From nobody Thu Aug 11 03:31:36 2022 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M3C5h69gQz4YR1B; Thu, 11 Aug 2022 03:31:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4M3C5h5hYKz3w93; Thu, 11 Aug 2022 03:31:36 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660188696; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=3rbDoxFOK3tyl1WGLIyxp9zbuF2LOEIto8QsR64Q0Lk=; b=Qu3DynNioWaS9kwDiomN14JjB8TVAHZsTLHguEScGRNGizIe3GbPrO5Sn2Xag5ag6RNB92 ZykBODBrYLHKLe2dQU8Sh6MWLkns0UAjDtsQa2Fj42mraZdoiceabPVP/7L4fVTe0raHbo f6H3SJECSmIZBa5bEfMQZQP1nrSdrMwq78ixIZ44gmXVJFpPOLtnOwyVuiGR/1PztGQf0G HVtW5M3HhcTcawEzdrBwcbGaMp1V3grBiLrACRh66rf7ftR3ZcmWdFcy9FfRxkTWfBHJJZ HuDxCc0kCDPoCdzRFlbDziTBJvJOBH08WIThkt/mX+SHbZPDAceeKcgk6Rg3uw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4M3C5h4nw8zbvg; Thu, 11 Aug 2022 03:31:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 27B3Vala007336; Thu, 11 Aug 2022 03:31:36 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 27B3Va7M007335; Thu, 11 Aug 2022 03:31:36 GMT (envelope-from git) Date: Thu, 11 Aug 2022 03:31:36 GMT Message-Id: <202208110331.27B3Va7M007335@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Warner Losh Subject: git: 39fdad34e220 - main - stand: impose 510,000 byte limit for /boot/loader and /boot/pxeldr List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 39fdad34e220c52a433e78f20c8c39412429014e Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660188696; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=3rbDoxFOK3tyl1WGLIyxp9zbuF2LOEIto8QsR64Q0Lk=; b=xWb9l2pMRXG3yKCY0P0e98wz7vPgHDfBaP2QwmpH3nWyAIvE6qQ2PvsRIiAIHlDD3thvV0 xJnmaxtK3MSQeYihgNB4NuGOAb8tISrTtRzOlPbZdVrylIhIKn/VgiwRtyw1HYqVqsn5bm NgwsagTFI7ihvgZe0O8qf2uxB2b3BpU4kfuBqwAvcy+RR4XWokxNInm6BjSyUGGGcS5ciT 64OP7r2ZV+ZeN9ZNT/Q1zDpX7GabBq13cDTsRGnCht4lznq2OC18WMhaCEOTAauf4VJoIg peeF3c6c4FLNKx9tLRezLM+USQay20T7qcL1ITFJIux6NVBK/n6/Xvrp25Fudw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1660188696; a=rsa-sha256; cv=none; b=DTJrCDF3sVLDClxah7xIVUuNOnreXqpwmoC9CVCCrWbHyIfNsjb63gVbVo12L9/kJdsMAo 4it3Fr+z4Stpjwf16m0xHT16wXYAYmxDKHY2z2PayOSSWDB7L7YalMx0rxS2ZbS1dH/KlW x6sBc4uK2Yq5hzCwPPsBgkeTkvrE+XR8l7n/lBFzkI7Rs8o+UBwm+yLKKu358Gc5O6fHcF KkvbNq/YjybY2Eoh6XXw065fZGjaou/WSJRBMceyJ9a/eD4/KCAMvLdaxO7pUsOuAItrKQ E1iqSbFxsIg5zMxyqf93UFKx+vy0F6svwUQOcrXSb9AWYilLyMntGen0ufs0zA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=39fdad34e220c52a433e78f20c8c39412429014e commit 39fdad34e220c52a433e78f20c8c39412429014e Author: Warner Losh AuthorDate: 2022-08-11 03:19:01 +0000 Commit: Warner Losh CommitDate: 2022-08-11 03:29:20 +0000 stand: impose 510,000 byte limit for /boot/loader and /boot/pxeldr The BIOS method of booting imposes an absolute limit of 640k for the size of the program being run due to btx. In practice, this means that programs larger than about 500kiB will fail in odd ways as the stack / heap will overflow. Pick 510,000 as the cutoff line semi-arbitrarily. loader_lua is now almost too big and we want to break the build when it crosses this threshold. In my experience, below 500,000 always works, above 520,000 always seems to fail with things getting bad somewhere between 512,000 to 515,000. 510,000 is as close to the line as I think we can go, though experience may dictate we need to lower this in the future. This is at-best a stop-breakage until we have a better way to subset the boot loader for BIOS booting to allow better, more fined-tuned /boot/loaders for the many different environments they have to run in. This likely means we'll have a graphical loader than understands a few filesystmes for installation, and a non-graphical loader that understands the most filesystems possible for everything else in the future. Our build infrastructure needs some work before we can do that, however. At this late date, it likely isn't worth the efforts to move parts of the loader into high memory. There's a number of assumptions about where the stack is, where buffers reside, etc that are fulfilled when it lives in the first 640k that would need bounce buffers and/or other counter measures if we were to split it up. All BIOS calls are done in 16-bit mode with SEG:OFF addresses, requiring them to be in the first 640k of RAM. And nearly all machines in the last decade can boot with UEFI (though there's some exceptions, so it isn't worth killing outright yet). Sponsored by: Netflix Reviewed by: kevans Differential Revision: https://reviews.freebsd.org/D36129 --- stand/i386/loader/Makefile | 5 +++++ stand/i386/pxeldr/Makefile | 3 +++ 2 files changed, 8 insertions(+) diff --git a/stand/i386/loader/Makefile b/stand/i386/loader/Makefile index 3685281ffd2c..cde1513aac06 100644 --- a/stand/i386/loader/Makefile +++ b/stand/i386/loader/Makefile @@ -19,6 +19,8 @@ PROG= ${LOADER}.sym INTERNALPROG= NEWVERSWHAT?= "bootstrap loader" x86 VERSION_FILE= ${.CURDIR}/../loader/version +LOADERSIZE= 510000 # Largest known safe size + .PATH: ${BOOTSRC}/i386/loader @@ -79,9 +81,12 @@ CFLAGS+= -I${BOOTSRC}/i386 8x16.c: ${SRCTOP}/contrib/terminus/ter-u16b.bdf vtfontcvt -f compressed-source -o ${.TARGET} ${.ALLSRC} + ${LOADER}: ${LOADER}.bin ${BTXLDR} ${BTXKERN} btxld -v -f elf -e ${LOADER_ADDRESS} -o ${.TARGET} -l ${BTXLDR} \ -b ${BTXKERN} ${LOADER}.bin + @set -- `${SIZE} ${.TARGET} | tail -1` ; x=$$((${LOADERSIZE}-$$4)); \ + echo "$$x bytes available"; test $$x -ge 0 ${LOADER}.bin: ${LOADER}.sym ${STRIPBIN} -R .comment -R .note -o ${.TARGET} ${.ALLSRC} diff --git a/stand/i386/pxeldr/Makefile b/stand/i386/pxeldr/Makefile index a44dc0de2885..f8bc1eae9a31 100644 --- a/stand/i386/pxeldr/Makefile +++ b/stand/i386/pxeldr/Makefile @@ -13,6 +13,7 @@ BOOT= pxeboot LDR= pxeldr ORG= 0x7c00 LOADER= loader +PXELDRSIZE= 510000 # Largest known safe size .if defined(BOOT_PXELDR_PROBE_KEYBOARD) CFLAGS+=-DPROBE_KEYBOARD @@ -41,5 +42,7 @@ CLEANFILES+= ${LOADER} ${LOADER}: ${LOADERBIN} ${BTXLDR} ${BTXKERN} btxld -v -f elf -e ${LOADER_ADDRESS} -o ${.TARGET} -l ${BTXLDR} \ -b ${BTXKERN} ${LOADERBIN} + @set -- `${SIZE} ${.TARGET} | tail -1` ; x=$$((${PXELDRSIZE}-$$4)); \ + echo "$$x bytes available"; test $$x -ge 0 .include