From nobody Tue Jan 24 22:11:49 2023 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4P1h5f15Rbz3bfYK; Tue, 24 Jan 2023 22:11:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4P1h5d4zZhz4Pjn; Tue, 24 Jan 2023 22:11:49 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1674598309; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=g6LFsFHFDrtXXUhatT9g3SGmKzorw88rX2VSyX/sk/s=; b=iHR1fHWxdawSBd+S/y9UkcQmMwNExLv09bStvrquphcB50BDpUOdeK/3gvRJ1tXak1ECHK lI5wYGfxHOro+u3reie3AnEqV2H5lZx5O54KgL1hPoFWAs0q0DDdAlhrDHR2ZYwCCkw2MN QeR1wTErKsBzqtHSJncuDc3fsTzlxGSziqnf1zrh8MmH1zUn0WAKtbZaNckiYThZ97o0h6 Qr3J78UfWHVl0EdFBAJVgrJSyzC/LmaDfceEaAUXg4hQvEhmBiEtxejMHrOtUp4WjzapQ0 HPE4rG7es9OyTOXXRKNwJUxopJUV6nJD9Y9nA9SQQI73BMRFL8N+DBcvXTq8xA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1674598309; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=g6LFsFHFDrtXXUhatT9g3SGmKzorw88rX2VSyX/sk/s=; b=doqJkfZmtqPNIDGHXi7YiF+9s8LOMWsMpYV9vFt/klBbwLLwABhqTsZ28VJX0zdYsYGK+L wuyg7hOnkZp5Rbw1A5F/Qgo3xgARaslfTOrC58YKelBjBBasdeFNzHW9f7/vfuTzyxk5DW g1uhLr677+gFQlQxcXwdLu7uCxRhxZqH/7KuVdkfeXLLiqzqAm3Sp0m7Q6jgLIh67UGATN emb4xBRN0HNQ4Po1Gd8cIntvNX8KsVbD+V1vYYBUjPl5GCpkUHppM6IySxG3frQ/ZdffOD 4zgD3jGiDm+gt0TgCskDRfdPtH7r8y51s+kWKJuJKrwCsGTIyogpmHpk7i3Csw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1674598309; a=rsa-sha256; cv=none; b=wVyuf9pW58HpQ923F1PJdEJqXPYpE7LGKjMo4UuVLZ2P4q+cKELu4nxRzqyb6cifbiWgO+ 170j6aXM7L5neBNV7m5Y2shbGY6GEtJF7U3UWPkUenaiIRGbQdU/a22jX3759+2H70lxaQ xZP5WU3XzJNeN9tdv/PuIzMmZEOScH47Zi2b5TsTuAHbFHvTOI7mnfWx6aF8LoBm3k6+FR itwYnrc25f751RNkF1UqmdM4eLZl4HYrR5DdCQWON3+LY8lskxX7hSzp1QlEgMEW+brFUI tKM3y82zhWONRybNyOSuq0j0VTQ7f6Fmp5aXEMQ98biofaIEC4oyhkLjUTTO7A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4P1h5d4588zQ1m; Tue, 24 Jan 2023 22:11:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 30OMBna7085246; Tue, 24 Jan 2023 22:11:49 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 30OMBnp9085245; Tue, 24 Jan 2023 22:11:49 GMT (envelope-from git) Date: Tue, 24 Jan 2023 22:11:49 GMT Message-Id: <202301242211.30OMBnp9085245@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Warner Losh Subject: git: 2d96089c36cf - stable/13 - stand: impose 510,000 byte limit for /boot/loader and /boot/pxeldr List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 2d96089c36cfac23263ec03385ac30decc8b9bbd Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=2d96089c36cfac23263ec03385ac30decc8b9bbd commit 2d96089c36cfac23263ec03385ac30decc8b9bbd Author: Warner Losh AuthorDate: 2022-08-11 03:19:01 +0000 Commit: Warner Losh CommitDate: 2023-01-24 21:49:29 +0000 stand: impose 510,000 byte limit for /boot/loader and /boot/pxeldr The BIOS method of booting imposes an absolute limit of 640k for the size of the program being run due to btx. In practice, this means that programs larger than about 500kiB will fail in odd ways as the stack / heap will overflow. Pick 510,000 as the cutoff line semi-arbitrarily. loader_lua is now almost too big and we want to break the build when it crosses this threshold. In my experience, below 500,000 always works, above 520,000 always seems to fail with things getting bad somewhere between 512,000 to 515,000. 510,000 is as close to the line as I think we can go, though experience may dictate we need to lower this in the future. This is at-best a stop-breakage until we have a better way to subset the boot loader for BIOS booting to allow better, more fined-tuned /boot/loaders for the many different environments they have to run in. This likely means we'll have a graphical loader than understands a few filesystmes for installation, and a non-graphical loader that understands the most filesystems possible for everything else in the future. Our build infrastructure needs some work before we can do that, however. At this late date, it likely isn't worth the efforts to move parts of the loader into high memory. There's a number of assumptions about where the stack is, where buffers reside, etc that are fulfilled when it lives in the first 640k that would need bounce buffers and/or other counter measures if we were to split it up. All BIOS calls are done in 16-bit mode with SEG:OFF addresses, requiring them to be in the first 640k of RAM. And nearly all machines in the last decade can boot with UEFI (though there's some exceptions, so it isn't worth killing outright yet). Sponsored by: Netflix Reviewed by: kevans Differential Revision: https://reviews.freebsd.org/D36129 (cherry picked from commit 39fdad34e220c52a433e78f20c8c39412429014e) --- stand/i386/loader/Makefile | 5 +++++ stand/i386/pxeldr/Makefile | 3 +++ 2 files changed, 8 insertions(+) diff --git a/stand/i386/loader/Makefile b/stand/i386/loader/Makefile index 3685281ffd2c..cde1513aac06 100644 --- a/stand/i386/loader/Makefile +++ b/stand/i386/loader/Makefile @@ -19,6 +19,8 @@ PROG= ${LOADER}.sym INTERNALPROG= NEWVERSWHAT?= "bootstrap loader" x86 VERSION_FILE= ${.CURDIR}/../loader/version +LOADERSIZE= 510000 # Largest known safe size + .PATH: ${BOOTSRC}/i386/loader @@ -79,9 +81,12 @@ CFLAGS+= -I${BOOTSRC}/i386 8x16.c: ${SRCTOP}/contrib/terminus/ter-u16b.bdf vtfontcvt -f compressed-source -o ${.TARGET} ${.ALLSRC} + ${LOADER}: ${LOADER}.bin ${BTXLDR} ${BTXKERN} btxld -v -f elf -e ${LOADER_ADDRESS} -o ${.TARGET} -l ${BTXLDR} \ -b ${BTXKERN} ${LOADER}.bin + @set -- `${SIZE} ${.TARGET} | tail -1` ; x=$$((${LOADERSIZE}-$$4)); \ + echo "$$x bytes available"; test $$x -ge 0 ${LOADER}.bin: ${LOADER}.sym ${STRIPBIN} -R .comment -R .note -o ${.TARGET} ${.ALLSRC} diff --git a/stand/i386/pxeldr/Makefile b/stand/i386/pxeldr/Makefile index a44dc0de2885..f8bc1eae9a31 100644 --- a/stand/i386/pxeldr/Makefile +++ b/stand/i386/pxeldr/Makefile @@ -13,6 +13,7 @@ BOOT= pxeboot LDR= pxeldr ORG= 0x7c00 LOADER= loader +PXELDRSIZE= 510000 # Largest known safe size .if defined(BOOT_PXELDR_PROBE_KEYBOARD) CFLAGS+=-DPROBE_KEYBOARD @@ -41,5 +42,7 @@ CLEANFILES+= ${LOADER} ${LOADER}: ${LOADERBIN} ${BTXLDR} ${BTXKERN} btxld -v -f elf -e ${LOADER_ADDRESS} -o ${.TARGET} -l ${BTXLDR} \ -b ${BTXKERN} ${LOADERBIN} + @set -- `${SIZE} ${.TARGET} | tail -1` ; x=$$((${PXELDRSIZE}-$$4)); \ + echo "$$x bytes available"; test $$x -ge 0 .include