Commit Graph

255 Commits

Author SHA1 Message Date
joerg 9030bd2d9e Add note about the eARM flag day for C++. 2014-05-30 18:33:30 +00:00
skrll c3052f8805 Improve the compiler_rt entry slightly 2014-02-01 13:29:45 +00:00
joerg 45d835616e Advise a clean build for the compiler-rt migration. 2014-02-01 12:51:02 +00:00
wiz be8a8d1627 Add a letter, fix a word. 2014-01-31 11:19:37 +00:00
martin a358a4becd Add a note for the libc/compile_rt changes requiring a partial clean. 2014-01-31 10:40:44 +00:00
christos 24bf420295 mention visible changes 2013-12-28 03:39:07 +00:00
mrg 8220735952 add a note about GMP i wrote but forgot to commit a few days ago. 2013-12-04 14:47:41 +00:00
mrg c02c057f9a add a note about MPC and MPFR potentially upsetting the update build. 2013-11-29 02:05:59 +00:00
spz 15ffa58d96 add hints about FAST_IPSEC no longer being around 2013-08-08 20:00:20 +00:00
martin 18e30871ca Note manual removal of internal freetype headers. 2013-06-05 21:59:59 +00:00
mrg b9c4a40bac add a specific note about an xdm.man failure mode 2013-06-01 08:25:17 +00:00
mrg 80fb2cd92f add a note about xsrc updates. 2013-05-31 10:39:02 +00:00
christos 38e4def3a3 more 2013-03-02 08:51:42 +00:00
christos d41dbbce48 add netiso caveat 2013-03-02 07:32:59 +00:00
wiz c56495817a - Capitalization fixes (``OpenSSL'', not ``openssl'');
- change single to double space in between sentences;
- remove trailing white space.

From Bug Hunting.
2012-10-03 19:17:00 +00:00
dholland b23ea7fc20 Strengthen the entry about the openssl update, to clarify and emphasize
that just doing a non-update build isn't enough; you really do have to
nuke $DESTDIR.
2012-09-17 05:56:27 +00:00
dholland 26b6cbe8db Fix typo, noticed by stu314 on freenode. 2012-09-15 18:03:42 +00:00
dholland bc78f655b5 Add note about cleaning required by last month's openssl update.
Closes PR 46816.
2012-08-22 04:16:47 +00:00
wiz 686542c156 Mention that you should run makemandb -f, or wait for the weekly script. 2012-05-07 11:20:24 +00:00
bsh ff9356e5c3 add note about SYMTAB_SPACE. 2012-03-19 06:08:51 +00:00
joerg a7408e7eff Extend entry to makemandb permission issue. 2012-02-15 23:32:27 +00:00
spz e74a3a0936 fix typo/braino 2012-02-09 21:49:31 +00:00
joerg 4880720394 Add note about new apropos and mandoc for formatting. Document failing
update builds due to the cat page removal.
2012-02-07 19:37:14 +00:00
christos 06e09d97b3 mention pam unbump. 2011-12-27 16:54:51 +00:00
tls 14a90da1e9 Mention that "pseudo-device rnd" should be removed from custom kernel
configs.  Thanks to Julio for pointing this out.
2011-11-26 01:20:25 +00:00
tls 3afd44cf08 First step of random number subsystem rework described in
<20111022023242.BA26F14A158@mail.netbsd.org>.  This change includes
the following:

	An initial cleanup and minor reorganization of the entropy pool
	code in sys/dev/rnd.c and sys/dev/rndpool.c.  Several bugs are
	fixed.  Some effort is made to accumulate entropy more quickly at
	boot time.

	A generic interface, "rndsink", is added, for stream generators to
	request that they be re-keyed with good quality entropy from the pool
	as soon as it is available.

	The arc4random()/arc4randbytes() implementation in libkern is
	adjusted to use the rndsink interface for rekeying, which helps
	address the problem of low-quality keys at boot time.

	An implementation of the FIPS 140-2 statistical tests for random
	number generator quality is provided (libkern/rngtest.c).  This
	is based on Greg Rose's implementation from Qualcomm.

	A new random stream generator, nist_ctr_drbg, is provided.  It is
	based on an implementation of the NIST SP800-90 CTR_DRBG by
	Henric Jungheim.  This generator users AES in a modified counter
	mode to generate a backtracking-resistant random stream.

	An abstraction layer, "cprng", is provided for in-kernel consumers
	of randomness.  The arc4random/arc4randbytes API is deprecated for
	in-kernel use.  It is replaced by "cprng_strong".  The current
	cprng_fast implementation wraps the existing arc4random
	implementation.  The current cprng_strong implementation wraps the
	new CTR_DRBG implementation.  Both interfaces are rekeyed from
	the entropy pool automatically at intervals justifiable from best
	current cryptographic practice.

	In some quick tests, cprng_fast() is about the same speed as
	the old arc4randbytes(), and cprng_strong() is about 20% faster
	than rnd_extract_data().  Performance is expected to improve.

	The AES code in src/crypto/rijndael is no longer an optional
	kernel component, as it is required by cprng_strong, which is
	not an optional kernel component.

	The entropy pool output is subjected to the rngtest tests at
	startup time; if it fails, the system will reboot.  There is
	approximately a 3/10000 chance of a false positive from these
	tests.  Entropy pool _input_ from hardware random numbers is
	subjected to the rngtest tests at attach time, as well as the
	FIPS continuous-output test, to detect bad or stuck hardware
	RNGs; if any are detected, they are detached, but the system
	continues to run.

	A problem with rndctl(8) is fixed -- datastructures with
	pointers in arrays are no longer passed to userspace (this
	was not a security problem, but rather a major issue for
	compat32).  A new kernel will require a new rndctl.

	The sysctl kern.arandom() and kern.urandom() nodes are hooked
	up to the new generators, but the /dev/*random pseudodevices
	are not, yet.

	Manual pages for the new kernel interfaces are forthcoming.
2011-11-19 22:51:18 +00:00
jym f0eca4d0dd Inform that the prop_{array,dictionary}_send_syscall(3) change breaks
backward compatibility with old quota2 binaries, so ensure that you
update both (proplib + quota2 executables) simultaneously when updating
a -current installation.
2011-09-30 22:17:50 +00:00
mrg 8188255310 switch sparc to GCC 4.5.3. 2011-08-17 09:18:37 +00:00
riastradh ebb828104e i386 and amd64 are on GCC 4.5 too now. 2011-08-12 03:26:51 +00:00
mrg 2f34a216cb add a note about cleaning the tree for GCC 4.5. 2011-08-06 23:07:14 +00:00
matt 6da5e72aff Note changes to xz require cleaning of a directory by hand. 2011-08-04 03:48:11 +00:00
dholland e23caa73d0 Update this weekend's note on cleaning gcc: you need to clean binutils too. 2011-04-10 22:46:09 +00:00
joerg 29f33e6b4e Add a generic note about GCC's error on changed variables and a specific
entry for the sysroot related changes breaking MKUPDATE.
2011-04-10 20:22:32 +00:00
plunky 8f6f899225 Building the Xorg binary was moved into a subdirectory to fix
ordering issues with "make all". It may be necessary to remove
	the OBJDIR for external/mit/xorg/server/xorg-server/hw/xfree86
	if your update build fails, as the "Xorg" entry there is now a
	directory.
2011-04-10 08:29:31 +00:00
lukem 5cc6fc1ef0 fix typo in "-traditional-cpp" 2011-01-23 23:40:37 +00:00
joerg 19b23810a0 Switch remaining platforms to modern CPP for assembler. 2011-01-21 15:59:04 +00:00
joerg 13d8b2b89c Move SPARC and SPARC64 to modern CPP. Update UPDATING note for this and
Alpha.
2011-01-17 18:11:09 +00:00
joerg 5a2c3d029b Add entry about -tradition-cpp change for people not using build.sh. 2011-01-15 16:13:59 +00:00
jruoho 27cfff3b3e Make tcpdump(8) to drop root privileges and chroot(2) by default. 2010-12-17 09:54:27 +00:00
christos f9d2e9c2a9 Mention setenv lossage. 2010-11-25 22:08:49 +00:00
mrg 5a881be08e add a note about xorg updates 2010-11-23 06:49:29 +00:00
dholland c939deefa5 minor clarification 2010-06-09 17:29:15 +00:00
jmmv 782d4e60b0 atf 0.9 includes a backwards incompatible change that requires rebuilding
the sh tests.  Add a note to tell users to clean up the old files, as
otherwise the rebuilds will not be triggered.
2010-06-04 15:11:31 +00:00
mrg 61d6ec5ea8 note about xsrc update build issues. 2010-05-22 11:10:59 +00:00
tnozaki 5abea6a8dd ctype.h was splitted, so you have to make cleandir tools/mklocale. 2010-05-22 09:11:04 +00:00
christos ad3a6c191f mention compiled xkb move. 2010-05-22 02:31:25 +00:00
njoly d4da917501 Note shared objects extension change, and stalled files. 2010-02-22 12:35:32 +00:00
roy ca59b5d5fb Document termcap database removal. 2010-02-04 22:25:21 +00:00
mbalmer be714279aa Fold long lines. 2009-12-26 11:00:46 +00:00
dholland b8da7e87e0 Note briefly that new amd64 kernels don't build with old binutils. 2009-11-16 07:45:50 +00:00