1.\" Copyright (c) 1999 Daniel C. Sobral 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd October 2, 2020 28.Dt LOADER 8 29.Os 30.Sh NAME 31.Nm loader 32.Nd kernel bootstrapping final stage 33.Sh DESCRIPTION 34The program called 35.Nm 36is the final stage of 37.Fx Ns 's 38kernel bootstrapping process. 39On IA32 (i386) architectures, it is a 40.Pa BTX 41client. 42It is linked statically to 43.Xr libstand 3 44and usually located in the directory 45.Pa /boot . 46.Pp 47It provides a scripting language that can be used to 48automate tasks, do pre-configuration or assist in recovery 49procedures. 50This scripting language is roughly divided in 51two main components. 52The smaller one is a set of commands 53designed for direct use by the casual user, called "builtin 54commands" for historical reasons. 55The main drive behind these commands is user-friendliness. 56The bigger component is an 57.Tn ANS 58Forth compatible Forth interpreter based on FICL, by 59.An John Sadler . 60.Pp 61During initialization, 62.Nm 63will probe for a console and set the 64.Va console 65variable, or set it to serial console 66.Pq Dq Li comconsole 67if the previous boot stage used that. 68If multiple consoles are selected, they will be listed separated by spaces. 69Then, devices are probed, 70.Va currdev 71and 72.Va loaddev 73are set, and 74.Va LINES 75is set to 24. 76Next, 77.Tn FICL 78is initialized, the builtin words are added to its vocabulary, and 79.Pa /boot/boot.4th 80is processed if it exists. 81No disk switching is possible while that file is being read. 82The inner interpreter 83.Nm 84will use with 85.Tn FICL 86is then set to 87.Ic interpret , 88which is 89.Tn FICL Ns 's 90default. 91After that, 92.Pa /boot/loader.rc 93is processed if available. 94These files are processed through the 95.Ic include 96command, which reads all of them into memory before processing them, 97making disk changes possible. 98.Pp 99At this point, if an 100.Ic autoboot 101has not been tried, and if 102.Va autoboot_delay 103is not set to 104.Dq Li NO 105(not case sensitive), then an 106.Ic autoboot 107will be tried. 108If the system gets past this point, 109.Va prompt 110will be set and 111.Nm 112will engage interactive mode. 113Please note that historically even when 114.Va autoboot_delay 115is set to 116.Dq Li 0 117user will be able to interrupt autoboot process by pressing some key 118on the console while kernel and modules are being loaded. 119In some 120cases such behaviour may be undesirable, to prevent it set 121.Va autoboot_delay 122to 123.Dq Li -1 , 124in this case 125.Nm 126will engage interactive mode only if 127.Ic autoboot 128has failed. 129.Sh BUILTIN COMMANDS 130In 131.Nm , 132builtin commands take parameters from the command line. 133Presently, 134the only way to call them from a script is by using 135.Pa evaluate 136on a string. 137If an error condition occurs, an exception will be generated, 138which can be intercepted using 139.Tn ANS 140Forth exception handling 141words. 142If not intercepted, an error message will be displayed and 143the interpreter's state will be reset, emptying the stack and restoring 144interpreting mode. 145.Pp 146The builtin commands available are: 147.Pp 148.Bl -tag -width Ds -compact 149.It Ic autoboot Op Ar seconds Op Ar prompt 150Proceeds to bootstrap the system after a number of seconds, if not 151interrupted by the user. 152Displays a countdown prompt 153warning the user the system is about to be booted, 154unless interrupted by a key press. 155The kernel will be loaded first if necessary. 156Defaults to 10 seconds. 157.Pp 158.It Ic bcachestat 159Displays statistics about disk cache usage. 160For debugging only. 161.Pp 162.It Ic boot 163.It Ic boot Ar kernelname Op Cm ... 164.It Ic boot Fl flag Cm ... 165Immediately proceeds to bootstrap the system, loading the kernel 166if necessary. 167Any flags or arguments are passed to the kernel, but they 168must precede the kernel name, if a kernel name is provided. 169.Pp 170.Em WARNING : 171The behavior of this builtin is changed if 172.Xr loader.4th 8 173is loaded. 174.Pp 175.It Ic echo Xo 176.Op Fl n 177.Op Aq message 178.Xc 179Displays text on the screen. 180A new line will be printed unless 181.Fl n 182is specified. 183.Pp 184.It Ic heap 185Displays memory usage statistics. 186For debugging purposes only. 187.Pp 188.It Ic help Op topic Op subtopic 189Shows help messages read from 190.Pa /boot/loader.help . 191The special topic 192.Em index 193will list the topics available. 194.Pp 195.It Ic include Ar file Op Ar 196Process script files. 197Each file, in turn, is completely read into memory, 198and then each of its lines is passed to the command line interpreter. 199If any error is returned by the interpreter, the include 200command aborts immediately, without reading any other files, and 201returns an error itself (see 202.Sx ERRORS ) . 203.Pp 204.It Ic load Xo 205.Op Fl t Ar type 206.Ar file Cm ... 207.Xc 208Loads a kernel, kernel loadable module (kld), disk image, 209or file of opaque contents tagged as being of the type 210.Ar type . 211Kernel and modules can be either in a.out or ELF format. 212Any arguments passed after the name of the file to be loaded 213will be passed as arguments to that file. 214Use the 215.Li md_image 216type to make the kernel create a file-backed 217.Xr md 4 218disk. 219This is useful for booting from a temporary rootfs. 220Currently, argument passing does not work for the kernel. 221.Pp 222.It Ic load_geli Xo 223.Op Fl n Ar keyno 224.Ar prov Ar file 225.Xc 226Loads a 227.Xr geli 8 228encryption keyfile for the given provider name. 229The key index can be specified via 230.Ar keyno 231or will default to zero. 232.Pp 233.It Ic ls Xo 234.Op Fl l 235.Op Ar path 236.Xc 237Displays a listing of files in the directory 238.Ar path , 239or the root directory if 240.Ar path 241is not specified. 242If 243.Fl l 244is specified, file sizes will be shown too. 245.Pp 246.It Ic lsdev Op Fl v 247Lists all of the devices from which it may be possible to load modules, 248as well as ZFS pools. 249If 250.Fl v 251is specified, more details are printed, including ZFS pool information 252in a format that resembles 253.Nm zpool Cm status 254output. 255.Pp 256.It Ic lsmod Op Fl v 257Displays loaded modules. 258If 259.Fl v 260is specified, more details are shown. 261.Pp 262.It Ic lszfs Ar filesystem 263A ZFS extended command that can be used to explore the ZFS filesystem 264hierarchy in a pool. 265Lists the immediate children of the 266.Ar filesystem . 267The filesystem hierarchy is rooted at a filesystem with the same name 268as the pool. 269.Pp 270.It Ic more Ar file Op Ar 271Display the files specified, with a pause at each 272.Va LINES 273displayed. 274.Pp 275.It Ic pnpscan Op Fl v 276Scans for Plug-and-Play devices. 277This is not functional at present. 278.Pp 279.It Ic read Xo 280.Op Fl t Ar seconds 281.Op Fl p Ar prompt 282.Op Va variable 283.Xc 284Reads a line of input from the terminal, storing it in 285.Va variable 286if specified. 287A timeout can be specified with 288.Fl t , 289though it will be canceled at the first key pressed. 290A prompt may also be displayed through the 291.Fl p 292flag. 293.Pp 294.It Ic reboot 295Immediately reboots the system. 296.Pp 297.It Ic set Ar variable 298.It Ic set Ar variable Ns = Ns Ar value 299Set loader's environment variables. 300.Pp 301.It Ic show Op Va variable 302Displays the specified variable's value, or all variables and their 303values if 304.Va variable 305is not specified. 306.Pp 307.It Ic unload 308Remove all modules from memory. 309.Pp 310.It Ic unset Va variable 311Removes 312.Va variable 313from the environment. 314.Pp 315.It Ic \&? 316Lists available commands. 317.El 318.Ss BUILTIN ENVIRONMENT VARIABLES 319The 320.Nm 321has actually two different kinds of 322.Sq environment 323variables. 324There are ANS Forth's 325.Em environmental queries , 326and a separate space of environment variables used by builtins, which 327are not directly available to Forth words. 328It is the latter type that this section covers. 329.Pp 330Environment variables can be set and unset through the 331.Ic set 332and 333.Ic unset 334builtins, and can have their values interactively examined through the 335use of the 336.Ic show 337builtin. 338Their values can also be accessed as described in 339.Sx BUILTIN PARSER . 340.Pp 341Notice that these environment variables are not inherited by any shell 342after the system has been booted. 343.Pp 344A few variables are set automatically by 345.Nm . 346Others can affect the behavior of either 347.Nm 348or the kernel at boot. 349Some options may require a value, 350while others define behavior just by being set. 351Both types of builtin variables are described below. 352.Bl -tag -width bootfile 353.It Va autoboot_delay 354Number of seconds 355.Ic autoboot 356will wait before booting. 357If this variable is not defined, 358.Ic autoboot 359will default to 10 seconds. 360.Pp 361If set to 362.Dq Li NO , 363no 364.Ic autoboot 365will be automatically attempted after processing 366.Pa /boot/loader.rc , 367though explicit 368.Ic autoboot Ns 's 369will be processed normally, defaulting to 10 seconds delay. 370.Pp 371If set to 372.Dq Li 0 , 373no delay will be inserted, but user still will be able to interrupt 374.Ic autoboot 375process and escape into the interactive mode by pressing some key 376on the console while kernel and 377modules are being loaded. 378.Pp 379If set to 380.Dq Li -1 , 381no delay will be inserted and 382.Nm 383will engage interactive mode only if 384.Ic autoboot 385has failed for some reason. 386.It Va boot_askname 387Instructs the kernel to prompt the user for the name of the root device 388when the kernel is booted. 389.It Va boot_cdrom 390Instructs the kernel to try to mount the root file system from CD-ROM. 391.It Va boot_ddb 392Instructs the kernel to start in the DDB debugger, rather than 393proceeding to initialize when booted. 394.It Va boot_dfltroot 395Instructs the kernel to mount the statically compiled-in root file system. 396.It Va boot_gdb 397Selects gdb-remote mode for the kernel debugger by default. 398.It Va boot_multicons 399Enables multiple console support in the kernel early on boot. 400In a running system, console configuration can be manipulated 401by the 402.Xr conscontrol 8 403utility. 404.It Va boot_mute 405All kernel console output is suppressed when console is muted. 406In a running system, the state of console muting can be manipulated by the 407.Xr conscontrol 8 408utility. 409.It Va boot_pause 410During the device probe, pause after each line is printed. 411.It Va boot_serial 412Force the use of a serial console even when an internal console 413is present. 414.It Va boot_single 415Prevents the kernel from initiating a multi-user startup; instead, 416a single-user mode will be entered when the kernel has finished 417device probing. 418.It Va boot_verbose 419Setting this variable causes extra debugging information to be printed 420by the kernel during the boot phase. 421.It Va bootfile 422List of semicolon-separated search path for bootable kernels. 423The default is 424.Dq Li kernel . 425.It Va comconsole_speed 426Defines the speed of the serial console (i386 and amd64 only). 427If the previous boot stage indicated that a serial console is in use 428then this variable is initialized to the current speed of the console 429serial port. 430Otherwise it is set to 9600 unless this was overridden using the 431.Va BOOT_COMCONSOLE_SPEED 432variable when 433.Nm 434was compiled. 435Changes to the 436.Va comconsole_speed 437variable take effect immediately. 438.It Va comconsole_port 439Defines the base i/o port used to access console UART 440(i386 and amd64 only). 441If the variable is not set, its assumed value is 0x3F8, which 442corresponds to PC port COM1, unless overridden by 443.Va BOOT_COMCONSOLE_PORT 444variable during the compilation of 445.Nm . 446Setting the 447.Va comconsole_port 448variable automatically set 449.Va hw.uart.console 450environment variable to provide a hint to kernel for location of the console. 451Loader console is changed immediately after variable 452.Va comconsole_port 453is set. 454.It Va comconsole_pcidev 455Defines the location of a PCI device of the 'simple communication' 456class to be used as the serial console UART (i386 and amd64 only). 457The syntax of the variable is 458.Li 'bus:device:function[:bar]' , 459where all members must be numeric, with possible 460.Li 0x 461prefix to indicate a hexadecimal value. 462The 463.Va bar 464member is optional and assumed to be 0x10 if omitted. 465The bar must decode i/o space. 466Setting the variable 467.Va comconsole_pcidev 468automatically sets the variable 469.Va comconsole_port 470to the base of the selected bar, and hint 471.Va hw.uart.console . 472Loader console is changed immediately after variable 473.Va comconsole_pcidev 474is set. 475.It Va console 476Defines the current console or consoles. 477Multiple consoles may be specified. 478In that case, the first listed console will become the default console for 479userland output (e.g.\& from 480.Xr init 8 ) . 481.It Va currdev 482Selects the default device to loader the kernel from. 483The syntax is: 484.Dl Ic loader_device: 485or 486.Dl Ic zfs:dataset: 487Examples: 488.Dl Ic disk0p2: 489.Dl Ic zfs:zroot/ROOT/default: 490.It Va dumpdev 491Sets the device for kernel dumps. 492This can be used to ensure that a device is configured before the corresponding 493.Va dumpdev 494directive from 495.Xr rc.conf 5 496has been processed, allowing kernel panics that happen during the early stages 497of boot to be captured. 498.It Va init_chroot 499See 500.Xr init 8 . 501.It Va init_exec 502See 503.Xr init 8 . 504.It Va init_path 505Sets the list of binaries which the kernel will try to run as the initial 506process. 507The first matching binary is used. 508The default list is 509.Dq Li /sbin/init:/sbin/oinit:/sbin/init.bak:\:/rescue/init . 510.It Va init_script 511See 512.Xr init 8 . 513.It Va init_shell 514See 515.Xr init 8 . 516.It Va interpret 517Has the value 518.Dq Li OK 519if the Forth's current state is interpreting. 520.It Va LINES 521Define the number of lines on the screen, to be used by the pager. 522.It Va module_path 523Sets the list of directories which will be searched for modules 524named in a load command or implicitly required by a dependency. 525The default value for this variable is 526.Dq Li /boot/kernel;/boot/modules . 527.It Va num_ide_disks 528Sets the number of IDE disks as a workaround for some problems in 529finding the root disk at boot. 530This has been deprecated in favor of 531.Va root_disk_unit . 532.It Va prompt 533Value of 534.Nm Ns 's 535prompt. 536Defaults to 537.Dq Li "${interpret}" . 538If variable 539.Va prompt 540is unset, the default prompt is 541.Ql > . 542.It Va root_disk_unit 543If the code which detects the disk unit number for the root disk is 544confused, e.g.\& by a mix of SCSI and IDE disks, or IDE disks with 545gaps in the sequence (e.g.\& no primary slave), the unit number can 546be forced by setting this variable. 547.It Va rootdev 548By default the value of 549.Va currdev 550is used to set the root file system 551when the kernel is booted. 552This can be overridden by setting 553.Va rootdev 554explicitly. 555.El 556.Pp 557Other variables are used to override kernel tunable parameters. 558The following tunables are available: 559.Bl -tag -width Va 560.It Va efi.rt.disabled 561Disable UEFI runtime services in the kernel, if applicable. 562Runtime services are only available and used if the kernel is booted in a UEFI 563environment. 564.It Va hw.physmem 565Limit the amount of physical memory the system will use. 566By default the size is in bytes, but the 567.Cm k , K , m , M , g 568and 569.Cm G 570suffixes 571are also accepted and indicate kilobytes, megabytes and gigabytes 572respectively. 573An invalid suffix will result in the variable being ignored by the 574kernel. 575.It Va hw.pci.host_start_mem , hw.acpi.host_start_mem 576When not otherwise constrained, this limits the memory start 577address. 578The default is 0x80000000 and should be set to at least size of the 579memory and not conflict with other resources. 580Typically, only systems without PCI bridges need to set this variable 581since PCI bridges typically constrain the memory starting address 582(and the variable is only used when bridges do not constrain this 583address). 584.It Va hw.pci.enable_io_modes 585Enable PCI resources which are left off by some BIOSes or are not 586enabled correctly by the device driver. 587Tunable value set to ON (1) by default, but this may cause problems 588with some peripherals. 589.It Va kern.maxusers 590Set the size of a number of statically allocated system tables; see 591.Xr tuning 7 592for a description of how to select an appropriate value for this 593tunable. 594When set, this tunable replaces the value declared in the kernel 595compile-time configuration file. 596.It Va kern.ipc.nmbclusters 597Set the number of mbuf clusters to be allocated. 598The value cannot be set below the default 599determined when the kernel was compiled. 600.It Va kern.ipc.nsfbufs 601Set the number of 602.Xr sendfile 2 603buffers to be allocated. 604Overrides 605.Dv NSFBUFS . 606Not all architectures use such buffers; see 607.Xr sendfile 2 608for details. 609.It Va kern.maxswzone 610Limits the amount of KVM to be used to hold swap 611metadata, which directly governs the 612maximum amount of swap the system can support, 613at the rate of approximately 200 MB of swap space 614per 1 MB of metadata. 615This value is specified in bytes of KVA space. 616If no value is provided, the system allocates 617enough memory to handle an amount of swap 618that corresponds to eight times the amount of 619physical memory present in the system. 620.Pp 621Note that swap metadata can be fragmented, 622which means that the system can run out of 623space before it reaches the theoretical limit. 624Therefore, care should be taken to not configure 625more swap than approximately half of the 626theoretical maximum. 627.Pp 628Running out of space for swap metadata can leave 629the system in an unrecoverable state. 630Therefore, you should only change 631this parameter if you need to greatly extend the 632KVM reservation for other resources such as the 633buffer cache or 634.Va kern.ipc.nmbclusters . 635Modifies kernel option 636.Dv VM_SWZONE_SIZE_MAX . 637.It Va kern.maxbcache 638Limits the amount of KVM reserved for use by the 639buffer cache, specified in bytes. 640The default maximum is 200MB on i386, 641and 400MB on amd64. 642This parameter is used to 643prevent the buffer cache from eating too much 644KVM in large-memory machine configurations. 645Only mess around with this parameter if you need to 646greatly extend the KVM reservation for other resources 647such as the swap zone or 648.Va kern.ipc.nmbclusters . 649Note that 650the NBUF parameter will override this limit. 651Modifies 652.Dv VM_BCACHE_SIZE_MAX . 653.It Va kern.msgbufsize 654Sets the size of the kernel message buffer. 655The default limit of 96KB is usually sufficient unless 656large amounts of trace data need to be collected 657between opportunities to examine the buffer or 658dump it to a file. 659Overrides kernel option 660.Dv MSGBUF_SIZE . 661.It Va machdep.disable_mtrrs 662Disable the use of i686 MTRRs (x86 only). 663.It Va net.inet.tcp.tcbhashsize 664Overrides the compile-time set value of 665.Dv TCBHASHSIZE 666or the preset default of 512. 667Must be a power of 2. 668.It Va twiddle_divisor 669Throttles the output of the 670.Sq twiddle 671I/O progress indicator displayed while loading the kernel and modules. 672This is useful on slow serial consoles where the time spent waiting for 673these characters to be written can add up to many seconds. 674The default is 1 (full speed); a value of 2 spins half as fast, and so on. 675.It Va vm.kmem_size 676Sets the size of kernel memory (bytes). 677This overrides the value determined when the kernel was compiled. 678Modifies 679.Dv VM_KMEM_SIZE . 680.It Va vm.kmem_size_min 681.It Va vm.kmem_size_max 682Sets the minimum and maximum (respectively) amount of kernel memory 683that will be automatically allocated by the kernel. 684These override the values determined when the kernel was compiled. 685Modifies 686.Dv VM_KMEM_SIZE_MIN 687and 688.Dv VM_KMEM_SIZE_MAX . 689.El 690.Ss ZFS FEATURES 691.Nm 692supports the following format for specifying ZFS filesystems which 693can be used wherever 694.Xr loader 8 695refers to a device specification: 696.Pp 697.Ar zfs:pool/filesystem: 698.Pp 699where 700.Pa pool/filesystem 701is a ZFS filesystem name as described in 702.Xr zfs 8 . 703.Pp 704If 705.Pa /etc/fstab 706does not have an entry for the root filesystem and 707.Va vfs.root.mountfrom 708is not set, but 709.Va currdev 710refers to a ZFS filesystem, then 711.Nm 712will instruct kernel to use that filesystem as the root filesystem. 713.Ss BUILTIN PARSER 714When a builtin command is executed, the rest of the line is taken 715by it as arguments, and it is processed by a special parser which 716is not used for regular Forth commands. 717.Pp 718This special parser applies the following rules to the parsed text: 719.Bl -enum 720.It 721All backslash characters are preprocessed. 722.Bl -bullet 723.It 724\eb , \ef , \er , \en and \et are processed as in C. 725.It 726\es is converted to a space. 727.It 728\ev is converted to 729.Tn ASCII 73011. 731.It 732\ez is just skipped. 733Useful for things like 734.Dq \e0xf\ez\e0xf . 735.It 736\e0xN and \e0xNN are replaced by the hex N or NN. 737.It 738\eNNN is replaced by the octal NNN 739.Tn ASCII 740character. 741.It 742\e" , \e' and \e$ will escape these characters, preventing them from 743receiving special treatment in Step 2, described below. 744.It 745\e\e will be replaced with a single \e . 746.It 747In any other occurrence, backslash will just be removed. 748.El 749.It 750Every string between non-escaped quotes or double-quotes will be treated 751as a single word for the purposes of the remaining steps. 752.It 753Replace any 754.Li $VARIABLE 755or 756.Li ${VARIABLE} 757with the value of the environment variable 758.Va VARIABLE . 759.It 760Space-delimited arguments are passed to the called builtin command. 761Spaces can also be escaped through the use of \e\e . 762.El 763.Pp 764An exception to this parsing rule exists, and is described in 765.Sx BUILTINS AND FORTH . 766.Ss BUILTINS AND FORTH 767All builtin words are state-smart, immediate words. 768If interpreted, they behave exactly as described previously. 769If they are compiled, though, 770they extract their arguments from the stack instead of the command line. 771.Pp 772If compiled, the builtin words expect to find, at execution time, the 773following parameters on the stack: 774.D1 Ar addrN lenN ... addr2 len2 addr1 len1 N 775where 776.Ar addrX lenX 777are strings which will compose the command line that will be parsed 778into the builtin's arguments. 779Internally, these strings are concatenated in from 1 to N, 780with a space put between each one. 781.Pp 782If no arguments are passed, a 0 783.Em must 784be passed, even if the builtin accepts no arguments. 785.Pp 786While this behavior has benefits, it has its trade-offs. 787If the execution token of a builtin is acquired (through 788.Ic ' 789or 790.Ic ['] ) , 791and then passed to 792.Ic catch 793or 794.Ic execute , 795the builtin behavior will depend on the system state 796.Bf Em 797at the time 798.Ic catch 799or 800.Ic execute 801is processed! 802.Ef 803This is particularly annoying for programs that want or need to 804handle exceptions. 805In this case, the use of a proxy is recommended. 806For example: 807.Dl : (boot) boot ; 808.Sh FICL 809.Tn FICL 810is a Forth interpreter written in C, in the form of a forth 811virtual machine library that can be called by C functions and vice 812versa. 813.Pp 814In 815.Nm , 816each line read interactively is then fed to 817.Tn FICL , 818which may call 819.Nm 820back to execute the builtin words. 821The builtin 822.Ic include 823will also feed 824.Tn FICL , 825one line at a time. 826.Pp 827The words available to 828.Tn FICL 829can be classified into four groups. 830The 831.Tn ANS 832Forth standard words, extra 833.Tn FICL 834words, extra 835.Fx 836words, and the builtin commands; 837the latter were already described. 838The 839.Tn ANS 840Forth standard words are listed in the 841.Sx STANDARDS 842section. 843The words falling in the two other groups are described in the 844following subsections. 845.Ss FICL EXTRA WORDS 846.Bl -tag -width wid-set-super 847.It Ic .env 848.It Ic .ver 849.It Ic -roll 850.It Ic 2constant 851.It Ic >name 852.It Ic body> 853.It Ic compare 854This is the STRING word set's 855.Ic compare . 856.It Ic compile-only 857.It Ic endif 858.It Ic forget-wid 859.It Ic parse-word 860.It Ic sliteral 861This is the STRING word set's 862.Ic sliteral . 863.It Ic wid-set-super 864.It Ic w@ 865.It Ic w! 866.It Ic x. 867.It Ic empty 868.It Ic cell- 869.It Ic -rot 870.El 871.Ss FREEBSD EXTRA WORDS 872.Bl -tag -width XXXXXXXX 873.It Ic \&$ Pq -- 874Evaluates the remainder of the input buffer, after having printed it first. 875.It Ic \&% Pq -- 876Evaluates the remainder of the input buffer under a 877.Ic catch 878exception guard. 879.It Ic .# 880Works like 881.Ic "." 882but without outputting a trailing space. 883.It Ic fclose Pq Ar fd -- 884Closes a file. 885.It Ic fkey Pq Ar fd -- char 886Reads a single character from a file. 887.It Ic fload Pq Ar fd -- 888Processes a file 889.Em fd . 890.It Ic fopen Pq Ar addr len mode Li -- Ar fd 891Opens a file. 892Returns a file descriptor, or \-1 in case of failure. 893The 894.Ar mode 895parameter selects whether the file is to be opened for read access, write 896access, or both. 897The constants 898.Dv O_RDONLY , O_WRONLY , 899and 900.Dv O_RDWR 901are defined in 902.Pa /boot/support.4th , 903indicating read only, write only, and read-write access, respectively. 904.It Xo 905.Ic fread 906.Pq Ar fd addr len -- len' 907.Xc 908Tries to read 909.Em len 910bytes from file 911.Em fd 912into buffer 913.Em addr . 914Returns the actual number of bytes read, or -1 in case of error or end of 915file. 916.It Ic heap? Pq -- Ar cells 917Return the space remaining in the dictionary heap, in cells. 918This is not related to the heap used by dynamic memory allocation words. 919.It Ic inb Pq Ar port -- char 920Reads a byte from a port. 921.It Ic key Pq -- Ar char 922Reads a single character from the console. 923.It Ic key? Pq -- Ar flag 924Returns 925.Ic true 926if there is a character available to be read from the console. 927.It Ic ms Pq Ar u -- 928Waits 929.Em u 930microseconds. 931.It Ic outb Pq Ar port char -- 932Writes a byte to a port. 933.It Ic seconds Pq -- Ar u 934Returns the number of seconds since midnight. 935.It Ic tib> Pq -- Ar addr len 936Returns the remainder of the input buffer as a string on the stack. 937.It Ic trace! Pq Ar flag -- 938Activates or deactivates tracing. 939Does not work with 940.Ic catch . 941.El 942.Ss FREEBSD DEFINED ENVIRONMENTAL QUERIES 943.Bl -tag -width Ds 944.It arch-i386 945.Ic TRUE 946if the architecture is IA32. 947.It FreeBSD_version 948.Fx 949version at compile time. 950.It loader_version 951.Nm 952version. 953.El 954.Sh SECURITY 955Access to the 956.Nm 957command line provides several ways of compromising system security, 958including, but not limited to: 959.Pp 960.Bl -bullet 961.It 962Booting from removable storage, by setting the 963.Va currdev 964or 965.Va loaddev 966variables 967.It 968Executing binary of choice, by setting the 969.Va init_path 970or 971.Va init_script 972variables 973.It 974Overriding ACPI DSDT to inject arbitrary code into the ACPI subsystem 975.El 976.Pp 977One can prevent unauthorized access 978to the 979.Nm 980command line by setting the 981.Va password , 982or setting 983.Va autoboot_delay 984to -1. 985See 986.Xr loader.conf 5 987for details. 988In order for this to be effective, one should also configure the firmware 989(BIOS or UEFI) to prevent booting from unauthorized devices. 990.Sh FILES 991.Bl -tag -width /usr/share/examples/bootforth/ -compact 992.It Pa /boot/loader 993.Nm 994itself. 995.It Pa /boot/boot.4th 996Additional 997.Tn FICL 998initialization. 999.It Pa /boot/defaults/loader.conf 1000.It Pa /boot/loader.4th 1001Extra builtin-like words. 1002.It Pa /boot/loader.conf 1003.It Pa /boot/loader.conf.local 1004.Nm 1005configuration files, as described in 1006.Xr loader.conf 5 . 1007.It Pa /boot/loader.rc 1008.Nm 1009bootstrapping script. 1010.It Pa /boot/loader.help 1011Loaded by 1012.Ic help . 1013Contains the help messages. 1014.It Pa /boot/support.4th 1015.Pa loader.conf 1016processing words. 1017.It Pa /usr/share/examples/bootforth/ 1018Assorted examples. 1019.El 1020.Sh EXAMPLES 1021Boot in single user mode: 1022.Pp 1023.Dl boot -s 1024.Pp 1025Load the kernel, a splash screen, and then autoboot in five seconds. 1026Notice that a kernel must be loaded before any other 1027.Ic load 1028command is attempted. 1029.Bd -literal -offset indent 1030load kernel 1031load splash_bmp 1032load -t splash_image_data /boot/chuckrulez.bmp 1033autoboot 5 1034.Ed 1035.Pp 1036Set the disk unit of the root device to 2, and then boot. 1037This would be needed in a system with two IDE disks, 1038with the second IDE disk hardwired to ada2 instead of ada1. 1039.Bd -literal -offset indent 1040set root_disk_unit=2 1041boot /boot/kernel/kernel 1042.Ed 1043.Pp 1044Set the default device used for loading a kernel from a ZFS filesystem: 1045.Bd -literal -offset indent 1046set currdev=zfs:tank/ROOT/knowngood: 1047.Ed 1048.Pp 1049.Sh ERRORS 1050The following values are thrown by 1051.Nm : 1052.Bl -tag -width XXXXX -offset indent 1053.It 100 1054Any type of error in the processing of a builtin. 1055.It -1 1056.Ic Abort 1057executed. 1058.It -2 1059.Ic Abort" 1060executed. 1061.It -56 1062.Ic Quit 1063executed. 1064.It -256 1065Out of interpreting text. 1066.It -257 1067Need more text to succeed -- will finish on next run. 1068.It -258 1069.Ic Bye 1070executed. 1071.It -259 1072Unspecified error. 1073.El 1074.Sh SEE ALSO 1075.Xr libstand 3 , 1076.Xr loader.conf 5 , 1077.Xr tuning 7 , 1078.Xr boot 8 , 1079.Xr btxld 8 1080.Sh STANDARDS 1081For the purposes of ANS Forth compliance, loader is an 1082.Bf Em 1083ANS Forth System with Environmental Restrictions, Providing 1084.Ef 1085.Bf Li 1086.No .( , 1087.No :noname , 1088.No ?do , 1089parse, pick, roll, refill, to, value, \e, false, true, 1090.No <> , 1091.No 0<> , 1092compile\&, , erase, nip, tuck 1093.Ef 1094.Em and 1095.Li marker 1096.Bf Em 1097from the Core Extensions word set, Providing the Exception Extensions 1098word set, Providing the Locals Extensions word set, Providing the 1099Memory-Allocation Extensions word set, Providing 1100.Ef 1101.Bf Li 1102\&.s, 1103bye, forget, see, words, 1104\&[if], 1105\&[else] 1106.Ef 1107.Em and 1108.Li [then] 1109.Bf Em 1110from the Programming-Tools extension word set, Providing the 1111Search-Order extensions word set. 1112.Ef 1113.Sh HISTORY 1114The 1115.Nm 1116first appeared in 1117.Fx 3.1 . 1118.Sh AUTHORS 1119.An -nosplit 1120The 1121.Nm 1122was written by 1123.An Michael Smith Aq msmith@FreeBSD.org . 1124.Pp 1125.Tn FICL 1126was written by 1127.An John Sadler Aq john_sadler@alum.mit.edu . 1128.Sh BUGS 1129The 1130.Ic expect 1131and 1132.Ic accept 1133words will read from the input buffer instead of the console. 1134The latter will be fixed, but the former will not. 1135