This exists for compatibility with a Linux interface which was apparently
deprecated in Linux 2.6. There are various mailing list threads going
back to 2004 where the usefulness of this driver is discussed, but
the conclusion is that scanner software has all moved to using ugen(4)
instead, and enabling this driver will not help you scan things.
This enables the use of modules for a significant build performance gain
when building with clang as host compiler or when using HAVE_LLVM=yes.
Switch libc++ to using the copy from the mono-repo.
hierarchy. This is identical to netbsd-GENERIC, except it has been
dbsym'd so that the kernel symbols are available when running under
Qemu (which loads the kernel directly, but does not load the symbol
table).
in order to make both framebuffer and serial consoles happy.
Also, change TERM from vt220 to vt100 for console and constty
in accordance with other ports.
- New /etc/security check for entropy in daily security report.
- New /etc/rc.d/entropy script runs (after random_seed and rndctl) to
check for entropy at boot -- in rc.conf, you can:
. set `entropy=check' to halt multiuser boot and enter single-user
mode if not enough entropy
. set `entropy=wait' to make multiuser boot wait until enough entropy
Default is to always boot without waiting -- and rely on other
channels like security report to alert the operator if there's a
problem.
- New man page entropy(7) discussing the higher-level concepts and
system integration with cross-references.
- New paragraph in afterboot(8) about entropy citing entropy(7) for
more details.
This change addresses many of the issues discussed in security/55659.
This is a first draft; happy to take improvements to the man pages and
scripted messages to improve clarity.
I considered changing motd to include an entropy warning with a
reference to the entropy(7) man page, but it's a little trickier:
- Not sure it's appropriate for all users to see at login rather than
users who have power to affect the entropy estimate (maybe it is,
just haven't decided).
- We only have a mechanism for changing once at boot; the message would
remain until next boot even if an operator adds enough entropy.
- The mechanism isn't really conducive to making a message appear
conditionally from boot to boot.
The output without the dollar sign is less confusing as it's actual
valid shell syntax:
$ /etc/rc.d/foo rcvar
# food
food=YES
Brought up on tech-userlevel@ by Rocky Hotas with some LGTMs from
other people and no objections.
We still refer to '$food' in warnings/errors though.
The /dev/acpi character device gives an aperture into physical memory
that allows only read access to known ACPI tables: RSDP, XSDT/RSDT, and
the root tables. Adapt acpidump(8) to use this interface by default,
falling back to the old /dev/mem method if it is not available or if
ACPIDUMP_USE_DEVMEM=1 is set in the environment. The user visible benefit
of this change is that "options INSECURE" is no longer required to
dump ACPI tables.
- Use "-6" instead of "--noipv4" as it seems more appropriate based on
the dhcpcd(8) manual page.
- Remove "-f /dev/null" as it seems unnecessary with "-6".
- Remove "--persistent" as it is in the default /etc/dhcpcd.conf,
and this way the user can change it, if they would like to (either
through dhcpcd_flags or by editing /etc/dhcpcd.conf).
The "-b" (or "--background") option is needed to avoid a timeout error
message (and a delay in booting), so it is still left in place.
- Use the "pool" keyword for obtaining servers from ntp.pool.org.
- Add "tos minclock" and "tos maxclock" to limit the number of servers.
- Add "restrict source" to apply appropriate restrictions to servers.
(Specifically "nopeer" cannot be applied to "pool" servers.)
- A single "pool" entry suffices -- using "2.netbsd.pool.ntp.org" so
that we get both IPv4 and IPv6 addresses. (No addresses are returned
for just "netbsd.pool.ntp.org.")
- Add a comment about "tinker panic 0" -- useful for VMs and laptops.
- Add a comment about "discard minimum" -- useful for some SNTP clients.
- Add an explanation for the "limited" restriction keyword.
- Unify whitespace and comment formatting.
This results in correct updates to /etc/motd even when the value of
motd_release_tag is changed (a likely event).
Add safe quoting to outputting the read kernel version.
Thanks to kre@ for the feedback.
My personal preferencese for /etc/rc.conf:
update_motd_release=YES
motd_release_tag='Binaries: '
This provides an explanation to users about the second version in motd.
builds on modern systems and seems to have been added as a workaround for
some 2004-era Linux NFS bug. Guessing that the issue has been sorted out
in the meantime.
Still planning to replace wgconfig(8) and wg-keygen(8) by one wg(8)
tool compatible with wireguard-tools; update wg(4) for the minor
changes from the 2018-06-30 spec to the 2020-06-01 spec; &c. This just
clarifies the current state of affairs as it exists in the development
tree for now.
Mark the man page EXPERIMENTAL for extra clarity.
that pre-populate parts of the system (e.g. a tmpfs based /var) an
easy place to plug in like:
# REQUIRE: mountcritlocal
# BEFORE: MOUNTCRITLOCAL
This also cleans up the existing special handling a bit by separating it
into new scripts. All later scripts now depend on MOUNTCRITLOCAL.
Discussed on tech-userlevel some time ago.
This is much better handled by a user-land tool.
Proposed on tech-net here:
https://mail-index.netbsd.org/tech-net/2020/04/22/msg007766.html
Note that the ioctl SIOCGIFINFO_IN6 no longer sets flags. That now
needs to be done using the pre-existing SIOCSIFINFO_FLAGS ioctl.
Compat is fully provided where it makes sense, but trying to turn on
RA handling will obviously throw an error as it no longer exists.
Note that if you use IPv6 temporary addresses, this now needs to be
turned on in dhcpcd.conf(5) rather than in sysctl.conf(5).
rndctl -S triggers entropy consolidation, so whatever we gathered
during kernel startup -- interrupt timings, autoconf timings, &c. --
will be incorporated into the seed and into subsequent data read from
/dev/urandom, just like if rndctl -L had run at this boot, and the
seed will carry them into the next boot too.
But it still avoids frequently consolidating entropy on any regular
schedule, in order to continue to mitigate iterative-guessing
attacks.
- Teach rndctl to load the seed, but treat it as zero entropy, if the
medium is read-only or if the update fails.
- Teach rndctl to accept `-i' flag instructing it to ignore the
entropy estimate in the seed.
- Teach /etc/rc.d/random_seed to:
(a) assume nonlocal file systems are unsafe, and use -i, but
(b) assume / is safe, even if it is nonlocal.
If the medium is nonwritable, leave it to rndctl to detect that.
(Could use statvfs and check for ST_LOCAL in rndctl, I guess, but I
already implemented it this way.)
Treating nonlocal / as safe is a compromise: it's up to the operator
to secure the network for (e.g.) nfs mounts, but that's true whether
we're talking entropy or not -- if the adversary has access to the
network that you've mounted / from, they can do a lot more damage
anyway; this reduces warning fatigue for diskless systems, e.g. test
racks.
`rndctl -S' can replace the file just fine, and deleting it ahead of
time adds a window during which we can lose the seed altogether if
the system is interrupted by a crash or power outage.
XXX pullup
/netbsd/modules respectively instead of /netbsd and
/stand/<arch>/<version>/modules. This is only supported for x86,
and is turned off by default. To try it, add KERNEL_DIR=yes in your
/mk.conf and install a system from that build.
- Move /etc/daily from 03:15 -> 04:15
- Move /etc/weekly from 04:30 -> 05:30 (to keep the spacing)
This should prevent problems during daylight savings changeover (which
is usually between 01:00 -> 04:00, depending upon the region) where the
cronjobs may be executed twice, or never at all...
This expands on the previous fix in revision 1.13 from 1997.
It seems that working kernel should be more smaller.
Strip off most kernel options, and provide by kernel modules.
Also add GENERIC kernel for NFS root instead of FFS.
If you set zfs=YES, presumably you positively want the automatic rc.d
actions, so if there's no /sbin/zfs or if zfs can't find pools with
/etc/zfs/zpool.cache, presumably you would like feedback about that
in rc.log.
At this point it is highly unlikely this 1999 device still has users,
but it still comes up in the context of maxv's USB-fuzzing (and any device
could pretend to be a urio(4)), so it's best to get rid of it.
Renamed all major entries to obsolete, as was done in previous removals.
This still requires an update to sanitizers, but they're located in
"external", perhaps it should be first committed upstream?
Proposed on tech-kern a month ago.
Discussed on tech-kern:
https://mail-index.NetBSD.org/tech-kern/2020/01/13/msg025938.html
This was never (intentionally) enabled by default, and the design has
some shortcomings. You can get mostly the same results with ktrace,
as in usr.bin/make/filemon/filemon_ktrace.c which is now used instead
of filemon for make's meta mode.
If applications require higher performance than ktrace, or nesting
that ktrace doesn't support, we might consider adding something back
into the vfs system calls themselves, without hijacking the syscall
table. (Might want a more reliable output format too, e.g. one that
can handle newlines in file names.)
script takes care of mounting filesystems.
Don't try to unmount all file systems before unloading the ZFS module, leave
that to the operator in preperation or the mountall script to take care
of. Module will of course fail to unload then if file systems are still
mounted.
script from wroking if the system is booted into single user mode & then
moved onto multi-user mode.
Reported by <pgoyette> for NPF but the issue is there in PF too.
With this switch processes (such as xconsole) can open /dev/console
without breaking login on the text or serial console. This can be
trivially triggered by enabling xdm in rc.conf and hitting
Ctrl+Alt+F1 or equivalent once booted.
The changes:
- Add entry for /dev/console or /dev/constty if missing
- If a port's had /dev/console 'on' switch it off and enable /dev/constty
- If a port did not have /dev/console 'on', leave /dev/constty off
Some ports had /dev/console off and /dev/ttyE0 enabled, presumably to
avoid just this issue. It may make sense to adjust these also (but not
in this pass)
As discussed on current-users
in the ZFS properties of the dataset and a simple man page for
mount_zfs. With this, it is possible to put ZFS filesystems in
/etc/fstab as file system type zfs.
Add a rc.d script that kicks the module ZFS load mostly before
mountall runs simular to what LVM does. This allows for any legacy
mounts to be specified in critical_local_filesystems and allows for
ZFS pools on top of cgd (probably among other things). Introduce a
rc.conf variable called zfs which needs to be set to YES, in the usual
manor of things, to get zvols and ZFS dataset support rather then just
assume that 'zfs mount' does that in mountall. Fix a problem in
mountall if ZFS is not compiled into the system.
from userland via /dev/vhci. Using this, it becomes possible to test and
fuzz the USB stack and all the USB drivers without having the associated
hardware.
The vHCI device has four ports independently addressable.
For each xfer on each port, we create two packets: a setup packet (which
indicates mostly the type of request) and a data packet (which contains
the raw data). These packets are processed by read and write operations
on /dev/vhci: userland poll-reads it to fetch usb_device_request_t
structures, and dispatches the requests depending on bRequest and
bmRequestType.
A few ioctls are available:
VHCI_IOC_GET_INFO - Get the current status
VHCI_IOC_SET_PORT - Choose a vHCI port
VHCI_IOC_USB_ATTACH - Attach a USB device on the current port
VHCI_IOC_USB_DETACH - Detach the USB device on the current port
vHCI has already allowed me to automatically find several bugs in the USB
stack and its drivers.
Enable in all the supported variations for NetBSD/amd64:
- Address Sanitizer
- Thread Sanitizer
- Memory Sanitizer
- Undefined Behavior Sanitizer
- SafeStack
- libFuzzer
- XRay
This change enables the features on amd64 for start.
We probably don't need more than one pci file, but the code needs to be
changed for it, which might introduce problems, and we're just before a
branch.
Not needed for evbarm because it uses devpubd by default.
Stopgap fix for PR xsrc/54388.
Also add the other gm20x nouveau firmwares to the source tree
to make it easier to add them for someone who can test them.
Installed if MKNOUVEAUFIRMWARE is set to 'yes'.
This defaults to no except on amd64 and i386 (like for radeon).
My keyboard and mouse use multiple device nodes each. I can't use
any other devices once they're attached. With my keyboard, mouse,
and two game controllers attached, a total of 9 nodes are required.
Particularly, high-end keyboards with N-key rollover support require
more device nodes, since they pretend to be multiple keyboards to work
around limitations in the uhid compat spec.
My original intention was to raise it from 4 to 12, but martin
suggested increasing it to 16.
"somewhat insane, but so is reality" - mlelstv
(like sensor readout) are locked, so that a userland program may interfere with
envsys operation.
To use this you need a program like ipmitool built with OpenIPMI support.
pipes. Skip the "error" printf from GetSmtId() as there is no easy
portable way to avoid it occurring (there are complicated ways) - but
we don't need it, there is no logical difference between "error" and ""
so just use the latter (if we get an ID, good, if there is nothing, then
there is none - saying 'error' does not mean anything.)
Use quoting everywhere possibly useful (always the right way, except
in the few cases where it is wrong...)
Avoid using cut & grep (from /usr/bin) so script could run before /usr
is mounted (pity cpuctl is in /usr/sbin ...).
Use sysctl -n rather than attempting to parse its output.
parses the output of cpuctl, and executes "cpuctl offline" for each CPU
that has SmtID!=0.
The default is "smtoff=NO", which means that SMT remains enabled.
boards that use u-boot. A known board database lists boards and their
respective u-boot packages. u-boot packages are discovered at run-time
(in /usr/pkg/share/u-boot, by default). These packages contain board
database overlays that describe u-boot installation procedure that's
specific for that board.
Support this as a native tool and as a host tool. The native tool
will attempt to determine the running board type using OpenFirmware
calls. Host tool and native tool alike may also specify a board type
directly using the "-o board=xxx option" or have installboot(8) determine
the board type from a device tree blob using "-o dtb=/path/to/board.dtb".
A "-o media=xxx" option is provided for boards that have different u-boot
binaries and/or installation procedures for different media types (e.g.
SDMMC, eMMC, or USB).
This is trivial to extend to other evb* platforms that use u-boot, even if
they don't use FDT for autoconfiguration.
mlelstv