After calling the cap_init(3) function Casper will fork from it's original
process, using pdfork(2). Forking from a process has a lot of advantages:
1. We have the same cwd as the original process.
2. The same uid, gid and groups.
3. The same MAC labels.
4. The same descriptor table.
5. The same routing table.
6. The same umask.
7. The same cpuset(1).
From now services are also in form of libraries.
We also removed libcapsicum at all and converts existing program using Casper
to new architecture.
Discussed with: pjd, jonathan, ed, drysdale@google.com, emaste
Partially reviewed by: drysdale@google.com, bdrewery
Approved by: pjd (mentor)
Differential Revision: https://reviews.freebsd.org/D4277
I previously disconnected kgzdr based on a misunderstanding.
I'd still like to transition to supporting only the loader(8)-based
boot path for handling compressed kernels, but that can follow the
standard deprecation procedure.
This reverts r291113.
Requested by: dteske
This is not properly respecting WITHOUT or ARCH dependencies in target/.
Doing so requires a massive effort to rework targets/ to do so. A
better approach will be to either include the SUBDIR Makefiles directly
and map to DIRDEPS or just dynamically lookup the SUBDIR. These lose
the benefit of having a userland/lib, userland/libexec, etc, though and
results in a massive package. The current implementation of targets/ is
very unmaintainable.
Currently rescue/rescue and sys/modules are still not connected.
Sponsored by: EMC / Isilon Storage Division
- Support more of the toolchain from TOOLSDIR.
- This also improves 'make bootstrap-tools' to pass, for example,
AS=/usr/bin/as to Makefile.inc1, which will tell cross-tools to use
external toolchain support and avoid building things we won't be using
in the build.
- Always set the PATH to contain the staged TOOLSDIR directories when
not building the bootstrap targets.
The previous version was only setting this at MAKE.LEVEL==0 and if the
TOOLSDIR existed. Both of these prevented using staged tools that were
built during the build though as DIRDEPS with .host dependencies, such
as the fix for needing usr.bin/localedef.host in r291311.
This is not a common tool so we must build and use it during the build,
and need to be prepared to change PATH as soon as it appears.
This should also fix the issue of host dependencies disappearing from
Makefile.depend and then reappearing due to the start of the fresh build not
having the directory yet, resulting in the tools that were built not actually
being used.
- Only use LEGACY_TOOLS while building in Makefile.inc1. After r291317
and r291546 there is no need to add LEGACY_TOOLS into the PATH for
the pseudo/targets/toolchain build.
- Because the pseudo/targets/toolchain will now build its own
[clang-]tblgen, the special logic in clang.build.mk is no longer needed.
- LEGACY_TOOLS is no longer used outside of targets/pseudo/bootstrap-tools
so is no longer passed into the environment in its build.
Sponsored by: EMC / Isilon Storage Division
toolchain.
This change prevents building of [clang-]tblgen, which is unneeded due
to already being a host dependency where needed for
targets/pseudo/toolchain.
Sponsored by: EMC / Isilon Storage Division
Now that OBJTOP is assumed to be proper, it needs to be overridden for
the bootstrap-tools phase to ensure it is not kept as the top-level
OBJTOP. Otherwise the libraries were not found during the
bootstrap-tools phase.
Sponsored by: EMC / Isilon Storage Division
The main problem was bitrot after elftoolchain being swapped in for the
GNU toolchain.
This also reworks how the list of 'host allowed' libraries is determined
to only allow INTERNALLIBs, which is needed for libelftc to come in.
For usr.bin/readelf use the same hack, as libelf and libdward, to bring in
the needed sys/ headers for host builds. This has not yet been a problem due
to readelf not being built as a host tool in buildworld. This is possible
in the meta build though when building the toolchain.
Sponsored by: EMC / Isilon Storage Division
This is just as Makefile.inc1 does it for these phases. Otherwise some
of the build tools are not found and used properly, such as 'make-roken'
in the kerberos5 build on older releases.
Sponsored by: EMC / Isilon Storage Division
For this case, the normal META MODE staging logic should be used. The
BSARGS having DESTDIR= is due to Makefile.inc1 overriding DESTDIR to
something when appropriate. For the toolchain stage META MODE is in charge of
it, not Makefile.inc1.
At least include/, if staging it to the host stagedir, was impacted from
this. Staging of include.host is not yet done.
Sponsored by: EMC / Isilon Storage Division
This both avoids some dependencies on xinstall.host and allows
bootstrapping on older releases to work due to lack of at least 'install -l'
support.
Sponsored by: EMC / Isilon Storage Division
The option was added only to ease the transition from GNU Binutils to
ELF Tool Chain tools, and that process is now complete (for the viable
replacements). Noting the removal in UPDATING is sufficient as we have
not shipped a release with the option.
Reviewed by: brooks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D3240
This target mainly exists to help check things build.
Eventually targets that build real packages or images will be more
important.
As such move the pseudo targets that only exist for the benefit of
'userland' to under it.