Commit graph

110 commits

Author SHA1 Message Date
David van Moolenbroek
e4d99eb9b0 Basic live rerandomization infrastructure
This commits adds a basic infrastructure to support Address Space
Randomization (ASR).  In a nutshell, using the already imported ASR
LLVM pass, multiple versions can be generated for the same system
service, each with a randomized, different address space layout.
Combined with the magic instrumentation for state transfer, a system
service can be live updated into another ASR-randomized version at
runtime, thus providing live rerandomization.

Since MINIX3 is not yet capable of running LLVM linker passes, the
ASR-randomized service binaries have to be pregenerated during
crosscompilation.  These pregenerated binaries can then be cycled
through at runtime.  This patch provides the basic proof-of-concept
infrastructure for both these parts.

In order to support pregeneration, the clientctl host script has
been extended with a "buildasr" command.  It is to be used after
building the entire system with bitcode and magic support, and will
produce a given number of ASR-randomized versions of all system
services.  These services are placed in /usr/service/asr in the
image that is generated as final step by the "buildasr" command.

In order to support runtime updating, a new update_asr(8) command
has been added to MINIX3.  This command attempts to live-update the
running system services into their next ASR-randomized versions.
For now, this command is not run automatically, and thus must be
invoked manually.

Technical notes:

- For various reasons, magic instrumentation is x86-only for now,
  and ASR functionality is therefore to be used on x86 only as well.
- The ASR-randomized binaries are placed in numbered subdirectories
  so as not to have to change their actual program names, which are
  assumed to be static in various places (system.conf, procfs).
- The root partition is typically too small to contain all the
  produced binaries, which is why we introduce /usr/service.  There
  is a symlink from /service/asr to /usr/service/asr for no other
  reason than to let userland continue to assume that all services
  are reachable through /service.
- The ASR count field (r_asr_count/ASRcount) maintained by RS is not
  used within RS in any way; it is only passed through procfs to
  userland in order to allow update_asr(8) to keep track of which
  version is currently loaded without having to maintain own state.
- Ideally, pre-instrumentation linking of a service would remove all
  its randomized versions.  Currently, the user is assumed not to
  perform ASR instrumentation and then recompile system services
  without performing ASR instrumentation again, as the randomized
  binaries included in the image would then be stale.  This aspect
  has to be improved later.
- Various other issues are flagged in the comments of the various
  parts of this patch.

Change-Id: I093ad57f31c18305591f64b2d491272288aa0937
2015-09-17 17:15:03 +00:00
David van Moolenbroek
6d315cbf9e benchmarks: remove unixbench
This code appears to be GPL-licensed and thus does not belong in
the MINIX3 source tree.

Change-Id: I9e88c3ffd8eae8697b629899dba9728863a4413a
2015-07-20 11:05:28 +00:00
David van Moolenbroek
da21d85025 Add PTYFS, Unix98 pseudo terminal support
This patch adds support for Unix98 pseudo terminals, that is,
posix_openpt(3), grantpt(3), unlockpt(3), /dev/ptmx, and /dev/pts/.
The latter is implemented with a new pseudo file system, PTYFS.

In effect, this patch adds secure support for unprivileged pseudo
terminal allocation, allowing programs such as tmux(1) to be used by
non-root users as well.  Test77 has been extended with new tests, and
no longer needs to run as root.

The new functionality is optional.  To revert to the old behavior,
remove the "ptyfs" entry from /etc/fstab.

Technical nodes:

o The reason for not implementing the NetBSD /dev/ptm approach is that
  implementing the corresponding ioctl (TIOCPTMGET) would require
  adding a number of extremely hairy exceptions to VFS, including the
  PTY driver having to create new file descriptors for its own device
  nodes.

o PTYFS is required for Unix98 PTYs in order to avoid that the PTY
  driver has to be aware of old-style PTY naming schemes and even has
  to call chmod(2) on a disk-backed file system.  PTY cannot be its
  own PTYFS since a character driver may currently not also be a file
  system.  However, PTYFS may be subsumed into a DEVFS in the future.

o The Unix98 PTY behavior differs somewhat from NetBSD's, in that
  slave nodes are created on ptyfs only upon the first call to
  grantpt(3).  This approach obviates the need to revoke access as
  part of the grantpt(3) call.

o Shutting down PTY may leave slave nodes on PTYFS, but once PTY is
  restarted, these leftover slave nodes will be removed before they
  create a security risk.  Unmounting PTYFS will make existing PTY
  slaves permanently unavailable, and absence of PTYFS will block
  allocation of new Unix98 PTYs until PTYFS is (re)mounted.

Change-Id: I822b43ba32707c8815fd0f7d5bb7a438f51421c1
2015-06-23 17:43:46 +00:00
Thomas Cort
fc850d580c man: clean-out man1x category.
Removes the following man pages:

* awk.1x -- for a version of awk we no longer have
* kermit.1x -- seems gone altogether
* macros.1x -- not useful for anyone anymore

Moves the following man pages:

* mined.1x -- Moved to minix/commands/mined/mined.1
and reformatted to use the mdoc macros instead of the
Minix macros so that it displays properly.

Removes /usr/man/man1x from the directory tree.

closes #44

Change-Id: I59b8bd54cf5cba6d188e51e99a92b36e90c275c1
2015-03-25 06:53:44 +01:00
Robin Karlsson
e3b78ef14f Import NetBSD games/rogue
Change-Id: Id4aef4950f250edef2d507910877aabc6b9580ea
2015-03-14 14:59:16 +01:00
Lionel Sambuc
957802cd0c Import NetBSD shell environment files
With the import of Xorg, a proper separation between login-time and sub
shell-time of the environment setup is necessary.

Instead of re-developping this from scratch, I am taking the opportunity
to import the NetBSD default environment.

Change-Id: Ib6a8fbd9c2f407ccd59be57a52ef9df21c2c9ce7
2014-11-10 16:48:56 +01:00
Lionel Sambuc
971bb1a587 Importing external/mit/xorg support rules
Change-Id: Ib11d8659485a444797bf3a2118182a1d4e316b50
2014-11-10 14:43:29 +01:00
Lionel Sambuc
7eb99bda90 Importing lib/libpci
Change-Id: I21ae1e409286cec27c5e35677de3778a3f505d1e
2014-11-07 16:20:39 +01:00
David van Moolenbroek
eda6f5931d Import tmux
We have to use SOCK_SEQPACKET instead of SOCK_STREAM for client/server
communication, because UDS does things with control messages that tmux
does not expect.

Change-Id: I3edb1875d61fb976cf6485c650f4fd4b82fa354c
2014-10-03 10:01:08 +00:00
David van Moolenbroek
e985b92992 Import libevent
Change-Id: Ic75f4cac5eb07ffaba8f97d10673d7d7e2b1762d
2014-10-03 10:00:53 +00:00
Ben Gras
0d9602e04b Import NetBSD legal/COPYRIGHT.
Change-Id: Ic23e5f1902ade92402faa968bb945b7d873aaf6b
2014-09-28 16:28:05 +02:00
Lionel Sambuc
d90bee9749 Importing bin/sh
/etc/profile enables by default tabcompletion, as well as emacs mode,
in order to keep the old MINIX ash behavior.

Note: The shell now refuses to source a script without a relative or
      absolute path.
      This means:
        - '. myscript.sh' fails, while
        - '. ./myscript.sh' succeeds

Change-Id: I0be89b0747bd005e4c05cadb937af86883627dc6
2014-08-29 12:56:04 -04:00
Lionel Sambuc
b8d147203f Removing /home/bin
The bin user doesn't need an actual home folder to run the tests. As
such this account should not be used in 'su - bin'. To be noted that
'su bin' still works as expected, and allow to run the minix test set
as usual.

Change-Id: I21fd178bf3b7b28849f05ef24930b553094cc851
2014-08-07 14:01:30 +02:00
Lionel Sambuc
957a365668 Removing the ast account
We used to have an account "ast" as a token to Andrew S. Tannebaum,
the creator of MINIX. The account was disable by default, with no
possible way to login.

It seems it generates more confusion than it is worth, so this removes it.

The default skeleton user profile is still stored into /etc/ast instead
of the usual /etc/skel.

Change-Id: I71818c0bb9580cdecfa9621f8693586fc48d17cb
2014-08-07 13:19:17 +02:00
Lionel Sambuc
50a1aef12b Move all services to /service
This concerns all services, a.k.a drivers, filesystem drivers, network
(inet, lwip, uds) servers, and the system servers.

Change-Id: I626fd15c795e15af42df2d10d47fb4a703665d63
2014-07-31 16:00:31 +02:00
Lionel Sambuc
4684ddb6aa LLVM Minix changes
- import libcxx
 - reduce targets to the one when compiled as a tools

Change-Id: Iabb8427f80ff8e89463559a28bcb8b4f2bdbc496
2014-07-28 17:05:59 +02:00
Lionel Sambuc
f4a2713ac8 Importing netbsd clang -- pristine
Change-Id: Ia40e9ffdf29b5dab2f122f673ff6802a58bc690f
2014-07-28 17:05:57 +02:00
Kees Jongenburger
eaa642e09d Adding an initial ddekit test.
Change-Id: I0522449bb7bbbb23efc132ede3a02da95efe0326
2014-07-28 17:05:22 +02:00
Thomas Cort
2f98b65abf Importing games/tetris
No Minix specific changes needed.

Change-Id: Ia6a2d9d2192ae0cee29e395aa42271005c6179c2
2014-07-28 17:05:20 +02:00
Thomas Cort
bd0f8badfa Importing games/fortune
Replaces commands/fortune. No Minix specific changes needed.

Change-Id: Iac79ea82dedd12e80377c85954da5e2d8eee74af
2014-07-28 17:05:16 +02:00
Thomas Cort
0819c9f89b Importing games/adventure
No Minix specific changes needed.

Change-Id: I6826d660c60a9e01676e21ef9b95d27e64a67aa5
2014-07-28 17:05:16 +02:00
Lionel Sambuc
84d9c625bf Synchronize on NetBSD-CVS (2013/12/1 12:00:00 UTC)
- Fix for possible unset uid/gid in toproto
 - Fix for default mtree style
 - Update libelf
 - Importing libexecinfo
 - Resynchronize GCC, mpc, gmp, mpfr
 - build.sh: Replace params with show-params.
     This has been done as the make target has been renamed in the same
     way, while a new target named params has been added. This new
     target generates a file containing all the parameters, instead of
     printing it on the console.
 - Update test48 with new etc/services (Fix by Ben Gras <ben@minix3.org)
     get getservbyport() out of the inner loop

Change-Id: Ie6ad5226fa2621ff9f0dee8782ea48f9443d2091
2014-07-28 17:05:06 +02:00
Lionel Sambuc
a6e7b85835 align include/paths: MAILDIR
Change-Id: Ieb50549f8f27af957f67fcb0757690db88fecc8b
2014-03-03 20:47:01 +01:00
Lionel Sambuc
ff68abe6b3 Remove obsolete compatibility links
* /usr/bin/strip would be replaced by a link, even when compiling
    binutils.
 * Updated minix-spec.h to use the correct dynamic linker, and removed
    the previously used symlinks.
 * Removed the patch to the builtin PATH of ld.elf_so.

Change-Id: I4dc8a7fb77a11638f5105a4e15b6c9be5add750e
2014-03-01 09:04:56 +01:00
David van Moolenbroek
38f7b96048 blocktest: prepare to be run as part of tests
- fail SEF initialization if any of the subtests failed, so that the
  party invoking the "service up" can tell whether the test succeeded;
- add "nocontig" option, because VM isn't particularly good at
  allocating contiguous memory;
- add "silent" option, because it floods the console otherwise;
- allow the device size to be smaller than the maximum transfer size;
- install files to installed test directory.

Change-Id: I45c818f817c11d90c5f94ae26a2fc49e36e6761e
2014-03-01 09:04:53 +01:00
Thomas Cort
37fc2fa18f Importing usr.bin/calendar
No Minix-specific changes needed.

Change-Id: I9e68983104efb20ab8e946df3bce189d99ab2deb
2013-11-12 06:18:01 -05:00
Thomas Cort
60a61dffae weatherstation: BeagleBone Weather Cape demo app.
The BeagleBone Weather cape enhances the BeagleBone's capabilities
by providing environment sensors (temperature, humidity, pressure,
and ambient light level).

The weatherstation demo is a port of the bonescript weatherstation
to Minix. It provides a nice visual display of the sensor data in
a web browser.

The code is installed to /usr/share/beaglebone/weather on 'earm'
and an embedded web server is started at boot time on port 80
when the cape is attached. Further details are provided in the
README.txt file.

Change-Id: I1596a2b66b213762ace26c0c750c8154c76b5c6e
2013-08-26 21:51:32 +02:00
Lionel Sambuc
11be35a165 Importing NetBSD "Kyua" test framework
To do so, a few dependencies have been imported:

 * external/bsd/lutok
 * external/mit/lua
 * external/public-domain/sqlite
 * external/public-domain/xz

The Kyua framework is the new generation of ATF (Automated Test
Framework), it is composed of:

 * external/bsd/atf
 * external/bsd/kyua-atf-compat
 * external/bsd/kyua-cli
 * external/bsd/kyua-tester
 * tests

Kyua/ATF being written in C++, it depends on libstdc++ which is
provided by GCC. As this is not part of the sources, Kyua is only
compiled when the native GCC utils are installed.

To install Kyua do the following:

 * In a cross-build enviromnent, add the following to the build.sh
   commandline: -V MKBINUTILS=yes -V MKGCCCMDS=yes

WARNING:
  At this point the import is still experimental, and not supported
  on native builds (a.k.a make build).

Change-Id: I26aee23c5bbd2d64adcb7c1beb98fe0d479d7ada
2013-07-23 20:43:41 +02:00
Lionel Sambuc
0cdf705cc6 Enable optional GCC install and GCC improvements
-By adding MKGCC=yes and MKGCCCMDS=yes on the make commandline
   it is now possible to compile and install GCC on the system.

   Before doing this, if you are not using the build.sh script,
   you will need to call the fetch scripts in order to retrieve
   the sources of GCC and its dependencies.

 -Reduce difference with NetBSD share/mk

   Move Minix-specific parameters from bsd.gcc.mk to bsd.own.mk,
   which is anyway patched, so that bsd.gcc.mk is now aligned
   on the NetBSD version.

 -Clean libraries dependencies, compiles stdc++ only if gcc is
   also compiled (it is part of the gcc sources)

 -Correct minix.h header sequence, cleanup spec headers.

 -Fix cross-compilation from a 32bit host targeting MINIX/arm

Change-Id: I1b234af18eed4ab5675188244e931b2a2b7bd943
2013-07-12 14:22:03 +02:00
Lionel Sambuc
c566d4623b Allow install of binutils and import texinfo
- Enable installing binutils from the base system.

 - Import texinfo which is required for the binutils tools
   to be compiled.

 - Also adapted the fetch rules to correctly generate the
   gitignore files for gcc, and allow the case of multiple
   modules in the same directory, as found in gnu/dist.

Warning: This patch has an entry in docs/UPDATING

Change-Id: Ib781734e8fd7f9c6265fa65d62ba2cf3fccbc5ba
2013-07-12 14:18:08 +02:00
Anton Kuijsten
2e3046757a LLVM bitcode for almost the whole source tree
Change-Id: Ibc6f89de112e0649c3a3bfe49c2baa2ed0746212
2013-06-18 10:49:53 +02:00
Lionel Sambuc
154b6d7486 Fix symlink issue when generating an ARM image
A few symlinks were pointing to a nonexistent file named '(null)'
instead of their intended target. This was only seen when using the
arm_sdimage.sh script.

There is two ways of specifying links and directories. the first one
using an entry in one of the mtree files, and the second one in
/etc/Makefile.

Those entries where doubled, and one of them would specify some rights,
while the other had the target.

By removing those entries, I make sure there is only one definition of
these symlinks, which solves the problem I was seeing on an ARM image.

These symlinks are still present on a generated system, as they are
required.

Change-Id: I9ced8860f72d7c4d686a09720de4d8257d6e04fa
2013-05-24 11:08:15 +02:00
Lionel Sambuc
a212fd1ba5 Install default users directly
Install /home/ast and /home/bin as part of the system build procedure,
as the setup script is not ran on the arm image.

/home/bin is needed for successful completion of our test suite.

This patch does not change the setup script, as it is not bothered by
those files/directiories being already there, and may be useful during
reinstallation on intel systems.

Change-Id: I358c881df09223c343442673aa0822937f9ea33c
2013-03-13 10:43:40 +01:00
Lionel Sambuc
5180c3cfb9 Installing posix tests in /usr/tests/minix-posix
The goal is to enable anyone to simply run our current test suite.

Change-Id: I27d8856cb82a4be2baa5dc5273526383b7f4fc2c
2013-03-13 10:43:16 +01:00
Antoine Leca
be93a3e156 Fix permissions for term(1)
LSC: Small correction, using the group name is not secure in cross-build
     setups, replaced by the numerical gid to ensure proper operation.

Change-Id: I7657b77f29eaa513fe24d8c4e2eb6de9afd53950
2013-02-27 11:35:10 +01:00
Ben Gras
4d09b8408a compile & install the unixbenchmark netbsd style
for convenient crosscompiling & running.

Change-Id: I7dfcea109c00e1457f9de9b2e6437fe6cf925ba7
2013-02-22 12:49:56 +01:00
Lionel Sambuc
3e1db26a5a Termcap update, replacing elvis by nvi.
Removing elvis, importing nvi, ctags, updating libedit.

Change-Id: I881eb04d2dc64cf112facd992de1114e1a59107f
2013-01-24 07:44:38 +01:00
Lionel Sambuc
420b1799d9 Fix wrong access permission on /tmp and /usr/tmp
With the build system upgrade, the list of system directories was
recreated, and the sticky bit was forgotten.

Change-Id: Ie2f2241734dde9f1e217cd38588296dc21d07b81
2012-11-19 16:44:38 +01:00
Lionel Sambuc
9152e1c5a7 Upgrading build system to new NetBSD revision
The tested targets are the followgin ones:
 * tools
 * distribution
 * sets
 * release

The remaining NetBSD targets have not been disabled nor tested
*at all*. Try them at your own risk, they may reboot the earth.

For all compliant Makefiles, objects and generated files are put in
MAKEOBJDIR, which means you can now keep objects between two branch
switching. Same for DESTDIR, please refer to build.sh options.

Regarding new or modifications of Makefiles a few things:
 * Read share/mk/bsd.README
 * If you add a subdirectory, add a Makefile in it, and have it called
   by the parent through the SUBDIR variable.
 * Do not add arbitrary inclusion which crosses to another branch of
   the hierarchy; If you can't do without it, put a comment on why.
   If possible, do not use inclusion at all.
 * Use as much as possible the infrastructure, it is here to make
   life easier, do not fight it.

Sets and package are now used to track files.
We have one set called "minix", composed of one package called "minix-sys"
2012-11-15 16:07:29 +01:00
Lionel Sambuc
e415d48872 Libc update to simplify merge.
Bumping libc files for unsupported architectures, to simplify merging.
A bunch of small fixes:
 * in libutil update
 * the macro in endian.h
 * some undefined types due to clear separation from host.
 * Fix a warning for cdbr.c

Some modification which were required for the new build system:
 * inclusion path for const.h in sconst, still hacky
 * Removed default malloc.c which conflicts on some occasions.
2012-11-15 16:07:29 +01:00
Lionel Sambuc
6ab1df59f6 Fixed up new mtree description file NetBSD.dist.base (removed end of line spaces, added a few missing directories)
Fixed lchflags error under MINIX3 as host OS

Change-Id: I00f708e82753fdae85ac54bc903db06a7775ab5a
2012-10-24 13:42:44 +02:00
Kees Jongenburger
c9b3bd9d45 Add a /sys entry to minix.mtree 2012-07-05 11:09:40 +02:00
Kees Jongenburger
c755b5784a Cleanup minix.mtree.
Use consistent indenting and sort entries alphabetically.
2012-07-05 11:07:25 +02:00
Kees Jongenburger
eecd451343 Adding a symlink from /usr/bin/strip to /usr/pkg/bin/strip.
When calling the new install with the -s (strip) argument it will
use the hard coded /usr/bin/strip unless a STRIP environment is set.
2012-06-19 16:30:02 +02:00
Thomas Veerman
d642d5508f Create cc symlink to clang 2012-06-18 10:53:22 +00:00
Kees Jongenburger
6417d3e064 Add devmand configuration to /etc. 2012-06-18 09:30:45 +02:00
Ben Gras
4b999f1962 build shared versions of libraries
building defaults to off until clang is updated.

current clang does not handle -shared, necessary to change the ld
invocation to build shared libraries properly. a new clang should be
installed and MKPIC defaults to no unless the newer clang is detected.

changes:

	. mainly small imports of a Makefile or two and small fixes
	  (turning things back on that were turned off in Makefiles)
	. e.g.: dynamic librefuse now depends on dynamic
	  libpuffs, so libpuffs has to be built dynamically too
	  and a make dependency barrier is needed in lib/Makefile
	. all library objects now have a PIC (for .so) and non-PIC
	  version, so everything is built twice.
	. generate PIC versions of the compat (un-RENAMEd) jump files,
	  include function type annotation in generated assembly
	. build progs with -static by default for now
	. also build ld.elf_so
	. also import NetBSD ldd
2012-04-16 05:21:20 +02:00
Ben Gras
75839b75a1 drop /usr/lib/advent dir (no more advent) 2012-03-29 16:54:21 +02:00
Ben Gras
5737b690dc import NetBSD /usr/share/misc/
. for /usr/share/misc/style, NetBSD coding style
	. and for indent.pro (style-compatible indent(1) indenting profile)
2012-03-23 16:27:59 +01:00
Ben Gras
5a645f22a8 gzip boot modules.
. import gzip
2012-02-17 12:32:35 +00:00