xref: /freebsd/stand/man/loader.8 (revision da5069e1f7daaef1e7157876d6044de6f3a08ce2)
1.\" Copyright (c) 1999 Daniel C. Sobral
2.\" All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\"
13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23.\" SUCH DAMAGE.
24.\"
25.\" $FreeBSD$
26.\"
27.Dd August 15, 2018
28.Dt LOADER 8
29.Os
30.Sh NAME
31.Nm loader
32.Nd kernel bootstrapping final stage
33.Sh DESCRIPTION
34The program called
35.Nm
36is the final stage of
37.Fx Ns 's
38kernel bootstrapping process.
39On IA32 (i386) architectures, it is a
40.Pa BTX
41client.
42It is linked statically to
43.Xr libstand 3
44and usually located in the directory
45.Pa /boot .
46.Pp
47It provides a scripting language that can be used to
48automate tasks, do pre-configuration or assist in recovery
49procedures.
50This scripting language is roughly divided in
51two main components.
52The smaller one is a set of commands
53designed for direct use by the casual user, called "builtin
54commands" for historical reasons.
55The main drive behind these commands is user-friendliness.
56The bigger component is an
57.Tn ANS
58Forth compatible Forth interpreter based on FICL, by
59.An John Sadler .
60.Pp
61During initialization,
62.Nm
63will probe for a console and set the
64.Va console
65variable, or set it to serial console
66.Pq Dq Li comconsole
67if the previous boot stage used that.
68If multiple consoles are selected, they will be listed separated by spaces.
69Then, devices are probed,
70.Va currdev
71and
72.Va loaddev
73are set, and
74.Va LINES
75is set to 24.
76Next,
77.Tn FICL
78is initialized, the builtin words are added to its vocabulary, and
79.Pa /boot/boot.4th
80is processed if it exists.
81No disk switching is possible while that file is being read.
82The inner interpreter
83.Nm
84will use with
85.Tn FICL
86is then set to
87.Ic interpret ,
88which is
89.Tn FICL Ns 's
90default.
91After that,
92.Pa /boot/loader.rc
93is processed if available.
94These files are processed through the
95.Ic include
96command, which reads all of them into memory before processing them,
97making disk changes possible.
98.Pp
99At this point, if an
100.Ic autoboot
101has not been tried, and if
102.Va autoboot_delay
103is not set to
104.Dq Li NO
105(not case sensitive), then an
106.Ic autoboot
107will be tried.
108If the system gets past this point,
109.Va prompt
110will be set and
111.Nm
112will engage interactive mode.
113Please note that historically even when
114.Va autoboot_delay
115is set to
116.Dq Li 0
117user will be able to interrupt autoboot process by pressing some key
118on the console while kernel and modules are being loaded.
119In some
120cases such behaviour may be undesirable, to prevent it set
121.Va autoboot_delay
122to
123.Dq Li -1 ,
124in this case
125.Nm
126will engage interactive mode only if
127.Ic autoboot
128has failed.
129.Sh BUILTIN COMMANDS
130In
131.Nm ,
132builtin commands take parameters from the command line.
133Presently,
134the only way to call them from a script is by using
135.Pa evaluate
136on a string.
137If an error condition occurs, an exception will be generated,
138which can be intercepted using
139.Tn ANS
140Forth exception handling
141words.
142If not intercepted, an error message will be displayed and
143the interpreter's state will be reset, emptying the stack and restoring
144interpreting mode.
145.Pp
146The builtin commands available are:
147.Pp
148.Bl -tag -width Ds -compact
149.It Ic autoboot Op Ar seconds Op Ar prompt
150Proceeds to bootstrap the system after a number of seconds, if not
151interrupted by the user.
152Displays a countdown prompt
153warning the user the system is about to be booted,
154unless interrupted by a key press.
155The kernel will be loaded first if necessary.
156Defaults to 10 seconds.
157.Pp
158.It Ic bcachestat
159Displays statistics about disk cache usage.
160For debugging only.
161.Pp
162.It Ic boot
163.It Ic boot Ar kernelname Op Cm ...
164.It Ic boot Fl flag Cm ...
165Immediately proceeds to bootstrap the system, loading the kernel
166if necessary.
167Any flags or arguments are passed to the kernel, but they
168must precede the kernel name, if a kernel name is provided.
169.Pp
170.Em WARNING :
171The behavior of this builtin is changed if
172.Xr loader.4th 8
173is loaded.
174.Pp
175.It Ic echo Xo
176.Op Fl n
177.Op Aq message
178.Xc
179Displays text on the screen.
180A new line will be printed unless
181.Fl n
182is specified.
183.Pp
184.It Ic heap
185Displays memory usage statistics.
186For debugging purposes only.
187.Pp
188.It Ic help Op topic Op subtopic
189Shows help messages read from
190.Pa /boot/loader.help .
191The special topic
192.Em index
193will list the topics available.
194.Pp
195.It Ic include Ar file Op Ar
196Process script files.
197Each file, in turn, is completely read into memory,
198and then each of its lines is passed to the command line interpreter.
199If any error is returned by the interpreter, the include
200command aborts immediately, without reading any other files, and
201returns an error itself (see
202.Sx ERRORS ) .
203.Pp
204.It Ic load Xo
205.Op Fl t Ar type
206.Ar file Cm ...
207.Xc
208Loads a kernel, kernel loadable module (kld), disk image,
209or file of opaque contents tagged as being of the type
210.Ar type .
211Kernel and modules can be either in a.out or ELF format.
212Any arguments passed after the name of the file to be loaded
213will be passed as arguments to that file.
214Use the
215.Li md_image
216type to make the kernel create a file-backed
217.Xr md 4
218disk.
219This is useful for booting from a temporary rootfs.
220Currently, argument passing does not work for the kernel.
221.Pp
222.It Ic load_geli Xo
223.Op Fl n Ar keyno
224.Ar prov Ar file
225.Xc
226Loads a
227.Xr geli 8
228encryption keyfile for the given provider name.
229The key index can be specified via
230.Ar keyno
231or will default to zero.
232.Pp
233.It Ic ls Xo
234.Op Fl l
235.Op Ar path
236.Xc
237Displays a listing of files in the directory
238.Ar path ,
239or the root directory if
240.Ar path
241is not specified.
242If
243.Fl l
244is specified, file sizes will be shown too.
245.Pp
246.It Ic lsdev Op Fl v
247Lists all of the devices from which it may be possible to load modules,
248as well as ZFS pools.
249If
250.Fl v
251is specified, more details are printed, including ZFS pool information
252in a format that resembles
253.Nm zpool Cm status
254output.
255.Pp
256.It Ic lsmod Op Fl v
257Displays loaded modules.
258If
259.Fl v
260is specified, more details are shown.
261.Pp
262.It Ic lszfs Ar filesystem
263A ZFS extended command that can be used to explore the ZFS filesystem
264hierarchy in a pool.
265Lists the immediate children of the
266.Ar filesystem .
267The filesystem hierarchy is rooted at a filesystem with the same name
268as the pool.
269.Pp
270.It Ic more Ar file Op Ar
271Display the files specified, with a pause at each
272.Va LINES
273displayed.
274.Pp
275.It Ic pnpscan Op Fl v
276Scans for Plug-and-Play devices.
277This is not functional at present.
278.Pp
279.It Ic read Xo
280.Op Fl t Ar seconds
281.Op Fl p Ar prompt
282.Op Va variable
283.Xc
284Reads a line of input from the terminal, storing it in
285.Va variable
286if specified.
287A timeout can be specified with
288.Fl t ,
289though it will be canceled at the first key pressed.
290A prompt may also be displayed through the
291.Fl p
292flag.
293.Pp
294.It Ic reboot
295Immediately reboots the system.
296.Pp
297.It Ic set Ar variable
298.It Ic set Ar variable Ns = Ns Ar value
299Set loader's environment variables.
300.Pp
301.It Ic show Op Va variable
302Displays the specified variable's value, or all variables and their
303values if
304.Va variable
305is not specified.
306.Pp
307.It Ic unload
308Remove all modules from memory.
309.Pp
310.It Ic unset Va variable
311Removes
312.Va variable
313from the environment.
314.Pp
315.It Ic \&?
316Lists available commands.
317.El
318.Ss BUILTIN ENVIRONMENT VARIABLES
319The
320.Nm
321has actually two different kinds of
322.Sq environment
323variables.
324There are ANS Forth's
325.Em environmental queries ,
326and a separate space of environment variables used by builtins, which
327are not directly available to Forth words.
328It is the latter type that this section covers.
329.Pp
330Environment variables can be set and unset through the
331.Ic set
332and
333.Ic unset
334builtins, and can have their values interactively examined through the
335use of the
336.Ic show
337builtin.
338Their values can also be accessed as described in
339.Sx BUILTIN PARSER .
340.Pp
341Notice that these environment variables are not inherited by any shell
342after the system has been booted.
343.Pp
344A few variables are set automatically by
345.Nm .
346Others can affect the behavior of either
347.Nm
348or the kernel at boot.
349Some options may require a value,
350while others define behavior just by being set.
351Both types of builtin variables are described below.
352.Bl -tag -width bootfile
353.It Va autoboot_delay
354Number of seconds
355.Ic autoboot
356will wait before booting.
357If this variable is not defined,
358.Ic autoboot
359will default to 10 seconds.
360.Pp
361If set to
362.Dq Li NO ,
363no
364.Ic autoboot
365will be automatically attempted after processing
366.Pa /boot/loader.rc ,
367though explicit
368.Ic autoboot Ns 's
369will be processed normally, defaulting to 10 seconds delay.
370.Pp
371If set to
372.Dq Li 0 ,
373no delay will be inserted, but user still will be able to interrupt
374.Ic autoboot
375process and escape into the interactive mode by pressing some key
376on the console while kernel and
377modules are being loaded.
378.Pp
379If set to
380.Dq Li -1 ,
381no delay will be inserted and
382.Nm
383will engage interactive mode only if
384.Ic autoboot
385has failed for some reason.
386.It Va boot_askname
387Instructs the kernel to prompt the user for the name of the root device
388when the kernel is booted.
389.It Va boot_cdrom
390Instructs the kernel to try to mount the root file system from CD-ROM.
391.It Va boot_ddb
392Instructs the kernel to start in the DDB debugger, rather than
393proceeding to initialize when booted.
394.It Va boot_dfltroot
395Instructs the kernel to mount the statically compiled-in root file system.
396.It Va boot_gdb
397Selects gdb-remote mode for the kernel debugger by default.
398.It Va boot_multicons
399Enables multiple console support in the kernel early on boot.
400In a running system, console configuration can be manipulated
401by the
402.Xr conscontrol 8
403utility.
404.It Va boot_mute
405All kernel console output is suppressed when console is muted.
406In a running system, the state of console muting can be manipulated by the
407.Xr conscontrol 8
408utility.
409.It Va boot_pause
410During the device probe, pause after each line is printed.
411.It Va boot_serial
412Force the use of a serial console even when an internal console
413is present.
414.It Va boot_single
415Prevents the kernel from initiating a multi-user startup; instead,
416a single-user mode will be entered when the kernel has finished
417device probing.
418.It Va boot_verbose
419Setting this variable causes extra debugging information to be printed
420by the kernel during the boot phase.
421.It Va bootfile
422List of semicolon-separated search path for bootable kernels.
423The default is
424.Dq Li kernel .
425.It Va comconsole_speed
426Defines the speed of the serial console (i386 and amd64 only).
427If the previous boot stage indicated that a serial console is in use
428then this variable is initialized to the current speed of the console
429serial port.
430Otherwise it is set to 9600 unless this was overridden using the
431.Va BOOT_COMCONSOLE_SPEED
432variable when
433.Nm
434was compiled.
435Changes to the
436.Va comconsole_speed
437variable take effect immediately.
438.It Va comconsole_port
439Defines the base i/o port used to access console UART
440(i386 and amd64 only).
441If the variable is not set, its assumed value is 0x3F8, which
442corresponds to PC port COM1, unless overridden by
443.Va BOOT_COMCONSOLE_PORT
444variable during the compilation of
445.Nm .
446Setting the
447.Va comconsole_port
448variable automatically set
449.Va hw.uart.console
450environment variable to provide a hint to kernel for location of the console.
451Loader console is changed immediately after variable
452.Va comconsole_port
453is set.
454.It Va comconsole_pcidev
455Defines the location of a PCI device of the 'simple communication'
456class to be used as the serial console UART (i386 and amd64 only).
457The syntax of the variable is
458.Li 'bus:device:function[:bar]' ,
459where all members must be numeric, with possible
460.Li 0x
461prefix to indicate a hexadecimal value.
462The
463.Va bar
464member is optional and assumed to be 0x10 if omitted.
465The bar must decode i/o space.
466Setting the variable
467.Va comconsole_pcidev
468automatically sets the variable
469.Va comconsole_port
470to the base of the selected bar, and hint
471.Va hw.uart.console .
472Loader console is changed immediately after variable
473.Va comconsole_pcidev
474is set.
475.It Va console
476Defines the current console or consoles.
477Multiple consoles may be specified.
478In that case, the first listed console will become the default console for
479userland output (e.g.\& from
480.Xr init 8 ) .
481.It Va currdev
482Selects the default device.
483Syntax for devices is odd.
484.It Va dumpdev
485Sets the device for kernel dumps.
486This can be used to ensure that a device is configured before the corresponding
487.Va dumpdev
488directive from
489.Xr rc.conf 5
490has been processed, allowing kernel panics that happen during the early stages
491of boot to be captured.
492.It Va init_chroot
493See
494.Xr init 8 .
495.It Va init_exec
496See
497.Xr init 8 .
498.It Va init_path
499Sets the list of binaries which the kernel will try to run as the initial
500process.
501The first matching binary is used.
502The default list is
503.Dq Li /sbin/init:/sbin/oinit:/sbin/init.bak:\:/rescue/init .
504.It Va init_script
505See
506.Xr init 8 .
507.It Va init_shell
508See
509.Xr init 8 .
510.It Va interpret
511Has the value
512.Dq Li OK
513if the Forth's current state is interpreting.
514.It Va LINES
515Define the number of lines on the screen, to be used by the pager.
516.It Va module_path
517Sets the list of directories which will be searched for modules
518named in a load command or implicitly required by a dependency.
519The default value for this variable is
520.Dq Li /boot/kernel;/boot/modules .
521.It Va num_ide_disks
522Sets the number of IDE disks as a workaround for some problems in
523finding the root disk at boot.
524This has been deprecated in favor of
525.Va root_disk_unit .
526.It Va prompt
527Value of
528.Nm Ns 's
529prompt.
530Defaults to
531.Dq Li "${interpret}" .
532If variable
533.Va prompt
534is unset, the default prompt is
535.Ql > .
536.It Va root_disk_unit
537If the code which detects the disk unit number for the root disk is
538confused, e.g.\& by a mix of SCSI and IDE disks, or IDE disks with
539gaps in the sequence (e.g.\& no primary slave), the unit number can
540be forced by setting this variable.
541.It Va rootdev
542By default the value of
543.Va currdev
544is used to set the root file system
545when the kernel is booted.
546This can be overridden by setting
547.Va rootdev
548explicitly.
549.El
550.Pp
551Other variables are used to override kernel tunable parameters.
552The following tunables are available:
553.Bl -tag -width Va
554.It Va efi.rt.disabled
555Disable UEFI runtime services in the kernel, if applicable.
556Runtime services are only available and used if the kernel is booted in a UEFI
557environment.
558.It Va hw.physmem
559Limit the amount of physical memory the system will use.
560By default the size is in bytes, but the
561.Cm k , K , m , M , g
562and
563.Cm G
564suffixes
565are also accepted and indicate kilobytes, megabytes and gigabytes
566respectively.
567An invalid suffix will result in the variable being ignored by the
568kernel.
569.It Va hw.pci.host_start_mem , hw.acpi.host_start_mem
570When not otherwise constrained, this limits the memory start
571address.
572The default is 0x80000000 and should be set to at least size of the
573memory and not conflict with other resources.
574Typically, only systems without PCI bridges need to set this variable
575since PCI bridges typically constrain the memory starting address
576(and the variable is only used when bridges do not constrain this
577address).
578.It Va hw.pci.enable_io_modes
579Enable PCI resources which are left off by some BIOSes or are not
580enabled correctly by the device driver.
581Tunable value set to ON (1) by default, but this may cause problems
582with some peripherals.
583.It Va kern.maxusers
584Set the size of a number of statically allocated system tables; see
585.Xr tuning 7
586for a description of how to select an appropriate value for this
587tunable.
588When set, this tunable replaces the value declared in the kernel
589compile-time configuration file.
590.It Va kern.ipc.nmbclusters
591Set the number of mbuf clusters to be allocated.
592The value cannot be set below the default
593determined when the kernel was compiled.
594.It Va kern.ipc.nsfbufs
595Set the number of
596.Xr sendfile 2
597buffers to be allocated.
598Overrides
599.Dv NSFBUFS .
600Not all architectures use such buffers; see
601.Xr sendfile 2
602for details.
603.It Va kern.maxswzone
604Limits the amount of KVM to be used to hold swap
605metadata, which directly governs the
606maximum amount of swap the system can support,
607at the rate of approximately 200 MB of swap space
608per 1 MB of metadata.
609This value is specified in bytes of KVA space.
610If no value is provided, the system allocates
611enough memory to handle an amount of swap
612that corresponds to eight times the amount of
613physical memory present in the system.
614.Pp
615Note that swap metadata can be fragmented,
616which means that the system can run out of
617space before it reaches the theoretical limit.
618Therefore, care should be taken to not configure
619more swap than approximately half of the
620theoretical maximum.
621.Pp
622Running out of space for swap metadata can leave
623the system in an unrecoverable state.
624Therefore, you should only change
625this parameter if you need to greatly extend the
626KVM reservation for other resources such as the
627buffer cache or
628.Va kern.ipc.nmbclusters .
629Modifies kernel option
630.Dv VM_SWZONE_SIZE_MAX .
631.It Va kern.maxbcache
632Limits the amount of KVM reserved for use by the
633buffer cache, specified in bytes.
634The default maximum is 200MB on i386,
635and 400MB on amd64 and sparc64.
636This parameter is used to
637prevent the buffer cache from eating too much
638KVM in large-memory machine configurations.
639Only mess around with this parameter if you need to
640greatly extend the KVM reservation for other resources
641such as the swap zone or
642.Va kern.ipc.nmbclusters .
643Note that
644the NBUF parameter will override this limit.
645Modifies
646.Dv VM_BCACHE_SIZE_MAX .
647.It Va kern.msgbufsize
648Sets the size of the kernel message buffer.
649The default limit of 64KB is usually sufficient unless
650large amounts of trace data need to be collected
651between opportunities to examine the buffer or
652dump it to a file.
653Overrides kernel option
654.Dv MSGBUF_SIZE .
655.It Va machdep.disable_mtrrs
656Disable the use of i686 MTRRs (x86 only).
657.It Va net.inet.tcp.tcbhashsize
658Overrides the compile-time set value of
659.Dv TCBHASHSIZE
660or the preset default of 512.
661Must be a power of 2.
662.It Va twiddle_divisor
663Throttles the output of the
664.Sq twiddle
665I/O progress indicator displayed while loading the kernel and modules.
666This is useful on slow serial consoles where the time spent waiting for
667these characters to be written can add up to many seconds.
668The default is 1 (full speed); a value of 2 spins half as fast, and so on.
669.It Va vm.kmem_size
670Sets the size of kernel memory (bytes).
671This overrides the value determined when the kernel was compiled.
672Modifies
673.Dv VM_KMEM_SIZE .
674.It Va vm.kmem_size_min
675.It Va vm.kmem_size_max
676Sets the minimum and maximum (respectively) amount of kernel memory
677that will be automatically allocated by the kernel.
678These override the values determined when the kernel was compiled.
679Modifies
680.Dv VM_KMEM_SIZE_MIN
681and
682.Dv VM_KMEM_SIZE_MAX .
683.El
684.Ss ZFS FEATURES
685.Nm
686supports the following format for specifying ZFS filesystems which
687can be used wherever
688.Xr loader 8
689refers to a device specification:
690.Pp
691.Ar zfs:pool/filesystem:
692.Pp
693where
694.Pa pool/filesystem
695is a ZFS filesystem name as described in
696.Xr zfs 8 .
697.Pp
698If
699.Pa /etc/fstab
700does not have an entry for the root filesystem and
701.Va vfs.root.mountfrom
702is not set, but
703.Va currdev
704refers to a ZFS filesystem, then
705.Nm
706will instruct kernel to use that filesystem as the root filesystem.
707.Ss BUILTIN PARSER
708When a builtin command is executed, the rest of the line is taken
709by it as arguments, and it is processed by a special parser which
710is not used for regular Forth commands.
711.Pp
712This special parser applies the following rules to the parsed text:
713.Bl -enum
714.It
715All backslash characters are preprocessed.
716.Bl -bullet
717.It
718\eb , \ef , \er , \en and \et are processed as in C.
719.It
720\es is converted to a space.
721.It
722\ev is converted to
723.Tn ASCII
72411.
725.It
726\ez is just skipped.
727Useful for things like
728.Dq \e0xf\ez\e0xf .
729.It
730\e0xN and \e0xNN are replaced by the hex N or NN.
731.It
732\eNNN is replaced by the octal NNN
733.Tn ASCII
734character.
735.It
736\e" , \e' and \e$ will escape these characters, preventing them from
737receiving special treatment in Step 2, described below.
738.It
739\e\e will be replaced with a single \e .
740.It
741In any other occurrence, backslash will just be removed.
742.El
743.It
744Every string between non-escaped quotes or double-quotes will be treated
745as a single word for the purposes of the remaining steps.
746.It
747Replace any
748.Li $VARIABLE
749or
750.Li ${VARIABLE}
751with the value of the environment variable
752.Va VARIABLE .
753.It
754Space-delimited arguments are passed to the called builtin command.
755Spaces can also be escaped through the use of \e\e .
756.El
757.Pp
758An exception to this parsing rule exists, and is described in
759.Sx BUILTINS AND FORTH .
760.Ss BUILTINS AND FORTH
761All builtin words are state-smart, immediate words.
762If interpreted, they behave exactly as described previously.
763If they are compiled, though,
764they extract their arguments from the stack instead of the command line.
765.Pp
766If compiled, the builtin words expect to find, at execution time, the
767following parameters on the stack:
768.D1 Ar addrN lenN ... addr2 len2 addr1 len1 N
769where
770.Ar addrX lenX
771are strings which will compose the command line that will be parsed
772into the builtin's arguments.
773Internally, these strings are concatenated in from 1 to N,
774with a space put between each one.
775.Pp
776If no arguments are passed, a 0
777.Em must
778be passed, even if the builtin accepts no arguments.
779.Pp
780While this behavior has benefits, it has its trade-offs.
781If the execution token of a builtin is acquired (through
782.Ic '
783or
784.Ic ['] ) ,
785and then passed to
786.Ic catch
787or
788.Ic execute ,
789the builtin behavior will depend on the system state
790.Bf Em
791at the time
792.Ic catch
793or
794.Ic execute
795is processed!
796.Ef
797This is particularly annoying for programs that want or need to
798handle exceptions.
799In this case, the use of a proxy is recommended.
800For example:
801.Dl : (boot) boot ;
802.Sh FICL
803.Tn FICL
804is a Forth interpreter written in C, in the form of a forth
805virtual machine library that can be called by C functions and vice
806versa.
807.Pp
808In
809.Nm ,
810each line read interactively is then fed to
811.Tn FICL ,
812which may call
813.Nm
814back to execute the builtin words.
815The builtin
816.Ic include
817will also feed
818.Tn FICL ,
819one line at a time.
820.Pp
821The words available to
822.Tn FICL
823can be classified into four groups.
824The
825.Tn ANS
826Forth standard words, extra
827.Tn FICL
828words, extra
829.Fx
830words, and the builtin commands;
831the latter were already described.
832The
833.Tn ANS
834Forth standard words are listed in the
835.Sx STANDARDS
836section.
837The words falling in the two other groups are described in the
838following subsections.
839.Ss FICL EXTRA WORDS
840.Bl -tag -width wid-set-super
841.It Ic .env
842.It Ic .ver
843.It Ic -roll
844.It Ic 2constant
845.It Ic >name
846.It Ic body>
847.It Ic compare
848This is the STRING word set's
849.Ic compare .
850.It Ic compile-only
851.It Ic endif
852.It Ic forget-wid
853.It Ic parse-word
854.It Ic sliteral
855This is the STRING word set's
856.Ic sliteral .
857.It Ic wid-set-super
858.It Ic w@
859.It Ic w!
860.It Ic x.
861.It Ic empty
862.It Ic cell-
863.It Ic -rot
864.El
865.Ss FREEBSD EXTRA WORDS
866.Bl -tag -width XXXXXXXX
867.It Ic \&$ Pq --
868Evaluates the remainder of the input buffer, after having printed it first.
869.It Ic \&% Pq --
870Evaluates the remainder of the input buffer under a
871.Ic catch
872exception guard.
873.It Ic .#
874Works like
875.Ic "."
876but without outputting a trailing space.
877.It Ic fclose Pq Ar fd --
878Closes a file.
879.It Ic fkey Pq Ar fd -- char
880Reads a single character from a file.
881.It Ic fload Pq Ar fd --
882Processes a file
883.Em fd .
884.It Ic fopen Pq Ar addr len mode Li -- Ar fd
885Opens a file.
886Returns a file descriptor, or \-1 in case of failure.
887The
888.Ar mode
889parameter selects whether the file is to be opened for read access, write
890access, or both.
891The constants
892.Dv O_RDONLY , O_WRONLY ,
893and
894.Dv O_RDWR
895are defined in
896.Pa /boot/support.4th ,
897indicating read only, write only, and read-write access, respectively.
898.It Xo
899.Ic fread
900.Pq Ar fd addr len -- len'
901.Xc
902Tries to read
903.Em len
904bytes from file
905.Em fd
906into buffer
907.Em addr .
908Returns the actual number of bytes read, or -1 in case of error or end of
909file.
910.It Ic heap? Pq -- Ar cells
911Return the space remaining in the dictionary heap, in cells.
912This is not related to the heap used by dynamic memory allocation words.
913.It Ic inb Pq Ar port -- char
914Reads a byte from a port.
915.It Ic key Pq -- Ar char
916Reads a single character from the console.
917.It Ic key? Pq -- Ar flag
918Returns
919.Ic true
920if there is a character available to be read from the console.
921.It Ic ms Pq Ar u --
922Waits
923.Em u
924microseconds.
925.It Ic outb Pq Ar port char --
926Writes a byte to a port.
927.It Ic seconds Pq -- Ar u
928Returns the number of seconds since midnight.
929.It Ic tib> Pq -- Ar addr len
930Returns the remainder of the input buffer as a string on the stack.
931.It Ic trace! Pq Ar flag --
932Activates or deactivates tracing.
933Does not work with
934.Ic catch .
935.El
936.Ss FREEBSD DEFINED ENVIRONMENTAL QUERIES
937.Bl -tag -width Ds
938.It arch-i386
939.Ic TRUE
940if the architecture is IA32.
941.It FreeBSD_version
942.Fx
943version at compile time.
944.It loader_version
945.Nm
946version.
947.El
948.Sh SECURITY
949Access to the
950.Nm
951command line provides several ways of compromising system security,
952including, but not limited to:
953.Pp
954.Bl -bullet
955.It
956Booting from removable storage, by setting the
957.Va currdev
958or
959.Va loaddev
960variables
961.It
962Executing binary of choice, by setting the
963.Va init_path
964or
965.Va init_script
966variables
967.It
968Overriding ACPI DSDT to inject arbitrary code into the ACPI subsystem
969.El
970.Pp
971One can prevent unauthorized access
972to the
973.Nm
974command line by setting the
975.Va password ,
976or setting
977.Va autoboot_delay
978to -1.
979See
980.Xr loader.conf 5
981for details.
982In order for this to be effective, one should also configure the firmware
983(BIOS or UEFI) to prevent booting from unauthorized devices.
984.Sh FILES
985.Bl -tag -width /usr/share/examples/bootforth/ -compact
986.It Pa /boot/loader
987.Nm
988itself.
989.It Pa /boot/boot.4th
990Additional
991.Tn FICL
992initialization.
993.It Pa /boot/defaults/loader.conf
994.It Pa /boot/loader.4th
995Extra builtin-like words.
996.It Pa /boot/loader.conf
997.It Pa /boot/loader.conf.local
998.Nm
999configuration files, as described in
1000.Xr loader.conf 5 .
1001.It Pa /boot/loader.rc
1002.Nm
1003bootstrapping script.
1004.It Pa /boot/loader.help
1005Loaded by
1006.Ic help .
1007Contains the help messages.
1008.It Pa /boot/support.4th
1009.Pa loader.conf
1010processing words.
1011.It Pa /usr/share/examples/bootforth/
1012Assorted examples.
1013.El
1014.Sh EXAMPLES
1015Boot in single user mode:
1016.Pp
1017.Dl boot -s
1018.Pp
1019Load the kernel, a splash screen, and then autoboot in five seconds.
1020Notice that a kernel must be loaded before any other
1021.Ic load
1022command is attempted.
1023.Bd -literal -offset indent
1024load kernel
1025load splash_bmp
1026load -t splash_image_data /boot/chuckrulez.bmp
1027autoboot 5
1028.Ed
1029.Pp
1030Set the disk unit of the root device to 2, and then boot.
1031This would be needed in a system with two IDE disks,
1032with the second IDE disk hardwired to ada2 instead of ada1.
1033.Bd -literal -offset indent
1034set root_disk_unit=2
1035boot /boot/kernel/kernel
1036.Ed
1037.Pp
1038Set the default device used for loading a kernel from a ZFS filesystem:
1039.Bd -literal -offset indent
1040set currdev=zfs:tank/ROOT/knowngood:
1041.Ed
1042.Pp
1043.Sh ERRORS
1044The following values are thrown by
1045.Nm :
1046.Bl -tag -width XXXXX -offset indent
1047.It 100
1048Any type of error in the processing of a builtin.
1049.It -1
1050.Ic Abort
1051executed.
1052.It -2
1053.Ic Abort"
1054executed.
1055.It -56
1056.Ic Quit
1057executed.
1058.It -256
1059Out of interpreting text.
1060.It -257
1061Need more text to succeed -- will finish on next run.
1062.It -258
1063.Ic Bye
1064executed.
1065.It -259
1066Unspecified error.
1067.El
1068.Sh SEE ALSO
1069.Xr libstand 3 ,
1070.Xr loader.conf 5 ,
1071.Xr tuning 7 ,
1072.Xr boot 8 ,
1073.Xr btxld 8
1074.Sh STANDARDS
1075For the purposes of ANS Forth compliance, loader is an
1076.Bf Em
1077ANS Forth System with Environmental Restrictions, Providing
1078.Ef
1079.Bf Li
1080.No .( ,
1081.No :noname ,
1082.No ?do ,
1083parse, pick, roll, refill, to, value, \e, false, true,
1084.No <> ,
1085.No 0<> ,
1086compile\&, , erase, nip, tuck
1087.Ef
1088.Em and
1089.Li marker
1090.Bf Em
1091from the Core Extensions word set, Providing the Exception Extensions
1092word set, Providing the Locals Extensions word set, Providing the
1093Memory-Allocation Extensions word set, Providing
1094.Ef
1095.Bf Li
1096\&.s,
1097bye, forget, see, words,
1098\&[if],
1099\&[else]
1100.Ef
1101.Em and
1102.Li [then]
1103.Bf Em
1104from the Programming-Tools extension word set, Providing the
1105Search-Order extensions word set.
1106.Ef
1107.Sh HISTORY
1108The
1109.Nm
1110first appeared in
1111.Fx 3.1 .
1112.Sh AUTHORS
1113.An -nosplit
1114The
1115.Nm
1116was written by
1117.An Michael Smith Aq msmith@FreeBSD.org .
1118.Pp
1119.Tn FICL
1120was written by
1121.An John Sadler Aq john_sadler@alum.mit.edu .
1122.Sh BUGS
1123The
1124.Ic expect
1125and
1126.Ic accept
1127words will read from the input buffer instead of the console.
1128The latter will be fixed, but the former will not.
1129