843 Commits

Author SHA1 Message Date
Pawel Jakub Dawidek
42a8595256 Please welcome casperd daemon. It (and its services) will be responsible for
giving access to functionality that is not available in capability mode
sandbox. The functionality can be precisely restricted.

Start with the following services:
- system.dns - provides API compatible to:
	- gethostbyname(3),
	- gethostbyname2(3),
	- gethostbyaddr(3),
	- getaddrinfo(3),
	- getnameinfo(3),
- system.grp - provides getgrent(3)-compatible API,
- system.pwd - provides getpwent(3)-compatible API,
- system.random - allows to obtain entropy from /dev/random,
- system.sysctl - provides sysctlbyname(3-compatible API.

Sponsored by:	The FreeBSD Foundation
2013-12-02 08:21:28 +00:00
Pawel Jakub Dawidek
2f02600abf Move my simple logging API to a separate library. It is now already used
by hastctl(8), hastd(8) and auditdistd(8) and will soon be also used
by casperd(8) and its services. There is no documentation and pjdlog.h
header file is not installed in /usr/include/ to keep it private.
Unfortunately we don't have /lib/private/ at this point, only
/usr/lib/private/, so the library is installed in /lib/.

Sponsored by:	The FreeBSD Foundation
2013-12-01 09:41:06 +00:00
Peter Wemm
091b8336ae Attempt to move the POSIX iconv* symbols out of runtime linker space.
FreeBSD systems usually implemented this as a third party module and
our implementation hasn't played as nicely with the old way as it could
have.

To that end:
* Rename the iconv* symbols in libc.so.7 to have a __bsd_ prefix.
* Provide .symver compatability with existing 10.x+ binaries that
  referenced the iconv symbols. All existing binaries should work.
* Like on Linux/glibc systems, add a libc_nonshared.a to the ldscript
  at /usr/lib/libc.so.
* Move the "iconv*" wrapper symbols to libc_nonshared.a

This should solve the runtime ambiguity about which symbols resolve
to where.  If you compile against the iconv in libc, your runtime
dependencies will be unambiguous.

Old 9.x libraries and binaries will always resolve against their
libiconv.so.3 like they did on 9.x.  They won't resolve against libc.

Old 10.x binaries will be satisified by the .symver helpers.

This should allow ports to selectively compile against the libiconv
port if needed and it should behave without ambiguity now.

Discussed with:	 kib
2013-11-17 22:52:17 +00:00
Julio Merino
5efcd27a34 Move all atf directories to the tests mtree.
This is to ensure that test-related directories don't get needlessly
created (and later deleted) when MK_TESTS=no.

Problem found by jhb@.

Approved by:	rpaulo (mentor)
2013-11-16 19:42:40 +00:00
Colin Percival
d8efce3921 Strip the -pN patch level from the VERSION string which gets encoded into
CTF data.  Otherwise FreeBSD Update builds think every kernel file has
changed every time there's a security advisory, since the FreeBSD Update
build code isn't smart enough to look inside CTF data to ignore those
changes.

Pointy hat to:	cperciva
MFC after:	1 day, or before the next BETA
2013-11-13 08:08:56 +00:00
Ian Lepore
d3109d3971 This change builds kernel tools based on the same assumption as building
the kernel itself:  If building for the same architecture as the build host,
the kernel build assumes that the host toolchain is capable of building the
kernel.  If it's not, "make kernel-toolchain" will bootstrap a new set of
tools that will work.

With this change the same assumptions are made for building kernel tools,
and the existing host toolchain is used to do the build (notably, the build
doesn't link the tools with the legacy libraries, which may not even exist).
If ever for some reason the host toolchain isn't capable of building the
kernel tools, then doing a "make kernel-toolchain" will bootstrap newer
tools to get the job done.

So when built as part of buildworld or kernel-toolchain, the kernel tools
are built using the XMAKE (via BMAKE) commands and environment.  When built
as part of building just the kernel on a same-target host, the tools are
built using the new KTMAKE commands and environment.  What doesn't jump
out at you in the diffs is that the difference between BMAKE and KTMAKE
is that BMAKE contains this magic line which changes how the build is done
because it changes what files get included for .include <bsd.prog.mk> and
other standard includes:

    MAKEFLAGS="-m ${.CURDIR}/tools/build/mk ${.MAKEFLAGS}"

and KTMAKE doesn't, and contains this instead:

    TOOLS_PREFIX=${WORLDTMP}

Hopefully this brings the "how to build aicasm with the right toolchain"
saga to a conclusion that works in all usage scenarios that have
historically been supported.
2013-11-09 00:15:36 +00:00
Julio Merino
e01d128a42 Subsume the functionality of MK_ATF into MK_TESTS.
There is no reason to keep the two knobs separate: if tests are
enabled, the ATF libraries are required; and if tests are disabled,
the ATF libraries are not necessary.  Keeping the two just serves
to complicate the build.

Reviewed by:	freebsd-testing
Approved by:	rpaulo (mentor)
2013-11-08 14:24:47 +00:00
Julio Merino
ee695f67a6 Add libatf-c++ to the prebuild libs.
Some tests may require C++ so we must ensure this library exists as part
of the bootstrap process or else they will fail to build.  Do this by
just depending on lib/atf as part of the bootstrap libraries instead of
using lib/atf/libatf-c.

Submitted by:	Garrett Cooper <yaneurabeya at gmail dot com>
Approved by:	rpaulo (mentor)
2013-11-08 14:22:16 +00:00
Julio Merino
57028ca47f Fix buildworld when WITH_TESTS is enabled.
The addition of the TESTS knob and its enabling of the build of tests in
lib/libcrypt/tests/ broke the build.  The reason is that we cannot descend
into tests/ subdirectories until all prerequisites have been built, which
in the case of tests may be "a lot of things" (libatf-c in this case).

Ensure that we do not walk tests/ directories during the bootstrapping of
the libraries as part of buildworld.

Reviewed by:	freebsd-testing
Approved by:	rpaulo (mentor)
2013-11-08 14:20:22 +00:00
Ian Lepore
6abd71b021 Build kernel tools along with other tools during world build, as well as
during kernel build (if they didn't get done with world).  This will make
-DMODULES_WITH_WORLD work, and it ensures the kernel tools are built
as part of 'make kernel-toolchain'.
2013-11-08 05:11:32 +00:00
Ian Lepore
ed39dd91b1 Instead of modeling the kernel-tools build after the bootstrap tools, build
kernel tools the way cross-tools get built.  This seems to result in the
tool getting installed in the right place.  It also seems more correct in
retrospect, because if a tool emitted code or binary data as part of
building the kernel, it should do so in target-specific ways (endianess,
architecture, whatever).  That issue is moot for aicasm, our only current
tool, but it still seems to be more correct in principle.
2013-11-07 22:50:42 +00:00
Ian Lepore
f382c38e98 Do not build aicasm with the cross-tools/kernel-toolchain, instead add a
proper kernel-tools step/target modeled after the world build-tools stuff.

This is a re-do of r257730 which was backed out in r257734, but this time
it's one byte smaller... a leftover trailing backslash resulted in a .for
loop with no rules, so no compiler stuff got built and later steps built
with the wrong toolset.
2013-11-07 04:31:21 +00:00
Glen Barber
7483233695 Revert r257730:
Make head/ buildable again, instead of spewing garbage like:
 /src/gnu/lib/csu/../../../contrib/gcc/config/rs6000/crtsavres.asm:280:
  Error: no such instruction: `lwz 28,-16(11)'
2013-11-06 04:38:49 +00:00
Ian Lepore
5da6cd4747 Do not build aicasm with the cross-tools/kernel-toolchain, instead add a
proper kernel-tools step/target modeled after the world build-tools stuff.
2013-11-06 00:32:40 +00:00
Ian Lepore
f827d58e4d Rework the aicasm build machinery so that it gets built along with toolchain
components instead of with the kernel and/or modules.  This ensures that it
gets built with the host compiler, not the compiler in obj/... used to build
the target components (which may be a cross-compiler outputting code for a
different architecture and using header files with types and options set up
for the wrong architecture).

Reviewed by:	imp
2013-11-04 15:55:04 +00:00
Xin LI
8b78b15bb7 In r257079, SRCDIR is pointed to ${.CURDIR} when not set. However,
Makefile.inc1 is being called in sub-make's where make(1) would,
by default, implicitly chdir(2) to ${.OBJDIR} before executing any
targets.  This would make some targets, like delete-old, when trying
to derive various variables introduced by change r256921 using
``make -f Makefile.inc1'' that also rely on SRCDIR to fail.

This changeset adds an explicit cd ${.CURDIR} before these unwrapped
make calls, making them in line with the other ones that are already
being wrapped with the explicit chdir's.

Tested by:	gjb
MFC after:	5 days
2013-10-29 17:46:26 +00:00
Yoshihiro Takahashi
3d2fb95abf Fix build. Both clang and gcc are required on pc98.
X-MFC with:	r256915
2013-10-29 12:34:11 +00:00
Rui Paulo
e2197f8018 Set up the /usr/tests hierarchy.
Populate /usr/tests with the only test programs that currently live
in the tree (those in lib/libcrypt/tests/) and add all the build
machinery to accompany this change.

In particular:

- Add a WITHOUT_TESTS variable that users can define to request that
  no tests be put in /usr/tests.
- Add a top-level Kyuafile for /usr/tests and a way to create similar
  Kyuafiles in top-level subdirectories.
- Add a BSD.tests.dist file to define the directory layout of
  /usr/tests.

Submitted by:	Julio Merino jmmv google.com
Reviewed by:	sjg
MFC after:	2 weeks
2013-10-25 05:25:19 +00:00
Glen Barber
57bd24ceaa Fix build host pollution by avoiding calling 'uname -srp' to
determine values for 'VERSION'.

Looked at by:	cperciva
2013-10-24 22:55:15 +00:00
Glen Barber
44c38c2ca3 Revert r256921 to prevent error output when in the wrong directory.
This should have been reverted with the stable/10/Makefile.inc1
revert, but apparently my commit did not go through.

Discussed with:	cperciva (originally)
2013-10-24 15:00:19 +00:00
Colin Percival
a0c6562337 Thou shalt not leak build host state into the system being compiled.
The VERSION variable is encoded into the SUNW_ctf sections of the kernel
and every kernel module when dtrace is enabled; starting with 9.2-RELEASE
(when dtrace was turned on in GENERIC) this means that different host kernels
will result in very different kernel binaries being generated.  This tripped
up freebsd-update builds after the build boxes were updated from 9.x to 10.x.

MFC after:	3 days (stable/9)
X-MFC after:	0 days (stable/10)
Security:	Rendered two members of so@ temporarily insane
2013-10-22 18:36:39 +00:00
Brooks Davis
f936a2e556 Stop conflating WITHOUT_CLANG with WITHOUT_CLANG_IS_CC. This allows
bootstrapping a copy of clang without building clang for the base system
which is useful for nanobsd and similar setups.  It's still probably
wrong to conflate what is installed as /usr/bin/cc with the selection
of a bootstrap compiler under WITH*_CLANG_IS_CC, but that's for another
day.

MFC after:	1 week
Sponsored by:	DARPA/AFRL
2013-10-22 15:53:29 +00:00
Bryan Drewery
e45e2255e8 Fix 'make delete-old-libs' and 'make check-libs' to delete .debug
files created by WITH_DEBUG_FILES. Also cleanup .symbols files from
the period between r244236 when .symbols were supported and r251512
when they were renamed to .debug.

Only propose to delete a .debug file if the corresponding library
itself was deleted already.

Reported by:	des
Reviewed by:	emaste (earlier version)
Approved by:	bapt
MFC after:	3 days
2013-10-21 10:09:48 +00:00
Ian Lepore
923cfb89b0 Allow 'make xdev' to work when DESTDIR is set.
Submitted by:	Patrick Kelsey <kelsey@ieee.org>
2013-10-16 16:46:25 +00:00
Dimitry Andric
c60c0372b0 Bump OS versions in the toolchain triples to 11.0, and bump the
__FreeBSD_cc_version predefined macros in clang and gcc.

Approved by:	re (gjb)
2013-10-10 20:47:11 +00:00
Xin LI
5bab73677e Revert-and-redo r255955: the sort -r should be added to delete-old-dirs.
Approved by:	re (gjb)
2013-10-01 22:53:27 +00:00
Xin LI
5cf4a427ae Reverse directories order when doing 'make delete-old-dir'. This
ensures subdirectories gets removed before their parents when doing
make delete-old.

Approved by:	re (gjb)
MFC after:	2 weeks
2013-09-30 20:33:56 +00:00
Dag-Erling Smørgrav
56b72efe82 Remove BIND.
Approved by:	re (gjb)
2013-09-30 17:23:45 +00:00
John Baldwin
865f77794b Don't parse NO_ROOT metadata for extra kernels if NO_ROOT isn't defined.
Approved by:	re (gjb)
MFC after:	1 week
2013-09-24 19:09:21 +00:00
Andrew Turner
e8192c8975 Remove the armv6eb architecture as it is unused, and almost certainly
broken. None of our kernels can boot armv6eb. The little-endian kernels do
not have the required code to be able to switch endian when running a
big-endian executable.

Approved by:	re (gjb)
2013-09-22 07:30:17 +00:00
Bryan Drewery
31caf4c87b Fix 'make installcheck' to check for missing UID/GID as well, broken
since r249893, by adding a separate _installcheck_world and
_installcheck_kernel so the destination targets can be more explicit
on which they are needed for.

installcheck will call both, while installworld only calls
_installcheck_world and installkernel only calls _installcheck_kernel

While here, mark the internal targets as starting with _.

Reported by:	des
Reviewed by:	des
Pointyhat to:	bdrewery
Approved by:	re (delphij)
2013-09-18 00:33:24 +00:00
Dag-Erling Smørgrav
91270ec52e Add unbound to the list of UIDs / GIDs to check fore before installing.
Approved by:	re (blanket)
2013-09-17 12:59:37 +00:00
Dag-Erling Smørgrav
9cfa8b3fee Clean up the OpenSSH build. It is now possible to build most components
as static binaries, if desired.  The one exception is sshd, which runs
into trouble due to libpam.a's includion of pam_ssh.

Make OpenSSH use LDNS if available.  This allows it to verify signed
SSHFP records.

Approved by:	re (blanket)
2013-09-10 22:26:11 +00:00
Dag-Erling Smørgrav
2442cc585a Create a private library directory (LIBPRIVATEDIR) for libraries which
we don't want to expose but which can't or shouldn't be static.

To mark a library as private, define PRIVATELIB in its Makefile.  It
will be installed in LIBPRIVATEDIR, which is normally /usr/lib/private
(or /usr/lib32/private for 32-bit libraries on 64-bit platforms).

To indicate that a program or library depends on a private library,
define USEPRIVATELIB in its Makefile.  The correct version of
LIBPRIVATEDIR will be added to its run-time library search path.

Approved by:	re (blanket)
2013-09-08 09:40:23 +00:00
Bryan Drewery
0636236951 - Fix LOCAL_MTREE so it properly handles multiple files and quotes
its value into submakes

PR:		conf/179466
Submitted by:	Garrett Cooper <yaneurabeya@gmail.com>
Approved by:	bapt
MFC after:	2 weeks
Sponsored by:	EMC / Isilon Storage Division
2013-08-30 01:32:47 +00:00
Peter Wemm
f0957ccae4 Update nvi-1.79 to 2.1.1-4334a8297f
This is the gsoc-2011 project to clean up and backport multibyte support
from other nvi forks in a form we can use.

USE_WIDECHAR is on unless building for the rescue crunchgen. This should
allow editing in the native locale encoding.

USE_ICONV depends on make.conf having 'WITH_ICONV=YES' for now.  This
adds the ability to do things like edit a KOI8-R file while having $LANG
set to (say) en_US.UTF-8.  iconv is used to transcode the characters for
display.

Other points:
* It uses gencat and catopen/etc instead of homegrown msg catalog stuff.
* A lot of stuff has been trimmed out, eg: the perl and tcl bindings which
  we could never use in base anyway.
* It uses ncursesw when in widechar mode.  This could be interesting.

GSoC info: http://www.google-melange.com/gsoc/proposal/review/google/gsoc2011/zy/1
Repo at: https://github.com/lichray/nvi2

Obtained from:  Zhihao Yuan <lichray@gmail.com>
2013-08-11 20:03:12 +00:00
Ed Maste
2d0bcb76c8 Generate debug data release dist sets
If WITH_DEBUG_FILES is set the standalone debug data will be excluded
from each ${dist}.txz and placed in a ${dist}.debug.txz.

Submitted by:	gjb
Reviewed by:	brooks
2013-07-23 19:34:09 +00:00
Simon J. Gerraty
bb6d7d0ef5 Sprinkle some .MAKE magic 2013-07-06 00:13:08 +00:00
Simon J. Gerraty
03630b541e Use && rather than ; when success of previous job matters. 2013-06-30 15:00:07 +00:00
Brooks Davis
c872793d46 Simplify the hierarchy target's logic. [0]
Run hierarchy with WORLDTMP in the path so it works when it is invoked
directly.  Such use is nearly alwasy wrong but appears to be common.[1]

PR:		conf/178209 [0], conf/178547 [1]
Submitted by:	Garrett Cooper <yaneurabeya@gmail.com> [0]
MFC after:	5 days
2013-06-14 22:32:47 +00:00
Simon J. Gerraty
d31870574c Flag recursive make targets with .MAKE
so that job token pipe is passed to them.
To avoid surprising anyone, only add .MAKE to ${TGTS} when -n
has not been specified (at least for Makefile).

Reviewed by:	obrien
2013-06-14 16:30:11 +00:00
Brooks Davis
aa5084e4ff Be more agressive about bootstrapping ctfmerge and ctfconvert so
builds from existing releases have a chance of working properly.

Sponsored by:	DARPA, AFRL
MFC after:	3 days
2013-06-13 18:26:04 +00:00
Ed Maste
42f8c5b580 Add a new knob WITH_DEBUG_FILES to control the building of standalone
debug files for userland programs and libraries.  The "-g" debug flag
is automatically applied when WITH_DEBUG_FILES is set.

The debug files are now named ${prog}.debug and ${shlib}.debug for
consistency with other systems and documentation.  In addition they are
installed under /usr/lib/debug, to simplify the process of installing
them if needed after a crash.  Users of bsd.{prog,lib}.mk outside of the
base system place the standalone debug files in a .debug subdirectory.
GDB automatically searches both of these directories for standalone
debug files.

Thanks to everyone who contributed changes, review, and testing during
development.
2013-06-07 21:40:02 +00:00
Jilles Tjoelker
b9bcca07f5 release: Allow empty extra distributions.
For example, WITHOUT_SHAREDOCS= in src.conf creates an empty doc
distribution.

Submitted by:	Kurt Lidl
Tested by:	Kurt Lidl
Discussed with:	gjb
MFC after:	1 week
2013-06-05 22:27:49 +00:00
Brooks Davis
80ba5ec8cc Restore (at least temporarily) SHARED=symlinks in the build includes
stage of buildworld.  This was accidentally included in r251140.

Reported by:	jhb
2013-05-30 15:25:54 +00:00
Brooks Davis
6c4614797f Always define INSTALL_DDIR and define it such that it contains no extra
/ characters rather than removing them later on.  This should fix
release builds.

PR:		conf/178963
Reviewed by:	gjb, hrs
2013-05-30 14:09:58 +00:00
Glen Barber
4e02fd950c r245757 introduced warning output if update method is set to CVS_UPDATE
or SUP_UPDATE.

CVS exporter for head/ is turned off for nearly one month now.

It is finally time to swing the ax at these update methods.

Reviewed by:	eadler
MFC after:	1 month
2013-05-28 23:43:47 +00:00
Glen Barber
527f7dc33c Update comments to reflect use of svn/svnup to keep the src/ tree up
to date.

MFC after:	3 days
2013-05-28 21:57:55 +00:00
Peter Wemm
25fbccdce0 Temporarily revert r251058 - it breaks documented use of makeoptions
including the tinderbox.

 http://tinderbox.freebsd.org/tinderbox-head-build-HEAD-i386-i386.full
 make: don't know how to make modules-all. Stop
 make: stopped in /obj/i386.i386/src/sys/PAE
 *** Error code 2
2013-05-28 21:29:05 +00:00
Dag-Erling Smørgrav
13b85cea60 During buildkernel, print a banner before building modules. 2013-05-28 09:52:28 +00:00