6 files changed, 103 insertions, 28 deletions

diff --git a/sbin/fsck_msdosfs/dir.c b/sbin/fsck_msdosfs/dir.c
index e8d6475736c25..d20762b85350d 100644
--- a/sbin/fsck_msdosfs/dir.c
+++ b/sbin/fsck_msdosfs/dir.c
@@ -925,6 +925,7 @@ int
 reconnect(int dosfs, struct bootblock *boot, struct fatEntry *fat, cl_t head)
 {
 	struct dosDirEntry d;
+	int len;
 	u_char *p;
 
 	if (!ask(1, "Reconnect"))
@@ -976,14 +977,15 @@ reconnect(int dosfs, struct bootblock *boot, struct fatEntry *fat, cl_t head)
 	boot->NumFiles++;
 	/* Ensure uniqueness of entry here!				XXX */
 	memset(&d, 0, sizeof d);
-	(void)snprintf(d.name, sizeof(d.name), "%u", head);
+	/* worst case -1 = 4294967295, 10 digits */
+	len = snprintf(d.name, sizeof(d.name), "%u", head);
 	d.flags = 0;
 	d.head = head;
 	d.size = fat[head].length * boot->ClusterSize;
 
-	memset(p, 0, 32);
-	memset(p, ' ', 11);
-	memcpy(p, d.name, strlen(d.name));
+	memcpy(p, d.name, len);
+	memset(p + len, ' ', 11 - len);
+	memset(p + 11, 0, 32 - 11);
 	p[26] = (u_char)d.head;
 	p[27] = (u_char)(d.head >> 8);
 	if (boot->ClustMask == CLUST32_MASK) {
diff --git a/sbin/geom/class/eli/geli.8 b/sbin/geom/class/eli/geli.8
index ed425dae269cf..e8a1ef024c1b4 100644
--- a/sbin/geom/class/eli/geli.8
+++ b/sbin/geom/class/eli/geli.8
@@ -51,7 +51,7 @@ utility:
 .Pp
 .Nm
 .Cm init
-.Op Fl bPTv
+.Op Fl bgPTv
 .Op Fl a Ar aalgo
 .Op Fl B Ar backupfile
 .Op Fl e Ar ealgo
@@ -88,7 +88,7 @@ utility:
 .Ar prov
 .Nm
 .Cm configure
-.Op Fl bBtT
+.Op Fl bBgGtT
 .Ar prov ...
 .Nm
 .Cm setkey
@@ -293,6 +293,11 @@ The default and recommended algorithm is
 .Nm AES-XTS .
 .Nm NULL
 is unencrypted.
+.It Fl g
+Enable booting from this encrypted root filesystem.
+The boot loader prompts for the passphrase and loads
+.Xr loader 8
+from the encrypted partition.
 .It Fl i Ar iterations
 Number of iterations to use with PKCS#5v2 when processing User Key
 passphrase component.
@@ -485,6 +490,13 @@ For more information, see the description of the
 subcommand.
 .It Fl B
 Remove the BOOT flag from the given providers.
+.It Fl g
+Enable booting from this encrypted root filesystem.
+The boot loader prompts for the passphrase and loads
+.Xr loader 8
+from the encrypted partition.
+.It Fl G
+Deactivate booting from this encrypted root partition.
 .It Fl t
 Enable TRIM/UNMAP passthru.
 For more information, see the description of the
diff --git a/sbin/geom/class/eli/geom_eli.c b/sbin/geom/class/eli/geom_eli.c
index 0c6ca2c9ccb80..c804622ddbe2e 100644
--- a/sbin/geom/class/eli/geom_eli.c
+++ b/sbin/geom/class/eli/geom_eli.c
@@ -82,13 +82,13 @@ static int eli_backup_create(struct gctl_req *req, const char *prov,
 /*
  * Available commands:
  *
- * init [-bhPv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-V version] prov
+ * init [-bgPTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov
  * label - alias for 'init'
  * attach [-dprv] [-j passfile] [-k keyfile] prov
  * detach [-fl] prov ...
  * stop - alias for 'detach'
  * onetime [-d] [-a aalgo] [-e ealgo] [-l keylen] prov
- * configure [-bB] prov ...
+ * configure [-bBgGtT] prov ...
  * setkey [-pPv] [-n keyno] [-j passfile] [-J newpassfile] [-k keyfile] [-K newkeyfile] prov
  * delkey [-afv] [-n keyno] prov
  * suspend [-v] -a | prov ...
@@ -108,6 +108,7 @@ struct g_command class_commands[] = {
 		{ 'b', "boot", NULL, G_TYPE_BOOL },
 		{ 'B', "backupfile", "", G_TYPE_STRING },
 		{ 'e', "ealgo", "", G_TYPE_STRING },
+		{ 'g', "geliboot", NULL, G_TYPE_BOOL },
 		{ 'i', "iterations", "-1", G_TYPE_NUMBER },
 		{ 'J', "newpassfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
 		{ 'K', "newkeyfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
@@ -118,7 +119,7 @@ struct g_command class_commands[] = {
 		{ 'V', "mdversion", "-1", G_TYPE_NUMBER },
 		G_OPT_SENTINEL
 	    },
-	    "[-bPTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov"
+	    "[-bgPTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov"
 	},
 	{ "label", G_FLAG_VERBOSE, eli_main,
 	    {
@@ -126,6 +127,7 @@ struct g_command class_commands[] = {
 		{ 'b', "boot", NULL, G_TYPE_BOOL },
 		{ 'B', "backupfile", "", G_TYPE_STRING },
 		{ 'e', "ealgo", "", G_TYPE_STRING },
+		{ 'g', "geliboot", NULL, G_TYPE_BOOL },
 		{ 'i', "iterations", "-1", G_TYPE_NUMBER },
 		{ 'J', "newpassfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
 		{ 'K', "newkeyfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
@@ -180,11 +182,13 @@ struct g_command class_commands[] = {
 	    {
 		{ 'b', "boot", NULL, G_TYPE_BOOL },
 		{ 'B', "noboot", NULL, G_TYPE_BOOL },
+		{ 'g', "geliboot", NULL, G_TYPE_BOOL },
+		{ 'G', "nogeliboot", NULL, G_TYPE_BOOL },
 		{ 't', "trim", NULL, G_TYPE_BOOL },
 		{ 'T', "notrim", NULL, G_TYPE_BOOL },
 		G_OPT_SENTINEL
 	    },
-	    "[-bBtT] prov ..."
+	    "[-bBgGtT] prov ..."
 	},
 	{ "setkey", G_FLAG_VERBOSE, eli_main,
 	    {
@@ -702,6 +706,8 @@ eli_init(struct gctl_req *req)
 	md.md_flags = 0;
 	if (gctl_get_int(req, "boot"))
 		md.md_flags |= G_ELI_FLAG_BOOT;
+	if (gctl_get_int(req, "geliboot"))
+		md.md_flags |= G_ELI_FLAG_GELIBOOT;
 	if (gctl_get_int(req, "notrim"))
 		md.md_flags |= G_ELI_FLAG_NODELETE;
 	md.md_ealgo = CRYPTO_ALGORITHM_MIN - 1;
@@ -906,7 +912,7 @@ eli_attach(struct gctl_req *req)
 
 static void
 eli_configure_detached(struct gctl_req *req, const char *prov, int boot,
- int trim)
+ int geliboot, int trim)
 {
 	struct g_eli_metadata md;
 	bool changed = 0;
@@ -928,6 +934,20 @@ eli_configure_detached(struct gctl_req *req, const char *prov, int boot,
 		changed = 1;
 	}
 
+	if (geliboot == 1 && (md.md_flags & G_ELI_FLAG_GELIBOOT)) {
+		if (verbose)
+			printf("GELIBOOT flag already configured for %s.\n", prov);
+	} else if (geliboot == 0 && !(md.md_flags & G_ELI_FLAG_GELIBOOT)) {
+		if (verbose)
+			printf("GELIBOOT flag not configured for %s.\n", prov);
+	} else if (geliboot >= 0) {
+		if (geliboot)
+			md.md_flags |= G_ELI_FLAG_GELIBOOT;
+		else
+			md.md_flags &= ~G_ELI_FLAG_GELIBOOT;
+		changed = 1;
+	}
+
 	if (trim == 0 && (md.md_flags & G_ELI_FLAG_NODELETE)) {
 		if (verbose)
 			printf("TRIM disable flag already configured for %s.\n", prov);
@@ -951,8 +971,8 @@ static void
 eli_configure(struct gctl_req *req)
 {
 	const char *prov;
-	bool boot, noboot, trim, notrim;
-	int doboot, dotrim;
+	bool boot, noboot, geliboot, nogeliboot, trim, notrim;
+	int doboot, dogeliboot, dotrim;
 	int i, nargs;
 
 	nargs = gctl_get_int(req, "nargs");
@@ -963,6 +983,8 @@ eli_configure(struct gctl_req *req)
 
 	boot = gctl_get_int(req, "boot");
 	noboot = gctl_get_int(req, "noboot");
+	geliboot = gctl_get_int(req, "geliboot");
+	nogeliboot = gctl_get_int(req, "nogeliboot");
 	trim = gctl_get_int(req, "trim");
 	notrim = gctl_get_int(req, "notrim");
 
@@ -976,6 +998,16 @@ eli_configure(struct gctl_req *req)
 	else if (noboot)
 		doboot = 0;
 
+	dogeliboot = -1;
+	if (geliboot && nogeliboot) {
+		gctl_error(req, "Options -g and -G are mutually exclusive.");
+		return;
+	}
+	if (geliboot)
+		dogeliboot = 1;
+	else if (nogeliboot)
+		dogeliboot = 0;
+
 	dotrim = -1;
 	if (trim && notrim) {
 		gctl_error(req, "Options -t and -T are mutually exclusive.");
@@ -986,7 +1018,7 @@ eli_configure(struct gctl_req *req)
 	else if (notrim)
 		dotrim = 0;
 
-	if (doboot == -1 && dotrim == -1) {
+	if (doboot == -1 && dogeliboot == -1 && dotrim == -1) {
 		gctl_error(req, "No option given.");
 		return;
 	}
@@ -997,7 +1029,7 @@ eli_configure(struct gctl_req *req)
 	for (i = 0; i < nargs; i++) {
 		prov = gctl_get_ascii(req, "arg%d", i);
 		if (!eli_is_attached(prov))
-			eli_configure_detached(req, prov, doboot, dotrim);
+			eli_configure_detached(req, prov, doboot, dogeliboot, dotrim);
 	}
 }
 
diff --git a/sbin/geom/class/part/geom_part.c b/sbin/geom/class/part/geom_part.c
index 44309f925b773..4f57f00894464 100644
--- a/sbin/geom/class/part/geom_part.c
+++ b/sbin/geom/class/part/geom_part.c
@@ -1126,6 +1126,7 @@ gpart_write_partcode(struct ggeom *gp, int idx, void *code, ssize_t size)
 			err(EXIT_FAILURE, "%s", dsf);
 		free(buf);
 		close(fd);
+		printf("partcode written to %s\n", pp->lg_name);
 	} else
 		errx(EXIT_FAILURE, "invalid partition index");
 }
@@ -1172,6 +1173,9 @@ gpart_write_partcode_vtoc8(struct ggeom *gp, int idx, void *code)
 	}
 	if (installed == 0)
 		errx(EXIT_FAILURE, "%s: no partitions", gp->lg_name);
+	else
+		printf("partcode written to %s\n",
+		    idx != 0 ? pp->lg_name: gp->lg_name);
 }
 
 static void
@@ -1193,10 +1197,8 @@ gpart_bootcode(struct gctl_req *req, unsigned int fl)
 		    bootcode);
 		if (error)
 			errc(EXIT_FAILURE, error, "internal error");
-	} else {
+	} else
 		bootcode = NULL;
-		bootsize = 0;
-	}
 
 	s = gctl_get_ascii(req, "class");
 	if (s == NULL)
@@ -1220,21 +1222,23 @@ gpart_bootcode(struct gctl_req *req, unsigned int fl)
 	s = find_geomcfg(gp, "scheme");
 	if (s == NULL)
 		errx(EXIT_FAILURE, "Scheme not found for geom %s", gp->lg_name);
-	vtoc8 = 0;
 	if (strcmp(s, "VTOC8") == 0)
 		vtoc8 = 1;
+	else
+		vtoc8 = 0;
 
 	if (gctl_has_param(req, GPART_PARAM_PARTCODE)) {
 		s = gctl_get_ascii(req, GPART_PARAM_PARTCODE);
-		partsize = vtoc8 != 0 ? VTOC_BOOTSIZE : bootsize * 1024;
+		if (vtoc8 != 0)
+			partsize = VTOC_BOOTSIZE;
+		else
+			partsize = 1024 * 1024;		/* Arbitrary limit. */
 		partcode = gpart_bootfile_read(s, &partsize);
 		error = gctl_delete_param(req, GPART_PARAM_PARTCODE);
 		if (error)
 			errc(EXIT_FAILURE, error, "internal error");
-	} else {
+	} else
 		partcode = NULL;
-		partsize = 0;
-	}
 
 	if (gctl_has_param(req, GPART_PARAM_INDEX)) {
 		if (partcode == NULL)
diff --git a/sbin/reboot/nextboot.8 b/sbin/reboot/nextboot.8
index df46a0ccbcd4d..d006c3f20c0b0 100644
--- a/sbin/reboot/nextboot.8
+++ b/sbin/reboot/nextboot.8
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd March 17, 2015
+.Dd April 9, 2016
 .Dt NEXTBOOT 8
 .Os
 .Sh NAME
@@ -32,6 +32,7 @@
 .Nd "specify an alternate kernel and boot flags for the next reboot"
 .Sh SYNOPSIS
 .Nm
+.Op Fl a
 .Op Fl e Ar variable=value
 .Op Fl f
 .Op Fl k Ar kernel
@@ -53,6 +54,12 @@ configuration.
 .Pp
 The options are as follows:
 .Bl -tag -width ".Fl o Ar options"
+.It Fl a
+This option causes
+.Nm
+to append to an existing configuration in
+.Pa /boot/nextboot.conf .
+By default any existing configuration is overwritten.
 .It Fl D
 Invoking
 .Nm
diff --git a/sbin/reboot/nextboot.sh b/sbin/reboot/nextboot.sh
index 655e533059117..a90fdebae2179 100644
--- a/sbin/reboot/nextboot.sh
+++ b/sbin/reboot/nextboot.sh
@@ -26,6 +26,7 @@
 #
 # $FreeBSD$
 
+append="NO"
 delete="NO"
 kenv=
 force="NO"
@@ -48,12 +49,17 @@ add_kenv()
 }
 
 display_usage() {
-	echo "Usage: nextboot [-e variable=value] [-f] [-k kernel] [-o options]"
-	echo "       nextboot -D"
+	cat <<-EOF
+	Usage: nextboot [-e variable=value] [-f] [-k kernel] [-o options]
+	       nextboot -D
+	EOF
 }
 
-while getopts "De:fk:o:" argument ; do
+while getopts "aDe:fk:o:" argument ; do
 	case "${argument}" in
+	a)
+		append="YES"
+		;;
 	D)
 		delete="YES"
 		;;
@@ -106,7 +112,19 @@ df -Tn "/boot/" 2>/dev/null | while read _fs _type _other ; do
 	EOF
 done
 
-cat > ${nextboot_file} << EOF
+set -e
+
+nextboot_tmp=$(mktemp $(dirname ${nextboot_file})/nextboot.XXXXXX)
+
+if [ ${append} = "YES" -a -f ${nextboot_file} ]; then
+	cp -f ${nextboot_file} ${nextboot_tmp}
+fi
+
+cat >> ${nextboot_tmp} << EOF
 nextboot_enable="YES"
 $kenv
 EOF
+
+fsync ${nextboot_tmp}
+
+mv ${nextboot_tmp} ${nextboot_file}