Entries for foo.debug files matching an existing entry in OLD_FILES or
OLD_LIBS are unnecessary as they are auto-generated.
Reviewed by: imp, emaste
Sponsored by: The University of Cambridge, Google Inc.
Differential Revision: https://reviews.freebsd.org/D33777
This file does not build for WITHOUT_PF sometimes. Looking at various
ways to cope (it exposes other issues too), but in the mean time just
add it back here to unbreak WITHOUT_PF in some scenarios.
Sponsored by: Netflix
This ensures we don't end up listing files we've excluded (e.g. those
starting with _).
Add a slight hack to preserve the existing order (sys, then net) in
badfiles.inc.
Reviewed by: imp
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D33505
We need to build the .o's, but don't need to link. Build a static
library instead of a binary to accmoplish this. This removes the need to
have all the libc and crt stuff built, which is required for a
binary. In addition, trying to build a non-standard binary runs into
trouble with undefined symbols on arm related to EABI, even when using a
simplified startup with -nostdlib -e start.
Turn back on testing includes, now that it works.
Sponsored by: Netflix
Reviewed by: brooks, markj (prior version)
Differential Revision: https://reviews.freebsd.org/D33452
Whilst the commit message documented some of the details, I had intended
to include this comment in the actual header, but failed to amend the
commit properly.
Fixes: 9e5b0d9eac ("cross-build: Fix bmake bootstrap with glibc 2.34")
MFC after: 1 week
As of glibc 2.34, our unistd.h wrapper's inclusion of stdlib.h exposes
fragility in glibc's sys/wait.h and corresponding part of stdlib.h,
leading to "error: use of undeclared identifier 'WNOHANG'" and similar
errors when bootstrapping bmake.
Work around this by wrapping sys/wait.h to force stdlib.h's inclusion
first before it's implicitly included during the problematic window in
sys/wait.h.
MFC after: 1 week
A number of header files in sys/* have, going back to 7th Edition Unix
in 1979, reqiured other files (like sys/types.h) to compile. Likewise
the 4BSD networking code has had prerequisites. However, going back to
around the turn of the 21st century, other systems have made them be
independently include-able (wide-spread header include protection
post-dates 7th edition Unix by maybe 3 or so years judging from USENET
source postings). Start down the path of making them all independently
include-able by creating this test that fails buildworld when they are
not.
The file 'badfiles.inc' contains a list of the currently broken files
that cannot be included w/o any prerequisites. As files are fixed, 'make
badfiles.inc' should be re-run to remove them from the list. Note: All
files that start with an underscore are considered internal and not
tested.
Please note: once a file is removed from badfiles.inc, it must pass on
all architectures. Buildworld through at least the _includes target is
needed to ensure its working (though a buildkernel should also be done
on all architectures as well).
Sponsored by: Netflix
Reviewed by: brooks, markj
Differential Revision: https://reviews.freebsd.org/D32498
That commit changed libc to use the MI pdfork implementation, but with
an incremental build the object file for the pdfork.S stub lingers and
causes a linker error.
Cleaning the depend file is not enouch, so modify clean_deps() to remove
object files as well, and add a call to ensure that pdfork.*o is
cleaned. The new file is _pdfork.o.
Reported by: jhb
Reviewed by: emaste
Fixes: cbdec8db18 ("libc: Add pdfork to the list of interposed system calls")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33322
Linux's pwd.h does not define _PASSWORD_EFMT1 (macOS's does), so we need
to define it in order to be able to bootstrap libcrypt (crypt-des.c uses
it) on non-FreeBSD, which will be done in a subsequent commit.
MFC after: 1 week
This is where it's defined in the base system, so is where libcrypt
expects it to exist when being built, and will be needed when being
bootstrapped in a subsequent commit.
MFC after: 1 week
This is needed for the next commit which will make libz a bootstrap
library as needed by ctfconvert. We could just not install the .pc file
as it's not needed, but that requires a per-library hack every time a
bootstrap library gains a .pc file, so this keeps bootstrap-tools
looking as much like a normal build as possible.
MFC after: 1 week
GCC doesn't have this warning and so also doesn't have the flag to
disable it, resulting in it spewing a bunch of warnings about the
command line option being unrecognised.
MFC after: 1 week
Use OLD_FILES for a few symbolic links and static libraries previously
included in OLD_LIBS.
Add a missing shared library major number to an old libroken entry.
This reverts commit 266f97b5e9, reversing
changes made to a10253cffe.
A mismerge of a merge to catch up to main resulted in files being
committed which should not have been.
Contrary to the previous description WITHOUT_CXX does not disable
/usr/bin/c++, which is just a link to Clang. We also no longer have
gperf.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
In fact MK_CXX does not control whether /usr/bin/c++ is built -- it is
installed as a link to Clang (which is always a C/C++ compiler), and it
already exists in OptionalObsoleteFiles under MK_TOOLCHAIN.
Sponsored by: The FreeBSD Foundation
/usr/bin/CC is installed by usr.bin/clang/clang/Makefile, as with
/usr/bin/cc, /usr/bin/cpp, etc., and is not controlled by MK_CXX.
Move it to the same section as those tools.
(It may be that these should all be under
MK_TOOLCHAIN == no || MK_CLANG_IS_CC == no, but that seems like
unnecessary complexity.)
Sponsored by: The FreeBSD Foundation
g++ and cc1plus were GCC components that are already removed
unconditionally in ObsoleteFiles.inc.
Reported by: jhb (in review D33108)
Fixes: 57f804675e ("remove GCC 4.2.1 build infrastructure")
Sponsored by: The FreeBSD Foundation
This updates llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and
openmp to llvmorg-13-init-16847-g88e66fa60ae5, the last commit before
the upstream release/13.x branch was created.
PR: 258209
MFC after: 2 weeks
Description of FIDO/U2F support (from OpenSSH 8.2 release notes,
https://www.openssh.com/txt/release-8.2):
This release adds support for FIDO/U2F hardware authenticators to
OpenSSH. U2F/FIDO are open standards for inexpensive two-factor
authentication hardware that are widely used for website
authentication. In OpenSSH FIDO devices are supported by new public
key types "ecdsa-sk" and "ed25519-sk", along with corresponding
certificate types.
ssh-keygen(1) may be used to generate a FIDO token-backed key, after
which they may be used much like any other key type supported by
OpenSSH, so long as the hardware token is attached when the keys are
used. FIDO tokens also generally require the user explicitly
authorise operations by touching or tapping them.
Generating a FIDO key requires the token be attached, and will
usually require the user tap the token to confirm the operation:
$ ssh-keygen -t ecdsa-sk -f ~/.ssh/id_ecdsa_sk
Generating public/private ecdsa-sk key pair.
You may need to touch your security key to authorize key generation.
Enter file in which to save the key (/home/djm/.ssh/id_ecdsa_sk):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/djm/.ssh/id_ecdsa_sk
Your public key has been saved in /home/djm/.ssh/id_ecdsa_sk.pub
This will yield a public and private key-pair. The private key file
should be useless to an attacker who does not have access to the
physical token. After generation, this key may be used like any
other supported key in OpenSSH and may be listed in authorized_keys,
added to ssh-agent(1), etc. The only additional stipulation is that
the FIDO token that the key belongs to must be attached when the key
is used.
To enable FIDO/U2F support, this change regenerates ssh_namespace.h,
adds ssh-sk-helper, and sets ENABLE_SK_INTERNAL (unless building
WITHOUT_USB).
devd integration is not included in this change, and is under
investigation for the base system. In the interim the security/u2f-devd
port can be installed to provide appropriate devd rules.
Reviewed by: delphij, kevans
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32509
The upgrade to libdialog 1.3 included changes to the ABI.
Bump libdpv to 3 since it links against libdialog.
Reported by: Mark Millard <marklmi@yahoo.com>
Reviewed by: bapt
Fixes: a96ef45019 dialog: import dialog 1.3-20210117
Differential Revision: https://reviews.freebsd.org/D32675
The new iSCSI initiator iscsi(4) was introduced with FreeBSD 10.0, and
the old intiator was marked obsolete shortly thereafter (in commit
d32789d95c, MFC'd to stable/10 in ba54910169). Remove it now.
Reviewed by: jhb, mav
Relnotes: yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32673
From https://github.com/Yubico/libfido2:
libfido2 provides library functionality and command-line tools to
communicate with a FIDO device over USB, and to verify attestation
and assertion signatures.
libfido2 supports the FIDO U2F (CTAP 1) and FIDO 2.0 (CTAP 2)
protocols.
libfido2 will be used by ssh to support FIDO/U2F keys. It is currently
intended only for use by ssh, and so is installed as a PRIVATELIB and is
placed in the ssh pkgbase package.
This is currently disabled for the 32-bit library build as libfido2 is
not compatible with the COMPAT_32BIT hack in usb_ioctl.h.
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32448
Add necessary bits to detect ELF format on Linux/aarch64; note that
Linux calls it aarch64 where we would typically call it arm64 (uname -m)
Reviewed by: arichardson, emaste, imp
Sponsored by: Ampere Computing LLC
Sponsored by: Klara Inc.
Differential Revision: https://reviews.freebsd.org/D32542
From https://github.com/PJK/libcbor:
libcbor is a C library for parsing and generating CBOR, the general-
purpose schema-less binary data format.
libcbor will be used by ssh to support FIDO/U2F keys. It is currently
intended only for use by ssh, and so is installed as a PRIVATELIB and is
placed in the ssh pkgbase package.
cbor_export.h and configuration.h were generated by the upstream CMake
build. We could create them with bmake rules instead (as NetBSD has
done) but this is a fine start.
This is currently disabled for the 32-bit library build as libfido2 is
not compatible with the COMPAT_32BIT hack in usb_ioctl.h, and there is
no need for libcbor without libfido2.
Reviewed by: kevans
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32347
I forgot to update this file so make delete-old would incorrectly remove
the newly-installed LLVM binutils. While touching the file also update
for 8e1c989abb since ObsoleteFiles.inc now inludes the tablegen binaries.
Reported by: Herbert J. Skuhra <herbert@gojira.at>
Reviewed By: emaste, imp
Differential Revision: https://reviews.freebsd.org/D32022
There's two identical gid_from_group lines in a row. We only need one.
Ditto for uid_from_user().
Sponsored by: Netflix
Reviewed by: bapt, jrtc27
Differential Revision: https://reviews.freebsd.org/D32442
