512 && params->s1stat.st_size != 512) { 328 1.23 dsl warnx("stage1 bootstrap `%s' (%u bytes) is too small", 329 1.23 dsl params->stage1, (unsigned int)params->s1stat.st_size); 330 1.23 dsl return 0; 331 1.9 lukem } 332 1.9 lukem 333 1.23 dsl /* Read in the existing disk header and boot code */ 334 1.23 dsl rv = pread(params->fsfd, &disk_buf, sizeof (disk_buf), 0); 335 1.24 dogcow if (rv != sizeof(disk_buf)) { 336 1.23 dsl if (rv == -1) 337 1.23 dsl warn("Reading `%s'", params->filesystem); 338 1.23 dsl else 339 1.24 dogcow warnx("Reading `%s': short read, %ld bytes" 340 1.24 dogcow " (should be %ld)", params->filesystem, (long)rv, 341 1.24 dogcow (long)sizeof(disk_buf)); 342 1.23 dsl return 0; 343 1.1 dsl } 344 1.23 dsl 345 1.23 dsl if (disk_buf.mbr.mbr_magic != le16toh(MBR_MAGIC)) { 346 1.9 lukem if (params->flags & IB_VERBOSE) { 347 1.9 lukem printf( 348 1.23 dsl "Ignoring PBR with invalid magic in sector 0 of `%s'\n", 349 1.9 lukem params->filesystem); 350 1.9 lukem } 351 1.23 dsl memset(&disk_buf, 0, 512); 352 1.9 lukem } 353 1.9 lukem 354 1.23 dsl /* Read the new bootstrap code. */ 355 1.23 dsl rv = pread(params->s1fd, &bootstrap, params->s1stat.st_size, 0); 356 1.23 dsl if (rv != params->s1stat.st_size) { 357 1.23 dsl if (rv == -1) 358 1.23 dsl warn("Reading `%s'", params->stage1); 359 1.23 dsl else 360 1.24 dogcow warnx("Reading `%s': short read, %ld bytes" 361 1.24 dogcow " (should be %ld)", params->stage1, (long)rv, 362 1.24 dogcow (long)params->s1stat.st_size); 363 1.23 dsl return 0; 364 1.1 dsl } 365 1.1 dsl 366 1.9 lukem /* 367 1.23 dsl * The bootstrap code is either 512 bytes for booting FAT16, or best 368 1.23 dsl * part of 8k (with bytes 512-1023 all zeros). 369 1.23 dsl */ 370 1.23 dsl if (params->s1stat.st_size == 512) { 371 1.23 dsl /* Magic number is at end of pbr code */ 372 1.23 dsl magic = (void *)(bootstrap.b + 512 - 16 + 4); 373 1.23 dsl expected_magic = htole32(X86_BOOT_MAGIC_FAT); 374 1.23 dsl } else { 375 1.23 dsl /* Magic number is at start of sector following label */ 376 1.23 dsl magic = (void *)(bootstrap.b + 512 * 2 + 4); 377 1.23 dsl expected_magic = htole32(X86_BOOT_MAGIC_1); 378 1.23 dsl /* 379 1.23 dsl * For a variety of reasons we restrict our 'normal' partition 380 1.23 dsl * boot code to a size which enable it to be used as mbr code. 381 1.23 dsl * IMHO this is bugus (dsl). 382 1.23 dsl */ 383 1.23 dsl if (!is_zero(bootstrap.b + 512-2-64, 64)) { 384 1.23 dsl warnx("Data in mbr partition table of new bootstrap"); 385 1.23 dsl return 0; 386 1.23 dsl } 387 1.23 dsl if (!is_zero(bootstrap.b + 512, 512)) { 388 1.23 dsl warnx("Data in label part of new bootstrap"); 389 1.23 dsl return 0; 390 1.23 dsl } 391 1.23 dsl /* Copy mbr table and label from existing disk buffer */ 392 1.23 dsl memcpy(bootstrap.b + 512-2-64, disk_buf.b + 512-2-64, 64); 393 1.23 dsl memcpy(bootstrap.b + 512, disk_buf.b + 512, 512); 394 1.1 dsl } 395 1.1 dsl 396 1.23 dsl /* Validate the 'magic number' that marks the parameter block */ 397 1.23 dsl if (*magic != expected_magic) { 398 1.20 dsl warnx("Invalid magic in stage1 bootstrap %x != %x", 399 1.23 dsl *magic, expected_magic); 400 1.23 dsl return 0; 401 1.2 dsl } 402 1.2 dsl 403 1.9 lukem /* 404 1.34 mbalmer * If the partition has a FAT (or NTFS) filesystem, then we must 405 1.25 dsl * preserve the BIOS Parameter Block (BPB). 406 1.25 dsl * It is also very likely that there isn't 8k of space available 407 1.25 dsl * for (say) bootxx_msdos, and that blindly installing it will trash 408 1.25 dsl * the FAT filesystem. 409 1.25 dsl * To avoid this we check the number of 'reserved' sectors to ensure 410 1.25 dsl * there there is enough space. 411 1.25 dsl * Unfortunately newfs(8) doesn't (yet) splat the BPB (which is 412 1.25 dsl * effectively the FAT superblock) when a filesystem is initailised 413 1.25 dsl * so this code tends to complain rather too often, 414 1.25 dsl * Specifying 'installboot -f' will delete the old BPB info. 415 1.11 lukem */ 416 1.25 dsl if (!(params->flags & IB_FORCE)) { 417 1.29 dsl #define USE_F ", use -f (may invalidate filesystem)" 418 1.25 dsl /* 419 1.25 dsl * For FAT compatibility, the pbr code starts 'jmp xx; nop' 420 1.25 dsl * followed by the BIOS Parameter Block (BPB). 421 1.25 dsl * The 2nd byte (jump offset) is the size of the nop + BPB. 422 1.25 dsl */ 423 1.25 dsl if (bootstrap.b[0] != 0xeb || bootstrap.b[2] != 0x90) { 424 1.29 dsl warnx("No BPB in new bootstrap %02x:%02x:%02x" USE_F, 425 1.25 dsl bootstrap.b[0], bootstrap.b[1], bootstrap.b[2]); 426 1.23 dsl return 0; 427 1.23 dsl } 428 1.25 dsl 429 1.41 kamil /* 430 1.41 kamil * Find size of old BPB, and copy into new bootcode 431 1.41 kamil * 432 1.41 kamil * The 2nd byte (b[1]) contains jmp short relative offset. 433 1.41 kamil * If it is zero or some invalid input that is smaller than 9, 434 1.41 kamil * it will cause overflow and call is_zero() with enormous size. 435 1.41 kamil * Add a paranoid check to prevent this scenario. 436 1.41 kamil * 437 1.41 kamil * Verify that b[0] contains JMP (0xeb) and b[2] NOP (0x90). 438 1.41 kamil */ 439 1.41 kamil if (disk_buf.b[0] == 0xeb && disk_buf.b[1] >= 9 && 440 1.41 kamil disk_buf.b[2] == 0x90 && 441 1.41 kamil !is_zero(disk_buf.b + 3 + 8, disk_buf.b[1] - 1 - 8)) { 442 1.25 dsl struct mbr_bpbFAT16 *bpb = (void *)(disk_buf.b + 3 + 8); 443 1.25 dsl /* Check enough space before the FAT for the bootcode */ 444 1.25 dsl u = le16toh(bpb->bpbBytesPerSec) 445 1.25 dsl * le16toh(bpb->bpbResSectors); 446 1.25 dsl if (u != 0 && u < params->s1stat.st_size) { 447 1.29 dsl warnx("Insufficient reserved space before FAT " 448 1.29 dsl "(%u bytes available)" USE_F, u); 449 1.25 dsl return 0; 450 1.23 dsl } 451 1.25 dsl /* Check we have enough space for the old bpb */ 452 1.25 dsl if (disk_buf.b[1] > bootstrap.b[1]) { 453 1.25 dsl /* old BPB is larger, allow if extra zeros */ 454 1.25 dsl if (!is_zero(disk_buf.b + 2 + bootstrap.b[1], 455 1.25 dsl disk_buf.b[1] - bootstrap.b[1])) { 456 1.29 dsl warnx("Old BPB too big" USE_F); 457 1.25 dsl return 0; 458 1.25 dsl } 459 1.25 dsl u = bootstrap.b[1]; 460 1.25 dsl } else { 461 1.25 dsl /* Old BPB is shorter, leave zero filled */ 462 1.25 dsl u = disk_buf.b[1]; 463 1.25 dsl } 464 1.38 dsl if (params->s1start != 0) 465 1.38 dsl /* Fixup physical offset of filesytem */ 466 1.38 dsl bpb->bpbHiddenSecs = htole32(params->s1start); 467 1.25 dsl memcpy(bootstrap.b + 2, disk_buf.b + 2, u); 468 1.9 lukem } 469 1.29 dsl #undef USE_F 470 1.9 lukem } 471 1.9 lukem 472 1.9 lukem /* 473 1.15 lukem * Fill in any user-specified options into the 474 1.17 dsl * struct x86_boot_params 475 1.23 dsl * that follows the magic number. 476 1.15 lukem * See sys/arch/i386/stand/bootxx/bootxx.S for more information. 477 1.9 lukem */ 478 1.23 dsl if (update_i386_boot_params(params, (void *)(magic + 1))) 479 1.23 dsl return 0; 480 1.1 dsl 481 1.1 dsl if (params->flags & IB_NOWRITE) { 482 1.23 dsl return 1; 483 1.1 dsl } 484 1.1 dsl 485 1.23 dsl /* Copy new bootstrap data into disk buffer, ignoring label area */ 486 1.23 dsl memcpy(&disk_buf, &bootstrap, 512); 487 1.23 dsl if (params->s1stat.st_size > 512 * 2) { 488 1.23 dsl memcpy(disk_buf.b + 2 * 512, bootstrap.b + 2 * 512, 489 1.23 dsl params->s1stat.st_size - 2 * 512); 490 1.23 dsl /* Zero pad to 512 byte sector boundary */ 491 1.23 dsl memset(disk_buf.b + params->s1stat.st_size, 0, 492 1.23 dsl (8192 - params->s1stat.st_size) & 511); 493 1.1 dsl } 494 1.1 dsl 495 1.37 christos return write_boot_area(params, disk_buf.b, sizeof disk_buf.b); 496 1.1 dsl } 497 1.19 dsl 498 1.22 dsl static int 499 1.19 dsl i386_editboot(ib_params *params) 500 1.19 dsl { 501 1.19 dsl int retval; 502 1.19 dsl uint8_t buf[512]; 503 1.19 dsl ssize_t rv; 504 1.19 dsl uint32_t magic; 505 1.19 dsl uint32_t offset; 506 1.19 dsl struct x86_boot_params *bpp; 507 1.19 dsl 508 1.19 dsl assert(params != NULL); 509 1.19 dsl assert(params->fsfd != -1); 510 1.19 dsl assert(params->filesystem != NULL); 511 1.19 dsl 512 1.19 dsl retval = 0; 513 1.19 dsl 514 1.19 dsl /* 515 1.19 dsl * Read in the existing bootstrap. 516 1.21 dsl * Look in any of the first 4 sectors. 517 1.19 dsl */ 518 1.19 dsl 519 1.19 dsl bpp = NULL; 520 1.19 dsl for (offset = 0; offset < 4 * 512; offset += 512) { 521 1.19 dsl rv = pread(params->fsfd, &buf, sizeof buf, offset); 522 1.19 dsl if (rv == -1) { 523 1.19 dsl warn("Reading `%s'", params->filesystem); 524 1.19 dsl goto done; 525 1.19 dsl } else if (rv != sizeof buf) { 526 1.19 dsl warnx("Reading `%s': short read", params->filesystem); 527 1.19 dsl goto done; 528 1.19 dsl } 529 1.19 dsl 530 1.21 dsl /* Magic number is 4 bytes in (to allow for a jmps) */ 531 1.21 dsl /* Also allow any of the magic numbers. */ 532 1.21 dsl magic = le32toh(*(uint32_t *)(buf + 4)) | 0xf; 533 1.21 dsl if (magic != (X86_BOOT_MAGIC_1 | 0xf)) 534 1.19 dsl continue; 535 1.21 dsl 536 1.21 dsl /* The parameters are just after the magic number */ 537 1.19 dsl bpp = (void *)(buf + 8); 538 1.19 dsl break; 539 1.19 dsl } 540 1.19 dsl if (bpp == NULL) { 541 1.21 dsl warnx("Invalid magic in existing bootstrap"); 542 1.19 dsl goto done; 543 1.19 dsl } 544 1.19 dsl 545 1.19 dsl /* 546 1.19 dsl * Fill in any user-specified options into the 547 1.19 dsl * struct x86_boot_params 548 1.19 dsl * that's 8 bytes in from the start of the third sector. 549 1.19 dsl * See sys/arch/i386/stand/bootxx/bootxx.S for more information. 550 1.19 dsl */ 551 1.19 dsl if (update_i386_boot_params(params, bpp)) 552 1.19 dsl goto done; 553 1.19 dsl 554 1.19 dsl if (params->flags & IB_NOWRITE) { 555 1.19 dsl retval = 1; 556 1.19 dsl goto done; 557 1.19 dsl } 558 1.19 dsl 559 1.19 dsl /* 560 1.19 dsl * Write boot code back 561 1.19 dsl */ 562 1.19 dsl rv = pwrite(params->fsfd, buf, sizeof buf, offset); 563 1.19 dsl if (rv == -1) { 564 1.19 dsl warn("Writing `%s'", params->filesystem); 565 1.19 dsl goto done; 566 1.19 dsl } else if (rv != sizeof buf) { 567 1.37 christos warnx("Writing `%s': short write, %zd bytes (should be %zu)", 568 1.37 christos params->filesystem, rv, sizeof(buf)); 569 1.19 dsl goto done; 570 1.19 dsl } 571 1.19 dsl 572 1.19 dsl retval = 1; 573 1.19 dsl 574 1.19 dsl done: 575 1.19 dsl return retval; 576 1.19 dsl } 577
Indexes created Thu Oct 02 14:10:14 GMT 2025