Until we get ZFS integrated into our boot loader, this is the next best
thing. The idea is simple - have a small FFS partition with a kernel,
modules and this ramdisk. Once the ramdisk boots it will mount the FFS
partition read only, copy the needed ZFS modules to the ramdisk and then
unmount the partition. Then we import the ZFS root pool, mount the
ZFS root filesystem and then pivot to it.
Because the initial FFS partition is not mounted at this point, we
can mount it in /altroot so we can replace the kernel and modules with
newer ones so it's easily maintainable.
This ZFS boot strapper currently makes the following assumptions:
* The device NAME=boot is the FFS with kernel, modules and this ramdisk.
* The ZFS root pool and root filesystem are called rpool/ROOT.
A boot.cfg menu entry can then be added like so:
menu=Boot ZFS root:fs /ramdisk-zfsroot.fs;boot
were dealing with DBG (-d) LDSTATIC/NOPIE (-p), and the rest with
disabling/enabling sanitizers.
2. Use emalloc/estrdup for all the allocators instead of only some cases.
3. Add -V varspec which passes variables on the command line (as DBG
and LDSTATIC used to be passed before) instead of appending them
to the on-the-fly Makefile using -v varspec.
4. Change the distrib and rescue Makefiles to use -V instead of the removed
flags.
The motivation of this is to make variable handling consistent, less magical,
and remove the need for changing crunchgen each time we want to add disabling
an option by default.
(as proposed in tech-toolchain)
enabled and don't warn our users that it might not and already suggest
workarounds.
The ability to disable ACPI and SMP is still there, by dropping to
the boot prompt.
images, but also on the bootable disk images of other ports, so that
they can be booted from differently named devices. Merge the i386 and
amd64 -live-sd0root and -live-wd0root images into a single live image
per port, bootable both from usb media and in qemu. Drop the -xx0root
suffixes from image names as they are no longer meaningful.
NetBSD gzip is not toolified so we can't assume the host gzip will be able
to decompress xz files. Use the toolified xz instead in the USE_XZ_SETS case.
This option cannot be set in distrib/common/Makefile.distrib as it's too
late, after including <bsd.own.mk> that will set MKSANITIZER.
This makes generation of ramdisk for amd64 with MKSANITIZER=yes successful.
Originally, MKCRYPTO was introduced because the United States
classified cryptography as a munition and restricted its export. The
export controls were substantially relaxed fifteen years ago, and are
essentially irrelevant for software with published source code.
In the intervening time, nobody bothered to remove the option after
its motivation -- the US export restriction -- was eliminated. I'm
not aware of any other operating system that has a similar option; I
expect it is mainly out of apathy for churn that we still have it.
Today, cryptography is an essential part of modern computing -- you
can't use the internet responsibly without cryptography.
The position of the TNF board of directors is that TNF makes no
representation that MKCRYPTO=no satisfies any country's cryptography
regulations.
My personal position is that the availability of cryptography is a
basic human right; that any local laws restricting it to a privileged
few are fundamentally immoral; and that it is wrong for developers to
spend effort crippling cryptography to work around such laws.
As proposed on tech-crypto, tech-security, and tech-userlevel to no
objections:
https://mail-index.netbsd.org/tech-crypto/2017/05/06/msg000719.htmlhttps://mail-index.netbsd.org/tech-security/2017/05/06/msg000928.htmlhttps://mail-index.netbsd.org/tech-userlevel/2017/05/06/msg010547.html
P.S. Reviewing all the uses of MKCRYPTO in src revealed a lot of
*bad* crypto that was conditional on it, e.g. DES in telnet... That
should probably be removed too, but on the grounds that it is bad,
not on the grounds that it is (nominally) crypto.
While there fix an old bug that makefs used the build hosts /etc/group
and passwd information when creating the image.
Thanks to Andreas Gustafsson for extensive testing.
