Re: git: c596126a5d3d - main - pmbr: Only load the first 545k rather than error out
Date: Tue, 28 Nov 2023 17:07:39 UTC
Hey John, On Tue, Nov 28, 2023 at 9:06 AM John Baldwin <jhb@freebsd.org> wrote: > On 11/27/23 2:46 PM, Warner Losh wrote: > > The branch main has been updated by imp: > > > > URL: > https://cgit.FreeBSD.org/src/commit/?id=c596126a5d3d2ee015ee6807b4041efa5b9d9b07 > > > > commit c596126a5d3d2ee015ee6807b4041efa5b9d9b07 > > Author: Warner Losh <imp@FreeBSD.org> > > AuthorDate: 2023-11-27 22:40:40 +0000 > > Commit: Warner Losh <imp@FreeBSD.org> > > CommitDate: 2023-11-27 22:45:56 +0000 > > > > pmbr: Only load the first 545k rather than error out > > > > It would be nice to have larger boot partitions for ESPs to live in > one > > day. It's trivial to carve out 5M 10M or 200M when provisioning, but > > logistical issues may make it hard to do it after the fact. So only > warn > > when the partition is > 545k. If we ever grow the boot loader larger > > than that, then it will be responsible for loading the rest anyway. > > > > Sponsored by: Netflix > > Reviewed by: tsoome > > Differential Revision: https://reviews.freebsd.org/D42774 > > --- > > stand/i386/pmbr/pmbr.S | 24 +++++++++++++++--------- > > 1 file changed, 15 insertions(+), 9 deletions(-) > > > > diff --git a/stand/i386/pmbr/pmbr.S b/stand/i386/pmbr/pmbr.S > > index c61acbe261bd..60b26df15720 100644 > > --- a/stand/i386/pmbr/pmbr.S > > +++ b/stand/i386/pmbr/pmbr.S > > @@ -155,8 +155,10 @@ next_boot: addl $1,(%si) # > Next LBA > > mov %es,%ax # Adjust segment for next > > addw $SECSIZE/16,%ax # sector > > cmp $0x9000,%ax # Don't load past 0x90000, > > - jae err_big # 545k should be enough > for > > - mov %ax,%es # any boot code. :) > > + jb sz_ok # 545k should be enough > for > > + call err_big # any boot code, but warn > > + mov $0x9000-SECSIZE/16,%ax # and truncate > > +sz_ok: mov %ax,%es > > jmp load_boot > > # > > # Move to the next partition. If we walk off the end of the sector, > load > > @@ -203,17 +205,21 @@ getdrvparams: > > # > > # Various error message entry points. > > # > > -err_big: movw $msg_big,%si # "Boot loader too > > - jmp putstr # large" > > +err_big: movw $msg_big,%si # "Truncated > > + call putstr # to 545k" > > + ret > > Hmm, the comment here and the text string don't match. > Yea, size related message churn. > > err_pt: movw $msg_pt,%si # "Invalid partition > > - jmp putstr # table" > > + call putstr # table" > > +err_pt.1: jmp err_pt.1 # Await reset > > > > err_rd: movw $msg_rd,%si # "I/O error loading > > - jmp putstr # boot loader" > > + call putstr # boot loader" > > + jmp err_pt.1 > > > > err_noboot: movw $msg_noboot,%si # "Missing boot > > - jmp putstr # loader" > > + call putstr # loader" > > + jmp err_pt.1 > > # > > # Output an ASCIZ string to the console via the BIOS. > > # > > @@ -223,9 +229,9 @@ putstr.0: movw $0x7,%bx # > Page:attribute > > putstr: lodsb # Get character > > testb %al,%al # End of string? > > jnz putstr.0 # No > > -putstr.1: jmp putstr.1 # Await reset > > + ret > > > > -msg_big: .asciz "Boot loader too large" > > +msg_big: .asciz "Loaded only 545k" > > msg_pt: .asciz "Invalid partition table" > > msg_rd: .asciz "I/O error loading boot loader" > > msg_noboot: .asciz "Missing boot loader" > > I wonder if it would save a few bytes by having a common 'puterr' > that does 'call putstr' and then the jmp to itself that the other err > targets use rahter than adding the jmp to each one of those. > Yea, I started to do that, but that's 12 bytes of possible savings at the cost of at least 8 bytes of new assembler, maybe more, so when I got another too full message I punted. > But also, can't you just leave a gap in the partitions to leave room > for a future ESP? It might not always be safe to load a full 545k > depending on if the firmware has reserved some of memory just below > 640k. 545k is an upper bound on how much can be loaded in terms of > 640k - the load address, but the practical limit might be lower. It is > probably safer as a general rule to keep the boot partition closer to > the size of the boot loader and leave a gap in place instead. > Today we load 512k always. This likely is a bad idea on some really bloated with BIOS data system (though they are rare). I'll concede that this may up the number of systems that conflict. It looks like there's a BTX header of sorts just after the gpt loader. In an ideal world, we'd load only the first sector of gptboot and it would load the rest, but that has a legacy problem. We could also enforce a different limit that's much smaller (say 256k or 200k) and just load up to that and force gptboot to cope if it's larger than that (smaller) size. pmbr then starts to be a little less generic, but freebsd-boot was always intended to boot gptboot or gptzfsboot (before they were unified). We can put that limit minus 30-50k into the build system to trigger an error so we at least have some warning before we hit it. Warner