diff options
Diffstat (limited to 'stand/common/commands.c')
| -rw-r--r-- | stand/common/commands.c | 116 |
1 files changed, 87 insertions, 29 deletions
diff --git a/stand/common/commands.c b/stand/common/commands.c index 0d21ed44c681..19452047a0ca 100644 --- a/stand/common/commands.c +++ b/stand/common/commands.c @@ -24,9 +24,6 @@ * SUCH DAMAGE. */ -#include <sys/cdefs.h> -__FBSDID("$FreeBSD$"); - #include <stand.h> #include <string.h> @@ -123,7 +120,6 @@ help_emitsummary(char *topic, char *subtopic, char *desc) return (pager_output("\n")); } - static int command_help(int argc, char *argv[]) { @@ -132,7 +128,8 @@ command_help(int argc, char *argv[]) char *topic, *subtopic, *t, *s, *d; /* page the help text from our load path */ - snprintf(buf, sizeof(buf), "%s/boot/loader.help", getenv("loaddev")); + snprintf(buf, sizeof(buf), "%s/boot/%s", getenv("loaddev"), + HELP_FILENAME); if ((hfd = open(buf, O_RDONLY)) < 0) { printf("Verbose help not available, " "use '?' to list commands\n"); @@ -232,7 +229,7 @@ command_commandlist(int argc __unused, char *argv[] __unused) { struct bootblk_command **cmdp; int res; - char name[20]; + char name[23]; res = 0; pager_open(); @@ -241,9 +238,10 @@ command_commandlist(int argc __unused, char *argv[] __unused) if (res) break; if ((*cmdp)->c_name != NULL && (*cmdp)->c_desc != NULL) { - snprintf(name, sizeof(name), " %-15s ", + snprintf(name, sizeof(name), " %-20s", (*cmdp)->c_name); pager_output(name); + pager_output(" "); pager_output((*cmdp)->c_desc); res = pager_output("\n"); } @@ -293,6 +291,63 @@ command_show(int argc, char *argv[]) return (CMD_OK); } +#ifdef LOADER_VERIEXEC +static int +is_restricted_var(const char *var) +{ + /* + * We impose restrictions if input is not verified + * allowing for exceptions. + * These entries should include the '=' + */ + const char *allowed[] = { + "boot_function=", + "boot_phase=", + "boot_recover_cli=", + "boot_recover_volume=", + "boot_safe=", + "boot_set=", + "boot_single=", + "boot_verbose=", + NULL, + }; + const char *restricted[] = { + "boot", + "init", + "loader.ve.", + "rootfs", + "secur", + "vfs.", + NULL, + }; + const char **cp; + int ok = -1; + +#ifdef LOADER_VERIEXEC_TESTING + printf("Checking: %s\n", var); +#endif + for (cp = restricted; *cp; cp++) { + if (strncmp(var, *cp, strlen(*cp)) == 0) { + ok = 0; + break; + } + } + if (!ok) { + /* + * Check for exceptions. + * These should match up to '='. + */ + for (cp = allowed; *cp; cp++) { + if (strncmp(var, *cp, strlen(*cp)) == 0) { + ok = 1; + break; + } + } + } + return (ok == 0); +} +#endif + COMMAND_SET(set, "set", "set a variable", command_set); static int @@ -305,32 +360,14 @@ command_set(int argc, char *argv[]) return (CMD_ERROR); } else { #ifdef LOADER_VERIEXEC - /* - * Impose restrictions if input is not verified - */ - const char *restricted[] = { - "boot", - "init", - "loader.ve.", - "rootfs", - "secur", - "vfs.", - NULL, - }; - const char **cp; int ves; ves = ve_status_get(-1); if (ves == VE_UNVERIFIED_OK) { -#ifdef LOADER_VERIEXEC_TESTING - printf("Checking: %s\n", argv[1]); -#endif - for (cp = restricted; *cp; cp++) { - if (strncmp(argv[1], *cp, strlen(*cp)) == 0) { - printf("Ignoring restricted variable: %s\n", - argv[1]); - return (CMD_OK); - } + if (is_restricted_var(argv[1])) { + printf("Ignoring restricted variable: %s\n", + argv[1]); + return (CMD_OK); } } #endif @@ -353,6 +390,18 @@ command_unset(int argc, char *argv[]) command_errmsg = "wrong number of arguments"; return (CMD_ERROR); } else { +#ifdef LOADER_VERIEXEC + int ves; + + ves = ve_status_get(-1); + if (ves == VE_UNVERIFIED_OK) { + if (is_restricted_var(argv[1])) { + printf("Ignoring restricted variable: %s\n", + argv[1]); + return (CMD_OK); + } + } +#endif if ((err = unsetenv(argv[1])) != 0) { command_errmsg = strerror(err); return (CMD_ERROR); @@ -576,3 +625,12 @@ command_readtest(int argc, char *argv[]) } COMMAND_SET(readtest, "readtest", "Time a file read", command_readtest); + +static int +command_quit(int argc, char *argv[]) +{ + exit(0); + return (CMD_OK); +} + +COMMAND_SET(quit, "quit", "exit the loader", command_quit); |