Entries for foo.debug files matching an existing entry in OLD_FILES or
OLD_LIBS are unnecessary as they are auto-generated.
Reviewed by: imp, emaste
Sponsored by: The University of Cambridge, Google Inc.
Differential Revision: https://reviews.freebsd.org/D33777
(cherry picked from commit ebc1c24695)
Add a POLLRDHUP example to this tool, for comparison with other
operating systems. Also record current output on FreeBSD and Linux.
Reviewed by: kib
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D29757
(cherry picked from commit 18f21f0355)
... to take into account programs and libraries which might implement
some ZFS-specific features without being exclusive to ZFS.
Reviewed by: emaste
Sponsored by: The FreeBSD Foundation
(cherry picked from commit f7f387730e)
This updates llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and
openmp to llvmorg-14.0.4-0-g29f1039a7285, aka 14.0.4 release.
PR: 261742
MFC after: 3 days
(cherry picked from commit 2a66634d1b)
Bump versions llvm-project release/14.x llvmorg-14.0.4-0-g29f1039a7285
Somehow git rebase made this squashed commit disappear. Restore it.
PR: 261742
MFC after: 3 days
(cherry picked from commit ab9d54731f)
Update rest of llvm-project build glue for 14.0.4
I completely forgot about updating the generated llvm-project config
files, which also contain version numbers, etc. Sorry for the churn.
PR: 261742
Fixes: ab9d54731f
MFC after: 3 days
(cherry picked from commit 809922b010)
Add more old clang files to (Optional)ObsoleteFiles.inc
There were a few more libclang_rt libraries added recently, but not yet
listed in the ObsoleteFiles.inc lists.
MFC after: 3 days
(cherry picked from commit 5e383e3603)
Some of the sanitizers from compiler-rt can use ignore lists, which are
loosely modeled on valgrind's example. Upstream provides default lists
for AddressSanitizer, CFI, and MemorySanitizer, so install these in the
expected location, /usr/lib/clang/14.0.3/share.
Reviewed by: emaste
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D35338
(cherry picked from commit 7b6f5ebef6)
This updates llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and
openmp to llvmorg-14-init-18294-gdb01b123d012, the last commit before
the upstream release/14.x branch was created.
PR: 261742
MFC after: 2 weeks
(cherry picked from commit 1fd87a682a)
MFC after: 3 days
Fixes: 13ea0450a9 ("Extend libsecureboot(old libve) to...")
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 729ee78911)
src.conf(5) previously stated they would be removed before FreeBSD 12.0,
but that did not happen. Change it to "a future version of FreeBSD."
Also pick up LOADER_KBOOT change (enabled on x86) in src.conf regen.
Reported by: jhb
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
(cherry picked from commit b7f53cdcf8)
GCC still wants to link against (for example) libc_p.a when -pg is in
use, and it's unclear when and how this will be addressed. Change the
WITH_PROFILE option description to claim that it may be removed from an
unspecified future version of FreeBSD, rather than FreeBSD 14.
Reported by: Steve Kargl
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
(cherry picked from commit f768ecf247)
I intend to move these into lib/libthr/tests/ and connect to kyua. This
is a first step to address warnings emitted when building using standard
make infrastructure.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34306
(cherry picked from commit ef135466f8)
(cherry picked from commit 7bfe5e4515)
Previously algorithms such as AES-CBC would provide an algorithm
without a key size for the smallest key size and additional algorithms
with an explicit key size, e.g. "aes-cbc" (128 bits), "aes-cbc192",
and "aes-cbc256".
Instead, always make the key size name explicit and reuse the
"generic" name to request running tests against all of the key sizes.
For example, for AES-CBC this means "aes-cbc128" is now the name of
the variant with a 128-bit key and "aes-cbc" runs tests of AES-CBC
with all three key sizes.
This makes it easier to run tests on all combinations of ciphers like
AES-GCM or AES-CCM with -z in a single invocation.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33759
(cherry picked from commit 78beb051a2)
Use OLD_FILES for a few symbolic links and static libraries previously
included in OLD_LIBS.
Add a missing shared library major number to an old libroken entry.
(cherry picked from commit 60a8277413)
Use it instead of the existing ctf.h from OpenSolaris. This makes it
easier to use CTF in the core kernel, and to extend the CTF format to
support wider type IDs.
The imported ctf.h is modified to depend only on _types.h, and also to
provide macros which use the "parent" bit of a type ID to refer to types
in a parent CTF container.
No functional change intended.
Reviewed by: Domagoj Stolfa, emaste
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 2d5d2a986c)
When there are multiple devices sharing the same USB vendor and product ID,
the wrong device may be selected. Fix this by also matching the bus and
device address, ugen<X>.<Y> .
Sponsored by: NVIDIA Networking
(cherry picked from commit 16346e1401)
Install headers from LLVM's libunwind in place of the headers from
libcxxrt and allow C applications to use the library.
As part of this, remove include/unwind.h and switch libthr over to
using the installed unwind.h.
Reviewed by: dim, emaste
MFC after: 10 days
Differential Revision: https://reviews.freebsd.org/D34065
(cherry picked from commit c00d345665)
OpenSSH v8.8p1 was motivated primarily by a security update and
deprecation of RSA/SHA1 signatures. It also has a few minor bug fixes.
The security update was already applied to FreeBSD as an independent
change, and the RSA/SHA1 deprecation is excluded from this commit but
will immediately follow.
MFC after: 1 month
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
(cherry picked from commit e9e8876a4d)
(cherry picked from commit 2ffb13149c)
Description of FIDO/U2F support (from OpenSSH 8.2 release notes,
https://www.openssh.com/txt/release-8.2):
This release adds support for FIDO/U2F hardware authenticators to
OpenSSH. U2F/FIDO are open standards for inexpensive two-factor
authentication hardware that are widely used for website
authentication. In OpenSSH FIDO devices are supported by new public
key types "ecdsa-sk" and "ed25519-sk", along with corresponding
certificate types.
ssh-keygen(1) may be used to generate a FIDO token-backed key, after
which they may be used much like any other key type supported by
OpenSSH, so long as the hardware token is attached when the keys are
used. FIDO tokens also generally require the user explicitly
authorise operations by touching or tapping them.
Generating a FIDO key requires the token be attached, and will
usually require the user tap the token to confirm the operation:
$ ssh-keygen -t ecdsa-sk -f ~/.ssh/id_ecdsa_sk
Generating public/private ecdsa-sk key pair.
You may need to touch your security key to authorize key generation.
Enter file in which to save the key (/home/djm/.ssh/id_ecdsa_sk):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/djm/.ssh/id_ecdsa_sk
Your public key has been saved in /home/djm/.ssh/id_ecdsa_sk.pub
This will yield a public and private key-pair. The private key file
should be useless to an attacker who does not have access to the
physical token. After generation, this key may be used like any
other supported key in OpenSSH and may be listed in authorized_keys,
added to ssh-agent(1), etc. The only additional stipulation is that
the FIDO token that the key belongs to must be attached when the key
is used.
To enable FIDO/U2F support, this change regenerates ssh_namespace.h,
adds ssh-sk-helper, and sets ENABLE_SK_INTERNAL (unless building
WITHOUT_USB).
devd integration is not included in this change, and is under
investigation for the base system. In the interim the security/u2f-devd
port can be installed to provide appropriate devd rules.
Reviewed by: delphij, kevans
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32509
(cherry picked from commit e9a994639b)
From https://github.com/Yubico/libfido2:
libfido2 provides library functionality and command-line tools to
communicate with a FIDO device over USB, and to verify attestation
and assertion signatures.
libfido2 supports the FIDO U2F (CTAP 1) and FIDO 2.0 (CTAP 2)
protocols.
libfido2 will be used by ssh to support FIDO/U2F keys. It is currently
intended only for use by ssh, and so is installed as a PRIVATELIB and is
placed in the ssh pkgbase package.
This is currently disabled for the 32-bit library build as libfido2 is
not compatible with the COMPAT_32BIT hack in usb_ioctl.h.
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32448
(cherry picked from commit 7b1e19ad78)
(cherry picked from commit 93942379cc)
From https://github.com/PJK/libcbor:
libcbor is a C library for parsing and generating CBOR, the general-
purpose schema-less binary data format.
libcbor will be used by ssh to support FIDO/U2F keys. It is currently
intended only for use by ssh, and so is installed as a PRIVATELIB and is
placed in the ssh pkgbase package.
cbor_export.h and configuration.h were generated by the upstream CMake
build. We could create them with bmake rules instead (as NetBSD has
done) but this is a fine start.
This is currently disabled for the 32-bit library build as libfido2 is
not compatible with the COMPAT_32BIT hack in usb_ioctl.h, and there is
no need for libcbor without libfido2.
Reviewed by: kevans
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32347
(cherry picked from commit 2e85df652c)
In fact MK_CXX does not control whether /usr/bin/c++ is built -- it is
installed as a link to Clang (which is always a C/C++ compiler), and it
already exists in OptionalObsoleteFiles under MK_TOOLCHAIN.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit c3f345ae3c)
/usr/bin/CC is installed by usr.bin/clang/clang/Makefile, as with
/usr/bin/cc, /usr/bin/cpp, etc., and is not controlled by MK_CXX.
Move it to the same section as those tools.
(It may be that these should all be under
MK_TOOLCHAIN == no || MK_CLANG_IS_CC == no, but that seems like
unnecessary complexity.)
Sponsored by: The FreeBSD Foundation
(cherry picked from commit f7ea22e211)
g++ and cc1plus were GCC components that are already removed
unconditionally in ObsoleteFiles.inc.
Reported by: jhb (in review D33108)
Fixes: 57f804675e ("remove GCC 4.2.1 build infrastructure")
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 1b9344add4)
The description is clearly what effect the knob has when set, so the
additional text was unnecessary.
Reviewed by: jhb, se
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29583
(cherry picked from commit 9d178c925f)
Whilst the commit message documented some of the details, I had intended
to include this comment in the actual header, but failed to amend the
commit properly.
Fixes: 9e5b0d9eac ("cross-build: Fix bmake bootstrap with glibc 2.34")
MFC after: 1 week
(cherry picked from commit aee99ab4fe)
As of glibc 2.34, our unistd.h wrapper's inclusion of stdlib.h exposes
fragility in glibc's sys/wait.h and corresponding part of stdlib.h,
leading to "error: use of undeclared identifier 'WNOHANG'" and similar
errors when bootstrapping bmake.
Work around this by wrapping sys/wait.h to force stdlib.h's inclusion
first before it's implicitly included during the problematic window in
sys/wait.h.
MFC after: 1 week
(cherry picked from commit 9e5b0d9eac)
Linux's pwd.h does not define _PASSWORD_EFMT1 (macOS's does), so we need
to define it in order to be able to bootstrap libcrypt (crypt-des.c uses
it) on non-FreeBSD, which will be done in a subsequent commit.
MFC after: 1 week
(cherry picked from commit e0cb1fe7dd)
This is where it's defined in the base system, so is where libcrypt
expects it to exist when being built, and will be needed when being
bootstrapped in a subsequent commit.
MFC after: 1 week
(cherry picked from commit 8ceba27a5d)
This is needed now libdwarf depends on libz.
Fixes: dbf05458e3 ("libdwarf: Support consumption of compressed ELF sections")
MFC after: 1 week
(cherry picked from commit 8d5d329553)
This is needed for the next commit which will make libz a bootstrap
library as needed by ctfconvert. We could just not install the .pc file
as it's not needed, but that requires a per-library hack every time a
bootstrap library gains a .pc file, so this keeps bootstrap-tools
looking as much like a normal build as possible.
MFC after: 1 week
(cherry picked from commit 7ba31d58f0)
Only noticed due to needing to change the surrounding lines, so
presumably nothing currently needs this.
MFC after: 1 week
(cherry picked from commit 5022d54e06)
GCC doesn't have this warning and so also doesn't have the flag to
disable it, resulting in it spewing a bunch of warnings about the
command line option being unrecognised.
MFC after: 1 week
(cherry picked from commit 05066fad68)
That commit changed libc to use the MI pdfork implementation, but with
an incremental build the object file for the pdfork.S stub lingers and
causes a linker error.
Cleaning the depend file is not enouch, so modify clean_deps() to remove
object files as well, and add a call to ensure that pdfork.*o is
cleaned. The new file is _pdfork.o.
Reported by: jhb
Reviewed by: emaste
Fixes: cbdec8db18 ("libc: Add pdfork to the list of interposed system calls")
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 187fe192ce)
