xref: /freebsd/sys/kern/init_main.c (revision 1e413cf93298b5b97441a21d9a50fdcd0ee9945e)
1 /*-
2  * Copyright (c) 1995 Terrence R. Lambert
3  * All rights reserved.
4  *
5  * Copyright (c) 1982, 1986, 1989, 1991, 1992, 1993
6  *	The Regents of the University of California.  All rights reserved.
7  * (c) UNIX System Laboratories, Inc.
8  * All or some portions of this file are derived from material licensed
9  * to the University of California by American Telephone and Telegraph
10  * Co. or Unix System Laboratories, Inc. and are reproduced herein with
11  * the permission of UNIX System Laboratories, Inc.
12  *
13  * Redistribution and use in source and binary forms, with or without
14  * modification, are permitted provided that the following conditions
15  * are met:
16  * 1. Redistributions of source code must retain the above copyright
17  *    notice, this list of conditions and the following disclaimer.
18  * 2. Redistributions in binary form must reproduce the above copyright
19  *    notice, this list of conditions and the following disclaimer in the
20  *    documentation and/or other materials provided with the distribution.
21  * 3. All advertising materials mentioning features or use of this software
22  *    must display the following acknowledgement:
23  *	This product includes software developed by the University of
24  *	California, Berkeley and its contributors.
25  * 4. Neither the name of the University nor the names of its contributors
26  *    may be used to endorse or promote products derived from this software
27  *    without specific prior written permission.
28  *
29  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
30  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
31  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
32  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
33  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
34  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
35  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
36  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
37  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
38  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
39  * SUCH DAMAGE.
40  *
41  *	@(#)init_main.c	8.9 (Berkeley) 1/21/94
42  */
43 
44 #include <sys/cdefs.h>
45 __FBSDID("$FreeBSD$");
46 
47 #include "opt_ddb.h"
48 #include "opt_init_path.h"
49 #include "opt_mac.h"
50 
51 #include <sys/param.h>
52 #include <sys/kernel.h>
53 #include <sys/exec.h>
54 #include <sys/file.h>
55 #include <sys/filedesc.h>
56 #include <sys/ktr.h>
57 #include <sys/lock.h>
58 #include <sys/mount.h>
59 #include <sys/mutex.h>
60 #include <sys/syscallsubr.h>
61 #include <sys/sysctl.h>
62 #include <sys/proc.h>
63 #include <sys/resourcevar.h>
64 #include <sys/systm.h>
65 #include <sys/signalvar.h>
66 #include <sys/vnode.h>
67 #include <sys/sysent.h>
68 #include <sys/reboot.h>
69 #include <sys/sched.h>
70 #include <sys/sx.h>
71 #include <sys/sysproto.h>
72 #include <sys/vmmeter.h>
73 #include <sys/unistd.h>
74 #include <sys/malloc.h>
75 #include <sys/conf.h>
76 
77 #include <machine/cpu.h>
78 
79 #include <security/audit/audit.h>
80 #include <security/mac/mac_framework.h>
81 
82 #include <vm/vm.h>
83 #include <vm/vm_param.h>
84 #include <vm/pmap.h>
85 #include <vm/vm_map.h>
86 #include <sys/copyright.h>
87 
88 #include <ddb/ddb.h>
89 #include <ddb/db_sym.h>
90 
91 void mi_startup(void);				/* Should be elsewhere */
92 
93 /* Components of the first process -- never freed. */
94 static struct session session0;
95 static struct pgrp pgrp0;
96 struct	proc proc0;
97 struct	thread thread0 __aligned(16);
98 struct	vmspace vmspace0;
99 struct	proc *initproc;
100 
101 int	boothowto = 0;		/* initialized so that it can be patched */
102 SYSCTL_INT(_debug, OID_AUTO, boothowto, CTLFLAG_RD, &boothowto, 0, "");
103 int	bootverbose;
104 SYSCTL_INT(_debug, OID_AUTO, bootverbose, CTLFLAG_RW, &bootverbose, 0, "");
105 
106 /*
107  * This ensures that there is at least one entry so that the sysinit_set
108  * symbol is not undefined.  A sybsystem ID of SI_SUB_DUMMY is never
109  * executed.
110  */
111 SYSINIT(placeholder, SI_SUB_DUMMY, SI_ORDER_ANY, NULL, NULL)
112 
113 /*
114  * The sysinit table itself.  Items are checked off as the are run.
115  * If we want to register new sysinit types, add them to newsysinit.
116  */
117 SET_DECLARE(sysinit_set, struct sysinit);
118 struct sysinit **sysinit, **sysinit_end;
119 struct sysinit **newsysinit, **newsysinit_end;
120 
121 /*
122  * Merge a new sysinit set into the current set, reallocating it if
123  * necessary.  This can only be called after malloc is running.
124  */
125 void
126 sysinit_add(struct sysinit **set, struct sysinit **set_end)
127 {
128 	struct sysinit **newset;
129 	struct sysinit **sipp;
130 	struct sysinit **xipp;
131 	int count;
132 
133 	count = set_end - set;
134 	if (newsysinit)
135 		count += newsysinit_end - newsysinit;
136 	else
137 		count += sysinit_end - sysinit;
138 	newset = malloc(count * sizeof(*sipp), M_TEMP, M_NOWAIT);
139 	if (newset == NULL)
140 		panic("cannot malloc for sysinit");
141 	xipp = newset;
142 	if (newsysinit)
143 		for (sipp = newsysinit; sipp < newsysinit_end; sipp++)
144 			*xipp++ = *sipp;
145 	else
146 		for (sipp = sysinit; sipp < sysinit_end; sipp++)
147 			*xipp++ = *sipp;
148 	for (sipp = set; sipp < set_end; sipp++)
149 		*xipp++ = *sipp;
150 	if (newsysinit)
151 		free(newsysinit, M_TEMP);
152 	newsysinit = newset;
153 	newsysinit_end = newset + count;
154 }
155 
156 /*
157  * System startup; initialize the world, create process 0, mount root
158  * filesystem, and fork to create init and pagedaemon.  Most of the
159  * hard work is done in the lower-level initialization routines including
160  * startup(), which does memory initialization and autoconfiguration.
161  *
162  * This allows simple addition of new kernel subsystems that require
163  * boot time initialization.  It also allows substitution of subsystem
164  * (for instance, a scheduler, kernel profiler, or VM system) by object
165  * module.  Finally, it allows for optional "kernel threads".
166  */
167 void
168 mi_startup(void)
169 {
170 
171 	register struct sysinit **sipp;		/* system initialization*/
172 	register struct sysinit **xipp;		/* interior loop of sort*/
173 	register struct sysinit *save;		/* bubble*/
174 
175 #if defined(VERBOSE_SYSINIT)
176 	int last;
177 	int verbose;
178 #endif
179 
180 	if (sysinit == NULL) {
181 		sysinit = SET_BEGIN(sysinit_set);
182 		sysinit_end = SET_LIMIT(sysinit_set);
183 	}
184 
185 restart:
186 	/*
187 	 * Perform a bubble sort of the system initialization objects by
188 	 * their subsystem (primary key) and order (secondary key).
189 	 */
190 	for (sipp = sysinit; sipp < sysinit_end; sipp++) {
191 		for (xipp = sipp + 1; xipp < sysinit_end; xipp++) {
192 			if ((*sipp)->subsystem < (*xipp)->subsystem ||
193 			     ((*sipp)->subsystem == (*xipp)->subsystem &&
194 			      (*sipp)->order <= (*xipp)->order))
195 				continue;	/* skip*/
196 			save = *sipp;
197 			*sipp = *xipp;
198 			*xipp = save;
199 		}
200 	}
201 
202 #if defined(VERBOSE_SYSINIT)
203 	last = SI_SUB_COPYRIGHT;
204 	verbose = 0;
205 #if !defined(DDB)
206 	printf("VERBOSE_SYSINIT: DDB not enabled, symbol lookups disabled.\n");
207 #endif
208 #endif
209 
210 	/*
211 	 * Traverse the (now) ordered list of system initialization tasks.
212 	 * Perform each task, and continue on to the next task.
213 	 *
214 	 * The last item on the list is expected to be the scheduler,
215 	 * which will not return.
216 	 */
217 	for (sipp = sysinit; sipp < sysinit_end; sipp++) {
218 
219 		if ((*sipp)->subsystem == SI_SUB_DUMMY)
220 			continue;	/* skip dummy task(s)*/
221 
222 		if ((*sipp)->subsystem == SI_SUB_DONE)
223 			continue;
224 
225 #if defined(VERBOSE_SYSINIT)
226 		if ((*sipp)->subsystem > last) {
227 			verbose = 1;
228 			last = (*sipp)->subsystem;
229 			printf("subsystem %x\n", last);
230 		}
231 		if (verbose) {
232 #if defined(DDB)
233 			const char *name;
234 			c_db_sym_t sym;
235 			db_expr_t  offset;
236 
237 			sym = db_search_symbol((vm_offset_t)(*sipp)->func,
238 			    DB_STGY_PROC, &offset);
239 			db_symbol_values(sym, &name, NULL);
240 			if (name != NULL)
241 				printf("   %s(%p)... ", name, (*sipp)->udata);
242 			else
243 #endif
244 				printf("   %p(%p)... ", (*sipp)->func,
245 				    (*sipp)->udata);
246 		}
247 #endif
248 
249 		/* Call function */
250 		(*((*sipp)->func))((*sipp)->udata);
251 
252 #if defined(VERBOSE_SYSINIT)
253 		if (verbose)
254 			printf("done.\n");
255 #endif
256 
257 		/* Check off the one we're just done */
258 		(*sipp)->subsystem = SI_SUB_DONE;
259 
260 		/* Check if we've installed more sysinit items via KLD */
261 		if (newsysinit != NULL) {
262 			if (sysinit != SET_BEGIN(sysinit_set))
263 				free(sysinit, M_TEMP);
264 			sysinit = newsysinit;
265 			sysinit_end = newsysinit_end;
266 			newsysinit = NULL;
267 			newsysinit_end = NULL;
268 			goto restart;
269 		}
270 	}
271 
272 	panic("Shouldn't get here!");
273 	/* NOTREACHED*/
274 }
275 
276 
277 /*
278  ***************************************************************************
279  ****
280  **** The following SYSINIT's belong elsewhere, but have not yet
281  **** been moved.
282  ****
283  ***************************************************************************
284  */
285 static void
286 print_caddr_t(void *data __unused)
287 {
288 	printf("%s", (char *)data);
289 }
290 SYSINIT(announce, SI_SUB_COPYRIGHT, SI_ORDER_FIRST, print_caddr_t, copyright)
291 SYSINIT(trademark, SI_SUB_COPYRIGHT, SI_ORDER_SECOND, print_caddr_t, trademark)
292 SYSINIT(version, SI_SUB_COPYRIGHT, SI_ORDER_THIRD, print_caddr_t, version)
293 
294 #ifdef WITNESS
295 static char wit_warn[] =
296      "WARNING: WITNESS option enabled, expect reduced performance.\n";
297 SYSINIT(witwarn, SI_SUB_COPYRIGHT, SI_ORDER_THIRD + 1,
298    print_caddr_t, wit_warn)
299 SYSINIT(witwarn2, SI_SUB_RUN_SCHEDULER, SI_ORDER_THIRD + 1,
300    print_caddr_t, wit_warn)
301 #endif
302 
303 #ifdef DIAGNOSTIC
304 static char diag_warn[] =
305      "WARNING: DIAGNOSTIC option enabled, expect reduced performance.\n";
306 SYSINIT(diagwarn, SI_SUB_COPYRIGHT, SI_ORDER_THIRD + 2,
307     print_caddr_t, diag_warn)
308 SYSINIT(diagwarn2, SI_SUB_RUN_SCHEDULER, SI_ORDER_THIRD + 2,
309     print_caddr_t, diag_warn)
310 #endif
311 
312 static void
313 set_boot_verbose(void *data __unused)
314 {
315 
316 	if (boothowto & RB_VERBOSE)
317 		bootverbose++;
318 }
319 SYSINIT(boot_verbose, SI_SUB_TUNABLES, SI_ORDER_ANY, set_boot_verbose, NULL)
320 
321 struct sysentvec null_sysvec = {
322 	0,
323 	NULL,
324 	0,
325 	0,
326 	NULL,
327 	0,
328 	NULL,
329 	NULL,
330 	NULL,
331 	NULL,
332 	NULL,
333 	NULL,
334 	NULL,
335 	"null",
336 	NULL,
337 	NULL,
338 	0,
339 	PAGE_SIZE,
340 	VM_MIN_ADDRESS,
341 	VM_MAXUSER_ADDRESS,
342 	USRSTACK,
343 	PS_STRINGS,
344 	VM_PROT_ALL,
345 	NULL,
346 	NULL,
347 	NULL
348 };
349 
350 /*
351  ***************************************************************************
352  ****
353  **** The two following SYSINIT's are proc0 specific glue code.  I am not
354  **** convinced that they can not be safely combined, but their order of
355  **** operation has been maintained as the same as the original init_main.c
356  **** for right now.
357  ****
358  **** These probably belong in init_proc.c or kern_proc.c, since they
359  **** deal with proc0 (the fork template process).
360  ****
361  ***************************************************************************
362  */
363 /* ARGSUSED*/
364 static void
365 proc0_init(void *dummy __unused)
366 {
367 	struct proc *p;
368 	unsigned i;
369 	struct thread *td;
370 
371 	GIANT_REQUIRED;
372 	p = &proc0;
373 	td = &thread0;
374 
375 	/*
376 	 * Initialize magic number and osrel.
377 	 */
378 	p->p_magic = P_MAGIC;
379 	p->p_osrel = osreldate;
380 
381 	/*
382 	 * Initialize thread and process structures.
383 	 */
384 	procinit();	/* set up proc zone */
385 	threadinit();	/* set up UMA zones */
386 
387 	/*
388 	 * Initialise scheduler resources.
389 	 * Add scheduler specific parts to proc, thread as needed.
390 	 */
391 	schedinit();	/* scheduler gets its house in order */
392 	/*
393 	 * Initialize sleep queue hash table
394 	 */
395 	sleepinit();
396 
397 	/*
398 	 * additional VM structures
399 	 */
400 	vm_init2();
401 
402 	/*
403 	 * Create process 0 (the swapper).
404 	 */
405 	LIST_INSERT_HEAD(&allproc, p, p_list);
406 	LIST_INSERT_HEAD(PIDHASH(0), p, p_hash);
407 	mtx_init(&pgrp0.pg_mtx, "process group", NULL, MTX_DEF | MTX_DUPOK);
408 	p->p_pgrp = &pgrp0;
409 	LIST_INSERT_HEAD(PGRPHASH(0), &pgrp0, pg_hash);
410 	LIST_INIT(&pgrp0.pg_members);
411 	LIST_INSERT_HEAD(&pgrp0.pg_members, p, p_pglist);
412 
413 	pgrp0.pg_session = &session0;
414 	mtx_init(&session0.s_mtx, "session", NULL, MTX_DEF);
415 	session0.s_count = 1;
416 	session0.s_leader = p;
417 
418 	p->p_sysent = &null_sysvec;
419 	p->p_flag = P_SYSTEM | P_INMEM;
420 	p->p_state = PRS_NORMAL;
421 	knlist_init(&p->p_klist, &p->p_mtx, NULL, NULL, NULL);
422 	STAILQ_INIT(&p->p_ktr);
423 	p->p_nice = NZERO;
424 	td->td_tid = PID_MAX + 1;
425 	td->td_state = TDS_RUNNING;
426 	td->td_pri_class = PRI_TIMESHARE;
427 	td->td_user_pri = PUSER;
428 	td->td_base_user_pri = PUSER;
429 	td->td_priority = PVM;
430 	td->td_base_pri = PUSER;
431 	td->td_oncpu = 0;
432 	td->td_flags = TDF_INMEM|TDP_KTHREAD;
433 	p->p_peers = 0;
434 	p->p_leader = p;
435 
436 
437 	strncpy(p->p_comm, "kernel", sizeof (p->p_comm));
438 	strncpy(td->td_name, "swapper", sizeof (td->td_name));
439 
440 	callout_init(&p->p_itcallout, CALLOUT_MPSAFE);
441 	callout_init_mtx(&p->p_limco, &p->p_mtx, 0);
442 	callout_init(&td->td_slpcallout, CALLOUT_MPSAFE);
443 
444 	/* Create credentials. */
445 	p->p_ucred = crget();
446 	p->p_ucred->cr_ngroups = 1;	/* group 0 */
447 	p->p_ucred->cr_uidinfo = uifind(0);
448 	p->p_ucred->cr_ruidinfo = uifind(0);
449 	p->p_ucred->cr_prison = NULL;	/* Don't jail it. */
450 #ifdef AUDIT
451 	audit_cred_kproc0(p->p_ucred);
452 #endif
453 #ifdef MAC
454 	mac_proc_create_swapper(p->p_ucred);
455 #endif
456 	td->td_ucred = crhold(p->p_ucred);
457 
458 	/* Create sigacts. */
459 	p->p_sigacts = sigacts_alloc();
460 
461 	/* Initialize signal state for process 0. */
462 	siginit(&proc0);
463 
464 	/* Create the file descriptor table. */
465 	p->p_fd = fdinit(NULL);
466 	p->p_fdtol = NULL;
467 
468 	/* Create the limits structures. */
469 	p->p_limit = lim_alloc();
470 	for (i = 0; i < RLIM_NLIMITS; i++)
471 		p->p_limit->pl_rlimit[i].rlim_cur =
472 		    p->p_limit->pl_rlimit[i].rlim_max = RLIM_INFINITY;
473 	p->p_limit->pl_rlimit[RLIMIT_NOFILE].rlim_cur =
474 	    p->p_limit->pl_rlimit[RLIMIT_NOFILE].rlim_max = maxfiles;
475 	p->p_limit->pl_rlimit[RLIMIT_NPROC].rlim_cur =
476 	    p->p_limit->pl_rlimit[RLIMIT_NPROC].rlim_max = maxproc;
477 	i = ptoa(cnt.v_free_count);
478 	p->p_limit->pl_rlimit[RLIMIT_RSS].rlim_max = i;
479 	p->p_limit->pl_rlimit[RLIMIT_MEMLOCK].rlim_max = i;
480 	p->p_limit->pl_rlimit[RLIMIT_MEMLOCK].rlim_cur = i / 3;
481 	p->p_cpulimit = RLIM_INFINITY;
482 
483 	p->p_stats = pstats_alloc();
484 
485 	/* Allocate a prototype map so we have something to fork. */
486 	pmap_pinit0(vmspace_pmap(&vmspace0));
487 	p->p_vmspace = &vmspace0;
488 	vmspace0.vm_refcnt = 1;
489 	vm_map_init(&vmspace0.vm_map, p->p_sysent->sv_minuser,
490 	    p->p_sysent->sv_maxuser);
491 	vmspace0.vm_map.pmap = vmspace_pmap(&vmspace0);
492 
493 	/*-
494 	 * call the init and ctor for the new thread and proc
495 	 * we wait to do this until all other structures
496 	 * are fairly sane.
497 	 */
498 	EVENTHANDLER_INVOKE(process_init, p);
499 	EVENTHANDLER_INVOKE(thread_init, td);
500 	EVENTHANDLER_INVOKE(process_ctor, p);
501 	EVENTHANDLER_INVOKE(thread_ctor, td);
502 
503 	/*
504 	 * Charge root for one process.
505 	 */
506 	(void)chgproccnt(p->p_ucred->cr_ruidinfo, 1, 0);
507 }
508 SYSINIT(p0init, SI_SUB_INTRINSIC, SI_ORDER_FIRST, proc0_init, NULL)
509 
510 /* ARGSUSED*/
511 static void
512 proc0_post(void *dummy __unused)
513 {
514 	struct timespec ts;
515 	struct proc *p;
516 	struct rusage ru;
517 	struct thread *td;
518 
519 	/*
520 	 * Now we can look at the time, having had a chance to verify the
521 	 * time from the filesystem.  Pretend that proc0 started now.
522 	 */
523 	sx_slock(&allproc_lock);
524 	FOREACH_PROC_IN_SYSTEM(p) {
525 		microuptime(&p->p_stats->p_start);
526 		PROC_SLOCK(p);
527 		rufetch(p, &ru);	/* Clears thread stats */
528 		PROC_SUNLOCK(p);
529 		p->p_rux.rux_runtime = 0;
530 		p->p_rux.rux_uticks = 0;
531 		p->p_rux.rux_sticks = 0;
532 		p->p_rux.rux_iticks = 0;
533 		FOREACH_THREAD_IN_PROC(p, td) {
534 			td->td_runtime = 0;
535 		}
536 	}
537 	sx_sunlock(&allproc_lock);
538 	PCPU_SET(switchtime, cpu_ticks());
539 	PCPU_SET(switchticks, ticks);
540 
541 	/*
542 	 * Give the ``random'' number generator a thump.
543 	 */
544 	nanotime(&ts);
545 	srandom(ts.tv_sec ^ ts.tv_nsec);
546 }
547 SYSINIT(p0post, SI_SUB_INTRINSIC_POST, SI_ORDER_FIRST, proc0_post, NULL)
548 
549 /*
550  ***************************************************************************
551  ****
552  **** The following SYSINIT's and glue code should be moved to the
553  **** respective files on a per subsystem basis.
554  ****
555  ***************************************************************************
556  */
557 
558 
559 /*
560  ***************************************************************************
561  ****
562  **** The following code probably belongs in another file, like
563  **** kern/init_init.c.
564  ****
565  ***************************************************************************
566  */
567 
568 /*
569  * List of paths to try when searching for "init".
570  */
571 static char init_path[MAXPATHLEN] =
572 #ifdef	INIT_PATH
573     __XSTRING(INIT_PATH);
574 #else
575     "/sbin/init:/sbin/oinit:/sbin/init.bak:/rescue/init:/stand/sysinstall";
576 #endif
577 SYSCTL_STRING(_kern, OID_AUTO, init_path, CTLFLAG_RD, init_path, 0,
578 	"Path used to search the init process");
579 
580 /*
581  * Shutdown timeout of init(8).
582  * Unused within kernel, but used to control init(8), hence do not remove.
583  */
584 #ifndef INIT_SHUTDOWN_TIMEOUT
585 #define INIT_SHUTDOWN_TIMEOUT 120
586 #endif
587 static int init_shutdown_timeout = INIT_SHUTDOWN_TIMEOUT;
588 SYSCTL_INT(_kern, OID_AUTO, init_shutdown_timeout,
589 	CTLFLAG_RW, &init_shutdown_timeout, 0, "");
590 
591 /*
592  * Start the initial user process; try exec'ing each pathname in init_path.
593  * The program is invoked with one argument containing the boot flags.
594  */
595 static void
596 start_init(void *dummy)
597 {
598 	vm_offset_t addr;
599 	struct execve_args args;
600 	int options, error;
601 	char *var, *path, *next, *s;
602 	char *ucp, **uap, *arg0, *arg1;
603 	struct thread *td;
604 	struct proc *p;
605 
606 	mtx_lock(&Giant);
607 
608 	GIANT_REQUIRED;
609 
610 	td = curthread;
611 	p = td->td_proc;
612 
613 	vfs_mountroot();
614 
615 	/*
616 	 * Need just enough stack to hold the faked-up "execve()" arguments.
617 	 */
618 	addr = p->p_sysent->sv_usrstack - PAGE_SIZE;
619 	if (vm_map_find(&p->p_vmspace->vm_map, NULL, 0, &addr, PAGE_SIZE,
620 			FALSE, VM_PROT_ALL, VM_PROT_ALL, 0) != 0)
621 		panic("init: couldn't allocate argument space");
622 	p->p_vmspace->vm_maxsaddr = (caddr_t)addr;
623 	p->p_vmspace->vm_ssize = 1;
624 
625 	if ((var = getenv("init_path")) != NULL) {
626 		strlcpy(init_path, var, sizeof(init_path));
627 		freeenv(var);
628 	}
629 
630 	for (path = init_path; *path != '\0'; path = next) {
631 		while (*path == ':')
632 			path++;
633 		if (*path == '\0')
634 			break;
635 		for (next = path; *next != '\0' && *next != ':'; next++)
636 			/* nothing */ ;
637 		if (bootverbose)
638 			printf("start_init: trying %.*s\n", (int)(next - path),
639 			    path);
640 
641 		/*
642 		 * Move out the boot flag argument.
643 		 */
644 		options = 0;
645 		ucp = (char *)p->p_sysent->sv_usrstack;
646 		(void)subyte(--ucp, 0);		/* trailing zero */
647 		if (boothowto & RB_SINGLE) {
648 			(void)subyte(--ucp, 's');
649 			options = 1;
650 		}
651 #ifdef notyet
652                 if (boothowto & RB_FASTBOOT) {
653 			(void)subyte(--ucp, 'f');
654 			options = 1;
655 		}
656 #endif
657 
658 #ifdef BOOTCDROM
659 		(void)subyte(--ucp, 'C');
660 		options = 1;
661 #endif
662 
663 		if (options == 0)
664 			(void)subyte(--ucp, '-');
665 		(void)subyte(--ucp, '-');		/* leading hyphen */
666 		arg1 = ucp;
667 
668 		/*
669 		 * Move out the file name (also arg 0).
670 		 */
671 		(void)subyte(--ucp, 0);
672 		for (s = next - 1; s >= path; s--)
673 			(void)subyte(--ucp, *s);
674 		arg0 = ucp;
675 
676 		/*
677 		 * Move out the arg pointers.
678 		 */
679 		uap = (char **)((intptr_t)ucp & ~(sizeof(intptr_t)-1));
680 		(void)suword((caddr_t)--uap, (long)0);	/* terminator */
681 		(void)suword((caddr_t)--uap, (long)(intptr_t)arg1);
682 		(void)suword((caddr_t)--uap, (long)(intptr_t)arg0);
683 
684 		/*
685 		 * Point at the arguments.
686 		 */
687 		args.fname = arg0;
688 		args.argv = uap;
689 		args.envv = NULL;
690 
691 		/*
692 		 * Now try to exec the program.  If can't for any reason
693 		 * other than it doesn't exist, complain.
694 		 *
695 		 * Otherwise, return via fork_trampoline() all the way
696 		 * to user mode as init!
697 		 */
698 		if ((error = execve(td, &args)) == 0) {
699 			mtx_unlock(&Giant);
700 			return;
701 		}
702 		if (error != ENOENT)
703 			printf("exec %.*s: error %d\n", (int)(next - path),
704 			    path, error);
705 	}
706 	printf("init: not found in path %s\n", init_path);
707 	panic("no init");
708 }
709 
710 /*
711  * Like kproc_create(), but runs in it's own address space.
712  * We do this early to reserve pid 1.
713  *
714  * Note special case - do not make it runnable yet.  Other work
715  * in progress will change this more.
716  */
717 static void
718 create_init(const void *udata __unused)
719 {
720 	struct ucred *newcred, *oldcred;
721 	int error;
722 
723 	error = fork1(&thread0, RFFDG | RFPROC | RFSTOPPED, 0, &initproc);
724 	if (error)
725 		panic("cannot fork init: %d\n", error);
726 	KASSERT(initproc->p_pid == 1, ("create_init: initproc->p_pid != 1"));
727 	/* divorce init's credentials from the kernel's */
728 	newcred = crget();
729 	PROC_LOCK(initproc);
730 	initproc->p_flag |= P_SYSTEM | P_INMEM;
731 	oldcred = initproc->p_ucred;
732 	crcopy(newcred, oldcred);
733 #ifdef MAC
734 	mac_proc_create_init(newcred);
735 #endif
736 #ifdef AUDIT
737 	audit_cred_proc1(newcred);
738 #endif
739 	initproc->p_ucred = newcred;
740 	PROC_UNLOCK(initproc);
741 	crfree(oldcred);
742 	cred_update_thread(FIRST_THREAD_IN_PROC(initproc));
743 	cpu_set_fork_handler(FIRST_THREAD_IN_PROC(initproc), start_init, NULL);
744 }
745 SYSINIT(init, SI_SUB_CREATE_INIT, SI_ORDER_FIRST, create_init, NULL)
746 
747 /*
748  * Make it runnable now.
749  */
750 static void
751 kick_init(const void *udata __unused)
752 {
753 	struct thread *td;
754 
755 	td = FIRST_THREAD_IN_PROC(initproc);
756 	thread_lock(td);
757 	TD_SET_CAN_RUN(td);
758 	sched_add(td, SRQ_BORING);
759 	thread_unlock(td);
760 }
761 SYSINIT(kickinit, SI_SUB_KTHREAD_INIT, SI_ORDER_FIRST, kick_init, NULL)
762