Commit Graph

16837 Commits

Author SHA1 Message Date
HardenedBSD Sync Services
4e6b40e857
Merge branch 'freebsd/current/main' into hardened/current/master 2024-11-21 12:01:53 -07:00
Colin Percival
e8263ace39 release: Don't break if firmware install fails
On some platforms (e.g. powerpc) we don't have packages, so we can't
install them onto the ISOs.  Proceed with building the images anyway.

Reported by:	Weekly snapshot builds
Fixes:	7e2996c1f5 ("release: install wireless firmware onto disc1 and dvd")
MFC after:	1 minute
2024-11-20 22:13:24 -08:00
Bjoern A. Zeeb
7e2996c1f5 release: install wireless firmware onto disc1 and dvd
Wireless driver firmware is no longer added to the src tree.
In order to have wireless support in the installer for the new drivers
we install the firmware packages onto disc1 (and memstick) and dvd
if built on FreeBSD and NOPKG is not defined (to not break cross-builds
from Linux or OSX and to allow people to opt-out).

Sponsored by:	The FreeBSD Foundation
Submitted by:	cperciva (the orig. commands and where to place them)
Reviewed by:	jrtc27
MFC after:	6 hours
Differential Revision: https://reviews.freebsd.org/D47407
2024-11-20 13:05:04 +00:00
Baptiste Daroussin
9229236fb9 basic-cloudinit: remove duplicated rc.conf entry 2024-11-20 09:48:57 +01:00
HardenedBSD Sync Services
e9da7d714e
Merge branch 'freebsd/current/main' into hardened/current/master 2024-11-19 06:01:23 -07:00
Doug Rabson
ca1f1d2c94 release: Add missing dependencies in the minimal OCI image
The pkg-bootstrap binary depends on fetch.

Reviewed by:	cperciva, emaste, bapt
Differential Revision:	https://reviews.freebsd.org/D47661
MFC after:	1 day
2024-11-19 10:39:14 +00:00
HardenedBSD Sync Services
d028432388
Merge branch 'freebsd/current/main' into hardened/current/master 2024-11-17 18:01:30 -07:00
Colin Percival
d54fdd1663 release: Remove empty suffix from file names
For "release" builds (as opposed to "snapshot" builds -- in this
context BETAs and RCs are "releases") ${SNAP_SUFFIX} is empty; but it
stuck into some ociimages filenames via a copy-and-paste error.

The final filenames on the download mirrors were not affected, so
this does not need to be merged to releng/14.2.

MFC after:	3 days
Sponsored by:	Amazon
2024-11-17 16:18:20 -08:00
HardenedBSD Sync Services
4a5922fa63
Merge branch 'freebsd/current/main' into hardened/current/master 2024-11-15 18:01:27 -07:00
Colin Percival
976e1d36be release: Don't copy container images into /ftp/
These are installed into /ociimages/ and stage onto the download site
at /OCI-IMAGES/; they don't belong in the same directory as the
"distribution" .txz files.

Fixes:		d03c82c28d ("release: add optional OCI images")
MFC after:	1 minute
Sponsored by:	Amazon
2024-11-15 13:51:47 -08:00
HardenedBSD Sync Services
d9a49a2481
Merge branch 'freebsd/current/main' into hardened/current/master 2024-11-14 18:01:26 -07:00
Colin Percival
47866cdcc7 release: Exclude container images from globs
We use a *.txz glob to get all of the "distributions" which comprise
the FreeBSD release, but we now (optionally) also build container
images which are .txz files.  Grep those out from the distribution
lists.

A better long-term fix would probably be to generate an explicit list
of the .txz files we want rather than using an overbroad glob and
filtering out the files we *don't* want.

Fixes:		d03c82c28d ("release: add optional OCI images")
MFC after:	1 minute
Sponsored by:	Amazon
2024-11-14 14:30:44 -08:00
Shawn Webb
9d70082750
Merge remote-tracking branch 'internal/freebsd/current/main' into hardened/current/master
Conflicts:
	sys/conf/kern.mk (unresolved)
	sys/modules/vmm/Makefile (unresolved)
2024-11-13 14:15:30 -07:00
Colin Percival
e95e3e6eb7 release: Publish OCI images on "ftp" mirrors
If WITH_OCIIMAGES is set, "make ftp-stage" will now publish those bits
into a directory under /OCI-IMAGES/, similar to how we publish CI and
VM images.

MFC after:	1 minute
2024-11-12 22:36:14 -08:00
Shawn Webb
c454fe6a2b
Merge remote-tracking branch 'internal/freebsd/current/main' into hardened/current/master
Conflicts:
	lib/libclang_rt/Makefile.inc (unresolved)
	lib/libprocstat/Makefile (unresolved)
	share/mk/bsd.opts.mk (unresolved)
	stand/defs.mk (unresolved)
	targets/pseudo/bootstrap-tools/Makefile (unresolved)
2024-11-12 12:45:21 -07:00
Ed Maste
3750ccefb8 Retire MK_PROFILE infrastructure
It was disabled by default in fe52b7f60e.  We planned to (but did not)
remove the option before FreeBSD 14.  Remove it now, for FreeBSD 15.

Relnotes:	Yes
Reviewed by:	imp
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D31558
2024-11-12 12:11:51 -05:00
HardenedBSD Sync Services
83ca57e816
Merge branch 'freebsd/current/main' into hardened/current/master 2024-11-10 18:01:21 -07:00
Bjoern A. Zeeb
2483a2d368 release: add wifi-firmware-kmod@release to ship as package
Rather than adding the rtw88 package add the flavored port for all the
supported wireless drivers we recently added support for.

Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
Pointed out by:	cperciva (as part of the set of changes)
Reviewed by:	cperciva (#releng)
Differential Revision: https://reviews.freebsd.org/D47406
2024-11-10 19:00:55 +00:00
HardenedBSD Sync Services
6722c4435b
Merge branch 'freebsd/current/main' into hardened/current/master 2024-11-08 12:01:23 -07:00
Doug Rabson
d03c82c28d release: add optional OCI images
This adds three OCI archive format files to the release containing
FreeBSD base images suitable for static linked, dynamic linked and shell
workloads. The shell image also contains pkg-bootstrap and can be easily
extended by installing packages (including pkgbase packages).

Reviewed by: dch, cpersiva, jlduran, zlei
Differential Revision: https://reviews.freebsd.org/D46759
MFC after: 2 days
2024-11-08 13:23:08 +00:00
HardenedBSD Sync Services
d8f6667f0d
Merge branch 'freebsd/current/main' into hardened/current/master 2024-11-06 18:01:24 -07:00
Colin Percival
e166fea685 release: Remove useless ls
Replace "$((ls *.txz))" with "*.txz"

Reported by:	jrtc27
2024-11-06 14:26:09 -08:00
HardenedBSD Sync Services
c29671676d
Merge branch 'freebsd/current/main' into hardened/current/master 2024-11-05 18:01:26 -07:00
Colin Percival
cdfd0600dc release: Include -dbg files in dvd image
In 2016, commit 8834318685 reworked the code for excluding -dbg
files from install media, and in the process accidentally broke it
for dvd images ('grep -v' should have been 'grep -vE').

FreeBSD Update builds later began to depend on this, and in any case
since DVD images are intended as "include everything" images there's
no point excluding those; so remove the (broken) filtering from DVD
image builds.

Sponsored by:	Amazon
MFC after:	2 days
2024-11-05 13:39:38 -08:00
HardenedBSD Sync Services
88096e5b99
Merge branch 'freebsd/current/main' into hardened/current/master 2024-11-01 18:01:23 -06:00
Jose Luis Duran
6baae68d7f
release: Remove binutils
Reviewed by:	mhorne, emaste
Approved by:	emaste (mentor)
Fixes:	74e8d41e0a
MFC after:	1 week
Pull Request:	https://github.com/freebsd/freebsd-src/pull/1485
2024-11-01 16:49:51 +00:00
HardenedBSD Sync Services
e9febb69b1
Merge branch 'freebsd/current/main' into hardened/current/master 2024-10-31 18:01:48 -06:00
Dave Cottlehuber
89311e6f98 release: increase VMSIZE for Oracle images
While OK for 14.x, both 13.x and 15.0 are failing in snapshot
builds.

Reported by:	cperciva
Sponsored by:	SkunkWerks, GmbH

Reviewed by:	emaste
Approved by:	cperciva
Differential Revision:	https://reviews.freebsd.org/D47285
2024-10-31 20:47:15 +00:00
HardenedBSD Sync Services
0098bac16d
Merge branch 'freebsd/current/main' into hardened/current/master 2024-10-26 00:01:47 -06:00
Colin Percival
2f3f867ac6 ACPI: Add ACPI_Q_AEI_NOPULL quirk and use in EC2
AWS Graviton [1234] systems have a bug in their ACPI where they mark
the PL061's GPIO pins as needing to be configured in PullUp mode (in
fact the PL061 has no pullup/pulldown resistors); this flag needs to
be removed in order for _AEI objects to be handled on these systems.

Reviewed by:	Ali Saidi
MFC after:	1 week
Sponsored by:	Amazon
Differential Revision:	https://reviews.freebsd.org/D47239
2024-10-25 19:34:56 -07:00
HardenedBSD Sync Services
85ab09b094
Merge branch 'freebsd/current/main' into hardened/current/master 2024-10-25 12:01:49 -06:00
Dave Cottlehuber
c611041660 release: tweak Oracle Cloud settings
- use raw image disk type and enable zfs, this yields smaller
  images for upload after using native qcow2 + zstd compression

Reviewed by:	lwhsu, emaste
Differential Revision:	https://reviews.freebsd.org/D47055
MFC after:	3 days
Approved by:	emaste
2024-10-25 15:13:20 +00:00
HardenedBSD Sync Services
f512e3bce6
Merge branch 'freebsd/current/main' into hardened/current/master 2024-10-15 06:01:41 -06:00
Dave Cottlehuber
1be84d745b release: move OCI to ORACLE
This allows future releng tooling to use OCI for the industry
standard Open Container Initiative tooling, reducing potential
for confusion.

Approved by:	cperciva
Reviewed by:	emaste
Differential Revision:	https://reviews.freebsd.org/D46975

MFC after:	3 days
Sponsored by:	SkunkWerks, GmbH
2024-10-15 09:28:12 +00:00
HardenedBSD Sync Services
e58a64e99e
Merge branch 'freebsd/current/main' into hardened/current/master 2024-10-13 00:01:30 -06:00
James Wright
a0018c65a7 EC2: Disable floppy and parallel port devices
PR:	233861
Reviewed by:	lwhsu, imp
Differential Revision:	https://reviews.freebsd.org/D18482
2024-10-12 22:43:33 -07:00
HardenedBSD Sync Services
3d2a9665c5
Merge branch 'freebsd/current/main' into hardened/current/master 2024-10-09 12:01:30 -06:00
Baptiste Daroussin
b22be3bbb2 release: basic-cloudinit disable rsa key 2024-10-09 15:50:25 +02:00
HardenedBSD Sync Services
8a38e94320
Merge branch 'freebsd/current/main' into hardened/current/master 2024-09-26 06:01:35 -06:00
Jose Luis Duran
120740221f release: basic-cloudinit improve default image
- Add the firstboot-freebsd-update package, as long as we do not have
  pkgbase, this is needed
- Support SLAAC by default to complement DHCPv4 (use SYNCDHP instead)

Signed-off-by: Jose Luis Duran <jlduran@gmail.com>
2024-09-26 13:01:03 +02:00
HardenedBSD Sync Services
e317cb86c3
Merge branch 'freebsd/current/main' into hardened/current/master 2024-09-22 06:01:36 -06:00
Colin Percival
714a6d4368 EC2: Set entropy_efi_seed_size to 64
This dramatically improves boot speeds on Graviton 2 instances.

MFC after:	1 week
Sponsored by:	Amazon
Differential Revision:	https://reviews.freebsd.org/D46636
2024-09-22 00:35:48 -07:00
HardenedBSD Sync Services
c0da032159
Merge branch 'freebsd/current/main' into hardened/current/master 2024-09-20 12:01:37 -06:00
Ahmad Khalifa
599273f942 Copy the new ia32 loader
This handles copying in install-boot.sh and bsdinstall's bootconfig.

install-boot.sh:
make_esp_file now optionally takes extra arguments so it can copy
multiple files. This is used by the amd64 release scripts.
make_esp_device also takes an extra optional argument for efibootname.
This is currently unused, but it can be used in the future to do
something like:
make_esp_device loader.efi bootx64
make_esp_device loader_ia32.efi bootia32

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1098
2024-09-20 08:45:10 -06:00
HardenedBSD Sync Services
84444bdc26
Merge branch 'freebsd/current/main' into hardened/current/master 2024-09-18 06:01:48 -06:00
Colin Percival
0aabcd75db EC2: Disable RSA host key generation for sshd
These are largely obsolete, and generating them is responsible for
over 10% of the total boot time of EC2 instances.

Sponsored by:	Amazon
Differential Revision:	https://reviews.freebsd.org/D46638
2024-09-17 23:47:58 -07:00
HardenedBSD Sync Services
4d251c16e1
Merge branch 'freebsd/current/main' into hardened/current/master 2024-09-04 00:01:57 -06:00
Colin Percival
647299caa0 EC2: Add new "small" AMIs
These are the same as the standard "base" images except:

* They don't have kernel or world debug symbols,
* They don't have FreeBSD tests,
* They don't have 32-bit libraries,
* They don't have LLDB,
* They don't have the Amazon SSM Agent pre-installed,
* They don't default to installing the awscli at first boot.

This reduces the amount of disk space in use when the EC2 instance
finishes booting from ~5 GB to ~1 GB.

Sponsored by:	Amazon
Differential Revision:	https://reviews.freebsd.org/D46509
2024-09-03 22:57:06 -07:00
Colin Percival
40ff0753ab EC2: Make amazon-ssm-agent optional
Move it from VM_EXTRA_PACKAGES in ec2.conf to VM_EXTRA_PACKAGES in
ec2-{base,cloud-init}.conf

Sponsored by:	Amazon
Differential Revision:	https://reviews.freebsd.org/D46508
2024-09-03 22:57:06 -07:00
Colin Percival
f961ddb28d EC2: Move network config into a separate function
Having the "base" FreeBSD network configuration (aka. what is used
when not using cloud-init) in ec2.conf will allow us to reuse it in
other AMIs.

Sponsored by:	Amazon
Differential Revision:	https://reviews.freebsd.org/D46507
2024-09-03 22:57:06 -07:00