#
3e15b01d |
|
22-Feb-2024 |
Warner Losh <imp@FreeBSD.org> |
libsa: Remove redundant sys/cdefs.h Sponsored by: Netflix
|
#
dcc20bce |
|
28-Jan-2024 |
Warner Losh <imp@FreeBSD.org> |
stand: Use modern function definitions Use modern function definitions for functions with no args. Sponsored by: Netflix
|
#
1d386b48 |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line .c pattern Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
|
#
c5f01980 |
|
25-Feb-2023 |
Robert Wing <rew@FreeBSD.org> |
stand: fix buffer overflow in getrootmount() Reviewed by: imp, allanjude Sponsored By: Beckhoff Automation GmbH & Co. KG Sponsored By: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D38734
|
#
49f6a83e |
|
08-Apr-2022 |
Gordon Bergling <gbe@FreeBSD.org> |
stand: Remove a double word in a source code comment - s/be be/be/ MFC after: 3 days
|
#
537a44bf |
|
30-May-2021 |
Colin Percival <cperciva@FreeBSD.org> |
stand/common command_boot: Pass tslog to kernel Pass the recorded tslog buffer to the kernel as a "preloaded module". Reviewed by: kevans
|
#
c46f7610 |
|
13-Dec-2020 |
Jessica Clarke <jrtc27@FreeBSD.org> |
loader: Print autoboot countdown immediately, not at 9 For the first second otime and ntime are equal so no message gets printed. Instead we should print the countdown right from the start, although we do it at the end of the first iteration so that if a key has already been pressed then the message is suppressed. Reviewed by: imp Approved by: imp Differential Revision: https://reviews.freebsd.org/D26935
|
#
b0fefb25 |
|
02-Apr-2019 |
Marcin Wojtas <mw@FreeBSD.org> |
Create kernel module to parse Veriexec manifest based on envs The current approach of injecting manifest into mac_veriexec is to verify the integrity of it in userspace (veriexec (8)) and pass its entries into kernel using a char device (/dev/veriexec). This requires verifying root partition integrity in loader, for example by using memory disk and checking its hash. Otherwise if rootfs is compromised an attacker could inject their own data. This patch introduces an option to parse manifest in kernel based on envs. The loader sets manifest path and digest. EVENTHANDLER is used to launch the module right after the rootfs is mounted. It has to be done this way, since one might want to verify integrity of the init file. This means that manifest is required to be present on the root partition. Note that the envs have to be set right before boot to make sure that no one can spoof them. Submitted by: Kornel Duleba <mindal@semihalf.com> Reviewed by: sjg Obtained from: Semihalf Sponsored by: Stormshield Differential Revision: https://reviews.freebsd.org/D19281
|
#
8df8b2d3 |
|
25-Feb-2019 |
Simon J. Gerraty <sjg@FreeBSD.org> |
Enable veriexec for loader This relies on libbearssl and libsecureboot to verify files read by loader in a maner equivalent to how mac_veriexec Note: disabled by default. Use is initially expected to be by embeded vendors Reviewed by: emaste, imp Sponsored by: Juniper Networks Differential Revision: D16336
|
#
c96ac12e |
|
13-Jul-2018 |
Warner Losh <imp@FreeBSD.org> |
Transition to boot_env_to_howto and boot_howto_to_env in the boot loader. Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D16205
|
#
3db6d179 |
|
09-Jun-2018 |
Kyle Evans <kevans@FreeBSD.org> |
stand: One more trivial consolidation (setting environment from howto)
|
#
593e2c6e |
|
09-Jun-2018 |
Kyle Evans <kevans@FreeBSD.org> |
stand: Consolidate checking for boot flags driven by environment vars e.g. boot_mute, boot_single, boot_verbose, and friends; we checked for these in multiple places, consolidate into common/ and allow a setting of "NO" for any of these to turn them off. This allows systems with multiple loader.conf(5) or loader.conf(5) overlay systems to easily turn off variables in later processed files by setting it to NO. Reported by: Nick Wolff @ iXsystems Reviewed by: imp
|
#
073193ed |
|
31-May-2018 |
Dimitry Andric <dim@FreeBSD.org> |
Fix build of stand with base gcc * Make autoboot() a static function in stand/common/boot.c, so it does not shadow local variables in gptboot.c and zfsboot.c. * Remove -Winline from the Makefiles for gptboot, gptzfsboot and zfsboot, as gcc will always fail to inline some functions, and there is nothing we can do about it. * For gcc <= 4.2.1, silence -Wuninitialized for isoboot, as it produces a false positive warning. * Remove deprecated and unnecessary -mcpu=i386 flag from stand/defs.mk, as there is already a -march=i386 flag further in the file. Reviewed by: imp MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D15628
|
#
16bb6523 |
|
08-Feb-2018 |
Warner Losh <imp@FreeBSD.org> |
Move to tabs for indentation and to 8-space notches, per style(9). 4 space indentation with a mix of tabs and spaces is a hassle. Update to project-standard hard-tabs with 8-space indentation in these files. This matches the new code coming in better as well.
|
#
1065f77a |
|
23-Jan-2018 |
Warner Losh <imp@FreeBSD.org> |
Fix some resource leaks. Always free dev and fstyp before strduping new values to assign to them. Free them at the end of the loop. This keeps them from leaking for mal-formed /etc/fstab lines. CID: 1007777, 1007778, 1007779 Sponsored by: Netflix
|
#
ca987d46 |
|
14-Nov-2017 |
Warner Losh <imp@FreeBSD.org> |
Move sys/boot to stand. Fix all references to new location Sponsored by: Netflix
|