This contains the relevant pieces from all the GENERIC* compile directories
(*.o ld.script Makefile gap.S). It also includes the machine/ subdir for
now, to support re-randomizing of gap.S, though other methods are being
investigated. (Any binutils ld.script hackers out there?)
collaboration with rpe
jca points out that all the other interface configuration tools live
there (like ifconfig or dhclient). Furthermore it starts so early in
the boot process that /usr might not be mounted yet if it's a nfs
filesystem.
sthen and deraadt agree
reordering of libraries by rc(8). This way machines with very slow disk I/O
have a chance of booting within reasonable time now that libcrypto is also
randomized.
Discussed with various;
input & ok from deraadt ajacoutot
advertisement processing in the kernel.
Go for it!!! deraadt@
additional encouragement to push forward from at least mpi and henning
special thanks to naddy for being an early adopter and finding bugs.
has many small functions without significant local storage, therefore
less tail protection from -fstack-protector-strong to prevent their use
as ROP gadgets. It is used in security contexts. Also many functions
dribble pointers onto the stack, allowing discovery of gadgets via the
fixed relative addresses, so let's randomly bias those.
ok tedu jsing
The rc script will soon need a strategy for skipping this step on
machines with poor IO performance. Or maybe do it less often? However,
I don't see many more libraries we'll do this with, these are the two
most important ones.
of "ok" so the user is warned and has a chance to fix it (most of the time
due to bogus flags). Daemons reaching the timeout without being able to
start are still marked as "failed" (which should also give a clue to the
user that some investigation is needed).
prodded by beck@ a while ago
discussed with and ok sthen@
to know which daemon cannot background themselves (actually we want to
know the opposite, but there are much more). However, it's only needed in
_rc_wait and rc.subr still does its magic without the need to add `&'.
- prevent a daemon from hanging the boot
(typo in your flagsm e.g. httpd_flags=-d)
- make sure we can get the status of a backgrounded daemon instead of always
returning success
Side effect of this is that we can kill a knob! rip rc_bg :-)
Ports will need love, and a second commit is coming for that.
The diff is small yet not trivial so I am committing early in the release
process in one shot so it can easily be reverted if needed. I started working on
this during g2k16 in Cambridge then finished it in Brisbane for a2k17 where
robert@, beck@ and sthen@ agreed it was the correct way to go and I should move
ahead with it post 6.1.
If you see any regression, please talk to me!
when the recursion depth reaches 2*lg(n + 1). This avoids quicksort's
quadratic behavior for pathological input without appreciably
changing the average run time.
side of the array being partitioned to save on stack space. Greater
savings can be gained by choosing recursion for the smaller side
of the partition and eliminating recursion for the larger side.
This also results in a small but measurable performance gain.
OK otto@ schwarze@
done in ifstart(). Remove ipv6autoconf() and replace rtsolif with a boolean
variable V6_AUTOCONF. Replace dhcpif with a boolean variable V4_DHCPCONF.
Both are later used in defaultroute() to decide whether or not to configre
defaultroutes from /etc/mygate.
OK krw@
Now that route are automatically G/C with the address they are attached
to there's no reason to duplicate the kernel's job.
Fix a regression introduced with multipath default routes.
ok deraadt@
use fallback mechanims if unsuccessful.
The design of Linux getrandom is broken. It has an
uninitialized phase coupled with blocking behaviour, which
is unacceptable from within a library at boot time without
possible recovery.
ok deraadt@ jsing@
or carp. Ensure that the noglob option is disabled at the end of
parse_hn_line() and ifstart().
Reported by Christer Solskogen and Stefan Wollny, thanks!