Commit Graph

7816 Commits

Author SHA1 Message Date
Colin Percival
b55bb76366 Only install amazon-ssm-agent into amd64 AMIs.
This package does not exist on aarch64 at present.
2019-03-20 07:24:21 +00:00
Colin Percival
01b7329605 Pass --arm64 to bsdec2-image-upload when building ARM64 AMIs.
Future commits will allow the resulting EC2 AMIs to actually boot and
be usable.
2019-03-20 07:19:09 +00:00
Colin Percival
827e6ec07d Fix sed script to insert Amazon NTP server into ntp.conf once rather
than twice.

Reported by:	Rafal Lukawiecki
MFC after:	1 week
2019-02-19 23:24:39 +00:00
Emmanuel Vadot
90b924a12e release: arm64: pine64-lts: Use the newly created u-boot-pine64-lts port
In U-Boot 2019.01 there is now a config for this board, use it for the
release image.

MFC after:	1 week
2019-02-04 18:30:47 +00:00
Emmanuel Vadot
ee8a8076a2 release: arm64: rpi3: Install the RPI3B+ DTB file
We should use the correct DTB file otherwise the firmware uses
the RPI3B one.

MFC after:	1 week
2019-02-04 18:29:23 +00:00
Colin Percival
8cb623ce6e Turn off ec2_ephemeralswap for now
This script broke around FreeBSD 11.0 as a result of SWAPMETA no longer
being reported by vmstat -z; but it also needs to be reworked due to the
arrival in EC2 of nvme ephemeral disks.

I'll turn this option back on after I've found time to rewrite the
script in question.

PR:		234686
Reported by:	meta@
MFC after:	1 week
2019-01-09 03:55:25 +00:00
Glen Barber
252373ac4c Escape a new line following r342283.
Sponsored by:	The FreeBSD Foundation
2019-01-02 16:22:33 +00:00
Rebecca Cran
db8b561345 Rework UEFI ESP generation
Currently, the installer uses pre-created 800KB FAT12 filesystems that
it dd's onto the ESP partition.
This changeset improves that by having the installer generate a FAT32
filesystem directly onto the ESP using newfs_msdos and then copying
loader.efi into /EFI/freebsd.
For live installs it then runs efibootmgr to add a FreeBSD boot entry
in the BIOS.

Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D17947
2018-12-20 19:39:37 +00:00
Ed Maste
eacff37a61 Remove setting of long-unused MK_NCP option
NCP was removed from the tree in 2013 (r248097) and disconnected some
time before.

Reported by:	bz
Sponsored by:	The FreeBSD Foundation
2018-12-20 15:53:27 +00:00
Yuri Pankov
709bc7e0c1 mkisoimages.sh: don't use -p flag when copying loader.efi to msdosfs.
This fixes 'cdrom' target in the case when world was built by user,
and not root.

Reviewed by:	imp
Differential revision:	https://reviews.freebsd.org/D18414
2018-12-03 22:31:57 +00:00
Emmanuel Vadot
d6c31218b6 release: arm64: Add opp dtbo to PINE* boards
MFC after:	1 month
2018-11-29 22:36:36 +00:00
Glen Barber
6b26cacc52 Fix NTP query on GCE due to unresolved hostname.
PR:		232456
Submitted by:	Lucas Kanashiro
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2018-11-26 17:00:39 +00:00
Emmanuel Vadot
9848333b6c release: arm64: Add PINEBOOK config
Add a configuration for PINEBOOK image.
Pinebook is a arm64 laptop based on a Pine64 board.

Since the usb trackpad need a quirk, add a common function for adding
quirk for arm board.
A default one is supplied as most board to not need quirks.

Reviewed by:	gjb
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D18337
2018-11-26 16:38:39 +00:00
Glen Barber
8643808a68 In followup to r340406, remove doc from the EXTRA_DISTRIBUTIONS
list and remaining references from the script used to create the
MANIFEST file used by bsdinstall(8).

No MFC is planned at this time.

Sponsored by:	The FreeBSD Foundation
2018-11-13 19:53:02 +00:00
Glen Barber
35f6972e41 The roff ascii.gz documentation installed to /usr/share/doc
was removed in r318881 when roff was removed from the base
system.

This results in the doc.txz distribution set containing a
single directory (./) which is empty.

Remove the "Additional documentation" option from the menu
selection of bsdinstall(8), as the plain-text documentation
installed in /usr/share/doc is installed as part of the
packageworld target.

The doc entry has not been removed from EXTRA_DISTRIBUTIONS
in Makefile.inc1, in case its removal triggers an issue with
freebsd-update(8), which is currently aware of the world/doc
component, so the empty doc.txz continues to be created as
a precaution.

Noticed by:	rgrimes
MFC after:	2 days
MFC before:	12.0-RC1
Sponsored by:	The FreeBSD Foundation
2018-11-13 19:51:22 +00:00
Glen Barber
0434c14c14 Pass _BRANCH in the reldoc target to ensure the correct
src branch is used when generating the hardware.html page.

MFC after:	3 days
MFC before:	12.0-BETA3
MFC with:	r339873
Sponsored by:	The FreeBSD Foundation
2018-10-29 21:03:43 +00:00
Glen Barber
4de042ec89 Set OPTIONS_UNSET in the argument list to env(1), and add
AVAHI to the list.  This fixes the textproc/docproj build
seemingly following FLAVORS being added.

Specifically, the problem with the dependency chain here is:
- textproc/docproj depends on print/cups, which sets AVAHI=on
  by default;
- net/avahi-app depends on devel/gobject-introspection, which
  requires python3+;
- graphics/netpbm depends on graphics/mesa-libs, which can
  only be built with python2.7;
- textproc/docproj depends on a number of graphics ports for
  font rendering, etc.

MFC after:	3 days
MFC before:	12.0-BETA3
Sponsored by:	The FreeBSD Foundation
2018-10-29 20:53:05 +00:00
Glen Barber
d4e77c31a2 Reduce the GCE image size to 27G to be lower than the free
quota limit.

PR:		232313
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2018-10-24 15:51:55 +00:00
Glen Barber
8c14a4095d Add debug.witness.trace=0 back to the installer sysctl.conf(5),
incorrectly removed from head when it should have been removed
from stable/12 post-branch.

Reported by:	bdrewery
Sponsored by:	The FreeBSD Foundation
2018-10-23 14:38:08 +00:00
Ed Maste
a7d9306a40 release: set -e to exit on error in iso image scripts
Reviewed by:	gjb
Differential Revision:	https://reviews.freebsd.org/D17651
2018-10-22 19:39:20 +00:00
Glen Barber
b958317950 - Update head to 13.0-CURRENT.
- Bump MACHINE_TRIPLE, TARGET_TRIPLE, FBSD_MAJOR, FBSD_CC_VER,
  FREEBSD_CC_VERSION, OS_VERSION.
- Update comment in UPDATING regarding debugging options.
- Remove debug.witness.trace=0 from installation media.
- Bump __FreeBSD_version.

Approved by:	re (implicit)
Sponsored by:	The FreeBSD Foundation
2018-10-19 00:37:47 +00:00
Kyle Evans
6e49372ee0 Disable kernels_autodetect on installation media
This feature is disabled on install media as these generally won't have any
interesting kernels to be listed other than the default kernel, so the
potential performance penalty in these situations likely isn't worth it.

Approved by:	re (kib)
2018-10-11 17:18:49 +00:00
Glen Barber
e4a1a705bb Add graphics/drm-legacy-kmod and graphics/drm-stable-kmod to the
list of packages to include on the dvd installer.

Approved by:	re (marius, rgrimes)
Sponsored by:	The FreeBSD Foundation
2018-10-10 19:57:10 +00:00
Glen Barber
8046db8b49 Fix the hardware.{txt,html} build in the release/Makefile 'reldoc'
target.

The doc/share/mk/doc.commands.mk sets SVN to /usr/local/bin/svn
by default, which is not necessarily installed by the documentation
project textproc/docproj port.

Ensure SVN can be evaluated properly to include the hardware pages
by iterating through /usr/local/bin and /usr/bin and looking for
both svn and svnlite binaries, and pass the SVN variable explicitly
through env(1) in the reldoc target to avoid failures if it does not
exist.

Approved by:	re (rgrimes)
Sponsored by:	The FreeBSD Foundation
2018-10-04 01:46:56 +00:00
Glen Barber
dc39aae35e Update the pkg-stage.sh script used to populate packages on the
dvd1.iso installation medium from including KDE4 to KDE5, as the
KDE4-based ports have been marked as deprecated in the Ports
Collection.

MFC after:	3 days
Approved by:	re (rgrimes)
Sponsored by:	The FreeBSD Foundation
2018-09-18 16:57:04 +00:00
Kyle Evans
9de0425ed9 release.sh: disable colors and the beastie menu for ARM/ARM64 targets
lualoader has moved to a model where the user is expected to disable color
as desired, rather than disabling it automatically for serial boots, due to
more wide-spread support for color sequences.

In a similar vain, though also to reduce special cases, lualoader no
longer disables the beastie menu automatically for !x86. This was done in
Forth land with a different loader.rc that simply didn't invoke the menu
routines, thus wasn't necessary.

This set of changes puts release images back to how they would've been
experienced prior to the switch to Lua.

Approved by:	re (rgrimes)
2018-08-30 18:00:28 +00:00
Colin Percival
a1b042f79d Disable atkbd0 and atkdbc0 in EC2 AMIs. This has the effect of skipping
the probing and attaching of the PS/2 mouse (not present on EC2) and
keyboard (emulated, but not accessible via EC2).

Note that we disable atkbd0 separately even though during device probing
it shows up as a child of atkbdc0; this is necessary because the device
is also initialized during the early console setup from hammer_time.

This change cuts the kernel boot time on an EC2 c5.4xlarge instance from
7259ms down to 4727 ms.

Approved by:	re (marius)
2018-08-26 03:56:54 +00:00
Emmanuel Vadot
eeab916dad release: arm64: Enable overlays for PINE64 and PINE64-LTS
Approved by:	re (gjb)
2018-08-24 15:01:58 +00:00
Emmanuel Vadot
66e380123e release: arm: Setup overlays if board config defines some
Approved by:	re (gjb)
2018-08-24 15:01:22 +00:00
Colin Percival
7ac2ecc0af Quieten the svn (or svnlite) commands used to extract information from an
SVN checkout for placement into an EC2 AMI.  We only run these if there
is a .svn directory; but in the event that SVN was used to check out a
tree which is then exported over NFS, we were unnecessarily noisy.

Reported by:	Andrey Fesenko
MFC after:	3 days
X-MFC-With:	r336420, r336433, r336593, r336621,
		r336622, r336624, r337394, r337401
2018-08-21 15:30:47 +00:00
Warner Losh
3e6e16b4da Copy the boot loader from the new location for the co-existing
loaders.

Reviewed by: gjb@
2018-08-17 20:41:50 +00:00
Roger Pau Monné
2502c66bbd build: skip the database check when generating install media
There are several scripts and targets solely used to generate install
media, make sure DB_FROM_SRC is used in that case in order to prevent
checking the host database, which is irrelevant when generating
install binaries.

Sponsored by:		Citrix Systems R&D
PR:			230459
Reviewed by:		gjb
Differential revision:	https://reviews.freebsd.org/D16638
2018-08-17 07:27:15 +00:00
Glen Barber
024b984d17 Add a space between a variable and escaped new line.
MFC after:	3 days
MFC with:	r337717
Sponsored by:	The FreeBSD Foundation
2018-08-13 17:24:31 +00:00
Glen Barber
f75f16f8a7 Add lang/python2, lang/python3, and lang/python to GCE images
to help avoid hard-coding 'python<MAJOR>.<MINOR>' in several
scripts in the client-side scripts.

PR:		230248
MFC after:	3 days
Submitted by:	gustavo.scalet@collabora.com
Sponsored by:	The FreeBSD Foundation
2018-08-13 17:23:43 +00:00
Glen Barber
6ac4304a0f Invoke the growfs rc script for each boot on GCE.
PR:		230275
Submitted by:	gustavo.scalet@collabora.com
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2018-08-09 23:43:10 +00:00
Glen Barber
0366e18e5a Update and replace old rc daemons for GCE images.
PR:		229000
Submitted by:	helen.koike@collabora.com
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2018-08-09 23:31:18 +00:00
Colin Percival
4222a490f2 Fix copy-and-paste error in previous commit. 2018-08-07 00:51:49 +00:00
Colin Percival
a7ec419d93 Add EC2PUBLICSNAP option to EC2 builds; this passes a (recently added)
flag to bsdec2-image-upload instructing it to mark the snapshot of its
root disk as public (which is independent from marking the created AMIs
as public).

Requested by:	Amazon
2018-08-06 19:21:32 +00:00
Emmanuel Vadot
7b7dbfa9b3 release: arm: Copy the dtb to the fat partition
When booting via EFI on arm we have no way to know the dtb file to load
and we always use the one provided from the bootloader.
This works in most case but :

 U-Boot have some really old DTB for some boards, the sync from Linux isn't done automatically for all boards
 Some boards (like TI BeagleBone series) use one u-boot for all the model and it doesn't embed the DTBs
 Some boards (like IMX6 based ones), don't embed the DTB

We want u-boot to load and patch the DTB with the mac address or the display
node enabled or not.

Reviewed by:	gjb, imp
Differential Revision:	https://reviews.freebsd.org/D16596
2018-08-06 17:21:20 +00:00
Glen Barber
768a8d8d44 Fix the ftp-stage target for arm embedded builds.
The images were renamed from KERNCONF to BOARDNAME when
specified, which would result in an image name of:

 12.0-CURRENT-arm-armv7-GENERIC.img

which would then be renamed to use the BOARDNAME for the
SoC the image is targeted to use.  BOARDNAME was specified
for all images as of r336994, which now causes the ftp-stage
target to fail, as the rename is no longer necessary.

Sponsored by:	The FreeBSD Foundation
2018-08-02 18:51:44 +00:00
Emmanuel Vadot
5a88ea3214 release: arm64: Add PINE64-LTS configuration file
Pine64 isn't produced anymore but Pine64-LTS is.
This image works on the LTS release and the Sopine module.

Reviewed by:	gjb
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D16487
2018-07-31 19:14:52 +00:00
Emmanuel Vadot
a8d0ee755c release: arm: Enable multicons for arm64
Since we have now EFI framebuffer enabled for ARM64 if we boot on a board
with an screen, u-boot will set up a EFI GOP framebuffer and we won't boot
using the serial console.
Also on RPI3 the firmware always setup the framebuffer area resulting in u-boot
always setup the EFI GOP and FreeBSD never using the serial console.

Reviewed by:	gjb, lwshu (previous version)
Differential Revision:	https://reviews.freebsd.org/D16472
2018-07-31 19:13:50 +00:00
Emmanuel Vadot
33bec6889a release: arm: Always boot armv6/v7 image with EFI
boot.scr is a u-boot script that loads and execute ubldr.bin
If not present u-boot will automatically boot loader.efi which
is already installed.

This means that all armv6/armv7 images are now booted via EFI

Tested-On: RPI-B
Tested-On: RPI2
Tested-On: OrangePi One
Tested-On: All lot of other boards
MFC after:	Never
Relnotes:	yes
2018-07-31 19:12:31 +00:00
Emmanuel Vadot
89f81528b3 release: Restore copy of boot.scr for some board
This is not a problem for 12-CURRENT as EFI boot works but it doesn't
for 11.
While here some board arm_install_uboot also copy ubldr.bin et create
firstboot files but it's already done in arm_install_boot

Reviewed by:	gjb
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D16481
2018-07-31 19:10:50 +00:00
Emmanuel Vadot
8608db1eb6 release: Deinstall u-boot ports before installing
FORCE_PKG_REGISTER is broken so multiple invocation of release.sh for the
same board will fails if /scratch isn't cleaned.
Leave it but deinstall the package first.

Reviewed by:	gjb
Differential Revision:	https://reviews.freebsd.org/D16513
2018-07-31 18:57:11 +00:00
Emmanuel Vadot
3d62046d67 release: arm: Use BOARDNAME in the image name
Using KERNEL made sense when all boards had different kernel configuration.
Now that all of them are using GENERIC use the board name instead

Reviewed by:	gjb
Differential Revision:	https://reviews.freebsd.org/D16512
2018-07-31 18:55:44 +00:00
Emmanuel Vadot
2e81004069 release: rpi-b: add BOARDNAME variable
Reviewed by:	gjb
Differential Revision:	https://reviews.freebsd.org/D16514
2018-07-31 18:54:06 +00:00
Emmanuel Vadot
8b66e85493 release: arm: Use GENERIC kernel for IMX6 based boards
Switch the IMX.6 based board to GENERIC the kernel config.

Reviewed by:	gjb
Differential Revision:	https://reviews.freebsd.org/D16511
2018-07-31 18:52:43 +00:00
Emmanuel Vadot
4b99ca8e4c release: arm: Add a GENERIC sdcard image
This produce a generic sdcard image using armv7 GENERIC kernel that
just need some u-boot (or none if the board have u-boot or a SPI flash
for example).

Reviewed by:	imp, gjb
Differential Revision:	https://reviews.freebsd.org/D16410
2018-07-28 20:45:36 +00:00
Conrad Meyer
858178a142 Remove insecure ciphers from GCE sshd configuration
They were added for unclear reasons in r277263.  The current OpenSSH
defaults (7.5+) are reasonable, and do not include the insecure rc4 cipher:

                   chacha20-poly1305@openssh.com,
                   aes128-ctr,aes192-ctr,aes256-ctr,
                   aes128-gcm@openssh.com,aes256-gcm@openssh.com,
                   aes128-cbc,aes192-cbc,aes256-cbc

I think I recall there being a reason for a specific list of ciphers on GCE
at the time, but I do not recall what it was, and cannot find any
current GCE documentation of such a list.

So, just revert the explicit configuration and use sane openssh defaults.

PR:		230092
Submitted by:	Gustavo Scalet <gustavo.scalet AT collabora.com>
MFC after:	3 days
Security:	yes
2018-07-28 19:35:49 +00:00