K 10 svn:author V 6 kevans K 8 svn:date V 27 2018-08-04T21:57:17.085496Z K 7 svn:log V 6563 kenv MFC: r335998, r336019, r336026, r336036, r336217, r336335, r336337, r336415-r336416, r336419 As an aside- this has been slightly altered from the version in head to keep the MD and config-static environments mutually exclusive by default. This difference is a one-line change in init_static_kenv to setup the MD environment if the config-static environment is empty or if loader_env.disabled is explicitly set to 0. r335998: kern_environment: use any provided environments, evict hintmode/envmode At the moment, hintmode and envmode are used to indicate whether static hints or static env have been provided in the kernel config(5) and the static versions are mutually exclusive with loader(8)-provided environment. hintmode *can* be reconfigured later to pull from the dynamic environment, thus taking advantage of the loader(8) or post-kmem environment setting. This changeset fixes both problems at once to move us from a semi-confusing state to a consistent state: if an environment file, hints file, or loader(8) environment are provided, we use them in a well-known order of precedence: - loader(8) environment - static environment - static hints file Once the dynamic environment is setup this becomes a moot point. The loader(8) and static environments are merged (respecting the above order of precedence), and the static hints are merged in on an as-needed basis after the dynamic environment has been setup. Hints lookup are changed to respect all of the above. Before the dynamic environment is setup, lookups use the above-mentioned order and fallback to the next environment if a matching hint is not found. Once the dynamic environment is setup, that is used on its own since it captures all of the above information plus any dynamic kenv settings that came up later in boot. The following tangentially related changes were made to res_find: - A hintp cookie is now passed in so that related searches continue using the chain of environments (or dynamic environment) without relying on global state - All three environments will be searched if they actually have valid hints to use, rather than just choosing the first environment that actually had a hint and rolling with that only The hintmode sysctl has been ripped out. static_{env,hints}.disabled are still honored and will disable their respective environments from being used for hint lookups and from being merged into the dynamic environment, as expected. r336019: config(8): De-dupe hint/env vars within a single file r335653 flipped the order in which hints/env files are concatenated to match the order in which vars are processed by the kernel. This is the other hammer to drop. Use nv(9) to de-dupe entries within a single `hint` or `env` file, using the latest value specified for a key. This leaves some duplicates if a variable is specified in multiple hint/env files or via `envvar` in a kernel config, but the reversed order of concatenation (from r335653) makes this a non-issue as the latest-specified version will be seen first. This change also silently rewrote hint bits to use the same sanitization process that ian@ wrote for r335642. To the kernel, hints and env vars are basically the same thing through early boot, then get merged into the dynamic environment once kmem becomes available and the dynamic environment is created. They should be subjected to the same restrictions. libnv has been added to -legacy for the time being to support the build of config(8) with the new cnvlist API. r336026: config(8): Fix broken ABI r336019 introduced ${SRCTOP}/sys to the include paths in order to pull in a new sys/{c,}nv.h. This is wrong, because the build tree's ABI isn't guaranteed to match what's running on the host system. Fix instead by removing -I${SRCTOP}/sys and installing the libnv headers with `make -C lib/libnv includes`... this may or may not get re-worked in the future so that a userland lib isn't installing includes from sys/. r336036: kern_environment: Fix SYSINIT ordering The dynamic environment was being initialized at SI_SUB_KMEM, SI_ORDER_ANY. I added the hint-merging at SI_SUB_KMEM, SI_ORDER_ANY as well in r335998 - this can only work by coincidence. Re-do both to operate at SI_SUB_KMEM + 1, SI_ORDER_FIRST and SI_ORDER_SECOND respectively to be safe. It's sufficiently obfuscated away as to when in SU_SUB_KMEM malloc will be available, and the dynamic environment cannot be relied upon there anyways since it's initialized at SI_ORDER_ANY. r336217: kern_environment: Give the static environment a chance to disable MD env This variable has been given the name "loader_env.disabled" as it's the primary way most people will have an MD environment. This restores the previously-default behavior of ignoring the loader(8) environment, which may be useful for vendor distributions or other scenarios where inheriting the loader environment may be considered a security issue or potentially breaking of a more locked-down environment. As the change to config(5) indicates, disabling the loader environment should not be a choice made lightly since it may provide ACPI hints and other useful things that the system can rely on to boot. An UPDATING entry has been added to mention an upgrade path for those that may have relied on the previous behavior. r336335 by arichardson: No longer install sys/nv.h and sys/cnv.h in lib/libnv/Makefile Use tools/build/Makefile to install the headers into ${WORLDTMP}/legacy instead. Compared to r336026 this has the minor advantage that it avoids unncessary header installation when building the non-bootstrap libnv. r336337: Unconditionally build libnv in legacy Rather than using a config(8) built from new tree linking libnv built on host. r336415: config(8): Add compatibility shims for r335998 Plumb the %VERSREQ from Makefile. through to the rest of config(8). We've recorded the config(8) version that we're calling "the end of envmode and hintmode," and we'll write them out for earlier versions. Later kernel version bumps will remove envmode/hintmode from the kernel as needed, which is OK since the current kernel does not use them at all. These compatibility shims really need to go away when the major version rolls over... r336416: Fix GCC 4.2 build after r336415, proper declaration and prototype r336419: config(8): Invert checks; envmode/hintmode reflect "env provided" Relnotes: yes (maybe) [The loader environment may now be used with the config-static environment by specifying loader_env.disabled=0 in the config-static environment] END