From owner-freebsd-hackers@freebsd.org Tue May 1 18:53:34 2018 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E34D3FB4141 for ; Tue, 1 May 2018 18:53:33 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: from mail-it0-x234.google.com (mail-it0-x234.google.com [IPv6:2607:f8b0:4001:c0b::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 745C66E700 for ; Tue, 1 May 2018 18:53:33 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: by mail-it0-x234.google.com with SMTP id 70-v6so8305279ity.2 for ; Tue, 01 May 2018 11:53:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20150623.gappssmtp.com; s=20150623; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=gXjmjPwnVr1iyzdy5c/jXg6f4ql0eMPeZypZHs9aqCw=; b=iQzsetUKB8Azm63hrvyX9JnbKM9bgnQjXWuAQqmcP4u2g6dRSRM1mcGGv5BHJCMzm1 9b0bXsGvj7xbJsxiTlUnqEqYVKrfSXPhl3xBB9ja9IHmLOZD1ropqbuXAEHchH5mteoA jbOkCVxPE16Nw2d/tKKWn7uLLppptvZuQf8odHiRmx2Zv2t4ICOGgeqFFnkVUT4kBXsk 7X9OaKb2sQ9hHXCJQnzmSp3n2GuP2OiUlZkjy16cJtDC5nGUL/kuura9piizy/bLn9DM 25ksKwixEI3SvWoVy3fXXciOi+qzjisf6NzcBeq+9T7q50ajk8+QD4XLoUVfeL/8Hoc4 2S9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=gXjmjPwnVr1iyzdy5c/jXg6f4ql0eMPeZypZHs9aqCw=; b=bCVwzMtY8mQc5wY0GT7O7HCCybJRThR5MjBk1j8EEsYAtuqWj7LA5JMyMp+mg7+l7A kOC14yxBX+GzWY6g9N0gaoz0KlV4xhXeZ/DFS4BuNzMI2GI7wD05hB2zPr5SMTtnXA6B PItBTHzsC+TY3W2VwfqqfRaN7lvWOE6EVmBtGVF6UzuFBlm9madGYDznUHsngBG6uUOi PUnqsNUm1Bke3hFqvXuDmiyV3TNP6pY8Xo+8sT08EQtJISouwdY1CqMYQr7fB+G+To5d JvAvZRmbYar1w45WqIDzTgXssqxkp+vMWSvFAG+XkwpclSZUXTFWsuVUxqe4dOWlCKUL DlHA== X-Gm-Message-State: ALQs6tDLZi+6mbTlLQ+mynfZa+6qoO+w0piEKI4PzjewjG6Rf4ZvAnuc AgOReRXc8Wnc7FgEz7DzFCDpENgDrz+LYH1xmpzgDA== X-Google-Smtp-Source: AB8JxZo1wluO+NchhE8WODoKa9scQMF2fW1uJADYMcwQ5sXDWqTYekTUx5Mf40R61Vulavua3jG9Iy+q5Hb2wgI9Yds= X-Received: by 2002:a24:4c55:: with SMTP id a82-v6mr11882186itb.1.1525200812727; Tue, 01 May 2018 11:53:32 -0700 (PDT) MIME-Version: 1.0 Sender: wlosh@bsdimp.com Received: by 2002:a4f:a65a:0:0:0:0:0 with HTTP; Tue, 1 May 2018 11:53:32 -0700 (PDT) X-Originating-IP: [2603:300b:6:5100:1052:acc7:f9de:2b6d] In-Reply-To: References: <7630266D-D078-41B3-BC27-32EBF65540C4@gmail.com> From: Warner Losh Date: Tue, 1 May 2018 12:53:32 -0600 X-Google-Sender-Auth: edf8uU_3gs8EYOMKcvudLxmoKGg Message-ID: Subject: Re: Bug 207069 (loader password kills boot) To: David Cross Cc: Kyle Evans , FreeBSD Hackers , Devin Teske Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 May 2018 18:53:34 -0000 On Tue, May 1, 2018 at 12:49 PM, David Cross wrote: > From my investigation when I wrote the patch originally the problem is (a= s > I recall, its been awhile) the forth dictionary space is limited so parts > are flushed out (that is the only section at the top) additional > dictionaries are then explicitly loaded (the also sections. The load_kern= el > and load_modules are needed from the support-functions dictionaries > That matches my reading of the also clause. Thanks. > As for why this is now needed here, there was a change made ~2 years ago > to defer loading the kernel until the system was just about to boot (afte= r > beastie menu vs before). Autoboot assumes that kernel is loaded and will > not load for you. Making it load for you conflicts with the menu loading > it. So it password is enabled menu and kernel loading doesn=E2=80=99t hap= pen. This > reatores that and puts it right before autoboot (which is a C portion of > loader) > OK. That gives me something to go on to look at things more closely. > (Going off of memory from ~2 years ago) > > Apologies for naming the patch works for me. This wasn=E2=80=99t just sla= p it in > where it worked, i spent a good amount of time digging into what changed, > why, and to maintain the desired flow, OK. That also helps. Thanks for taking the time to dust off the memories. Warner > > On May 1, 2018, at 14:22, Kyle Evans wrote: > > > >> On Tue, May 1, 2018 at 1:17 PM, Warner Losh wrote: > >> > >> > >>> On Tue, May 1, 2018 at 12:12 PM, Kyle Evans > wrote: > >>> > >>>> On Tue, May 1, 2018 at 1:07 PM, David Cross > wrote: > >>>> The aforementioned bug has been open for over 2 years, with attached > and > >>>> tested patches. At least one other has commented. > >>>> > >>>> Could we please have it for 11.2/12.0? > >>> > >>> Hi, > >>> > >>> CC'ing Devin, our local Forth-fu-fighter. If it looks ok to Devin, on= e > >>> of us should go ahead and shuffle this through. > >> > >> > >> Yes. I've looked at this code a fair amount, and I don't understand wh= y > this > >> is needed and why it would make things work. Since it is a security > thing, > >> I'm very reluctant to push it in absent better understanding of why it > >> works. > >> > > > > Right, it also confuses me. =3D) > > > > When I was implementing this stuff for Lua, autoboot DTRT as long as > > module_path is setup correctly -- this is probably the part that's > > missing since IIRC that's usually done in menu setup (that doesn't > > happen here). > > > > I'm not sure if this the right way to fix it in Forth-land, though. >