roff(7) dictates that "Each sentence should terminate at the end of an
input line." Instead of doing this, Sortix manpages (incorrectly) used
double-spaces to separate sentences.
Additionally, fix a few small typos.
pkg.use-bootstrap can now be set to true to add a bootstrap phase to
cross-builds. I.e. the package is built for the native platform and
installed to a temporary location, which is in the PATH during the
actual cross-compilation. This feature is useful for some misbehaving
ports that can cross-compile, but require the exact same version of the
software installed locally. The bootstrap build is controlled with the
bootstrap.foo variables rather than the normal pkg.foo variables.
pkg.source-package can now be set to the name of another package, whose
source code is built using the current tixbuildinfo. This feature allows
providing multiple packages using the same source code package. By
default, the source code of the source package is assumed to be in
../${pkg.source-package}, but this can be overridden with the option
--source-directory.
pkg.alias-of can now be set to the name of another package to specify
that this package is an alias of the other package, creating an empty
binary package depending on the real package.
pkg.subdir support has been fixed in the clean and post-install phases.
pkg-config support has been improved and PKG_CONFIG is now set to
$HOST-pkg-config and PKG_CONFIG_FOR_BUILD is set to pkg-config.
tix-build has been refactored as needed and generally cleaned up. Error
handling, such as on allocations, have been added in a lot of cases. The
support for FOO_FOR_BUILD variables have been unified and simplified.
Appending to PATH now correctly handles the empty PATH.
The bootloader will now load the /boot/random.seed file if it exists, in
which case the kernel will use it as the initial kernel entropy. The kernel
warns if no random seed was loaded, unless the --no-random-seed option was
given. This option is used for live environments that inherently have no
prior secret state. The kernel initializes its entropy pool from the random
seed as of the first things, so randomness is available very early on.
init(8) will emit a fresh /boot/random.seed file on boot to avoid the same
entropy being used twice. init(8) also writes out /boot/random.seed on
system shutdown where the system has the most entropy. init(8) will warn if
writing the file fails, except if /boot is a real-only filesystem, and
keeping such state is impossible. The system administrator is then
responsible for ensuring the bootloader somehow passes a fresh random seed
on the next boot.
/boot/random.seed must be owned by the root user and root group and must
have file permissions 600 to avoid unprivileged users can read it. The file
is passed to the kernel by the bootloader as a multiboot module with the
command line --random-seed.
If no random seed is loaded, the kernel attempts a poor quality fallback
where it seeds the kernel arc4random(3) continuously with the current time.
The timing variance may provide some effective entropy. There is no real
kernel entropy gathering yet. The read of the CMOS real time clock is moved
to an early point in the kernel boot, so the current time is available as
fallback entropy.
The kernel access of the random seed module is supposed to be infallible
and happens before the kernel log is set up, but there is not yet a failsafe
API for mapping single pages in the early kernel.
sysupgrade(8) creates /boot/random.seed if it's absent as a temporary
compatibility measure for people upgrading from the 1.0 release. The GRUB
port will need to be upgraded with support for /boot/random.seed in the
10_sortix script. Installation with manual bootloader configuration will
need to load the random seed with the --random-seed command line. With GRUB,
this can be done with: module /boot/random.seed --random-seed
