/usr/freebsd-dist is used used by various programs as the location for
FreeBSD distribution files. In-tree programs following this convention
are bsdinstall(8) and release(7).
Reviewed by: Pau Amma <pauamma@gundo.com>
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D34552
Define a place for sysroot trees to live. This assumes they come from
the base in some way, though there's not yet a build/install/etc sysroot
target. Include the FreeBSD version so multiple verrsions can be
installed on one system (it also includes the whole uname version, so
one could, in theory, install variants like CheriBSD or whatever on the
same system as FreeBSD). Use MACHINE.MACHINE_ARCH to be consistent with
the release practices, /usr/obj and other naming conventions.
Sponsored by: Netflix
Reviewed by: brooks
Differential Revision: https://reviews.freebsd.org/D33754
With the meta-build, it's always a NO_CLEAN build. Provide a way to
remove so one can rebuild from scratch. 'cleankernel' will delete the
kernel and modules object directories. Document this in build(7).
Sponsored by: Netflix
Reviewed by: debdrup, markj
Differential Revision: https://reviews.freebsd.org/D32978
The approach taken by the stack gap implementation was to insert a
random gap between the top of the fixed stack mapping and the true top
of the main process stack. This approach was chosen so as to avoid
randomizing the previously fixed address of certain process metadata
stored at the top of the stack, but had some shortcomings. In
particular, mlockall(2) calls would wire the gap, bloating the process'
memory usage, and RLIMIT_STACK included the size of the gap so small
(< several MB) limits could not be used.
There is little value in storing each process' ps_strings at a fixed
location, as only very old programs hard-code this address; consumers
were converted decades ago to use a sysctl-based interface for this
purpose. Thus, this change re-implements stack address randomization by
simply breaking the convention of storing ps_strings at a fixed
location, and randomizing the location of the entire stack mapping.
This implementation is simpler and avoids the problems mentioned above,
while being unlikely to break compatibility anywhere the default ASLR
settings are used.
The kern.elfN.aslr.stack_gap sysctl is renamed to kern.elfN.aslr.stack,
and is re-enabled by default.
PR: 260303
Reviewed by: kib
Discussed with: emaste, mw
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33704
This cipher is a wrapper around the ChaCha20-Poly1305 AEAD cipher
which accepts a larger nonce. Part of the nonce is used along with
the key as an input to HChaCha20 to generate a derived key used for
ChaCha20-Poly1305.
This cipher is used by WireGuard.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33523
Information in this document is unchanged between 11.x and 12.x, but
this is intended to be a quick reference for supported architectures.
Also bump .Dd to cover recent changes including MIPS deprecation.
Sponsored by: The FreeBSD Foundation
With MIPS' retirement we now have more discontinued architectures than
supported ones, making the table somewhat unclear. Split the table in
two.
Reviewed by: allanjude
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33110
This is useful for WireGuard which uses a nonce of 8 bytes rather
than the 12 bytes used for IPsec and TLS.
Note that this also fixes a (should be) harmless bug in ossl(4) where
the counter was incorrectly treated as a 64-bit counter instead of a
32-bit counter in terms of wrapping when using a 12 byte nonce.
However, this required a single message (TLS record) longer than 64 *
(2^32 - 1) bytes (about 256 GB) to trigger.
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32122
Permit nonces of lengths 7 through 13 in the OCF framework and the
cryptosoft driver. A helper function (ccm_max_payload_length) can be
used in OCF drivers to reject CCM requests which are too large for the
specified nonce length.
Reviewed by: sef
Sponsored by: Chelsio Communications, The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32111
While here, fix all links to older en_US.ISO8859-1 documentation
in the src/ tree.
PR: 255026
Reported by: Michael Büker <freebsd@michael-bueker.de>
Reviewed by: dbaio
Approved by: blackend (mentor), re (gjb)
MFC after: 10 days
Differential Revision: https://reviews.freebsd.org/D30265
Follow-up to the removal of the mcov from kernel.
Noted by: mckusick
Reviewed by: mckusick
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D29563
truncate(1) is not case-sensitive with regard to setting the size
of a file. makefs(8), however, does not honor upper-case values.
Update release-specific files and the release(7) manual page to
reflect this.
MFC with: 1ca8842f3a
Submitted by: ehem_freebsd_m5p.com (original)
Differential Review: https://reviews.freebsd.org/D28979
Sponsored by: Rubicon Communications, LLC ("Netgate")
We now live in the world of git, and release(7) should reflect that.
As of the commit referenced below, release images also no longer
include (stale) documentation, as the documentation has moved to
AsciiDoctor. This means that a few environment variables no longer
make sense, so remove them from their sections and mention them in
the compatibility section instead.
While here, also pet mandoc.
PR: 253615
MFC after: 3 days
MFC with: f61e92ca5a release: permanently remove the 'reldoc'
target and associates
Reviewed by: gjb, lwhsu, yuripv
Differential Revision: https://reviews.freebsd.org/D28881
Add /var/run/bhyve/ to BSD.var.dist so we don't have to call mkdir when
creating the unix domain socket for a given bhyve vm.
The path to the unix domain socket for a bhyve vm will now be
/var/run/bhyve/vmname instead of /var/run/bhyve/checkpoint/vmname
Move BHYVE_RUN_DIR from snapshot.c to snapshot.h so it can be shared
to bhyvectl(8).
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D28783