Commit Graph

927 Commits

Author SHA1 Message Date
Ed Maste
2f02c9d6d5 Consolidate gcov entries in OptionalObsoleteFiles
Sponsored by:	The FreeBSD Foundation
2018-11-09 15:27:41 +00:00
Ed Maste
bf81eb3ca9 Add a WITH_BIND_NOW build knob
The linker's -z now flag sets the DF_BIND_NOW flag, which signals to the
runtime loader that all relocation processing should be performed at
process startup rather than on demand.  In combination with lld's
default of enabling relro this causes the GOT to be made read-only when
the process starts, preventing straightforward GOT overwrite attacks.

Shawn Webb discovered a failure on HardenedBSD with BIND_NOW and ifunc
use, which resulted in my rtld fix in r340137.  Add a BIND_NOW knob as
it is trivial to do so and is a useful ELF hardening feature.  This
change is equivalent to HardenedBSD's but not identical as there are
other diffs/conflicts nearby.

Note that our ELF Tool Chain readelf does not currently decode the
DF_BIND_NOW flag - see PR232983.

Reviewed by:	brooks
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17846
2018-11-06 15:52:49 +00:00
Alex Richardson
b25c717954 Fix -DNO_CLEAN build after r340157
Approved By:	jhb (mentor)
2018-11-05 21:30:00 +00:00
Alex Richardson
8f62bca488 Allow building world without inheriting $PATH
Inheriting $PATH during the build phase can cause the build to fail when
compiling on a different system due to missing build tools or incompatible
versions somewhere in $PATH. This has cause build failures for us before
due to the jenkins slaves still running FreeBSD 10.
Listing the tools we depend on explicitly instead of just using whatever
happens to be in $PATH allows us to check that we don't accidentally add a
new build dependency.

All tools that do no need to be bootstrapped will now be symlinked to
${WORLDTMP}/legacy/bin and during the build phase $PATH will only contain
${WORLDTMP}. There is also a new variable "BOOTSTRAP_ALL_TOOLS" which can
be set to force compiling almost all bootstrap tools instead of symlinking
them. This will not bootstrap tools such as cp,mv, etc. since they may be
used during the build and for those we should really only be using POSIX
compatible options.

Furthermore, this change is required in order to be able to build on
non-FreeBSD hosts. While the same binaries may exist on Linux/MacOS they
often accept different flags or produce incompatible output.

Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D16815
2018-11-05 19:51:10 +00:00
Ed Maste
7ae5db1f37 Expand WITH_LLD_BOOTSTRAP description
Reported by:	bz
2018-11-05 15:22:41 +00:00
Conrad Meyer
d83db3fb6a Drop ed(1) "crypto"
You should not be using DES.  You should not have been using DES for the
past 30 years.

The ed DES-CBC scheme lacked several desirable properties of a sealed
document system, even ignoring DES itself.  In particular, it did not
provide the "integrity" cryptographic property (detection of tampering), and
it treated ASCII passwords as 64-bit keys (instead of using a KDF like
scrypt or PBKDF2).

Some general approaches ed(1) users might consider to replace the removed
DES mode:

1. Full disk encryption with something like AES-XTS.  This is easy to
conceptualize, design, and implement, and it provides confidentiality for
data at rest.  Like CBC, it lacks tampering protection.  Examples include
GELI, LUKS, FileVault2.

2. Encrypted overlay ("stackable") filesystems (EncFS, PEFS?, CryptoFS,
others).

3. Native encryption at the filesystem layer.  Ext4/F2FS, ZFS, APFS, and
NTFS all have some flavor of this.

4. Storing your files unencrypted.  It's not like DES was doing you much
good.

If you have DES-CBC scrambled files produced by ed(1) prior to this change,
you may decrypt them with:

  openssl des-cbc -d -iv 0 -K <key in hex> -in <inputfile> -out <plaintext>

Reviewed by:	allanjude, bapt, emaste
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D17829
2018-11-04 17:56:16 +00:00
Bjoern A. Zeeb
43f75d57a2 Introduce an EXPERIMENTAL option for both src.conf(5) and the kernel.
In the last decade(s) we have seen both short term or long term projects
committed to the tree which were considered or even marked "experimental".
While out-of-tree development has become easier than it used to be in
CVS times, there still is a need to have the code shipping with HEAD but
not enabled by default.

While people may think about VIMAGE as one of the recent larger, long term
projects, early protocol implementations (before they are standardised)
are others.  (Free)BSD historically was one of the operating systems
which would have running code at early stages and help develop and
influence standardisation and the industry.

Give developers an opportunity to be more pro-active for early adoption
or running large scale code changes stumbling over each others but not
the user's feet.  I have not added the option to NOTES in order to avoid
breaking supported option builds, which require constant compile testing.

Discussed with:	people in the corridor
2018-10-30 15:46:30 +00:00
Andrew Turner
31d62a73c2 Implement a BSD licensed crtbegin/crtend
These are needed for .ctors/.dtors and .jcr handling. The former needs
all the function pointers to be called in the correct order from the
.init/.fini section. The latter just needs to call a gcj specific function
if it exists with a pointer to the start of the .jcr section.

This is currently disabled until __dso_handle support is added.

Reviewed by:	emaste
MFC after:	1 month
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D17587
2018-10-25 17:39:41 +00:00
Warner Losh
8edab9cd00 Add missing options.
WITHOUT_LOADER_LUA is only needed since we turned it off by default on
powerpc and sparc64 in r338203. Same with
WITHOUT_LOADER_GEIL. WITH_NVME, WITHOUT_NVME, WITH_LOADER_FORCE_LE
have been needed since they were added.
2018-10-21 06:33:35 +00:00
Ed Maste
fc191b1111 Introduce src.conf knob to build userland with retpoline
WITH_RETPOLINE enables -mretpoline vulnerability mitigation in userland
for CVE-2017-5715.

Reported by:	Peter Malcom
Reviewed by:	markj
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17421
2018-10-21 00:27:59 +00:00
Ed Maste
25569cea2b Do not remove ld man page if lld is enabled and binutils is not
Reported by:	Mark Millard
Approved by:	re (gjb)
Sponsored by:	The FreeBSD Foundation
2018-09-25 18:54:18 +00:00
Brooks Davis
5b87c94a46 Only enable HyperV support by default on x86.
Without this we get spurious output during boot as we try to run
nonexistant HyperV scripts on non-x86 models.

Reviewed by:	kib
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D17211
2018-09-18 16:06:24 +00:00
Ed Maste
e6f0c1bba2 Add WITHOUT_REPRODUCIBLE_BUILD description
Approved by:	re (gjb)
Sponsored by:	The FreeBSD Foundation
2018-09-13 14:53:42 +00:00
Ed Maste
3efdd5800f Remove strings from OptionalObsoleteFiles.inc
Since r326030 strings is installed unconditionally so should not be
removed when WITHOUT_TOOLCHAIN is set.

Reported by:	Dan McGregor
Approved by:	re (kib)
Sponsored by:	The FreeBSD Foundation
2018-09-07 23:12:17 +00:00
Warner Losh
c0386fa3af Put building of drm and drm2 modules behind options.
Make the building of drm dependent on MK_MODULE_DRM and the building
of module drm2 on MK_MODULE_DRM2. The defaults are unchanged.

Approved by: re@ (gjb)
Differential Review: https://reviews.freebsd.org/D16894
2018-08-28 14:46:49 +00:00
Kyle Evans
8369ba427a libbe(3)/bectl(8): Make consistent with beadm
vermaden (maintainer of beadm) points out the following inconsistencies:
- "missing command" is not printed prior to usage if the error is simply a
   missing command; this should be obvious from the context
- "bectl rename" isn't using the "don't unmount" flag (zfs rename -u), so
   the active BE can't be renamed. It doesn't make sense in our context to
   *not* use -u, so use it.

Documentation updates reflect the above and note an inconsistency with the
'destroy' command that is consistent with other parts of the base system.

A fix for libbe(3) not properly being installed to /lib is included.
SHLIBDIR should have been added when it was moved in r337995.

Approved by:	re (kib)
2018-08-24 20:44:58 +00:00
Kyle Evans
d7f41421d2 Remove hyper-v leftovers when WITHOUT_HYPERV is set
hv_vss_daemon was missed.

Submitted by:	Oliver Pinter
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D16811
2018-08-23 18:06:31 +00:00
Kyle Evans
ea8b116b32 Remove ZFS leftovers when WITHOUT_ZFS is set
Submitted by:	Oliver Pinter
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D16810
2018-08-23 02:14:39 +00:00
Alex Richardson
cd4d034fd6 Relax the check added in 338096
Checking for any include below ${SRCTOP}/sys is too strict and breaks
e.g. mkimg which includes sys/sys/disk. ABI issues will only be caused
by including headers in sys/sys since they might not match the host.

Approved By:	jhb (mentor)
Suggested By:	imp
2018-08-21 16:52:14 +00:00
Alex Richardson
2f0437dab1 Fix -DWITHOUT_AUTO_OBJ build of rescue after r338096
Approved By:	jhb (mentor)
2018-08-21 09:35:56 +00:00
Alex Richardson
4acc8a67ba Don't create directories in ${WORLDTMP}/legacy with mtree
This has two advantages:
1) We no longer create lots of empty directories that are not needed
2) This is a requirement for building on non-FreeBSD hosts since mtree will
only exist after the bootstrap-tools phase there.

Aproved By:	jhb (mentor)
Differential Revision: https://reviews.freebsd.org/D16773
2018-08-20 10:39:53 +00:00
Alex Richardson
958dc017a7 Avoid depending on system headers from the source tree during bootstrap
This can cause surprising errors if the build tools is built against
headers that don't match the host system. It is also required in order
to allow building on non-FreeBSD systems where the headers in
/usr/include/sys are usually completely incompatible with those in the
source tree.

I added an error to Makefile.boot if this is done and found this was
only the case in libnv. With this error in the Makefile ABI breakages
such as r336019 should no longer be possible.

Reviewed By:	bdrewery, kevans
Approved By:	jhb (mentor)
Differential Revision: https://reviews.freebsd.org/D16186
2018-08-20 10:39:42 +00:00
Dimitry Andric
89edb881e6 Add optional LLVM BPF target support
BPF (eBPF) is an independent instruction set architecture which is
introduced in Linux a few years ago. Originally, eBPF execute
environment was only inside Linux kernel. However, recent years there
are some user space implementation (https://github.com/iovisor/ubpf,
https://doc.dpdk.org/guides/prog_guide/bpf_lib.html) and kernel space
implementation for FreeBSD is going on
(https://github.com/YutaroHayakawa/generic-ebpf).

The BPF target support can be enabled using WITH_LLVM_TARGET_BPF, as it
is not built by default.

Submitted by:	Yutaro Hayakawa <yhayakawa3720@gmail.com>
Reviewed by:	dim, bdrewery
Differential Revision: https://reviews.freebsd.org/D16033
2018-08-09 21:28:31 +00:00
Will Andrews
16702050ac beinstall: perform pre-installworld steps.
Since all post-installkernel steps are assumed to operate in the updated
installation, it's necessary to chroot all of the followup steps in the new
boot environment.  Set up and mount the source and object directories at the
same paths inside the BE root, and clean up to the extent changes were made.
This commit fixes upgrading using beinstall past the new ntpd user change.

Improve testability of changes to this script while I'm here.

Reported by:	rpokala (earlier patch)
2018-07-29 01:44:26 +00:00
Eitan Adler
fc3bfe916e tools/build/beinstall.sh: Use some slightly better shell syntax; reduce duplication
This is is a first pass at improving the be installer.

Reviewed By: will
Differential Revision: https://reviews.freebsd.org/D16081
2018-07-28 00:33:40 +00:00
Konstantin Belousov
abbe7d5acd Move mostly useless examples binaries from OFED, as well as the Subnet
Manager, under the new option WITH_OFED_EXTRA, disabled by default.

Reviewed by:	bdrewery, hselasky (previous version)
Sponsored by:	Mellanox Technologies
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D16230
2018-07-20 23:52:11 +00:00
Warner Losh
fe5e6b2c56 Remove three stray instances of zfsloader. 2018-07-20 05:26:14 +00:00
Alex Richardson
8d14ced6ea Fix buildworld on FreeBSD 10
Since r336126 we depend on explicit_bzero() for the libmd
bootstrap. Add it to -legacy if it is not found in /usr/include/strings.h.

Reviewed By:	ian
Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D16245
2018-07-16 11:03:05 +00:00
Alex Richardson
63889bbde0 No longer install sys/nv.h and sys/cnv.h in lib/libnv/Makefile
Use tools/build/Makefile to install the headers into ${WORLDTMP}/legacy
instead. Compared to r336026 this has the minor advantage that it avoids
unncessary header installation when building the non-bootstrap libnv.

Reviewed By:	bdrewery, kevans
Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D16187
2018-07-16 10:57:26 +00:00
Sean Bruno
6f077571b9 WITHOUT_SERVICESDB:
Add src.conf knob to disable the installation of /var/db/services.db

Default to leaving services.db in place, but allow the removal of the
file and its creation with a src.conf knob.

This file ends up being 2MB in size.  For small systems this is a waste
of space but its a tradeoff.

Reviewed by:	bdrewery
Differential Revision:	https://reviews.freebsd.org/D9655
2018-07-04 17:18:35 +00:00
Will Andrews
7d4a3185c9 beinstall: enable use with git worktrees. 2018-07-01 01:09:52 +00:00
Dimitry Andric
55458465af More follow-up to r335799 (llvm/clang 6.0.1 update), where I forgot to
update mtree files, ObsoleteFiles and a number of other paths.  Sorry
about all the breakage.

Pointy hat to:	me
MFC after:	2 weeks
X-MFC-With:	r335799
2018-06-30 15:03:22 +00:00
Bryan Drewery
a596558607 Push users towards LLVM_TARGET_ALL.
MFC after:	1 week
2018-06-27 17:13:36 +00:00
Bryan Drewery
eed6d55d26 Clang: Only build needed target for bootstrap compiler.
This will disable the new LLVM_TARGET_ALL option which will only
enable the required target.

This only impacts the bootstrap compiler in WORLDTMP, not the target compiler
that will be installed.

MFC after:	2 weeks
Reviewed by:	sbruno, dim (earlier version)
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D16021
2018-06-27 16:57:56 +00:00
Bryan Drewery
631e709f2b Add LLVM_TARGET_ALL option.
LLVM_TARGET_* will auto be set based on LLVM_TARGET_ALL and MK_CLANG.

If LLVM_TARGET_ALL is disabled, during a cross-build, then SYSTEM_COMPILER
and SYSTEM_LINKER are auto disabled.

This option should be used by users rather than the per-arch LLVM_TARGET
options as it is simpler to maintain for them should the supported
target list change.

MFC after:	2 weeks
Reviewed by:	sbruno, dim
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D16020
2018-06-27 16:57:51 +00:00
Dimitry Andric
cbafd2630b Add support for selectively enabling LLVM targets
This makes it possible, through src.conf(5) settings, to select which
LLVM targets you want to build during buildworld.  The current list is:

* (WITH|WITHOUT)_LLVM_TARGET_AARCH64
* (WITH|WITHOUT)_LLVM_TARGET_ARM
* (WITH|WITHOUT)_LLVM_TARGET_MIPS
* (WITH|WITHOUT)_LLVM_TARGET_POWERPC
* (WITH|WITHOUT)_LLVM_TARGET_SPARC
* (WITH|WITHOUT)_LLVM_TARGET_X86

To not influence anything right now, all of these are on by default, in
situations where clang is enabled.

Selectively turning a few targets off manually should work.  Turning on
only one target should work too, even if that target does not correspond
to the build architecture.  (In that case, LLVM_NATIVE_ARCH will not be
defined, and you can only use the resulting clang executable for
cross-compiling.)

I performed a few measurements on one of the FreeBSD.org reference
machines, building clang from scratch, with all targets enabled, and
with only the x86 target enabled.  The latter was ~12% faster in real
time (on a 32-core box), and ~14% faster in user time.  For a full
buildworld the difference will probably be less pronounced, though.

Reviewed by:	bdrewery
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D11077
2018-06-22 15:00:00 +00:00
Kyle Evans
6a75ef5817 Don't remove loader.conf(5) when built WITHOUT_FORTH
The new stand/ structure installs loader.conf(5) and defaults/loader.conf
regardless of interpreter. The only thing gating installation now is
MK_BOOT.

Reported by:	eadler
2018-06-21 05:28:00 +00:00
Bryan Drewery
a7d84af890 Add WITH_SYSTEM_LINKER, on by default, that avoids building lld when possible.
This works similar to WITH_SYSTEM_COMPILER added in r300354.  It only
supports lld via WITH_LLD_BOOTSTRAP.

When both SYSTEM_COMPILER and SYSTEM_LINKER logic passes then libclang
will not build in cross-tools.  If either check fails though then
libclang is built.

The .info is reworked to notify when libclang will be built since if
either clang or lld needs to be rebuilt, but not the other, the
notification can lead to confusion on why "clang is building".

-fuse-ld= is not used with this method so some combinations of compiler
and linker are expected to fail.

A new 'make test-system-linker' target is added to see the logic results.

Makefile.inc1:
  CROSS_BINUTILS_PREFIX support had to be moved higher up so that XLD
  could be set and MK_LLD_BOOTSTRAP disabled before checking SYSTEM_LINKER
  logic as done with SYSTEM_COMPILER.  This also required moving where
  bsd.linker.mk was read since XLD needs to be set before parsing it.  This
  creates a situation where src.opts.mk can not test LINKER_FEATURES or
  add LLD_BOOTSTAP to BROKEN_OPTIONS.

Reviewed by:	emaste (earlier version)
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D15894
2018-06-20 16:10:14 +00:00
Sean Bruno
01cebb69be MK_EFI - Add uefisign and friends to this knob and ensure that we don't
try to build them if MK_OPENSSL is unset.

Reviewed by:	emaste imp kevans
Sponsored by:	Limelight Networks
Differential Revision:	https://reviews.freebsd.org/D15211
2018-06-19 21:07:25 +00:00
Ed Maste
d87ef77d0f Remove objcopy from BINUTILS option descriptions
As of r306649 objcopy is always ELF Tool Chain's elfcopy; binutils
objcopy is never used.

PR:		229046
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2018-06-15 16:18:39 +00:00
Sean Bruno
cd13477791 WITHOUT_NLS cleanup of more empty dirs.
Reviewed by:	emaste
Sponsored by:	Limelight Networks
Differential Revision:	https://reviews.freebsd.org/D15626
2018-06-12 19:26:25 +00:00
Dimitry Andric
a805648634 Add missed libc++ entries to (Optional)ObsoleteFiles.inc
Some of these were removed during the libc++ 5.0.0 import, others were
added in the libc++ 6.0.0 import.

MFC after:	3 days
2018-06-09 17:40:31 +00:00
Baptiste Daroussin
30dc95029e Remove NLS support from BSD grep
GNU grep as in actually in base does not have any translations support
compiled in, so no functionnality loss.

We do support 193 locales in base, we will never catch up on that number of
translation with bsd grep.

Removing NLS support make bsd grep consistent with the other binaries in base
which are not translated, and also reduce a little bit the code.

Reviewed by:	kevans
Approved by:	kevans
Discussed with:	kevans @BSDCan
Differential Revision:	https://reviews.freebsd.org/D15682
2018-06-06 23:12:35 +00:00
Eitan Adler
b1a0e564ed src.conf: use more natural language for @generated
Requested by:	emaste
2018-05-26 21:14:49 +00:00
Rebecca Cran
13daedc0b7 Remove extra space before parenthesis in src.conf(5)
Reviewed by:	eadler
Differential Revision:	https://reviews.freebsd.org/D15528
2018-05-25 01:38:59 +00:00
Eitan Adler
f3e32074e0 Add missing file for WITH{OUT}_BSDINSTAL
PR:		227805
Submitted by:	Dmitry Wagin <dmitry.wagin@ya.ru>
2018-05-23 09:02:31 +00:00
Eitan Adler
0db9a543bc Add the text '@generated' to src.conf.5
This is a cross-tool approach to identifying generated code. Some tools,
notably phabricator, handle this marker specially.  See
https://reviews.freebsd.org/differential/diff/42870/ for such an
example.
2018-05-23 03:41:22 +00:00
Sevan Janiyan
56d8180e2d Typo
Submitted by:	jrm@
Approved by:	bcr (mentor)
Differential Revision:	https://reviews.freebsd.org/D14836
2018-05-13 22:58:40 +00:00
Dag-Erling Smørgrav
b70d78d6e8 Rename all Unbound binaries and man pages from unbound* to local-unbound*.
PR:		222902
2018-05-12 17:10:36 +00:00
Kyle Evans
a2584d1b34 bsdgrep: annihilate our in-tree TRE, previously disabled by default
It was an old TRE that had plenty of bugs and no performance gain over
regex(3). I disabled it by default in r323615, and there was some confusion
about what the knob does- likely due to poor naming on my part- to the tune
of "well, it sounds like it should speed things up" (mentioned by multiple
people).

To compound this, I have no intention of maintaining a second regex
implementation. If someone would like to step up and volunteer to maintain a
lean-and-mean implementation for grep, this is OK, but we have very few
volunteers to maintain even our primary regex implementation.
2018-05-04 03:13:25 +00:00