It was not used or tested on x86 in practice, and the automated arm
tests should obviate the need for a dummy-only x86 implementation.
It should be noted that this change is merely the simplest way to
deal with conflicts with live update (for the second time now).
Change-Id: I6e066c4659c6213cd556144271784588356b140f
This brings our tree to NetBSD 7.0, as found on -current on the
10-10-2015.
This updates:
- LLVM to 3.6.1
- GCC to GCC 5.1
- Replace minix/commands/zdump with usr.bin/zdump
- external/bsd/libelf has moved to /external/bsd/elftoolchain/
- Import ctwm
- Drop sprintf from libminc
Change-Id: I149836ac18e9326be9353958bab9b266efb056f0
The minix set is now divided into minix-base, minix-comp, minix-games,
minix-kernel, minix-man and minix-tests.
This allows massive space savings on the installlation CD because only
the base system used for installation is stored uncompressed. Also, it
makes the system more modular.
Change-Id: Ic8d168b4c3112204013170f07245aef98aaa51e7
- move from minix/commands to minix/usr.sbin;
- install into /usr/sbin instead of /usr/bin;
- move manual page into source directory;
- resolve compilation warning;
- convert to KNF.
Change-Id: I1206b52e8804a68a3a80f6d7f63916e7fcdc9e3f
- move from minix/commands to minix/usr.sbin;
- install into /usr/sbin instead of /usr/bin;
- move manual page into source directory;
- resolve compilation warning;
- convert to KNF.
Change-Id: Iccb4a8b27ae220254bae19e9198478b40706f542
- move from minix/commands to minix/usr.sbin;
- install into /usr/sbin instead of /usr/bin;
- move manual page into source directory;
- resolve compilation warning;
- convert to KNF.
Change-Id: I08c16998bd499a468799a6587f6fe45f42590461
This commits adds a basic infrastructure to support Address Space
Randomization (ASR). In a nutshell, using the already imported ASR
LLVM pass, multiple versions can be generated for the same system
service, each with a randomized, different address space layout.
Combined with the magic instrumentation for state transfer, a system
service can be live updated into another ASR-randomized version at
runtime, thus providing live rerandomization.
Since MINIX3 is not yet capable of running LLVM linker passes, the
ASR-randomized service binaries have to be pregenerated during
crosscompilation. These pregenerated binaries can then be cycled
through at runtime. This patch provides the basic proof-of-concept
infrastructure for both these parts.
In order to support pregeneration, the clientctl host script has
been extended with a "buildasr" command. It is to be used after
building the entire system with bitcode and magic support, and will
produce a given number of ASR-randomized versions of all system
services. These services are placed in /usr/service/asr in the
image that is generated as final step by the "buildasr" command.
In order to support runtime updating, a new update_asr(8) command
has been added to MINIX3. This command attempts to live-update the
running system services into their next ASR-randomized versions.
For now, this command is not run automatically, and thus must be
invoked manually.
Technical notes:
- For various reasons, magic instrumentation is x86-only for now,
and ASR functionality is therefore to be used on x86 only as well.
- The ASR-randomized binaries are placed in numbered subdirectories
so as not to have to change their actual program names, which are
assumed to be static in various places (system.conf, procfs).
- The root partition is typically too small to contain all the
produced binaries, which is why we introduce /usr/service. There
is a symlink from /service/asr to /usr/service/asr for no other
reason than to let userland continue to assume that all services
are reachable through /service.
- The ASR count field (r_asr_count/ASRcount) maintained by RS is not
used within RS in any way; it is only passed through procfs to
userland in order to allow update_asr(8) to keep track of which
version is currently loaded without having to maintain own state.
- Ideally, pre-instrumentation linking of a service would remove all
its randomized versions. Currently, the user is assumed not to
perform ASR instrumentation and then recompile system services
without performing ASR instrumentation again, as the randomized
binaries included in the image would then be stale. This aspect
has to be improved later.
- Various other issues are flagged in the comments of the various
parts of this patch.
Change-Id: I093ad57f31c18305591f64b2d491272288aa0937
For dynamically linked executables, the interpreter is passed a
file descriptor of the binary being executed. To this end, VFS
opens the target executable, but opening the file fails if it is
not readable, even when it is executable. With this patch, when
opening the executable, it verifies the X bit rather than the R
bit on the file, thus allowing the execution of dynamically
linked binaries that are executable but not readable.
Add test86 to verify correctness.
Change-Id: If3514add6a33b33d52c05a0a627d757bff118d77
- The lmfs_get_block*(3) API calls may now return an error. The idea
is to encourage a next generation of file system services to do a
better job at dealing with block read errors than the MFS-derived
implementations do. These existing file systems have been changed
to panic immediately upon getting a block read error, in order to
let unchecked errors cause corruption. Note that libbdev already
retries failing I/O operations a few times first.
- The libminixfs block device I/O module (bio.c) now deals properly
with end-of-file conditions on block devices. Since a device or
partition size may not be a multiple of the root file system's block
size, support for partial block retrival has been added, with a new
internal lmfs_get_partial_block(3) call. A new test program,
test85, tests the new handling of EOF conditions when reading,
writing, and memory-mapping a block device.
Change-Id: I05e35b6b8851488328a2679da635ebba0c6d08ce
The new syslogd(8) does not create log files that do not already
exist, and thus, we adopt the NetBSD way of creating them.
Change-Id: Icd7fdba362726696df6a52dd55c049fd2bfcc2d3
The primary reason for the import is a likely GPL taint of the
original MINIX3 syslogd. As a result, this import may still
have some rough edges.
Change-Id: I5c8d26eca10fc2dd50ecc9eab44a1d483cf068a9
This test connects to a remote HTTP server to retrieve files, using various
chunk sizes and concurrency settings to exercise the network stack. The test
is only performed is USENETWORK=yes. This test requires the following URLs to
remain available: http://test82.minix3.org/test1.txt and
http://test82.minix3.org/test2.bin. The former contains a 'Hello world'
message followed by a newline, the latter all 16-bit values in increasing
order, using big-endian notation.
Change-Id: I696106482fb1658f9657be2b6845a1b37a3d6172
These new tests are largely based on the code from test 56 (UDS). Common code
is moved into a separate file common-socket.c. In some instances the tests
are too strict for TCP/UDP sockets, which may not always react instantly to
whatever happens on the other side (even locally). For these cases, the
ignore_* fields in struct socket_test_info indicate that there needs to be
an exception. There are also tests where it seems the functionality of inet
is either incorrect or incomplete with regard to the POSIX standard. In these
cases, the bug_* fields are used to document the issues while avoiding
failure of the test.
Change-Id: Ia860deb4559d42608790451936b1aade866faebc
This patch adds support for Unix98 pseudo terminals, that is,
posix_openpt(3), grantpt(3), unlockpt(3), /dev/ptmx, and /dev/pts/.
The latter is implemented with a new pseudo file system, PTYFS.
In effect, this patch adds secure support for unprivileged pseudo
terminal allocation, allowing programs such as tmux(1) to be used by
non-root users as well. Test77 has been extended with new tests, and
no longer needs to run as root.
The new functionality is optional. To revert to the old behavior,
remove the "ptyfs" entry from /etc/fstab.
Technical nodes:
o The reason for not implementing the NetBSD /dev/ptm approach is that
implementing the corresponding ioctl (TIOCPTMGET) would require
adding a number of extremely hairy exceptions to VFS, including the
PTY driver having to create new file descriptors for its own device
nodes.
o PTYFS is required for Unix98 PTYs in order to avoid that the PTY
driver has to be aware of old-style PTY naming schemes and even has
to call chmod(2) on a disk-backed file system. PTY cannot be its
own PTYFS since a character driver may currently not also be a file
system. However, PTYFS may be subsumed into a DEVFS in the future.
o The Unix98 PTY behavior differs somewhat from NetBSD's, in that
slave nodes are created on ptyfs only upon the first call to
grantpt(3). This approach obviates the need to revoke access as
part of the grantpt(3) call.
o Shutting down PTY may leave slave nodes on PTYFS, but once PTY is
restarted, these leftover slave nodes will be removed before they
create a security risk. Unmounting PTYFS will make existing PTY
slaves permanently unavailable, and absence of PTYFS will block
allocation of new Unix98 PTYs until PTYFS is (re)mounted.
Change-Id: I822b43ba32707c8815fd0f7d5bb7a438f51421c1
Removes the following man pages:
* awk.1x -- for a version of awk we no longer have
* kermit.1x -- seems gone altogether
* macros.1x -- not useful for anyone anymore
Moves the following man pages:
* mined.1x -- Moved to minix/commands/mined/mined.1
and reformatted to use the mdoc macros instead of the
Minix macros so that it displays properly.
Removes /usr/man/man1x from the directory tree.
closes#44
Change-Id: I59b8bd54cf5cba6d188e51e99a92b36e90c275c1
. bitcode fixes
. switch to compiler-rt instead of netbsd libc functions
or libgcc for support functions for both x86 and arm
. minor build fixes
. allow build with llvm without crossbuilding llvm itself
. can now build minix/arm using llvm and eabi - without C++
support for now (hence crossbuilding llvm itself is turned off
for minix/arm)
Change-Id: If5c44ef766f5b4fc4394d4586ecc289927a0d6eb
- Expose in procfs the service status and supported recovery policies.
- This adds a test (testrelpol.sh) to exercise the restart policies of
the system services and drivers.
NOTE:
The policy support information is temporarily hardcoded in ProcFS, but
this has to be replaced by properly retrieving this information from
RS, which should in turn be setup on a per service basis, at
initialization time.
Change-Id: I0cb1516a450355b38d0c46b1a8b3d9e841a2c029
With the import of Xorg, a proper separation between login-time and sub
shell-time of the environment setup is necessary.
Instead of re-developping this from scratch, I am taking the opportunity
to import the NetBSD default environment.
Change-Id: Ib6a8fbd9c2f407ccd59be57a52ef9df21c2c9ce7
We have to use SOCK_SEQPACKET instead of SOCK_STREAM for client/server
communication, because UDS does things with control messages that tmux
does not expect.
Change-Id: I3edb1875d61fb976cf6485c650f4fd4b82fa354c
The entire infrastructure relied on an ACK feature, and as such, it
has been broken for years now, with no easy way to repair it.
Change-Id: I783c2a21276967af115a642199f31fef0f14a572
This library provides new abstractions for the upper (VFS) side of
file system services, and should be used for all file system service
implementations from now on. It provides the following functionality:
- a function call table abstraction, hiding the details of the
VFS-FS protocol with simple parameters;
- a (currently limited) number of per-function steps required for
all file system implementations, such as copying in and out path
names and result buffers;
- a default implementation for multicomponent path lookups, such
that the file system merely has to implement resolution of single
components at a time;
- an abstraction for copying data from and to the file system, which
allows transparent intraprocess copying as required for the lookup
implementation;
- a set of functions to simplify getdents implementations.
The message loop provided by the library is currently for use by
single-threaded file system implementations only. Multithreaded file
system services may use the more low-level message processing
functionality.
Protocol-level optimizations such as including names in protocol
messages may be hidden entirely in this library. In addition, in the
future, the lookup implementation may be replaced by a single-
component lookup VFS/FS protocol request as part of a VFS name cache
implementation; this, too, can be hidden entirely in this library.
Change-Id: Ib34f0d0e021dfa3426ce8826efcf3eaa94d3ef3e
It is currently too broken to be of any use anyway. Fixes are pending,
which is why this patch is intended to be reverted before those are
merged.
For the time being, the following tools can be used to access cdroms:
- isodir
- isoinfo
- isoread
- writeisofs
Change-Id: I681e8f1224bb464ba978f893dc18d46fa06a8208
/etc/profile enables by default tabcompletion, as well as emacs mode,
in order to keep the old MINIX ash behavior.
Note: The shell now refuses to source a script without a relative or
absolute path.
This means:
- '. myscript.sh' fails, while
- '. ./myscript.sh' succeeds
Change-Id: I0be89b0747bd005e4c05cadb937af86883627dc6
. get rid of includes in libcompat_minix:
. move configfile.h to minix/include/
. all others are unneeded as they point to other files
. merge the .c files with libc
Change-Id: I5e840c66fb9bc484f377926aa9d66473bbd16259
This script runs a subset of all the available test. This is aimed at
first time users which might be surprised by the warnings and time the
full test suite takes.
This runs all the tests which in case of success only print "ok" and
don't take too much time to run, independently of the network
connectivity.
Change-Id: Id54b7656a98f9ec81880f91cb63ca888a175f20f
The bin user doesn't need an actual home folder to run the tests. As
such this account should not be used in 'su - bin'. To be noted that
'su bin' still works as expected, and allow to run the minix test set
as usual.
Change-Id: I21fd178bf3b7b28849f05ef24930b553094cc851
We used to have an account "ast" as a token to Andrew S. Tannebaum,
the creator of MINIX. The account was disable by default, with no
possible way to login.
It seems it generates more confusion than it is worth, so this removes it.
The default skeleton user profile is still stored into /etc/ast instead
of the usual /etc/skel.
Change-Id: I71818c0bb9580cdecfa9621f8693586fc48d17cb
This concerns all services, a.k.a drivers, filesystem drivers, network
(inet, lwip, uds) servers, and the system servers.
Change-Id: I626fd15c795e15af42df2d10d47fb4a703665d63
This library is built just so that something is present in
/usr/lib/libgcc_s.so.1. This is needed for dynamically programs built
with gcc, which might reference that library at runtime (i.e. all pkgsrc
packages). The necessary symbols are in libc however, so when built on a
clang-only system, so an empty library is a working stopgap.
In case of installation of both clang and GCC, we want to be able to
switch which one is the default by adapting the cc, c++ & cpp symlinks.
The default behaviour implemented here is to prefer clang over gcc if
they are both installed.
Change-Id: Ic14720cd876d2bf934d345a955cb5789378209e6
This patch adds pthread compatibility by using libmthread.
To use this with a program using pthreads, you have to replace
#include <pthread>
with
#define _MTHREADIFY_PTHREADS
#include <minix/mthreads>
This also changes the initialization function to be a constructor, which
is implicitly called before the call to main. This allows for
conformance with pthreads, while not paying a high price by checking on
each mthread_* call whether the library has been initialized or not.
As mthread_init is now a constructor, it also has been set as static, and
relevent calls removed from programs using it.
Change-Id: I2aa375db557958d2bee9a70d285aabb990c88f00
- Fix for possible unset uid/gid in toproto
- Fix for default mtree style
- Update libelf
- Importing libexecinfo
- Resynchronize GCC, mpc, gmp, mpfr
- build.sh: Replace params with show-params.
This has been done as the make target has been renamed in the same
way, while a new target named params has been added. This new
target generates a file containing all the parameters, instead of
printing it on the console.
- Update test48 with new etc/services (Fix by Ben Gras <ben@minix3.org)
get getservbyport() out of the inner loop
Change-Id: Ie6ad5226fa2621ff9f0dee8782ea48f9443d2091
not entirely clean; _SIGN hack remains for now. also leave in
minix-specific stuff like minix-specific errno's and OK.
Change-Id: I035efc52e27b92f58ae0d88dab19dec263edb6e3
. also implement some netbsd-style tty ioctls
. also implement SIGINFO
. also import netbsd stty
. rename keymap minix CMIN (for ctrl+minus on numeric keypad)
to CNMIN; to keep unchanged control character default CMIN in
new <sys/ttydefaults.h>
. convert CS[5678] logic in rs232 driver to explicit setting of LC
bits
Change-Id: I9b7d2963fe9aec00fb6e7535ef565b3191fc1c1d
import/switch of:
init, getty, reboot, halt, shutdown, wall, last
changes:
. change reboot() call to netbsd prototype and args
. allows pristine <utmp.h>
. use clean <sys/reboot.h> instead of <minix/reboot.h>
. implement TIOCSCTTY for use by getty so getty can get
controlling terminal from init's child(ren)
. allow NULL envp for exec
Change-Id: I5ca02cb4230857140c08794bbfeba7df982c58a3
* Remove support for the Poor Man fstab
* Remove checks for the missing ARCH kernel variable
* Remove .ashrc which is anyway only read once per login
* Cleanup PATH variable
Change-Id: Ic32e5749fba502dfa38d4d538860e717580bad60
- introduce PROC_STOPPED flag, which tracks whether the process is
stopped on PROC_STOP in the kernel, rather than implicitly deriving
this from PM_SIG_PENDING;
- make the process resumption test based on current state rather than
state transitions;
- add and clarify several flag checks in the signal handling code;
- add test79 to test signal handling robustness.
Change-Id: Ic8c7527095035b300b56f2ab1b9dd190bd4bf001
NetBSD libc implements these as wrappers around setitimer(2),
sigsuspend(2), and getrusage(2), respectively.
Change-Id: I0c5e725b3e1316bddd3a3ff7ef65d57d30afd10d
. add all sys/sys headers not already present to help compiling
. take netbsd dirent.h and struct dirent; main result is
introducing d_type and d_namlen that have to be set by getdents()
in all FS code implementing it
. d_off is gone
. alignment of the struct has become 8 bytes instead of 4
. remove _MAX_BLOCK_SIZE, _MIN_BLOCK_SIZE, _STATIC_BLOCK_SIZE
. libminlib: cleanup unused yet duplicate code
. mfs: throw out the long-broken v1, v2 support
. new test for dirent contents filled by getdents()
Change-Id: I1459755c7ba5e5d1c9396d3a587ce6e63ddc283e
* /usr/bin/strip would be replaced by a link, even when compiling
binutils.
* Updated minix-spec.h to use the correct dynamic linker, and removed
the previously used symlinks.
* Removed the patch to the builtin PATH of ld.elf_so.
Change-Id: I4dc8a7fb77a11638f5105a4e15b6c9be5add750e
This commit separates the low-level keyboard driver from TTY, putting
it in a separate driver (PCKBD). The commit also separates management
of raw input devices from TTY, and puts it in a separate server
(INPUT). All keyboard and mouse input from hardware is sent by drivers
to the INPUT server, which either sends it to a process that has
opened a raw input device, or otherwise forwards it to TTY for
standard processing.
Design by Dirk Vogt. Prototype by Uli Kastlunger.
Additional changes made to the prototype:
- the event communication is now based on USB HID codes; all input
drivers have to use USB codes to describe events;
- all TTY keymaps have been converted to USB format, with the effect
that a single keymap covers all keys; there is no (static) escaped
keymap anymore;
- further keymap tweaks now allow remapping of literally all keys;
- input device renumbering and protocol rewrite;
- INPUT server rewrite, with added support for cancel and select;
- PCKBD reimplementation, including PC/AT-to-USB translation;
- support for manipulating keyboard LEDs has been added;
- keyboard and mouse multiplexer devices have been added to INPUT,
primarily so that an X server need only open two devices;
- a new "libinputdriver" library abstracts away protocol details from
input drivers, and should be used by all future input drivers;
- both INPUT and PCKBD can be restarted;
- TTY is now scheduled by KERNEL, so that it won't be punished for
running a lot; without this, simply running "yes" on the console
kills the system;
- the KIOCBELL IOCTL has been moved to /dev/console;
- support for the SCANCODES termios setting has been removed;
- obsolete keymap compression has been removed;
- the obsolete Olivetti M24 keymap has been removed.
Change-Id: I3a672fb8c4fd566734e4b46d3994b4b7fc96d578
* Renamed struct timer to struct minix_timer
* Renamed timer_t to minix_timer_t
* Ensured all the code uses the minix_timer_t typedef
* Removed ifdef around _BSD_TIMER_T
* Removed include/timers.h and merged it into include/minix/timers.h
* Resolved prototype conflict by renaming kernel's (re)set_timer
to (re)set_kernel_timer.
Change-Id: I56f0f30dfed96e1a0575d92492294cf9a06468a5
The tool has been changed heavily to match our VND driver model.
NetBSD is in the process of renaming it from vnconfig(8) to
vndconfig(8). To keep things in sync, we have to play along.
Change-Id: Ie86df184f03ab00573ea76b43c9caa0412e8321d
- fail SEF initialization if any of the subtests failed, so that the
party invoking the "service up" can tell whether the test succeeded;
- add "nocontig" option, because VM isn't particularly good at
allocating contiguous memory;
- add "silent" option, because it floods the console otherwise;
- allow the device size to be smaller than the maximum transfer size;
- install files to installed test directory.
Change-Id: I45c818f817c11d90c5f94ae26a2fc49e36e6761e
- writing to a PTY master side blocks if there is not already a
blocked reader on the slave side, and select now reflects this;
- internally, TTY now uses a test based on "caller != NONE" rather
than "grant != GRANT_INVALID" to identify whether a call is
currently ongoing;
- "offset" fields have been removed as they equal the corresponding
"cum" fields;
- improved variable typing and function naming here and there;
- various other small fixes.
Change-Id: I6b51452888942e864b4e034e8c8490576184a23e
- check each file descriptor's open access mode (filp_mode);
- treat an error returned by a character driver as a select error;
- check all filps in each set before finishing select;
- do not copy back file descriptor sets if an error occurred;
- remove the hardcoded list of supported character major devices,
since all drivers should now be capable of responding properly;
- add tests to test40 and fix its error count aggregation.
Change-Id: I57ef58d3afb82640fc50b59c859ee4b25f02db17
