'Re: allow KARL with config(8)'d kernels'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-tech
Subject:    Re: allow KARL with config(8)'d kernels
From:       Paul de Weerd <weerd () weirdnet ! nl>
Date:       2021-08-31 19:39:22
Message-ID: YS6FasWXSn3dFg9O () despair ! weirdnet ! nl
[Download RAW message or body]

Thank you for the suggestion Theo, I tried to update those two pages,
but a better name did not occur to me.  If anything it points at an
issue in the boot_config page which currently states: 

"Changes made can be saved for the next reboot, by using config(8)."

Although true, this breaks KARL with the user non the wiser (they may
not even be aware of the feature in the first place).  The diff below
talks a little bit about kernel relinking; I'm not sure it should (I
don't think there's mention of this elsewhere .. should it be left
out?).

Anyway, I'm a bit stuck with this project now.  Perhaps Theo's
suggestion /etc/bsd.re-config [1] is the best way to go?  The age-old
axiom of "only two hard problems in computer science" persists:
off-by-one's, cache invalidation .. and naming things :-/

Paul

[1]: https://marc.info/?l=openbsd-tech&m=163024631923964&w=2

Index: ./usr.sbin/config/config.8
===================================================================
RCS file: /home/OpenBSD/cvs/src/usr.sbin/config/config.8,v
retrieving revision 1.71
diff -u -p -r1.71 config.8
--- ./usr.sbin/config/config.8	8 Mar 2021 02:47:29 -0000	1.71
+++ ./usr.sbin/config/config.8	31 Aug 2021 19:17:43 -0000
@@ -65,6 +65,11 @@ Similarly, the same editing can be done 
 using the in-kernel editor,
 as described in
 .Xr boot_config 8 .
+Note that any such edits will be lost during upgrades and prevent a newly
+linked kernel from being installed at boot time.
+For such cases, this process can also be automated during boot using the
+.Xr kernel.conf 5
+configuration file.
 .Pp
 For kernel building, the options are as follows:
 .Bl -tag -width Ds
@@ -436,6 +441,7 @@ was given, else ignore changes).
 .Sh SEE ALSO
 .Xr options 4 ,
 .Xr files.conf 5 ,
+.Xr kernel.conf 5,
 .Xr boot.conf 8 ,
 .Xr boot_config 8
 .Pp
Index: ./share/man/man8/boot_config.8
===================================================================
RCS file: /home/OpenBSD/cvs/src/share/man/man8/boot_config.8,v
retrieving revision 1.31
diff -u -p -r1.31 boot_config.8
--- ./share/man/man8/boot_config.8	6 Sep 2019 21:30:32 -0000	1.31
+++ ./share/man/man8/boot_config.8	31 Aug 2021 19:17:20 -0000
@@ -60,6 +60,12 @@ UKC>
 .Pp
 Changes made can be saved for the next reboot, by using
 .Xr config 8 .
+However, those would not be persisted across system upgrades and would
+prevent kernel relinking.
+To ensure these changes are carried over to upgraded kernels, they can
+be save to the
+.Xr kernel.conf 5
+configuration file.
 .Sh COMMANDS
 .Bl -tag -width "disable devno | dev"
 .It Ic add Ar dev
@@ -189,6 +195,7 @@ Continuing...
 mainbus0 (root)
 .Ed
 .Sh SEE ALSO
+.Xr kernel.conf 5
 .Xr config 8
 .Sh AUTHORS
 .An Mats O Jansson Aq Mt moj@stacken.kth.se

On Sun, Aug 29, 2021 at 07:30:02AM -0600, Theo de Raadt wrote:
| man -k kernel, and man -k ukc, both suggest these are poor names
| for different reasons.
| 
| maybe if you write some diffs to hint at the existance of this mechanism
| in the config(8) and boot_config(8) manual pages, a better name will
| sneak up on us.
| 
| Paul de Weerd <weerd@weirdnet.nl> wrote:
| 
| > Hi Theo,
| > 
| > That's a good point, but I have no better alternative.  kernel.conf
| > was the best I could come up with, as it is a configuration file for
| > the (installed) kernel.  I briefly considered:
| > 
| > - config.conf (after config(8), but seems hilariously worse to me)
| > - ukc.conf (has similar (perhaps even stronger) issues as kernel.conf)
| > 
| > Do others have a good suggestion for the color of this particular bike
| > shed?  Open to suggestions!
| > 
| > Paul
| > 
| > On Sun, Aug 29, 2021 at 07:15:34AM -0600, Theo de Raadt wrote:
| > | I am not thrilled with the name "kernel.conf".
| > | 
| > | It does not seem intuitively discoverable.
| > | 
| > | Paul de Weerd <weerd@weirdnet.nl> wrote:
| > | 
| > | > Got some more positive feedback off-list, which reminded me that
| > | > there's a small piece missing:
| > | > 
| > | > Index: changelist
| > | > ===================================================================
| > | > RCS file: /home/OpenBSD/cvs/src/etc/changelist,v
| > | > retrieving revision 1.128
| > | > diff -u -p -r1.128 changelist
| > | > --- changelist	30 Jul 2021 07:00:02 -0000	1.128
| > | > +++ changelist	29 Aug 2021 12:12:04 -0000
| > | > @@ -56,6 +56,7 @@
| > | >  +/etc/isakmpd/isakmpd.policy
| > | >  /etc/isakmpd/local.pub
| > | >  +/etc/isakmpd/private/local.key
| > | > +/etc/kernel.conf
| > | >  /etc/ksh.kshrc
| > | >  /etc/ldapd.conf
| > | >  /etc/ldpd.conf
| > | > 
| > | > Full diff (including the original diff, the diff to install.sub and
| > | > the above changelist diff) below.  Anything else I overlooked?
| > | > 
| > | > Paul
| > | > 
| > | > Index: distrib/miniroot/install.sub
| > | > ===================================================================
| > | > RCS file: /home/OpenBSD/cvs/src/distrib/miniroot/install.sub,v
| > | > retrieving revision 1.1172
| > | > diff -u -p -r1.1172 install.sub
| > | > --- distrib/miniroot/install.sub	9 Aug 2021 13:56:17 -0000	1.1172
| > | > +++ distrib/miniroot/install.sub	25 Aug 2021 19:42:49 -0000
| > | > @@ -2857,7 +2857,10 @@ finish_up() {
| > | >  		tar -C $_kernel_dir -xzf $_kernel_dir.tgz $_kernel
| > | >  		rm -f $_kernel_dir.tgz
| > | >  		chroot /mnt /bin/ksh -e -c "cd ${_kernel_dir#/mnt}/$_kernel; \
| > | > -			make newbsd; make newinstall"
| > | > +			make newbsd; \
| > | > +			[ -e /etc/kernel.conf ] && \
| > | > +			    config -e -c /etc/kernel.conf -f bsd; \
| > | > +			make newinstall"
| > | >  		) >/dev/null 2>&1 && echo " done." || echo " failed."
| > | >  	fi
| > | >  
| > | > Index: etc/changelist
| > | > ===================================================================
| > | > RCS file: /home/OpenBSD/cvs/src/etc/changelist,v
| > | > retrieving revision 1.128
| > | > diff -u -p -r1.128 changelist
| > | > --- etc/changelist	30 Jul 2021 07:00:02 -0000	1.128
| > | > +++ etc/changelist	29 Aug 2021 12:12:04 -0000
| > | > @@ -56,6 +56,7 @@
| > | >  +/etc/isakmpd/isakmpd.policy
| > | >  /etc/isakmpd/local.pub
| > | >  +/etc/isakmpd/private/local.key
| > | > +/etc/kernel.conf
| > | >  /etc/ksh.kshrc
| > | >  /etc/ldapd.conf
| > | >  /etc/ldpd.conf
| > | > Index: libexec/reorder_kernel/Makefile
| > | > ===================================================================
| > | > RCS file: /home/OpenBSD/cvs/src/libexec/reorder_kernel/Makefile,v
| > | > retrieving revision 1.1
| > | > diff -u -p -r1.1 Makefile
| > | > --- libexec/reorder_kernel/Makefile	21 Aug 2017 21:24:11 -0000	1.1
| > | > +++ libexec/reorder_kernel/Makefile	24 Aug 2021 07:23:38 -0000
| > | > @@ -1,6 +1,7 @@
| > | >  #	$OpenBSD: Makefile,v 1.1 2017/08/21 21:24:11 rpe Exp $
| > | >  
| > | >  SCRIPT=	reorder_kernel.sh
| > | > +MAN=	kernel.conf.5
| > | >  
| > | >  realinstall:
| > | >  	${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m ${BINMODE} \
| > | > Index: libexec/reorder_kernel/kernel.conf.5
| > | > ===================================================================
| > | > RCS file: libexec/reorder_kernel/kernel.conf.5
| > | > diff -N libexec/reorder_kernel/kernel.conf.5
| > | > --- /dev/null	1 Jan 1970 00:00:00 -0000
| > | > +++ libexec/reorder_kernel/kernel.conf.5	24 Aug 2021 07:23:07 -0000
| > | > @@ -0,0 +1,46 @@
| > | > +.\"	$OpenBSD$
| > | > +.\"
| > | > +.\" Copyright (c) 2021 Paul de Weerd <weerd@weirdnet.nl>
| > | > +.\"
| > | > +.\" Permission to use, copy, modify, and distribute this software for any
| > | > +.\" purpose with or without fee is hereby granted, provided that the above
| > | > +.\" copyright notice and this permission notice appear in all copies.
| > | > +.\"
| > | > +.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
| > | > +.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
| > | > +.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
| > | > +.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
| > | > +.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
| > | > +.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
| > | > +.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
| > | > +.\"
| > | > +.Dd $Mdocdate: August 24 2021 $
| > | > +.Dt KERNEL.CONF 5
| > | > +.Os
| > | > +.Sh NAME
| > | > +.Nm kernel.conf
| > | > +.Nd kernel configuration file
| > | > +.Sh DESCRIPTION
| > | > +The
| > | > +.Nm
| > | > +file contains configuration information for the kernel.
| > | > +If present, it is used during system startup to configure the kernel
| > | > +that will be running at the next boot.
| > | > +It can be used to enable or disable specific devices in the kernel.
| > | > +.Sh EXAMPLES
| > | > +To enable the
| > | > +.Xr ipmi 4
| > | > +driver, add the following line to
| > | > +.Nm :
| > | > +.Pp
| > | > +.Dl enable ipmi
| > | > +.Pp
| > | > +See 
| > | > +.Xr config 8
| > | > +for more details on how to configure the kernel.
| > | > +.Sh FILES
| > | > +.Bl -tag -width /etc/kernel.conf -compact
| > | > +.It Pa /etc/kernel.conf
| > | > +Kernel configuration file.
| > | > +.Sh SEE ALSO
| > | > +.Xr config 8
| > | > Index: libexec/reorder_kernel/reorder_kernel.sh
| > | > ===================================================================
| > | > RCS file: /home/OpenBSD/cvs/src/libexec/reorder_kernel/reorder_kernel.sh,v
| > | > retrieving revision 1.9
| > | > diff -u -p -r1.9 reorder_kernel.sh
| > | > --- libexec/reorder_kernel/reorder_kernel.sh	28 Sep 2019 17:30:07 -0000	1.9
| > | > +++ libexec/reorder_kernel/reorder_kernel.sh	24 Aug 2021 07:01:10 -0000
| > | > @@ -63,6 +63,7 @@ fi
| > | >  
| > | >  cd $KERNEL_DIR/$KERNEL
| > | >  make newbsd
| > | > +[ -f /etc/kernel.conf ] && config -e -c /etc/kernel.conf -f bsd
| > | >  make newinstall
| > | >  sync
| > | >  
| > | > 
| > | > -- 
| > | > >++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
| > | > +++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
| > | >                  http://www.weirdnet.nl/                 
| > | > 
| > | 
| > 
| > -- 
| > >++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
| > +++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
| >                  http://www.weirdnet.nl/                 
| > 
| 

-- 
>++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
                 http://www.weirdnet.nl/                 

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic