acpi_pci: Add quirk for PSTAT_PME-before-detach

In order to signal to Graviton [123] systems that a device is ready
to be "ejected" (after a detach request is made via the EC2 API) we
need to set PC

acpi_pci: Add quirk for PSTAT_PME-before-detach

In order to signal to Graviton [123] systems that a device is ready
to be "ejected" (after a detach request is made via the EC2 API) we
need to set PCIM_PSTAT_PME to 1 and PCIM_PSTAT_PMEENABLE to 0. We are
not aware of any rationale for this requirement beyond "another OS
kernel happens to do this", i.e. this is effectively bug-for-bug
compatibility.

Arguably this should be done by the ACPI _EJ0 method on these systems,
but it is not.

Create a new ACPI_Q_CLEAR_PME_ON_DETACH quirk and set it in EC2 AMIs,
and add the PCI register write to acpi_pci_device_notify_handler when
that quirk is set.

Reviewed by: jhb
MFC after: 1 month
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D49146

show more ...

release: Chase location of pkg repo databases

pkg used to store copies of upstream repository databases in
/var/db/pkg/repo-*.sqlite. About a year ago this was moved to
/var/db/pkg/repos/*/, result

release: Chase location of pkg repo databases

pkg used to store copies of upstream repository databases in
/var/db/pkg/repo-*.sqlite. About a year ago this was moved to
/var/db/pkg/repos/*/, resulting in FreeBSD cloud images no longer
having those (unhelpful since they'll be long out of date before
the cloud images are launched) databases removed.

Remove the correct location, and hope that future pkg updates don't
break the base system again.

Sponsored by: Amazon

show more ...

ACPI: Add ACPI_Q_AEI_NOPULL quirk and use in EC2

AWS Graviton [1234] systems have a bug in their ACPI where they mark
the PL061's GPIO pins as needing to be configured in PullUp mode (in
fact the PL

ACPI: Add ACPI_Q_AEI_NOPULL quirk and use in EC2

AWS Graviton [1234] systems have a bug in their ACPI where they mark
the PL061's GPIO pins as needing to be configured in PullUp mode (in
fact the PL061 has no pullup/pulldown resistors); this flag needs to
be removed in order for _AEI objects to be handled on these systems.

Reviewed by: Ali Saidi
MFC after: 1 week
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D47239

show more ...

EC2: Disable floppy and parallel port devices

PR: 233861
Reviewed by: lwhsu, imp
Differential Revision: https://reviews.freebsd.org/D18482

EC2: Set entropy_efi_seed_size to 64

This dramatically improves boot speeds on Graviton 2 instances.

MFC after: 1 week
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D46636

EC2: Disable RSA host key generation for sshd

These are largely obsolete, and generating them is responsible for
over 10% of the total boot time of EC2 instances.

Sponsored by: Amazon
Differential

EC2: Disable RSA host key generation for sshd

These are largely obsolete, and generating them is responsible for
over 10% of the total boot time of EC2 instances.

Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D46638

show more ...

EC2: Make amazon-ssm-agent optional

Move it from VM_EXTRA_PACKAGES in ec2.conf to VM_EXTRA_PACKAGES in
ec2-{base,cloud-init}.conf

Sponsored by: Amazon
Differential Revision: https://reviews.freebsd

EC2: Make amazon-ssm-agent optional

Move it from VM_EXTRA_PACKAGES in ec2.conf to VM_EXTRA_PACKAGES in
ec2-{base,cloud-init}.conf

Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D46508

show more ...

EC2: Move network config into a separate function

Having the "base" FreeBSD network configuration (aka. what is used
when not using cloud-init) in ec2.conf will allow us to reuse it in
other AMIs.

EC2: Move network config into a separate function

Having the "base" FreeBSD network configuration (aka. what is used
when not using cloud-init) in ec2.conf will allow us to reuse it in
other AMIs.

Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D46507

show more ...

EC2: Bump AMI size to 8 GB

8 GB root disk images make FreeBSD/EC2 boot much faster than 6 GB
root disk images.

MFC after: 2 days
Sponsored by: Amazon

release: Rework vm_extra_pre_umount

The vm_extra_pre_umount function in vmimage.subr served two purposes:
It removed /etc/resolv.conf and /qemu (if cross-building), and it
provided a function for cl

release: Rework vm_extra_pre_umount

The vm_extra_pre_umount function in vmimage.subr served two purposes:
It removed /etc/resolv.conf and /qemu (if cross-building), and it
provided a function for cloudware to override in order to make cloud
specific changes to the filesystem before constructing a disk image.

This resulted in a number of bugs:
1. When cross-building, the emulator binary was left as /qemu in the
Azure, GCE, Openstack and Vagrant images.
2. The build host's resolv.conf was left as /etc/resolv.conf in the
basic-ci and basic-cloudinit images.
3. When building GCE images, a Google-specific resolv.conf file was
constructed, and then deleted before the disk image was created.

Move the bits needed for running code inside a VM staging directory
from vm_install_base into a new vm_emulation_setup routine, and move
the corresponding cleanup bits from vm_extra_pre_umount to a new
vm_emulation_cleanup routine.

Remove the /qemu and /etc/resolv.conf cleanups from the cloudware
configuration files (where they exist) since we will now be running
vm_emulation_cleanup to remove those even when vm_extra_pre_umount
has been overridden.

Override vm_emulation_cleanup in gce.conf since in that one case (and
*only* that one case) we don't want to clean up resolv.conf (since it
was constructed for the VM image rather than copied from the host).

releng/14.1 candidate.

MFC after: 1 week
Sponsored by: https://www.patreon.com/cperciva

show more ...

EC2: Bump AMI size to 6 GB

This week's cloud-init ZFS snapshots ran out of disk space.

EC2: Split off reusable configuration bits

Split ec2-base.conf into ec2-base.conf and a reusable ec2.conf,
similar to how Vagrant flavours share a common vagrant.conf.

releng/14.0 candidate.

Discu

EC2: Split off reusable configuration bits

Split ec2-base.conf into ec2-base.conf and a reusable ec2.conf,
similar to how Vagrant flavours share a common vagrant.conf.

releng/14.0 candidate.

Discussed with: gjb
MFC after: 5 days
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D41792

show more ...

release/ec2: Remove references to portsnap

We no longer install a default portsnap.conf, so the sed invocation just
generates an error.

Reviewed by: cperciva
MFC after: 1 week
Differential Revision

release/ec2: Remove references to portsnap

We no longer install a default portsnap.conf, so the sed invocation just
generates an error.

Reviewed by: cperciva
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D42003

show more ...

Remove $FreeBSD$: one-line sh pattern

Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/

EC2: Chase awscli package rename

MFC after: 1 week

release: Add support for creating ZFS-based VM images

The change extends vmimage.subr to handle a new parameter, VMFS, which
should be equal to either "ufs" or "zfs". When it is set to ZFS, we use

release: Add support for creating ZFS-based VM images

The change extends vmimage.subr to handle a new parameter, VMFS, which
should be equal to either "ufs" or "zfs". When it is set to ZFS, we use
makefs to create a bootable pool populated using the same dataset layout
as bsdinstall and "poudriere image" use. The pool can be grown using
the growfs rc.d script, just as in UFS images.

This will make it easy to provide VM and cloud images with ZFS as the
root filesystem. So far I did not do extensive testing of cloud images;
I merely verified that creation of ZFS-based AWS AMIs works and allows
me to create amd64 and arm64 EC2 instances with ZFS as the root
filesystem.

Reviewed by: emaste, gjb
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34426

show more ...

EC2: Enable ephemeral swap by default

The latest version of the ec2-scripts package includes a completely
rewritten "use EC2 ephemeral disks for swap space" script. Now that
we have something which

EC2: Enable ephemeral swap by default

The latest version of the ec2-scripts package includes a completely
rewritten "use EC2 ephemeral disks for swap space" script. Now that
we have something which works on recent versions of FreeBSD, turn it
on since it's a great way to use the ephemeral disks.

Note that the option for controlling this, ec2_ephemeral_swap_enable,
is not the same as the option (ec2_ephemeralswap_enable) used with the
previous ephemeral-swap script; this change was deliberate to avoid
astonishment for users who upgraded their ec2-scripts package and had
a setting left behind in rc.conf.

show more ...

release: Remove references to ChallengeResponseAuthentication

This sshd_config keyword was replaced by KbdInteractiveAuthentication in
openssh 8.7, though ChallengeResponseAuthentication is silently

release: Remove references to ChallengeResponseAuthentication

This sshd_config keyword was replaced by KbdInteractiveAuthentication in
openssh 8.7, though ChallengeResponseAuthentication is silently accepted
as an alias. However, this means that the code in ec2.conf which
modifies a commented-out line no longer does anything. Apply a minimal
fix.

Reviewed by: cperciva, emaste
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34400

show more ...

EC2: Turn off IPv6 DAD

Disable Duplicate Address Detection in EC2 instances. The networking
configuration in EC2, with IPv6 addresses assigned by DHCPv6 and
host egress filtering, makes "duplicate

EC2: Turn off IPv6 DAD

Disable Duplicate Address Detection in EC2 instances. The networking
configuration in EC2, with IPv6 addresses assigned by DHCPv6 and
host egress filtering, makes "duplicate addresses" impossible.

This speeds up the boot process in EC2 by 2 seconds.

Reviewed by: kp, imp, bz
MFC after: 2 weeks
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D33091

show more ...

release: allow VM_EXTRA_PACKAGES to be specified in the environment

This is useful for adding extra packages to the build of an AMI.
For example:
env VM_EXTRA_PACKAGES="zsh" make -C release ec2ami

release: allow VM_EXTRA_PACKAGES to be specified in the environment

This is useful for adding extra packages to the build of an AMI.
For example:
env VM_EXTRA_PACKAGES="zsh" make -C release ec2ami

Approved by: gjb
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")

show more ...

EC2: Tell gptboot to skip its 3 second wait

Nobody is going to hit a key to tell gptboot to select another disk,
so there's no point waiting.

release: fix VMSIZE following 1ca8842f3ad9

truncate(1) is not case-sensitive with regard to setting the size
of a file. makefs(8), however, does not honor upper-case values.
Update release-specific

release: fix VMSIZE following 1ca8842f3ad9

truncate(1) is not case-sensitive with regard to setting the size
of a file. makefs(8), however, does not honor upper-case values.
Update release-specific files and the release(7) manual page to
reflect this.

MFC with: 1ca8842f3ad9
Submitted by: ehem_freebsd_m5p.com (original)
Differential Review: https://reviews.freebsd.org/D28979
Sponsored by: Rubicon Communications, LLC ("Netgate")

show more ...

Spawn the DHCPv6 client in EC2 instances via rtsold.

Prior to this commit, EC2 AMIs used a "dual-dhclient" tool which was
launched in place of dhclient and spawned both the base system dhclient
for

Spawn the DHCPv6 client in EC2 instances via rtsold.

Prior to this commit, EC2 AMIs used a "dual-dhclient" tool which was
launched in place of dhclient and spawned both the base system dhclient
for IPv4 and the ISC dhclient from ports for IPv6.

Now that rtsold supports the "M bit" (managed configuration), we can go
back to having the base system dhclient spawned normally, and provide a
script to rtsold which spawns the ISC dhclient from ports when rtsold
decides that it is appropriate.

Thanks to: bz
MFC after: 1 week
Sponsored by: https://www.patreon.com/cperciva

show more ...

Bump the size of EC2 AMIs up to 5 GB.

The FreeBSD base system continues to expand. 4GB is now insufficient;
we passed 3 GB in May 2019; we passed 2 GB in August 2017. Over half
of the disk space u

Bump the size of EC2 AMIs up to 5 GB.

The FreeBSD base system continues to expand. 4GB is now insufficient;
we passed 3 GB in May 2019; we passed 2 GB in August 2017. Over half
of the disk space used is in /usr/lib/debug/.

Without this change, instances boot but are unusable, since the first
thing which breaks when VM filesystems are too small is the "pkg install"
in the VM building process.

show more ...

Make EC2 AMIs use portsnap and freebsd-update mirrors hosted in AWS

This adjusts freebsd-update.conf and portsnap.conf files in EC2 AMIs to
point at the new AWS-hosted mirror network.

Approved by:

Make EC2 AMIs use portsnap and freebsd-update mirrors hosted in AWS

This adjusts freebsd-update.conf and portsnap.conf files in EC2 AMIs to
point at the new AWS-hosted mirror network.

Approved by: re (delphij)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D25498

show more ...