Instead of formatting the image, and then using the mtools to copy on it
the boot partition files, we use makefs to directly generate the
partition.
Change-Id: I468e3100842177f3f55edbfdb910941bafa576ba
This script uses the image generation framework to create a pkgsrc CD
image, useful for MINIX installations without Internet connectivity.
Change-Id: Ife037f6b6958e38986afad0632f37999ecbb2b55
Setting PACKAGE_DIR without PACKAGES will default to bundling all
packages in PACKAGE_DIR. PKG_INFO is also mandatory now.
Change-Id: Iaf02221ec91e9c54dc8caec6e9a01bccfc65cc31
This commit (temporarily) leaves MINIX 3 without a TCP/IP service.
Thanks go out to Philip Homburg for providing this TCP/IP stack in the
first place. It has served MINIX well for a long time.
Change-Id: I0e3eb6fe64204081e4e3c2b9d6e6bd642f121973
Scripts for generating boot-to-ramdisk images are now available. These
can be used for example to boot from PXE or from a USB stick, as the
ramdisk are self-contained and do not rely on any block devices after
being loaded into RAM.
The image generation framework has also been slightly cleaned up in
order to better accomodate tarball sets bundling in images.
Change-Id: I65a176832bd0d6954b430fa8305f90af0bd606c1
The new MIB service implements the sysctl(2) system call which, as
we adopt more NetBSD code, is an increasingly important part of the
operating system API. The system call is implemented in the new
service rather than as part of an existing service, because it will
eventually call into many other services in order to gather data,
similar to ProcFS. Since the sysctl(2) functionality is used even
by init(8), the MIB service is added to the boot image.
MIB stands for Management Information Base, and the MIB service
should be seen as a knowledge base of management information.
The MIB service implementation of the sysctl(2) interface is fairly
complete; it incorporates support for both static and dynamic nodes
and imitates many NetBSD-specific quirks expected by userland. The
patch also adds trace(1) support for the new system call, and adds
a new test, test87, which tests the fundamental operation of the
MIB service rather thoroughly.
Change-Id: I4766b410b25e94e9cd4affb72244112c2910ff67
ASR instrumentation is now performed on all applicable system services
if the system is built with MKASR=yes. This setting automatically
enables MKMAGIC=yes, which in turn enables MKBITCODE=yes.
The number of extra rerandomized service binaries to be generated can
be set by passing ASRCOUNT=n to the build system, where n is a number
between 1 and 65536. The default ASRCOUNT is 3, meaning that each
service will have one randomized base binary and three additional
rerandomized binaries. As before, update_asr(8) can be used for
runtime rerandomization.
Change-Id: Icb498bcc6d1cd8d3f6bcc24eb0b32e29b7e750c2
This brings our tree to NetBSD 7.0, as found on -current on the
10-10-2015.
This updates:
- LLVM to 3.6.1
- GCC to GCC 5.1
- Replace minix/commands/zdump with usr.bin/zdump
- external/bsd/libelf has moved to /external/bsd/elftoolchain/
- Import ctwm
- Drop sprintf from libminc
Change-Id: I149836ac18e9326be9353958bab9b266efb056f0
The minix set is now divided into minix-base, minix-comp, minix-games,
minix-kernel, minix-man and minix-tests.
This allows massive space savings on the installlation CD because only
the base system used for installation is stored uncompressed. Also, it
makes the system more modular.
Change-Id: Ic8d168b4c3112204013170f07245aef98aaa51e7
- retire the old shell script
- import perl script
The perl scripts has the following advantages:
- The sorting should be more stable, even accross different OSes.
- The sorted output is automatically formatted into columns
- It is much faster, even on large inputs.
Change-Id: I1068b21fda981b4cf9eeea4af83165ec2968280b
The CD now boots directly from the ISO 9660 filesystem instead of using
MBR partitioning with Minix file systems. This saves some space on the
CD and reduces memory requirements by some unknown amount as the root
ramdisk is completely eliminated.
The x86 hard drive image creation is also rewritten in the same
fashion.
The setup is modified to be more NetBSD-like (unpacking sets
tarballs instead of blindly copying the CD contents). Splitting MINIX
into sets is done in another commit due to it being a nightmare to
rebase.
Since MINIX lacks union mounts for now, a bunch of ramdisks are
generated at run-time to make parts of the filesystem writeable for the
CD. This solution isn't ideal, but it's enough for an installation CD.
Change-Id: Icbd9cca4dafebf7b42c345b107a17679a622d5cd
This commits adds a basic infrastructure to support Address Space
Randomization (ASR). In a nutshell, using the already imported ASR
LLVM pass, multiple versions can be generated for the same system
service, each with a randomized, different address space layout.
Combined with the magic instrumentation for state transfer, a system
service can be live updated into another ASR-randomized version at
runtime, thus providing live rerandomization.
Since MINIX3 is not yet capable of running LLVM linker passes, the
ASR-randomized service binaries have to be pregenerated during
crosscompilation. These pregenerated binaries can then be cycled
through at runtime. This patch provides the basic proof-of-concept
infrastructure for both these parts.
In order to support pregeneration, the clientctl host script has
been extended with a "buildasr" command. It is to be used after
building the entire system with bitcode and magic support, and will
produce a given number of ASR-randomized versions of all system
services. These services are placed in /usr/service/asr in the
image that is generated as final step by the "buildasr" command.
In order to support runtime updating, a new update_asr(8) command
has been added to MINIX3. This command attempts to live-update the
running system services into their next ASR-randomized versions.
For now, this command is not run automatically, and thus must be
invoked manually.
Technical notes:
- For various reasons, magic instrumentation is x86-only for now,
and ASR functionality is therefore to be used on x86 only as well.
- The ASR-randomized binaries are placed in numbered subdirectories
so as not to have to change their actual program names, which are
assumed to be static in various places (system.conf, procfs).
- The root partition is typically too small to contain all the
produced binaries, which is why we introduce /usr/service. There
is a symlink from /service/asr to /usr/service/asr for no other
reason than to let userland continue to assume that all services
are reachable through /service.
- The ASR count field (r_asr_count/ASRcount) maintained by RS is not
used within RS in any way; it is only passed through procfs to
userland in order to allow update_asr(8) to keep track of which
version is currently loaded without having to maintain own state.
- Ideally, pre-instrumentation linking of a service would remove all
its randomized versions. Currently, the user is assumed not to
perform ASR instrumentation and then recompile system services
without performing ASR instrumentation again, as the randomized
binaries included in the image would then be stale. This aspect
has to be improved later.
- Various other issues are flagged in the comments of the various
parts of this patch.
Change-Id: I093ad57f31c18305591f64b2d491272288aa0937
Make disk image size sufficient for LLVM bitcode build with symbols.
Edited by David van Moolenbroek to do this only when -b is given.
Change-Id: I3bde164756c477b4af5ed9435ca03da3b186cf7e
- Fix a bug in clientctl which tried to test for kvm. This simply
remove this faulty test as the kvm command has been deprecated by the
QEMU project for a couple of years now.
- Specify by default 256M of RAM as this is the minimal amount required
for the whole-OS live update test to succeed.
- Update the default command printed out at the end of the x86_hdimage
script to be more generic, less focused on one use-case.
Change-Id: Ic555d50a3a1471f7d35cc7fd369f2292add6ac39
This patch adds support for Unix98 pseudo terminals, that is,
posix_openpt(3), grantpt(3), unlockpt(3), /dev/ptmx, and /dev/pts/.
The latter is implemented with a new pseudo file system, PTYFS.
In effect, this patch adds secure support for unprivileged pseudo
terminal allocation, allowing programs such as tmux(1) to be used by
non-root users as well. Test77 has been extended with new tests, and
no longer needs to run as root.
The new functionality is optional. To revert to the old behavior,
remove the "ptyfs" entry from /etc/fstab.
Technical nodes:
o The reason for not implementing the NetBSD /dev/ptm approach is that
implementing the corresponding ioctl (TIOCPTMGET) would require
adding a number of extremely hairy exceptions to VFS, including the
PTY driver having to create new file descriptors for its own device
nodes.
o PTYFS is required for Unix98 PTYs in order to avoid that the PTY
driver has to be aware of old-style PTY naming schemes and even has
to call chmod(2) on a disk-backed file system. PTY cannot be its
own PTYFS since a character driver may currently not also be a file
system. However, PTYFS may be subsumed into a DEVFS in the future.
o The Unix98 PTY behavior differs somewhat from NetBSD's, in that
slave nodes are created on ptyfs only upon the first call to
grantpt(3). This approach obviates the need to revoke access as
part of the grantpt(3) call.
o Shutting down PTY may leave slave nodes on PTYFS, but once PTY is
restarted, these leftover slave nodes will be removed before they
create a security risk. Unmounting PTYFS will make existing PTY
slaves permanently unavailable, and absence of PTYFS will block
allocation of new Unix98 PTYs until PTYFS is (re)mounted.
Change-Id: I822b43ba32707c8815fd0f7d5bb7a438f51421c1
This allows to both override the default package repository and
preinstalled packages list from the command line or the environment.
Also use everywhere PACKAGEURL.
Change-Id: I3434ff53be769f8d0f890bb5fb44521a0017e123
This allows the URL used to clone our specific version of u-boot to be
specified in the environment, instead of being hard-coded.
This new flexibility will be required by the new Continuous Integration
infrastructure, whose test nodes are in a network without direct
internet access.
Change-Id: I7440b5bba6786f979623b4509111e4e99c6558f6
. bitcode fixes
. switch to compiler-rt instead of netbsd libc functions
or libgcc for support functions for both x86 and arm
. minor build fixes
. allow build with llvm without crossbuilding llvm itself
. can now build minix/arm using llvm and eabi - without C++
support for now (hence crossbuilding llvm itself is turned off
for minix/arm)
Change-Id: If5c44ef766f5b4fc4394d4586ecc289927a0d6eb
- Fixed missing variable interpolation because of single quotes
- Replaced /bin/sh in gen_uEnv.txt.sh with /usr/bin/env bash as the default
echo doesn't support '-n'
- Fixed some whitespace errors
- A succesful build requires for now to skip the gold linker on OSX.
Change-Id: Id09bf52f45252026e3a58b74e8448ea24a0dab12
. let you specify IMG as a block device directly. this minimizes
i/o (only write used parts of the filesystem) and so turnaround
time - while still allowing the big default FS size.
Change-Id: Ib738499464e0d350a474a706f688d3f10806207d
. source release.functions with explicit path
. make xargs touch not fail (due to too long invocations
and spaces in paths)
Change-Id: I448b96cebd641bf2c7b86ecbb3d1f1cb568e4f70
- Removed an "export CPPFLAGS=${FLAG}" which prevented proper settings
from the environment to be passed to the build step.
- Re-arranged variable settings at the top, so that we don't need
to evaluate the argument to vfat mkfs command anymore in
arm_sdimage.sh
- "Merged" both script for easier comparison in the future.
Change-Id: Id59f902e4eaeb7f268d5051789462f14421a114a
As we have switched to a local git repository containing the NetBSD
reference, at specific points in time, the following scripts are not
anymore useful.
Change-Id: Iec0606a640a73e6ce80ecc5d9ac438daab9f2a1f
. we need libc++ in the base system
. big packages & sources don't fit on the cd any more
. the fetch scripts have to be triggered for some tools
Change-Id: Ife53c64fda0ed65b96fa8d6a0b0fee2c6a14d6d7
Allows instrumentation of Minix components using LLVM passes from
"llvm-apps" repository
In addition, the change does the following:
1. Move releasetools/generate_gold_plugin.sh to minix/llvm
2. Move external/bsd/llvm/passes to minix/llvm/passes
3. libLTO.so, LLVMgold.so and WeakAliasModuleOverride.so files
now get installed in minix/llvm/bin
This patch is a ugly, but a this moment I have no better alternatives to
offer.
- Add a script to compile the llvm sources through the standard
makefiles instead of the bsd build system. The produced gold plugin
is then copied into the source tree and used from there by the BSD
Makefiles.
Change-Id: I7fd7ad80be8efcedf27a047b872930ed602d7874
Rreleasetools/arm_sdimage.sh uses a ".settings" file to allow to override
the defaults settings found in arm_sdimage. This change allows to use an
alternate file for this purpose. We figured out more programs (like eclipse)
use a ".settings" file.
One can tweak the settings files to use by settings the SETTINGS_MINIX
variable
SETTING_MINIX=.settings_minix
Change-Id: I57f5ca64d2ac27c9e015ab24b864b9a5f14c42fb
http://gerrit.minix3.org/#/c/2687/
Check if the .settings entry is a file and not a directory. Eclipse
as we found out also likes creating .settings directories.
Change-Id: I3cbcaa7aa9e5dfb3d51c6c71df7fd72079fe213e
