Commit Graph

150 Commits

Author SHA1 Message Date
jmcneill
e3afd33ec2 Look for the string "amazon" in a few different sysctl nodes. There doesn't
seem to be a single spot to check that works with both XenPVHVM and KVM
instances.
2020-09-09 13:25:48 +00:00
jmcneill
4f13f64982 Add support for EC2 and resize root to AMD64 live images. 2020-08-05 01:35:18 +00:00
jmcneill
9555656604 Only install gptmbr.bin if USE_GPTMBR=yes 2020-05-28 15:13:21 +00:00
maya
bec9186e4c rename amd64 uefi-installimage to be just installimage.
Works for both purposes, no confusing name.
2020-05-27 22:27:58 +00:00
roy
00fb306ae0 ramdisk-zfsroot: Build with -D_REENTRANT
zpool(8) requires libhack built with it.
2020-03-02 16:04:49 +00:00
riastradh
d823475ff2 kernfs no longer needs a hacky workaround to make rootdev appear. 2020-02-26 16:00:48 +00:00
roy
5403a7a7c1 zfs: build a ramdisk on amd64 with enough to mount rpool/ROOT on /
Until we get ZFS integrated into our boot loader, this is the next best
thing. The idea is simple - have a small FFS partition with a kernel,
modules and this ramdisk. Once the ramdisk boots it will mount the FFS
partition read only, copy the needed ZFS modules to the ramdisk and then
unmount the partition. Then we import the ZFS root pool, mount the
ZFS root filesystem and then pivot to it.

Because the initial FFS partition is not mounted at this point, we
can mount it in /altroot so we can replace the kernel and modules with
newer ones so it's easily maintainable.

This ZFS boot strapper currently makes the following assumptions:
 * The device NAME=boot is the FFS with kernel, modules and this ramdisk.
 * The ZFS root pool and root filesystem are called rpool/ROOT.

A boot.cfg menu entry can then be added like so:
menu=Boot ZFS root:fs /ramdisk-zfsroot.fs;boot
2020-02-22 09:53:47 +00:00
martin
a879768d74 PR install/54780: in the (of course totally unlikely) case that sysinst
should crash, run "stty sane".
2020-01-09 19:17:40 +00:00
christos
128e5f5e67 1. Remove all the special handling of variables (-d -p -P -s -S) that
were dealing with DBG (-d) LDSTATIC/NOPIE (-p), and the rest with
   disabling/enabling sanitizers.
2. Use emalloc/estrdup for all the allocators instead of only some cases.
3. Add -V varspec which passes variables on the command line (as DBG
   and LDSTATIC used to be passed before) instead of appending them
   to the on-the-fly Makefile using -v varspec.
4. Change the distrib and rescue Makefiles to use -V instead of the removed
   flags.

The motivation of this is to make variable handling consistent, less magical,
and remove the need for changing crunchgen each time we want to add disabling
an option by default.

(as proposed in tech-toolchain)
2019-12-29 18:26:16 +00:00
joerg
8e4a7b2e22 Merge amd64's UEFI logic back into the generic bootimage handling. 2019-11-21 22:29:03 +00:00
maya
50f7458533 Split out /rescue to its own set and adapt installers/images to add it.
This is meant to make updates safer: if something goes wrong with updating
base, we still have the old, standalone /rescue to recover from.
2019-10-02 11:15:59 +00:00
christos
7e81d727bc Consistently use ${RELEASEDIR}/${RELEASEMACHINE} instead of
${RELEASEDIR}/${MACHINE} (Paul Ripke)
2019-09-23 13:42:30 +00:00
gson
b97dc361fa Live images built with MKDEBUG=yes fit in 2 GB since installing _pic.a
libraries was disabled in src/share/mk/bsd.own.mk 1.1150.
2019-08-11 11:00:30 +00:00
gson
98f1629c07 The amd64 live image no longer fits in 2 GB when built with with
MKDEBUG, as releases are.  Bump the size to just under 4 GB (as in
4*10^9, not 4*2^30), the next larger common USB thumb drive size.
2019-08-07 07:59:35 +00:00
bouyer
10bccfac7a Add newfs_msdos to amd64 install media, proposed on port-amd64@ back in
december.
newfs_msdos is needed to make a UEFI bootable disk.
2019-07-20 15:55:40 +00:00
christos
72f0997774 Add a comment about iLO 2019-05-15 13:47:41 +00:00
maya
8d57144a9c Express more confidence in our ability to boot on hardware with ACPI
enabled and don't warn our users that it might not and already suggest
workarounds.

The ability to disable ACPI and SMP is still there, by dropping to
the boot prompt.
2019-04-22 13:27:39 +00:00
alnsn
6ea52a40bd Add a symlink to /altroot/stand to help the kernel find modules. 2019-04-11 23:50:01 +00:00
tsutsui
60282a8efb Explicitly use ${TOOL_AWK} instead of system's awk. 2019-02-22 22:20:18 +00:00
tsutsui
9541ec522c Reduce diffs between common and amd64 uefi Makefile.bootimage files.
No functional change.
2019-02-22 22:13:58 +00:00
dholland
d5bcf4cdfb fix duplicated chunk from merge 2019-01-27 04:21:26 +00:00
pgoyette
d91f98a871 Merge the [pgoyette-compat] branch 2019-01-27 02:08:33 +00:00
gson
82c4d65e2f Fix previous: set EMUIMAGEMB, not USBIMAGEMB. 2018-12-16 08:58:21 +00:00
gson
c2b3070712 Use the special device name "ROOT." in /etc/fstab not just on the arm
images, but also on the bootable disk images of other ports, so that
they can be booted from differently named devices.  Merge the i386 and
amd64 -live-sd0root and -live-wd0root images into a single live image
per port, bootable both from usb media and in qemu.  Drop the -xx0root
suffixes from image names as they are no longer meaningful.
2018-12-15 18:03:16 +00:00
aymeric
3fb201b9dd Make building boot images work with xz sets on non-NetBSD hosts.
NetBSD gzip is not toolified so we can't assume the host gzip will be able
to decompress xz files. Use the toolified xz instead in the USE_XZ_SETS case.
2018-11-19 20:05:37 +00:00
martin
503ca6cef6 Support .tar.xz format for sets. 2018-10-07 10:33:44 +00:00
martin
8311c2da83 Make gzip on some crunched install media support xz decompression
(just like our base version does).
2018-10-01 17:50:08 +00:00
martin
0e857c5e1f Now that we do not force debug sets off install CDs any more, explicitly
set CDRELEASE_NODEBUG everywhere.
2018-09-28 15:05:19 +00:00
kamil
74f0dd3b90 Specify NOSANITIZER in distrib/amd64/ramdisks/common
This option cannot be set in distrib/common/Makefile.distrib as it's too
late, after including <bsd.own.mk> that will set MKSANITIZER.

This makes generation of ramdisk for amd64 with MKSANITIZER=yes successful.
2018-06-21 11:48:05 +00:00
joerg
d3991df102 Bump image to 1550MB to unbreak the LLVM build. 2018-03-28 22:38:47 +00:00
pgoyette
e01eb3407e Bump size of uefi image - we've outgrown the old size 2018-01-05 01:33:11 +00:00
joerg
6a2fdfeb92 Bump install image sizes. Clang alone adds 100MB+ for a full debug build
and that pushes the full MKDEBUG build over the constraints.
2017-09-18 14:42:16 +00:00
riastradh
ef315f7931 Remove MKCRYPTO option.
Originally, MKCRYPTO was introduced because the United States
classified cryptography as a munition and restricted its export.  The
export controls were substantially relaxed fifteen years ago, and are
essentially irrelevant for software with published source code.

In the intervening time, nobody bothered to remove the option after
its motivation -- the US export restriction -- was eliminated.  I'm
not aware of any other operating system that has a similar option; I
expect it is mainly out of apathy for churn that we still have it.
Today, cryptography is an essential part of modern computing -- you
can't use the internet responsibly without cryptography.

The position of the TNF board of directors is that TNF makes no
representation that MKCRYPTO=no satisfies any country's cryptography
regulations.

My personal position is that the availability of cryptography is a
basic human right; that any local laws restricting it to a privileged
few are fundamentally immoral; and that it is wrong for developers to
spend effort crippling cryptography to work around such laws.

As proposed on tech-crypto, tech-security, and tech-userlevel to no
objections:

https://mail-index.netbsd.org/tech-crypto/2017/05/06/msg000719.html
https://mail-index.netbsd.org/tech-security/2017/05/06/msg000928.html
https://mail-index.netbsd.org/tech-userlevel/2017/05/06/msg010547.html

P.S.  Reviewing all the uses of MKCRYPTO in src revealed a lot of
*bad* crypto that was conditional on it, e.g. DES in telnet...  That
should probably be removed too, but on the grounds that it is bad,
not on the grounds that it is (nominally) crypto.
2017-05-21 15:28:36 +00:00
christos
0ba9702d8a Bump a little to handle clang images. 2017-05-19 15:16:12 +00:00
martin
483132c66a Try to make images big enough for debug sets 2017-05-11 10:49:18 +00:00
christos
d238194040 Add ${GPT_TIMESTAMP} 2017-02-16 03:47:23 +00:00
pgoyette
b681d47f3c Clean up another extraneous -f option 2017-02-11 08:14:05 +00:00
christos
8a78ba48ab more MKREPRO_TIMESTAMP fixes (for pax/tar generated files) 2017-02-11 03:07:06 +00:00
christos
4c5a1b33b8 MKREPRO_TIMESTAMP fixes for efiboot 2017-02-10 16:53:51 +00:00
christos
0cd29ab5b4 Initial pass to be unaffected by build umask on build artifacts
1. ${MKDIR} -> ${MKDIR} ${MKDIRPERM}
2. ${CP} -> ${INSTALL} ${COPY} -m <perm>
2017-02-10 16:43:59 +00:00
nonaka
53532ef3a8 amd64: make BIOS and UEFI dual bootable iso image. 2017-01-24 11:27:55 +00:00
nonaka
90f9d081f2 make amd64 EFI install image
XXX merge to installimage?
2017-01-24 11:16:50 +00:00
pgoyette
c87d5fde45 Omit cgd based ramdisks and miniroot modules if MKCRYPTO=no
Final part of PR kern/51282
2016-06-30 12:56:27 +00:00
christos
27942f3721 Grow! 2016-01-24 15:30:05 +00:00
martin
14373fddc6 PR install/50311: missing gptmbr.bin on ramdisk based installs. 2015-10-07 14:09:04 +00:00
martin
0ae2127055 Obey MKKMOD=no.
From Rin Okuyama in PR install/50061.
2015-07-19 10:16:55 +00:00
martin
ccb8409b13 Make sure to copy the language catalog files for sysinst, but do not
copy sysinst itself to / on the CD, and instead use the base version
for installation.
2015-05-28 09:51:31 +00:00
martin
3cf95378a5 Do not default any CD_SETS - let the MD makefiles request them specifically. 2015-05-27 09:44:40 +00:00
martin
9565aae1bf 2nd try: make amd64, i386, sparc64 and vax iso images use full sets.
While there fix an old bug that makefs used the build hosts /etc/group
and passwd information when creating the image.
Thanks to Andreas Gustafsson for extensive testing.
2015-05-25 15:38:33 +00:00
martin
ec52efb27b Add full libexec contents to the CD image - this makes dhcpcd happy. 2015-05-24 09:33:20 +00:00