populate /dev with zvol device nodes.
Following on with the recent ZFS/DTrace update, this is no longer a valid option
and causes the mountall script to barf zfs usage() following from
unrecognized command 'volinit' error.
XMSS is a stateful post-quantum signature scheme.
- Post-quantum security for _online_ authentication is not important
until quantum computers become practical; there's no danger of
retroactive forgery in sessions that have already completed.
- As a stateful signature schemes, XMSS is qualitatively different
from all the other ones sshd supports, requiring additional
administrative care: roll back the state (e.g., from a disk backup
or VM snapshot), and you've shot yourself in the foot.
If users want XMSS keys, they can make them explicitly, but there's
no need for this to be enabled by default.
Discussed with christos offline.
Use ps -A instead of ps -ax (-A means -ax, but -A is posix, -x is not)
Use ps -o args instead of ps -o command (same reason).
This makes no difference when the ps used is /bin/ps on NetBSD, but
can make a difference when some other ps command gets invoked instead.
XXX pullup -8
- sys/arch/evbarm64 is gone and integrated into sys/arch/evbarm. (by skrll@)
- add support fdt. evbarm/conf/GENERIC64 fdt (bcm2837,sunxi,tegra) based generic 64bit kernel config. (by skrll@, jmcneill@)
https://ftp.isc.org/isc/bind9/keys/9.11/bind.keys.v9_11
This includes the new KSK2017 key which is planned to replace the KSK2010
in October 11th, 2018. It is important to have software that ships with
both before September 11th 2018. Anything that bootstraps after that could
have trouble switching.
XXX: pullup-8, pullup-7, pullup-6
through the list of kernel names it is configured to try. This way there is
fallback if /netbsd is not present. netbsd is the first name to be tried anyway.
Issue brought up on tech-kern@ by Patrick Welche <prlw1 AT cam ac uk> where a system
without /netbsd hung on boot.
Suggestion by rudolf <netbsd AT eq cz>
https://mail-index.netbsd.org/tech-kern/2018/02/16/msg023122.html
Install:
- allocator_interface.h
- asan_interface.h
- common_interface_defs.h
- tsan_interface_atomic.h
Into:
- /usr/include/gcc-5/sanitizer
Note headers in a comment headers for introduction in future:
- dfsan_interface.h
- lsan_interface.h
- msan_interface.h
Skip a file that will never be relevant on NetBSD:
- linux_syscall_hooks.h
PR 52265 by Kamil Rytarowski
Proposed and accepted on tech-toolchain@.
Sponsored by <The NetBSD Foundation>
node results in a non working config, despite following manual to get setup.
Remove a step for the user by creating a device node for veriexec by default.
ok mrg jakllsch
/usr/mdec/sbmips/ and document them in installboot(8) even though
it isn't really ported yet. also build the SBMIPS kernels.
unfortunately, sbmips has been broken since mips64 merge, but the
fix can happen in the evbmips version, which we might merge into
the older trees anyway.
XXX: releng can turn off sbmips* builds now for -current.
sleep / resume.
This should no longer be needed now the various applications
(dhcpcd, ntpd, wpa_supplicant et all) are more aware to the network state
as all interface carriers should be brought down and up again.
Fixes PR misc/52397.
- the names "ttya" and "ttyb" in zs(4) man page were leftover of the orignal
sparc/sun3 ports which used the same name for their native SunOS users
- symlinks ttya -> tty00 -> ttyZ0 (by "lndev tty00 ttya") are awful anyway
(symlinks tty0? -> ttyZ? are handled in MI MAKEDEV.tmpl)
See details on discussion on source-changes-d@:
http://mail-index.netbsd.org/source-changes-d/2017/07/thread1.html#009301
for more than one of the -m -p -s -t args (and checks whether any were given
to pick one if not) to be more shell friendly.
Note that while the method here is the same as was discussed on the list,
the actual implementation is free of the typos, and just pure lunacy that
was in the code that was shown there.
Also note these changes are intended to be completely internal, there
should be no visible impact upon the way that MAKEDEV works.
ok:christos. Thanks to pgoyette for the code review.
CAN stands for Controller Area Network, a broadcast network used
in automation and automotive fields. For example, the NMEA2000 standard
developped for marine devices uses a CAN network as the link layer.
This is an implementation of the linux socketcan API:
https://www.kernel.org/doc/Documentation/networking/can.txt
you can also see can(4).
This adds a new socket family (AF_CAN) and protocol (PF_CAN),
as well as the canconfig(8) utility, used to set timing parameter of
CAN hardware. Also inclued is a driver for the CAN controller
found in the allwinner A20 SoC (I tested it with an Olimex lime2 board,
connected with PIC18-based CAN devices).
There is also the canloop(4) pseudo-device, which allows to use
the socketcan API without CAN hardware.
At this time the CANFD part of the linux socketcan API is not implemented.
Error frames are not implemented either. But I could get the cansend and
canreceive utilities from the canutils package to build and run with minimal
changes. tcpudmp(8) can also be used to record frames, which can be
decoded with etherreal.
Originally, MKCRYPTO was introduced because the United States
classified cryptography as a munition and restricted its export. The
export controls were substantially relaxed fifteen years ago, and are
essentially irrelevant for software with published source code.
In the intervening time, nobody bothered to remove the option after
its motivation -- the US export restriction -- was eliminated. I'm
not aware of any other operating system that has a similar option; I
expect it is mainly out of apathy for churn that we still have it.
Today, cryptography is an essential part of modern computing -- you
can't use the internet responsibly without cryptography.
The position of the TNF board of directors is that TNF makes no
representation that MKCRYPTO=no satisfies any country's cryptography
regulations.
My personal position is that the availability of cryptography is a
basic human right; that any local laws restricting it to a privileged
few are fundamentally immoral; and that it is wrong for developers to
spend effort crippling cryptography to work around such laws.
As proposed on tech-crypto, tech-security, and tech-userlevel to no
objections:
https://mail-index.netbsd.org/tech-crypto/2017/05/06/msg000719.htmlhttps://mail-index.netbsd.org/tech-security/2017/05/06/msg000928.htmlhttps://mail-index.netbsd.org/tech-userlevel/2017/05/06/msg010547.html
P.S. Reviewing all the uses of MKCRYPTO in src revealed a lot of
*bad* crypto that was conditional on it, e.g. DES in telnet... That
should probably be removed too, but on the grounds that it is bad,
not on the grounds that it is (nominally) crypto.
This is a copy of t_hello from usr.bin/cc.
Added tests:
- hello
- hello_pic
- hello_pie
- hello32
These tests do not use c++ runtime library functions.
Protect these tests with MKCXX.
- Check if setkey correctly handles algorithms for AH/ESP
- Check IPsec of transport mode with AH/ESP over IPv4/IPv6
- Check IPsec of tunnel mode with AH/ESP over IPv4/IPv6
The tests/kernel/arch directory has been removed. The t_ptrace files have
been merged and moved to tests/lib/libc/sys.
Sponsored by <The NetBSD Foundation>
is complete, so that scripts invoked from powerd don't think that they
are still invoked by the rc system and fail.
Reported by rudolf @ tech-userlevel
Reviewed by enami@. Tested by Naruaki Etomi and me.
A 68k LUNA with this driver will be demonstrated at AsiaBSDCon NetBSD booth
by Etomi-san, with LUNA-88K2 running OpenBSD/luna88k by Kenji Aoyama.
Add a test program for the bug described in this PR.
This is the first pkill/pgrep/prenice test (more would be good!)
This test has been confirmed to work once the bug described in the PR
has been fixed, so the test is not marked "expected to fail" even
though initially that is what should happen.
Note: the test cana also fail if the system running the tests happens
to be running processes with names that match the patterns searched for
by the test, other than the test program itself. This is expected to be
unlikely.
do ship carp(4).
Restore the pfsync entry that was added with 1.20, then wiped out by
the 1.21 import. Please merge any wholesale imports properly.
Remove http://www.sethwklein.net/projects/iana-etc/ which 404s.
Should fix PR bin/51568
Add missing SIGTRAP handler. Assert there that the signal is SIGTRAP as
expected and si_code TRAP_TRACE.
This test will break on some ports that have dummy or incomplete
implementation of exect(2).
This test works on amd64 correctly.
Sponsored by <The NetBSD Foundation>
Rename
- tests/kernel/t_ptrace_amd64_wait.c
to
- tests/kernel/arch/amd64/t_ptrace_wait.c
and adapt appropriate files accordingly.
New directory will be used for more amd64-specific tests, verifying the
MD parts of the kernel.
Remove old entries from distrib/sets/lists as they were added a while ago.
Sponsored by <The NetBSD Foundation>
(reported by rhialto@falu.nl) Don't fail to start if it doesn't.
Make sure the directory for the config file exists inside the chroot before
attempting to copy into it ("confdir" was calculated, but never used...)
While here, fix getopts usage (obviously only ever previously tested when
the -c arg was the first option...) and don't use test(1)'s -o operator
(especially not when one of the other args is an unknown string).
If -c is given (and we will chroot), require filename to be full path.
Misc minor style cleanups.
At the moment this test does nothing except reports failure from td_open()
for overloaded (implemented) dummy1_proc_lookup() (.proc_lookup from
td_proc_callbacks_t) of the following form:
static int
dummy1_proc_lookup(void *arg, const char *sym, caddr_t *addr)
{
return TD_ERR_ERR;
}
This file and directory with tests is placeholder for new ones, without
further need to alter mtree and distribution sets.
The libpthread_dbg interface and library is used by gdb(1) to handle
threads in applications.
Sponsored by <The NetBSD Foundation>
rather than just ignoring the error.
Don't bother attempting to clear the contents of /var/run if /var/run
does not exist.
In that case the mkdir of /var/run/lvm would have failed - correct that
by using mkdir -p (which as a side effect will ensure /var/run exists
and is available for later scripts to use if for some reason it did not exist.)
tech-kern in messages with a Subject starting [Re:] /dev/sdN -> /dev/sdN[cd]
and in PR port-amd64/51216 :
Create bare (no letter suffix) device names (block & raw) that
refer to the raw device ('c' or 'd' partition as appropriate).
This commit was delayed waiting to see if there was to be any more
discussion - there wasn't a lot.
Caution: this is going to consume 2 more inodes per disc device
configured, everywhere that devices are configured using MAKEDEV
unless they change, and we want to rebuild based upon what inputs are
present, not when they were last touched.
this fixes update builds that switch options that change the dirlist
like MKX11 or MKCOMPAT, restoring a portion of rev 1.14.
note that some opertions like turning off MKX11=yes will also require
a fresh DESTDIR, in addition to this fix. there may be more issues
remaining, but i am now able to enable MKX11=yes successfully without
any other change.
wait for 15 seconds for tentative flags to clear allowing 5 seconds
for detached flags to clear as well from configured addresses.
This is now protocol independant and allows time for the interfaces to
work out if they have a carrier or not.
Remove the expensive tests in _have_rc_postprocessor(), as proposed by apb@.
It more than halves the multiuser boot time on slow machines and brings
it back near to the previous level.
This way, there is no file name issue with radeon(4) from
the old not-kms driver; and subdir man pages are preferred
to non-subdir.
Addresses MKREPRO issue from PR 50132.
XXX: This will stop being correct if radeon-kms is ported to more
platforms like sparc64.
and a lot of other goodies.
You can use and manage up to 32 virtual screens called workspaces.
You swap from one workspace to another by clicking on a button in an
optional panel of buttons (the workspace manager) or by invoking a function.
You can custom each workspace by choosing different colors, names
and pixmaps for the buttons and background root windows.
Main features are:
- Optional 3D window titles and border (ala Motif).
- Shaped, colored icons.
- Multiple icons for clients based on the icon name.
- Windows can belong to several workspaces.
- A map of your workspaces to move quickly windows between
different workspaces.
- Animations: icons, root backgrounds and buttons can be animated.
- Pinnable and sticky menus.
- etc...
See http://web.zephyrite.net/NetBSD/wm/index.html
ok mrg.
the support in the rest of the source tree.
X11 sets could use some cleaning up perhaps (just deletion, as
we've never really marked the old X11R6 as obsolete for native
xorg using platforms so far either.)
and the information from compat/archdirs.mk. Also add suport MKCOMPATTESTS
and process the NetBSD.dist.tests to generate appropriate compat directories.
- only install it by default on x86, set new MKRADEONFIRMWARE variable
- install in /libdata, so that separate /usr systems work
(this still doesn't solve PR#49811, which possibly could be handled by
having them being a kernel module loaded by /boot.)
already redirected stdout, rather than duping stdout to stderr!
Without this fix, the disklabel output is included in the log file
rather than being discarded as intended. (The purpose of running
disklabel this first time is only to check for success.)
the system attempts to resize the root file system to fill it's
partition prior to mounting read-write. Useful for things like AMI
file system images. May eventually be used by arm images after
coming up with similar solution for increasing the parition size.
LEGACY kernel that includes them instead. now radeon@pci is able to
properly claim wsdisplay0 on i386 systems, and radeondrmkms has a good
chance of working.
this "fixes" PR#49290.
Remove rtsol(8) from rc.d/network.
Add -w seconds command to ifconfig to wait for N seconds for until DAD
has finished on all addresses.
Use ifconfig -w in rc.d/network instead of a forced sleep.
As discussed on tech-net@
copies of them.
* Remove all old tests from src/tests/usr.bin/make/d_*. These tests
were unmaintained old copies of the actual tests which are maintained
under src/usr.bin/make/unit-tests. One exception is the test in
d_unmatchedvarparen.mk, which was new, but has nw been added to
src/usr.bin/make/unit-tests/varmisc.mk.
* In src/tests/usr.bin/make/Makefile, copy all
the tests from src/usr.bin/make/unit-tests to
${DESTDIR}/usr/tests/usr.bin/make/unit-tests.
* In src/tests/usr.bin/make/t_make.sh, run the tests installed above,
instead of the old tests.
* In etc/mtree/NetBSD.dist.tests, create the
usr/tests/usr.bin/make/unit-tests diectory.
* Update the set lists for all the above.
The BUILDINFO string will appear nearthe top of /etc/release,
indented by 8 spaces and with a blank line above and below it,
but without a heading. The BUILDINFO string is expected to
be self-explanatory.
Also change some other headings near the top of /etc/release.
seconds, detach from the controlling terminal. Without this, pressing
control-T (to send SIGINFO from the terminal) would almost always result
in the sleep process printing "about N seconds left of the original 3",
which is useless information.
inline tests like [ -n "${_rc_postprocessor_fd}" ]. The new function
performs a few new tests, including verifying that /etc/rc is still
running (using a new _rc_pid variable set by /etc/rc).
This is intended to deal with the case that a script run from /etc/rc
spawns a background process, then /etc/rc exits, but the background
process still has environment variables inherited from /etc/rc.
Fixes PR 46546.
This variable separates CTF stuffs from MKDTRACE; we can build DTrace
solely without building and using them. This allows us to use DTrace
even if CTF stuffs have problems (actually they have now).
This variable would be merged into MKDTRACE eventually, once CTF stuffs
work correctly again.
This prevents it from embedding a timestamp in the output. We pass
"-n" unconditionally, not conditional on MKREPRO, because many other
invocations of gzip already passed the -n flag unconditionally.
outside */dist/* subdirectories.
When USE_PIGZGZIP=yes, bsd.own.mk sets TOOL_GZIP=${TOOL_PIGZ},
so there's no need to test USE_PIGZGZIP in these Makefiles.
on startup
- create share/examples/wpa_supplicant/wpa_supplicant.conf and make it
known in the relevant places. Improvements welcome, my point was
ctrl_interface and "you seriously want this"
they do not work when the server is specified by domain name
and the name is associated with multiple IP addresses.
This also means that uncommenting "restrict default ignore"
will not work, so remove the comments suggesting that.
Also edit some other comments.
- Improvements in the SPARC64 support
- ARM backend can almost build a full NetBSD/EABI system with the
integrated assembler
- PowerPC grows disassembler support
- LLD supports copy relocation, beginning of MIPS backend
- New diagnostic for use of bool expression as size_t argument for
strncmp and friends
operations to decompression operations nearly two years ago. They are
used only by catman(8), which we don't run any more, but they ought to
be correct anyway.
whose home is (allowed to be) owned by another user.
It's a separate variable and not just check_passwd_permit_dups so I can
make security shut up about my uucp users.
Fixes the second half of PR misc/36063
christos